Using Roles to Grant Privileges
Go Up to Planning Security
In InterBase, you can assign privileges through the use of roles. Acquiring privileges through a role is a four-step process.
- 1. Create a role using the
CREATE ROLE
statement.
CREATE ROLE rolename;
- 2. Assign one or more privileges to that role using
GRANT
.
GRANT privilegelist ON tablename TO rolename;
- 3. Use the
GRANT
statement once again to grant the role to one or more users.
GRANT rolename TO userlist;
- The role can be granted
WITH ADMIN OPTION
, which allows users to grant the role to others, just as theWITH GRANT OPTION
allows users to grant privileges to others. - 4. At connection time, specify the role whose privileges you want to acquire for that connection.
CONNECT 'database' USER 'username' PASSWORD 'password' ROLE 'rolename';
Use REVOKE
to remove privileges that have been granted to a role or to remove roles that have been granted to users.
See the Language Reference Guide for more information on CONNECT
, CREATE ROLE
, GRANT
, and REVOKE
.