SQL ROLES
From InterBase
Go Up to Overview of SQL Access Privileges
InterBase implements features for assigning SQL privileges to groups of users, fully supporting SQL group-level security with the GRANT, REVOKE, and DROP ROLE statements. It partially supports GRANT ROLE and REVOKE ROLE.
Note:
These features replace the Security Classes feature in versions prior to InterBase 5. In the past, group privileges could be granted only through the InterBase-proprietary GDML language. In Version 5, new SQL features were added to assist in migrating InterBase users from GDML to SQL.
These features replace the Security Classes feature in versions prior to InterBase 5. In the past, group privileges could be granted only through the InterBase-proprietary GDML language. In Version 5, new SQL features were added to assist in migrating InterBase users from GDML to SQL.
Using roles
Implementing roles is a four-step process:
- Create a role using the
CREATE ROLEstatement. - Assign privileges to the role using
GRANTprivilegeTOrolename. - Grant the role to users using
GRANTrolenameTOuser. - Users specify the role when attaching to a database.
These steps are described in detail in this chapter. In addition, the CONNECT, CREATE ROLE, GRANT, and REVOKE statements are described in the Language Reference Guide.