Triggers and Security
Go Up to Using Triggers
Triggers can be granted privileges on tables, just as users or procedures can be granted privileges. Use the
GRANT statement, but instead of using
TO <username>, use
TRIGGER <trigger_name>. Privileges of triggers can be revoked similarly using
REVOKE. For more information about
REVOKE, see Planning Security.
When a user performs an action that fires a trigger, the trigger will have privileges to perform its actions if:
- The trigger has privileges for the action.
- The user has privileges for the action.
So, for example, if a user performs an
UPDATE of table A, which fires a trigger, and the trigger performs an
INSERT on table B, the
INSERT will occur if the user has
INSERT privileges on the table or the trigger has insert privileges on the table.
If there are insufficient privileges for a trigger to perform its actions, InterBase will set the appropriate
SQLCODE error number. The trigger can handle this error with a
WHEN clause. If it does not handle the error, an error message will be returned to the application, and the actions of the trigger and the statement which fired it will be undone.