SQL ROLES
Go Up to Overview of SQL Access Privileges
InterBase implements features for assigning SQL privileges to groups of users, fully supporting SQL group-level security with the GRANT
, REVOKE
, and DROP ROLE
statements. It partially supports GRANT ROLE
and REVOKE ROLE
.
- Note: These features replace the Security Classes feature in versions prior to InterBase 5. In the past, group privileges could be granted only through the InterBase-proprietary GDML language. In Version 5, new SQL features were added to assist in migrating InterBase users from GDML to SQL.
Using roles
Implementing roles is a four-step process:
- 1. Create a role using the
CREATE ROLE
statement. - 2. Assign privileges to the role using
GRANT
privilegeTO
rolename. - 3. Grant the role to users using
GRANT
rolenameTO
user. - 4. Users specify the role when attaching to a database.
These steps are described in detail in this chapter. In addition, the CONNECT
, CREATE ROLE
, GRANT
, and REVOKE
statements are described in the Language Reference Guide.