db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kim Haase <Camilla.Ha...@Sun.COM>
Subject Re: Issues with SQL Roles
Date Thu, 09 Apr 2009 17:38:16 GMT
On 04/09/09 12:00, Kathey Marsden wrote:
> Tiago Espinha wrote:
>> 5) Tried to use TIAGO on another ij spawn and here is what I get:
>> ij> select * from adm.t1;
>> ERROR 42502: User 'TIAGO' does not have SELECT permission on column 
>> 'F1' of table 'ADM'.'T1'.
> 
> I think before you do the select, you have to set the role, e.g
> ij>set role readRole;
> 
> Should we make this clearer in the documentation?
> http://db.apache.org/derby/docs/dev/devguide/cdevcsecureroles.html

Good idea. Probably in the "Setting Roles" section something like this 
should be added:

For example, if you created and granted the roles shown in the previous 
session, you would have to issue a SET ROLE statement to have them take 
effect. For example, suppose you used the following statement;

SET ROLE taskLeaderA;

If the database owner granted the taskLeaderA role to a user, that user 
would have all the privileges associated with the taskLeaderA, 
updateUser and readUser roles.

I can file (and fix) an issue for this if you think it makes sense.

Kim

Mime
View raw message