Roles introduce complexities in the privileges of individual users. Suppose user M_Haneef has SELECT and UPDATE privileges on a specific table, but is also a member of two roles. Suppose one of these roles has no access to the table at all, and one role has only SELECT privilege. What are the privileges in effect for this user?
If the user ID has been explicitly granted the appropriate privilege(s) to perform the action, then the action proceeds.
Otherwise, permission to perform the action depends on the privileges of each of the roles to which the member belongs. If any of these roles has the privilege to perform the action, the user ID has privilege by virtue of membership in that role, and the action proceeds.
Discuss this page in DocCommentXchange.
|Copyright © 2014, SAP AG or an SAP affiliate company. - SAP Sybase SQL Anywhere 16.0|