Sybase has Role at the server level and Group at the database level. What is
the criteria to use a Role rather than a Group and Viceversa?
only be part of 1 group other than 'public'.
it can be part of many roles
If you have 2 groups 'readonly' and 'updateonl'y. You can give a user
read or update perrmission but not both. Had they been roles, you could
have given a user both read and update permissions.
Quote:> Sybase has Role at the server level and Group at the database level. What
> the criteria to use a Role rather than a Group and Viceversa?
I've been using the PERMISSIONS function in SQL Server 7 to check to
see if the current user is allowed to perform a certain function in
This works correctly for permissions assigned to the public role, and
it works if the NT user is assigned to any other role (which has
permission to perform the required function) directly. However, it
doesn't work if the NT user is a member of a group which is assigned
to a role other than public.
DB role 'viewers' has access to SP 'get_stuff'
DOMAIN\Joe member of 'viewers'
-> PERMISSIONS() = 32
DOMAIN\Betty member of 'DOMAIN\All Users' member of 'viewers'
-> PERMISSIONS() = 0 However, she CAN access it...
So, this has been pretty frustrating lately... If anyone has any
ideas of what I'm doing wrong, or a different way of doing it, I would
be interested. :)
Thanks in advance,