[
https://issues.apache.org/jira/browse/DERBY-4161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12699219#action_12699219
]
Kim Haase commented on DERBY-4161:
----------------------------------
What I suggested was that in the topic
http://db.apache.org/derby/docs/dev/devguide/cdevcsecureroles.html some text
along these lines should be added:
For example, if you created and granted the roles shown in the previous
session, you would have to issue a SET ROLE statement to have them take effect.
For example, suppose you used the following statement;
SET ROLE taskLeaderA;
If the database owner granted the taskLeaderA role to a user, that user would
have all the privileges associated with the taskLeaderA, updateUser and
readUser roles.
Also Tiago pointed out that it's confusing to have role names that end with
"User" -- readers might confuse them with user names. I'll make that change too
unless I hear otherwise.
> SQL Roles - Clarify documentation regarding the SET ROLE
> --------------------------------------------------------
>
> Key: DERBY-4161
> URL: https://issues.apache.org/jira/browse/DERBY-4161
> Project: Derby
> Issue Type: Improvement
> Components: Documentation
> Reporter: Tiago R. Espinha
> Fix For: 10.5.1.0, 10.5.1.1, 10.5.1.2, 10.6.0.0
>
>
> After discussing this issue on the mailing list, it has been agreed that the
> documentation regarding the usage of SQL roles needs to be clarified.
> Namely, it should be clearer that a session does not have a role set by
> default and that as such, a SET ROLE must be issued to enable a specific role.
> Further along the path, we may want to have the ability of setting a default
> role but for now and for the release of 10.5 this is the shortest and best
> course to follow.
> Kim had already suggested an addition to the documentation on the list; maybe
> she'd like to take on this issue?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
