(Multiple) Role definition and checking in H2

Greetings,

What is the meaning of database role in H2? Is it kind of rights or grants?

Which approach should be used:

A. multiple roles for one user

==or==

B. one role for one user

Here is the case:

• Say we have 2 tables: tbl1 and tbl2.

• User1 has full permissions on tbl1, but only read access 开发者_C百科on tbl2.

• User2 has read only access on both tbl1 and tbl2.

Taking A approach above:

• Create 3 roles: TBL1_READ, TBL1_WRITE, TBL2_REaD

• Assign TBL1_READ, TBL1_WRITE and TBL3_READ to User1

• Assign TBL1_READ and TBL2_READ to User2

Taking B approach above:

• Create 2 roles: TBL1_READ_WRITE_TBL2_READ and TBL1_READ_TBL2_READ

• Assign TBL1_READ_WRITE_TBL2_READ to User1

• Assign TBL1_READ_TBL2_READ to User2

Which approach should be used? Or i missunderstanding roles?

PS: could one check what roles she/he been assigned?

Thank you.

---

Usually you should pick the easiest solution, in your case it's probably A.

But you can do either; you could even assign the rights directly to the users. A role is just an indirection, to help simplify administrating rights.