On 09-06-2021 15:24, Gabor Boros wrote:
> I try to reproduce a problem with 4.0 replication.
> The log say:
>
> ... (primary) ...
> Database: ...
> ERROR: unsuccessful metadata update
> CREATE OR ALTER VIEW ... failed
> no permission for ALTER access to VIEW ...
> Effective user is ...
>
> The problem appears only if replication used and no error without it.
>
> I try to make a simple case but don't understand why the RDB$ADMIN role
> not enough for DDL operations.
>
> A user exist with admin role:
> CREATE USER USR1 PASSWORD 'pwd1' GRANT ADMIN ROLE;
This statement only grants the user RDB$ADMIN in the security database.
The user doesn't have the RDB$ADMIN role in the current database, so
doesn't obtain the necessary privileges. To be able to wield RDB$ADMIN
in the current database, you must execute:
grant RDB$ADMIN to user USR1;
This must be done in each database the user needs to assume admin rights.
Mark
--
Mark Rotteveel