I am creating an application that will need to have access control. There
will basically be the groups (roles ?):
* normal user (can do insert on a limited sate of tables, and select on a
slightly larger set
* project manager will have some increased insert and select capabilities
* sysadmin will be able to do select and insert on all tables in the schema
There will be more than one person in each of these groups. My original
intent was to create roles, and assign users to appropriate roles, using
inheritance to add increasingly greater capabilities. That is the inheritance
would look like this
normal user <- project manager <- sysadmin
But, I have run up ion a note in the documentation that says that create user
is actually a synonym for create role.
So, should I just create roles for each user?
--
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
-- Benjamin Franklin
