A role is a container which may contain system privileges, object-level
privileges, and roles. Granting privileges to and revoking privileges from a role is
the same as for a user. A role and user cannot have the same name.
There are three types of roles:
- User-Defined Role – a custom collection of system and object-level
privileges, typically created to group privileges
related to a specific task or set of tasks. You can
create user-defined roles to suit the needs of your
organization.
- System Role – a built-in role automatically created in each newly
created database. A system role can be granted and
revoked, but cannot be dropped. With some
exceptions, their default underlying system
privileges cannot be modified or revoked, but
additional roles and system privileges can be
granted to and revoked from a system role.
- Compatibility Role – created for backwards compatibility with earlier
versions of SAP Sybase IQ, you
can grant, revoke, and under specific conditions,
drop them. You cannot, however, modify their
underlying system privileges.