In role-based security, there are several types of roles.
- User-defined Role – can be granted privileges on other objects. Membership to a user-defined
role can be granted to users or other user-defined roles. User-defined
roles include:
- Standalone role – an independent database object without login privileges, which
can own objects. You cannot convert a standalone role to a
user-extended role, and vice versa.
- User-extended role – a user ID that has been extended to act as a role. If an
original user has login privileges, a user-extended role
inherits the login privileges.
- System roles – are automatically created in each newly created or upgraded database and are
granted specific system privileges. System roles cannot be dropped and
cannot own objects. They do not follow any specific naming conventions.
- Compatibility Roles – are automatically created in each newly created or upgraded database and are
granted specific system roles and privileges. Compatibility roles can be
migrated and dropped under specific conditions and use a naming convention
that begin with SYS_AUTH_ and end with _ROLE. Also called predefined roles,
they are created for backward compatibility with earlier versions of SAP Sybase IQ.