quote:
I disagree especially for the sensitive access. Sooner or later that special person will change and having a role makes that more secure.
"Special person" !never! change. It's public universal access point to secure database /the only one access point/.
Each stored procedure have mandatory input parameter /temporary unique randomized user id, output from proc_user_session_start/.
Emedded security is for additional row level access security, selective encryption, access audit, etc...