Hi community,
I am trying to use virtual tables created in a classc schema in a CAP project as described in my previous question.
The project structure looks like below.

I have set up the following objects.
1. Roles to access the virtual tables
create role VTROLE; grant select on schema "JDBCUSER" to VTROLE; create role VTROLE_G; grant select on schema "JDBCUSER" to VTROLE with grant option;
2. A user who is granted above roles with admin option
create user VTUSER password "password" set usergroup default; alter user VTUSER disable password lifetime; grant VTROLE to VTUSER with admin option; grant VTROLE_G to VTUSER with admin option;
3. A user provided service to access the virtual tables
cf cups demo-inventory-ups -p "{\"user\":\"VTUSER\",\"password\":\"password\",\"tags\":[\"hana\"] , \"schema\" : \"JDBCUSER\" }"
4. .hdbgrants
{
"cross-schema-ups": {
"object_owner": {
"roles": ["VTROLE_G"]
},
"application_user": {
"roles": ["VTROLE"]
}
}
}
When I execute "cf deploy", I came across the following error.
insufficient privilege: Detailed info for this error can be found with guid '98426E7F5DAF314786009B03B81C9006')
Error executing: GRANT "VTROLE_G" TO "0DF41154432140A6A45C380671E40976#OO"; (STDERR, APP/TASK/deploy)#
SYS.GET_INSUFFICIENT_PRIVILEGE_ERROR_DETAILS returned the following output.

However, running "grant VTROLE_G to TEST with admin option" with VTUSER in Database Explorer was successful, so I can say this user has the privilage to to grant the role to other users.

What can be the reason for this error?
Best regards,
Mio