I've been learned that the public role can be used when we want only a specific group of users that can access the server to have access to a specific database.
Let's say that I have 2 departments: deptA and deptB
I also have 2 DBs: DB_A and DB_B
Now I create global groups GA and GB and these are mapped to DB users, userA and userB respectively.
The requiremetn is: people in deptA can access to both DB_A and DB_B, but people in deptB can access to only DB_B and I need to use only 'public role' to solve this problem.
I guess that since userA and userB are in the database, they both have the permissions assigned to the Public role. What kind of permissions should I grant to the Public role to resolve this issue?
How can I accomplish this?