Details
-
Sub-task
-
Status: Open
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
Description
Having worked through committing a significant portion of patch12 from DERBY-2109 it seems that it contained no functional tests related to the functionality it is implementing. I'm basing this on the fact that all test code changes are applied and all pass with the functionality disabled.
So having tests that ensured:
- users with invalid authentication can not shut a network server down
- granting permissions (shutdown server, engine & create database) to specific principals works (and disallows principals without th permission)
is really key for a security feature.