Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-3928

SQL roles: Enable the use of StatementRolePermission

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • SQL
    • Normal

    Description

      A privilege to CREATE and DROP roles (StatementRolePermission) was
      added as part of the initial roles implementation.

      The permission was added to prepare for future need to grant this
      privilege. However, it is not being used for checking whether
      CREATE/DROP role is allowed yet. The current code just tests if the
      executing session is the database owner instead of checking that the
      session has the role create/drop privilege).

      Making use of the permission would not yield any new functionality,
      but would prepare the way for delegating this privilege to other
      users. Furthermore, there is as yet no syntax for granting or revoking
      this privilege (only the database owner is supposed to enjoy it for
      now).

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. DERBY-2207 Improve usability of Derby's client/server security by implementing ANSI Roles

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              dagw Dag H. Wanvik
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated: