[SENTRY-827] Server Scope always grants ALL - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.6.0
Component/s: None
Labels:
None

Description

In it's current state the following two commands result in ALL on SERVER server1:

GRANT SELECT ON SERVER server1 TO ROLE read_role;
GRANT INSERT ON SERVER server1 TO ROLE insert_role;

This can cause users to unknowingly grant full privileges to user groups. Fixing this behavior will also allow us to mimic the previous behavior exhibited with Policy Files:

read_role = server=server1->db=~~>table=~~>action=select
insert_role = server=server1->db=~~>table=~~>action=insert

Granting SELECT on SERVER would be far more pleasant than granting SELECT on each individual DATABASE

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

SENTRY-827.patch
03/Aug/15 10:37
43 kB
Ryan P
SENTRY-827.patch.1
04/Aug/15 16:01
9 kB
Ryan P

Activity

People

Assignee:: Ryan P

Reporter:: Ryan P

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 02/Aug/15 11:33

Updated:: 20/Aug/15 04:27

Resolved:: 05/Aug/15 07:53