Uploaded image for project: 'Sentry'
  1. Sentry
  2. SENTRY-827

Server Scope always grants ALL

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.6.0
    • Component/s: None
    • Labels:
      None

      Description

      In it's current state the following two commands result in ALL on SERVER server1:

      GRANT SELECT ON SERVER server1 TO ROLE read_role;
      GRANT INSERT ON SERVER server1 TO ROLE insert_role;

      This can cause users to unknowingly grant full privileges to user groups. Fixing this behavior will also allow us to mimic the previous behavior exhibited with Policy Files:

      read_role = server=server1->db=>table=>action=select
      insert_role = server=server1->db=>table=>action=insert

      Granting SELECT on SERVER would be far more pleasant than granting SELECT on each individual DATABASE

        Attachments

        1. SENTRY-827.patch
          43 kB
          Ryan P
        2. SENTRY-827.patch.1
          9 kB
          Ryan P

          Activity

            People

            • Assignee:
              Ryan P Ryan P
              Reporter:
              Ryan P Ryan P
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: