Uploaded image for project: 'Sentry (Retired)'
  1. Sentry (Retired)
  2. SENTRY-827

Server Scope always grants ALL

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.6.0
    • None
    • None

    Description

      In it's current state the following two commands result in ALL on SERVER server1:

      GRANT SELECT ON SERVER server1 TO ROLE read_role;
      GRANT INSERT ON SERVER server1 TO ROLE insert_role;

      This can cause users to unknowingly grant full privileges to user groups. Fixing this behavior will also allow us to mimic the previous behavior exhibited with Policy Files:

      read_role = server=server1->db=>table=>action=select
      insert_role = server=server1->db=>table=>action=insert

      Granting SELECT on SERVER would be far more pleasant than granting SELECT on each individual DATABASE

      Attachments

        1. SENTRY-827.patch.1
          9 kB
          Ryan P
        2. SENTRY-827.patch
          43 kB
          Ryan P

        Activity

          People

            Ryan P Ryan P
            Ryan P Ryan P
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment