Uploaded image for project: 'Apache Trafodion (Retired)'
  1. Apache Trafodion (Retired)
  2. TRAFODION-2705

user has "SHOW" privilege can't do 'showddl user'

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 2.3
    • sql-security
    • None
    • Centos6.7 + HDP2.4.2
      Centos6.7 + CDH5.7.6

    Description

      If a user wants to do “showddl user”, what privilege does the user need to have ? I granted “SHOW” to the user, but the user can only do showddl user on himself.

      Test result :
      ===================================================================
      SQL>connect trafodion/traf123;
      Connected to EsgynDB Advanced

      SQL>grant component privilege "SHOW" on sql_operations to qauser_sqlqaa;

      — SQL operation complete.

      SQL>connect qauser_sqlqaa/QAPassword;
      Connected to EsgynDB Advanced

      SQL>showddl user qauser1;

          • ERROR[1017] You are not authorized to perform this operation. [2017-08-08 15:48:39]

      SQL>showddl user qauser_sqlqaa;

      REGISTER USER "QAUSER_SQLQAA";

      — SQL operation complete.

      Attachments

        Activity

          People

            rmarton Roberta Marton
            rachelgao Gao, Rui-Xian
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: