Changeset: be469d28159d for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB/rev/be469d28159d
Modified Files:
sql/backends/monet5/sql_user.c
sql/server/sql_privileges.c
Branch: userprofile
Log Message:
remove password from users veiw, and make it public
diffs (60 lines):
diff --git a/sql/backends/monet5/sql_user.c b/sql/backends/monet5/sql_user.c
--- a/sql/backends/monet5/sql_user.c
+++ b/sql/backends/monet5/sql_user.c
@@ -628,13 +628,12 @@ monet5_create_privileges(ptr _mvc, sql_s
if (f)
f->instantiated = TRUE;
*/
- // TODO this view should go, remove as part of db_user_info -> users
rename
t = mvc_init_create_view(m, s, "users",
"create view sys.users as select u.\"name\", "
"u.\"fullname\", u.\"default_schema\", "
"u.\"schema_path\", u.\"max_memory\", "
"u.\"max_workers\", u.\"optimizer\", "
- "u.\"default_role\", u.\"password\" from
\"sys\".\"db_user_info\" as u;");
+ "u.\"default_role\" from
\"sys\".\"db_user_info\" as u;");
if (!t) {
TRC_CRITICAL(SQL_TRANS, "Failed to create 'users' view\n");
return ;
@@ -648,7 +647,6 @@ monet5_create_privileges(ptr _mvc, sql_s
mvc_create_column_(&col, m, t, "max_workers", "int", 9);
mvc_create_column_(&col, m, t, "optimizer", "varchar", 1024);
mvc_create_column_(&col, m, t, "default_role", "int", 9);
- mvc_create_column_(&col, m, t, "password", "varchar", 256);
sys = find_sql_schema(m->session->tr, "sys");
schema_id = sys->base.id;
diff --git a/sql/server/sql_privileges.c b/sql/server/sql_privileges.c
--- a/sql/server/sql_privileges.c
+++ b/sql/server/sql_privileges.c
@@ -984,7 +984,7 @@ sql_rename_user(mvc *sql, char *olduser,
int
sql_create_privileges(mvc *m, sql_schema *s)
{
- int pub, p, zero = 0;
+ int pub, su, p, zero = 0;
sql_table *t = NULL, *privs = NULL;
sql_column *col = NULL;
sql_subfunc *f = NULL;
@@ -1016,6 +1016,7 @@ sql_create_privileges(mvc *m, sql_schema
sql_create_auth_id(m, USER_MONETDB, "monetdb");
pub = ROLE_PUBLIC;
+ su = USER_MONETDB;
p = PRIV_SELECT;
privs = find_sql_table(tr, s, "privileges");
@@ -1062,6 +1063,13 @@ sql_create_privileges(mvc *m, sql_schema
store->table_api.table_insert(m->session->tr, privs, &t->base.id, &pub,
&p, &zero, &zero);
t = find_sql_table(tr, s, "value_partitions");
store->table_api.table_insert(m->session->tr, privs, &t->base.id, &pub,
&p, &zero, &zero);
+ // restrict access to db_user_info to monetdb role
+ t = find_sql_table(tr, s, "db_user_info");
+ store->table_api.table_insert(m->session->tr, privs, &t->base.id, &su,
&p, &zero, &zero);
+ // make users view public
+ t = find_sql_table(tr, s, "users");
+ store->table_api.table_insert(m->session->tr, privs, &t->base.id, &pub,
&p, &zero, &zero);
+
p = PRIV_EXECUTE;
f = sql_bind_func_(m, s->base.name, "env", NULL, F_UNION, true);
_______________________________________________
checkin-list mailing list -- [email protected]
To unsubscribe send an email to [email protected]
