GitHub user robertamarton opened a pull request:
https://github.com/apache/incubator-trafodion/pull/182
[TRAFODION-1100] Creator of view in private schema unable to select from
view
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/robertamarton/incubator-trafodion privs
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-trafodion/pull/182.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #182
----
commit 1c457170778b346291a330b6b6c86a275d3f6025
Author: Roberta Marton <[email protected]>
Date: 2015-11-11T22:46:28Z
Merge [TRAFODION-1612] and [TRAFODION-1613] build changes
commit 013bb77aaae4b4e972fbdde9cfe2525924baf4a0
Author: Roberta Marton <[email protected]>
Date: 2015-11-12T16:52:08Z
Merge branch 'master' into privs
commit a682d8531cc8a08b3e2636c7f9eaf1d79c134005
Author: Roberta Marton <[email protected]>
Date: 2015-11-18T20:07:16Z
Merge branch 'master' into privs
commit 8f658efa21fea35336f8b814bb37d1f5c2bbf3da
Author: Roberta Marton <[email protected]>
Date: 2015-11-19T01:45:02Z
Trafodion-1100 Creator of view in private schema unable to select from view
For private schemas, all objects are owned by the schema owner. If an
authID
has create component privilege, they can create objects in other schemas.
However, the owner of the new object is still the schema owner.
When the object creator is not the schema owner, then the schema owner
automatically becomes the owner and the object creator is granted all
relevant
privileges on the object WGO.
For views, this was not working correctly.
Also found another issue where column privileges were not being handled
correctly when generating the privileges list.
Problem is described in more detail in the JIRA
Changes:
CmpSeabaseDDLview - changed the create view code to add privileges for both
the
schema owner and the view creator, and fixes the privilege list issue.
PrivMgr - added a helper function to convert an authID to an authName
PrivMgrCommands - changed the API to send in the grantor ID
PrivMgrPrivileges - changed the code to use the passed in grantor
TEST141 - added a new regression test, it is currently skipped until
trafodion-1087 is resolved.
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
