[ http://issues.apache.org/jira/browse/DERBY-1646?page=comments#action_12431948 ] Mamta A. Satoor commented on DERBY-1646: ----------------------------------------
Laura, thanks for working on the documentation part of grant revoke. I have following feedback ************************************************************ Comments on page cdevcsecuregrantrevokeaccess.html a)User harry is referred to as "Harry" in somepleaces. We should maintain the case. Also, we should use the same font/boldness for user names on the page. b)Example 2 We should modify the paragraph from "User anita creates table t1 and grants SELECT privileges to PUBLIC. User harry creates view v1 with the statement SELECT * from anita.t1. The view depends on the PUBLIC level privilege that user harry has on t1 since user harry does not have user-level privileges on table t1. Subsequently, user anita revokes SELECT privileges from PUBLIC on table t1. As a result, the view harry.v1 is dropped. " to something like following "User anita creates table t1 and grants SELECT privileges to PUBLIC. User harry creates view v1 with the statement SELECT * from anita.t1. The view depends on the PUBLIC level privilege that user harry has on t1 since user harry does not have user-level privileges on table t1 at this point. Subsequently, user anita grants SELECT privileges to user harry on table t1. Later, user anita revokes SELECT privileges from PUBLIC on table t1. As a result, the view harry.v1 is dropped. " ************************************************************ ************************************************************ Comments on page rrefsqljrevoke.html a)Minor typo in following paragraph "The privileges revoked from PUBLIC and to individual users are independent privileges" Should read as "The privileges revoked from PUBLIC and from individual users are independent privileges" b)User harry is referred to as "Harry" in somepleaces. We should maintain the case. Also, we should use the same font/boldness for user names on the page. c)The first line of the first paragraph for Column-level privileges does not have the correct information about SYSCOLPERMS table "All of the column-level privileges for a specified grantee and table ID are stored in one row in the SYSCOLPERMS system table. " Each row in SYSCOLPERMS table represents *one* granted privilege type for a given GRANTEE, TABLEID and columns on which that privilege type is granted. So, say table t1 has columns c11, c12, c13, c14 and SELECT privilege is granted to user2 on c11 and c12 and UPDATE privilege is granted to user2 on c12 and c13. Then there will be 2 rows in SYSCOLPERMS. One row for privilege type SELECT, GRANTEE(user2), TABLEID(t1), columns(c11, c12). Another row in SYSCOLPERMS will be for privilege type UPDATE, GRANTEE(user2), TABLEID(t1), columns (c12, c13). ************************************************************ ************************************************************ One final comment, do we need to write anything about warnings that get raised when revoke is trying to take away a permission that was never granted? Deepa worked on that enhancement as part of DERBY-1582 ************************************************************ > Documentation to address Grant/Revoke Authorization for > views/triggers/constraints/routines(DERBY-1330) > ------------------------------------------------------------------------------------------------------- > > Key: DERBY-1646 > URL: http://issues.apache.org/jira/browse/DERBY-1646 > Project: Derby > Issue Type: New Feature > Components: Documentation > Affects Versions: 10.2.1.0 > Reporter: Mamta A. Satoor > Assigned To: Laura Stewart > Fix For: 10.2.1.0 > > Attachments: derby1646_1.diff, derby1646_html1.zip > > > Creating a separate jira entry for documentation of Grant/Revoke > Authorization for views/triggers/constraints/routines(Engine changes are > going as part of DERBY-1330). > Will link this jira entry to DERBY-1330 -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
