[jira] Updated: (DERBY-4838) dblook outputs GRANT statements for ignored tables

Thu, 07 Oct 2010 02:04:04 -0700 

     [ 
https://issues.apache.org/jira/browse/DERBY-4838?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Knut Anders Hatlen updated DERBY-4838:
--------------------------------------

    Issue & fix info: [Repro attached]

Example:

1) Create a database with authorization enabled, create two tables, and add 
column level privileges to both tables:
 
$ java -Dderby.database.sqlAuthorization=true org.apache.derby.tools.ij
ij version 10.7
ij> connect 'jdbc:derby:db;create=true';
WARNING 01J14: SQL authorization is being used without first enabling 
authentication.
ij> create table t1(x int);
0 rows inserted/updated/deleted
ij> create table t2(y int);
0 rows inserted/updated/deleted
ij> grant select (x) on t1 to user1;
0 rows inserted/updated/deleted
ij> grant select (y) on t2 to user2;
0 rows inserted/updated/deleted
ij> exit;

2) Run dblook restricted to one of the tables:

$ java org.apache.derby.tools.dblook -t t1 -d jdbc:derby:db
-- Timestamp: 2010-10-07 10:58:42.089
-- Source database is: db
-- Connection URL is: jdbc:derby:db
-- The dblook utility will consider only specified tables.
-- appendLogs: false

-- ----------------------------------------------
-- DDL Statements for tables
-- ----------------------------------------------

CREATE TABLE "APP"."T1" ("X" INTEGER);

-- ----------------------------------------------
-- GRANT statements for columns
-- ----------------------------------------------

GRANT SELECT("X") ON "APP"."T1" TO "USER1";

GRANT SELECT("Y") ON "APP"."T2" TO "USER2";


The CREATE TABLE statement for T2 is correctly suppressed. The statement that 
grants select privilege on T2 should also be suppressed.

> dblook outputs GRANT statements for ignored tables
> --------------------------------------------------
>
>                 Key: DERBY-4838
>                 URL: https://issues.apache.org/jira/browse/DERBY-4838
>             Project: Derby
>          Issue Type: Bug
>          Components: Tools
>    Affects Versions: 10.7.0.0
>            Reporter: Knut Anders Hatlen
>
> dblook has an option that allows the user to specify which tables to produce 
> DDL statements for:
>       -t <tableOne> <tableTwo> ... to specify a list of tables for which
>        the DDL will be generated; any tables not in the list will be ignored.
> However, GRANT statements for privileges on tables not in that list will 
> still be printed.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to