[Firebird-devel] [FB-Tracker] Created: (CORE-4407) Grant and Revoke update (field)

Mon, 28 Apr 2014 04:06:39 -0700 

Grant and Revoke update (field)
-------------------------------

                 Key: CORE-4407
                 URL: http://tracker.firebirdsql.org/browse/CORE-4407
             Project: Firebird Core
          Issue Type: Bug
          Components: Security
    Affects Versions: 2.5.2
         Environment: Linux 3.13.0-24-generic (Ubuntu 14.04)
            Reporter: Tomas Beran


I have a problem with permissions. I test this problem on new database.
I have two users (User1 and User2), one table (TEST_TABLE (PKID, NAME, AGE)). I 
set permission select and update(AGE) to both users. Now everything is all 
right, but when I revoke permission to USER2 (revoke select, update(AGE)), then 
USER1 has not permission to update fields (but he should have).

Example:
create table TEST_TABLE (  PKID                  integer,  NAME                 
 varchar(10),  AGE                   integer,
constraint TEST_PKID primary key (PKID));

commit;

insert into TEST_TABLE values (1, 'TEST', 99);

grant select, update(AGE) on TEST_TABLE to USER1, USER2;

--USER1 or USER2:
update TEST_TABLE set AGE = 1; --both can update

revoke select, update(AGE) on TEST_TABLE from USER2;
--USER1:
update TEST_TABLE set AGE = 1; --no permission to update

  Now USER1 has no permission for update/write access to COLUMN TEST_TABLE.AGE
  but has permission to select. If I grant update on whole TEST_TABLE then 
everything all right, but if I set permission on one field,
  permissions are wrong.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
"Accelerate Dev Cycles with Automated Cross-Browser Testing - For FREE
Instantly run your Selenium tests across 300+ browser/OS combos.  Get 
unparalleled scalability from the best Selenium testing platform available.
Simple to use. Nothing to install. Get started now for free."
http://p.sf.net/sfu/SauceLabs
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to