[ https://issues.apache.org/jira/browse/TRAFODION-2339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16434683#comment-16434683 ]
Roberta Marton commented on TRAFODION-2339: ------------------------------------------- This issue has been fixed: create table tab2(a int, b int, c int); --- SQL operation complete. >>grant insert(a,c),select(a) on tab2 to sql_user1; --- SQL operation complete. showddl tab2; CREATE TABLE TRAFODION.SCH.TAB2 ( A INT DEFAULT NULL NOT SERIALIZED , B INT DEFAULT NULL NOT SERIALIZED , C INT DEFAULT NULL NOT SERIALIZED ) ATTRIBUTES ALIGNED FORMAT ; -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.SCH.TAB2 TO DB__ROOT WITH GRANT OPTION; GRANT SELECT(A), INSERT(A, C) ON TRAFODION.SCH.TAB2 TO SQL_USER1; --- SQL operation complete. change to user sql_user1; >>select * from tab2; *** ERROR[4481] The user does not have SELECT privilege on table or view TRAFODION.SCH.TAB2(columns: B, C). *** ERROR[8822] The statement was not prepared. >>insert into tab2 values (1,2,3); *** ERROR[4481] The user does not have INSERT privilege on table or view TRAFODION.SCH.TAB2(columns: B). *** ERROR[8822] The statement was not prepared. > column privilege -- a user who doesn't have select privilege on all columns > can insert data into the table > ---------------------------------------------------------------------------------------------------------- > > Key: TRAFODION-2339 > URL: https://issues.apache.org/jira/browse/TRAFODION-2339 > Project: Apache Trafodion > Issue Type: Bug > Components: sql-security > Environment: CDH5.4.8 HDP2.4.0 > R2.2 1023 daily > Reporter: Gao, Rui-Xian > Assignee: Roberta Marton > Priority: Major > > a user who doesn't have select privilege on all columns can insert data into > the table successfully. > >>create table tab2(a int, b int, c int); > — SQL operation complete. > >>grant insert(a,c),select(a) on tab2 to testuser1; > — SQL operation complete. > >>grant insert(a,c),select(a) on tab2 to testuser1; > — SQL operation complete. > >>showddl tab2; > CREATE TABLE TRAFODION.MYTESTSCH.TAB2 > ( > A INT DEFAULT NULL NOT SERIALIZED > , B INT DEFAULT NULL NOT SERIALIZED > , C INT DEFAULT NULL NOT SERIALIZED > ) > ATTRIBUTES ALIGNED FORMAT > ; > – GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON > TRAFODION.MYTESTSCH.TAB2 TO DB__ROOT WITH GRANT OPTION; > GRANT SELECT(A, B), INSERT(A, B, C) ON TRAFODION.MYTESTSCH.TAB2 TO TESTUSER1; > — SQL operation complete. > connect as testuser1 – > SQL>select * from tab2; > * > ** > *** ERROR[4481] The user does not have SELECT privilege on table or view > TRAFODION.MYTESTSCH.TAB2(columns: C). [2016-11-04 17:07:42] > SQL>insert into tab2 values(1,2,3); > — 1 row(s) inserted. > testuser1 doesn't have select privilege on columnC, but insert data into > columnC successfully. -- This message was sent by Atlassian JIRA (v7.6.3#76005)