[
https://issues.apache.org/jira/browse/TRAFODION-3194?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16632265#comment-16632265
]
ASF GitHub Bot commented on TRAFODION-3194:
-------------------------------------------
GitHub user robertamarton opened a pull request:
https://github.com/apache/trafodion/pull/1720
TRAFODION-3194 update
Fixed issue where revoke all on object did not actually revoke the
privilege.
Also fixed an issue where setting up default privileges did not set the
correct default bits for object type.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/robertamarton/incubator-trafodion fixes
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/trafodion/pull/1720.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1720
----
commit 66b854f765d06a1ee49bce75450021daf22198ea
Author: Roberta Marton <roberta.marton@...>
Date: 2018-09-28T19:05:29Z
TRAFODION-3194 update
Fixed issue where revoke all on object did not actually revoke the
privilege.
Also fixed an issue where setting up default privileges did not set the
correct default bits for object type.
----
> Revoke grant option for all on objects also revokes all privileges from
> user/role
> ---------------------------------------------------------------------------------
>
> Key: TRAFODION-3194
> URL: https://issues.apache.org/jira/browse/TRAFODION-3194
> Project: Apache Trafodion
> Issue Type: Bug
> Reporter: Roberta Marton
> Assignee: Roberta Marton
> Priority: Major
>
> 'revoke grant option for all' should only revoke the ability to grant all
> privileges to another user/role, but now all privileges will be revoked too.
> revoke grant option for single/combined privileges works as expected.
> Test Result :
> ======================================
> SQL>showddl usera_t1;
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
> (
> A INT DEFAULT NULL NOT SERIALIZED
> , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
> DEFAULT DEFAULT NULL NOT SERIALIZED
> )
> ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
> TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
> --- SQL operation complete.
> SQL>grant all on usera_t1 to qauser_sqlqaa with grant option;
> --- SQL operation complete.
> SQL>showddl usera_t1;
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
> (
> A INT DEFAULT NULL NOT SERIALIZED
> , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
> DEFAULT DEFAULT NULL NOT SERIALIZED
> )
> ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
> TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
> GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
> TRAFODION.TRAFINCSCH1.USERA_T1 TO QAUSER_SQLQAA WITH GRANT OPTION;
> --- SQL operation complete.
> SQL>revoke grant option for all on usera_t1 from qauser_sqlqaa;
> --- SQL operation complete.
> SQL>showddl usera_t1; //qauser_sqlqaa doesn’t have any privilege on the table
> after revoke
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
> (
> A INT DEFAULT NULL NOT SERIALIZED
> , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
> DEFAULT DEFAULT NULL NOT SERIALIZED
> )
> ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
> TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
> --- SQL operation complete.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
