[jira] [Work started] (TRAFODION-2538) Revoking privileges from role not invoking query invalidation

Roberta Marton (JIRA) Tue, 14 Mar 2017 15:58:35 -0700

     [ 
https://issues.apache.org/jira/browse/TRAFODION-2538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Work on TRAFODION-2538 started by Roberta Marton.
-------------------------------------------------
> Revoking privileges from role not invoking query invalidation
> -------------------------------------------------------------
>
>                 Key: TRAFODION-2538
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-2538
>             Project: Apache Trafodion
>          Issue Type: Bug
>          Components: sql-cmp, sql-security
>            Reporter: Roberta Marton
>            Assignee: Roberta Marton
>
> Privilege information is cached.  When a revoke is performed, query 
> invalidation occurs.  Query invalidation sends the revoke operation to RMS 
> and each executor process checks for keys.  If the key affect cache, the 
> cache entry is refreshed.
> Query invalidation keys are not be created for revoke privileges from roles.
> Create a table
> create a role
> grant select, insert on table to role;
> grant role to user1.
> as user1, select and insert into table
> in another session, revoke insert from role
> user1 should no longer be able to insert 



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

[jira] [Work started] (TRAFODION-2538) Revoking privileges from role not invoking query invalidation

Reply via email to