Gao, Rui-Xian created TRAFODION-2705: ----------------------------------------
Summary: user has "SHOW" privilege can't do 'showddl user' Key: TRAFODION-2705 URL: https://issues.apache.org/jira/browse/TRAFODION-2705 Project: Apache Trafodion Issue Type: Bug Components: sql-security Environment: Centos6.7 + HDP2.4.2 Centos6.7 + CDH5.7.6 Reporter: Gao, Rui-Xian Assignee: Roberta Marton Priority: Minor If a user wants to do “showddl user”, what privilege does the user need to have ? I granted “SHOW” to the user, but the user can only do showddl user on himself. Test result : =================================================================== SQL>connect trafodion/traf123; Connected to EsgynDB Advanced SQL>grant component privilege "SHOW" on sql_operations to qauser_sqlqaa; --- SQL operation complete. SQL>connect qauser_sqlqaa/QAPassword; Connected to EsgynDB Advanced SQL>showddl user qauser1; *** ERROR[1017] You are not authorized to perform this operation. [2017-08-08 15:48:39] SQL>showddl user qauser_sqlqaa; REGISTER USER "QAUSER_SQLQAA"; --- SQL operation complete. -- This message was sent by Atlassian JIRA (v6.4.14#64029)