Re: [Maria-developers] Problems with Launchpad?
Hi Andrew! My branch also experiences the same problem. Also no emails get sent out on commit. It seems like a bug since mine hasn't updated in 4 months. Regards Vicentiu On 17 Apr 2014 12:59, Andrew McDonnell b...@andrewmcdonnell.net wrote: Hi, my mariab bzr branch on launchpad doesnt update the summary page properly, and hasn't done so for a while now, which means recent work I committed is not visible unless you drill right down into the branch change history (My related question on Launchpad Answers - https://answers.launchpad.net/launchpad/+question/246850 - hasn't been touched either) Is anyone else experiencing this? cheers, Andrew -- http://blog.oldcomputerjunk.net https://launchpad.net/~andymc73 https://github.com/andymc73 Twitter: @pastcompute GPG: http://www.andrewmcdonnell.net/gpg.html ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
Re: [Maria-developers] [Roles] Final Status
Hi Sergei! On Mon, Sep 23, 2013 at 5:23 PM, Sergei Golubchik s...@mariadb.org wrote: Hi, Vicentiu! On Sep 21, Vicentiu Ciorbaru wrote: Even though I didn't manage to implement everything yet, I want to finish this project and get it ready for an upstream push, outside of GSoC. 1. I'd need either from you in email (but then cc: it to maria-developers) or in your blog (or both) a statement about the license. A simple one would be to say that this your code is available to us under BSD license. Another option is our MariaDB Contributor Agreement: https://mariadb.com/kb/en/mca/ I hereby declare that all my work done so far (and future) by me on the Roles project, is released under the BSD licence. I will also make a statement on my blog in my wrap up post a bit later. If there are any more clarifications needed, let me know! You mean the New BSD License, right? The original BSD License is not compatible with GPL. http://en.wikipedia.org/wiki/BSD_licenses Yes! I've read about the BSD licence before sending the first email, but I missed that nuance. With the 3 clause BSD licence is with what I'm releasing my code. Regards, Vicențiu ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
Re: [Maria-developers] GSoC 2013 - Interested Student - Roles Project
On Sat, Apr 27, 2013 at 7:26 PM, Sergei Golubchik s...@askmonty.org wrote: Hi, Vicentiu! That's okay. Let's hope it will be approved! Hello, I want to thank you for accepting my proposal for this summer. I also want to congratulate all other students whose proposals were accepted. Right now I am in the middle of my exams period so my time is limited. I have a couple of points I would like to consider at this moment: * Regarding interaction with the community, if you have a preferred means of communication please let me know. I think that the mailing list is a generally good solution. * Also I could not find any documents regarding the general process of development. (patch, commit workflow etc) * Coding style recommendations? I found the code to use a mix of either tabs or spaces for indentation, also some interesting bits regarding the = operator. * I plan to open a blog during the summer. I will do this right as the coding phase starts. Any other suggestions on how to better track progress in general? Thank you again and I am looking forward to this summer! Vicențiu ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
Re: [Maria-developers] GSoC 2013 - Interested Student - Roles Project
Hello, On Fri, Apr 26, 2013 at 5:06 PM, Vicentiu Ciorbaru cvicen...@gmail.com wrote: I have already began writing the proposal and will submit a draft shortly with what I mentioned in this email. If there are mistakes please let me know. I have submitted my proposal. I took the liberty of not following the exact template provided, however I have included all points mentioned there. I am open to any criticism or comments in order to make the proposal as you expect it to be. Vicențiu ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
Re: [Maria-developers] GSoC 2013 - Interested Student - Roles Project
Hi Sergei, On Fri, Apr 26, 2013 at 1:01 AM, Sergei Golubchik s...@askmonty.org wrote: Nice, you've done a lot of work, apparently! Thank you for your response, I have proposed changes to address your concerns and have raised a couple more issues: I have come up with a preliminary plan to implement roles and would like to discuss it here before I begin to write my proposal. As I see it so far, the privileges of a user are stored in the mysql.user table with a privilege per column, such as Select_priv, Insert_priv etc. correct My first idea is to create a separate table that describes a role, with the columns identical to the privilege columns in user and a name for the role. This way a row in the table can represent a subset of privileges. There's a problem with that, see below. Since a user can only have one role at any one time, there would be a one to one mapping between the mysql.user table and mysql.roles? table. This could be done with a simple foreign key in the user table. right NOTE: I am not quite sure what a session means in the context presented in this paragraph: Quote:Only one role can be set to a user at any specific point in any given session. In other words, CURRENT_ROLE (see below) can never return a list. I took the meaning of a session as the context present at the moment the user logged in and that the role is set at the moment of login in the session context based on the aforementioned tables mysql.user and mysql.roles. Not exactly. When a user is logged in it might have no roles set at all. It can set a role later. But if he sets a new role, a previous role is unset automatically. Only one role can be set at any time. This is what I wanted to say. I worded it wrongly by forgetting to mention the ability to set it during the session. When the user logs in, according to the user table, it _could_ have a role assigned to it but it is not final after the login process. Here's the issue, see - there is no ambiguity. role names and user names live in the same namespace. There can be no role name with the same name as a user name. Which also means, we can store roles and users in the same mysql.user table, there is no need to have a special table for roles. Alright, but I see one more problem here: This might be because I don't fully understand how the login process works, but if we use the user table to get the user id (user@hostname) and use that to acknowledge the login credentials, does that not enable someone to be able to login using a role instead of a username? If there are no more relevant checks except the user table during the login process, I propose the following approach: Create an extra column in the user table that links to another row in the user table. The column can be NULL and represents the ROLE that a user has. A role row can not link to another role. (or should we allow it?) The CURRENT_ROLE() function just returns the value in this column or the one it points to. Regarding the ability to login using a role: The first idea is to add another column to the table (named Is_role or something similar) that tells if a row represents a user or a role, a boolean value. However I also have a second approach: In order to not add another column to the table that tells if a row represents a user or a role, we could just make every ROLE point to a bogus user that is created in such a manner that it can not be used to login (invalid encrypted password for example). In order to check if a row in the user table is a ROLE or a USER, we just check the link column and see if it points to the bogus user or not. (Kind of like a NULL terminator in a linked list, if it points to bogus, it's a role, if it points to nothing or to something else, it's a user) The advantage of this approach is that it scales slightly better with a large number of users and roles as there is no need for a second extra column. I have already began writing the proposal and will submit a draft shortly with what I mentioned in this email. If there are mistakes please let me know. Vicențiu ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
Re: [Maria-developers] GSoC 2013 - Interested Student - Roles Project
On Wed, Apr 17, 2013 at 8:08 PM, Sergei Golubchik s...@askmonty.org wrote:
Hi, Vicențiu!
On Apr 17, Vicențiu Ciorbaru wrote:
Hello,
My name is Vicențiu Ciorbaru. I am 3'rd year undergraduate student at
the Polytechnic University of Bucharest, Romania and I am very
interested in contributing to MariaDB as part of Google Summer of
Code. I have not used MariaDB previously but I have taken it for a
spin just now.
I have participated in GSoC once before and would like to do so again.
I have contributed to other open source organisations (Mozilla, Samba,
ROSEdu) and I submit patches when time permits.
The project that interests me the most is MDEV-4397: Roles.
I want to ask you what would be a good place to start in the codebase
to help me get an idea what I need to do for this project?
sql/sql_acl.cc
Check functions like acl_load(), acl_get(), grant_load(), check_grant().
There are more functions that deal with privileges, but those four
should be enough to understand how the system works.
Hello Sergei,
Thank you for the answer and I apologize for the late response. I had
some trouble following the code in those functions that you mentioned
but I think I got the gist on how the system works.
I have come up with a preliminary plan to implement roles and would
like to discuss it here before I begin to write my proposal.
As I see it so far, the privileges of a user are stored in the
mysql.user table with a privilege per column, such as Select_priv,
Insert_priv etc.
My first idea is to create a separate table that describes a role,
with the columns identical to the privilege columns in user and a name
for the role. This way a row in the table can represent a subset of
privileges.
Since a user can only have one role at any one time, there would be a
one to one mapping between the mysql.user table and mysql.roles?
table. This could be done with a simple foreign key in the user table.
NOTE: I am not quite sure what a session means in the context
presented in this paragraph:
Quote:Only one role can be set to a user at any specific point in any
given session. In other words, CURRENT_ROLE (see below) can never
return a list.
I took the meaning of a session as the context present at the moment
the user logged in and that the role is set at the moment of login in
the session context based on the aforementioned tables mysql.user and
mysql.roles.
To get the privileges of a user one would have to check the user table
for all Yes ticked privileges and also add the Yes ticked privileges
in the new mysql.roles table row corresponding to the user (if any)
based on the foreign key in the user table.
The queries:
REVOKE privilege FROM { user | role }
GRANT privilege TO { user | role }
will either modify the user table or the roles table.
Regarding the ambiguity between a user and a role, would it not be
easier to have an extra keyword TO ROLE or FROM ROLE?
I am not sure what these tables should contain exactly:
INFORMATION_SCHEMA.APPLICABLE_ROLES
INFORMATION_SCHEMA.ENABLED_ROLES
I am looking forward to your feedback on these ideas.
Thank you,
Vicențiu
___
Mailing list: https://launchpad.net/~maria-developers
Post to : maria-developers@lists.launchpad.net
Unsubscribe : https://launchpad.net/~maria-developers
More help : https://help.launchpad.net/ListHelp
[Maria-developers] GSoC 2013 - Interested Student - Roles Project
Hello, My name is Vicențiu Ciorbaru. I am 3'rd year undergraduate student at the Polytechnic University of Bucharest, Romania and I am very interested in contributing to MariaDB as part of Google Summer of Code. I have not used MariaDB previously but I have taken it for a spin just now. I have participated in GSoC once before and would like to do so again. I have contributed to other open source organisations (Mozilla, Samba, ROSEdu) and I submit patches when time permits. The project that interests me the most is MDEV-4397: Roles. I want to ask you what would be a good place to start in the codebase to help me get an idea what I need to do for this project? Looking forward to hearing from you, Vicențiu ___ Mailing list: https://launchpad.net/~maria-developers Post to : maria-developers@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
