db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mamta A. Satoor (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-1646) Documentation to address Grant/Revoke Authorization for views/triggers/constraints/routines(DERBY-1330)
Date Thu, 31 Aug 2006 19:16:23 GMT
    [ http://issues.apache.org/jira/browse/DERBY-1646?page=comments#action_12431948 ] 
            
Mamta A. Satoor commented on DERBY-1646:
----------------------------------------

Laura, thanks for working on the documentation part of grant revoke. I have following feedback

************************************************************
Comments on page cdevcsecuregrantrevokeaccess.html
a)User harry is referred to as "Harry" in somepleaces. We should maintain the case. Also,
we should use the same font/boldness for user names on the page. 
b)Example 2
We should modify the paragraph from
"User anita creates table t1 and grants SELECT privileges to PUBLIC. User harry creates view
v1 with the statement SELECT * from anita.t1. The view depends on the PUBLIC level privilege
that user harry has on t1 since user harry does not have user-level privileges on table t1.
Subsequently, user anita revokes SELECT privileges from PUBLIC on table t1. As a result, the
view harry.v1 is dropped. "

to something like following

"User anita creates table t1 and grants SELECT privileges to PUBLIC. User harry creates view
v1 with the statement SELECT * from anita.t1. The view depends on the PUBLIC level privilege
that user harry has on t1 since user harry does not have user-level privileges on table t1
at this point. Subsequently, user anita grants SELECT privileges to user harry on table t1.
Later, user anita revokes SELECT privileges from PUBLIC on table t1. As a result, the view
harry.v1 is dropped. "
************************************************************


************************************************************
Comments on page rrefsqljrevoke.html
a)Minor typo in following paragraph
"The privileges revoked from PUBLIC and to individual users are independent privileges"
Should read as
"The privileges revoked from PUBLIC and from individual users are independent privileges"

b)User harry is referred to as "Harry" in somepleaces. We should maintain the case. Also,
we should use the same font/boldness for user names on the page.

c)The first line of the first paragraph for Column-level privileges does not have the correct
information about SYSCOLPERMS table
"All of the column-level privileges for a specified grantee and table ID are stored in one
row in the SYSCOLPERMS system table. "
Each row in SYSCOLPERMS table represents *one* granted privilege type for a given GRANTEE,
TABLEID and columns on which that privilege type is granted. So, say table t1 has columns
c11, c12, c13, c14 and SELECT privilege is granted to user2 on c11 and c12 and UPDATE privilege
is granted to user2 on c12 and c13. Then there will be 2 rows in SYSCOLPERMS. One row for
privilege type SELECT, GRANTEE(user2), TABLEID(t1), columns(c11, c12). Another row in SYSCOLPERMS
will be for privilege type UPDATE, GRANTEE(user2), TABLEID(t1), columns (c12, c13).
************************************************************


************************************************************
One final comment, do we need to write anything about warnings that get raised when revoke
is trying to take away a permission that was never granted? Deepa worked on that enhancement
as part of DERBY-1582
************************************************************


> Documentation to address Grant/Revoke Authorization for views/triggers/constraints/routines(DERBY-1330)
> -------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1646
>                 URL: http://issues.apache.org/jira/browse/DERBY-1646
>             Project: Derby
>          Issue Type: New Feature
>          Components: Documentation
>    Affects Versions: 10.2.1.0
>            Reporter: Mamta A. Satoor
>         Assigned To: Laura Stewart
>             Fix For: 10.2.1.0
>
>         Attachments: derby1646_1.diff, derby1646_html1.zip
>
>
> Creating a separate jira entry for documentation of Grant/Revoke Authorization for views/triggers/constraints/routines(Engine
changes are going as part of DERBY-1330).
> Will link this jira entry to DERBY-1330

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message