db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laura Stewart (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-1057) documentation to address Grant/Revoke (Derby-464)
Date Fri, 11 Aug 2006 18:57:15 GMT
    [ http://issues.apache.org/jira/browse/DERBY-1057?page=comments#action_12427584 ] 
            
Laura Stewart commented on DERBY-1057:
--------------------------------------

Mamta - 

I have re-written the text about PUBLIC and user-level privileges re: views, triggers, and
contstrants.  Below is the updated text.
Please review and let me know if I have the correctly documented now :-)

Exception: When you create a view, trigger, or constraint, Derby first checks to determine
if you have the required privileges at the user-level. If you have the user-level privileges,
the object is created and is dependent on that user-level privilege. If you do not have the
required privileges at the user-level, Derby checks to determine if you have the required
privileges at the PUBLIC level. If you have the PUBLIC level privileges, the object is created
and is dependent on that PUBLIC level privilege. After the object is created, if the privilege
on which the object depends on is revoked, the object is automatically dropped. Derby does
not try to determine if you have other privileges that can replace the privileges that are
being revoked. 

Example 1 
User zhi creates table t1 and grants SELECT privileges to user harry on table t1. User zhi
grants SELECT privileges to PUBLIC on table t1. User harry creates view v1 with the statement
SELECT * from zhi.t1. The view depends on the user-level privilege that user harry has on
t1. Subsequently, user zhi revokes SELECT privileges from user harry on table t1. As a result,
the view harry.v1 is dropped. 
Example 2 

User anita creates table t1 and grants SELECT privileges to PUBLIC. User harry creates view
v1 with the statement SELECT * from anita.t1. The view depends on the PUBLIC level privilege
that user harry has on t1 since user harry does not have user-level privileges on table t1.
Subsequently, user anita revokes SELECT privileges from PUBLIC on table t1. As a result, the
view harry.v1 is dropped. 


> documentation to address Grant/Revoke (Derby-464)
> -------------------------------------------------
>
>                 Key: DERBY-1057
>                 URL: http://issues.apache.org/jira/browse/DERBY-1057
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Documentation
>    Affects Versions: 10.0.2.0
>            Reporter: Eric Radzinski
>         Assigned To: Laura Stewart
>             Fix For: 10.2.0.0
>
>         Attachments: derby1057_devguide.diff, derby1057_devguide3.diff, derby1057_devguide_html.zip,
derby1057_devguide_html3.zip, derby1057_ref.diff, derby1057_ref3.diff, derby1057_ref_html.zip,
derby1057_tuning3.diff, derby1057_tuning4.diff, derby1057_tuning_html.zip, derby1058_ref_html3.zip,
devguide_html2.zip, ref_html2.zip, rtunpropersqlauth.html
>
>


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message