db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dag H. Wanvik (JIRA)" <j...@apache.org>
Subject [jira] Issue Comment Edited: (DERBY-3223) SQL roles: make use of privileges granted to roles in actual privilege checking
Date Sun, 13 Apr 2008 21:19:11 GMT

    [ https://issues.apache.org/jira/browse/DERBY-3223?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12588434#action_12588434
] 

dagw edited comment on DERBY-3223 at 4/13/08 2:18 PM:
---------------------------------------------------------------

Uploading a revised version of the experimental patch which
fixes Rick's two observations, plus fixes some bugs.

CURRENT_ROLE now checks that the role is still valid. I use a nested read transaction to
avoid changing transaction state (in lcc#getCurrentRoleIdChecked); is that kosher here?

Another notable outstanding issue (in addition to those mentioned for 1a,
is the missing check that role being created is not already used 
as a user name (can be a heuristic only, since we have no dictionary info on users yet).


      was (Author: dagw):
    Uploading a revised version of the experimental patch which
fixes Rick's two observations, plus fixes some bugs.

CURRENT_USER now checks that the role is still valid. I use a nested read transaction to
avoid changing transaction state (in lcc#getCurrentRoleIdChecked); is that kosher here?

Another notable outstanding issue (in addition to those mentioned for 1a,
is the missing check that role being created is not already used 
as a user name (can be a heuristic only, since we have no dictionary info on users yet).

  
> SQL roles: make use of privileges granted to roles in actual privilege checking
> -------------------------------------------------------------------------------
>
>                 Key: DERBY-3223
>                 URL: https://issues.apache.org/jira/browse/DERBY-3223
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Dag H. Wanvik
>            Assignee: Dag H. Wanvik
>             Fix For: 10.5.0.0
>
>         Attachments: derby-3223-1a.diff, derby-3223-1a.stat, derby-3223-1b.diff, derby-3223-1b.stat,
roles.sql, roles2.sql
>
>
> Pushing out to 10.5

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message