db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Knut Anders Hatlen (JIRA)" <j...@apache.org>
Subject [jira] Updated: (DERBY-4838) dblook outputs GRANT statements for ignored tables
Date Thu, 07 Oct 2010 09:03:35 GMT

     [ https://issues.apache.org/jira/browse/DERBY-4838?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel

Knut Anders Hatlen updated DERBY-4838:

    Issue & fix info: [Repro attached]


1) Create a database with authorization enabled, create two tables, and add column level privileges
to both tables:
$ java -Dderby.database.sqlAuthorization=true org.apache.derby.tools.ij
ij version 10.7
ij> connect 'jdbc:derby:db;create=true';
WARNING 01J14: SQL authorization is being used without first enabling authentication.
ij> create table t1(x int);
0 rows inserted/updated/deleted
ij> create table t2(y int);
0 rows inserted/updated/deleted
ij> grant select (x) on t1 to user1;
0 rows inserted/updated/deleted
ij> grant select (y) on t2 to user2;
0 rows inserted/updated/deleted
ij> exit;

2) Run dblook restricted to one of the tables:

$ java org.apache.derby.tools.dblook -t t1 -d jdbc:derby:db
-- Timestamp: 2010-10-07 10:58:42.089
-- Source database is: db
-- Connection URL is: jdbc:derby:db
-- The dblook utility will consider only specified tables.
-- appendLogs: false

-- ----------------------------------------------
-- DDL Statements for tables
-- ----------------------------------------------


-- ----------------------------------------------
-- GRANT statements for columns
-- ----------------------------------------------



The CREATE TABLE statement for T2 is correctly suppressed. The statement that grants select
privilege on T2 should also be suppressed.

> dblook outputs GRANT statements for ignored tables
> --------------------------------------------------
>                 Key: DERBY-4838
>                 URL: https://issues.apache.org/jira/browse/DERBY-4838
>             Project: Derby
>          Issue Type: Bug
>          Components: Tools
>    Affects Versions:
>            Reporter: Knut Anders Hatlen
> dblook has an option that allows the user to specify which tables to produce DDL statements
>  	-t <tableOne> <tableTwo> ... to specify a list of tables for which
>  	 the DDL will be generated; any tables not in the list will be ignored.
> However, GRANT statements for privileges on tables not in that list will still be printed.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message