db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Kim Haase (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DERBY-5350) Devguide needs update for definer's rights
Date Mon, 25 Jul 2011 15:30:10 GMT

    [ https://issues.apache.org/jira/browse/DERBY-5350?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13070552#comment-13070552

Kim Haase commented on DERBY-5350:

Thanks, Dag, for picking this up! I was puzzling it over, but you knew what to do.

The patch looks great -- a couple of minor items --

1) Latin abbreviations like "cf." can be unclear to some people, so it might be better to
say "as specified by" instead?

2) Typo: Change "Within routines the execute" to "Within routines that execute".

3) In the sentence about definer's rights, you could remove the second "initially", since
it is redundant, and put a "the" in front of "current user".

> Devguide needs update for definer's rights
> ------------------------------------------
>                 Key: DERBY-5350
>                 URL: https://issues.apache.org/jira/browse/DERBY-5350
>             Project: Derby
>          Issue Type: Bug
>          Components: Documentation
>    Affects Versions:
>            Reporter: Knut Anders Hatlen
>            Assignee: Dag H. Wanvik
>         Attachments: cdevcsecureroles.html, derby-5330a.diff
> I found the following in the Using SQL roles topic of the devguide:
> "Within stored procedures and functions that contain SQL, the current role is on the
authorization stack. Initially, inside a nested connection, the current role is set to that
of the calling context."
> http://db.apache.org/derby/docs/10.8/devguide/cdevcsecureroles.html
> I think this is only correct for procedures running with invoker's rights. For procedures
running with definer's rights, no role is set initially, according to the CREATE PROCEDURE
statement topic in the reference manual:
> "When the procedure is first invoked, no role is set; even if the invoker has set a current
role, the procedure running with definer's rights has no current role set initially."
> http://db.apache.org/derby/docs/10.8/ref/rrefcreateprocedurestatement.html

This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira


View raw message