You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Gao, Rui-Xian (JIRA)" <ji...@apache.org> on 2017/08/09 01:14:01 UTC

[jira] [Created] (TRAFODION-2705) user has "SHOW" privilege can't do 'showddl user'

Gao, Rui-Xian created TRAFODION-2705:
----------------------------------------

             Summary: user has "SHOW" privilege can't do 'showddl user'
                 Key: TRAFODION-2705
                 URL: https://issues.apache.org/jira/browse/TRAFODION-2705
             Project: Apache Trafodion
          Issue Type: Bug
          Components: sql-security
         Environment: Centos6.7 + HDP2.4.2
Centos6.7 + CDH5.7.6
            Reporter: Gao, Rui-Xian
            Assignee: Roberta Marton
            Priority: Minor


If a user wants to do “showddl user”, what privilege does the user need to have ? I granted “SHOW” to the user, but the user can only do showddl user on himself.

Test result :
===================================================================
SQL>connect trafodion/traf123;
Connected to EsgynDB Advanced

SQL>grant component privilege "SHOW" on sql_operations to qauser_sqlqaa;

--- SQL operation complete.

SQL>connect qauser_sqlqaa/QAPassword;
Connected to EsgynDB Advanced

SQL>showddl user qauser1;

*** ERROR[1017] You are not authorized to perform this operation. [2017-08-08 15:48:39]

SQL>showddl user qauser_sqlqaa;


REGISTER USER "QAUSER_SQLQAA";

--- SQL operation complete.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)