You are viewing a plain text version of this content. The canonical link for it is here.

Posted to codereview@trafodion.apache.org by robertamarton <gi...@git.apache.org> on 2017/01/26 17:02:54 UTC

[GitHub] incubator-trafodion pull request #932: TRAFODION-2175 a user should only see...

GitHub user robertamarton opened a pull request:

    https://github.com/apache/incubator-trafodion/pull/932

    TRAFODION-2175 a user should only see specific schemas/tables that he\u2026

    \u2026 has privs
    
    TRAFODION-1573 Additional GET commands for privileges
    
    This is one of several deliveries to improve GET commands:
    - return details about objects that are only visible to the current_user.
    - support additional statements
    
    This delivery adds visibility checking to to the following commands:
    
      get users;
      get roles;
      get users for role <role>;
      get roles for user <user>;
    
    It now supports the following GET statements:
    
      get privileges for user <user>;
      get privileges for role <role>;
    
    When getting privileges for a user or role, the output is as follows:
    
      <privileges>    <object> <optional column name>
    
    <privileges> output is a character string containing granted privileges:
    
      char 1: SELECT_PRIV     - "S"
      char 2: INSERT_PRIV     - "I"
      char 3: DELETE_PRIV     - "D"
      char 4: UPDATE_PRIV     - "U"
      char 5: USAGE_PRIV      - "G"
      char 6: REFERENCES_PRIV - "R"
      char 7: EXECUTE_PRIV    - "E"
    
    If the user/role has no privilege then "-" is specified for the character
    
    Example:  get privileges for user userx;
    
       SI--G-E    TRAFODION.MYSCH.MYTABLE1
       S------    TRAFODION.MYSCH.MYTABLE2 <Column> column1
       S--U---    TRAFODION.MYSCH.MYTABLE2 <Column> column2
    
    When getting privileges for a role, only those privileges granted to the role
    are returned.
    
    When getting privileges for a user, privileges directly granted to the user
    plus privileges granted to any roles associated with the user are returned.
    
    A new regression test - privs1/TEST123 has been added to test these changes.
    
    In addition, unused methods were removed from Get code.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/robertamarton/incubator-trafodion getcmd

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-trafodion/pull/932.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #932
    
----

----


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

[GitHub] incubator-trafodion pull request #932: TRAFODION-2175 a user should only see...

Posted by asfgit <gi...@git.apache.org>.

Github user asfgit closed the pull request at:

    https://github.com/apache/incubator-trafodion/pull/932


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---