You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Roberta Marton (JIRA)" <ji...@apache.org> on 2017/04/28 16:41:04 UTC

[jira] [Created] (TRAFODION-2600) Unable to create view (lack of SELECT privilege) but user has SELECT privilege

Roberta Marton created TRAFODION-2600:
-----------------------------------------

             Summary: Unable to create view (lack of SELECT privilege) but user has SELECT privilege
                 Key: TRAFODION-2600
                 URL: https://issues.apache.org/jira/browse/TRAFODION-2600
             Project: Apache Trafodion
          Issue Type: Bug
          Components: sql-security
            Reporter: Roberta Marton
            Assignee: Roberta Marton


User unable to create a view because of missing SELECT privilege but user has been granted privilege through a role.

admin 
 - creates role1;
 - creates table1 - grant select on table1 to role1

user1
 - tries to create a view - unable because of no SELECT priv

admin 
 - grants role1 to user1

User1
 - still unable to create view
 - if user1 selects from table1 - it succeeds and a subsequent create view works.

When a user connects, its list of active roles are stored in cache. 
If the user is subsequently granted new roles, the in memory list should be updated.  For DML requests, the in memory list is updated.  For DDL requests, the in memory list is not updated.





--
This message was sent by Atlassian JIRA
(v6.3.15#6346)