You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Roberta Marton (JIRA)" <ji...@apache.org> on 2018/10/01 16:13:00 UTC

[jira] [Resolved] (TRAFODION-3194) Revoke grant option for all on objects also revokes all privileges from user/role

     [ https://issues.apache.org/jira/browse/TRAFODION-3194?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Roberta Marton resolved TRAFODION-3194.
---------------------------------------
    Resolution: Fixed

> Revoke grant option for all on objects also revokes all privileges from user/role
> ---------------------------------------------------------------------------------
>
>                 Key: TRAFODION-3194
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-3194
>             Project: Apache Trafodion
>          Issue Type: Bug
>            Reporter: Roberta Marton
>            Assignee: Roberta Marton
>            Priority: Major
>
> 'revoke grant option for all' should only revoke the ability to grant all privileges to another user/role, but now all privileges will be revoked too.
> revoke grant option for single/combined privileges works as expected.
> Test Result :
> ======================================
> SQL>showddl usera_t1;
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
>   (
>     A INT DEFAULT NULL NOT SERIALIZED
>   , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
>       DEFAULT DEFAULT NULL NOT SERIALIZED
>   )
>  ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
> --- SQL operation complete.
> SQL>grant all on usera_t1 to qauser_sqlqaa with grant option;
> --- SQL operation complete.
> SQL>showddl usera_t1;
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
>   (
>     A INT DEFAULT NULL NOT SERIALIZED
>   , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
>       DEFAULT DEFAULT NULL NOT SERIALIZED
>   )
>  ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
>   GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
>   TRAFODION.TRAFINCSCH1.USERA_T1 TO QAUSER_SQLQAA WITH GRANT OPTION;
> --- SQL operation complete.
> SQL>revoke grant option for all on usera_t1 from qauser_sqlqaa;
> --- SQL operation complete.
> SQL>showddl usera_t1; //qauser_sqlqaa doesn’t have any privilege on the table after revoke
> CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
>   (
>     A INT DEFAULT NULL NOT SERIALIZED
>   , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
>       DEFAULT DEFAULT NULL NOT SERIALIZED
>   )
>  ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
> ;
> -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
> --- SQL operation complete.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)