You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Dag H. Wanvik (JIRA)" <ji...@apache.org> on 2008/10/29 13:15:44 UTC

[jira] Created: (DERBY-3928) SQL roles: Enable the use of StatementRolePermission

SQL roles: Enable the use of StatementRolePermission
----------------------------------------------------

                 Key: DERBY-3928
                 URL: https://issues.apache.org/jira/browse/DERBY-3928
             Project: Derby
          Issue Type: Improvement
            Reporter: Dag H. Wanvik


A privilege to CREATE and DROP roles (StatementRolePermission) was
added as part of the initial roles implementation. 

The permission was added to prepare for future need to grant this
privilege. However, it is not being used for checking whether
CREATE/DROP role is allowed yet. The current code just tests if the
executing session is the database owner instead of checking that the
session has the role create/drop privilege).

Making use of the permission would not yield any new functionality,
but would prepare the way for delegating this privilege to other
users. Furthermore, there is as yet no syntax for granting or revoking
this privilege (only the database owner is supposed to enjoy it for
now).


-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DERBY-3928) SQL roles: Enable the use of StatementRolePermission

Posted by "Kathey Marsden (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-3928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Kathey Marsden updated DERBY-3928:
----------------------------------

    Component/s: SQL

> SQL roles: Enable the use of StatementRolePermission
> ----------------------------------------------------
>
>                 Key: DERBY-3928
>                 URL: https://issues.apache.org/jira/browse/DERBY-3928
>             Project: Derby
>          Issue Type: Improvement
>          Components: SQL
>            Reporter: Dag H. Wanvik
>
> A privilege to CREATE and DROP roles (StatementRolePermission) was
> added as part of the initial roles implementation. 
> The permission was added to prepare for future need to grant this
> privilege. However, it is not being used for checking whether
> CREATE/DROP role is allowed yet. The current code just tests if the
> executing session is the database owner instead of checking that the
> session has the role create/drop privilege).
> Making use of the permission would not yield any new functionality,
> but would prepare the way for delegating this privilege to other
> users. Furthermore, there is as yet no syntax for granting or revoking
> this privilege (only the database owner is supposed to enjoy it for
> now).

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.