You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafodion.apache.org by "Roberta Marton (JIRA)" <ji...@apache.org> on 2018/09/06 16:34:00 UTC
[jira] [Created] (TRAFODION-3194) Revoke grant option for all on
objects also revokes all privileges from user/role
Roberta Marton created TRAFODION-3194:
-----------------------------------------
Summary: Revoke grant option for all on objects also revokes all privileges from user/role
Key: TRAFODION-3194
URL: https://issues.apache.org/jira/browse/TRAFODION-3194
Project: Apache Trafodion
Issue Type: Bug
Reporter: Roberta Marton
'revoke grant option for all' should only revoke the ability to grant all privileges to another user/role, but now all privileges will be revoked too.
revoke grant option for single/combined privileges works as expected.
Test Result :
======================================
SQL>showddl usera_t1;
CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
(
A INT DEFAULT NULL NOT SERIALIZED
, B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
DEFAULT DEFAULT NULL NOT SERIALIZED
)
ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;
-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
--- SQL operation complete.
SQL>grant all on usera_t1 to qauser_sqlqaa with grant option;
--- SQL operation complete.
SQL>showddl usera_t1;
CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
(
A INT DEFAULT NULL NOT SERIALIZED
, B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
DEFAULT DEFAULT NULL NOT SERIALIZED
)
ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;
-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
TRAFODION.TRAFINCSCH1.USERA_T1 TO QAUSER_SQLQAA WITH GRANT OPTION;
--- SQL operation complete.
SQL>revoke grant option for all on usera_t1 from qauser_sqlqaa;
--- SQL operation complete.
SQL>showddl usera_t1; //qauser_sqlqaa doesn’t have any privilege on the table after revoke
CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
(
A INT DEFAULT NULL NOT SERIALIZED
, B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
DEFAULT DEFAULT NULL NOT SERIALIZED
)
ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;
-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
--- SQL operation complete.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)