You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafodion.apache.org by "Roberta Marton (JIRA)" <ji...@apache.org> on 2018/09/06 16:34:00 UTC

[jira] [Created] (TRAFODION-3194) Revoke grant option for all on objects also revokes all privileges from user/role

Roberta Marton created TRAFODION-3194:
-----------------------------------------

             Summary: Revoke grant option for all on objects also revokes all privileges from user/role
                 Key: TRAFODION-3194
                 URL: https://issues.apache.org/jira/browse/TRAFODION-3194
             Project: Apache Trafodion
          Issue Type: Bug
            Reporter: Roberta Marton


'revoke grant option for all' should only revoke the ability to grant all privileges to another user/role, but now all privileges will be revoked too.
revoke grant option for single/combined privileges works as expected.

Test Result :
======================================

SQL>showddl usera_t1;


CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
  (
    A INT DEFAULT NULL NOT SERIALIZED
  , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
      DEFAULT DEFAULT NULL NOT SERIALIZED
  )
 ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;

-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;

--- SQL operation complete.

SQL>grant all on usera_t1 to qauser_sqlqaa with grant option;

--- SQL operation complete.

SQL>showddl usera_t1;


CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
  (
    A INT DEFAULT NULL NOT SERIALIZED
  , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
      DEFAULT DEFAULT NULL NOT SERIALIZED
  )
 ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;

-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;
  GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
  TRAFODION.TRAFINCSCH1.USERA_T1 TO QAUSER_SQLQAA WITH GRANT OPTION;

--- SQL operation complete.

SQL>revoke grant option for all on usera_t1 from qauser_sqlqaa;

--- SQL operation complete.

SQL>showddl usera_t1; //qauser_sqlqaa doesn’t have any privilege on the table after revoke


CREATE TABLE TRAFODION.TRAFINCSCH1.USERA_T1
  (
    A INT DEFAULT NULL NOT SERIALIZED
  , B VARCHAR(20) CHARACTER SET ISO88591 COLLATE
      DEFAULT DEFAULT NULL NOT SERIALIZED
  )
 ATTRIBUTES ALIGNED FORMAT NAMESPACE 'TRAF_1500000' INCREMENTAL BACKUP
;

-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.TRAFINCSCH1.USERA_T1 TO DB__ROOT WITH GRANT OPTION;

--- SQL operation complete.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)