You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafodion.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/10/12 01:56:20 UTC

[jira] [Commented] (TRAFODION-2167) Invalid query invalidation keys not working properly

    [ https://issues.apache.org/jira/browse/TRAFODION-2167?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15567255#comment-15567255 ] 

ASF GitHub Bot commented on TRAFODION-2167:
-------------------------------------------

GitHub user robertamarton opened a pull request:

    https://github.com/apache/incubator-trafodion/pull/757

    [TRAFODION-2167]: Invalid query invalidation keys not working properly

    When a user is revoked from a role, invalidation keys are not being
    processed correctly. Therefore, users can still run queries even though
    privileges have been removed.  Query invalidation is complicated when
    table descriptors are stored in metadata.
    
    Changes:
    
    --> The list of priv_descs created (and stored) was changed to include an entry
        for each user and each role accumulated across all grantors. (Today, each
        priv_desc entry includes the users' direct grants plus grants on their
        active roles.)
    --> When an object is loaded into NATable or NARoutine cache, the priv_desc is
        accessed and the privilege bitmap is now generated by combining the users'
        privileges with privileges of their active roles. Correct invalidation keys
        are now being created and stored with the object. In the first code drop,
        the users' active roles are read from the role_usage table. In the next
        code drop, the active roles will be stored and maintained in executor
        globals.
    --> When a plan is compiled, the correct invalidation keys for users, roles,
        and the public authorization are added to the plan.
    --> Changes in the compiler were required to handle the invalidation keys for
        revoke role and revoke privilege from "PUBLIC".
    --> Cleaned up the code that manages invalidation keys in privilege manager.
    --> Included the correct create and redef times (if available) in the stored
        object descriptor - today they are always set to 0.
    --> Added new regression test to test all the revoke options.

You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/robertamarton/incubator-trafodion trafodion-2189

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/incubator-trafodion/pull/757.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #757
    
----
commit 3b437720a54de88b6a04e44e0257fac0448f0762
Author: Roberta Marton <rm...@edev07.esgyn.local>
Date:   2016-10-12T01:48:22Z

    [TRAFODION-2167]: Invalid query invalidation keys not working properly
    
    When a user is revoked from a role, invalidation keys are not being
    processed correctly. Therefore, users can still run queries even though
    privileges have been removed.  Query invalidation is complicated when
    table descriptors are stored in metadata.
    
    Changes:
    
    --> The list of priv_descs created (and stored) was changed to include an entry
        for each user and each role accumulated across all grantors. (Today, each
        priv_desc entry includes the users' direct grants plus grants on their
        active roles.)
    --> When an object is loaded into NATable or NARoutine cache, the priv_desc is
        accessed and the privilege bitmap is now generated by combining the users'
        privileges with privileges of their active roles. Correct invalidation keys
        are now being created and stored with the object. In the first code drop,
        the users' active roles are read from the role_usage table. In the next
        code drop, the active roles will be stored and maintained in executor
        globals.
    --> When a plan is compiled, the correct invalidation keys for users, roles,
        and the public authorization are added to the plan.
    --> Changes in the compiler were required to handle the invalidation keys for
        revoke role and revoke privilege from "PUBLIC".
    --> Cleaned up the code that manages invalidation keys in privilege manager.
    --> Included the correct create and redef times (if available) in the stored
        object descriptor - today they are always set to 0.
    --> Added new regression test to test all the revoke options.

----


> Invalid query invalidation keys not working properly
> ----------------------------------------------------
>
>                 Key: TRAFODION-2167
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-2167
>             Project: Apache Trafodion
>          Issue Type: Bug
>          Components: sql-security
>            Reporter: Roberta Marton
>            Priority: Minor
>
> As part of grant/revoke a query invalidation key is created containing the object, user, and privilege change and sent to RMS.  The next time a query is performed on the object for the affected user, the query is recompiled to pick up the changed privilege(s).  It is possible to create an invalid key and when this happens, the error handling is not working properly. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)