You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafodion.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/10/12 01:56:20 UTC
[jira] [Commented] (TRAFODION-2167) Invalid query invalidation keys
not working properly
[ https://issues.apache.org/jira/browse/TRAFODION-2167?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15567255#comment-15567255 ]
ASF GitHub Bot commented on TRAFODION-2167:
-------------------------------------------
GitHub user robertamarton opened a pull request:
https://github.com/apache/incubator-trafodion/pull/757
[TRAFODION-2167]: Invalid query invalidation keys not working properly
When a user is revoked from a role, invalidation keys are not being
processed correctly. Therefore, users can still run queries even though
privileges have been removed. Query invalidation is complicated when
table descriptors are stored in metadata.
Changes:
--> The list of priv_descs created (and stored) was changed to include an entry
for each user and each role accumulated across all grantors. (Today, each
priv_desc entry includes the users' direct grants plus grants on their
active roles.)
--> When an object is loaded into NATable or NARoutine cache, the priv_desc is
accessed and the privilege bitmap is now generated by combining the users'
privileges with privileges of their active roles. Correct invalidation keys
are now being created and stored with the object. In the first code drop,
the users' active roles are read from the role_usage table. In the next
code drop, the active roles will be stored and maintained in executor
globals.
--> When a plan is compiled, the correct invalidation keys for users, roles,
and the public authorization are added to the plan.
--> Changes in the compiler were required to handle the invalidation keys for
revoke role and revoke privilege from "PUBLIC".
--> Cleaned up the code that manages invalidation keys in privilege manager.
--> Included the correct create and redef times (if available) in the stored
object descriptor - today they are always set to 0.
--> Added new regression test to test all the revoke options.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/robertamarton/incubator-trafodion trafodion-2189
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-trafodion/pull/757.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #757
----
commit 3b437720a54de88b6a04e44e0257fac0448f0762
Author: Roberta Marton <rm...@edev07.esgyn.local>
Date: 2016-10-12T01:48:22Z
[TRAFODION-2167]: Invalid query invalidation keys not working properly
When a user is revoked from a role, invalidation keys are not being
processed correctly. Therefore, users can still run queries even though
privileges have been removed. Query invalidation is complicated when
table descriptors are stored in metadata.
Changes:
--> The list of priv_descs created (and stored) was changed to include an entry
for each user and each role accumulated across all grantors. (Today, each
priv_desc entry includes the users' direct grants plus grants on their
active roles.)
--> When an object is loaded into NATable or NARoutine cache, the priv_desc is
accessed and the privilege bitmap is now generated by combining the users'
privileges with privileges of their active roles. Correct invalidation keys
are now being created and stored with the object. In the first code drop,
the users' active roles are read from the role_usage table. In the next
code drop, the active roles will be stored and maintained in executor
globals.
--> When a plan is compiled, the correct invalidation keys for users, roles,
and the public authorization are added to the plan.
--> Changes in the compiler were required to handle the invalidation keys for
revoke role and revoke privilege from "PUBLIC".
--> Cleaned up the code that manages invalidation keys in privilege manager.
--> Included the correct create and redef times (if available) in the stored
object descriptor - today they are always set to 0.
--> Added new regression test to test all the revoke options.
----
> Invalid query invalidation keys not working properly
> ----------------------------------------------------
>
> Key: TRAFODION-2167
> URL: https://issues.apache.org/jira/browse/TRAFODION-2167
> Project: Apache Trafodion
> Issue Type: Bug
> Components: sql-security
> Reporter: Roberta Marton
> Priority: Minor
>
> As part of grant/revoke a query invalidation key is created containing the object, user, and privilege change and sent to RMS. The next time a query is performed on the object for the affected user, the query is recompiled to pick up the changed privilege(s). It is possible to create an invalid key and when this happens, the error handling is not working properly.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)