[jira] Commented: (DERBY-3736) Revoking a column level privilege from a user, a prepared statement relying on that privilege can still be executed

["Rick Hillegas (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/DERBY-3736?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12609930#action_12609930 ] 

Rick Hillegas commented on DERBY-3736:
--------------------------------------

Thanks for the patch, Dag. It looks good. You might want to decorate your one line fix with the comment block which explains why INTERNAL_RECOMPILE_REQUEST is being requested:

// When revoking a privilege from a Table we need to
// invalidate all GPSs refering to it. But GPSs aren't
// Dependents of TablePermsDescr, but of the
// TableDescriptor itself, so we must send
// INTERNAL_RECOMPILE_REQUEST to the TableDescriptor's
// Dependents. 

Thanks,
-Rick

> Revoking a column level privilege from a user, a prepared statement relying on that privilege can still be executed 
> --------------------------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-3736
>                 URL: https://issues.apache.org/jira/browse/DERBY-3736
>             Project: Derby
>          Issue Type: Bug
>          Components: Security, SQL
>    Affects Versions: 10.3.1.4, 10.3.2.1, 10.3.3.0, 10.4.1.3
>            Reporter: Dag H. Wanvik
>            Assignee: Dag H. Wanvik
>         Attachments: column-level.sql, derby-3736.diff, derby-3736.stat, GrantRevokeDDLTest.diff, table-level.sql
>
>
> When a table level SELECT privilege is revoked, a dependent prepared statement is 
> invalidated and can no longer be executed, but in the case of a column level privilege
> SELECT privilege, the dependent prepared statement can still be executed.
> This works as expected in 10.2, but does not work in all 10.3 and 10.4 releases.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.