[Firebird-devel] [FB-Tracker] Created: (CORE-4802) Regression: GRANT UPDATE() on acts like grant update on ALL columns of

Mon, 18 May 2015 12:25:24 -0700 

Regression: GRANT UPDATE(<some_column>) on <T> acts like grant update on ALL 
columns of <T>
-------------------------------------------------------------------------------------------

                 Key: CORE-4802
                 URL: http://tracker.firebirdsql.org/browse/CORE-4802
             Project: Firebird Core
          Issue Type: Bug
          Components: Engine
    Affects Versions: 3.0 Beta 2
            Reporter: Pavel Zotov


New database, on WI-T3.0.0.31840:
============================

C:\MIX\firebird\QA\fbt-repo\tmp>C:\MIX\firebird\fb30\isql localhost/3333:e30
Database:  localhost/3333:e30
SQL> create table test(id int, s varchar(10)); commit;
SQL> create or alter user c1234 password '123'; commit;
SQL> revoke all on all from c1234;
Warning: ALL on ALL is not granted to C1234.
SQL> commit;
SQL> grant select on test to c1234; commit;
SQL> grant update (id) on test to c1234; commit;
SQL> insert into test values(1, 'qwerty'); commit;
SQL> connect 'localhost/3333:e30' user 'c1234' password '123';
Database:  'localhost/3333:e30', User: c1234
SQL> show grants;

/* Grant permissions for this database */
GRANT SELECT, UPDATE (ID) ON TEST TO USER C1234 --------------- <<< ::: NB ::: 
user can modify only ONE column, `ID`.
SQL> select * from test;

          ID S
============ ==========
           1 qwerty

SQL> update test set s='asdfgh';
SQL> commit;
SQL> select * from test;

          ID S
============ ==========
           1 asdfgh


Similar actions on WI-V2.5.5.26871:
============================

C:\MIX\firebird\QA\fbt-repo\tmp>C:\MIX\firebird\fb25\bin\isql localhost/3254:e25
Database:  localhost/3254:e25
SQL> create table test(id int, s varchar(10)); commit;
SQL> drop user c1234; commit;
SQL> create user c1234 password '123'; commit;
SQL> revoke all on all from c1234;
Warning: ALL on ALL is not granted to C1234.
SQL> commit;
SQL> grant select on test to c1234; commit;
SQL> grant update (id) on test to c1234; commit;
SQL> insert into test values(1, 'qwerty'); commit;
SQL> connect 'localhost/3254:e25' user 'c1234' password '123';
Database:  'localhost/3254:e25', User: c1234
SQL> show grants;

/* Grant permissions for this database */
GRANT SELECT, UPDATE (ID) ON TEST TO USER C1234
SQL> select * from test;

          ID S
============ ==========
           1 qwerty

SQL> update test set s='asdfgh';
Statement failed, SQLSTATE = 28000
no permission for update/write access to COLUMN TEST.S


-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://tracker.firebirdsql.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
Firebird-Devel mailing list, web interface at 
https://lists.sourceforge.net/lists/listinfo/firebird-devel

Reply via email to