[jira] [Commented] (TRAFODION-1806) create view with sequence failed with ERROR[4481] though the user has been granted usage privilege

Fri, 08 Apr 2016 08:26:07 -0700 

    [ 
https://issues.apache.org/jira/browse/TRAFODION-1806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15232328#comment-15232328
 ] 

Roberta Marton commented on TRAFODION-1806:
-------------------------------------------

The create view code is looking for SELECT privilege on sequence generators
but Trafodion only allows USAGE privilege to be specified.
- The code was fixed to look for USAGE (not SELECT) privilege if the object type
  is sequence generator.
- Changed code to store privilege descriptors in the NATable structure at
  construction time to avoid look ups later.
- Added code to remove the Sequence Entry from NATable cache if a privilege
  change was detected.
- Added tests to privs2/TEST135


> create view with sequence failed with ERROR[4481] though the user has been 
> granted usage privilege
> --------------------------------------------------------------------------------------------------
>
>                 Key: TRAFODION-1806
>                 URL: https://issues.apache.org/jira/browse/TRAFODION-1806
>             Project: Apache Trafodion
>          Issue Type: Bug
>          Components: sql-security
>    Affects Versions: 2.0-incubating
>         Environment: esgynDB: esgynDB-20160107_0900-bin
> platform: suse11
>            Reporter: Gao, Rui-Xian
>            Assignee: Roberta Marton
>
> create view with sequence failed though the user has been granted usage  
> privileges on the sequence, here is the steps to reproduce --
> User dbroot--
> create schema myschema;
> GRANT COMPONENT privilege create_view on sql_operations to testuser1;
>  set schema myschema;
> create table mytable (a int, b int);
> insert into mytable values (1,1);
>  create sequence myseq;
>  
> grant select on  mytable to testuser1;
> grant usage on sequence myseq to testuser1;
>  
> >>showddl sequence myseq;
>  
> CREATE SEQUENCE TRAFODION.MYSCHEMA.MYSEQ
>   START WITH 1 /* NEXT AVAILABLE VALUE 1 */
>   INCREMENT BY 1
>   MAXVALUE 9223372036854775806
>   MINVALUE 1
>   CACHE 25
>   NO CYCLE
>   LARGEINT
> ;
>  
> -- GRANT USAGE ON SEQUENCE TRAFODION.MYSCHEMA.MYSEQ TO DB__ROOT WITH GRANT 
> OPTION;
>   GRANT USAGE ON SEQUENCE TRAFODION.MYSCHEMA.MYSEQ TO TESTUSER1;
> user testuser1--
> set schema myschema;
> create view myview as select seqnum(myseq) as a from mytable;
> *** ERROR[4481] The user does not have SELECT privilege on table or view . 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to