[ https://issues.apache.org/jira/browse/TRAFODION-1806?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15232328#comment-15232328 ]
Roberta Marton commented on TRAFODION-1806: ------------------------------------------- The create view code is looking for SELECT privilege on sequence generators but Trafodion only allows USAGE privilege to be specified. - The code was fixed to look for USAGE (not SELECT) privilege if the object type is sequence generator. - Changed code to store privilege descriptors in the NATable structure at construction time to avoid look ups later. - Added code to remove the Sequence Entry from NATable cache if a privilege change was detected. - Added tests to privs2/TEST135 > create view with sequence failed with ERROR[4481] though the user has been > granted usage privilege > -------------------------------------------------------------------------------------------------- > > Key: TRAFODION-1806 > URL: https://issues.apache.org/jira/browse/TRAFODION-1806 > Project: Apache Trafodion > Issue Type: Bug > Components: sql-security > Affects Versions: 2.0-incubating > Environment: esgynDB: esgynDB-20160107_0900-bin > platform: suse11 > Reporter: Gao, Rui-Xian > Assignee: Roberta Marton > > create view with sequence failed though the user has been granted usage > privileges on the sequence, here is the steps to reproduce -- > User dbroot-- > create schema myschema; > GRANT COMPONENT privilege create_view on sql_operations to testuser1; > set schema myschema; > create table mytable (a int, b int); > insert into mytable values (1,1); > create sequence myseq; > > grant select on mytable to testuser1; > grant usage on sequence myseq to testuser1; > > >>showddl sequence myseq; > > CREATE SEQUENCE TRAFODION.MYSCHEMA.MYSEQ > START WITH 1 /* NEXT AVAILABLE VALUE 1 */ > INCREMENT BY 1 > MAXVALUE 9223372036854775806 > MINVALUE 1 > CACHE 25 > NO CYCLE > LARGEINT > ; > > -- GRANT USAGE ON SEQUENCE TRAFODION.MYSCHEMA.MYSEQ TO DB__ROOT WITH GRANT > OPTION; > GRANT USAGE ON SEQUENCE TRAFODION.MYSCHEMA.MYSEQ TO TESTUSER1; > user testuser1-- > set schema myschema; > create view myview as select seqnum(myseq) as a from mytable; > *** ERROR[4481] The user does not have SELECT privilege on table or view . -- This message was sent by Atlassian JIRA (v6.3.4#6332)