Roberta Marton created TRAFODION-2538:
-----------------------------------------
Summary: Revoking privileges from role not invoking query
invalidation
Key: TRAFODION-2538
URL: https://issues.apache.org/jira/browse/TRAFODION-2538
Project: Apache Trafodion
Issue Type: Bug
Components: sql-cmp, sql-security
Reporter: Roberta Marton
Privilege information is cached. When a revoke is performed, query
invalidation occurs. Query invalidation sends the revoke operation to RMS and
each executor process checks for keys. If the key affect cache, the cache
entry is refreshed.
Query invalidation keys are not be created for revoke privileges from roles.
Create a table
create a role
grant select, insert on table to role;
grant role to user1.
as user1, select and insert into table
in another session, revoke insert from role
user1 should no longer be able to insert
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
