[ https://issues.apache.org/jira/browse/TRAFODION-2538?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Work on TRAFODION-2538 started by Roberta Marton. ------------------------------------------------- > Revoking privileges from role not invoking query invalidation > ------------------------------------------------------------- > > Key: TRAFODION-2538 > URL: https://issues.apache.org/jira/browse/TRAFODION-2538 > Project: Apache Trafodion > Issue Type: Bug > Components: sql-cmp, sql-security > Reporter: Roberta Marton > Assignee: Roberta Marton > > Privilege information is cached. When a revoke is performed, query > invalidation occurs. Query invalidation sends the revoke operation to RMS > and each executor process checks for keys. If the key affect cache, the > cache entry is refreshed. > Query invalidation keys are not be created for revoke privileges from roles. > Create a table > create a role > grant select, insert on table to role; > grant role to user1. > as user1, select and insert into table > in another session, revoke insert from role > user1 should no longer be able to insert -- This message was sent by Atlassian JIRA (v6.3.15#6346)