[ https://issues.apache.org/jira/browse/TRAFODION-1276?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Roberta Marton updated TRAFODION-1276: -------------------------------------- Fix Version/s: 2.2-incubating > LP Bug: 1465782 - Revoke privilege return dependent grant ERROR[1037] > --------------------------------------------------------------------- > > Key: TRAFODION-1276 > URL: https://issues.apache.org/jira/browse/TRAFODION-1276 > Project: Apache Trafodion > Issue Type: Wish > Components: sql-security > Reporter: Paul Low > Assignee: Roberta Marton > Priority: Minor > Fix For: 2.1-incubating, 2.2-incubating > > > The DB__ROOT user is unable to revoke privilege granted to user after user > grants privilege to another user. In the scenario below, the user is granted > privilege with grant option. The user grants the privilege to another user. > DB__ROOT is unable to revoke the original privilege and the WGO privilege > that he first granted to the user. ERROR[1037] is returned. > Daily build: 20150613 > Security is enabled. > SQL>create schema schema1; > --- SQL operation complete. > > SQL>set schema schema1; > --- SQL operation complete. > SQL>create table tab1(a int, b int) no partition; > --- SQL operation complete. > SQL>grant select on tab1 to username1 with grant option; > --- SQL operation complete. > SQL>connect username1/password1; > Connected to Trafodion > SQL>set schema schema1; > --- SQL operation complete. > SQL>grant select on tab1 to username2; > --- SQL operation complete. > SQL>connect db_root_username/db_root_password; > Connected to Trafodion > SQL>set schema schema1; > --- SQL operation complete. > SQL>revoke grant option for select on tab1 from username1; > *** ERROR[1037] Revoke failed because of a dependent grant between > authorization ID USERNAME1 and authorization ID USERNAME2 > SQL>revoke grant option for select on tab1 from username1 cascade; > *** ERROR[1037] Revoke failed because of a dependent grant between > authorization ID USERNAME1 and authorization ID USERNAME2 > SQL>revoke select on tab1 from username1 cascade; > *** ERROR[1037] Revoke failed because of a dependent grant between > authorization ID USERNAME1 and authorization ID USERNAME2 > SQL>drop schema schema1 cascade; > --- SQL operation complete. -- This message was sent by Atlassian JIRA (v6.4.14#64029)