[teiid-issues] [JBoss JIRA] (TEIID-3554) Audit log is missing details related to what role was applied and what info was allowed or denied

Steven Hawkins (JIRA) issues at jboss.org
Tue Jun 23 15:27:02 EDT 2015 

     [ https://issues.jboss.org/browse/TEIID-3554?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Steven Hawkins updated TEIID-3554:
----------------------------------
    Issue Type: Quality Risk  (was: Bug)


Can you spell out a little more about what you want to see in the client exception (keeping in mind that only appropriate information can be exposed) and what should be in the audit log (keeping in mind that too larger volumes of information could need to be at lower more detailed logging levels).

> But I still think the role being applied is important so that if a user was setup incorrectly, it can easily be seen.

A user can have any number of roles, and any number of which can grant permission X - it only takes one.  A role or roles not having a given permission is not considered an incorrect setup, but rather a design choice.

> Audit log is missing details related to what role was applied and what info was allowed or denied
> -------------------------------------------------------------------------------------------------
>
>                 Key: TEIID-3554
>                 URL: https://issues.jboss.org/browse/TEIID-3554
>             Project: Teiid
>          Issue Type: Quality Risk
>          Components: Server
>    Affects Versions: 8.7.1.6_2
>            Reporter: Van Halbert
>            Assignee: Steven Hawkins
>         Attachments: portfolioroles_data.xlsx
>
>
> Using the dynamicvdb-dataroles quick start as the basis for triggering the audit log.   Executing the view query:  "Select * from StockPrice" .  The query will only present the "price" column value when the user has the "prices" role.  When performing queries with a user (name=teiidUser) that doesn't have the "prices" role versus one that does (name=portfolio), doesn't provide any discerning information in the audit log to indicate that a role was applied to the data.  
> Attaching excel file of the audit log data.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

More information about the teiid-issues mailing list