[teiid-issues] [JBoss JIRA] (TEIID-5802) Row based security and column masking don't work correctly for materialized tables (views)

Dmitrii Pogorelov (Jira) issues at jboss.org
Wed Aug 14 08:33:00 EDT 2019 

    [ https://issues.jboss.org/browse/TEIID-5802?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13770745#comment-13770745 ] 

Dmitrii Pogorelov commented on TEIID-5802:
------------------------------------------

[~shawkins] are you planning to use the legacy feature of scoping materialized views to a user or not to change anything at all? Any estimations?

> Row based security and column masking don't work correctly for materialized tables (views)
> ------------------------------------------------------------------------------------------
>
>                 Key: TEIID-5802
>                 URL: https://issues.jboss.org/browse/TEIID-5802
>             Project: Teiid
>          Issue Type: Bug
>          Components: Query Engine
>    Affects Versions: 12.0
>         Environment: teiid-12.0.0 on WildFly Full 14.0.1.Final (WildFly Core 6.0.2.Final)
>            Reporter: Dmitrii Pogorelov
>            Assignee: Steven Hawkins
>            Priority: Blocker
>
> Row based security doesn't work for materialized tables (views). For example, having the following permissions for materialized views.test_view1 and views.test_view2 views according to query plan Teiid applies ApplySecurity rule only for views.test_view2 view but should also apply for views.test_view1 view:
> {code:xml}
>     <data-role name="role1" any-authenticated="true" allow-create-temporary-tables="true">
>         <description>Allow read only</description>
>         <permission>
>             <resource-name>dsp</resource-name>
>             <allow-read>true</allow-read>
>         </permission>
>         <permission>
>             <resource-name>views.test_view1</resource-name>
>             <allow-read>true</allow-read>
>             <condition constraint="false">col2 > 1</condition>
>         </permission>
>         <permission>
>             <resource-name>views.test_view2</resource-name>
>             <allow-read>true</allow-read>
>             <condition constraint="false">col0 = 'sa'</condition>
>         </permission>
>     </data-role>
> {code}
> The same situation is for column masking feature, see below.



--
This message was sent by Atlassian Jira
(v7.12.1#712002)

More information about the teiid-issues mailing list