[
https://issues.jboss.org/browse/TEIID-5792?page=com.atlassian.jira.plugin...
]
Steven Hawkins updated TEIID-5792:
----------------------------------
Issue Type: Enhancement (was: Bug)
Priority: Major (was: Blocker)
This is the currently expected behavior. Functions/procedures support just the notion of
execute, not fine grained permissions on the resultset. The workaround is to introduce a
view that relies on procedural / relational invocation and assign permissions to the view.
Permissions don't work with virtual procedures' ResultSet
---------------------------------------------------------
Key: TEIID-5792
URL:
https://issues.jboss.org/browse/TEIID-5792
Project: Teiid
Issue Type: Enhancement
Components: Query Engine
Affects Versions: 12.0
Environment: teiid-12.0.0 on WildFly Full 14.0.1.Final (WildFly Core
6.0.2.Final)
Reporter: Dmitrii Pogorelov
Assignee: Steven Hawkins
Priority: Major
Teiid doesn't work with ResultSet of a virtual procedure. For example, if we have
procs.testProc virtual procedure which can return two values in ResultSet: a and b and we
specify a permission for one of these columns in ResultSet, the permission won't
work:
{code:xml}
<permission>
<resource-name>procs.testProc.a</resource-name>
<allow-read>false</allow-read>
</permission>
{code}
I think it would be great to set permissions also for ResultSets of virtual procedures,
so AuthorizationValidationVisitor.validateEntitlements method for a GroupSymbol, which is
a procedure, should analyze also its ResultSet. At the same time permissions work for
virtual views and we can set permissions for some views' columns separately.
--
This message was sent by Atlassian Jira
(v7.12.1#712002)