[teiid-issues] [JBoss JIRA] (TEIID-5798) Mixed PERMISSION GRANTS

Steven Hawkins (Jira) issues at jboss.org
Fri Feb 21 16:50:00 EST 2020 

    [ https://issues.redhat.com/browse/TEIID-5798?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13979950#comment-13979950 ] 

Steven Hawkins commented on TEIID-5798:
---------------------------------------

I see we did add a warning in the docs: http://teiid.github.io/teiid-documents/master/content/reference/ddl_deployment_mode.html

To speed up this issue, I'll separate off the non-conformance issue and expand upon the warning.  We can also consider having the grants/revoke only run at the end of the ddl such that they won't be affected by the drop issue.

In any case here is the wip:  https://github.com/teiid/teiid/compare/master...shawkins:TEIID-5798?expand=1

This is a light reorganization to better capture some of the concepts and to remove the linear scan we were doing for grants - which would get cost prohibitive for a lot of grants.  The policy functionality is just beginning to be stubbed out.  I will try to by-pass using the policymetadata construct and rather directly reference our regular metadata specifically for policies.  I'll also need bridge the old condition login into the new.

> Mixed PERMISSION GRANTS
> -----------------------
>
>                 Key: TEIID-5798
>                 URL: https://issues.redhat.com/browse/TEIID-5798
>             Project: Teiid
>          Issue Type: Enhancement
>          Components: Query Engine
>            Reporter: Christoph John
>            Assignee: Steven Hawkins
>            Priority: Major
>             Fix For: 13.1
>
>   Original Estimate: 6 hours
>          Time Spent: 4 hours
>  Remaining Estimate: 1 day, 6 hours
>
> Hello,
> I am currently trying to set a set of permissions on a table/view. Hence a condition on INSERT,UPDATE,DELETE and an unconditioned SELECT.
> However, it seems that conditioned and unconditioned GRANT statements do not work together.
> {code}
> GRANT INSERT,UPDATE,DELETE ON TABLE "my_nutri_diary.UserDefinedProducts_SRC" CONDITION 'UserDefinedProducts_SRC.fkProfile in  (SELECT Account.idProfile FROM Account WHERE Account.uuidUser = LEFT(user(), 36) )' TO odata;
> GRANT SELECT ON TABLE "my_nutri_diary.UserDefinedProducts_SRC" TO odata;
> REVOKE ALTER,EXECUTE ON TABLE "my_nutri_diary.UserDefinedProducts_SRC" FROM odata;
> {code}



--
This message was sent by Atlassian Jira
(v7.13.8#713008)

More information about the teiid-issues mailing list