Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implicitly active roles (and their permissions summarized) [CORE751] #1125

Closed
firebird-issue-importer opened this issue Sep 17, 2003 · 18 comments
Closed

Comments

@firebird-issue-importer

Submitted by: @pcisar

Is duplicated by CORE2610
Is replaced by CORE1815

Votes: 13

SFID: 807938#⁠
Submitted By: pcisar

Database rights can be assigned to Groups. Groups can be assigned to users. The resulting user database rights are the combination of the group rights as well as user rights. All this must work without roles.

====== Test Details ======

See test for CORE1815

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 14, 2006

Commented by: Alice F. Bird (firebirds)

Date: 2004-10-22 00:43
Sender: smace
Logged In: YES
user_id=522214

I know an easy way of doing "Groups of grants" in Firebird.

--

One way is adding RDB$GROUPS table like RDB$ROLES.

CREATE TABLE RDB$GROUPS (
RDB$GROUP_NAME CHAR(31) CHARACTER SET UNICODE_FSS,
RDB$OWNER_NAME CHAR(31) CHARACTER SET UNICODE_FSS
);

And then replacing RDB$SECURITY_CLASSES by one View instead of table. This view catches all data from RDB$RELATION_FIELDS and *automatically adds grants (from the groups) (thought one select, union (whatever). I belive. It's not so hard doing. As you can see. So, I'd like to implement it. But I am not sure about changing RDB$ tables. And how we can add it to the default firebird distro.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 14, 2006

Commented by: Alice F. Bird (firebirds)

Date: 2004-07-29 21:58
Sender: smace
Logged In: YES
user_id=522214

I'd like to have Firebird behaving this way:

- accepting multiple roles at the same time.
- having an option for switch between passive roles and active roles. (one gets effective just by specifing it to a user, the other must be specified during the connection to the DB)
- groups of roles. ie. grant a role to another role. (when you grant a "master role" to a user, this user will have all privileges of all roles granted to the "master role".

Is the same thing you want? If yes, how can we implement it?

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jul 1, 2006

Modified by: @dyemanov

Component: Security [ 10071 ]

assignee: Alexander Peshkov [ alexpeshkoff ]

SF_ID: 807938 =>

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 28, 2008

Modified by: @pcisar

Workflow: jira [ 10775 ] => Firebird [ 15148 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 31, 2009

Modified by: @dyemanov

Link: This issue is duplicated by CORE2610 [ CORE2610 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 31, 2009

Commented by: Jacques (zerocool)

where can i find a step by step guide to implment the above.

I am looking into building a security model, and from there, granting roles to users, which the users can use to see data as needed.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 31, 2009

Commented by: @AlexPeshkoff

If you need "granting roles to users, which the users can use to see data as needed" this already works in firebird.

Noone will write you step by step guide - it's easier to write required program, but even to provide generic advice what to start with I need to get full understanding what you really need.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Apr 24, 2014

Modified by: Sean Leyne (seanleyne)

description: SFID: 807938#⁠
Submitted By: pcisar

Database rights can be assigned to Groups. Groups can
be assigned to users. The resulting user database
rights are the combination of the group rights as well
as user rights. All this must work without roles.

=>

SFID: 807938#⁠
Submitted By: pcisar

Database rights can be assigned to Groups. Groups can be assigned to users. The resulting user database rights are the combination of the group rights as well as user rights. All this must work without roles.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Mar 9, 2016

Modified by: @dyemanov

Fix Version: 4.0 Beta 1 [ 10750 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 12, 2016

Commented by: @romansimakov

Recently implemented ability to grant a role to another role (CORE1815) covers this feature in case of using DEFAULT ROLE. I guess this ticket can be closed.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 12, 2016

Modified by: @dyemanov

Link: This issue is replaced by CORE1815 [ CORE1815 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 12, 2016

Modified by: @dyemanov

assignee: Alexander Peshkov [ alexpeshkoff ] => Roman Simakov [ roman-simakov ]

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 17, 2016

Modified by: @dyemanov

Fix Version: 4.0 Alpha 1 [ 10731 ]

Fix Version: 4.0 Beta 1 [ 10750 ] =>

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 17, 2016

Modified by: @dyemanov

summary: Groups of users and rights => Implicitly active roles (and their permissions summarized)

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 23, 2016

Commented by: @sim1984

Please add a description of the system functions RDB$ROLE_IN_USE in README.cumulative_roles.txt file.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 23, 2016

Commented by: @romansimakov

f9c8887

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 23, 2016

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: Covered by another test(s)

Test Details: See test for CORE1815

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 23, 2016

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants