Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

It is impossible to take away rights on update of a column [CORE885] #1278

Closed
firebird-issue-importer opened this issue Aug 1, 2006 · 13 comments
Closed

Comments

@firebird-issue-importer
Copy link

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Submitted by: Ayazyan Vasiliy (vasya)

Relate to CORE1083

Situation following:

I give rights to the user on update of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I connect under user USER1 and I create role ROLE1

Then I give rights to role ROLE1 on update of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

sorry for my english :)

Help people!

Commits: 6d2eee9

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Modified by: Ayazyan Vasiliy (vasya)

description: ????????? ????????? ??????, ???????? ??????????? ? ?????????.
???????? ?????????:

??? ????? ???????????? ?? ????????? ??????? ??????? ? ???????????? ?? ????????.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

??????????? ??? ????????????? USER1 ? ?????? ???? ROLE1

????? ??? ????? ???? ROLE1 ?? ????????? ??????? COL1 ??????? TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

????? ????? ?????? ??? ????? ? ???? ROLE1 ???????? ??? ????????????? USER1 ?? ??????????! ?????? REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 ??????

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke(1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

?????????? ???? ????? ?????, ? ?????? - ????

?????? Firebird - 2.0.0.

???????? ?? 1.5.0, 1.5.2 ? 1.5.3

???????? ????!

=>

Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I come under user USER1 and I create role ROLE1

Then I give rights of role ROLE1 on change of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE T1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

Help people!

summary: ?????????? ?????? ????? ?? ????????? ??????? => It is impossible to take away rights on change of a column

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Modified by: Ayazyan Vasiliy (vasya)

description: Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I come under user USER1 and I create role ROLE1

Then I give rights of role ROLE1 on change of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE T1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

Help people!

=>

Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I come under user USER1 and I create role ROLE1

Then I give rights of role ROLE1 on change of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

Help people!

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Modified by: Ayazyan Vasiliy (vasya)

description: Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I come under user USER1 and I create role ROLE1

Then I give rights of role ROLE1 on change of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

Help people!

=>

Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I connect under user USER1 and I create role ROLE1

Then I give rights to role ROLE1 on update of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

sorry for my english :)

Help people!

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Modified by: Ayazyan Vasiliy (vasya)

priority: Major [ 3 ] => Critical [ 2 ]

Version: 2.0 RC2 [ 10032 ]

Version: 1.5.3 [ 10028 ]

Version: 1.5.2 [ 10027 ]

Version: 1.5.0 [ 10025 ]

description: Situation following:

I give rights to the user on change of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I connect under user USER1 and I create role ROLE1

Then I give rights to role ROLE1 on update of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

sorry for my english :)

Help people!

=>

Situation following:

I give rights to the user on update of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I connect under user USER1 and I create role ROLE1

Then I give rights to role ROLE1 on update of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

sorry for my english :)

Help people!

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 1, 2006

Modified by: Ayazyan Vasiliy (vasya)

summary: It is impossible to take away rights on change of a column => It is impossible to take away rights on update of a column

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 2, 2006

Modified by: @dyemanov

priority: Critical [ 2 ] => Major [ 3 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 11, 2007

Modified by: @dyemanov

Link: This issue relate to CORE1083 [ CORE1083 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Mar 4, 2007

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 11, 2007

Commented by: @AlexPeshkoff

Problem was caused by incomplete check of access rights to records in RDB$RELATION_FIELDS. RDB$RELATIONS security class was taken into account, but one from RDB$RELATION_FIELDS itself - not.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 11, 2007

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.1 Beta 1 [ 10141 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 28, 2008

Modified by: @pcisar

Workflow: jira [ 11110 ] => Firebird [ 14465 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 18, 2008

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 28, 2015

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: Done successfully

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants