Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New built-in function to check whether some role is implicitly active [CORE2762] #3155

Closed
firebird-issue-importer opened this issue Nov 20, 2009 · 11 comments

Comments

@firebird-issue-importer

Submitted by: Bjoern Reimer (bnreimer)

(As a reminder for Alex)

If I can get permissions on db objects not only via directly granted roles but also via roles in roles a new function is needed as replacement for psql statement

if (current_role = 'somerole') then ...
or
if (current_role <> 'somerole') then ...

I don't know a good name, but maybe

if  \(CanGetRole\( 'somerole'\) or \(current\_role = 'somerole'\) \) then  \.\.\.

or
if (not CanGetRole( 'somerole') and (current_role <> 'somerole') ) then ...

====== Test Details ======

All tests in tests/functional/syspriv/ folder (run there: find /c /i "RDB$ROLE_IN_USE" *.fbt )

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 21, 2009

Commented by: Sean Leyne (seanleyne)

Bjorn,

Could you provide an example, the name "CanGet" is confusing.

It seems that what you are looking for a security model where a user would be added to list of groups, so that you could ask the system "Is the current user a member of group X".

Sean

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 22, 2009

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 22, 2009

Commented by: @AlexPeshkoff

First of all, I must check in SQL standard, do roles in roles provide permissions on database objects...

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jun 1, 2011

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0 Beta 1 [ 10332 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 22, 2014

Commented by: @AlexPeshkoff

Delayed to post-3 version togethr with grant role to role

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented May 22, 2014

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Open [ 1 ]

Target: 3.0 Beta 1 [ 10332 ] =>

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 1, 2016

Commented by: @dyemanov

Currently implemented as RDB$ROLE_IN_USE(<role name>), may be changed before the final v4.0 release.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 1, 2016

Modified by: @dyemanov

assignee: Alexander Peshkov [ alexpeshkoff ] => Roman Simakov [ roman-simakov ]

Fix Version: 4.0 Alpha 1 [ 10731 ]

summary: New buildin function to check membership of role => New built-in function to check whether some role is implicitly active

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 1, 2016

Modified by: @dyemanov

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 1, 2016

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Resolved [ 5 ]

QA Status: Covered by another test(s)

Test Details: All tests in tests/functional/syspriv/ folder (run there: find /c /i "RDB$ROLE_IN_USE" *.fbt )

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Sep 1, 2016

Modified by: @pavel-zotov

status: Resolved [ 5 ] => Closed [ 6 ]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
2 participants