Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

release-20.2: changefeedccl: remove unnecessary and/or impossible privilege checks #61661

Merged
merged 1 commit into from Mar 9, 2021
Merged

release-20.2: changefeedccl: remove unnecessary and/or impossible privilege checks #61661

merged 1 commit into from Mar 9, 2021

Conversation

HonoreDB
Copy link
Contributor

@HonoreDB HonoreDB commented Mar 8, 2021

Backport 1/1 commits from #61031.

/cc @cockroachdb/release

Changefeeds were checking the SELECT privilege on every descriptor associated
with targeted tables, including the database (should not be required) and
custom types (not possible to assign granularly).
They now only check SELECT on the targeted tables itself.

Release note (bug fix): Better privilege checks when creating a changefeed

Closes #61006

@HonoreDB
changefeedccl: remove unnecessary and/or impossible privilege checks
22476cd 
Changefeeds were checking the SELECT privilege on every descriptor associated
with targeted tables, including the database (should not be required) and
custom types (not possible to assign granularly).
They now only check SELECT on the targeted tables itself.

Release note (bug fix): Better privilege checks when creating a changefeed
@HonoreDB HonoreDB requested review from ajwerner, a team and pbardea and removed request for a team March 8, 2021 22:17
@cockroach-teamcity
Copy link
Member

This change is Reviewable

ajwerner
ajwerner approved these changes Mar 9, 2021
View reviewed changes
Copy link
Contributor

@ajwerner ajwerner left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:lgtm:

I think this needs a 21.1 backport too

Reviewed 2 of 2 files at r1.
Reviewable status: :shipit: complete! 1 of 0 LGTMs obtained (waiting on @pbardea)

@HonoreDB HonoreDB merged commit 5980329 into cockroachdb:release-20.2 Mar 9, 2021
@HonoreDB HonoreDB deleted the backport20.2-61031 branch March 9, 2021 14:06
@HonoreDB HonoreDB restored the backport20.2-61031 branch April 28, 2022 21:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ajwerner ajwerner ajwerner approved these changes

@pbardea pbardea Awaiting requested review from pbardea

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@HonoreDB @cockroach-teamcity @ajwerner