-
Notifications
You must be signed in to change notification settings - Fork 548
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow non-superusers to run ALTER TABLE REROUTE commands #15891
Comments
TBD which option to use:
|
Imho, users with |
Makes sense to me, as we already allow non-superusers to run
|
As discussed, we should allow We decided also to treat this as a bug, as according to our current docs, we allow users to DDL to perform any |
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891 (cherry picked from commit 3b37290) # Conflicts: # server/src/main/java/io/crate/auth/AccessControlImpl.java
Thank you @hlcianfagna for reporting this. It has been addressed as a bug fix and will be available with the next hotfix release. |
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891 (cherry picked from commit 3b37290) # Conflicts: # server/src/main/java/io/crate/auth/AccessControlImpl.java
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891 (cherry picked from commit 3b37290) # Conflicts: # server/src/main/java/io/crate/auth/AccessControlImpl.java
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891 (cherry picked from commit 3b37290) # Conflicts: # server/src/main/java/io/crate/auth/AccessControlImpl.java
In docs, we don't mention any exception for the REROUTE statements, we've just missed to check for the correct privileges for this type of statements. - Add the required methods to the access to `AccessControlImpl#StatementVisitor`. - Add `ident()` to `ShardedTable` iface used in the corresponding analyzed statements. - Extracted a method which ensures DDL on table, as it's being used in multiple places Fixes: #15891 (cherry picked from commit 3b37290) # Conflicts: # server/src/main/java/io/crate/auth/AccessControlImpl.java
Problem Statement
In CrateDB Cloud and other security-sensitive setups, database admins may not routinely have access to the
crate
superuser account.The
ALTER TABLE ... REROUTE MOVE SHARD
commands are useful to move around "hot shards" as described in the documentation.Currently these operations are not allowed even when a user account has AL and DDL permissions at cluster level.
Possible Solutions
crate
REROUTE
use cases in some other way so that manual rerouting is not necessaryConsidered Alternatives
Get an admin with access to the CrateDB nodes to connect locally as
crate
and run the required commands.The text was updated successfully, but these errors were encountered: