Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cleanup grants of internal objects & tables #954

Merged
merged 8 commits into from Jun 28, 2019

Conversation

@jgebal
Copy link
Member

commented Jun 22, 2019

Removed following grants.

select, insert, update, delete on:

  • ut_compound_data_tmp
  • ut_compound_data_diff_tmp

Select on:

  • ut_annotation_cache
  • ut_annotation_cache_info
  • ut_suite_cache
  • ut_suite_cache_after_all
  • ut_suite_cache_after_each
  • ut_suite_cache_after_test
  • ut_suite_cache_before_all
  • ut_suite_cache_before_each
  • ut_suite_cache_before_test
  • ut_suite_cache_package
  • ut_suite_cache_schema
  • ut_suite_cache_trhows
  • ut_suite_cache_warnings

Execute on:

  • ut_annotations
  • ut_annotation
  • ut_annotated_object
  • ut_annotated_objects
  • ut_annotation_cache_manager
  • ut_annotation_parser
  • ut_coverage
  • ut_coverage_options
  • ut_coverage_helper
  • ut_coverage_reporter_base
  • ut_console_reporter_base
  • ut_output_data_row
  • ut_output_data_rows
  • ut_output_table_buffer
  • ut_output_clob_table_buffer

Below tables were changed to be session global temp tables.

  • dbmspcc_blocks
  • dbmspcc_runs
  • dbmspcc_units

With this, there is no risk of data leaks between sessions.

Reorganized code to accommodate for grants removal.
Wrapped sys.dbms_assert.qualified_sql_name to support NULL values.
Replaced calls to dbms_crypto.hash with ut_utils.get_hash - default SHA1

Resolves: #922

jgebal added 4 commits Jun 22, 2019
Cleanup some grants to internal objects & tables
Removed grants:
- execute on ut_annotations
- execute on ut_annotation
- execute on ut_annotated_object
- execute on ut_annotated_objects
- select on ut_annotation_cache
- select on ut_annotation_cache_info
- execute ut_annotation_cache_manager
- execute ut_annotation_parser

Reorganized code to accommodate for grants removal.
Wrapped `sys.dbms_assert.qualified_sql_name` to support NULL values.
Replaced calls to `dbms_crypto.hash` with `ut_utils.get_hash` - default `SHA1`
Removed public grants for:
- `ut_coverage`
- `ut_coverage_options`
- `ut_coverage_helper`
Removed grant execute on:
- ut_output_reporter_base
- ut_coverage_reporter_base
- ut_console_reporter_base
- ut_output_data_row
- ut_output_data_rows
- ut_output_table_buffer
- ut_output_clob_table_buffer

@jgebal jgebal changed the title Cleanup some grants to internal objects & tables [WIP] Cleanup grants to internal objects & tables Jun 24, 2019

Unified grants & synonyms scripts to avoid any disconnect between PUB…
…LIC and private access to the framework.

Resolves: #957
jgebal added 2 commits Jun 27, 2019
Removed grants:
- grant select, insert, update, delete on ut_compound_data_tmp
- grant select, insert, update, delete on ut_compound_data_diff_tmp
- removed grants to `ut_suite_cache`
- changed `dbmspcc_...` tables to be global temporary
- added cleanup of session level global temp tables after run

@jgebal jgebal added this to the v3.1.8 milestone Jun 28, 2019

@jgebal jgebal changed the title [WIP] Cleanup grants to internal objects & tables Cleanup grants of internal objects & tables Jun 28, 2019

@jgebal jgebal merged commit f3f2b12 into develop Jun 28, 2019

4 checks passed

SonarCloud Code Analysis Quality Gate passed
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details
coverage/coveralls First build on feature/grants_cleanup at 95.053%
Details

@jgebal jgebal deleted the feature/grants_cleanup branch Jun 28, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.