Issue Details (XML | Word | Printable)

Key: CORE-4469
Type: Improvement Improvement
Status: Resolved Resolved
Resolution: Fixed
Priority: Minor Minor
Assignee: Alexander Peshkov
Reporter: Robert
Votes: 0
Watchers: 2

If you were logged in you would be able to see more operations.
Firebird Core

Add field in SEC$USERS reflecting whether a user has RDB$ADMIN role in security database

Created: 20/Jun/14 08:20 PM   Updated: 28/Jun/14 10:05 AM
Component/s: Security
Affects Version/s: None
Fix Version/s: 3.0 Beta 1

Time Tracking:
Not Specified

Planning Status: Unspecified

 Description  « Hide
I like to request a new field in SEC$USERS that reflects whether a user has the RDB$ADMIN role in the security database (as a result of CREATE USER GRANT ADMIN ROLE).

Suggested names for this new field: SEC$ADMIN_ROLE or SEC$ADMIN, value 0/1 or boolean.

This is the only user info missing now in sec$users, that can be obtained by the service manager (isc_action_svc_display_user_adm).

Note: special consideration is needed for user SYSDBA because this user is of course an administrator, but has not the RDB$ADMIN role been assigned in the security database. I suggest to assign 0 for this user to the new field because this is also the case for fbsvcmgr action_display_user_adm.

 All   Comments   Work Log   Change History   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Sean Leyne added a comment - 20/Jun/14 08:30 PM
Why is this necessary?

Can't you query to the User_Role data to determine that?

Robert added a comment - 20/Jun/14 08:45 PM
Hi Sean.
No, that is not possible, since the role RDB$ADMIN is granted in the *security* database for which I have no access.

Alexander Peshkov added a comment - 23/Jun/14 11:05 AM
To be precise almost everything regarding rdb$admin is still broken.
Initially we expected to have a whole set of system roles in FB3, therefore I did not hurry with admin implementation. Now it's clear that this feature has to wait for the next release. And hopefully something can be done.