Issue Details (XML | Word | Printable)

Key: CORE-5248
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Mark Rotteveel
Votes: 0
Watchers: 1

If you were logged in you would be able to see more operations.
Firebird Core

Improve consistency in GRANT syntax between roles and privileges according to SQL standard

Created: 20/May/16 08:25 AM   Updated: 30/Aug/16 02:08 PM
Component/s: Engine, Security
Affects Version/s: None
Fix Version/s: 3.0.1, 4.0 Alpha 1

File Attachments: 1. File adminOption.sql (2 kB)

QA Status: Done successfully

 Description  « Hide
The current syntax of GRANT is inconsistent between privileges and roles. Specifically, for privileges there is the `WITH GRANT OPTION`, while for roles there is the `WITH ADMIN OPTION` which has a similar effect (looking at the langref).

I would propose that for roles the `WITH GRANT OPTION` is also added. The `WITH GRANT OPTION` means that the user can 1) grant this role to users and 2) revoke from users the role granted by this user, while `WITH ADMIN OPTION` means that 1) the user can grant privileges to this role and 2) grant this role to users and 3) revoke this role from all users irrespective of the grantee.

For privileges a `WITH ADMIN OPTION` could be added with the same meaning as `WITH GRANT OPTION` for consistency purposes.

 All   Comments   Change History   Subversion Commits      Sort Order: Descending order - Click to sort in ascending order
Alexander Peshkov added a comment - 25/Aug/16 12:14 PM - edited
Fix in B3_0 is minimalistic - I do not want to change behavior in production version, just fixed obvious bug that any role can be dropped by any user. Full fix with SQL standard compliant ADMIN OPTION in role grants is in master branch, i.e. FB4.

Attention - to obtain new behavior in old databases roles should be recreated!

Alexander Peshkov added a comment - 24/Aug/16 03:53 PM
adminOption.sql contains a number of tests checking behavior of grant WITH ADMIN OPTION

Alexander Peshkov added a comment - 20/May/16 08:39 AM
And I tend to treat it as a bug in our GRANT/REVOKE.

Alexander Peshkov added a comment - 20/May/16 08:38 AM - edited
In our code ADMIN option behaves exactly like GRANT which violates standard. It should behave like Mark describes (up to ability to drop granted role) - reviewed standard not long ago.

What about extension of GRANT option for roles - that should IMHO be decided separately.

Mark Rotteveel added a comment - 20/May/16 08:36 AM
I hadn't thought of that. This ticket was triggered by this SO question:

If this is specified by the SQL standard, then maybe we should just leave this as is.

Dmitry Yemanov added a comment - 20/May/16 08:33 AM
We use the standard syntax. SQL spec declares WITH GRANT OPTION for privileges and WITH ADMIN OPTION for roles. I'm not sure they mean the same though, it needs checking.