Issue Details (XML | Word | Printable)

Key: CORE-885
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Major Major
Assignee: Alexander Peshkov
Reporter: Ayazyan Vasiliy
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Firebird Core

It is impossible to take away rights on update of a column

Created: 01/Aug/06 02:46 AM   Updated: 18/Nov/08 02:22 PM
Component/s: Engine
Affects Version/s: 1.5.0, 1.5.2, 1.5.3, 2.0 RC2
Fix Version/s: 2.1 Beta 1

Time Tracking:
Not Specified

Environment: windows xp sp2
Issue Links:
Relate
 


 Description  « Hide
Situation following:

I give rights to the user on update of a column of the table with an opportunity of their transfer.

GRANT UPDATE (COL1) ON TAB1 TO USER1 WITH GRANT OPTION

I connect under user USER1 and I create role ROLE1

Then I give rights to role ROLE1 on update of column COL1 of table TAB1:

GRANT UPDATE (COL1) ON TAB1 TO ROLE1

After that to take away these rights from role ROLE1 being under user USER1 it is impossible! Inquiry REVOKE UPDATE (COL1) ON TAB1 FROM ROLE1 gives out

This operation is not defined for system tables.
unsuccessful metadata update.
ERASE RDB$USER_PRIVILEGES failed in revoke (1).
no permission for control access to TABLE TAB1.
At trigger 'RDB$TRIGGER_8'.

It turns out to give rights it is possible and to take away - is not present?

Version Firebird - 2.0.0.

Tried on 1.5.0, 1.5.2 and 1.5.3

sorry for my english :)

Help people!

 All   Comments   Work Log   Change History   Version Control   Subversion Commits      Sort Order: Ascending order - Click to sort in descending order
Alexander Peshkov added a comment - 11/May/07 04:45 AM
Problem was caused by incomplete check of access rights to records in RDB$RELATION_FIELDS. RDB$RELATIONS security class was taken into account, but one from RDB$RELATION_FIELDS itself - not.