From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 8E318263C3 for ; Fri, 8 Jun 2018 13:26:48 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g1DesHG_CiSL for ; Fri, 8 Jun 2018 13:26:48 -0400 (EDT) Received: from smtp47.i.mail.ru (smtp47.i.mail.ru [94.100.177.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id 4BE4226345 for ; Fri, 8 Jun 2018 13:26:48 -0400 (EDT) Date: Fri, 8 Jun 2018 20:26:45 +0300 From: Konstantin Osipov Subject: [tarantool-patches] Re: [PATCH 3/3] Introduce privileges for object groups Message-ID: <20180608172645.GB6436@chai> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org Cc: Georgy Kirichenko * Georgy Kirichenko [18/06/08 12:11]: > Allow define access privileges for all spaces, functions and sequences. > Read and write privileges are supported for spaces, execute privilege > for sequences. Privilege granting and revoking might be done through old api > without object identification: > box.schema.user.grant("guest", "read", "space") The patch looks good, I don't understand though why we need it - I never asked for one. Does it have a documentation request? A few minor comments below. > > Prerequisite #945 > --- > src/box/alter.cc | 18 ++++++--- > src/box/call.c | 2 + > src/box/lua/schema.lua | 9 +++++ > src/box/schema.cc | 8 ++++ > src/box/schema.h | 26 +++++++++++++ > src/box/sequence.c | 1 + > src/box/space.c | 2 + > src/box/sysview_index.c | 11 ++++++ > src/box/user.cc | 12 ++++++ > test/box/access.result | 77 +++++++++++++++++++++++++++++++++++++ > test/box/access.test.lua | 29 ++++++++++++++ > test/box/lua/identifier.lua | 1 - > 12 files changed, 189 insertions(+), 7 deletions(-) > > diff --git a/src/box/call.c b/src/box/call.c > index 6388e1e68..8a43db130 100644 > --- a/src/box/call.c > +++ b/src/box/call.c > @@ -71,6 +71,8 @@ access_check_func(const char *name, uint32_t name_len, struct func **funcp) > return 0; > } > user_access_t access = PRIV_X | PRIV_U; > + /* Check access for all functions. */ > + access &= ~get_entity_access(SC_FUNCTION)[credentials->auth_token].effective; 1) Are you sure get_entity_access() is inlined? This is a hot path I would try to make it as fast as possible. 2) the name should be entity_access_get() or entity_access_find(). > @@ -295,6 +298,10 @@ vfunc_filter(struct space *source, struct tuple *tuple) > */ > if ((PRIV_WRDA | PRIV_X) & cr->universal_access) > return true; > + /* Allow access for a user with function privileges. */ > + if ((PRIV_WRDA | PRIV_X) & > + get_entity_access(SC_FUNCTION)[cr->auth_token].effective) > + return true; Perhaps we should have a variable for PRIV_WRDA | PRIV_X Please add a test case checking that granting entity access via role works. We also need a test case that revoking entity access works. The same is for revoking entity access granted via role. Thank you for working on it, -- Konstantin Osipov, Moscow, Russia, +7 903 626 22 32 http://tarantool.io - www.twitter.com/kostja_osipov