From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 219CA26597 for ; Mon, 9 Jul 2018 06:33:50 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KD0q8DKlGgYr for ; Mon, 9 Jul 2018 06:33:50 -0400 (EDT) Received: from smtp51.i.mail.ru (smtp51.i.mail.ru [94.100.177.111]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id D23BF22291 for ; Mon, 9 Jul 2018 06:33:49 -0400 (EDT) From: Serge Petrenko Subject: [tarantool-patches] [PATCH] Add a privilege check when creating a sequence Date: Mon, 9 Jul 2018 13:32:34 +0300 Message-Id: <20180709103234.61121-1-sergepetrenko@tarantool.org> Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-subscribe: List-owner: List-post: List-archive: To: tarantool-patches@freelists.org, kostja@tarantool.org Cc: Serge Petrenko There was no check for create privilege when creating a sequence. Added one, and modified the tests accordingly. --- https://github.com/tarantool/tarantool/tree/sergepetrenko/access-checks src/box/alter.cc | 2 ++ test/box/access.result | 18 ++++++++++++++++-- test/box/access.test.lua | 9 +++++++-- test/box/sequence.result | 13 ++++++++----- test/box/sequence.test.lua | 11 ++++++----- 5 files changed, 39 insertions(+), 14 deletions(-) diff --git a/src/box/alter.cc b/src/box/alter.cc index 509e4b7e3..70732def3 100644 --- a/src/box/alter.cc +++ b/src/box/alter.cc @@ -2981,6 +2981,8 @@ on_replace_dd_sequence(struct trigger * /* trigger */, void *event) new_def = sequence_def_new_from_tuple(new_tuple, ER_CREATE_SEQUENCE); assert(sequence_by_id(new_def->id) == NULL); + access_check_ddl(new_def->name, new_def->uid, SC_SEQUENCE, + PRIV_C, false); sequence_cache_replace(new_def); alter->new_def = new_def; } else if (old_tuple != NULL && new_tuple == NULL) { /* DELETE */ diff --git a/test/box/access.result b/test/box/access.result index 7e070e6d5..928c3fcd4 100644 --- a/test/box/access.result +++ b/test/box/access.result @@ -1740,8 +1740,9 @@ c:close() --- ... -- --- A user with read/write access to sequence was able --- to create a sequence +-- A user with read/write access to sequence shouldn't +-- be able to create a sequence. It also needs a create privilege +-- on universe. -- box.schema.user.create('tester') --- @@ -1754,6 +1755,19 @@ box.session.su('tester') ... _ = box.schema.sequence.create('test_sequence') --- +- error: Create access to sequence 'test_sequence' is denied for user 'tester' +... +box.session.su('admin') +--- +... +box.schema.user.grant('tester', 'create', 'universe') +--- +... +box.session.su('tester') +--- +... +_ = box.schema.sequence.create('test_sequence') +--- ... box.session.su('admin') --- diff --git a/test/box/access.test.lua b/test/box/access.test.lua index a2988c4c0..7dc92ba52 100644 --- a/test/box/access.test.lua +++ b/test/box/access.test.lua @@ -670,13 +670,18 @@ box.schema.func.drop("func") c:close() -- --- A user with read/write access to sequence was able --- to create a sequence +-- A user with read/write access to sequence shouldn't +-- be able to create a sequence. It also needs a create privilege +-- on universe. -- box.schema.user.create('tester') box.schema.user.grant('tester', 'read,write', 'space', '_sequence') box.session.su('tester') _ = box.schema.sequence.create('test_sequence') box.session.su('admin') +box.schema.user.grant('tester', 'create', 'universe') +box.session.su('tester') +_ = box.schema.sequence.create('test_sequence') +box.session.su('admin') box.schema.user.drop('tester') diff --git a/test/box/sequence.result b/test/box/sequence.result index 0c9951d8b..cbbd45080 100644 --- a/test/box/sequence.result +++ b/test/box/sequence.result @@ -1472,6 +1472,9 @@ sq:drop() --- ... -- A user can alter/use sequences that he owns. +box.schema.user.grant('user', 'create', 'universe') +--- +... box.session.su('user') --- ... @@ -1490,13 +1493,13 @@ sq = box.schema.sequence.create('seq') box.session.su('admin') --- ... -box.schema.user.revoke('user', 'read,write', 'universe') +box.schema.user.revoke('user', 'read,write,create', 'universe') --- ... box.session.su('user') --- ... -sq:set(100) -- ok +sq:set(100) -- ok - user owns the sequence --- ... sq:next() -- ok @@ -1677,7 +1680,7 @@ s:drop() --- ... -- When a user is dropped, all his sequences are dropped as well. -box.schema.user.grant('user', 'read,write', 'universe') +box.schema.user.grant('user', 'read,write,create', 'universe') --- ... box.session.su('user') @@ -1707,10 +1710,10 @@ box.schema.user.create('user1') box.schema.user.create('user2') --- ... -box.schema.user.grant('user1', 'read,write', 'universe') +box.schema.user.grant('user1', 'read,write,create', 'universe') --- ... -box.schema.user.grant('user2', 'read,write', 'universe') +box.schema.user.grant('user2', 'read,write,create', 'universe') --- ... box.session.su('user1') diff --git a/test/box/sequence.test.lua b/test/box/sequence.test.lua index 1bcb91a9c..c119459b3 100644 --- a/test/box/sequence.test.lua +++ b/test/box/sequence.test.lua @@ -490,15 +490,16 @@ box.session.su('admin') sq:drop() -- A user can alter/use sequences that he owns. +box.schema.user.grant('user', 'create', 'universe') box.session.su('user') sq = box.schema.sequence.create('seq') sq:alter{step = 2} -- ok sq:drop() -- ok sq = box.schema.sequence.create('seq') box.session.su('admin') -box.schema.user.revoke('user', 'read,write', 'universe') +box.schema.user.revoke('user', 'read,write,create', 'universe') box.session.su('user') -sq:set(100) -- ok +sq:set(100) -- ok - user owns the sequence sq:next() -- ok sq:reset() -- ok box.session.su('admin') @@ -562,7 +563,7 @@ box.session.su('admin') s:drop() -- When a user is dropped, all his sequences are dropped as well. -box.schema.user.grant('user', 'read,write', 'universe') +box.schema.user.grant('user', 'read,write,create', 'universe') box.session.su('user') _ = box.schema.sequence.create('test1') _ = box.schema.sequence.create('test2') @@ -574,8 +575,8 @@ box.sequence -- to a sequence. box.schema.user.create('user1') box.schema.user.create('user2') -box.schema.user.grant('user1', 'read,write', 'universe') -box.schema.user.grant('user2', 'read,write', 'universe') +box.schema.user.grant('user1', 'read,write,create', 'universe') +box.schema.user.grant('user2', 'read,write,create', 'universe') box.session.su('user1') sq = box.schema.sequence.create('test') box.session.su('user2') -- 2.15.2 (Apple Git-101.1)