From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Fri, 17 Aug 2018 22:57:53 +0300 From: Vladimir Davydov Subject: Re: [PATCH v3] Introduce separate entity object types for entity privileges. Message-ID: <20180817195753.eyobg4blhl3bqfp6@esperanza> References: <20180817162657.49693-1-sergepetrenko@tarantool.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180817162657.49693-1-sergepetrenko@tarantool.org> To: Serge Petrenko Cc: kostja@tarantool.org, tarantool-patches@freelists.org List-ID: ACK On Fri, Aug 17, 2018 at 07:26:57PM +0300, Serge Petrenko wrote: > When granting or revoking a privilege on an entire entity, id 0 was used > to indicate the fact that we don't grant a privilege on a single object, > but on a whole entity. This caused confusion, because for entity USER, > for example, id 0 is a valid object id (user 'guest' uses it). > Any non-zero id dedicated to this cause obviously may be confused as well. > Fix this by creating separate schema_object_types for entities: > SC_ENTITY_SPACE, SC_ENTITY_USER, etc. > > Closes: #3574 > Prerequisite: #3524 > --- > https://github.com/tarantool/tarantool/tree/sergepetrenko/gh-3574-whole-entity-types > https://github.com/tarantool/tarantool/issues/3574 > > Changes in v3: > - Fix indentation in numerous places. > - Change '*' to '' (empty string) in > object_id field for _priv and _vpriv > > Changes in v2: > - keep only old syntax for granting access > to all entities > - add an upgrade script to alter indices of spaces > _priv and _vpriv to store 'scalar' in object_id field, > and use an asterisk ('*') in object_id to indicate > granting on an entire entity. > - keep the new entity types in priv_def and use them > internally. > > src/box/alter.cc | 27 +++++++++++++++++++- > src/box/bootstrap.snap | Bin 1540 -> 1556 bytes > src/box/lua/schema.lua | 58 ++++++++++++++++++++++++++----------------- > src/box/lua/upgrade.lua | 23 +++++++++++++++++ > src/box/schema.cc | 11 ++++---- > src/box/schema.h | 23 +++++++++-------- > src/box/schema_def.c | 21 ++++++++++++++++ > src/box/schema_def.h | 18 +++++++++++++- > src/box/user.cc | 27 +++++++++++--------- > test/box-py/bootstrap.result | 14 +++++------ > test/box/access.result | 6 ++--- > test/box/access_misc.result | 8 +++--- > test/box/alter.result | 8 +++--- > test/xlog/upgrade.result | 14 +++++------ > 14 files changed, 180 insertions(+), 78 deletions(-)