From: Vladimir Davydov <vdavydov.dev@gmail.com> To: Serge Petrenko <sergepetrenko@tarantool.org> Cc: kostja@tarantool.org, tarantool-patches@freelists.org Subject: Re: [tarantool-patches] [PATCH 4/4] Add a privilege upgrade script and update tests. Date: Wed, 22 Aug 2018 15:48:17 +0300 [thread overview] Message-ID: <20180822124817.itomvbpuyjxnri5a@esperanza> (raw) In-Reply-To: <29cee395a9c98d53f81fe9facd470b7842a6a0a5.1534751862.git.sergepetrenko@tarantool.org> On Mon, Aug 20, 2018 at 11:10:08AM +0300, Serge Petrenko wrote: > This patch adds a privilege upgrade script, which runs on upgrade to > 1.10.2 and automatically grants CREATE,ALTER,DROP on objects and entities > to all users, who have READ and WRITE access on them. You modify the upgrade script, but not access_check_ddl() - the latter will still treat read,write as create,alter,drop. Now, suppose the user will grant read,write to universe *after* upgrading to 1.10.2. Everything's going to work fine until we disable legacy mode and start claiming that create,alter,drop are set explicitly. And there will be no upgrade script to fix that. That said, if you change the upgrade script you should also remove the legacy mode from access_check_ddl. > Also all tests are rewritten to grant only necessary privileges, not > privileges to universe. AFAIU the tests you're patching have nothing to do with this particular problem. Please submit them separately. > diff --git a/src/box/lua/upgrade.lua b/src/box/lua/upgrade.lua > index 091da2dc4..d8d03288c 100644 > --- a/src/box/lua/upgrade.lua > +++ b/src/box/lua/upgrade.lua > @@ -983,8 +983,31 @@ local function upgrade_space_priv_to_1_10_2() > _vpriv.index.object:alter{parts={3, 'string', 4, 'scalar'}} > end > > +local function upgrade_users_to_1_10_2() I don't think it's worth factoring this code out to a separate function. Let's just fold it into upgrade_priv_to_1_10_2, because after all it's about updating privileges. > + local _priv = box.space[box.schema.PRIV_ID] > + local _user = box.space[box.schema.USER_ID] > + Please add a comprehensive comment explaining what you're doing here and why. Don't forget to mention why you need to handle 'universe' in a special way. > + for _, user in _user:pairs() do > + if user[0] ~= ADMIN and user[0] ~= SUPER then > + for _, priv in _priv:pairs(user[0]) do > + if bit.band(priv[5], box.priv.W) ~= 0 and > + bit.band(priv[5], box.priv.R) ~= 0 then > + local new_privs = bit.bor(box.priv.A, box.priv.D) > + -- for universal grants This particular comment is useless. Please remove. > + if priv[3] == 'universe' then > + new_privs = bit.bor(new_privs, box.priv.C) > + end > + _priv:update({priv[2], priv[3], priv[4]}, > + {{ "|", 5, new_privs}}) > + end > + end > + end > + end > +end > + > local function upgrade_to_1_10_2() > upgrade_space_priv_to_1_10_2() > + upgrade_users_to_1_10_2() > end > > local function get_version()
next prev parent reply other threads:[~2018-08-22 12:48 UTC|newest] Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-08-20 8:10 [tarantool-patches] [PATCH 0/4] Finish implementation of privileges Serge Petrenko 2018-08-20 8:10 ` [tarantool-patches] [PATCH 1/4] Introduce separate entity object types for entity privileges Serge Petrenko 2018-08-22 10:28 ` Vladimir Davydov 2018-08-22 12:37 ` Vladimir Davydov 2018-08-20 8:10 ` [tarantool-patches] [PATCH 2/4] Add entities user, role to access control Serge Petrenko 2018-08-22 10:37 ` Vladimir Davydov 2018-08-22 12:53 ` Vladimir Davydov 2018-08-20 8:10 ` [tarantool-patches] [PATCH 3/4] Add single object privilege checks to access_check_ddl Serge Petrenko 2018-08-22 11:58 ` Vladimir Davydov 2018-08-20 8:10 ` [tarantool-patches] [PATCH 4/4] Add a privilege upgrade script and update tests Serge Petrenko 2018-08-22 12:48 ` Vladimir Davydov [this message] -- strict thread matches above, loose matches on Subject: below -- 2018-07-17 15:47 [tarantool-patches] [PATCH 0/4] Fixes in access control and privileges Serge Petrenko 2018-07-17 15:47 ` [tarantool-patches] [PATCH 4/4] Add a privilege upgrade script and update tests Serge Petrenko
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20180822124817.itomvbpuyjxnri5a@esperanza \ --to=vdavydov.dev@gmail.com \ --cc=kostja@tarantool.org \ --cc=sergepetrenko@tarantool.org \ --cc=tarantool-patches@freelists.org \ --subject='Re: [tarantool-patches] [PATCH 4/4] Add a privilege upgrade script and update tests.' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox