From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <vdavydov.dev@gmail.com>
Date: Tue, 30 Oct 2018 20:48:17 +0300
From: Vladimir Davydov <vdavydov.dev@gmail.com>
Subject: Re: [PATCH 0/2] Remove 1.7 privilege compatibility mode
Message-ID: <20181030174817.fpg2obshfq77zxvo@esperanza>
References: <cover.1540903773.git.sergepetrenko@tarantool.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cover.1540903773.git.sergepetrenko@tarantool.org>
To: Serge Petrenko <sergepetrenko@tarantool.org>
Cc: tarantool-patches@freelists.org
List-ID: <tarantool-patches.dev.tarantool.org>

On Tue, Oct 30, 2018 at 04:31:59PM +0300, Serge Petrenko wrote:
> We assume that if user has READ + WRITE on an object, it also has
> CREATE + ALTER + DROP on an object. This was needed for compatibility
> with old versions which didn't have CREATE, ALTER, DROP ACLs.
> Now it's time to remove this compatibility mode.
> 
> The first patch removes this compatibility mode.
> 
> The second patch adds an upgrade script to automatically
> grant CREATE, ALTER, DROP to everyone with READ and WRITE
> on upgrade to 2.1.0
> 
> https://github.com/tarantool/tarantool/issues/3539
> https://github.com/tarantool/tarantool/tree/sp/gh-3539-remove-legacy-grants
> 
> Serge Petrenko (2):
>   box: remove compatibility mode for privileges
>   box: autogrant CREATE,ALTER,DROP to users with READ+WRITE

Pushed to 2.1