From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 04E4F2BE72 for ; Wed, 24 Apr 2019 08:16:58 -0400 (EDT) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing.freelists.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fhQwXSunZ98z for ; Wed, 24 Apr 2019 08:16:57 -0400 (EDT) Received: from smtp46.i.mail.ru (smtp46.i.mail.ru [94.100.177.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTPS id B462526D79 for ; Wed, 24 Apr 2019 08:16:57 -0400 (EDT) From: Kirill Shcherbatov Subject: [tarantool-patches] [PATCH v1 1/1] sql: check access rights of table in VIEW Date: Wed, 24 Apr 2019 15:16:54 +0300 Message-Id: <3f7dd91795bf6154382cce7732a1016fc24ebcdc.1556108155.git.kshcherbatov@tarantool.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: tarantool-patches-bounce@freelists.org Errors-to: tarantool-patches-bounce@freelists.org Reply-To: tarantool-patches@freelists.org List-Help: List-Unsubscribe: List-software: Ecartis version 1.0.0 List-Id: tarantool-patches List-Subscribe: List-Owner: List-post: List-Archive: To: tarantool-patches@freelists.org, v.shpilevoy@tarantool.org Cc: Kirill Shcherbatov When access is performed using VIEW, access rights should be checked against table[s] which it is referencing, not against VIEW itself. Added a test case to verify this behaviour. Closes #4104 --- Branch: http://github.com/tarantool/tarantool/tree/kshch/gh-4104-view-access-check Issue: https://github.com/tarantool/tarantool/issues/4104 test/sql/gh-4104-view-access-check.result | 64 +++++++++++++++++++++ test/sql/gh-4104-view-access-check.test.lua | 21 +++++++ 2 files changed, 85 insertions(+) create mode 100644 test/sql/gh-4104-view-access-check.result create mode 100644 test/sql/gh-4104-view-access-check.test.lua diff --git a/test/sql/gh-4104-view-access-check.result b/test/sql/gh-4104-view-access-check.result new file mode 100644 index 000000000..1eb9bebe8 --- /dev/null +++ b/test/sql/gh-4104-view-access-check.result @@ -0,0 +1,64 @@ +test_run = require('test_run').new() +--- +... +box.execute("CREATE TABLE supersecret(id INT PRIMARY KEY, data TEXT);") +--- +- row_count: 1 +... +box.execute("CREATE TABLE supersecret2(id INT PRIMARY KEY, data TEXT);") +--- +- row_count: 1 +... +box.execute("INSERT INTO supersecret VALUES(1, 'very very big secret');") +--- +- row_count: 1 +... +box.execute("INSERT INTO supersecret2 VALUES(1, 'very big secret 2');") +--- +- row_count: 1 +... +box.execute("CREATE VIEW supersecret_leak AS SELECT * FROM supersecret, supersecret2;") +--- +- row_count: 1 +... +LISTEN = require('uri').parse(box.cfg.listen) +--- +... +remote = require 'net.box' +--- +... +cn = remote.connect(LISTEN.host, LISTEN.service) +--- +... +box.schema.user.grant('guest','read', 'space', 'SUPERSECRET_LEAK') +--- +... +cn:execute('SELECT * FROM SUPERSECRET_LEAK') +--- +- error: Read access to space 'SUPERSECRET' is denied for user 'guest' +... +box.schema.user.grant('guest','read', 'space', 'SUPERSECRET') +--- +... +cn:execute('SELECT * FROM SUPERSECRET_LEAK') +--- +- error: Read access to space 'SUPERSECRET2' is denied for user 'guest' +... +box.schema.user.revoke('guest','read', 'space', 'SUPERSECRET') +--- +... +box.schema.user.revoke('guest','read', 'space', 'SUPERSECRET_LEAK') +--- +... +box.execute("DROP VIEW supersecret_leak") +--- +- row_count: 1 +... +box.execute("DROP TABLE supersecret") +--- +- row_count: 1 +... +box.execute("DROP TABLE supersecret2") +--- +- row_count: 1 +... diff --git a/test/sql/gh-4104-view-access-check.test.lua b/test/sql/gh-4104-view-access-check.test.lua new file mode 100644 index 000000000..2a44516ce --- /dev/null +++ b/test/sql/gh-4104-view-access-check.test.lua @@ -0,0 +1,21 @@ +test_run = require('test_run').new() + +box.execute("CREATE TABLE supersecret(id INT PRIMARY KEY, data TEXT);") +box.execute("CREATE TABLE supersecret2(id INT PRIMARY KEY, data TEXT);") +box.execute("INSERT INTO supersecret VALUES(1, 'very very big secret');") +box.execute("INSERT INTO supersecret2 VALUES(1, 'very big secret 2');") +box.execute("CREATE VIEW supersecret_leak AS SELECT * FROM supersecret, supersecret2;") +LISTEN = require('uri').parse(box.cfg.listen) +remote = require 'net.box' +cn = remote.connect(LISTEN.host, LISTEN.service) + +box.schema.user.grant('guest','read', 'space', 'SUPERSECRET_LEAK') +cn:execute('SELECT * FROM SUPERSECRET_LEAK') +box.schema.user.grant('guest','read', 'space', 'SUPERSECRET') +cn:execute('SELECT * FROM SUPERSECRET_LEAK') + +box.schema.user.revoke('guest','read', 'space', 'SUPERSECRET') +box.schema.user.revoke('guest','read', 'space', 'SUPERSECRET_LEAK') +box.execute("DROP VIEW supersecret_leak") +box.execute("DROP TABLE supersecret") +box.execute("DROP TABLE supersecret2") -- 2.21.0