Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dbconsole: database page fails to load for non-admin users #103443

Closed
knz opened this issue May 16, 2023 · 7 comments
Closed

dbconsole: database page fails to load for non-admin users #103443

knz opened this issue May 16, 2023 · 7 comments
Assignees
@THardy98
Labels
A-cluster-observability Related to cluster observability A-sql-privileges SQL privilege handling and permission checks. C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. regression Regression from a release.

Comments

@knz
Copy link
Contributor

knz commented May 16, 2023
edited by cockroach-jira-scripts
Loading

I created a non-admin user and granted it VIEWACTIVITY but not the admin role.

When navigating to the db list I see the following:
image
image

Expected behavior

A non-privileged user should be able to see the db list with just the DBs they have access to.

Jira issue: CRDB-28004
@knz knz added C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. A-sql-privileges SQL privilege handling and permission checks. T-cluster-observability A-cluster-observability Related to cluster observability labels May 16, 2023
@knz
Copy link
Contributor Author

knz commented May 16, 2023

This is v23.1 by the way.

cc @kevin-v-ngo @j82w for triage.

@knz
Copy link
Contributor Author

knz commented May 16, 2023

Note: this used to work for v22.1. So marking as regression.

@knz knz added the regression Regression from a release. label May 16, 2023
@jrote1 jrote1 mentioned this issue May 17, 2023
Closed
@maryliag
Copy link
Contributor

another error also being displayed (Serverless):
Error Loading databases: Error: Error while retrieving database details information: only users with the ZONECONFIG privilege or the admin role can read crdb_internal.ranges_no_leases

@knz
Copy link
Contributor Author

knz commented Jul 11, 2023

started a thread here: https://cockroachlabs.slack.com/archives/C0159JK877C/p1689090652345839

@knz knz mentioned this issue Jul 12, 2023
Open
@knz
Copy link
Contributor Author

knz commented Jul 12, 2023

It's unclear why the serverless error only mentions ZONECONFIG, whereas in the code it also mentions VIEWACTIVITY.

Maybe this test was using an older version of crdb under the hood?

@knz knz mentioned this issue Jul 12, 2023
Open
@THardy98
Copy link

Below are PRs that allow users with restricted permissions to still view the databases pages:

Databases Page Improvement: #109245
Database Detail Page Improvement: #109432
Table Detail Page Improvement (database table page - specifically relevant to this issue): #109521

@THardy98
Copy link

Closing the issue per the PRs listed above

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@THardy98 THardy98

Labels
A-cluster-observability Related to cluster observability A-sql-privileges SQL privilege handling and permission checks. C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. regression Regression from a release.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@knz @maryliag @THardy98