Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sql/opt: name resolution for schemas when creating new objects should account for permissions/privileges #42383

Closed
arulajmani opened this issue Nov 11, 2019 · 2 comments
Closed

sql/opt: name resolution for schemas when creating new objects should account for permissions/privileges #42383

arulajmani opened this issue Nov 11, 2019 · 2 comments
Labels
A-sql-optimizer SQL logical planning and optimizations. A-sql-privileges SQL privilege handling and permission checks. C-cleanup Tech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior. C-investigation Further steps needed to qualify. C-label will change.
Milestone
20.1

Comments

@arulajmani
Copy link
Collaborator

As part of work to support temporary tables, the system.namespace table is being extended to include an additional ParentSchemaID. This is a step towards supporting additional physical schemas other than public (even though none can be created yet).

Currently, the optimizer assumes that tables can only be created under the public schema and does no permission check. As we add the ability to scope under different schemas, a simple name check is not enough.

Instead, there needs to be a check to see if the schema exists + the user has privileges to create an object under that schema.
@knz knz added A-sql-optimizer SQL logical planning and optimizations. A-sql-privileges SQL privilege handling and permission checks. C-cleanup Tech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior. labels Nov 12, 2019
@knz knz added this to the 20.1 milestone Nov 12, 2019
@knz knz changed the title Schema resolution when creating new objects should account for permissions/privileges sql/opt: name resolution for schemas when creating new objects should account for permissions/privileges Nov 12, 2019
@github-actions
Copy link

github-actions bot commented Jun 4, 2021

We have marked this issue as stale because it has been inactive for
18 months. If this issue is still relevant, removing the stale label
or adding a comment will keep it active. Otherwise, we'll close it in
5 days to keep the issue queue tidy. Thank you for your contribution
to CockroachDB!

@ajwerner ajwerner added the C-investigation Further steps needed to qualify. C-label will change. label Jun 8, 2021
@ajwerner
Copy link
Contributor

ajwerner commented Jun 8, 2021

I am sure that there are issues here. I'm going to close this because it's so unactionable.

@ajwerner ajwerner closed this as completed Jun 8, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-sql-optimizer SQL logical planning and optimizations. A-sql-privileges SQL privilege handling and permission checks. C-cleanup Tech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior. C-investigation Further steps needed to qualify. C-label will change.
Projects
None yet
Milestone
20.1
Development

No branches or pull requests
4 participants
@jordanlewis @knz @ajwerner @arulajmani