Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security, sql: User IDs For Internal User Information #78963

Closed
5 of 7 tasks
Fenil-P opened this issue Mar 29, 2022 · 2 comments
Closed
5 of 7 tasks

security, sql: User IDs For Internal User Information #78963

Fenil-P opened this issue Mar 29, 2022 · 2 comments
Assignees
@RichardJCai
Labels
C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) meta-issue Contains a list of several other issues. T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions)

Comments

@Fenil-P
Copy link
Contributor

Fenil-P commented Mar 29, 2022
edited by RichardJCai
Loading

Is your feature request related to a problem? Please describe.
Currently, all internal per-user information is keyed by the username. This is not ideal because it makes it difficult to rename a user without breaking things. It's also not ideal because usernames can be considered personal data, but we need to use them in many places in logging.

Describe the solution you'd like

  • Add user_id columns in system tables with role, member or username columns.
  • Fix RESTORE from backups as system.users table is missing a column when trying to backup from a previous version.
  • Update Authorization functions to use IDs when possible (they receive a user info struct containing both ID and username). The ID lookups will need to be version-gated.
  • Update user privileges and their lookups based on IDs instead of usernames (also version gated).
  • A long-running migration to give existing users IDs (using a sequence of type OID silimar to postgres).
  • Re-enable membership cache which was disabled during changes to authorization functions.
  • Fix systems sequences issue where options like min, start and max aren't being respected and the default settings are used.

Additional context
RFC: #77453

relates to #50821

Jira issue: CRDB-14465

Epic CRDB-14475
@Fenil-P Fenil-P added C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) meta-issue Contains a list of several other issues. T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions) labels Mar 29, 2022
@rafiss rafiss mentioned this issue Mar 29, 2022
Closed
@RichardJCai RichardJCai mentioned this issue Apr 12, 2022
Open
@ajwerner ajwerner mentioned this issue Aug 1, 2022
Closed
@rafiss
Copy link
Collaborator

rafiss commented Aug 29, 2022

@RichardJCai will create new issues to track the remaining work

@ajwerner
Copy link
Contributor

Ref #87079

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RichardJCai RichardJCai

Labels
C-enhancement Solution expected to add code/behavior + preserve backward-compat (pg compat issues are exception) meta-issue Contains a list of several other issues. T-sql-foundations SQL Foundations Team (formerly SQL Schema + SQL Sessions)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rafiss @ajwerner @RichardJCai @Fenil-P