Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Too easy to grant access to table without schema #4009

Open
mathemancer opened this issue Nov 4, 2024 · 0 comments
Open

Too easy to grant access to table without schema #4009

mathemancer opened this issue Nov 4, 2024 · 0 comments
Labels
needs: frontend approval The frontend team might not agree on whether this makes sense for the codebase needs: requirements The problem is clear and worth solving, but we're not yet sure of the best solution type: bug Something isn't working work: frontend Related to frontend code in the mathesar_ui directory
Milestone
v0.2.0 (beta rele...

Comments

@mathemancer
Copy link
Contributor

mathemancer commented Nov 4, 2024
edited
Loading

Description

It's easy to grant SELECT on a table to another user's role, while neglecting to grant USAGE on that table's schema. This results in a confusing and aberrant situation for the user being granted the SELECT privilege.

Expected behavior

When granting SELECT on a table to a user's role which doesn't have USAGE on the table's schema, Mathesar should either:

  • refuse to grant SELECT on that table, and show a warning or error of some sort, (my preference), or
  • grant SELECT on the table as requested and automatically grant USAGE on the table's schema, or
  • grant SELECT on the table as requested and show a warning or error about the USAGE issue.

To Reproduce

As an admin user,

  1. Create another standard user
  2. Set that user up as a collaborator on a database
  3. Navigate to a table of the database under some schema other than public
  4. Grant SELECT (called "Read" in the dropdown) to that user.
  5. Notice you weren't warned about the USAGE problem.

Additional context

Sort of related to #4008 , in that solving this bug would make that one less likely to be noticed.
@mathemancer mathemancer added type: bug Something isn't working needs: triage This issue has not yet been reviewed by a maintainer work: frontend Related to frontend code in the mathesar_ui directory needs: requirements The problem is clear and worth solving, but we're not yet sure of the best solution needs: frontend approval The frontend team might not agree on whether this makes sense for the codebase and removed needs: triage This issue has not yet been reviewed by a maintainer labels Nov 4, 2024
@mathemancer mathemancer added this to the v0.2.0 (beta release) milestone Nov 4, 2024
@mathemancer mathemancer changed the title Easy to grant access to table without schema Too easy to grant access to table without schema Nov 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs: frontend approval The frontend team might not agree on whether this makes sense for the codebase needs: requirements The problem is clear and worth solving, but we're not yet sure of the best solution type: bug Something isn't working work: frontend Related to frontend code in the mathesar_ui directory
Projects
None yet
Milestone
v0.2.0 (beta release)
Development

No branches or pull requests
1 participant
@mathemancer