[MDEV-15985] Granting roles to account does not work at all. Created: 2018-04-23  Updated: 2018-07-19  Resolved: 2018-07-19

Status: Closed
Project: MariaDB Server
Component/s: Authentication and Privilege System
Affects Version/s: 10.1.32
Fix Version/s: N/A

Type: Bug Priority: Major
Reporter: Andries Spies Assignee: Unassigned
Resolution: Not a Bug Votes: 0
Labels: None
Environment:

Arch Linux

Issue Links:
Blocks
blocks MDEV-10463 Granted as a whole to roles, database... Closed

 Description   

I created 3 roles:

create role vdo_dev, vdo_admin;

I have my own user, called andries, as well as schema called vdo_workflow

I granted access to all elements within the vdo_workflow schema to vdo_dev:

grant ALL on vdo_workflow.* to vdo_dev;

flush privileges;

show grants for vdo_dev and user andries emits the following results:

+--------------------------------------------------------------------------------------------------------+
 
| Grants for andries@%                                                                                   |
 
+--------------------------------------------------------------------------------------------------------+
 
| GRANT vdo_dev TO 'andries'@'%'                                                                         |


+-------------------------------------------------------+
 
| Grants for vdo_dev                                    |
 
+-------------------------------------------------------+
 
| GRANT USAGE ON *.* TO 'vdo_dev'                       |
 
| GRANT ALL PRIVILEGES ON `vdo_workflow`.* TO 'vdo_dev' |
 
+-------------------------------------------------------+

When I logged in as andries, and inspect the role I still get null:

MariaDB [(none)]> select current_role;
 
+--------------+
 
| current_role |
 
+--------------+
 
| NULL         |
 
+--------------+
 
1 row in set (0.00 sec)
 
 
 
MariaDB [(none)]> select current_user;
 
+--------------+
 
| current_user |
 
+--------------+
 
| andries@%    |
 
+--------------+
 
1 row in set (0.00 sec)



 Comments   
Comment by Elena Stepanova [ 2018-07-19 ]

To enable the role, you need to run SET ROLE vdo_dev. It will be effective for the current session.
Alternatively, if you don't want to run it for every session, you can run SET DEFAULT ROLE vdo_dev.
See documentation for more details.

Generated at Thu Feb 08 08:25:30 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.