-
Notifications
You must be signed in to change notification settings - Fork 3.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create system.users table. #2235
Conversation
// only (SELECT and GRANT). These must remain set for the root user. | ||
allowedPrivileges := privilege.SELECT.Mask() | privilege.GRANT.Mask() | ||
if IsSystemID(id) { | ||
// System databases and tables has custom maximum allowed privileges. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/has/have/
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done.
LGTM |
if p == privilege.ALL { | ||
// We need to reset privileges as Revoke(ALL) will clear | ||
// all bits. | ||
descriptor.Revoke(security.RootUser, privilege.List{p}) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this can get hoisted out
LGTM |
Work towards #2090. This creates a new system table storing username/hashed-password that is currently in the users config (removal will come next). The main part of this change is applying custom permissions based on the system table. descriptor and namespace are read-only, but users needs to be modified.
2fb069f
to
010e11d
Compare
Work towards #2090.
This creates a new system table storing username/hashed-password
that is currently in the users config (removal will come next).
The main part of this change is applying custom permissions based
on the system table. descriptor and namespace are read-only,
but users needs to be modified.