[
https://issues.apache.org/jira/browse/CASSSIDECAR-252?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Saranya Krishnakumar updated CASSSIDECAR-252:
---------------------------------------------
Bug Category: Parent values: Code(13163)
Complexity: Low Hanging Fruit
Component/s: Build
Discovered By: DTest
Severity: Critical
Assignee: Saranya Krishnakumar
Status: Open (was: Triage Needed)
> Use List roles statement to check for super user status
> -------------------------------------------------------
>
> Key: CASSSIDECAR-252
> URL: https://issues.apache.org/jira/browse/CASSSIDECAR-252
> Project: Sidecar for Apache Cassandra
> Issue Type: Bug
> Components: Build
> Reporter: Saranya Krishnakumar
> Assignee: Saranya Krishnakumar
> Priority: Major
>
> For role based access control, we currently use 'SELECT role, is_superuser
> FROM system_auth.roles’ to retrieve super user roles. Super user roles have
> admin privileges in Sidecar. ‘is_superuser’ does not return true when role
> holds other roles with super user status. It does not consider transitive
> super user status. Hence we need to do something similar to what is done in
> cassandra, use 'LIST ROLES' statement instead for retrieving super user
> status. 'LIST ROLES' lists all roles that belong to given role, we then
> return return super user status for given role if any of the child roles have
> super user status.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
