Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

server: v2 database apis should check for public connect privilege #134431

Open
xinhaoz opened this issue Nov 6, 2024 · 1 comment · May be fixed by #134458
Open

server: v2 database apis should check for public connect privilege #134431

xinhaoz opened this issue Nov 6, 2024 · 1 comment · May be fixed by #134458
Assignees
@xinhaoz
Labels
C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. T-observability

Comments

@xinhaoz
Copy link
Member

xinhaoz commented Nov 6, 2024
edited by cockroach-jira-scripts
Loading

Currently the v2 db apis only return dbs and tables for which the user has CONNECT privilege on the db. We should also check if the db has granted CONNECT to the public role (this is true by default) since all users have the public role.

Jira issue: CRDB-44079
@xinhaoz xinhaoz added C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. T-observability labels Nov 6, 2024
@blathers-crl blathers[crl]
Copy link

blathers-crl bot commented Nov 6, 2024

Hi @xinhaoz, please add branch-* labels to identify which branch(es) this C-bug affects.

🦉 Hoot! I am a Blathers, a bot for CockroachDB. My owner is dev-inf.

@xinhaoz xinhaoz self-assigned this Nov 6, 2024
xinhaoz added a commit to xinhaoz/cockroach that referenced this issue Nov 6, 2024
@xinhaoz
server: databases apis privilege fixes
3a24d87 
- Gate status server grpc UpdateTableMetadataCache on ADMIN
This should only be accessed via the api v2 http handler, which
performs finer privilege checks on if the user has CONNECT privs
on a database.
- When filtering dbs and tables to return in the apis, permit
dbs and tables that have CONNECT on the public role.
- Move TestUpdateTableMetadataCacheJobRunsOnRPCTrigger test
to status_test.go. This test is more well-suited to live here since
it tests functionality in the status server.

Epic: CRDB-37558
Fixes: cockroachdb#134431
Fixes: cockroachdb#130245

Release note (ui change): Users may access DB Console's db pages
(db overview, tables overview, table details) if they have CONNECT
privilege on the database.
@xinhaoz xinhaoz linked a pull request Nov 6, 2024 that will close this issue
Open
xinhaoz added a commit to xinhaoz/cockroach that referenced this issue Nov 6, 2024
@xinhaoz
server: databases apis privilege fixes
482e06d 
- Gate status server grpc UpdateTableMetadataCache on ADMIN
This should only be accessed via the api v2 http handler, which
performs finer privilege checks on if the user has CONNECT privs
on a database.
- When filtering dbs and tables to return in the apis, permit
dbs and tables that have CONNECT on the public role.
- Move TestUpdateTableMetadataCacheJobRunsOnRPCTrigger test
to status_test.go. This test is more well-suited to live here since
it tests functionality in the status server.

Epic: CRDB-37558
Fixes: cockroachdb#134431
Fixes: cockroachdb#130245

Release note (ui change): Users may access DB Console's db pages
(db overview, tables overview, table details) if they have CONNECT
privilege on the database.
xinhaoz added a commit to xinhaoz/cockroach that referenced this issue Nov 6, 2024
@xinhaoz
server: databases apis privilege fixes
eb9e920 
- Gate status server grpc UpdateTableMetadataCache on ADMIN
This should only be accessed via the api v2 http handler, which
performs finer privilege checks on if the user has CONNECT privs
on a database.
- When filtering dbs and tables to return in the apis, permit
dbs and tables that have CONNECT on the public role.
- Move TestUpdateTableMetadataCacheJobRunsOnRPCTrigger test
to status_test.go. This test is more well-suited to live here since
it tests functionality in the status server.

Epic: CRDB-37558
Fixes: cockroachdb#134431
Fixes: cockroachdb#130245

Release note (ui change): Users may access DB Console's db pages
(db overview, tables overview, table details) if they have CONNECT
privilege on the database.
xinhaoz added a commit to xinhaoz/cockroach that referenced this issue Nov 6, 2024
@xinhaoz
server: databases apis privilege fixes
2db5b76 
- Gate status server grpc UpdateTableMetadataCache on ADMIN
This should only be accessed via the api v2 http handler, which
performs finer privilege checks on if the user has CONNECT privs
on a database.
- When filtering dbs and tables to return in the apis, permit
dbs and tables that have CONNECT on the public role.
- Move TestUpdateTableMetadataCacheJobRunsOnRPCTrigger test
to status_test.go. This test is more well-suited to live here since
it tests functionality in the status server.

Epic: CRDB-37558
Fixes: cockroachdb#134431
Fixes: cockroachdb#130245

Release note (ui change): Users may access DB Console's db pages
(db overview, tables overview, table details) if they have CONNECT
privilege on the database.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@xinhaoz xinhaoz

Labels
C-bug Code not up to spec/doc, specs & docs deemed correct. Solution expected to change code/behavior. T-observability
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

server: databases apis privilege fixes xinhaoz/cockroach
1 participant
@xinhaoz