Description
The permission sought when deleting from system:prepareds is cluster.bucket[prepareds].n1ql.delete!execute, which is wrong. Similar permissions are also sought for completed_requests and active_requests. And the permissions don't match what is used for the corresponding REST APIs, namely cluster.n1ql.meta!read.
This is a spin-off from MB-24683.
Attachments
For Gerrit Dashboard: MB-25361 | ||||||
---|---|---|---|---|---|---|
# | Subject | Branch | Project | Status | CR | V |
81246,5 | MB-24683 do not check permissions for unimplemented ops on system tables | master | query | Status: MERGED | +2 | +1 |