Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-25416

[N1QL RBAC DELETE] No role with Query Delete [datastores], error message reports 'Add role Query Delete [datastores] to allow the query to run'

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 5.0.0
    • 5.0.0
    • query
    • 5.0.0-3358
    • Untriaged
    • No

    Description

      This bug was found while verifying delete on system:datastores which was fixed recently.

      create a single node 5.0.0-3358 cluster .
      Add 2 buckets : default and standard_bucket0.

      1.create a user johnDoe14 with password as password1 and with role query_delete on only bucket default.

      curl -u johnDoe14:password1 http://172.23.107.182:8093/query/service -d 'statement=delete from system:datastores'
      		 
      {
      		 
      "requestID": "c359e530-f8d5-40b5-92da-3cabcf1f872f",
      		 
      "signature": null,
      		 
      "results": [
      		 
      ],
      		 
      "errors": [{"code":13014,"msg*":"User does not have credentials to access privilege cluster.bucket[datastores].n1ql.delete!execute. Add role Query Delete [datastores] to allow the query to run."}],*
      		 
      "status": "stopped",
      		 
      "metrics": {"elapsedTime": "4.144817ms","executionTime": "4.040395ms","resultCount": 0,"resultSize": 0,"errorCount": 1}
      		 
      }

      2. create a user johnDoe12 with password as password1 and role as
      Query Delete[*]. Issue the following query:

      curl -u johnDoe12:password1 http://172.23.107.182:8093/query/service -d 'statement=delete from system:datastores'
      {
      "requestID": "54b95197-2223-4645-bb3b-37b69ae50b3f",
      "signature": null,
      "results": [
      ],
      *"errors": [

      {"code":11003,"msg":"System datastore : Not implemented "}

      ],
      *"status": "errors",
      "metrics":

      {"elapsedTime": "1.423807ms","executionTime": "1.363258ms","resultCount": 0,"resultSize": 0,"errorCount": 1}

      }

      Different messages are reported for different roles for delete.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            Prerna.Manaktala Prerna Manaktala (Inactive)
            Prerna.Manaktala Prerna Manaktala (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty