Able to create dataset without select privilege : CREATE DATASET ... AS <QUERY>

create dataset orders primary key (oid: int64);

upsert into orders ({"oid": 1, "name": "Janhavi"});

upsert into orders ({"oid": 2, "name": "A"});

User: test_user

What all privileges should be granted to a user to be able to execute the following statement?

create dataset orders_copy primary key (oid: int64) as select value x from orders x

Case1:

• Create collection
  • grant create collection in database Default to user test_user
• Select on orders
  • grant select on collection orders to user test_user
• Gives error

Case 2:

• Create collection
  • grant create collection in database Default to user test_user
• Upsert:
  • grant upsert on any collection in database Default to user test_user;
• This works even when test_user doesn't have select privilege on collection orders.

Case 2 should give an error: Insufficient permission.