Uploaded image for project: 'Couchbase .NET client library'
  1. Couchbase .NET client library
  2. NCBC-1514

[RBAC] data writer can read

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Cannot Reproduce
    • None
    • 2.5.1
    • None
    • None

    Description

      data writer to a specific bucket was able to read as well.

      Steps:

      1. create data writer and select 'default' bucket
      2. create an app using couchbase-net-client 2.5.0. Refer to attached screenshot of the example app.

      Expected : GetDocument and LookupIn should return error

      Actual : GetDocument and LookupIn returns actual data

      Attachments

        1. ConsoleApp_Simpler.zip
          8.05 MB
        2. data-writer-sasl.pcapng
          17 kB
        3. image-2017-09-11-23-01-35-022.png
          image-2017-09-11-23-01-35-022.png
          32 kB
        4. image-2017-09-11-23-17-17-967.png
          image-2017-09-11-23-17-17-967.png
          120 kB
        5. main.cpp
          5 kB
        6. net_rbac.jpg
          net_rbac.jpg
          385 kB
        7. rbac-data-writer-test.zip
          4 kB
        8. Screen Shot 2017-09-12 at 11.38.23.png
          Screen Shot 2017-09-12 at 11.38.23.png
          119 kB
        9. wlog_full.pcapng
          20 kB
        10. wlog_get.pcapng
          26 kB
        11. wlog_getdocument.pcapng
          16 kB

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. NCBC-1516 Data reader can upsert

          • Major - Major loss of function.
          • Resolved
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            Ascending order - Click to sort in descending order
            View 12 older comments
            mike.goldsmith Michael Goldsmith added a comment -

            I re-created Jae's example code and still am unable to replicate. I've attached a pcap with my wireshark trace, interestingly I can only see "datawriter" as the username in the SASL requests. I have a single bucket "default" and a single user "datawriter" with one role of "data_writer[default]".

            Jae Park [X] If you created a new console app to test, what version of the SDK are you using? My attached console app is using 2.5.0 and my server build number is 3509.

            Also, you mentioned there is a password-less user because this cluster was used to upgrade, can you provide all your bucket and user configurations?

            data-writer-sasl.pcapng rbac-data-writer-test.zip

            mike.goldsmith Michael Goldsmith added a comment - I re-created Jae's example code and still am unable to replicate. I've attached a pcap with my wireshark trace, interestingly I can only see "datawriter" as the username in the SASL requests. I have a single bucket "default" and a single user "datawriter" with one role of "data_writer [default] ". Jae Park [X] If you created a new console app to test, what version of the SDK are you using? My attached console app is using 2.5.0 and my server build number is 3509. Also, you mentioned there is a password-less user because this cluster was used to upgrade, can you provide all your bucket and user configurations? data-writer-sasl.pcapng rbac-data-writer-test.zip
            mike.goldsmith Michael Goldsmith added a comment -

            Also, can you let me know how many nodes you had in the test cluster?

            mike.goldsmith Michael Goldsmith added a comment - Also, can you let me know how many nodes you had in the test cluster?
            jaekwon.park Jae Park [X] (Inactive) added a comment -

            Attached ConsoleApp_Simpler.zip which is exactly same code as rbac-data-writer-test project.

            This ConsoleApp uses local couchbase-net-client built from

            C:\Users\jae\work\src\github.com\couchbase\couchbase-net-client

            You may change this to wherever

            jaekwon.park Jae Park [X] (Inactive) added a comment - Attached ConsoleApp_Simpler.zip which is exactly same code as rbac-data-writer-test project. This ConsoleApp uses local couchbase-net-client built from C:\Users\jae\work\src\github.com\couchbase\couchbase-net-client You may change this to wherever
            jaekwon.park Jae Park [X] (Inactive) added a comment -

            checked out 2.5.0 again and removed obj/bin directory of the couchbase-net-client then issue was not happening.

            even 2.4.8 worked fine.

             

            jaekwon.park Jae Park [X] (Inactive) added a comment - checked out 2.5.0 again and removed obj/bin directory of the couchbase-net-client then issue was not happening. even 2.4.8 worked fine.  
            jaekwon.park Jae Park [X] (Inactive) added a comment -

            Please go ahead close this ticket. I verified 2.4.8 and 2.5.0 (release since vs2017 integration).

            jaekwon.park Jae Park [X] (Inactive) added a comment - Please go ahead close this ticket. I verified 2.4.8 and 2.5.0 (release since vs2017 integration).

            People

              mike.goldsmith Michael Goldsmith
              jaekwon.park Jae Park [X] (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty