Skip to Content
0
Jul 06, 2021 at 01:38 PM

Issue with referring a role from another container in WebIDE

530 Views

Hello,

I had the idea to implement a centralized container in WebIDE for security, so that the composite roles can be built in the security container which would refer to roles created in different HDI containers. This would provide for easier transportability of the composite roles (which currently reside as runtime roles).

For eg.,

There's Container X with Roles A, B, C, and container Y with roles D, E, F. Now I want to create a container Z with roles P, and Q, wherein P refers to role A from container X and role D from container Y.

I referred to the hdbrole documentation and found out that there is a parameter schema_roles which can be used to refer to other schema-local roles with a proper reference maintained in hdbroleconfig file.

I did grant the A# role to the object container owner and the normal role A to the technical user in hdbgrants file. However, when I build the hdbrole file, I get the following error:

Error: com.sap.hana.di.role: "<Namespace of source role>::<role_name>": not authorized to access the referenced object [8207018]

I checked individual files are getting built except for the hdbrole file which should mean that the rest of the files are okay.

What could be the issue here or am I missing something?

TIA.

Regards,

Rahul Rai