cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAP HANA XSA 2.0 SPS 03: ​Error: com.sap.hana.di.role: "DROP" after update

draschke
Active Contributor

on ‎04-19-2018 11:02 AM

0 Kudos

Hi,

has something changed within the .hdbroles definition or requirements in the new SPS 03?

I've the issue that I get in different projects an error for invalid privileges, but we are using them since a while.

I removed "DROP", but after that came the next error for "INDEX".

Error: com.sap.hana.di.role: "DROP": invalid privilege for the "AMP.db::XXX.XXX" object of type "TABLE" [8254522]

.hdbrole

		"object_privileges": [{
				"name": "AMP.db::XXX.XXX",
				"type": "TABLE",
				"privileges": ["SELECT", "UPDATE", "DROP", "REFERENCES", "INDEX", "DELETE", "INSERT", "ALTER", "TRIGGER"]
			}
		]
Show replies
Show replies
jmalla
Contributor
‎10-23-2018 6:42 AM
0 Kudos

Hi Dirk,

Did you find the solution for this? When we upgraded to SP3, we see that we cannot list "DROP" and "TRIGGER" in the privileges. We also see that we run into the build issues which seem to be stemming from the runtime objects not being dropped before the new design time changes can be activated.

Regards,

Jay

Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

thomas_jung
Developer Advocate
Developer Advocate
‎04-19-2018 3:21 PM

This is within a container so really no user but the container object owner should have such DDL features such as DROP. So it seems to me that such restrictions make sense.

Show replies
Show replies
draschke
Active Contributor
‎04-19-2018 3:48 PM
0 Kudos

I'm agree with you, but could not find any hint in the docu.

Insert works so far, and that is enough for us.

Former Member
‎04-23-2018 5:03 PM
0 Kudos

Am I missing something? The documentation for object_privileges contains the following:

The following object types are supported in the specification of object privileges:

  • Basic SQL types

    INDEX, FUNCTION, PROCEDURE, SYNONYM, TABLE, TRIGGER, VIEW

This is directly from the SPS 03 developer guide (https://help.sap.com/viewer/4505d0bdaf4948449b7f7379d24d0f0d/2.0.03/en-US/625d7733c30b4666b4a522d7fa68a550.html)

thomas_jung
Developer Advocate
Developer Advocate
‎04-23-2018 5:19 PM
0 Kudos

Right. Those types are supported but not necessary all of the privileges.

Former Member
‎11-17-2018 1:38 PM
0 Kudos

It seems that none of the objects can be dropped from within a container. So is it the only way to use the direct db connection option with enough privileges to drop objects?

Sometimes you need to create some objects for testing purposes but you can't drop them later.

former_member196019
Explorer
‎10-20-2018 5:12 AM
0 Kudos

Error executing ALTER_REMOTE_SUBSCRIPTION_RESET with command: 'ALTER REMOTE SUBSCRIPTION RS" RESET'.

Because we can't assign DROP to a role., the runtime objects like triggers created while realtime replication cant be dropped incase we run into issues like above

Any suggestions?

Show replies
Show replies
Ask a Question