on 04-19-2018 11:02 AM
Hi,
has something changed within the .hdbroles definition or requirements in the new SPS 03?
I've the issue that I get in different projects an error for invalid privileges, but we are using them since a while.
I removed "DROP", but after that came the next error for "INDEX".
Error: com.sap.hana.di.role: "DROP": invalid privilege for the "AMP.db::XXX.XXX" object of type "TABLE" [8254522]
.hdbrole
"object_privileges": [{
"name": "AMP.db::XXX.XXX",
"type": "TABLE",
"privileges": ["SELECT", "UPDATE", "DROP", "REFERENCES", "INDEX", "DELETE", "INSERT", "ALTER", "TRIGGER"]
}
]
This is within a container so really no user but the container object owner should have such DDL features such as DROP. So it seems to me that such restrictions make sense.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Am I missing something? The documentation for object_privileges contains the following:
The following object types are supported in the specification of object privileges:
INDEX, FUNCTION, PROCEDURE, SYNONYM, TABLE, TRIGGER, VIEW
This is directly from the SPS 03 developer guide (https://help.sap.com/viewer/4505d0bdaf4948449b7f7379d24d0f0d/2.0.03/en-US/625d7733c30b4666b4a522d7fa68a550.html)
Error executing ALTER_REMOTE_SUBSCRIPTION_RESET with command: 'ALTER REMOTE SUBSCRIPTION RS" RESET'.
Because we can't assign DROP to a role., the runtime objects like triggers created while realtime replication cant be dropped incase we run into issues like above
Any suggestions?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
87 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.