Working on the privilege tests resulted in discovering that Instructors cannot SELECT from the classdb.Instructor table.
It appears to be a very simple fix. It is likely that at some point, the affected code was copied from the privilege management of the Student table. However, it was not updated for the Instructor table:
addUserMgmt.sql Lines 162-179
--Define a table to track instructors who use DB: each instr. gets a login role
CREATE TABLE IF NOT EXISTS classdb.Instructor
(
userName VARCHAR(63) NOT NULL PRIMARY KEY, --instructor's login role
instructorName VARCHAR(100) NOT NULL --instructor's given name
);
--Change table ownership to ClassDB
ALTER TABLE classdb.Instructor OWNER TO ClassDB;
--Limit operations on rows and columns
REVOKE ALL PRIVILEGES ON classdb.Student FROM PUBLIC;
GRANT SELECT ON classdb.Student
TO ClassDB_Instructor, ClassDB_DBManager;
GRANT UPDATE (instructorName) ON classdb.Instructor
TO ClassDB_Instructor, ClassDB_DBManager;
It looks like there are two places where classdb.Student needs to be changed to classdb.Instructor.
Working on the privilege tests resulted in discovering that Instructors cannot SELECT from the
classdb.Instructortable.It appears to be a very simple fix. It is likely that at some point, the affected code was copied from the privilege management of the Student table. However, it was not updated for the Instructor table:
addUserMgmt.sqlLines 162-179It looks like there are two places where
classdb.Studentneeds to be changed toclassdb.Instructor.