Users known in one ClassDB database are able to log in to all ClassDB databases on the same server (W)

[smurthys]

With two ClassDB databases on the same server, and user1 is added as a ClassDB role (say as a student) to one database, but the same user is not added as a ClassDB role to the other database, user1 is still able to login to the second database.

In this scenario, a student user does not have unauthorized access to any object in the second database, but instructors and DB managers could.

I will add another comment soon with an analysis of the problem and potential solutions.

This issue is related to Issue #277.

[smurthys]

The issue is caused by granting database connect privilege to ClassDB group roles in initializeDB.sql.

A solution is to grant database connect privilege to specific users instead, and dropping the connect privilege if the user no longer has any role in the context of the database

• Grant connection privilege in function createRole
• Remove connection privilege in function dropRole. Detailed analysis is required to determine the correct location of the fix within that function.

Addressing Issue #277 in the manner described at the end of my comment on that issue automatically addresses the issue described here, but the issue described here needs to be fixed with urgency without waiting for Issue #277 to be fixed.