Nonexisting users may be given privileges #12

New Issue

felixalb · 2024-07-12T23:51:58+02:00

felixalb commented

2024-07-12 23:51:58 +02:00

The permission editor does not verify that a user actually exists in the dbms before giving privileges. No error or warning is given to the user, and the new privilege does not show up in show-db-perm or show-user, but crashes with a (23000): Duplicate entry if you try to add privileges to the same "user" again.

TLDR; Scary quasi-users may occur

The permission editor does not verify that a user actually exists in the dbms before giving privileges. No error or warning is given to the user, and the new privilege does not show up in `show-db-perm` or `show-user`, but crashes with a `(23000): Duplicate entry` if you try to add privileges to the same "user" again. TLDR; Scary quasi-users may occur

oysteikt changed title from ~~Non-existant users may be given privileges~~ to Nonexisting users may be given privileges

2024-07-16 12:20:41 +02:00

oysteikt added the

bug

label 2024-07-28 15:25:13 +02:00

oysteikt added the

good first issue

label 2024-08-04 14:32:15 +02:00

oysteikt added this to the Initial release milestone 2024-08-06 02:04:02 +02:00

oysteikt referenced a pull request that will close this issue

2024-08-06 23:42:12 +02:00

edit-db-perm: ensure user exists before applying changes #33