Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

When wrapping AuditRoleManager it's not possible to use custom options #157

Open
tobier opened this issue Mar 19, 2020 · 2 comments
Open

When wrapping AuditRoleManager it's not possible to use custom options #157

tobier opened this issue Mar 19, 2020 · 2 comments
Labels
enhancement New feature or request

Comments

@tobier
Copy link

tobier commented Mar 19, 2020

Since AuditRoleManager assumes, and enforces, a certain type and number of options relating to whitelisting, it's not possible to pass on RoleOptions instances with custom options. The culprit seems to be AuditWhitelistManager.

void createRoleOption(RoleOptions options)
{
    if (options.getCustomOptions().isPresent())
    {
        throw new InvalidRequestException("Whitelist options are not supported in CREATE ROLE statements");
    }

Similar checks are done for alterRole.
@tobier tobier added the bug Something isn't working label Mar 19, 2020
@eperott
Copy link
Collaborator

eperott commented Mar 23, 2020

Right, ecAudit do put some restrictions on how the custom options are used. The one you mentioned, and some others in alterRoleOption().

The upside of doing this is that it is possible to feedback to the user if there is a typo in the option key. If we're ignoring unknown keys that means we're silently ignoring typos. But this may be something we have to sacrifice.

So, what level of ambition are we looking for here? Should the AuditRoleManger be able to wrap a custom IRoleManager? Or should we assume that "the other" IRoleManager will be "wrapping" the AuditRoleManager, in which case we only need to ignore unrecognized options?

@eperott eperott added enhancement New feature or request and removed bug Something isn't working labels Mar 23, 2020
@eperott
Copy link
Collaborator

eperott commented Mar 23, 2020

Current behavior is deliberate, so I'm not considering this a bug, but rather a feature request.

@RhoderickGalero RhoderickGalero moved this to Todo issue in C2T Sep 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tobier @eperott