You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
even if the user is not one of the roles of the tenant, the corresponding tenant information can be read
To Reproduce
curl -X POST -u 'root:''http:https://127.0.0.1:8902/api/v1/sql?db=public' -d "create tenant tenant_delay with drop_after='7'"
curl -X POST -u 'root:''http:https://127.0.0.1:8902/api/v1/sql?db=public' -d "drop tenant tenant_delay"
curl -X POST -u 'root:''http:https://127.0.0.1:8902/api/v1/sql?db=public' -d 'create tenant if not exists test_rs_tenant1;'
curl -X POST -u 'root:''http:https://127.0.0.1:8902/api/v1/sql?db=public' -d 'create user if not exists test_rs_u1;'
curl -X POST -u 'root:''http:https://127.0.0.1:8902/api/v1/sql?db=public' -d 'alter tenant test_rs_tenant1 add user test_rs_u1 as owner'
curl -X POST -u 'test_rs_u1:''http:https://127.0.0.1:8902/api/v1/sql?tenant=test_rs_tenant1&db=public' -d 'select * from information_schema.resource_status'
time,name,action,try_count,status,comment
2024-06-25 07:39:09,tenant_delay,DropTenant,0,Schedule,
Expected behavior
No response
Additional context
No response
The text was updated successfully, but these errors were encountered:
h4ofanya
changed the title
the permission to read resource status is incorrect
[BUG]the permission to read resource status is incorrect
Jun 21, 2024
Describe the bug
even if the user is not one of the roles of the tenant, the corresponding tenant information can be read
To Reproduce
Expected behavior
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: