ArcadeDB Version: 23.2.1 (build e8f512f/1677638572021/main)
JDK Version: openjdk 11.0.18 2023-01-17
OS: MacOS 12.6
Reading from an existing database via a user from -Darcadedb.server.defaultDatabases causes a security exception.
Expected behavior
Access to records
Actual behavior
Internal error User 'user' is not allowed to read records on type 'doc'
Details
Trace
Error on command execution (PostCommandHandler)
java.lang.SecurityException: User 'user' is not allowed to read records on type 'doc'
at com.arcadedb.database.EmbeddedDatabase.checkPermissionsOnFile(EmbeddedDatabase.java:572)
at com.arcadedb.engine.Bucket.iterator(Bucket.java:245)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.isEmptyNoSubclasses(SelectExecutionPlanner.java:1451)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.handleClassAsTargetWithIndex(SelectExecutionPlanner.java:1425)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.handleClassAsTarget(SelectExecutionPlanner.java:1188)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.handleClassAsTarget(SelectExecutionPlanner.java:1177)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.handleFetchFromTarget(SelectExecutionPlanner.java:755)
at com.arcadedb.query.sql.executor.SelectExecutionPlanner.createExecutionPlan(SelectExecutionPlanner.java:142)
at com.arcadedb.query.sql.parser.SelectStatement.createExecutionPlan(SelectStatement.java:212)
at com.arcadedb.query.sql.parser.SelectStatement.execute(SelectStatement.java:206)
at com.arcadedb.query.sql.parser.Statement.execute(Statement.java:85)
at com.arcadedb.query.sql.parser.Statement.execute(Statement.java:69)
at com.arcadedb.query.sql.SQLQueryEngine.command(SQLQueryEngine.java:97)
at com.arcadedb.database.EmbeddedDatabase.command(EmbeddedDatabase.java:1236)
at com.arcadedb.server.ServerDatabase.command(ServerDatabase.java:416)
at com.arcadedb.server.http.handler.PostCommandHandler.executeCommand(PostCommandHandler.java:127)
at com.arcadedb.server.http.handler.PostCommandHandler.execute(PostCommandHandler.java:88)
at com.arcadedb.server.http.handler.DatabaseAbstractHandler.execute(DatabaseAbstractHandler.java:92)
at com.arcadedb.server.http.handler.AbstractHandler.handleRequest(AbstractHandler.java:128)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:393)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:859)
at org.jboss.threads.ContextHandler$1.runWith(ContextHandler.java:18)
at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
at org.xnio.XnioWorker$WorkerThreadFactory$1$1.run(XnioWorker.java:1282)
at java.base/java.lang.Thread.run(Thread.java:829)
Steps to reproduce
Starting the server via
export JAVA_OPTS="-Darcadedb.server.defaultDatabases=test[user:password]"; bin/server.sh
or:
export JAVA_OPTS="-Darcadedb.server.defaultDatabases=test[user:password:admin]"; bin/server.sh
causes the above error when trying to read some type:
However, reading the schema is permitted:
SELECT FROM schema:types;
ArcadeDB Version: 23.2.1 (build e8f512f/1677638572021/main)
JDK Version: openjdk 11.0.18 2023-01-17
OS: MacOS 12.6
Reading from an existing database via a user from
-Darcadedb.server.defaultDatabasescauses a security exception.Expected behavior
Access to records
Actual behavior
Internal error User 'user' is not allowed to read records on type 'doc'Details
TraceSteps to reproduce
Starting the server via
or:
causes the above error when trying to read some type:
However, reading the schema is permitted: