Details

    • Operating System/s:
      Windows 7
    • QA Validation Status:
      Not Yet Validated

      Description

      I used mondrian-3.2.1.13885 with its roles support and it worked perfectly.
      After migration to version 3.3.0.14703 I discovered that for same schema configuration roles work with some problems.
      For example Role defined like this:

      <Role name="CALIFORNIA_MANAGER">
              <SchemaGrant access="all">
                  <CubeGrant cube="Sales" access="all">
                      <HierarchyGrant rollupPolicy="Partial" hierarchy="[Customers]" access="custom">
                          <MemberGrant member="[Customers].[USA]" access="none"/>
                          <MemberGrant member="[Customers].[USA].[CA]" access="all"/>
                      </HierarchyGrant>
                  </CubeGrant>
              </SchemaGrant>
      </Role>

      Example code:

      Cube cube = olapConnection.getOlapSchema().getCubes().get("Sales");
      Hierarchy hierarchy = cube.getHierarchies().get("Customers");
      Member defautlMember = hierarchy.getDefaultMember();

      For version 3.2.1.13885 defautlMember object refers to [Customers].[All Customers]
      For version 3.3.0.14703 defaultMember is null. Moreover hierarchy.getRootMembers() has member [Customers].[All Customers]
      but this member does not have any child member.
      In both cases I connect with XMLA with olap4j 1.0

      I discovered that rollupPolicy="Partial" brings these problems, but without this configuration we can not benefit data hiding:
      http://mondrian.pentaho.com/documentation/schema.php

      Maybe role managment differs somehow?
      Please share your suggestion about this case.

        Activity

        Hide
        Luc Boudreau added a comment -
        This is a legitimate bug. we should fix it for 3.4.0. I've found a way to reproduce it and I'll fix it momentarily.
        Show
        Luc Boudreau added a comment - This is a legitimate bug. we should fix it for 3.4.0. I've found a way to reproduce it and I'll fix it momentarily.
        Hide
        Luc Boudreau added a comment -
        I've found a way to test and fix this issue, but because of the current migration to Git, I can't check it in yet. I'll attach it to this case in the meanwhile.
        Show
        Luc Boudreau added a comment - I've found a way to test and fix this issue, but because of the current migration to Git, I can't check it in yet. I'll attach it to this case in the meanwhile.
        Hide
        Luc Boudreau added a comment -
        Fixed in commit 145aa8436c5b0beeb1fce0d4daee987268210d80 in github:/pentaho/mondrian/master and commit 8960738935e90d2e5795433b931f12df21b2d11f in github:/pentaho/mondrian/3.4.

        RoleImpl was saving member grants in a hash map where the key was the member object. This would cause a false-negative when looking up member grants which were wrapped in a rollup wrapper.

        To validate this fix, check test AccessControlTest.testMondrian1091().
        Show
        Luc Boudreau added a comment - Fixed in commit 145aa8436c5b0beeb1fce0d4daee987268210d80 in github:/pentaho/mondrian/master and commit 8960738935e90d2e5795433b931f12df21b2d11f in github:/pentaho/mondrian/3.4. RoleImpl was saving member grants in a hash map where the key was the member object. This would cause a false-negative when looking up member grants which were wrapped in a rollup wrapper. To validate this fix, check test AccessControlTest.testMondrian1091().
        Hide
        Will Gorman added a comment -
        Verified test is passing in CI and that the unit test verified the root member.
        Show
        Will Gorman added a comment - Verified test is passing in CI and that the unit test verified the root member.

          People

          • Assignee:
            Will Gorman
            Reporter:
            Bartosz Spychaj
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: