Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-14727

PostgreSQL : unauthorized currentSchema jdbc parameter is not refused by SonarQube

    XMLWordPrintable

    Details

    • Edition:
      Community
    • Production Notes:
      None

      Description

      On PostgreSQL, looking up metadata does not require having valid permission on the currentSchema specified on the jdbc url.

      That cause issue with how SonarQube is searching for a table (to know if a migration is needed), because it falls back on the public schema, where the db user can actually have permissions. The behaviour then can be problematic, as SonarQube find a table, but cannot access it.

      Solution: Enforce actual permission on the specified schema (if any), before accessing the DB metadata.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              pierre.guillot Pierre Guillot
              Reporter:
              pierre.guillot Pierre Guillot
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Due:
                Created:
                Updated:
                Resolved: