<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:26:14 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-3182] Module ROLE and module-tenant ROLEs</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-3182</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;p&gt;For a module use a module ROLE and for each tenant a module-tenant ROLE.&lt;/p&gt;

&lt;p&gt;This allows to re-use a database connection for a different tenant but also ensures tenant separation.&lt;/p&gt;

&lt;p&gt;Example:&lt;/p&gt;
&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
create role _1_mod_foo noinherit;
create role diku_mod_foo noinherit role _1_mod_foo;
create role tamu_mod_foo noinherit role _1_mod_foo;
create schema diku_mod_foo authorization diku_mod_foo;
create schema tamu_mod_foo authorization tamu_mod_foo;
set role diku_mod_foo;
create table diku_mod_foo.t (id &lt;span class=&quot;code-object&quot;&gt;int&lt;/span&gt;);
set role tamu_mod_foo;
create table tamu_mod_foo.t (id &lt;span class=&quot;code-object&quot;&gt;int&lt;/span&gt;);&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;The module role &lt;tt&gt;_1_mod_foo&lt;/tt&gt; can login but &lt;tt&gt;noinherit&lt;/tt&gt; doesn&apos;t assign privileges:&lt;/p&gt;
&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
set role _1_mod_foo;
select count(*) from diku_mod_foo.t;
ERROR:  42501: permission denied &lt;span class=&quot;code-keyword&quot;&gt;for&lt;/span&gt; schema diku_mod_foo
select count(*) from tamu_mod_foo.t;
ERROR:  42501: permission denied &lt;span class=&quot;code-keyword&quot;&gt;for&lt;/span&gt; schema tamu_mod_foo&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;The tenant role &lt;tt&gt;diku_mod_foo&lt;/tt&gt; can only access the &lt;tt&gt;diku_mod_foo&lt;/tt&gt; schema:&lt;/p&gt;
&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
set role diku_mod_foo;
select count(*) from diku_mod_foo.t;
0
select count(*) from tamu_mod_foo.t;
ERROR:  42501: permission denied &lt;span class=&quot;code-keyword&quot;&gt;for&lt;/span&gt; schema tamu_mod_foo&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;The tenant role &lt;tt&gt;tamu_mod_foo&lt;/tt&gt; can only access the &lt;tt&gt;tamu_mod_foo&lt;/tt&gt; schema:&lt;/p&gt;
&lt;div class=&quot;code panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;codeContent panelContent&quot;&gt;
&lt;pre class=&quot;code-java&quot;&gt;
set role tamu_mod_foo;
select count(*) from diku_mod_foo.t;
ERROR: 42501: permission denied &lt;span class=&quot;code-keyword&quot;&gt;for&lt;/span&gt; schema diku_mod_foo
select count(*) from tamu_mod_foo.t;
0&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;This permission setup protects against accidental cross-tenant access.&lt;br/&gt;
 It makes it very difficult for SQL injection and similar attacks: The SQL command &quot;set role&quot; must be executed before running the actual SQL query.&lt;/p&gt;

&lt;p&gt;A key feature of a multi-tenant software is that multiple tenants share the same running instance of code. Using strict database schemas and role permissions ensures pretty good tenant separation. Multi-tenant systems like this are state of the art.&lt;/p&gt;

&lt;p&gt;Organisations that want even more separation may choose to run one module instance per tenant for selected modules or all modules (with a single Okapi instance); or they may run multiple single tenant installations (= multiple Okapi instances).&lt;/p&gt;

&lt;p&gt;Note:&lt;/p&gt;

&lt;p&gt;This module ROLE and module-tenant ROLEs setup should be provided by the service described in 
    &lt;span class=&quot;jira-issue-macro&quot; data-jira-key=&quot;FOLIO-1935&quot; &gt;
                &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-1935&quot; class=&quot;jira-issue-macro-key issue-link&quot;  title=&quot;Service creating ROLE and SCHEMA on tenant initialization&quot; &gt;
            &lt;img class=&quot;icon&quot; src=&quot;https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10322?size=medium&quot; /&gt;
            FOLIO-1935
        &lt;/a&gt;
                                                    &lt;span class=&quot;aui-lozenge aui-lozenge-subtle aui-lozenge-complete jira-macro-single-issue-export-pdf&quot;&gt;Draft&lt;/span&gt;
            &lt;/span&gt;
 &quot;Service creating ROLE and SCHEMA on tenant initialization&quot;.&lt;/p&gt;</description>
                <environment></environment>
        <key id="79905">FOLIO-3182</key>
            <summary>Module ROLE and module-tenant ROLEs</summary>
                <type id="10005" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10309?size=medium">Story</type>
                                            <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="10000" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/generic.png" description="(Migrated on 4 Feb 2024 13:41 UTC)">Draft</status>
                    <statusCategory id="2" key="new" colorName="blue-gray"/>
                                    <resolution id="-1">Unresolved</resolution>
                                                        <assignee accountid="-1">Unassigned</assignee>
                                                                <reporter accountid="5ee89462f7aa140abd82d11d">Julian Ladisch</reporter>
                                    <labels>
                            <label>security</label>
                            <label>security-reviewed</label>
                    </labels>
                <created>Tue, 1 Jun 2021 10:47:48 +0000</created>
                <updated>Tue, 17 Jan 2023 11:12:21 +0000</updated>
                                                                                <due></due>
                            <votes>1</votes>
                                    <watches>3</watches>
                                                                <comments>
                                                            <comment id="190055" author="5cf6c546b87c300f36eb7b9a" created="Thu, 14 Oct 2021 15:28:43 +0000"  >&lt;p&gt;Discussed in context of &lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-1935&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://folio-org.atlassian.net/browse/FOLIO-1935&lt;/a&gt;.&#160; See comments there for additional details.&lt;/p&gt;</comment>
                                                            <comment id="190056" author="5cf6c546b87c300f36eb7b9a" created="Thu, 3 Feb 2022 16:29:06 +0000"  >&lt;p&gt;The security team reviewed this again and are looking for someone to generate a formal proposal.&#160; See&#160;&lt;a href=&quot;https://folio-org.atlassian.net/browse/FOLIO-1935&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://folio-org.atlassian.net/browse/FOLIO-1935&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10003">
                    <name>Relates</name>
                                                                <inwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="79900">FOLIO-1935</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10144"><![CDATA[Core: Platform]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10063" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>PO Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i01vr8:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="128">CP: R3 2022 roadmap</customfieldvalue>
    <customfieldvalue id="1452">CP: Roadmap backlog</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Thu, 14 Oct 2021 15:28:43 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                </customfields>
    </item>
</channel>
</rss>