From 81ffdec94a5badb0e7c54d91077ffb926d689600 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Wed, 21 May 2025 17:34:56 +0300 Subject: [PATCH 01/12] Adds box.schema.user.enable and box.schema.user.disable methods description to Submodule box.schema 2 new files ("user_enable.rst" and user_disable.rst") added to the box.schema submodule. Files describe methods that activate and deactivate users. References added to existing files ("box_schema.rst", "user_grant.rst", "user_revoke.rst" Fixes #5122 --- doc/reference/reference_lua/box_schema.rst | 8 +++++ .../reference_lua/box_schema/user_disable.rst | 30 +++++++++++++++++++ .../reference_lua/box_schema/user_enable.rst | 27 +++++++++++++++++ .../reference_lua/box_schema/user_grant.rst | 2 +- .../reference_lua/box_schema/user_revoke.rst | 2 +- 5 files changed, 67 insertions(+), 2 deletions(-) create mode 100644 doc/reference/reference_lua/box_schema/user_disable.rst create mode 100644 doc/reference/reference_lua/box_schema/user_enable.rst diff --git a/doc/reference/reference_lua/box_schema.rst b/doc/reference/reference_lua/box_schema.rst index c20c4dff59..9eaaf40aab 100644 --- a/doc/reference/reference_lua/box_schema.rst +++ b/doc/reference/reference_lua/box_schema.rst @@ -53,6 +53,12 @@ Below is a list of all ``box.schema`` functions. * - :doc:`./box_schema/user_revoke` - Revoke privileges from a user or a role + * - :doc:`./box_schema/user_enable` + - Activate previously deactivated user + + * - :doc:`./box_schema/user_disable` + - Deactivate user + * - :doc:`./box_schema/user_password` - Get a hash of a user's password @@ -105,6 +111,8 @@ Below is a list of all ``box.schema`` functions. box_schema/user_exists box_schema/user_grant box_schema/user_revoke + box_schema/user_enable + box_schema/user_disable box_schema/user_password box_schema/user_passwd box_schema/user_info diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst new file mode 100644 index 0000000000..5cbe3e6734 --- /dev/null +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -0,0 +1,30 @@ +.. _box_schema-user_disable: + +=============================================================================== +box.schema.user.enable() +=============================================================================== + +.. module:: box.schema + +.. function:: box.schema.user.disable(username) + + Deactivate a user. If :samp:`'{username}'` does not exist, an error is returned. + + :param string username: the name of a user to be deactivated + + :return: (if success) ``---`` + + (if failure) ``error: 'User '{username}' doesn''t exist'`` + + **Example:** + + .. code-block:: lua + + box.schema.user.disable (username) + + --- + + **Variation:** instead of :samp:`box.schema.user.disable('{username}')`, say + :samp:`box.schema.user.revoke('{username}','usage,session','universe',nil,` :code:`{if_exists=true})` + (see section :ref:`box.schema.user.revoke `). + \ No newline at end of file diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst new file mode 100644 index 0000000000..7cb94acd10 --- /dev/null +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -0,0 +1,27 @@ +.. _box_schema-user_enable: + +=============================================================================== +box.schema.user.enable() +=============================================================================== + +.. module:: box.schema + +.. function:: box.schema.user.enable(username) + + Activate deactivated user. If :samp:`'{username}'` does not exist, it will be created. If :samp:`'{username}'` is already active, nothing changes. + + :param string username: the name of a user to be activated + + :return: ``---`` + + **Example:** + + .. code-block:: lua + + box.schema.user.enable (username) + + --- + + **Variation:** instead of :samp:`box.schema.user.enable('{username}')`, say + :samp:`box.schema.user.grant('{username}','usage,session','universe',nil,` :code:`{if_not_exists=true})` + (see section :ref:`box.schema.user.grant `). \ No newline at end of file diff --git a/doc/reference/reference_lua/box_schema/user_grant.rst b/doc/reference/reference_lua/box_schema/user_grant.rst index de4f17af3c..fb6150e6ab 100644 --- a/doc/reference/reference_lua/box_schema/user_grant.rst +++ b/doc/reference/reference_lua/box_schema/user_grant.rst @@ -31,7 +31,7 @@ box.schema.user.grant() **Variation:** instead of :samp:`box.schema.user.grant('{username}','usage,session','universe',nil,` :code:`{if_not_exists=true})` - say :samp:`box.schema.user.enable('{username}')`. + say :samp:`box.schema.user.enable('{username}')` (see section :ref:`box.schema.user.enable `). The possible options are: diff --git a/doc/reference/reference_lua/box_schema/user_revoke.rst b/doc/reference/reference_lua/box_schema/user_revoke.rst index 6bc9559217..bea2bdb82d 100644 --- a/doc/reference/reference_lua/box_schema/user_revoke.rst +++ b/doc/reference/reference_lua/box_schema/user_revoke.rst @@ -31,7 +31,7 @@ box.schema.user.revoke() **Variation:** instead of :samp:`box.schema.user.revoke('{username}','usage,session','universe',nil,` :code:`{if_exists=true})` - say :samp:`box.schema.user.disable('{username}')`. + say :samp:`box.schema.user.disable('{username}')` (see section :ref:`box.schema.user.disable `). **Example:** From f69a513f6d91373ec02f9547e8d2be20557ebe4d Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Wed, 21 May 2025 18:10:58 +0300 Subject: [PATCH 02/12] Fix typo in page heading --- doc/reference/reference_lua/box_schema/user_disable.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 5cbe3e6734..8e48a520d9 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -1,7 +1,7 @@ .. _box_schema-user_disable: =============================================================================== -box.schema.user.enable() +box.schema.user.disable() =============================================================================== .. module:: box.schema From 0c0e2c13d0131c3a7763d141d7f6c47e23d08150 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Thu, 22 May 2025 11:03:49 +0300 Subject: [PATCH 03/12] Updates description by comments Fixes #5123 --- .../reference_lua/box_schema/user_disable.rst | 15 ++++----------- .../reference_lua/box_schema/user_enable.rst | 16 +++++++--------- 2 files changed, 11 insertions(+), 20 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 8e48a520d9..e1b39961b7 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -8,23 +8,16 @@ box.schema.user.disable() .. function:: box.schema.user.disable(username) - Deactivate a user. If :samp:`'{username}'` does not exist, an error is returned. + Initiates the :samp:`box.schema.user.revoke('{username}','usage,session','universe',nil,` :code:`{if_exists=true})` + (see section :ref:`box.schema.user.revoke `). :param string username: the name of a user to be deactivated - :return: (if success) ``---`` - - (if failure) ``error: 'User '{username}' doesn''t exist'`` + :return: ``---`` **Example:** .. code-block:: lua - box.schema.user.disable (username) - + box.schema.user.disable (username) --- - - **Variation:** instead of :samp:`box.schema.user.disable('{username}')`, say - :samp:`box.schema.user.revoke('{username}','usage,session','universe',nil,` :code:`{if_exists=true})` - (see section :ref:`box.schema.user.revoke `). - \ No newline at end of file diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index 7cb94acd10..331a01c705 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -8,20 +8,18 @@ box.schema.user.enable() .. function:: box.schema.user.enable(username) - Activate deactivated user. If :samp:`'{username}'` does not exist, it will be created. If :samp:`'{username}'` is already active, nothing changes. + Initiates the :samp:`box.schema.user.grant('{username}','usage,session','universe',nil,` :code:`{if_not_exists=true})` method + (see section :ref:`box.schema.user.grant `). - :param string username: the name of a user to be activated + :param string username: the name of the subject user - :return: ``---`` + :return: (if success) ``---`` + + (if failure) ``error: User 'username' is not found`` **Example:** .. code-block:: lua - box.schema.user.enable (username) - + box.schema.user.enable (username) --- - - **Variation:** instead of :samp:`box.schema.user.enable('{username}')`, say - :samp:`box.schema.user.grant('{username}','usage,session','universe',nil,` :code:`{if_not_exists=true})` - (see section :ref:`box.schema.user.grant `). \ No newline at end of file From 7d55ae3dae7a84e7bf8cec8ff99efd584dd3847f Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Thu, 22 May 2025 12:43:00 +0300 Subject: [PATCH 04/12] Updates .._disable description by comments Fixes #5123 --- doc/reference/reference_lua/box_schema/user_disable.rst | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index e1b39961b7..f1c1a77903 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -13,7 +13,10 @@ box.schema.user.disable() :param string username: the name of a user to be deactivated - :return: ``---`` + :return: (if success) ``---`` + + (if failure) ``error: User 'username' is not found`` + **Example:** From e4162dc424e6a7eb55e8b0118bef312f906cf9ea Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 12:02:30 +0300 Subject: [PATCH 05/12] Udates by comments Fixes #5123 --- .../reference_lua/box_schema/user_disable.rst | 25 ++++++++++--------- .../reference_lua/box_schema/user_enable.rst | 24 ++++++++++-------- 2 files changed, 26 insertions(+), 23 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index f1c1a77903..159b350513 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -8,19 +8,20 @@ box.schema.user.disable() .. function:: box.schema.user.disable(username) - Initiates the :samp:`box.schema.user.revoke('{username}','usage,session','universe',nil,` :code:`{if_exists=true})` - (see section :ref:`box.schema.user.revoke `). - - :param string username: the name of a user to be deactivated - - :return: (if success) ``---`` - - (if failure) ``error: User 'username' is not found`` + Revokes ``usage`` and ``session`` permissions from the subject user. Equivalent to the following call: + .. code-block:: lua + box.schema.user.revoke('{username}','usage,session','universe',nil,{if_not_exists=true}) + + .. NOTE:: - **Example:** + ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + + For more information about revoking permissions see section :ref:`box.schema.user.revoke `. - .. code-block:: lua + :param string username: the name of the subject user + + :return: (if success) nothing - box.schema.user.disable (username) - --- + (if failure) The error is raised ``- error: User 'username' is not found`` \ No newline at end of file diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index 331a01c705..4a4490e231 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -8,18 +8,20 @@ box.schema.user.enable() .. function:: box.schema.user.enable(username) - Initiates the :samp:`box.schema.user.grant('{username}','usage,session','universe',nil,` :code:`{if_not_exists=true})` method - (see section :ref:`box.schema.user.grant `). + Grants ``usage`` and ``session`` permissions to the subject user. Equivalent to the following call: - :param string username: the name of the subject user - - :return: (if success) ``---`` - - (if failure) ``error: User 'username' is not found`` + .. code-block:: lua + box.schema.user.grant('{username}','usage,session','universe',nil,{if_not_exists=true}) + + .. NOTE:: - **Example:** + ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + + For more information about granting permissions see section :ref:`box.schema.user.grant `. - .. code-block:: lua + :param string username: the name of the subject user + + :return: (if success) nothing - box.schema.user.enable (username) - --- + (if failure) The error is raised ``- error: User 'username' is not found`` \ No newline at end of file From 8167e3f5f6258bff1d260b92d6bec88fb5687a51 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 12:17:11 +0300 Subject: [PATCH 06/12] RST syntax fix --- doc/reference/reference_lua/box_schema/user_disable.rst | 5 +++-- doc/reference/reference_lua/box_schema/user_enable.rst | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 159b350513..f9704439cf 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -10,8 +10,9 @@ box.schema.user.disable() Revokes ``usage`` and ``session`` permissions from the subject user. Equivalent to the following call: - .. code-block:: lua - box.schema.user.revoke('{username}','usage,session','universe',nil,{if_not_exists=true}) + .. code-block:: lua + + box.schema.user.revoke('{username}','usage,session','universe',nil,{if_not_exists=true}) .. NOTE:: diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index 4a4490e231..ebf8296f2f 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -10,8 +10,9 @@ box.schema.user.enable() Grants ``usage`` and ``session`` permissions to the subject user. Equivalent to the following call: - .. code-block:: lua - box.schema.user.grant('{username}','usage,session','universe',nil,{if_not_exists=true}) + .. code-block:: lua + + box.schema.user.grant('{username}','usage,session','universe',nil,{if_not_exists=true}) .. NOTE:: From 6c9e8a1bc211e40c688bc696bf3f70826417bae9 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 12:22:18 +0300 Subject: [PATCH 07/12] Fixes comments --- doc/reference/reference_lua/box_schema.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/reference/reference_lua/box_schema.rst b/doc/reference/reference_lua/box_schema.rst index 9eaaf40aab..b2a60c0e81 100644 --- a/doc/reference/reference_lua/box_schema.rst +++ b/doc/reference/reference_lua/box_schema.rst @@ -54,10 +54,10 @@ Below is a list of all ``box.schema`` functions. - Revoke privileges from a user or a role * - :doc:`./box_schema/user_enable` - - Activate previously deactivated user + - Grant ``usage`` and ``session`` permissions * - :doc:`./box_schema/user_disable` - - Deactivate user + - Revoke ``usage`` and ``session`` permissions * - :doc:`./box_schema/user_password` - Get a hash of a user's password From a531918e9f7ca931f703892d102ba6a374facb66 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 12:31:31 +0300 Subject: [PATCH 08/12] Fixes rst syntax --- doc/reference/reference_lua/box_schema/user_disable.rst | 4 ++-- doc/reference/reference_lua/box_schema/user_enable.rst | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index f9704439cf..7185a86809 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -16,8 +16,8 @@ box.schema.user.disable() .. NOTE:: - ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about revoking permissions see section :ref:`box.schema.user.revoke `. diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index ebf8296f2f..bb7bca1e6a 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -11,13 +11,13 @@ box.schema.user.enable() Grants ``usage`` and ``session`` permissions to the subject user. Equivalent to the following call: .. code-block:: lua - + box.schema.user.grant('{username}','usage,session','universe',nil,{if_not_exists=true}) .. NOTE:: - ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about granting permissions see section :ref:`box.schema.user.grant `. From b12f6f0c5f830a31fb6a99b1e2cd9e19d373cc41 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 12:52:01 +0300 Subject: [PATCH 09/12] Fixes rst syntax --- doc/reference/reference_lua/box_schema/user_disable.rst | 4 ++-- doc/reference/reference_lua/box_schema/user_enable.rst | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 7185a86809..291f6c1980 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -16,8 +16,8 @@ box.schema.user.disable() .. NOTE:: - ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about revoking permissions see section :ref:`box.schema.user.revoke `. diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index bb7bca1e6a..2f3a4996cb 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -16,8 +16,8 @@ box.schema.user.enable() .. NOTE:: - ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about granting permissions see section :ref:`box.schema.user.grant `. From 50e0740a6f3c0b796c805aeebc892fa595ea5389 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 13:03:48 +0300 Subject: [PATCH 10/12] Fix rst syntax --- doc/reference/reference_lua/box_schema/user_disable.rst | 5 +++-- doc/reference/reference_lua/box_schema/user_enable.rst | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 291f6c1980..0181525f98 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -16,8 +16,9 @@ box.schema.user.disable() .. NOTE:: - * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about revoking permissions see section :ref:`box.schema.user.revoke `. diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index 2f3a4996cb..4bf0cd10bc 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -16,8 +16,9 @@ box.schema.user.enable() .. NOTE:: - * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) + * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) For more information about granting permissions see section :ref:`box.schema.user.grant `. From 6a85e35d54e6c52fe54c42ce0b68cc16643b65b5 Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 18:12:58 +0300 Subject: [PATCH 11/12] Updates by comments --- .../reference_lua/box_schema/user_disable.rst | 16 +++++++++------- .../reference_lua/box_schema/user_enable.rst | 14 ++++++++------ 2 files changed, 17 insertions(+), 13 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 0181525f98..67eb03abf9 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -11,19 +11,21 @@ box.schema.user.disable() Revokes ``usage`` and ``session`` permissions from the subject user. Equivalent to the following call: .. code-block:: lua - - box.schema.user.revoke('{username}','usage,session','universe',nil,{if_not_exists=true}) - + + box.schema.user.revoke(username, 'usage,session', 'universe', nil, {if_not_exists = true}) + .. NOTE:: - * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + * ``session`` - (cannot be granted to a role) allows the binary protocol layer (iproto) to authenticate the user + + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (such as read, write and alter space) - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) - For more information about revoking permissions see section :ref:`box.schema.user.revoke `. :param string username: the name of the subject user :return: (if success) nothing - (if failure) The error is raised ``- error: User 'username' is not found`` \ No newline at end of file + Possible errors: + + * ``NO_SUCH_USER`` - in case the subject user is not found. \ No newline at end of file diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index 4bf0cd10bc..c915a9a355 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -12,18 +12,20 @@ box.schema.user.enable() .. code-block:: lua - box.schema.user.grant('{username}','usage,session','universe',nil,{if_not_exists=true}) - + box.schema.user.grant(username, 'usage,session', 'universe', nil, {if_not_exists = true}) + .. NOTE:: - * ``session`` - (cannot be granted to a role) if is not granted, ``IPROTO_AUTH`` always fails connection to the user, so does ``box.session.su()`` + * ``session`` - (cannot be granted to a role) allows the binary protocol layer (iproto) to authenticate the user + + * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (such as read, write and alter space) - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (e.g. read, write and alter space) - For more information about granting permissions see section :ref:`box.schema.user.grant `. :param string username: the name of the subject user :return: (if success) nothing - (if failure) The error is raised ``- error: User 'username' is not found`` \ No newline at end of file + Possible errors: + + * ``NO_SUCH_USER`` - in case the subject user is not found. \ No newline at end of file From c2ec38933c3a0619120f25fdee5ff0c7b21dc73d Mon Sep 17 00:00:00 2001 From: "a.ardeev" Date: Fri, 23 May 2025 19:00:06 +0300 Subject: [PATCH 12/12] Updates by comments --- doc/reference/reference_lua/box_schema/user_disable.rst | 4 ++-- doc/reference/reference_lua/box_schema/user_enable.rst | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/doc/reference/reference_lua/box_schema/user_disable.rst b/doc/reference/reference_lua/box_schema/user_disable.rst index 67eb03abf9..e115ee43e9 100644 --- a/doc/reference/reference_lua/box_schema/user_disable.rst +++ b/doc/reference/reference_lua/box_schema/user_disable.rst @@ -16,9 +16,9 @@ box.schema.user.disable() .. NOTE:: - * ``session`` - (cannot be granted to a role) allows the binary protocol layer (iproto) to authenticate the user + * ``session`` - allows the binary protocol layer (iproto) to authenticate the user - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (such as read, write and alter space) + * ``usage`` - lets user use their privileges on database objects (such as read, write and alter space) For more information about revoking permissions see section :ref:`box.schema.user.revoke `. diff --git a/doc/reference/reference_lua/box_schema/user_enable.rst b/doc/reference/reference_lua/box_schema/user_enable.rst index c915a9a355..aad9886f2e 100644 --- a/doc/reference/reference_lua/box_schema/user_enable.rst +++ b/doc/reference/reference_lua/box_schema/user_enable.rst @@ -16,9 +16,9 @@ box.schema.user.enable() .. NOTE:: - * ``session`` - (cannot be granted to a role) allows the binary protocol layer (iproto) to authenticate the user + * ``session`` - allows the binary protocol layer (iproto) to authenticate the user - * ``usage`` - (cannot be granted to a role) lets user use their privileges on database objects (such as read, write and alter space) + * ``usage`` - lets user use their privileges on database objects (such as read, write and alter space) For more information about granting permissions see section :ref:`box.schema.user.grant `.