Skip to content

Rectified sys.database_principals view which was missing SID #3730

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 8 commits into
base: BABEL_5_X_DEV
Choose a base branch
from
Open

Rectified sys.database_principals view which was missing SID #3730

wants to merge 8 commits into from

Conversation

ayushdsh
Copy link

@ayushdsh ayushdsh commented Apr 29, 2025
edited
Loading

Description

sys.database_principals.sid acts as a foreign key and links to sys.server_principals.sid This is how SQL users are linked to their respective logins. Certain database_principals like db roles will not have a corresponding mapping in server_principals, hence they have a SID which is generated by default by sql server at creation. In this view, we want to map the users (the defaults like dbo as well) to the server_principals. The owner of the database is the login which is linked to 'dbo'. Hence, we will be mapping the owner of the current db to 'dbo'. Other user-defined logins are already part of the view currently.

Differences between SQL Server and BBF -

  1. Orphaned users still show the SID of the deleted login in SQL server, however in BBF since we are performing joins on other system catalogs, BBF outputs NULL
  2. DB roles (fixed and user-defined) do not have any mapping of SID in server_principals; the SIDs given to db roles are by default generated by sql server at creation. Hence, in SQL server, there are SIDs present for all the DB roles; however, in BBF there is no need to a special SID and hence it is NULL

SQL Server

On master - 

1> select name,sid from sys.database_principals;
2> go
name sid
---- ---
public 0x010500000000000904000000FB01993B66F9C34DBD9B2735F4CC0C93
dbo 0x01
guest 0x00
INFORMATION_SCHEMA NULL
sys NULL
##MS_PolicyEventProcessingLogin## 0xF0F3A466D41B4149BFB4467225FE7B03
##MS_AgentSigningCertificate## 0x010600000000000901000000750120FC99725EEE80BF9237AC59F57982426F97
testUser 0xE6A9BDDB1A52F64D9F0390271D5871CB
userof_loginWoSecurityAdmin 0x5FB9CB1D37416643BD74B421FCD0CCA5 -----> deleted login, won't find a mapping in server_principals --- i.e orphaned user
userof_loginWithSecurityAdmin 0x1D208BE96521CE438E6DE67101F00781
userof_logintest 0x608B2654E46ED447B18DA78072FEA960
db_owner 0x01050000000000090400000000000000000000000000000000400000
db_accessadmin 0x01050000000000090400000000000000000000000000000001400000
db_securityadmin 0x01050000000000090400000000000000000000000000000002400000
db_ddladmin 0x01050000000000090400000000000000000000000000000003400000
db_backupoperator 0x01050000000000090400000000000000000000000000000005400000
db_datareader 0x01050000000000090400000000000000000000000000000006400000
db_datawriter 0x01050000000000090400000000000000000000000000000007400000
db_denydatareader 0x01050000000000090400000000000000000000000000000008400000
db_denydatawriter 0x01050000000000090400000000000000000000000000000009400000




On new_db (different owner - loginWithSecurityAdmin)

1> use new_db
2> go
Changed database context to 'new_db'.
1> select name,sid from sys.database_principals;
2> go
name sid
---- ---
public 0x01050000000000090400000083741B006749C04BA943C02702F2A762
dbo 0x1D208BE96521CE438E6DE67101F00781 --------> loginWithSecurityAdmin
guest 0x00
INFORMATION_SCHEMA NULL
sys NULL
db_owner 0x01050000000000090400000000000000000000000000000000400000
db_accessadmin 0x01050000000000090400000000000000000000000000000001400000
db_securityadmin 0x01050000000000090400000000000000000000000000000002400000
db_ddladmin 0x01050000000000090400000000000000000000000000000003400000
db_backupoperator 0x01050000000000090400000000000000000000000000000005400000
db_datareader 0x01050000000000090400000000000000000000000000000006400000
db_datawriter 0x01050000000000090400000000000000000000000000000007400000
db_denydatareader 0x01050000000000090400000000000000000000000000000008400000
db_denydatawriter 0x01050000000000090400000000000000000000000000000009400000

Babelfish

On master

1> select name, sid from sys.database_principals;
2> go
name                                                                                                                             sid                                                                                                                                                                         
-------------------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
db_owner                                                                                                                         NULL                                                                                                                                                                        
dbo                                                                                                                              0x00004000                                                                                                                                                                  
db_datareader                                                                                                                    NULL                                                                                                                                                                        
db_datawriter                                                                                                                    NULL                                                                                                                                                                        
db_accessadmin                                                                                                                   NULL                                                                                                                                                                        
db_securityadmin                                                                                                                 NULL                                                                                                                                                                        
db_ddladmin                                                                                                                      NULL                                                                                                                                                                        
guest                                                                                                                            0x00000000                                                                                                                                                                  
userof_testlogin                                                                                                                 0x00014DF5                                                                                                                                                                  
userof_testlogin_tbd_orphaned                                                                                                    NULL                                                                                                                                                                        
public                                                                                                                           0x00000000                                                                                                                                                                  
sys                                                                                                                              0x00000000                                                                                                                                                                  
INFORMATION_SCHEMA                                                                                                               0x00000000   




On new_db

1> use testdb
2> go
Changed database context to 'testdb'.
1> select name,sid from sys.database_principals;
2> go
name                                                                                                                             sid                                                                                                                                                                         
-------------------------------------------------------------------------------------------------------------------------------- ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
guest                                                                                                                            0x00000000                                                                                                                                                                  
db_ddladmin                                                                                                                      NULL                                                                                                                                                                        
db_securityadmin                                                                                                                 NULL                                                                                                                                                                        
db_accessadmin                                                                                                                   NULL                                                                                                                                                                        
db_datawriter                                                                                                                    NULL                                                                                                                                                                        
db_datareader                                                                                                                    NULL                                                                                                                                                                        
dbo                                                                                                                              0x00014DF5                                                                                                                                                                  
db_owner                                                                                                                         NULL                                                                                                                                                                        
public                                                                                                                           0x00000000                                                                                                                                                                  
sys                                                                                                                              0x00000000                                                                                                                                                                  
INFORMATION_SCHEMA                                                                                                               0x00000000

Check List

  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is under the terms of the Apache 2.0 and PostgreSQL licenses, and grant any person obtaining a copy of the contribution permission to relicense all or a portion of my contribution to the PostgreSQL License solely to contribute all or a portion of my contribution to the PostgreSQL open source project.

For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@ayushdsh
Rectified sys.database_principals view which was missing SID
66ff761 
sys.database_principals.sid acts as a foreign key and links to sys.server_principals.sid
This is how SQL users are linked to their respective logins. Certain database_principals like db roles will not have a corresponding mapping in server_principals, hence they have a SID which is generated by default by sql server at creation.
In this view, we want to map the users (the defaults like dbo as well) to the server_principals. The owner of the database is the login which is linked to 'dbo'. Hence, we will be mapping the owner of the current db to 'dbo'. Other user-defined logins are already part of the view currently.

Task: BABEL-5789
@ayushdsh ayushdsh marked this pull request as ready for review April 29, 2025 09:11
@ayushdsh ayushdsh marked this pull request as draft April 29, 2025 10:03
@ayushdsh ayushdsh marked this pull request as ready for review April 29, 2025 10:07
shalinilohia50
shalinilohia50 reviewed Apr 29, 2025
View reviewed changes
@ayushdsh ayushdsh marked this pull request as draft April 30, 2025 05:32
@ayushdsh ayushdsh marked this pull request as ready for review April 30, 2025 05:32
@ayushdsh ayushdsh self-assigned this Apr 30, 2025
@ayushdsh ayushdsh closed this Apr 30, 2025
@ayushdsh ayushdsh reopened this Apr 30, 2025
@coveralls
Copy link
Collaborator

coveralls commented Apr 30, 2025
edited
Loading

Pull Request Test Coverage Report for Build 14758264880

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 75.137%
Totals Coverage Status
Change from base Build 14657622694: 0.0%
Covered Lines: 47915
Relevant Lines: 63770
💛 - Coveralls

@ayushdsh ayushdsh closed this Apr 30, 2025
@ayushdsh ayushdsh reopened this Apr 30, 2025
@ayushdsh ayushdsh requested a review from HarshLunagariya May 1, 2025 20:43
@shalinilohia50
Copy link
Contributor

Changes look good to me. Please fix the conflicts.

@ayushdsh
Copy link
Author

ayushdsh commented Jun 6, 2025

Changes look good to me. Please fix the conflicts.

@shalinilohia50 yup. Waiting for PR-3733 to get merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shalinilohia50 shalinilohia50 shalinilohia50 left review comments

@HarshLunagariya HarshLunagariya Awaiting requested review from HarshLunagariya

At least 1 approving review is required to merge this pull request.

Assignees

@ayushdsh ayushdsh

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ayushdsh @coveralls @shalinilohia50