| bugs.core_0001_test | Server shutdown |
| bugs.core_0196_test | SYSDBA can grant non existent roles |
| bugs.core_0304_test | Any user can drop procedures, generators, exceptions |
| bugs.core_0606_test | Tricky role defeats basic SQL security |
| bugs.core_0885_test | It is impossible to take away rights on update of a column |
| bugs.core_1076_test | Services Manager and gsec truncate First.Middle.Last Name fields to 17 chars instead of 32 chars available in field definition |
| bugs.core_1083_test | User (not SYSDBA) that have privileges with grant option, can't revoke privileges, granted by other user or SYSDBA |
| bugs.core_1148_test | Every user can view server log using services API |
| bugs.core_1292_test | Can't create table using long username and UTF8 as attachment charset |
| bugs.core_1642_test | Non-privileged monitoring reports wrong attachment data |
| bugs.core_1815_test | Ability to grant role to another role |
| bugs.core_1845_test | Some standard calls show server installation directory to regular users |
| bugs.core_1869_test | Roles granting/revoking logic |
| bugs.core_2004_test | ALTER USER XXX INACTIVE |
| bugs.core_2233_test | Allow non-SYSDBA users to monitor not only their current attachment but other their attachments as well |
| bugs.core_2765_test | Use of RDB$ADMIN role does not provide SYSDBA rights in GRANT/REVOKE |
| bugs.core_3360_test | update ... returning ... raises -551 (no perm to update) for a column present only in the returning clause |
| bugs.core_3365_test | Extend syntax for ALTER USER CURRENT_USER |
| bugs.core_3511_test | Unquoted role names with non-ASCII characters passed in DPB are upper-cased wrongly |
| bugs.core_3735_test | Unprivileged user can delete from RDB$DATABASE, RDB$COLLATIONS, RDB$CHARACTER_SETS |
| bugs.core_3736_test | WITH LOCK clause is allowed for users with read-only rights on some table, thus blocking others from updating this table |
| bugs.core_4161_test | User can not insert records into table with column "generated by default as identity" in its DDL |
| bugs.core_4200_test | An uncommitted select of the pseudo table sec$users blocks new database connections |
| bugs.core_4218_test | Add database owner to mon$database |
| bugs.core_4301_test | Non-ASCII data in SEC$USERS is not read correctly |
| bugs.core_4326_test | Keyword SET should not be required in ALTER USER statement |
| bugs.core_4342_test | Non-privileged user can delete records from RDB$SECURITY_CLASSES table |
| bugs.core_4359_test | non-priviledged user can insert and update rdb$database |
| bugs.core_4430_test | Properties of user created in Legacy_UserManager padded with space up to 10 character |
| bugs.core_4464_test | Duplicate tags for CREATE/ALTER USER not handled correctly |
| bugs.core_4468_test | FB3: CREATE USER GRANT ADMIN ROLE does not work |
| bugs.core_4469_test | Add field in SEC$USERS reflecting whether a user has RDB$ADMIN role in security database |
| bugs.core_4503_test | ISQL command SHOW USERS display only me |
| bugs.core_4648_test | no permission for CREATE access to DATABASE (for RDB$ADMIN) |
| bugs.core_4726_test | Provide ability to do: REcreate user <user_name> password <user_pwd> |
| bugs.core_4729_test | Add a flag to mon$database helping to decide what type of security database is used - default, self or other |
| bugs.core_4731_test | Prohibit an ability to issue DML or DDL statements on RDB$ tables (CORE-4731) |
| bugs.core_4743_test | Granted role does not work with non-ascii username |
| bugs.core_4760_test | Can not create user with non-ascii (multi-byte) characters in it's name |
| bugs.core_4767_test | CREATE USER ... TAGS ( attr = 'prefix #suffix' ): suffix will be removed from storage because of character '#' in the value of attribute |
| bugs.core_4768_test | CREATE USER ... TAGS ( argument_1 = 'value1', ..., argument_N = 'valueN' ) - wrong results of statement when there are many arguments |
| bugs.core_4802_test | Regression: GRANT UPDATE(<some_column>) on <T> acts like grant update on ALL columns of <T> |
| bugs.core_4806_test | Regression: generators can be seen/modified by unprivileged users |
| bugs.core_4811_test | Make user names behave according to SQL identifiers rules |
| bugs.core_4821_test | grant create database to ROLE doesn`t work: "no permission for CREATE access to DATABASE ..." [CORE4821] |
| bugs.core_4836_test | Grant update(c) on t to U01 with grant option: user U01 will not be able to `revoke update(c) on t from <user | role>` if this `U01` do some DML before revoke |
| bugs.core_4839_test | SHOW GRANTS does not display info about exceptions which were granted to user |
| bugs.core_4964_test | Real errors during connect to security database are hidden by Srp user manager. Errors should be logged no matter what AuthServer is used |
| bugs.core_4980_test | Operator REVOKE can modify rights granted to system tables at DB creation time |
| bugs.core_4985_test | Non-privileged user can implicitly count records in a restricted table |
| bugs.core_5225_test | Authentication end with first plugin that has the user but auth fails; should continue with next plugin |
| bugs.core_5248_test | Improve consistency in GRANT syntax between roles and privileges according to SQL standard |
| bugs.core_5269_test | FBTRACEMGR should understand 'role <name>' command switch (needed to explicitly connect with role with 'TRACE_ANY_ATTACHMENT' privilege) |
| bugs.core_5279_test | Granting access rights to view is broken |
| bugs.core_5291_test | Error messages differ when regular user tries to RESTORE database, depending on his default role and (perhaps) system privilege USE_GBAK_UTILITY |
| bugs.core_5495_test | New users or changed passwords in legacy authentication do not work in Firebird 4 |
| bugs.core_5746_test | Remove the restriction on create/delete, enable/disable the user indexes in system tables |
| bugs.core_5790_test | User with DROP DATABASE privilege can't drop database |
| bugs.core_5823_test | No permission for SELECT access to blob field in stored procedure |
| bugs.core_5827_test | ALTER CURRENT USER fails with "no permission for <...> TABLE PLG$SRP" if current user: 1) has NO admin role and 2) wants to modify his own TAGS list |
| bugs.core_5861_test | GRANT OPTION is not checked for new object |
| bugs.core_5884_test | Initial global mapping from srp plugin does not work |
| bugs.core_5892_test | SQL SECURITY DEFINER context is not properly evaluated for monitoring tables |
| bugs.core_5898_test | ROLE not passed in EXECUTE STATEMENT ... ON EXTERNAL |
| bugs.core_5982_test | error read permission for BLOB field, when it is input/output procedure`s parametr |
| bugs.core_5985_test | Regression: ROLE does not passed in ES/EDS (specifying it in the statement is ignored) |
| bugs.core_5995_test | Creator user name is empty in user trace sessions |
| bugs.core_6078_test | Permissions for create or alter statements are not checked |
| bugs.core_6083_test | USING PLUGIN clause does not work in RECREATE USER |
| bugs.core_6142_test | Error "connection lost to database" could happen when application creates few local attachments (using XNET) simultaneously |
| bugs.core_6143_test | Error 'Multiple maps found for ...' is raised in not appropriate case |
| bugs.core_6182_test | Firebird's internal timer incorrectly resets existing timer entries |
| bugs.core_6236_test | RDB$TIME_ZONE_UTIL package has wrong privilege for PUBLIC |
| bugs.core_6237_test | Performance problem when using SRP plugin |
| bugs.core_6279_test | Put options in user management statements in any order |
| bugs.core_6479_test | COMMENT ON USER can only apply comment on user defined by the default usermanager plugin |
| bugs.core_6489_test | User without ALTER ANY ROLE privilege can use COMMENT ON ROLE |
| bugs.gh_4729_test | Grant and Revoke update (field) [CORE4407] |
| bugs.gh_5978_test | Access to the name of DB encryption key [CORE5712] |
| bugs.gh_6120_test | Support auth_plugin_list dpb/spb item from application to client [CORE5860] |
| bugs.gh_6220_test | Slow performance when executing SQL scripts as non-SYSDBA user |
| bugs.gh_7178_test | DEFAULTed grants to PUBLIC must act as DEFAULTed to every user |
| bugs.gh_7186_test | Nbackup RDB$BACKUP_HISTORY cleanup |
| bugs.gh_7188_test | Memory leak in GDS32.DLL(FBClient.DLL), when multi-database transaction has done |
| bugs.gh_7217_test | user with DROP ANY PACKAGE privilege can not execute DROP PACKAGE BODY |
| bugs.gh_7506_test | Reduce output of the SHOW GRANTS command |
| bugs.gh_7558_test | AV in engine when attaching to the non-existing database and non-SYSDBA trace session is running |
| bugs.gh_7610_test | Uninitialized/random value assigned to RDB$ROLES -> RDB$SYSTEM PRIVILEGES when restoring from FB3 backup |
| bugs.gh_7691_test | 'with caller privileges' has no effect in triggers |
| bugs.gh_7718_test | Allow to create database with different owner |
| bugs.gh_7744_test | Provide ability to run "ALTER SQL SECURITY DEFINER / INVOKER" without specifying further part of proc/func/package |
| bugs.gh_8176_test | Firebird hangs after starting remote profiling session |
| bugs.gh_8353_test | Report unique usernames for isc_info_user_names |
| bugs.gh_8429_test | Segfault when already destroyed callback interface is used |
| bugs.gh_8462_test | A user with "GRANT_REVOKE_ON_ANY_OBJECT" privilege can't revoke a role from himself if he is not a grantor |
| bugs.gh_8806_test | Missing privilege checks for the COMMENT ON PARAMETER command on functions in packages |
| functional.blob.test_insert_update_streamed_blob | INSERT or UPDATE of streamed blob must take in account appropriate user grants or such operations. |
| functional.blob.test_open_blob_without_select | Open BLOB without selection |
| functional.database.create.test_02 | Create database: non sysdba user |
| functional.fkey.common.test_non_priv_user_access_to_child_for_cascade | Child table must be updated even if current user has no privileges on it but 'CASCADE' present in FK declaration. |
| functional.fkey.common.test_non_priv_user_access_to_child_for_set_default | Child table must be updated even if current user has no privileges on it but 'SET DEFAULT' present in FK declaration. |
| functional.fkey.common.test_non_priv_user_access_to_child_for_set_null | Child table must be updated even if current user has no privileges on it but 'SET NULL' present in FK declaration. |
| functional.gtcs.test_minimum_grant_test | Minimum grant test |
| functional.gtcs.test_nested_func_01 | Test of NESTED FUNCTIONS functionality |
| functional.gtcs.test_nested_proc_01 | Test of NESTED PROCEDURES functionality |
| functional.gtcs.test_packages_name_resolution_01 | Test of packages names resolution - usage of scope specifier '%package' |
| functional.index.create.test_all_cases_basic | CREATE INDEX: check all cases |
| functional.intl.test_non_ascii_firebird_and_trace_utf8 | Check ability to obtain non-ascii content from firebird.log and trace when use ON DISCONNECT trigger and exception with non-ascii names, charset = UTF8. |
| functional.monitoring.test_04 | SYSDBA must see all attachments and their transactions, non-privileged user - only those which was of his login. |
| functional.package.constants_backup_restore_test | Package constants (#8916) - test for backup/restore. |
| functional.package.temp_tables_access_test | Temporary tables in packages (#8974) - access rights |
| functional.replication.test_blob_access_when_no_grant_for_select | Replicator must have access to the table with blob regardless SELECT grant on this table to the user who created blob. |
| functional.replication.test_grantor_not_changes_in_replica_if_owner_not_sysdba | DDL-Changes in replication does not set the correct grantor |
| functional.replication.test_missed_privilege_for_object_belonging_to_non_dba | Replication stops if GRANT issued by NON-DBA user who has RDB$ADMIN role and appropriate object (table, etc) belongs to another user |
| functional.replication.test_permission_error_on_ddl_issued_by_non_sysdba | Permission error with replication |
| functional.services.test_role_in_service_attachment | Check that trace plugin shows ROLE used in service attachment. Format: USER[:ROLE] |
| functional.session.test_ext_conn_pool_01 | External Connections Pool, functionality test 01 |
| functional.syspriv.test_access_any_object | Check ability to query, modify and deleting data plus add/drop constraints on any table |
| functional.syspriv.test_access_shutdown_database | Check ability to access to database in shutdown single mode as non-sysdba |
| functional.syspriv.test_change_header_settings | Check ability to change some database header attributes by non-sysdba user who is granted with necessary system privileges |
| functional.syspriv.test_change_mapping_rules | Check ability to manage auth mappings |
| functional.syspriv.test_change_shutdown_mode | Check ability to change database shutdown mode by non-sysdba user who is granted with necessary system privileges |
| functional.syspriv.test_create_database | Check ability to CREATE database by non-sysdba user who is granted with necessary system privilege |
| functional.syspriv.test_create_privileged_roles | Check ability of non-sysdba user to CREATE privileged role (but NOT use it) |
| functional.syspriv.test_create_user_types | Check ability to update content of RDB$TYPES |
| functional.syspriv.test_drop_database | Check ability to DROP database by non-sysdba user who is granted with necessary system privileges |
| functional.syspriv.test_grant_revoke_any_ddl_right | Check ability to grant right for issuing CREATE/ALTER/DROP statements |
| functional.syspriv.test_grant_revoke_any_object | Check ability to query, modify and deleting data plus add/drop constraints on any table |
| functional.syspriv.test_ignore_db_triggers | Check ability of non-sysdba and non-owner to ignore DB triggers |
| functional.syspriv.test_modify_ext_conn_pool | Check ability to manage external connections pool |
| functional.syspriv.test_monitor_any_attachment | Check ability to monitor any attachment |
| functional.syspriv.test_read_raw_pages | Check ability to get binary content of DB page by non-sysdba user who is granted with necessary system privilege |
| functional.syspriv.test_trace_any_attachment | Check ability to trace any attachment by non-sysdba user who is granted with necessary system privileges |
| functional.syspriv.test_use_gbak_utility | Check ability to to make database backup |
| functional.syspriv.test_use_granted_by_clause | Check ability to query, modify and deleting data plus add/drop constraints on any table |
| functional.syspriv.test_use_gstat_utility | Check ability to obtain database statistics |
| functional.syspriv.test_use_nbackup_utility | Check ability to use nbackup |
| functional.tabloid.test_fde5484d | Increase isql max password length |
| functional.trigger.create.test_create_dml_basic | CREATE TRIGGER - basic checks for DML triggers |
| functional.trigger.database.test_connect_02 | Error handling in trigger on database connect |
| functional.trigger.database.test_connect_04 | Error handling when multiple triggers on database connect exist |
| functional.trigger.database.test_disconnect_01 | Trigger on database disconnect: check that exception that raised when trigger fires is written to firebird.log |
| functional.trigger.database.test_disconnect_02 | ON DISCONNECT trigger must fire during database shutdown (gfix -shut full -force 0). |
| functional.trigger.database.test_disconnect_03 | ON DISCONNECT trigger must fire if attachment is deleted from MON$ATTACHMENTS by another attachment. |
| functional.trigger.database.test_disconnect_04 | ON DISCONNECT trigger must fire if attachment is closed by IDLE timeout. |
| functional.trigger.database.test_disconnect_05 | ON DISCONNECT trigger and OnDisconnectTriggerTimeout expiration |
| functional.trigger.database.test_disconnect_06 | ON DISCONNECT trigger: print exceptions (including cancelling) to trace if log_errors = true |