Skip to content
Snippets Groups Projects
Commit 38935e2b authored by Vladimir Davydov's avatar Vladimir Davydov Committed by Vladimir Davydov
Browse files

box: add lua_call and lua_eval grant object types 

Granting the execute privilege on the 'lua_eval' object enables
evaluaing any Lua expression via IPROTO_EVAL.

Granting the execute privilege on the 'lua_call' object enables calling
any global Lua function via IPROTO_CALL except:
 - Functions from the _func system space (see box.schema.func.create).
   Access to them is still governed only by the 'function' object type.
 - Built-in functions. We assume that all functions that were added to
   _G before loading user modules are built-in.

Note, after this change access_check_universe_object becoms unused so
it's removed (merged with access_check_universe).

Part of #8803

NO_DOC=later
parent 9f02ae54
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 315 additions and 27 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment