14068276858

Committed 25 Mar 2025 07:18PM UTC coverage: 87.455% (-0.01%) from 87.466%

Build # 14068276858

Build Type

push

github

Committed by

Totktonada

Commit Message

config: apply lua_call privileges before bootstrap

This patch is a bugfix of the `lua_call` runtime access implemented in
commit 38c6b0d38254 ("config: grant runtime access to lua_call from
config").

One of the main reason for runtime privileges is to allow granting guest
user `lua_call` access before the initial bootstrap. During the
implementation of the #10857 in terms of the new behavior of the
supervised failover with the supervised bootstrap strategy it turned out
runtime privileges haven't been added as a first-phase applier making it
impossible to executing some of the lua functions before the initial
bootstrap. This patch fixes it by adding a first-phase applier.

For instance, you might allow guest connection to fetch information on
instances before the bootstrap by configuring `credentials` section like
this.

```yaml
credentials:
  guest:
    privileges:
    - permissions: [ execute ]
      lua_call: [box.info]
```

NO_DOC=see tarantool/doc#4552, added a comment on it

Run Details

70065 of 123637 branches covered (56.67%)

103171 of 117970 relevant lines covered (87.46%)

2862337.33 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

94.22

/src/lua/fiber.c

tarantool / tarantool / 14068276858

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source Not Available

Source File
Press 'n' to go to next uncovered line, 'b' for previous