Problem Description
After granting a user read and write roles, I’m still seeing role violation errors when trying to perform a read.
Command used to grant ‘myuser’ read and write permissions:
Admin+> manage acl create user myuser password myuser roles read, write
User:
admin | user-admin
myuser | read, write
Error:
Error: (81) AEROSPIKE_ROLE_VIOLATION
Explanation
When granting a user multiple roles within the command line, we must separate each role with a single space. In the example above, we see that the read and write roles are separated by a comma and a space. asadm can silently fail, so running this command incorrectly actually grants the user only one role, which is called ‘read, write’. Please note that users can be successfully granted roles that don’t yet exist.
Solution
-
(Optional, but recommended) Remove the incorrectly granted role from the user
Admin+> manage acl revoke user myuser roles read, write -
Add the roles by separating them out with a single space
Admin+> manage acl create user myuser password myuser roles read write