db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From banda...@apache.org
Subject svn commit: r356133 [2/6] - in /db/derby/code/trunk/java: engine/org/apache/derby/iapi/db/ engine/org/apache/derby/iapi/reference/ engine/org/apache/derby/iapi/sql/compile/ engine/org/apache/derby/iapi/sql/conn/ engine/org/apache/derby/iapi/sql/diction...
Date Mon, 12 Dec 2005 03:58:19 GMT
Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/PermissionsCacheable.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/PermissionsCacheable.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/PermissionsCacheable.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/PermissionsCacheable.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,179 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.catalog.PermissionsCacheable
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+	  http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package org.apache.derby.impl.sql.catalog;
+
+import org.apache.derby.iapi.error.StandardException;
+
+import org.apache.derby.iapi.services.cache.Cacheable;
+import org.apache.derby.iapi.services.cache.CacheManager;
+import org.apache.derby.iapi.services.io.FormatableBitSet;
+
+import org.apache.derby.iapi.sql.conn.Authorizer;
+import org.apache.derby.iapi.sql.conn.ConnectionUtil;
+
+import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
+import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
+import org.apache.derby.iapi.sql.dictionary.AliasDescriptor;
+import org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.ColPermsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor;
+
+import org.apache.derby.iapi.services.sanity.SanityManager;
+
+/**
+ * This class implements a Cacheable for a DataDictionary cache of
+ * permissions.
+ */
+class PermissionsCacheable implements Cacheable
+{
+	protected final DataDictionaryImpl dd;
+	private PermissionsDescriptor permissions;
+	
+	PermissionsCacheable(DataDictionaryImpl dd)
+	{
+		this.dd = dd;
+	}
+
+	/* Cacheable interface */
+	public Cacheable setIdentity(Object key) throws StandardException
+	{
+		// If the user does not have permission then cache an empty (no permission) descriptor in
+		// case the same user asks again. That is particularly important for table permission because
+		// we ask about table permission before column permissions. If a user has permission to use a
+		// proper subset of the columns we will still ask about table permission every time he tries
+		// to access that column subset.
+		if( key instanceof TablePermsDescriptor)
+		{
+			TablePermsDescriptor tablePermsKey = (TablePermsDescriptor) key;
+			permissions = dd.getUncachedTablePermsDescriptor( tablePermsKey);
+			if( permissions == null)
+			{
+				// The owner has all privileges unless they have been revoked.
+				TableDescriptor td = dd.getTableDescriptor( tablePermsKey.getTableUUID());
+				SchemaDescriptor sd = td.getSchemaDescriptor();
+				if( sd.isSystemSchema())
+					// RESOLVE The access to system tables is hard coded to SELECT only to everyone.
+					// Is this the way we want Derby to work? Should we allow revocation of read access
+					// to system tables? If so we must explicitly add a row to the SYS.SYSTABLEPERMISSIONS
+					// table for each system table when a database is created.
+					permissions = new TablePermsDescriptor( dd,
+															tablePermsKey.getGrantee(),
+															(String) null,
+															tablePermsKey.getTableUUID(),
+															"Y", "N", "N", "N", "N", "N");
+				else if( tablePermsKey.getGrantee().equals( sd.getAuthorizationId()))
+					permissions = new TablePermsDescriptor( dd,
+															tablePermsKey.getGrantee(),
+															Authorizer.SYSTEM_AUTHORIZATION_ID,
+															tablePermsKey.getTableUUID(),
+															"Y", "Y", "Y", "Y", "Y", "Y");
+				else
+					permissions = new TablePermsDescriptor( dd,
+															tablePermsKey.getGrantee(),
+															(String) null,
+															tablePermsKey.getTableUUID(),
+															"N", "N", "N", "N", "N", "N");
+			}
+		}
+		else if( key instanceof ColPermsDescriptor)
+		{
+			ColPermsDescriptor colPermsKey = (ColPermsDescriptor) key;
+			permissions = dd.getUncachedColPermsDescriptor(colPermsKey );
+			if( permissions == null)
+				permissions = new ColPermsDescriptor( dd,
+													  colPermsKey.getGrantee(),
+													  (String) null,
+													  colPermsKey.getTableUUID(),
+													  colPermsKey.getType(),
+													  (FormatableBitSet) null);
+		}
+		else if( key instanceof RoutinePermsDescriptor)
+		{
+			RoutinePermsDescriptor routinePermsKey = (RoutinePermsDescriptor) key;
+			permissions = dd.getUncachedRoutinePermsDescriptor( routinePermsKey);
+			if( permissions == null)
+			{
+				// The owner has all privileges unless they have been revoked.
+				try
+				{
+					AliasDescriptor ad = dd.getAliasDescriptor( routinePermsKey.getRoutineUUID());
+					SchemaDescriptor sd = dd.getSchemaDescriptor( ad.getSchemaUUID(),
+																  ConnectionUtil.getCurrentLCC().getTransactionExecute());
+					if( routinePermsKey.getGrantee().equals( sd.getAuthorizationId()))
+						permissions = new RoutinePermsDescriptor( dd,
+																  routinePermsKey.getGrantee(),
+																  Authorizer.SYSTEM_AUTHORIZATION_ID,
+																  routinePermsKey.getRoutineUUID(),
+																  false);
+				}
+				catch( java.sql.SQLException sqle)
+				{
+					throw StandardException.plainWrapException( sqle);
+				}
+			}
+		}
+		else
+		{
+			if( SanityManager.DEBUG)
+				SanityManager.NOTREACHED();
+			return null;
+		}
+		if( permissions != null)
+			return this;
+		return null;
+	} // end of setIdentity
+
+	public Cacheable createIdentity(Object key, Object createParameter) throws StandardException
+	{
+		if (SanityManager.DEBUG)
+		{
+			SanityManager.ASSERT( (key instanceof TablePermsDescriptor) ||
+								  (key instanceof ColPermsDescriptor) ||
+								  (key instanceof RoutinePermsDescriptor),
+								  "Invalid class, " + key.getClass().getName()
+								  + ", passed as key to PermissionsCacheable.createIdentity");
+		}
+		if( key == null)
+			return null;
+		permissions = (PermissionsDescriptor) ((PermissionsDescriptor)key).clone();
+		return this;
+	} // end of createIdentity
+
+	public void clearIdentity()
+	{
+		permissions = null;
+	}
+
+	public Object getIdentity()
+	{
+		return permissions;
+	}
+
+	public boolean isDirty()
+	{
+		return false;
+	}
+
+	public void clean(boolean forRemove) throws StandardException
+	{
+	}
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/PermissionsCacheable.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSCOLPERMSRowFactory.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSCOLPERMSRowFactory.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSCOLPERMSRowFactory.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSCOLPERMSRowFactory.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,346 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.catalog.SYSCOLPERMSRowFactory
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package org.apache.derby.impl.sql.catalog;
+
+import org.apache.derby.iapi.sql.dictionary.PermissionsCatalogRowFactory;
+import org.apache.derby.iapi.sql.dictionary.ColPermsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
+import org.apache.derby.iapi.sql.dictionary.DataDictionary;
+import org.apache.derby.iapi.sql.dictionary.StatisticsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.SystemColumn;
+import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
+
+import org.apache.derby.iapi.error.StandardException;
+
+import org.apache.derby.iapi.services.sanity.SanityManager;
+import org.apache.derby.iapi.sql.execute.ExecRow;
+import org.apache.derby.iapi.sql.execute.ExecIndexRow;
+import org.apache.derby.iapi.sql.execute.ExecutionFactory;
+import org.apache.derby.iapi.types.TypeId;
+import org.apache.derby.iapi.types.DataValueFactory;
+import org.apache.derby.iapi.types.RowLocation;
+import org.apache.derby.iapi.types.DataTypeDescriptor;
+import org.apache.derby.iapi.types.DataValueDescriptor;
+import org.apache.derby.iapi.types.NumberDataValue;
+import org.apache.derby.iapi.types.StringDataValue;
+import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.catalog.UUID;
+import org.apache.derby.catalog.Statistics;
+import org.apache.derby.iapi.services.io.FormatableBitSet;
+
+import java.sql.Timestamp;
+
+/**
+ * Factory for creating a SYSCOLPERMS row.
+ *
+ */
+
+public class SYSCOLPERMSRowFactory extends PermissionsCatalogRowFactory
+{
+	static final String TABLENAME_STRING = "SYSCOLPERMS";
+
+    // Column numbers for the SYSCOLPERMS table. 1 based
+    private static final int GRANTEE_COL_NUM = 1;
+    private static final int GRANTOR_COL_NUM = 2;
+    private static final int TABLEID_COL_NUM = 3;
+    private static final int TYPE_COL_NUM = 4;
+    private static final int COLUMNS_COL_NUM = 5;
+    private static final int COLUMN_COUNT = 5;
+
+    public static final int GRANTEE_TABLE_TYPE_GRANTOR_INDEX_NUM = 0;
+	private static final int[][] indexColumnPositions = 
+	{ 
+		{ GRANTEE_COL_NUM, TABLEID_COL_NUM, TYPE_COL_NUM, GRANTOR_COL_NUM}
+	};
+	private static final String[][] indexColumnNames =
+	{
+		{"GRANTEE", "TABLEID", "TYPE", "GRANTOR"}
+	};
+    private static final boolean[] indexUniqueness = { true};
+
+    private	static final String[] uuids =
+    {
+        "286cc01e-0103-0e39-b8e7-00000010f010" // catalog UUID
+		,"6074401f-0103-0e39-b8e7-00000010f010"	// heap UUID
+		,"787c0020-0103-0e39-b8e7-00000010f010"	// index
+    };
+
+    private SystemColumn[] columnList;
+
+    public SYSCOLPERMSRowFactory(UUIDFactory uuidf, ExecutionFactory ef, DataValueFactory dvf,
+                                 boolean convertIdToLower)
+	{
+		super(uuidf,ef,dvf,convertIdToLower);
+		initInfo(COLUMN_COUNT, TABLENAME_STRING, indexColumnPositions, indexColumnNames, indexUniqueness, uuids);
+	}
+
+	public ExecRow makeRow(TupleDescriptor td, TupleDescriptor parent) throws StandardException
+	{
+        DataValueDescriptor grantee = null;
+        DataValueDescriptor grantor = null;
+        String tableID = null;
+        String type = null;
+        FormatableBitSet columns = null;
+
+        if( td == null)
+        {
+            grantee = getNullAuthorizationID();
+            grantor = getNullAuthorizationID();
+        }
+        else
+        {
+            ColPermsDescriptor cpd = (ColPermsDescriptor) td;
+            grantee = getAuthorizationID( cpd.getGrantee());
+            grantor = getAuthorizationID( cpd.getGrantor());
+            tableID = cpd.getTableUUID().toString();
+            type = cpd.getType();
+            columns = cpd.getColumns();
+        }
+        ExecRow row = getExecutionFactory().getValueRow( COLUMN_COUNT);
+        row.setColumn( GRANTEE_COL_NUM, grantee);
+        row.setColumn( GRANTOR_COL_NUM, grantor);
+        row.setColumn( TABLEID_COL_NUM, dvf.getCharDataValue( tableID));
+        row.setColumn( TYPE_COL_NUM, dvf.getCharDataValue( type));
+        row.setColumn( COLUMNS_COL_NUM, dvf.getDataValue( (Object) columns));
+        return row;
+    } // end of makeRow
+
+	/** builds a tuple descriptor from a row */
+	public TupleDescriptor buildDescriptor(ExecRow row,
+                                           TupleDescriptor parentTuple,
+                                           DataDictionary	dataDictionary)
+		throws StandardException
+    {
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( row.nColumns() == COLUMN_COUNT,
+                                  "Wrong size row passed to SYSCOLPERMSRowFactory.buildDescriptor");
+
+        String tableUUIDString = row.getColumn( TABLEID_COL_NUM).getString();
+        UUID tableUUID = getUUIDFactory().recreateUUID(tableUUIDString);
+        String type = row.getColumn( TYPE_COL_NUM).getString();
+        FormatableBitSet columns = (FormatableBitSet) row.getColumn( COLUMNS_COL_NUM).getObject();
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( "s".equals( type) || "S".equals( type) ||
+                                  "u".equals( type) || "U".equals( type) ||
+                                  "r".equals( type) || "R".equals( type),
+                                  "Invalid type passed to SYSCOLPERMSRowFactory.buildDescriptor");
+
+        return new ColPermsDescriptor( dataDictionary, 
+                                       getAuthorizationID( row, GRANTEE_COL_NUM),
+                                       getAuthorizationID( row, GRANTOR_COL_NUM),
+                                       tableUUID, type, columns);
+    } // end of buildDescriptor
+
+	/** builds a column list for the catalog */
+	public SystemColumn[] buildColumnList()
+    {
+		if (columnList == null)
+        {
+            columnList = new SystemColumn[ COLUMN_COUNT];
+
+            columnList[ GRANTEE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTEE"),
+                                    GRANTEE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ GRANTOR_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTOR"),
+                                    GRANTOR_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ TABLEID_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "TABLEID"),
+                                    TABLEID_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    36);
+            columnList[ TYPE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "TYPE"),
+                                    TYPE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ COLUMNS_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "COLUMNS"),
+                                    COLUMNS_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "org.apache.derby.iapi.services.io.FormatableBitSet", // datatype
+                                    false,							// built-in type
+                                    DataTypeDescriptor.MAXIMUM_WIDTH_UNKNOWN // maxLength
+                  );
+        }
+		return columnList;
+    } // end of buildColumnList
+
+	/**
+	 * builds an empty row given for a given index number.
+	 */
+  	public ExecIndexRow buildEmptyIndexRow(int indexNumber,
+                                           RowLocation rowLocation) 
+  		throws StandardException
+    {
+        ExecIndexRow row = getExecutionFactory().getIndexableRow( indexColumnPositions[indexNumber].length + 1);
+        row.setColumn( row.nColumns(), rowLocation);
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_TABLE_TYPE_GRANTOR_INDEX_NUM:
+            row.setColumn(1, getNullAuthorizationID()); // grantee
+            row.setColumn(2, getDataValueFactory().getNullChar( (StringDataValue) null)); // table UUID
+            row.setColumn(3, getDataValueFactory().getNullChar( (StringDataValue) null)); // type
+            row.setColumn(4, getNullAuthorizationID()); // grantor
+            break;
+        }
+        return row;
+    } // end of buildEmptyIndexRow
+
+	/**
+	 * builds an index key row for a given index number.
+	 */
+  	public ExecIndexRow buildIndexKeyRow( int indexNumber,
+                                          PermissionsDescriptor perm) 
+  		throws StandardException
+    {
+        ExecIndexRow row = null;
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_TABLE_TYPE_GRANTOR_INDEX_NUM:
+            // RESOLVE We do not support the FOR GRANT OPTION, so column permission rows are unique on the
+            // grantee, table UUID, and type columns. The grantor column will always have the name of the owner of the
+            // table. So the index key, used for searching the index, only has grantee, table UUID, and type columns.
+            // It does not have a grantor column.
+            //
+            // If we support FOR GRANT OPTION then there may be multiple table permissions rows for a
+            // (grantee, tableID, type) combination. We must either handle the multiple rows, which is necessary for
+            // checking permissions, or add a grantor column to the key, which is necessary for granting or revoking
+            // permissions.
+            row = getExecutionFactory().getIndexableRow( 3);
+            row.setColumn(1, getAuthorizationID( perm.getGrantee()));
+            ColPermsDescriptor colPerms = (ColPermsDescriptor) perm;
+            String tableUUIDStr = colPerms.getTableUUID().toString();
+            row.setColumn(2, getDataValueFactory().getCharDataValue( tableUUIDStr));
+            row.setColumn(3, getDataValueFactory().getCharDataValue( colPerms.getType()));
+            break;
+        }
+        return row;
+    } // end of buildIndexKeyRow
+    
+    public int getPrimaryIndexNumber()
+    {
+        return GRANTEE_TABLE_TYPE_GRANTOR_INDEX_NUM;
+    }
+
+    /**
+     * Or a set of permissions in with a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return The number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int orPermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        ColPermsDescriptor colPerms = (ColPermsDescriptor) perm;
+        FormatableBitSet existingColSet = (FormatableBitSet) row.getColumn( COLUMNS_COL_NUM).getObject();
+        FormatableBitSet newColSet = colPerms.getColumns();
+
+        boolean changed = false;
+        for( int i = newColSet.anySetBit(); i >= 0; i = newColSet.anySetBit(i))
+        {
+            if( ! existingColSet.get(i))
+            {
+                existingColSet.set( i);
+                changed = true;
+            }
+        }
+        if( changed)
+        {
+            colsChanged[ COLUMNS_COL_NUM - 1] = true;
+            return 1;
+        }
+        return 0;
+    } // end of orPermissions
+
+    /**
+     * Remove a set of permissions from a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return -1 if there are no permissions left in the row, otherwise the number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int removePermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        ColPermsDescriptor colPerms = (ColPermsDescriptor) perm;
+        FormatableBitSet removeColSet = colPerms.getColumns();
+        if( removeColSet == null)
+            // remove all of them
+            return -1;
+        
+        FormatableBitSet existingColSet = (FormatableBitSet) row.getColumn( COLUMNS_COL_NUM).getObject();
+
+        boolean changed = false;
+        for( int i = removeColSet.anySetBit(); i >= 0; i = removeColSet.anySetBit(i))
+        {
+            if( existingColSet.get(i))
+            {
+                existingColSet.clear( i);
+                changed = true;
+            }
+        }
+        if( changed)
+        {
+            colsChanged[ COLUMNS_COL_NUM - 1] = true;
+            if( existingColSet.anySetBit() < 0)
+                return -1; // No column privileges left
+            return 1; // A change, but there are some privileges left
+        }
+        return 0; // no change
+    } // end of removePermissions
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSCOLPERMSRowFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSREQUIREDPERMRowFactory.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSREQUIREDPERMRowFactory.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSREQUIREDPERMRowFactory.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSREQUIREDPERMRowFactory.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,235 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.catalog.SYSREQUIREDPERMRowFactory
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package org.apache.derby.impl.sql.catalog;
+
+import org.apache.derby.iapi.sql.dictionary.SystemColumn;
+import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.StatisticsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.DataDictionary;
+import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
+import org.apache.derby.iapi.sql.dictionary.CatalogRowFactory;
+import org.apache.derby.iapi.sql.dictionary.RequiredPermDescriptor;
+
+import org.apache.derby.iapi.error.StandardException;
+
+import org.apache.derby.iapi.services.sanity.SanityManager;
+import org.apache.derby.iapi.services.io.FormatableBitSet;
+
+import org.apache.derby.iapi.sql.execute.ExecRow;
+import org.apache.derby.iapi.sql.execute.ExecIndexRow;
+import org.apache.derby.iapi.sql.execute.ExecutionFactory;
+import org.apache.derby.iapi.types.TypeId;
+import org.apache.derby.iapi.types.DataValueFactory;
+import org.apache.derby.iapi.types.RowLocation;
+import org.apache.derby.iapi.types.DataTypeDescriptor;
+import org.apache.derby.iapi.types.DataValueDescriptor;
+import org.apache.derby.iapi.types.StringDataValue;
+import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.catalog.UUID;
+import org.apache.derby.catalog.Statistics;
+
+import java.sql.Timestamp;
+
+/**
+ * Factory for creating a SYSREQUIREDPERM row.
+ *
+ */
+
+public class SYSREQUIREDPERMRowFactory extends CatalogRowFactory
+{
+	static final String TABLENAME_STRING = "SYSREQUIREDPERM";
+
+    // Column numbers for the SYSREQUIREDPERM table. 1 based
+    private static final int OPERATOR_COL_NUM = 1;
+    private static final int OPERATORTYPE_COL_NUM = 2;
+    private static final int PERMTYPE_COL_NUM = 3;
+    private static final int OBJECT_COL_NUM = 4;
+    private static final int COLUMNS_COL_NUM = 5;
+    private static final int COLUMN_COUNT = 5;
+
+    static final int OPERATOR_AND_TYPE_INDEX_NUM = 0;
+
+    private	static final String[] uuids =
+    {
+        "80840021-0103-0e39-b8e7-00000010f010" // catalog UUID
+		,"888c4022-0103-0e39-b8e7-00000010f010"	// heap UUID
+		,"a094c023-0103-0e39-b8e7-00000010f010"	// index
+    };
+	private static final int[][] indexColumnPositions = 
+	{ 
+		{ OPERATOR_COL_NUM, OPERATORTYPE_COL_NUM}
+	};
+	private static final String[][] indexColumnNames =
+	{
+		{"OPERATOR", "OPERATORTYPE"}
+	};
+    private static final boolean[] indexUniqueness = { false};
+
+    private SystemColumn[] columnList;
+
+    public SYSREQUIREDPERMRowFactory(UUIDFactory uuidf, ExecutionFactory ef, DataValueFactory dvf,
+                                     boolean convertIdToLower)
+	{
+		super(uuidf,ef,dvf,convertIdToLower);
+		initInfo( COLUMN_COUNT, TABLENAME_STRING, indexColumnPositions, indexColumnNames, indexUniqueness, uuids);
+	}
+
+	public ExecRow makeRow(TupleDescriptor td, TupleDescriptor parent) throws StandardException
+	{
+        String operatorId = null;
+        String operatorType = null;
+        String permType = null;
+        String objectId = null;
+        FormatableBitSet columns = null;
+        
+        if( td != null)
+        {
+            RequiredPermDescriptor rpd = (RequiredPermDescriptor) td;
+            if( rpd.getOperatorUUID() != null)
+                operatorId = rpd.getOperatorUUID().toString();
+            operatorType = rpd.getOperatorType();
+            permType = rpd.getPermType();
+            if( rpd.getObjectUUID() != null)
+                objectId = rpd.getObjectUUID().toString();
+            columns = rpd.getColumns();
+        }
+        ExecRow row = getExecutionFactory().getValueRow( COLUMN_COUNT);
+        row.setColumn( OPERATOR_COL_NUM, dvf.getCharDataValue( operatorId));
+        row.setColumn( OPERATORTYPE_COL_NUM, dvf.getCharDataValue( operatorType));
+        row.setColumn( PERMTYPE_COL_NUM, dvf.getCharDataValue( permType));
+        row.setColumn( OBJECT_COL_NUM, dvf.getCharDataValue( objectId));
+        row.setColumn( COLUMNS_COL_NUM, dvf.getDataValue( (Object) columns));
+        return row;
+    } // end of makeRow
+            
+	/** builds a tuple descriptor from a row */
+	public TupleDescriptor buildDescriptor(ExecRow row,
+                                           TupleDescriptor parentTuple,
+                                           DataDictionary	dataDictionary)
+		throws StandardException
+    {
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( row.nColumns() == COLUMN_COUNT,
+                                  "Wrong size row passed to SYSREQUIREDPERMRowFactory.buildDescriptor");
+
+        String operatorUUIDString = row.getColumn( OPERATOR_COL_NUM).getString();
+        UUID operatorUUID = getUUIDFactory().recreateUUID(operatorUUIDString);
+        String operatorType  = row.getColumn( OPERATORTYPE_COL_NUM).getString();
+        String permType  = row.getColumn( PERMTYPE_COL_NUM).getString();
+        String objectUUIDString = row.getColumn( OBJECT_COL_NUM).getString();
+        UUID objectUUID = getUUIDFactory().recreateUUID(objectUUIDString);
+        FormatableBitSet columns = (FormatableBitSet) row.getColumn( COLUMNS_COL_NUM).getObject();
+        if( SanityManager.DEBUG)
+        {
+            SanityManager.ASSERT( "V".equals( operatorType) || "T".equals( operatorType) || "C".equals( operatorType),
+                                  "Invalid operatorType, " + operatorType
+                                  + ", passed to SYSREQUIREDPERMRowFactory.buildDescriptor");
+            SanityManager.ASSERT( "S".equals( permType) || "D".equals( permType) || "I".equals( permType) ||
+                                  "U".equals( permType) || "E".equals( permType),
+                                  "Invalid permType, " + permType
+                                  + ", passed to SYSREQUIREDPERMRowFactory.buildDescriptor");
+        }
+        return new RequiredPermDescriptor( operatorUUID, operatorType, permType, objectUUID, columns);
+    } // end of buildDescriptor
+
+	/** builds a column list for the catalog */
+	public SystemColumn[] buildColumnList()
+    {
+		if (columnList == null)
+        {
+            columnList = new SystemColumn[ COLUMN_COUNT];
+
+            columnList[ OPERATOR_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "OPERATOR"),
+                                    OPERATOR_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    36);
+            columnList[ OPERATORTYPE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "OPERATORTYPE"),
+                                    OPERATORTYPE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ PERMTYPE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "PERMTYPE"),
+                                    PERMTYPE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ OBJECT_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "OBJECT"),
+                                    OBJECT_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    36);
+            columnList[ COLUMNS_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "COLUMNS"),
+                                    COLUMNS_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "org.apache.derby.iapi.services.io.FormatableBitSet", // datatype
+                                    false,							// built-in type
+                                    DataTypeDescriptor.MAXIMUM_WIDTH_UNKNOWN // maxLength
+                  );
+        }
+		return columnList;
+    } // end of buildColumnList
+
+	/**
+	 * builds an empty row given for a given index number.
+	 */
+  	public ExecIndexRow buildEmptyIndexRow(int indexNumber,
+                                           RowLocation rowLocation) 
+  		throws StandardException
+    {
+        ExecIndexRow row = null;
+        
+        switch( indexNumber)
+        {
+        case OPERATOR_AND_TYPE_INDEX_NUM:
+            row = getExecutionFactory().getIndexableRow( 3);
+            row.setColumn(1, getDataValueFactory().getNullChar( (StringDataValue) null)); // operator UUID
+            row.setColumn(2, getDataValueFactory().getNullChar( (StringDataValue) null)); // operator type
+            break;
+
+        default:
+            if( SanityManager.DEBUG)
+                SanityManager.THROWASSERT( "Invalid index number passed to SYSREQUIREDPERMRowFactory.buildEmptyIndexRow");
+            return null;
+        }
+        row.setColumn( row.nColumns(), rowLocation);
+        return row;
+    } // end of buildEmptyIndexRow
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSREQUIREDPERMRowFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROUTINEPERMSRowFactory.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROUTINEPERMSRowFactory.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROUTINEPERMSRowFactory.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROUTINEPERMSRowFactory.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,281 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.catalog.SYSROUTINEPERMSRowFactory
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package org.apache.derby.impl.sql.catalog;
+
+import org.apache.derby.iapi.sql.dictionary.SystemColumn;
+import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.DataDictionary;
+import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
+import org.apache.derby.iapi.sql.dictionary.PermissionsCatalogRowFactory;
+import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
+
+import org.apache.derby.iapi.error.StandardException;
+
+import org.apache.derby.iapi.services.sanity.SanityManager;
+import org.apache.derby.iapi.sql.execute.ExecRow;
+import org.apache.derby.iapi.sql.execute.ExecIndexRow;
+import org.apache.derby.iapi.sql.execute.ExecutionFactory;
+import org.apache.derby.iapi.types.TypeId;
+import org.apache.derby.iapi.types.DataValueFactory;
+import org.apache.derby.iapi.types.RowLocation;
+import org.apache.derby.iapi.types.DataValueDescriptor;
+import org.apache.derby.iapi.types.NumberDataValue;
+import org.apache.derby.iapi.types.StringDataValue;
+import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.catalog.UUID;
+import org.apache.derby.catalog.Statistics;
+
+import java.sql.Timestamp;
+
+/**
+ * Factory for creating a SYSROUTINEPERMS row.
+ *
+ */
+
+public class SYSROUTINEPERMSRowFactory extends PermissionsCatalogRowFactory
+{
+	static final String TABLENAME_STRING = "SYSROUTINEPERMS";
+
+    // Column numbers for the SYSROUTINEPERMS table. 1 based
+    private static final int GRANTEE_COL_NUM = 1;
+    private static final int GRANTOR_COL_NUM = 2;
+    private static final int ALIASID_COL_NUM = 3;
+    private static final int GRANTOPTION_COL_NUM = 4;
+    private static final int COLUMN_COUNT = 4;
+
+    static final int GRANTEE_ALIAS_GRANTOR_INDEX_NUM = 0;
+	private static final int[][] indexColumnPositions = 
+	{ 
+		{ GRANTEE_COL_NUM, ALIASID_COL_NUM, GRANTOR_COL_NUM}
+	};
+	private static final String[][] indexColumnNames =
+	{
+		{"GRANTEE", "ALIASID", "GRANTOR"}
+	};
+    private static final boolean[] indexUniqueness = { true};
+
+    private	static final String[] uuids =
+    {
+        "2057c01b-0103-0e39-b8e7-00000010f010" // catalog UUID
+		,"185e801c-0103-0e39-b8e7-00000010f010"	// heap UUID
+		,"c065801d-0103-0e39-b8e7-00000010f010"	// index
+    };
+
+    private SystemColumn[] columnList;
+
+    public SYSROUTINEPERMSRowFactory(UUIDFactory uuidf, ExecutionFactory ef, DataValueFactory dvf,
+                                     boolean convertIdToLower)
+	{
+		super(uuidf,ef,dvf,convertIdToLower);
+		initInfo( COLUMN_COUNT, TABLENAME_STRING, indexColumnPositions, indexColumnNames, indexUniqueness, uuids);
+	}
+
+	public ExecRow makeRow(TupleDescriptor td, TupleDescriptor parent) throws StandardException
+	{
+        DataValueDescriptor grantee = null;
+        DataValueDescriptor grantor = null;
+        String routineID = null;
+        
+        if( td == null)
+        {
+            grantee = getNullAuthorizationID();
+            grantor = getNullAuthorizationID();
+        }
+        else
+        {
+            RoutinePermsDescriptor rpd = (RoutinePermsDescriptor) td;
+            grantee = getAuthorizationID( rpd.getGrantee());
+            grantor = getAuthorizationID( rpd.getGrantor());
+            if( rpd.getRoutineUUID() != null)
+                routineID = rpd.getRoutineUUID().toString();
+        }
+		ExecRow row = getExecutionFactory().getValueRow( COLUMN_COUNT);
+        row.setColumn( GRANTEE_COL_NUM, grantee);
+        row.setColumn( GRANTOR_COL_NUM, grantor);
+        row.setColumn( ALIASID_COL_NUM, dvf.getCharDataValue( routineID));
+        row.setColumn( GRANTOPTION_COL_NUM, dvf.getCharDataValue( "N"));
+        return row;
+    } // end of makeRow
+            
+	/** builds a tuple descriptor from a row */
+	public TupleDescriptor buildDescriptor(ExecRow row,
+                                           TupleDescriptor parentTuple,
+                                           DataDictionary	dataDictionary)
+		throws StandardException
+    {
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( row.nColumns() == COLUMN_COUNT,
+                                  "Wrong size row passed to SYSROUTINEPERMSRowFactory.buildDescriptor");
+
+        String aliasUUIDString = row.getColumn( ALIASID_COL_NUM).getString();
+        UUID aliasUUID = getUUIDFactory().recreateUUID(aliasUUIDString);
+
+        return new RoutinePermsDescriptor( dataDictionary,
+                                           getAuthorizationID( row, GRANTEE_COL_NUM),
+                                           getAuthorizationID( row, GRANTOR_COL_NUM),
+                                           aliasUUID);
+    } // end of buildDescriptor
+
+	/** builds a column list for the catalog */
+	public SystemColumn[] buildColumnList()
+    {
+		if (columnList == null)
+        {
+            columnList = new SystemColumn[ COLUMN_COUNT];
+
+            columnList[ GRANTEE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTEE"),
+                                    GRANTEE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ GRANTOR_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTOR"),
+                                    GRANTOR_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ ALIASID_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "ALIASID"),
+                                    ALIASID_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    36);
+            columnList[ GRANTOPTION_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTOPTION"),
+                                    GRANTOPTION_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+        }
+		return columnList;
+    } // end of buildColumnList
+
+	/**
+	 * builds an empty row given for a given index number.
+	 */
+  	public ExecIndexRow buildEmptyIndexRow(int indexNumber,
+                                           RowLocation rowLocation)
+  		throws StandardException
+    {
+        ExecIndexRow row = getExecutionFactory().getIndexableRow( indexColumnPositions[indexNumber].length + 1);
+        row.setColumn( row.nColumns(), rowLocation);
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_ALIAS_GRANTOR_INDEX_NUM:
+            row.setColumn(1, getNullAuthorizationID()); // grantee
+            row.setColumn(2, getDataValueFactory().getNullChar( (StringDataValue) null)); // table UUID
+            row.setColumn(3, getNullAuthorizationID()); // grantor
+            break;
+        }
+        return row;
+    } // end of buildEmptyIndexRow
+
+	/**
+	 * builds an index key row given for a given index number.
+	 */
+  	public ExecIndexRow buildIndexKeyRow( int indexNumber,
+                                          PermissionsDescriptor perm) 
+  		throws StandardException
+    {
+        ExecIndexRow row = null;
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_ALIAS_GRANTOR_INDEX_NUM:
+            // RESOLVE We do not support the FOR GRANT OPTION, so rougine permission rows are unique on the
+            // grantee and alias UUID columns. The grantor column will always have the name of the owner of the
+            // routine. So the index key, used for searching the index, only has grantee and alias UUID columns.
+            // It does not have a grantor column.
+            //
+            // If we support FOR GRANT OPTION then there may be multiple routine permissions rows for a
+            // (grantee, aliasID) combination. Since there is only one kind of routine permission (execute)
+            // execute permission checking need not worry about multiple routine permission rows for a
+            // (grantee, aliasID) combination, it only cares whether there are any. Grant and revoke must
+            // look through multiple rows to see if the current user has grant/revoke permission and use
+            // the full key in checking for the pre-existence of the permission being granted or revoked.
+            row = getExecutionFactory().getIndexableRow( 2);
+            row.setColumn(1, getAuthorizationID( perm.getGrantee()));
+            String routineUUIDStr = ((RoutinePermsDescriptor) perm).getRoutineUUID().toString();
+            row.setColumn(2, getDataValueFactory().getCharDataValue( routineUUIDStr));
+            break;
+        }
+        return row;
+    } // end of buildIndexKeyRow
+    
+    public int getPrimaryIndexNumber()
+    {
+        return GRANTEE_ALIAS_GRANTOR_INDEX_NUM;
+    }
+
+    /**
+     * Or a set of permissions in with a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return The number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int orPermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        // There is only one kind of routine permission: execute or not. So the row would not exist
+        // unless execute permission is there.
+        // This changes if we implement WITH GRANT OPTION.
+        return 0;
+    }
+
+    /**
+     * Remove a set of permissions from a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return -1 if there are no permissions left in the row, otherwise the number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int removePermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        return -1; // There is only one kind of routine privilege so delete the whole row.
+    } // end of removePermissions
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROUTINEPERMSRowFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSTABLEPERMSRowFactory.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSTABLEPERMSRowFactory.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSTABLEPERMSRowFactory.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSTABLEPERMSRowFactory.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,421 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.catalog.SYSTABLEPERMSRowFactory
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package org.apache.derby.impl.sql.catalog;
+
+import org.apache.derby.catalog.UUID;
+import org.apache.derby.iapi.error.StandardException;
+import org.apache.derby.iapi.services.sanity.SanityManager;
+import org.apache.derby.iapi.services.uuid.UUIDFactory;
+import org.apache.derby.iapi.sql.dictionary.PermissionsCatalogRowFactory;
+import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
+import org.apache.derby.iapi.sql.dictionary.DataDictionary;
+import org.apache.derby.iapi.sql.dictionary.SystemColumn;
+import org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor;
+import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;
+import org.apache.derby.iapi.sql.execute.ExecIndexRow;
+import org.apache.derby.iapi.sql.execute.ExecRow;
+import org.apache.derby.iapi.sql.execute.ExecutionFactory;
+import org.apache.derby.iapi.types.DataValueDescriptor;
+import org.apache.derby.iapi.types.DataValueFactory;
+import org.apache.derby.iapi.types.RowLocation;
+import org.apache.derby.iapi.types.StringDataValue;
+
+/**
+ * Factory for creating a SYSTABLEPERMS row.
+ *
+ */
+
+public class SYSTABLEPERMSRowFactory extends PermissionsCatalogRowFactory
+{
+	static final String TABLENAME_STRING = "SYSTABLEPERMS";
+
+    // Column numbers for the SYSTABLEPERMS table. 1 based
+    private static final int GRANTEE_COL_NUM = 1;
+    private static final int GRANTOR_COL_NUM = 2;
+    private static final int TABLEID_COL_NUM = 3;
+    private static final int SELECTPRIV_COL_NUM = 4;
+    private static final int DELETEPRIV_COL_NUM = 5;
+    private static final int INSERTPRIV_COL_NUM = 6;
+    private static final int UPDATEPRIV_COL_NUM = 7;
+    private static final int REFERENCESPRIV_COL_NUM = 8;
+    private static final int TRIGGERPRIV_COL_NUM = 9;
+    private static final int COLUMN_COUNT = 9;
+
+    public static final int GRANTEE_TABLE_GRANTOR_INDEX_NUM = 0;
+	private static final int[][] indexColumnPositions = 
+	{ 
+		{ GRANTEE_COL_NUM, TABLEID_COL_NUM, GRANTOR_COL_NUM}
+	};
+	private static final String[][] indexColumnNames =
+	{
+		{"GRANTEE", "TABLEID", "GRANTOR"}
+	};
+    private static final boolean[] indexUniqueness = { true};
+    
+    private	static final String[] uuids =
+    {
+        "b8450018-0103-0e39-b8e7-00000010f010" // catalog UUID
+		,"004b0019-0103-0e39-b8e7-00000010f010"	// heap UUID
+		,"c851401a-0103-0e39-b8e7-00000010f010"	// index
+    };
+
+    private SystemColumn[] columnList;
+
+    public SYSTABLEPERMSRowFactory(UUIDFactory uuidf, ExecutionFactory ef, DataValueFactory dvf,
+                                   boolean convertIdToLower)
+	{
+		super(uuidf,ef,dvf,convertIdToLower);
+		initInfo(COLUMN_COUNT, TABLENAME_STRING, indexColumnPositions, indexColumnNames, indexUniqueness, uuids);
+	}
+
+	public ExecRow makeRow(TupleDescriptor td, TupleDescriptor parent) throws StandardException
+	{
+        DataValueDescriptor grantee = null;
+        DataValueDescriptor grantor = null;
+        String tableID = null;
+        String selectPriv = null;
+        String deletePriv = null;
+        String insertPriv = null;
+        String updatePriv = null;
+        String referencesPriv = null;
+        String triggerPriv = null;
+
+        if( td == null)
+        {
+            grantee = getNullAuthorizationID();
+            grantor = getNullAuthorizationID();
+        }
+        else
+        {
+            TablePermsDescriptor tpd = (TablePermsDescriptor) td;
+            grantee = getAuthorizationID( tpd.getGrantee());
+            grantor = getAuthorizationID( tpd.getGrantor());
+            tableID = tpd.getTableUUID().toString();
+            selectPriv = tpd.getSelectPriv();
+            deletePriv = tpd.getDeletePriv();
+            insertPriv = tpd.getInsertPriv();
+            updatePriv = tpd.getUpdatePriv();
+            referencesPriv = tpd.getReferencesPriv();
+            triggerPriv = tpd.getTriggerPriv();
+        }
+        ExecRow row = getExecutionFactory().getValueRow( COLUMN_COUNT);
+        row.setColumn( GRANTEE_COL_NUM, grantee);
+        row.setColumn( GRANTOR_COL_NUM, grantor);
+        row.setColumn( TABLEID_COL_NUM, dvf.getCharDataValue( tableID));
+        row.setColumn( SELECTPRIV_COL_NUM, dvf.getCharDataValue( selectPriv));
+        row.setColumn( DELETEPRIV_COL_NUM, dvf.getCharDataValue( deletePriv));
+        row.setColumn( INSERTPRIV_COL_NUM, dvf.getCharDataValue( insertPriv));
+        row.setColumn( UPDATEPRIV_COL_NUM, dvf.getCharDataValue( updatePriv));
+        row.setColumn( REFERENCESPRIV_COL_NUM,dvf.getCharDataValue(  referencesPriv));
+        row.setColumn( TRIGGERPRIV_COL_NUM, dvf.getCharDataValue( triggerPriv));
+
+        return row;
+    } // end of makeRow
+            
+	/** builds a tuple descriptor from a row */
+	public TupleDescriptor buildDescriptor(ExecRow row,
+                                           TupleDescriptor parentTuple,
+                                           DataDictionary dataDictionary)
+		throws StandardException
+    {
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( row.nColumns() == COLUMN_COUNT,
+                                  "Wrong size row passed to SYSTABLEPERMSRowFactory.buildDescriptor");
+
+        String tableUUIDString = row.getColumn( TABLEID_COL_NUM).getString();
+        UUID tableUUID = getUUIDFactory().recreateUUID(tableUUIDString);
+        String selectPriv  = row.getColumn( SELECTPRIV_COL_NUM).getString();
+        String deletePriv  = row.getColumn( DELETEPRIV_COL_NUM).getString();
+        String insertPriv  = row.getColumn( INSERTPRIV_COL_NUM).getString();
+        String updatePriv  = row.getColumn( UPDATEPRIV_COL_NUM).getString();
+        String referencesPriv  = row.getColumn( REFERENCESPRIV_COL_NUM).getString();
+        String triggerPriv  = row.getColumn( TRIGGERPRIV_COL_NUM).getString();
+        if( SanityManager.DEBUG)
+        {
+            SanityManager.ASSERT( "y".equals(selectPriv) || "Y".equals(selectPriv) || "N".equals(selectPriv),
+                                  "Invalid SYSTABLEPERMS.selectPriv column value: " + selectPriv);
+            SanityManager.ASSERT( "y".equals(deletePriv) || "Y".equals(deletePriv) || "N".equals(deletePriv),
+                                  "Invalid SYSTABLEPERMS.deletePriv column value: " + deletePriv);
+            SanityManager.ASSERT( "y".equals(insertPriv) || "Y".equals(insertPriv) || "N".equals(insertPriv),
+                                  "Invalid SYSTABLEPERMS.insertPriv column value: " + insertPriv);
+            SanityManager.ASSERT( "y".equals(updatePriv) || "Y".equals(updatePriv) || "N".equals(updatePriv),
+                                  "Invalid SYSTABLEPERMS.updatePriv column value: " + updatePriv);
+            SanityManager.ASSERT( "y".equals(referencesPriv) || "Y".equals(referencesPriv) || "N".equals(referencesPriv),
+                                  "Invalid SYSTABLEPERMS.referencesPriv column value: " + referencesPriv);
+            SanityManager.ASSERT( "y".equals(triggerPriv) || "Y".equals(triggerPriv) || "N".equals(triggerPriv),
+                                  "Invalid SYSTABLEPERMS.triggerPriv column value: " + triggerPriv);
+        }
+
+        return new TablePermsDescriptor( dataDictionary,
+                                         getAuthorizationID( row, GRANTEE_COL_NUM),
+                                         getAuthorizationID( row, GRANTOR_COL_NUM),
+                                         tableUUID,
+                                         selectPriv, deletePriv, insertPriv,
+                                         updatePriv, referencesPriv, triggerPriv);
+    } // end of buildDescriptor
+
+	/** builds a column list for the catalog */
+	public SystemColumn[] buildColumnList()
+    {
+		if (columnList == null)
+        {
+            columnList = new SystemColumn[ COLUMN_COUNT];
+
+            columnList[ GRANTEE_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTEE"),
+                                    GRANTEE_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ GRANTOR_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "GRANTOR"),
+                                    GRANTOR_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    AUTHORIZATION_ID_TYPE,
+                                    AUTHORIZATION_ID_IS_BUILTIN_TYPE,
+                                    AUTHORIZATION_ID_LENGTH);
+            columnList[ TABLEID_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "TABLEID"),
+                                    TABLEID_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    36);
+            columnList[ SELECTPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "SELECTPRIV"),
+                                    SELECTPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ DELETEPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "DELETEPRIV"),
+                                    DELETEPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ INSERTPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "INSERTPRIV"),
+                                    INSERTPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ UPDATEPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "UPDATEPRIV"),
+                                    UPDATEPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ REFERENCESPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "REFERENCESPRIV"),
+                                    REFERENCESPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+            columnList[ TRIGGERPRIV_COL_NUM - 1] =
+              new SystemColumnImpl( convertIdCase( "TRIGGERPRIV"),
+                                    TRIGGERPRIV_COL_NUM,
+                                    0, // precision
+                                    0, // scale
+                                    false, // nullability
+                                    "CHAR", // dataType
+                                    true, // built-in type
+                                    1);
+        }
+		return columnList;
+    } // end of buildColumnList
+
+	/**
+	 * builds an empty row given for a given index number.
+	 */
+  	public ExecIndexRow buildEmptyIndexRow(int indexNumber,
+                                           RowLocation rowLocation)
+  		throws StandardException
+    {
+        ExecIndexRow row = getExecutionFactory().getIndexableRow( indexColumnPositions[indexNumber].length + 1);
+        row.setColumn( row.nColumns(), rowLocation);
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_TABLE_GRANTOR_INDEX_NUM:
+            row.setColumn(1, getNullAuthorizationID()); // grantee
+            row.setColumn(2, getDataValueFactory().getNullChar( (StringDataValue) null)); // table UUID
+            row.setColumn(3, getNullAuthorizationID()); // grantor
+            break;
+        }
+        return row;
+    } // end of buildEmptyIndexRow
+
+	/**
+	 * builds a key row given for a given index number.
+	 */
+  	public ExecIndexRow buildIndexKeyRow( int indexNumber,
+                                          PermissionsDescriptor perm) 
+  		throws StandardException
+    {
+        ExecIndexRow row = null;
+        
+        switch( indexNumber)
+        {
+        case GRANTEE_TABLE_GRANTOR_INDEX_NUM:
+            // RESOLVE We do not support the FOR GRANT OPTION, so table permission rows are unique on the
+            // grantee and table UUID columns. The grantor column will always have the name of the owner of the
+            // table. So the index key, used for searching the index, only has grantee and table UUID columns.
+            // It does not have a grantor column.
+            //
+            // If we support FOR GRANT OPTION then there may be multiple table permissions rows for a
+            // (grantee, tableID) combination. We must either handle the multiple rows, which is necessary for
+            // checking permissions, or add a grantor column to the key, which is necessary for granting or revoking
+            // permissions.
+            row = getExecutionFactory().getIndexableRow( 2);
+            row.setColumn(1, getAuthorizationID( perm.getGrantee()));
+            String tableUUIDStr = ((TablePermsDescriptor) perm).getTableUUID().toString();
+            row.setColumn(2, getDataValueFactory().getCharDataValue( tableUUIDStr));
+            break;
+        }
+        return row;
+    } // end of buildIndexRow
+    
+    public int getPrimaryIndexNumber()
+    {
+        return GRANTEE_TABLE_GRANTOR_INDEX_NUM;
+    }
+
+    /**
+     * Or a set of permissions in with a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return The number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int orPermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        TablePermsDescriptor tablePerms = (TablePermsDescriptor) perm;
+        int changeCount = 0;
+        changeCount += orOnePermission( row, colsChanged, SELECTPRIV_COL_NUM, tablePerms.getSelectPriv());
+        changeCount += orOnePermission( row, colsChanged, DELETEPRIV_COL_NUM, tablePerms.getDeletePriv());
+        changeCount += orOnePermission( row, colsChanged, INSERTPRIV_COL_NUM, tablePerms.getInsertPriv());
+        changeCount += orOnePermission( row, colsChanged, UPDATEPRIV_COL_NUM, tablePerms.getUpdatePriv());
+        changeCount += orOnePermission( row, colsChanged, REFERENCESPRIV_COL_NUM, tablePerms.getReferencesPriv());
+        changeCount += orOnePermission( row, colsChanged, TRIGGERPRIV_COL_NUM, tablePerms.getTriggerPriv());
+
+        return changeCount;
+    } // end of orPermissions
+
+    private int orOnePermission( ExecRow row, boolean[] colsChanged, int column, String permission)
+        throws StandardException
+    {
+        if( permission.charAt(0) == 'N')
+            return 0;
+
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( permission.charAt(0) == 'Y' || permission.charAt(0) == 'y',
+                                  "Invalid permission passed to SYSTABLEPERMSRowFactory.orOnePermission");
+        DataValueDescriptor existingPermDVD = row.getColumn( column);
+        char existingPerm = existingPermDVD.getString().charAt(0);
+        if( existingPerm == 'Y' || existingPerm == permission.charAt(0))
+            return 0;
+        existingPermDVD.setValue( permission);
+        colsChanged[ column - 1] = true;
+        return 1;
+    } // end of orOnePermission
+
+    /**
+     * Remove a set of permissions from a row from this catalog table
+     *
+     * @param row an existing row
+     * @param perm a permission descriptor of the appropriate class for this PermissionsCatalogRowFactory class.
+     * @param colsChanged An array with one element for each column in row. It is updated to
+     *                    indicate which columns in row were changed
+     *
+     * @return -1 if there are no permissions left in the row, otherwise the number of columns that were changed.
+     *
+     * @exception StandardException standard error policy
+     */
+    public int removePermissions( ExecRow row, PermissionsDescriptor perm, boolean[] colsChanged)
+        throws StandardException
+    {
+        TablePermsDescriptor tablePerms = (TablePermsDescriptor) perm;
+        int changeCount = 0;
+        boolean permissionsLeft =
+          ( removeOnePermission( row, colsChanged, SELECTPRIV_COL_NUM, tablePerms.getSelectPriv()) |
+            removeOnePermission( row, colsChanged, DELETEPRIV_COL_NUM, tablePerms.getDeletePriv()) |
+            removeOnePermission( row, colsChanged, INSERTPRIV_COL_NUM, tablePerms.getInsertPriv()) |
+            removeOnePermission( row, colsChanged, UPDATEPRIV_COL_NUM, tablePerms.getUpdatePriv()) |
+            removeOnePermission( row, colsChanged, REFERENCESPRIV_COL_NUM, tablePerms.getReferencesPriv()) |
+            removeOnePermission( row, colsChanged, TRIGGERPRIV_COL_NUM, tablePerms.getTriggerPriv()));
+        if( ! permissionsLeft)
+            return -1;
+        for( int i = 0; i < colsChanged.length; i++)
+        {
+            if( colsChanged[ i])
+                changeCount++;
+        }
+        return changeCount;
+    } // end of removePermissions
+
+    private boolean removeOnePermission( ExecRow row, boolean[] colsChanged, int column, String permission)
+        throws StandardException
+    {
+        DataValueDescriptor existingPermDVD = row.getColumn( column);
+        char existingPerm = existingPermDVD.getString().charAt(0);
+
+        if( permission.charAt(0) == 'N') // Don't remove this one
+            return existingPerm != 'N'; // The grantee still has some permissions on this table
+        if( SanityManager.DEBUG)
+            SanityManager.ASSERT( permission.charAt(0) == 'Y' || permission.charAt(0) == 'y',
+                                  "Invalid permission passed to SYSTABLEPERMSRowFactory.removeOnePermission");
+        if( existingPerm != 'N')
+        {
+            existingPermDVD.setValue( "N");
+            colsChanged[ column - 1] = true;
+        }
+        return false;
+    } // end of removeOnePermission
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSTABLEPERMSRowFactory.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/C_NodeNames.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/C_NodeNames.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/C_NodeNames.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/C_NodeNames.java Sun Dec 11 19:57:33 2005
@@ -142,6 +142,8 @@
 
 	static final String GET_CURRENT_CONNECTION_NODE_NAME = "org.apache.derby.impl.sql.compile.GetCurrentConnectionNode";
 
+	static final String GRANT_NODE_NAME = "org.apache.derby.impl.sql.compile.GrantNode";
+    
 	static final String GROUP_BY_COLUMN_NAME = "org.apache.derby.impl.sql.compile.GroupByColumn";
 
 	static final String GROUP_BY_LIST_NAME = "org.apache.derby.impl.sql.compile.GroupByList";
@@ -202,6 +204,8 @@
 
 	static final String PREDICATE_LIST_NAME = "org.apache.derby.impl.sql.compile.PredicateList";
 
+	static final String PRIVILEGE_NAME = "org.apache.derby.impl.sql.compile.PrivilegeNode";
+
 	static final String PROJECT_RESTRICT_NODE_NAME = "org.apache.derby.impl.sql.compile.ProjectRestrictNode";
 
 	static final String READ_CURSOR_NODE_NAME = "org.apache.derby.impl.sql.compile.ReadCursorNode";
@@ -212,6 +216,8 @@
 
 	static final String RESULT_COLUMN_LIST_NAME = "org.apache.derby.impl.sql.compile.ResultColumnList";
 
+	static final String REVOKE_NODE_NAME = "org.apache.derby.impl.sql.compile.RevokeNode";
+    
 	static final String ROW_RESULT_SET_NODE_NAME = "org.apache.derby.impl.sql.compile.RowResultSetNode";
 
 	static final String SQL_BOOLEAN_CONSTANT_NODE_NAME = "org.apache.derby.impl.sql.compile.SQLBooleanConstantNode";
@@ -243,6 +249,8 @@
 	static final String TABLE_ELEMENT_NODE_NAME = "org.apache.derby.impl.sql.compile.TableElementNode";
 
 	static final String TABLE_NAME_NAME = "org.apache.derby.impl.sql.compile.TableName";
+
+	static final String TABLE_PRIVILEGES_NAME = "org.apache.derby.impl.sql.compile.TablePrivilegesNode";
 
 	static final String TERNARY_OPERATOR_NODE_NAME = "org.apache.derby.impl.sql.compile.TernaryOperatorNode";
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java Sun Dec 11 19:57:33 2005
@@ -20,6 +20,8 @@
 
 package org.apache.derby.impl.sql.compile;
 
+import org.apache.derby.catalog.UUID;
+
 import org.apache.derby.iapi.sql.conn.LanguageConnectionFactory;
 
 import org.apache.derby.iapi.sql.depend.ProviderList;
@@ -27,9 +29,16 @@
 import org.apache.derby.iapi.sql.compile.NodeFactory;
 import org.apache.derby.iapi.sql.compile.Parser;
 
+import org.apache.derby.iapi.sql.conn.Authorizer;
 import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
 
 import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
+import org.apache.derby.iapi.sql.dictionary.ColumnDescriptor;
+import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
+import org.apache.derby.iapi.sql.dictionary.AliasDescriptor;
+import org.apache.derby.iapi.sql.dictionary.StatementTablePermission;
+import org.apache.derby.iapi.sql.dictionary.StatementColumnPermission;
+import org.apache.derby.iapi.sql.dictionary.StatementRoutinePermission;
 
 import org.apache.derby.iapi.types.DataTypeDescriptor;
 
@@ -52,6 +61,7 @@
 import org.apache.derby.iapi.services.compiler.JavaFactory;
 import org.apache.derby.iapi.services.uuid.UUIDFactory;
 import org.apache.derby.iapi.services.monitor.Monitor;
+import org.apache.derby.iapi.services.io.FormatableBitSet;
 
 import org.apache.derby.iapi.error.StandardException;
 
@@ -60,10 +70,18 @@
 import org.apache.derby.iapi.services.sanity.SanityManager;
 
 import org.apache.derby.iapi.services.context.ContextImpl;
+import org.apache.derby.iapi.util.ReuseFactory;
 
 import java.sql.SQLWarning;
 import java.util.Vector;
 import java.util.Properties;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map.Entry;
+import java.util.BitSet;
+import java.util.List;
+import java.util.Stack;
+import java.util.ArrayList;
 
 /**
  *
@@ -130,6 +148,7 @@
 		savedObjects = null;
 		reliability = CompilerContext.SQL_LEGAL;
 		returnParameterFlag = false;
+		initRequiredPriv();
 	}
 
 	//
@@ -663,8 +682,148 @@
 
 		// the prefix for classes in this connection
 		classPrefix = "ac"+lcf.getUUIDFactory().createUUID().toString().replace('-','x');
+
+		initRequiredPriv();
 	}
 
+	private void initRequiredPriv()
+	{
+		currPrivType = Authorizer.NULL_PRIV;
+		privTypeStack.clear();
+		requiredColumnPrivileges = null;
+		requiredTablePrivileges = null;
+		requiredRoutinePrivileges = null;
+		try
+		{
+			LanguageConnectionContext lcc = (LanguageConnectionContext)
+			getContextManager().getContext(LanguageConnectionContext.CONTEXT_ID);
+			if( lcc.getAuthorizer().usesSqlStandardPermissions())
+			{
+				requiredColumnPrivileges = new HashMap();
+				requiredTablePrivileges = new HashMap();
+				requiredRoutinePrivileges = new HashMap();
+			}
+		}
+		catch( StandardException se){}
+	} // end of initRequiredPriv
+
+	/**
+	 * Sets the current privilege type context. Column and table nodes do not know
+	 * how they are being used. Higher level nodes in the query tree do not know what
+	 * is being referenced.
+	 * Keeping the context allows the two to come together.
+	 *
+	 * @param privType One of the privilege types in org.apache.derby.iapi.sql.conn.Authorizer.
+	 */
+	public void pushCurrentPrivType( int privType)
+	{
+		privTypeStack.push( ReuseFactory.getInteger( currPrivType));
+		currPrivType = privType;
+	}
+
+	public void popCurrentPrivType( )
+	{
+		currPrivType = ((Integer) privTypeStack.pop()).intValue();
+	}
+	
+	/**
+	 * Add a column privilege to the list of used column privileges.
+	 *
+	 * @param column
+	 */
+	public void addRequiredColumnPriv( ColumnDescriptor column)
+	{
+		if( requiredColumnPrivileges == null // Using old style authorization
+			|| currPrivType == Authorizer.NULL_PRIV
+			|| currPrivType == Authorizer.DELETE_PRIV // Table privilege only
+			|| currPrivType == Authorizer.INSERT_PRIV // Table privilege only
+			|| currPrivType == Authorizer.TRIGGER_PRIV // Table privilege only
+			|| currPrivType == Authorizer.EXECUTE_PRIV
+			|| column == null)
+			return;
+		TableDescriptor td = column.getTableDescriptor();
+		UUID tableUUID = td.getUUID();
+		StatementTablePermission key = new StatementTablePermission( tableUUID, currPrivType);
+		StatementColumnPermission tableColumnPrivileges
+		  = (StatementColumnPermission) requiredColumnPrivileges.get( key);
+		if( tableColumnPrivileges == null)
+		{
+			tableColumnPrivileges = new StatementColumnPermission( tableUUID,
+																   currPrivType,
+																   new FormatableBitSet( td.getNumberOfColumns()));
+			requiredColumnPrivileges.put( key, tableColumnPrivileges);
+		}
+		tableColumnPrivileges.getColumns().set( column.getPosition() - 1);
+	} // end of addRequiredColumnPriv
+
+	/**
+	 * Add a table or view privilege to the list of used table privileges.
+	 *
+	 * @param table
+	 */
+	public void addRequiredTablePriv( TableDescriptor table)
+	{
+		if( requiredTablePrivileges == null || table == null)
+			return;
+
+		StatementTablePermission key = new StatementTablePermission( table.getUUID(), currPrivType);
+		requiredTablePrivileges.put( key, key);
+	}
+
+	/**
+	 * Add a routine execute privilege to the list of used routine privileges.
+	 *
+	 * @param routine
+	 */
+	public void addRequiredRoutinePriv( AliasDescriptor routine)
+	{
+		// routine == null for built in routines
+		if( requiredRoutinePrivileges == null || routine == null)
+			return;
+		if( requiredRoutinePrivileges.get( routine.getUUID()) == null)
+			requiredRoutinePrivileges.put( routine.getUUID(), ReuseFactory.getInteger(1));
+	}
+
+	/**
+	 * @return The list of required privileges.
+	 */
+	public List getRequiredPermissionsList()
+	{
+		int size = 0;
+		if( requiredRoutinePrivileges != null)
+			size += requiredRoutinePrivileges.size();
+		if( requiredTablePrivileges != null)
+			size += requiredTablePrivileges.size();
+		if( requiredColumnPrivileges != null)
+			size += requiredColumnPrivileges.size();
+		
+		ArrayList list = new ArrayList( size);
+		if( requiredRoutinePrivileges != null)
+		{
+			for( Iterator itr = requiredRoutinePrivileges.keySet().iterator(); itr.hasNext();)
+			{
+				UUID routineUUID = (UUID) itr.next();
+				
+				list.add( new StatementRoutinePermission( routineUUID));
+			}
+		}
+		if( requiredTablePrivileges != null)
+		{
+			for( Iterator itr = requiredTablePrivileges.values().iterator(); itr.hasNext();)
+			{
+				list.add( itr.next());
+			}
+		}
+		if( requiredColumnPrivileges != null)
+		{
+			for( Iterator itr = requiredColumnPrivileges.values().iterator(); itr.hasNext();)
+			{
+				list.add( itr.next());
+			}
+		}
+		return list;
+	} // end of getRequiredPermissionsList
+
 	/*
 	** Context state must be reset in restContext()
 	*/
@@ -705,4 +864,10 @@
 	private Object				cursorInfo;
 
 	private SQLWarning warnings;
-}
+
+	private Stack privTypeStack = new Stack();
+	private int currPrivType = Authorizer.NULL_PRIV;
+	private HashMap requiredColumnPrivileges;
+	private HashMap requiredTablePrivileges;
+	private HashMap requiredRoutinePrivileges;
+} // end of class CompilerContextImpl

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CreateAliasNode.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CreateAliasNode.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CreateAliasNode.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CreateAliasNode.java Sun Dec 11 19:57:33 2005
@@ -119,6 +119,7 @@
 				// 6 - Short - SQL control
 				// 7 - Boolean - CALLED ON NULL INPUT (always TRUE for procedures)
 				// 8 - TypeDescriptor - return type (always NULL for procedures)
+				// 9 - Boolean - externalSecurity (false for invoker, true for definer)
 
 				Object[] routineElements = (Object[]) aliasSpecificInfo;
 				Object[] parameters = (Object[]) routineElements[0];
@@ -190,6 +191,9 @@
 					calledOnNullInput = true;
 				else
 					calledOnNullInput = calledOnNullInputO.booleanValue();
+
+				// GrantRevoke TODO: Figure out how to save external security info. Putting this in
+				// RoutineAliasInfo may not be the best long term solution
 
 				aliasInfo = new RoutineAliasInfo(this.methodName, paramCount, names, types, modes, drs,
 						((Short) routineElements[5]).shortValue(),	// parameter style

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/DMLModStatementNode.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/DMLModStatementNode.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/DMLModStatementNode.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/DMLModStatementNode.java Sun Dec 11 19:57:33 2005
@@ -419,7 +419,7 @@
 													fromBaseTable.getTableNameField());
 
 			resultColumnList.bindResultColumnsByName(targetTableDescriptor,
-													this);
+													(DMLStatementNode) this);
 		}
 	}
 

Added: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/GrantNode.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/GrantNode.java?rev=356133&view=auto
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/GrantNode.java (added)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/GrantNode.java Sun Dec 11 19:57:33 2005
@@ -0,0 +1,111 @@
+/*
+
+   Derby - Class org.apache.derby.impl.sql.compile.GrantNode
+
+   Copyright 2005 The Apache Software Foundation or its licensors, as applicable.
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+	  http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+ */
+
+package	org.apache.derby.impl.sql.compile;
+
+import org.apache.derby.iapi.sql.execute.ConstantAction;
+import org.apache.derby.impl.sql.execute.PrivilegeInfo;
+import org.apache.derby.iapi.services.sanity.SanityManager;
+import org.apache.derby.iapi.error.StandardException;
+
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * This class represents a GRANT statement.
+ */
+public class GrantNode extends MiscellaneousStatementNode
+{
+	PrivilegeNode privileges;
+	List grantees;
+
+	/**
+	 * Convert this object to a String.  See comments in QueryTreeNode.java
+	 * for how this should be done for tree printing.
+	 *
+	 * @return	This object as a String
+	 */
+
+	public String toString()
+	{
+		if (SanityManager.DEBUG)
+		{
+			StringBuffer sb = new StringBuffer();
+			for( Iterator it = grantees.iterator(); it.hasNext();)
+			{
+				if( sb.length() > 0)
+					sb.append( ",");
+				sb.append( it.next().toString());
+			}
+			return super.toString() +
+				   privileges.toString() +
+				   "TO: \n" + sb.toString() + "\n";
+		}
+		else
+		{
+			return "";
+		}
+	} // end of toString
+
+	public String statementToString()
+	{
+		return "GRANT";
+	}
+
+	
+	/**
+	 * Initialize a GrantNode.
+	 *
+	 * @param privileges PrivilegesNode
+	 * @param grantees List
+	 */
+	public void init( Object privileges,
+					  Object grantees)
+	{
+		this.privileges = (PrivilegeNode) privileges;
+		this.grantees = (List) grantees;
+	}
+
+	/**
+	 * Bind this GrantNode. Resolve all table, column, and routine references.
+	 *
+	 * @return the bound GrantNode
+	 *
+	 * @exception StandardException	Standard error policy.
+	 */
+	public QueryTreeNode bind() throws StandardException
+	{
+		privileges = (PrivilegeNode) privileges.bind( new HashMap());
+		return this;
+	} // end of bind
+
+
+	/**
+	 * Create the Constant information that will drive the guts of Execution.
+	 *
+	 * @exception StandardException	Standard error policy.
+	 */
+	public ConstantAction makeConstantAction() throws StandardException
+	{
+		return getGenericConstantActionFactory().getGrantConstantAction( privileges.makePrivilegeInfo(),
+																		 grantees);
+	}
+}

Propchange: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/GrantNode.java
------------------------------------------------------------------------------
    svn:eol-style = native

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/InsertNode.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/InsertNode.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/InsertNode.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/InsertNode.java Sun Dec 11 19:57:33 2005
@@ -265,7 +265,7 @@
 			if (targetTableDescriptor != null)
 			{
 				targetColumnList.bindResultColumnsByName(targetTableDescriptor,
-														this);
+														(DMLStatementNode) this);
 			}
 			else
 			{

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/NodeFactoryImpl.java
URL: http://svn.apache.org/viewcvs/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/NodeFactoryImpl.java?rev=356133&r1=356132&r2=356133&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/NodeFactoryImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/NodeFactoryImpl.java Sun Dec 11 19:57:33 2005
@@ -579,6 +579,17 @@
           case C_NodeTypes.XML_EXISTS_OPERATOR_NODE:
             return C_NodeNames.BINARY_OPERATOR_NODE_NAME;
 
+          case C_NodeTypes.GRANT_NODE:
+            return C_NodeNames.GRANT_NODE_NAME;
+          case C_NodeTypes.REVOKE_NODE:
+            return C_NodeNames.REVOKE_NODE_NAME;
+
+          case C_NodeTypes.PRIVILEGE_NODE:
+            return C_NodeNames.PRIVILEGE_NAME;
+
+          case C_NodeTypes.TABLE_PRIVILEGES_NODE:
+            return C_NodeNames.TABLE_PRIVILEGES_NAME;
+
 		  // WARNING: WHEN ADDING NODE TYPES HERE, YOU MUST ALSO ADD
 		  // THEM TO tools/jar/DBMSnodes.properties
 



Mime
View raw message