From derby-commits-return-4090-apmail-db-derby-commits-archive=db.apache.org@db.apache.org Sat Aug 05 19:34:16 2006 Return-Path: Delivered-To: apmail-db-derby-commits-archive@www.apache.org Received: (qmail 28935 invoked from network); 5 Aug 2006 19:34:16 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 5 Aug 2006 19:34:16 -0000 Received: (qmail 13324 invoked by uid 500); 5 Aug 2006 19:34:15 -0000 Delivered-To: apmail-db-derby-commits-archive@db.apache.org Received: (qmail 13292 invoked by uid 500); 5 Aug 2006 19:34:15 -0000 Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: "Derby Development" List-Id: Delivered-To: mailing list derby-commits@db.apache.org Received: (qmail 13281 invoked by uid 99); 5 Aug 2006 19:34:15 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 Aug 2006 12:34:15 -0700 X-ASF-Spam-Status: No, hits=-9.4 required=10.0 tests=ALL_TRUSTED,NO_REAL_NAME X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: local policy) Received: from [140.211.166.113] (HELO eris.apache.org) (140.211.166.113) by apache.org (qpsmtpd/0.29) with ESMTP; Sat, 05 Aug 2006 12:34:14 -0700 Received: by eris.apache.org (Postfix, from userid 65534) id 3649B1A981A; Sat, 5 Aug 2006 12:33:54 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r429036 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/sql/catalog/ testing/org/apache/derbyTesting/functionTests/master/ testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/ Date: Sat, 05 Aug 2006 19:33:53 -0000 To: derby-commits@db.apache.org From: djd@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20060805193354.3649B1A981A@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N Author: djd Date: Sat Aug 5 12:33:52 2006 New Revision: 429036 URL: http://svn.apache.org/viewvc?rev=429036&view=rev Log: DERBY-1544 Adds a method 'grantPublicAccessToSystemRoutines' to DataDictionaryImpl which is called when doing a full upgrade. This method goes through list of routines that needs to be granted public access and calls 'createRoutinePermPublicDescriptor' for each routine. This is the same as the method that is called during database creation. It is slightly modified to allow specifying of an authorization id for the grantor. When upgrading, authorization id of user performing upgrade is used. Adds a test to upgrade test to verify that the 5 system routines are added to the routine permissions table. Patch contributed by Deepa Remesh Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java?rev=429036&r1=429035&r2=429036&view=diff ============================================================================== --- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java (original) +++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java Sat Aug 5 12:33:52 2006 @@ -373,6 +373,9 @@ // Change system schemas to be owned by aid bootingDictionary.updateSystemSchemaAuthorization(aid, tc); + + // Grant PUBLIC access to some system routines + bootingDictionary.grantPublicAccessToSystemRoutines(tc, aid); } } Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java?rev=429036&r1=429035&r2=429036&view=diff ============================================================================== --- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java (original) +++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java Sat Aug 5 12:33:52 2006 @@ -409,7 +409,24 @@ private int systemSQLNameNumber; private GregorianCalendar calendarForLastSystemSQLName = new GregorianCalendar(); private long timeForLastSystemSQLName; - + + /** + * List of procedures in SYSCS_UTIL schema with PUBLIC access + */ + private static final String[] sysUtilProceduresWithPublicAccess = { + "SYSCS_SET_RUNTIMESTATISTICS", + "SYSCS_SET_STATISTICS_TIMING", + "SYSCS_INPLACE_COMPRESS_TABLE", + "SYSCS_COMPRESS_TABLE", + }; + + /** + * List of functions in SYSCS_UTIL schema with PUBLIC access + */ + private static final String[] sysUtilFunctionsWithPublicAccess = { + "SYSCS_GET_RUNTIMESTATISTICS", + }; + /* ** Constructor */ @@ -9648,11 +9665,73 @@ } } + + /** + * Grant PUBLIC access to specific system routines. Currently, this is + * done for some routines in SYSCS_UTIL schema. + * + * @param tc TransactionController to use + * @param authorizationID authorization ID of the permission grantor + * @throws StandardException Standard exception policy. + */ + public void grantPublicAccessToSystemRoutines(TransactionController tc, + String authorizationID) throws StandardException { + + // Get schema ID for SYSCS_UTIL schema + String schemaID = getSystemUtilSchemaDescriptor().getUUID().toString(); + + for(int i=0; i < sysUtilProceduresWithPublicAccess.length; i++) { + grantPublicAccessToSystemRoutine(schemaID, + sysUtilProceduresWithPublicAccess[i], + AliasInfo.ALIAS_NAME_SPACE_PROCEDURE_AS_CHAR, + tc, authorizationID); + } + + for(int i=0; i < sysUtilFunctionsWithPublicAccess.length; i++) { + grantPublicAccessToSystemRoutine(schemaID, + sysUtilFunctionsWithPublicAccess[i], + AliasInfo.ALIAS_NAME_SPACE_FUNCTION_AS_CHAR, + tc, authorizationID); + } + } + + + /** + * Grant PUBLIC access to a system routine. This method should be used only + * for granting access to a system routine (other than routines in SYSFUN + * schema). It expects the routine to be present in SYSALIASES catalog. + * + * @param schemaID Schema ID + * @param routineName Routine Name + * @param nameSpace Indicates whether the routine is a function/procedure. + * @param tc TransactionController to use + * @param authorizationID authorization ID of the permission grantor + * @throws StandardException Standard exception policy. + */ + private void grantPublicAccessToSystemRoutine(String schemaID, + String routineName, + char nameSpace, + TransactionController tc, + String authorizationID) + throws StandardException { + // For system routines, a valid alias descriptor will be returned. + AliasDescriptor ad = getAliasDescriptor(schemaID, routineName, + nameSpace); + + if (SanityManager.DEBUG) { + SanityManager.ASSERT((ad != null), "Failed to get AliasDescriptor" + + " of the routine"); + } + + UUID routineUUID = ad.getUUID(); + createRoutinePermPublicDescriptor(routineUUID, tc, authorizationID); + } + /** * Create RoutinePermDescriptor to grant access to PUBLIC for * this system routine. Currently only SYSUTIL routines need access - * granted to execute them when a database is created. + * granted to execute them when a database is created/upgraded. * * @param routineUUID uuid of the routine * @param tc TransactionController to use @@ -9663,11 +9742,28 @@ UUID routineUUID, TransactionController tc) throws StandardException { + createRoutinePermPublicDescriptor(routineUUID, tc, authorizationDBA); + } + + /** + * Create RoutinePermDescriptor to grant access to PUBLIC for + * this system routine using the grantor specified in authorizationID. + * + * @param routineUUID uuid of the routine + * @param tc TransactionController to use + * @param authorizationID authorization ID of the permission grantor + * @throws StandardException Standard exception policy. + */ + void createRoutinePermPublicDescriptor( + UUID routineUUID, + TransactionController tc, + String authorizationID) throws StandardException + { RoutinePermsDescriptor routinePermDesc = new RoutinePermsDescriptor( this, "PUBLIC", - authorizationDBA, + authorizationID, routineUUID); addDescriptor( Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out?rev=429036&r1=429035&r2=429036&view=diff ============================================================================== --- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out (original) +++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out Sat Aug 5 12:33:52 2006 @@ -2199,6 +2199,12 @@ SCHEMANAME: SYSCS_UTIL , AUTHORIZATIONID: APP SCHEMANAME: APP , AUTHORIZATIONID: APP SCHEMANAME: D438 , AUTHORIZATIONID: APP +Checking routine permissions in SYSROUTINEPERMS +ROUTINE NAME: SYSCS_COMPRESS_TABLE , GRANTEE: PUBLIC , GRANTOR: APP +ROUTINE NAME: SYSCS_GET_RUNTIMESTATISTICS , GRANTEE: PUBLIC , GRANTOR: APP +ROUTINE NAME: SYSCS_INPLACE_COMPRESS_TABLE , GRANTEE: PUBLIC , GRANTOR: APP +ROUTINE NAME: SYSCS_SET_RUNTIMESTATISTICS , GRANTEE: PUBLIC , GRANTOR: APP +ROUTINE NAME: SYSCS_SET_STATISTICS_TIMING , GRANTEE: PUBLIC , GRANTOR: APP Test metadata starting Union Result -- precision: 10 scale: 2 display size: 13 type name: DECIMAL dec(10,2) -- precision: 10 scale: 2 display size: 12 type name: DECIMAL Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java?rev=429036&r1=429035&r2=429036&view=diff ============================================================================== --- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java (original) +++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java Sat Aug 5 12:33:52 2006 @@ -371,6 +371,7 @@ conn = restartDatabase(classLoader); passed = caseGrantRevoke(conn, phase, classLoader, true) && passed; checkSysSchemas(conn); + checkRoutinePermissions(conn); } runMetadataTest(classLoader, conn); conn.close(); @@ -965,6 +966,35 @@ rs.close(); s.close(); } + + /** + * This method checks that some system routines are granted public access + * after a full upgrade. + * + * @param conn + * @throws SQLException + */ + private void checkRoutinePermissions(Connection conn) throws SQLException{ + System.out.println("Checking routine permissions in SYSROUTINEPERMS"); + + Statement s = conn.createStatement(); + ResultSet rs = s.executeQuery("select aliases.ALIAS, " + + "routinePerms.GRANTEE, routinePerms.GRANTOR from " + + "SYS.SYSROUTINEPERMS routinePerms, " + + "SYS.SYSALIASES aliases " + + "where routinePerms.ALIASID=aliases.ALIASID " + + "order by aliases.ALIAS"); + + while(rs.next()) { + System.out.println("ROUTINE NAME: " + rs.getString(1) + " , " + + "GRANTEE: " + rs.getString(2) + " , " + + "GRANTOR: " + rs.getString(3)); + } + + rs.close(); + s.close(); + } + /** * Run metadata test