db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r543254 - in /db/derby/code/trunk/java: engine/org/apache/derby/catalog/ engine/org/apache/derby/iapi/db/ engine/org/apache/derby/iapi/reference/ engine/org/apache/derby/impl/sql/catalog/ testing/org/apache/derbyTesting/functionTests/tests/...
Date Thu, 31 May 2007 20:55:56 GMT
Author: djd
Date: Thu May 31 13:55:55 2007
New Revision: 543254

URL: http://svn.apache.org/viewvc?view=rev&rev=543254
Log:
DERBY-2735 (partial) Add the system procedure & function for connection level authorization
with SYSCS_GET_USER_ACCESS mostly implemented and SYSCS_SET_USER_ACCESS as a stub.
Add some testing of SYSCS_GET_USER_ACCESS. 

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/db/PropertyInfo.java
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/reference/Property.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java?view=diff&rev=543254&r1=543253&r2=543254
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java Thu May
31 13:55:55 2007
@@ -37,11 +37,14 @@
 import org.apache.derby.iapi.db.PropertyInfo;
 import org.apache.derby.iapi.error.PublicAPI;
 import org.apache.derby.iapi.error.StandardException;
+import org.apache.derby.iapi.reference.Property;
 import org.apache.derby.iapi.reference.SQLState;
 import org.apache.derby.iapi.services.i18n.MessageService;
+import org.apache.derby.iapi.services.property.PropertyUtil;
 import org.apache.derby.iapi.sql.conn.ConnectionUtil;
 import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
 import org.apache.derby.iapi.util.IdUtil;
+import org.apache.derby.iapi.util.StringUtil;
 import org.apache.derby.impl.jdbc.EmbedDatabaseMetaData;
 import org.apache.derby.impl.jdbc.Util;
 import org.apache.derby.impl.load.Export;
@@ -679,7 +682,13 @@
     String  key)
         throws SQLException
     {
-        return(PropertyInfo.getDatabaseProperty(key));
+        LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();
+
+        try {
+            return PropertyUtil.getDatabaseProperty(lcc.getTransactionExecute(), key);
+        } catch (StandardException se) {
+            throw PublicAPI.wrapStandardException(se);
+        }
     }
 
     /**
@@ -1537,5 +1546,54 @@
 	{
 		return (new Random(seed)).nextDouble();
 	}
+    
+    /**
+     * Set the connection level authorization for
+     * a specific user - SYSCS_UTIL.SYSCS_SET_USER_ACCESS.
+     * @throws SQLException Error setting the permission
+     */
+    public static void SYSCS_SET_USER_ACCESS(String userName,
+            String connectionPermission)
+        throws SQLException
+    {
+        try {
+            String sqlUser = IdUtil.getUserAuthorizationId(userName);
+
+        } catch (StandardException se) {
+            throw PublicAPI.wrapStandardException(se);
+        }
+    }
+    
+    /**
+     * Get the connection level authorization for
+     * a specific user - SYSCS_UTIL.SYSCS_GET_USER_ACCESS.
+     */
+    public static String SYSCS_GET_USER_ACCESS(String userName)
+        throws SQLException
+    {
+        try {
+            String sqlUser = IdUtil.getUserAuthorizationId(userName);
+            
+            String fullUserList =
+                SYSCS_GET_DATABASE_PROPERTY(Property.FULL_ACCESS_USERS_PROPERTY);
+            if (IdUtil.idOnList(sqlUser, fullUserList))
+                return Property.FULL_ACCESS;
+            
+            String readOnlyUserList =
+                SYSCS_GET_DATABASE_PROPERTY(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
+            if (IdUtil.idOnList(sqlUser, readOnlyUserList))
+                return Property.READ_ONLY_ACCESS;
+            
+            String defaultAccess = 
+                SYSCS_GET_DATABASE_PROPERTY(Property.DEFAULT_CONNECTION_MODE_PROPERTY);
+            if (defaultAccess != null)
+                defaultAccess = StringUtil.SQLToUpperCase(defaultAccess);
+            
+            return defaultAccess;
+            
+        } catch (StandardException se) {
+            throw PublicAPI.wrapStandardException(se);
+        }
+    }
 
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/db/PropertyInfo.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/db/PropertyInfo.java?view=diff&rev=543254&r1=543253&r2=543254
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/db/PropertyInfo.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/db/PropertyInfo.java Thu May 31
13:55:55 2007
@@ -87,25 +87,6 @@
 	}
 
 	/**
-		Fetch the value of a property of the database on the current connection.
-
-		@param key the property key
-
-		@return the value of the property or null if the property is not set.
-
-		@exception SQLException on error
-	*/
-	public static String getDatabaseProperty(String key) throws SQLException {
-		LanguageConnectionContext lcc = ConnectionUtil.getCurrentLCC();
-
-		try {
-			return PropertyUtil.getDatabaseProperty(lcc.getTransactionExecute(), key);
-		} catch (StandardException se) {
-			throw PublicAPI.wrapStandardException(se);
-		}
-	}
-
-	/**
 		Set or delete the value of a property of the database on the current connection.
 
 		@param key the property key

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/reference/Property.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/reference/Property.java?view=diff&rev=543254&r1=543253&r2=543254
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/reference/Property.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/reference/Property.java Thu May
31 13:55:55 2007
@@ -629,17 +629,27 @@
 	public static final String
 	SQL_AUTHORIZATION_PROPERTY = "derby.database.sqlAuthorization";
 
+    /**
+     * Default connection level authorization, set to
+     * one of NO_ACCESS, READ_ONLY_ACCESS or FULL_ACCESS.
+     * Defaults to FULL_ACCESS if not set.
+     */
 	public static final String
 	DEFAULT_CONNECTION_MODE_PROPERTY = "derby.database.defaultConnectionMode";
 
-	public static final String NO_ACCESS = "noAccess";
-	public static final String READ_ONLY_ACCESS = "readOnlyAccess";
-	public static final String FULL_ACCESS = "fullAccess";
-	public static final String DEFAULT_ACCESS = FULL_ACCESS;
+	public static final String NO_ACCESS = "NOACCESS";
+	public static final String READ_ONLY_ACCESS = "READONLYACCESS";
+	public static final String FULL_ACCESS = "FULLACCESS";
 
+    /**
+     * List of users with read-only connection level authorization.
+     */
 	public static final String
 	READ_ONLY_ACCESS_USERS_PROPERTY = "derby.database.readOnlyAccessUsers";
 
+    /**
+     * List of users with full access connection level authorization.
+     */
 	public static final String
 	FULL_ACCESS_USERS_PROPERTY = "derby.database.fullAccessUsers";
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java?view=diff&rev=543254&r1=543253&r2=543254
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
Thu May 31 13:55:55 2007
@@ -10526,6 +10526,12 @@
     TransactionController   tc)
         throws StandardException
     {
+        // Safe to re-use a TypeDescriptor here as they are
+        // not modified during the creation of the routine
+        TypeDescriptor varchar128 =
+            DataTypeDescriptor.getBuiltInDataTypeDescriptor(
+                    Types.VARCHAR, 128);
+
         UUID  sysUtilUUID = getSystemUtilSchemaDescriptor().getUUID();
         /* SYSCS_EXPORT_TABLE_LOBS_TO_EXTFILE(IN SCHEMANAME  VARCHAR(128), 
          * IN TABLENAME    VARCHAR(128), IN FILENAME VARCHAR(32672) , 
@@ -10716,7 +10722,40 @@
                 (TypeDescriptor) null,
                 tc);
         }
+        
+        // void SYSCS_UTIL.SYSCS_SET_USER_ACCESS(USER_NAME VARCHAR(128),
+        // CONNECTION_PERMISSION VARCHAR(128))
+        {
+            TypeDescriptor[] arg_types = {varchar128, varchar128};
+
+            createSystemProcedureOrFunction(
+                "SYSCS_SET_USER_ACCESS",
+                sysUtilUUID,
+                new String[] {"USERNAME", "CONNECTIONPERMISSION"},
+                arg_types,
+                0,
+                0,
+                RoutineAliasInfo.MODIFIES_SQL_DATA,
+                (TypeDescriptor) null,
+                tc);
+        }
+        
+        // void SYSCS_UTIL.SYSCS_SET_USER_ACCESS(USER_NAME VARCHAR(128),
+        // CONNECTION_PERMISSION VARCHAR(128))
+        {               
+            TypeDescriptor[] arg_types = { varchar128 };
 
+            createSystemProcedureOrFunction(
+                "SYSCS_GET_USER_ACCESS",
+                sysUtilUUID,
+                new String[] {"USERNAME"},
+                arg_types,
+                0,
+                0,
+                RoutineAliasInfo.READS_SQL_DATA,
+                varchar128,
+                tc);
+        }
 
     }
 

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java?view=diff&rev=543254&r1=543253&r2=543254
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
Thu May 31 13:55:55 2007
@@ -25,6 +25,7 @@
 import java.security.AccessController;
 import java.sql.CallableStatement;
 import java.sql.Connection;
+import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
@@ -433,6 +434,31 @@
         setDatabaseProperty(
                 "derby.database.requireAuthentication","true", conn1);
         conn1.commit();
+        
+        PreparedStatement psGetAccess = conn1.prepareStatement(
+                "VALUES SYSCS_UTIL.SYSCS_GET_USER_ACCESS(?)");
+        psGetAccess.setString(1, "jamie");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
+        
+        psGetAccess.setString(1, "DAN");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
+        
+        psGetAccess.setString(1, "system");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
+        
+        psGetAccess.setString(1, "AMES");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
+        
+        psGetAccess.setString(1, "mickEy");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
+
+        // unknown user
+        psGetAccess.setString(1, "hagrid");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "NOACCESS");
+
+        psGetAccess.close();
+        
+        
 
         // we should still be connected as dan
         Statement stmt = conn1.createStatement();



Mime
View raw message