db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r543281 - in /db/derby/code/trunk/java: engine/org/apache/derby/catalog/SystemProcedures.java testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
Date Thu, 31 May 2007 22:11:11 GMT
Author: djd
Date: Thu May 31 15:11:11 2007
New Revision: 543281

URL: http://svn.apache.org/viewvc?view=rev&rev=543281
Log:
DERBY-2735 (partial) Basic working implementation of the SYSCS_SET_USER_ACCESS and tests for
it.
Need more cleanup work including checking invlaid parameters for the procedure and function.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java?view=diff&rev=543281&r1=543280&r2=543281
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java Thu May
31 15:11:11 2007
@@ -1557,10 +1557,60 @@
         throws SQLException
     {
         try {
-            String sqlUser = IdUtil.getUserAuthorizationId(userName);
-
+            // Validate the name, however the name stored in 
+            // the properties is in the external format, as a
+            // quoted identifier if required. The external form
+            // is what the user passes into this method so that
+            // gets used in modifying the lists.
+            IdUtil.getUserAuthorizationId(userName);
+            
+            String addListProperty;
+            if (Property.FULL_ACCESS.equals(connectionPermission))
+            {
+                removeFromAccessList(Property.READ_ONLY_ACCESS_USERS_PROPERTY,
+                        userName);
+                addListProperty = Property.FULL_ACCESS_USERS_PROPERTY;
+            }
+            else if (Property.READ_ONLY_ACCESS.equals(connectionPermission))
+            {
+                removeFromAccessList(Property.FULL_ACCESS_USERS_PROPERTY,
+                        userName);                
+                addListProperty = Property.READ_ONLY_ACCESS_USERS_PROPERTY;
+            }
+            else if (connectionPermission == null)
+            {
+                removeFromAccessList(Property.FULL_ACCESS_USERS_PROPERTY,
+                        userName);
+                removeFromAccessList(Property.READ_ONLY_ACCESS_USERS_PROPERTY,
+                        userName);
+                return;
+            }
+            else
+                throw StandardException.newException(SQLState.UU_UNKNOWN_PERMISSION,
+                        connectionPermission);
+            
+            String addList = SYSCS_GET_DATABASE_PROPERTY(addListProperty);
+            SYSCS_SET_DATABASE_PROPERTY(addListProperty,
+                IdUtil.appendId(userName, addList));
+            
         } catch (StandardException se) {
             throw PublicAPI.wrapStandardException(se);
+        }
+    }
+  
+    /**
+     * Utility method for SYSCS_SET_USER_ACCESS removes a user from
+     * one of the access lists, driven by the property name.
+     */
+    private static void removeFromAccessList(
+            String listProperty, String userName)
+        throws SQLException, StandardException
+    {
+        String removeList = SYSCS_GET_DATABASE_PROPERTY(listProperty);
+        if (removeList != null)
+        {
+            SYSCS_SET_DATABASE_PROPERTY(listProperty,
+                    IdUtil.deleteId(userName, removeList));
         }
     }
     

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java?view=diff&rev=543281&r1=543280&r2=543281
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/jdbcapi/AuthenticationTest.java
Thu May 31 15:11:11 2007
@@ -435,6 +435,7 @@
                 "derby.database.requireAuthentication","true", conn1);
         conn1.commit();
         
+        
         PreparedStatement psGetAccess = conn1.prepareStatement(
                 "VALUES SYSCS_UTIL.SYSCS_GET_USER_ACCESS(?)");
         psGetAccess.setString(1, "jamie");
@@ -455,11 +456,82 @@
         // unknown user
         psGetAccess.setString(1, "hagrid");
         JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "NOACCESS");
+        
+        conn1.commit();
+        
+        // now add/switch some names using the utility method
+        CallableStatement csSetAccess = conn1.prepareCall(
+            "CALL SYSCS_UTIL.SYSCS_SET_USER_ACCESS(?, ?)");
+        
+        // Change AMES, everyone else is unchanged
+        csSetAccess.setString(1, "AMES");
+        csSetAccess.setString(2, "FULLACCESS");
+        csSetAccess.execute();
+        
+        psGetAccess.setString(1, "AMES");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
+        
+        psGetAccess.setString(1, "miCKEY");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
+        psGetAccess.setString(1, "jamie");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");      

+        psGetAccess.setString(1, "DAN");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");      
 
+        psGetAccess.setString(1, "system");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
 
-        psGetAccess.close();
+        // and change AMES back again
+        csSetAccess.setString(1, "AMES");
+        csSetAccess.setString(2, "READONLYACCESS");
+        csSetAccess.execute();
         
+        psGetAccess.setString(1, "AMES");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
         
+        psGetAccess.setString(1, "miCKEY");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
+        psGetAccess.setString(1, "jamie");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");      

+        psGetAccess.setString(1, "DAN");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");      
 
+        psGetAccess.setString(1, "system");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
 
+        // add a new users in
+        csSetAccess.setString(1, "BOND");
+        csSetAccess.setString(2, "FULLACCESS");
+        csSetAccess.execute(); 
+        csSetAccess.setString(1, "JAMES");
+        csSetAccess.setString(2, "READONLYACCESS");
+        csSetAccess.execute();
+        conn1.commit();
+        
+        psGetAccess.setString(1, "BOND");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "FULLACCESS");
+        psGetAccess.setString(1, "JAMES");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "READONLYACCESS");
+        conn1.commit();
+        
+        // and remove them
+        csSetAccess.setString(1, "BOND");
+        csSetAccess.setString(2, null);
+        csSetAccess.execute(); 
+        csSetAccess.setString(1, "JAMES");
+        csSetAccess.setString(2, null);
+        csSetAccess.execute(); 
+        conn1.commit();
+        
+        psGetAccess.setString(1, "BOND");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "NOACCESS");
+        psGetAccess.setString(1, "JAMES");
+        JDBC.assertSingleValueResultSet(psGetAccess.executeQuery(), "NOACCESS");
+        conn1.commit();
+         
+        
+        psGetAccess.close();
+        csSetAccess.close();
+        
+  
         // we should still be connected as dan
         Statement stmt = conn1.createStatement();
         assertUpdateCount(stmt, 0, 



Mime
View raw message