db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From d..@apache.org
Subject svn commit: r632452 - in /db/derby/code/trunk/java: engine/org/apache/derby/jdbc/ engine/org/apache/derby/loc/ shared/org/apache/derby/shared/common/reference/ testing/org/apache/derbyTesting/functionTests/tests/lang/
Date Fri, 29 Feb 2008 21:51:08 GMT
Author: djd
Date: Fri Feb 29 13:51:01 2008
New Revision: 632452

URL: http://svn.apache.org/viewvc?rev=632452&view=rev
Log:
DERBY-2109 Another sub-set of code from the 12 patch in the issue.
Framework code in InternalDriver and sub-classes to check permissions.
Code to enforce engine shutdown permission in InternalDriver but commented out. Need to understand
which test code in the patch may be affected.
New error messages.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver169.java
    db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver20.java
    db/derby/code/trunk/java/engine/org/apache/derby/jdbc/InternalDriver.java
    db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
    db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/ErrorCodeTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver169.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver169.java?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver169.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver169.java Fri Feb 29 13:51:01
2008
@@ -31,6 +31,9 @@
 
 import java.util.Properties;
 
+import java.security.Permission;
+import java.security.AccessControlException;
+
 
 /**
     Driver169 - JDBC "driver" for J2ME/CDC/Foundation/JSR169, really
@@ -129,8 +132,19 @@
 	    return new EmbedResultSet169(conn, results, forMetaData, statement, isAtomic);
 	}
 
-
-
+    /**
+     * Checks for System Privileges.
+     *
+     * @param user The user to be checked for having the permission
+     * @param perm The permission to be checked
+     * @throws AccessControlException if permissions are missing
+     * @throws Exception if the privileges check fails for some other reason
+     */
+    public void checkSystemPrivileges(String user,
+                                      Permission perm)
+        throws Exception {
+        // no checks -- some of the javax security classes not available
+    }
 }
 
 

Modified: db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver20.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver20.java?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver20.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/jdbc/Driver20.java Fri Feb 29 13:51:01
2008
@@ -36,6 +36,7 @@
 import org.apache.derby.iapi.services.i18n.MessageService;
 import org.apache.derby.iapi.services.monitor.Monitor;
 import org.apache.derby.iapi.services.io.FormatableProperties;
+import org.apache.derby.iapi.security.SecurityUtil;
 
 import org.apache.derby.impl.jdbc.*;
 
@@ -45,6 +46,9 @@
 import java.sql.DriverManager;
 import java.sql.DriverPropertyInfo;
 
+import java.security.Permission;
+import java.security.AccessControlException;
+
 import java.util.Properties;
 
 /**
@@ -203,4 +207,18 @@
 
 		return new DriverPropertyInfo[0];
 	}
+
+    /**
+     * Checks for System Privileges.
+     *
+     * @param user The user to be checked for having the permission
+     * @param perm The permission to be checked
+     * @throws AccessControlException if permissions are missing
+     * @throws Exception if the privileges check fails for some other reason
+     */
+    public void checkSystemPrivileges(String user,
+                                      Permission perm)
+        throws Exception {
+        SecurityUtil.checkUserHasPermission(user, perm);
+    }
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/jdbc/InternalDriver.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/jdbc/InternalDriver.java?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/jdbc/InternalDriver.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/jdbc/InternalDriver.java Fri Feb 29 13:51:01
2008
@@ -44,6 +44,8 @@
 import org.apache.derby.iapi.jdbc.AuthenticationService;
 import org.apache.derby.iapi.sql.ResultColumnDescriptor;
 
+import org.apache.derby.security.SystemPermission;
+
 import org.apache.derby.impl.jdbc.*;
 import org.apache.derby.mbeans.JDBCMBean;
 
@@ -54,6 +56,11 @@
 import java.util.Properties;
 import java.util.StringTokenizer;
 
+import java.security.Permission;
+import java.security.AccessControlException;
+
+import org.apache.derby.iapi.util.IdUtil;
+
 
 /**
 	Abstract factory class and api for JDBC objects.
@@ -188,8 +195,7 @@
 			*/
 			boolean shutdown = Boolean.valueOf(finfo.getProperty(Attribute.SHUTDOWN_ATTR)).booleanValue();
 			
-			if (shutdown) {
-				
+			if (shutdown) {				
 				// If we are shutting down the system don't attempt to create
 				// a connection; but we validate users credentials if we have to.
 				// In case of datbase shutdown, we ask the database authentication
@@ -217,7 +223,13 @@
                                     getTextMessage(MessageId.AUTH_INVALID));
 					}
 
+					// check for shutdown privileges
+                    // Disabled until more of the patch can be applied.
+					//final String user = IdUtil.getUserNameFromURLProps(finfo);
+                    //checkShutdownPrivileges(user);
+
 					Monitor.getMonitor().shutdown();
+
 					throw Util.generateCsSQLException(
                                          SQLState.CLOUDSCAPE_SYSTEM_SHUTDOWN);
 				}
@@ -244,6 +256,65 @@
 			    finfo.clearDefaults();
 		}
 	}
+
+    /**
+     * Checks for System Privileges.
+     *
+     * Abstract since some of the javax security classes are not available
+     * on all platforms.
+     *
+     * @param user The user to be checked for having the permission
+     * @param perm The permission to be checked
+     * @throws AccessControlException if permissions are missing
+     * @throws Exception if the privileges check fails for some other reason
+     */
+    abstract public void checkSystemPrivileges(String user,
+                                               Permission perm)
+        throws Exception;
+
+    /**
+     * Checks for shutdown System Privileges.
+     *
+     * To perform this check the following policy grant is required
+     * <ul>
+     * <li> to run the encapsulated test:
+     *      permission javax.security.auth.AuthPermission "doAsPrivileged";
+     * </ul>
+     * or a SQLException will be raised detailing the cause.
+     * <p>
+     * In addition, for the test to succeed
+     * <ul>
+     * <li> the given user needs to be covered by a grant:
+     *      principal org.apache.derby.authentication.SystemPrincipal "..." {}
+     * <li> that lists a shutdown permission:
+     *      permission org.apache.derby.security.SystemPermission "shutdown";
+     * </ul>
+     * or it will fail with a SQLException detailing the cause.
+     *
+     * @param user The user to be checked for shutdown privileges
+     * @throws SQLException if the privileges check fails
+     */
+    public void checkShutdownPrivileges(String user) throws SQLException {
+        // approve action if not running under a security manager
+        if (System.getSecurityManager() == null) {
+            return;
+        }
+
+        // the check
+        try {
+            final Permission sp
+                = new SystemPermission(SystemPermission.SHUTDOWN);
+            checkSystemPrivileges(user, sp);
+        } catch (AccessControlException ace) {
+            throw Util.generateCsSQLException(
+				SQLState.AUTH_SHUTDOWN_MISSING_PERMISSION,
+				user, (Object)ace); // overloaded method
+        } catch (Exception e) {
+            throw Util.generateCsSQLException(
+				SQLState.AUTH_SHUTDOWN_MISSING_PERMISSION,
+				user, (Object)e); // overloaded method
+        }
+    }
 
 	public int getMajorVersion() {
 		return Monitor.getMonitor().getEngineVersion().getMajorVersion();

Modified: db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml Fri Feb 29 13:51:01
2008
@@ -392,6 +392,28 @@
             </msg>
 
             <msg>
+                <name>08004.C.9</name>
+                <text>Missing permission for user '{0}' to shutdown system [{1}].</text>
+                <arg>authorizationID</arg>
+                <arg>exceptionMsg</arg>
+            </msg>
+
+            <msg>
+                <name>08004.C.10</name>
+                <text>Cannot check system permission to create database '{0}' [{1}].</text>
+                <arg>databaseName</arg>
+                <arg>exceptionMsg</arg>
+            </msg>
+
+            <msg>
+                <name>08004.C.11</name>
+                <text>Missing permission for user '{0}' to create database '{1}' [{2}].</text>
+                <arg>authorizationID</arg>
+                <arg>databaseName</arg>
+                <arg>exceptionMsg</arg>
+            </msg>
+
+            <msg>
                 <name>08006.C</name>
                 <text>A network protocol error was encountered and the connection has
been terminated: {0}</text>
 		<arg>error</arg>

Modified: db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
(original)
+++ db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
Fri Feb 29 13:51:01 2008
@@ -1598,6 +1598,12 @@
     //DERBY-1828: AUTH_x_NOT_DB_OWNER used to be "2850H/I/J.C";
     String CANNOT_CONNECT_TO_DB_IN_SLAVE_MODE               = "08004.C.7";
     String AUTH_REPLICATION_NOT_DB_OWNER                    = "08004.C.8";
+    //DERBY-2109: new state/msg (considered sql state 28101.C not appropriate)
+    String AUTH_SHUTDOWN_MISSING_PERMISSION                 = "08004.C.9";
+    //DERBY-2109: new state/msg
+    String AUTH_DATABASE_CREATE_EXCEPTION                   = "08004.C.10";
+    //DERBY-2109: new state/msg
+    String AUTH_DATABASE_CREATE_MISSING_PERMISSION          = "08004.C.11";
 
     // There can be multiple causes for 08003, which according
     // to SQL2003 spec means "connection does not exist"

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/ErrorCodeTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/ErrorCodeTest.java?rev=632452&r1=632451&r2=632452&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/ErrorCodeTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/ErrorCodeTest.java
Fri Feb 29 13:51:01 2008
@@ -124,6 +124,9 @@
         		{"08004","User '{0}' cannot hard upgrade database '{1}'. Only the database owner
can perform this operation.","40000"},
         		{"08004","Connection refused to database '{0}' because it is in replication slave
mode.","40000"},
         		{"08004","User '{0}' cannot issue a replication operation on database '{1}'. Only
the database owner can perform this operation.","40000"},
+        		{"08004","Missing permission for user '{0}' to shutdown system [{1}].","40000"},
+        		{"08004","Cannot check system permission to create database '{0}' [{1}].","40000"},
+        		{"08004","Missing permission for user '{0}' to create database '{1}' [{2}].","40000"},
         		{"08006","An error occurred during connect reset and the connection has been terminated.
 See chained exceptions for details.","40000"},
         		{"08006","SocketException: '{0}'","40000"},
         		{"08006","A communications error has been detected: {0}.","40000"},



Mime
View raw message