Return-Path: Delivered-To: apmail-db-derby-commits-archive@www.apache.org Received: (qmail 5295 invoked from network); 15 Oct 2008 01:03:38 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 15 Oct 2008 01:03:38 -0000 Received: (qmail 3794 invoked by uid 500); 15 Oct 2008 01:03:38 -0000 Delivered-To: apmail-db-derby-commits-archive@db.apache.org Received: (qmail 3766 invoked by uid 500); 15 Oct 2008 01:03:38 -0000 Mailing-List: contact derby-commits-help@db.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: List-Post: Reply-To: "Derby Development" List-Id: Delivered-To: mailing list derby-commits@db.apache.org Received: (qmail 3757 invoked by uid 99); 15 Oct 2008 01:03:38 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Oct 2008 18:03:38 -0700 X-ASF-Spam-Status: No, hits=-2000.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 15 Oct 2008 01:02:39 +0000 Received: by eris.apache.org (Postfix, from userid 65534) id D9143238889E; Tue, 14 Oct 2008 18:02:46 -0700 (PDT) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r704754 - in /db/derby/code/trunk/java: engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java Date: Wed, 15 Oct 2008 01:02:46 -0000 To: derby-commits@db.apache.org From: dag@apache.org X-Mailer: svnmailer-1.0.8 Message-Id: <20081015010246.D9143238889E@eris.apache.org> X-Virus-Checked: Checked by ClamAV on apache.org Author: dag Date: Tue Oct 14 18:02:46 2008 New Revision: 704754 URL: http://svn.apache.org/viewvc?rev=704754&view=rev Log: DERBY-3137 SQL roles: add catalog support Patch DERBY-3137-setRoleNoDynamicNone, which forbids use of "NONE" as an identifier to a dynamic SET ROLE statement, unless delimited. Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java?rev=704754&r1=704753&r2=704754&view=diff ============================================================================== --- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java (original) +++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java Tue Oct 14 18:02:46 2008 @@ -35,6 +35,7 @@ import org.apache.derby.iapi.reference.SQLState; import org.apache.derby.iapi.store.access.TransactionController; import org.apache.derby.iapi.util.IdUtil; +import org.apache.derby.iapi.util.StringUtil; /** * This class describes actions that are ALWAYS performed for a @@ -126,7 +127,17 @@ thisRoleName = thisRoleName.trim(); + // NONE is a special case and is not allowed with its special + // meaning in SET ROLE ?. Even if there is a role with case normal + // form "NONE", we require it to be delimited here, since it would + // have had to be delimited to get created, too. We could have + // chosen to be lenient here, but it seems safer to be restrictive. + if (StringUtil.SQLToUpperCase(thisRoleName).equals("NONE")) { + throw StandardException.newException(SQLState.ID_PARSE_ERROR); + } + thisRoleName = IdUtil.parseSQLIdentifier(thisRoleName); + } RoleGrantDescriptor rdDef = null; Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java?rev=704754&r1=704753&r2=704754&view=diff ============================================================================== --- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java (original) +++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java Tue Oct 14 18:02:46 2008 @@ -1047,7 +1047,7 @@ int rowcnt = pstmt.executeUpdate(); fail("Expected syntax error on identifier"); } catch (SQLException e) { - assertSQLState(idParseError ,e); + assertSQLState(idParseError, e); } try { @@ -1055,7 +1055,7 @@ int rowcnt = pstmt.executeUpdate(); fail("Expected syntax error on identifier"); } catch (SQLException e) { - assertSQLState(idParseError ,e); + assertSQLState(idParseError, e); } @@ -1066,12 +1066,20 @@ try { pstmt.setString(1, "NONE"); int rowcnt = pstmt.executeUpdate(); + fail("NONE should not be allowed as a dynamic parameter"); + } catch (SQLException e) { + assertSQLState(idParseError, e); + } + + try { + pstmt.setString(1, "\"NONE\""); + int rowcnt = pstmt.executeUpdate(); assertEquals("rowcount from set role ? not 0", rowcnt, 0); ResultSet rs = doQuery("values current_role", n_a, null , n_a ); assertRoleInRs(rs, "\"NONE\"", n_a); rs.close(); } catch (SQLException e) { - fail("execute of set role ? failed: [NONE] " + e, e); + fail("execute of set role ? failed: [\"NONE\"] " + e, e); } }