db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1300248 - in /db/derby/code/trunk/java: engine/org/apache/derby/catalog/ engine/org/apache/derby/iapi/error/ engine/org/apache/derby/impl/jdbc/authentication/ engine/org/apache/derby/loc/ shared/org/apache/derby/shared/common/reference/ te...
Date Tue, 13 Mar 2012 17:26:18 GMT
Author: rhillegas
Date: Tue Mar 13 17:26:17 2012
New Revision: 1300248

URL: http://svn.apache.org/viewvc?rev=1300248&view=rev
Log:
DERBY-5648: Raise an error if NATIVE password maintenance is performed on a missing user.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/error/SQLWarningFactory.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
    db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
    db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthProcs.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/catalog/SystemProcedures.java Tue Mar
13 17:26:17 2012
@@ -2132,6 +2132,8 @@ public class SystemProcedures  {
             DataDictionary dd = lcc.getDataDictionary();
             TransactionController tc = lcc.getTransactionExecute();
 
+            checkLegalUser( dd, userName );
+            
             /*
             ** Inform the data dictionary that we are about to write to it.
             ** There are several calls to data dictionary "get" methods here
@@ -2183,6 +2185,8 @@ public class SystemProcedures  {
             {
                 throw StandardException.newException( SQLState.CANT_DROP_DBO );
             }
+
+            checkLegalUser( dd, userName );
             
             /*
             ** Inform the data dictionary that we are about to write to it.
@@ -2199,5 +2203,17 @@ public class SystemProcedures  {
             
         } catch (StandardException se) { throw PublicAPI.wrapStandardException(se); }
     }
+
+    /**
+     * Raise an exception if the user doesn't exist. See commentary on DERBY-5648.
+     */
+    private static  void    checkLegalUser( DataDictionary dd, String userName )
+        throws StandardException
+    {
+        if ( dd.getUser( userName ) == null )
+        {
+            throw StandardException.newException( SQLState.NO_SUCH_USER );
+        }
+    }
   
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/error/SQLWarningFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/error/SQLWarningFactory.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/error/SQLWarningFactory.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/error/SQLWarningFactory.java Tue
Mar 13 17:26:17 2012
@@ -41,14 +41,13 @@ public class SQLWarningFactory {
 	 * up the messageId to generate a localised warning message. Also, SQLState
 	 * is set correctly based on the messageId.
 	 * 
-	 * @param messageId
-	 *            A Derby messageId as defined in
-	 *            {@link SQLState org.apache.derby.shared.common.reference.SQLState}.
+	 * @param messageId A Derby messageId as defined in{@link SQLState org.apache.derby.shared.common.reference.SQLState}.
 	 * @return Properly initialized SQLWarning instance.
 	 * @see org.apache.derby.shared.common.reference.SQLState
 	 */
-	public static SQLWarning newSQLWarning(String messageId) {
-		return newSQLWarning(messageId, null);
+	public static SQLWarning newSQLWarning( String messageId )
+    {
+		return newSQLWarning(messageId, new Object[] {} );
 	}
 
 	/**
@@ -56,18 +55,51 @@ public class SQLWarningFactory {
 	 * argument. It looks up the messageId to generate a localised warning
 	 * message. Also, SQLState is set correctly based on the messageId.
 	 * 
+	 * @param messageId A Derby messageId as defined in {@link SQLState org.apache.derby.shared.common.reference.SQLState}.
+	 * @param arg1 An argument for the warning message
+	 * @return Properly initialized SQLWarning instance.
+	 * @see org.apache.derby.shared.common.reference.SQLState
+	 */
+	public static SQLWarning newSQLWarning( String messageId, Object arg1 )
+    {
+        return newSQLWarning( messageId, new Object[] { arg1 } );
+	}
+
+	/**
+	 * Generates a SQLWarning instance based on the supplied messageId and
+	 * arguments. It looks up the messageId to generate a localised warning
+	 * message. Also, SQLState is set correctly based on the messageId.
+	 * 
 	 * @param messageId
-	 *            A Derby messageId as defined in
-	 *            {@link SQLState org.apache.derby.shared.common.reference.SQLState}.
-	 * @param arg
-	 *            An argument for the warning message
+	 *            A Derby messageId as defined in {@link SQLState org.apache.derby.shared.common.reference.SQLState}.
+	 * @param arg1 First argument for the warning message
+	 * @param arg2 Second argument for the warning message
+	 * @return Properly initialized SQLWarning instance.
+	 * @see org.apache.derby.shared.common.reference.SQLState
+	 */
+	public static SQLWarning newSQLWarning( String messageId, Object arg1, Object arg2 )
+    {
+        return newSQLWarning( messageId, new Object[] { arg1, arg2 } );
+	}
+
+	/**
+	 * Generates a SQLWarning instance based on the supplied messageId and
+	 * arguments. It looks up the messageId to generate a localised warning
+	 * message. Also, SQLState is set correctly based on the messageId.
+	 * 
+	 * @param messageId A Derby messageId as defined in {@link SQLState org.apache.derby.shared.common.reference.SQLState}.
+	 * @param args Arguments for the warning message
 	 * @return Properly initialized SQLWarning instance.
 	 * @see org.apache.derby.shared.common.reference.SQLState
 	 */
-	public static SQLWarning newSQLWarning(String messageId, Object arg) {
-		return new SQLWarning(MessageService.getCompleteMessage(messageId,
-				new Object[] { arg }), StandardException
-				.getSQLStateFromIdentifier(messageId), ExceptionSeverity.WARNING_SEVERITY);
+	public static SQLWarning newSQLWarning( String messageId, Object[] args )
+    {
+		return new SQLWarning
+            (
+             MessageService.getCompleteMessage( messageId, args ),
+             StandardException.getSQLStateFromIdentifier(messageId),
+             ExceptionSeverity.WARNING_SEVERITY
+             );
 	}
 
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/jdbc/authentication/NativeAuthenticationServiceImpl.java
Tue Mar 13 17:26:17 2012
@@ -555,11 +555,12 @@ public final class NativeAuthenticationS
             {
                 if ( dd.getAuthorizationDatabaseOwner().equals( userName ) )
                 {
-                    throw SQLWarningFactory.newSQLWarning( SQLState.DBO_PASSWORD_EXPIRES_SOON
);
+                    throw SQLWarningFactory.newSQLWarning( SQLState.DBO_PASSWORD_EXPIRES_SOON,
databaseName );
                 }
                 
                 long    daysRemaining = remainingLifetime / Property.MILLISECONDS_IN_DAY;
-                throw SQLWarningFactory.newSQLWarning( SQLState.PASSWORD_EXPIRES_SOON, Long.toString(
daysRemaining ) );
+                throw SQLWarningFactory.newSQLWarning
+                    ( SQLState.PASSWORD_EXPIRES_SOON, Long.toString( daysRemaining ), databaseName
);
             }
         }
         

Modified: db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/loc/messages.xml Tue Mar 13 17:26:17
2012
@@ -213,13 +213,15 @@ Guide.
 
             <msg>
                 <name>01J15</name>
-                <text>Your password will expire in {0} day(s). Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD
 procedure to change your password.</text>
+                <text>Your password will expire in {0} day(s). Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD
procedure to change your password in database '{1}'.</text>
                 <arg>remainingDays</arg>
+                <arg>databaseName</arg>
             </msg>
 
             <msg>
                 <name>01J16</name>
-                <text>Your password is stale. To protect the database, you should update
your password soon. Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD  procedure to change your
password.</text>
+                <text>Your password is stale. To protect the database, you should update
your password soon. Please use the SYSCS_UTIL.SYSCS_MODIFY_PASSWORD procedure to change your
password in database '{0}'.</text>
+                <arg>databaseName</arg>
             </msg>
 
         </family>
@@ -5023,6 +5025,11 @@ ln=lower-case two-letter ISO-639 languag
                 <arg>reason</arg>
             </msg>
 
+            <msg>
+                <name>XK001.S</name>
+                <text>Username not found in SYS.SYSUSERS.</text>
+            </msg>
+
         </family>
 
 

Modified: db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
(original)
+++ db/derby/code/trunk/java/shared/org/apache/derby/shared/common/reference/SQLState.java
Tue Mar 13 17:26:17 2012
@@ -1836,6 +1836,7 @@ public interface SQLState {
     ** Security XK...
     */
     String POLICY_NOT_RELOADED                                     ="XK000.S";
+    String NO_SUCH_USER                                                  ="XK001.S";
 
     /*
     ** Replication XRExx

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthProcs.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthProcs.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthProcs.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/NativeAuthProcs.java
Tue Mar 13 17:26:17 2012
@@ -55,6 +55,7 @@ public class NativeAuthProcs extends Gen
     private static  final   String      DUPLICATE_USER = "X0Y68";
     private static  final   String      CANT_DROP_DBO = "4251F";
     private static  final   String      WEAK_AUTHENTICATION = "4251G";
+    private static  final   String      MISSING_USER = "XK001";
 
     private static  final   String      HASHING_FORMAT_10_9 = "3b62";
     private static  final   int           HEX_CHARS_PER_BYTE = 2;
@@ -183,6 +184,10 @@ public class NativeAuthProcs extends Gen
         Connection  dboConnection = openUserConnection( TEST_DBO );
         Connection  janetConnection = openUserConnection( JANET );
 
+        vetExecution( dboConnection, false, "call syscs_util.syscs_reset_password( 'FOO',
'bar' )", MISSING_USER );
+        vetExecution( dboConnection, false, "call syscs_util.syscs_drop_user( 'FOO' )", MISSING_USER
);
+        vetExecution( janetConnection, false, "call syscs_util.syscs_modify_password( 'bar'
)", MISSING_USER );
+
         // set a message digest algorithm in case it was unset by a previous test.
         // a message digest algorithm must be set in order to use NATIVE authentication
         String  defaultDigestAlgorithm = getDatabaseProperty( dboConnection, "derby.authentication.builtin.algorithm"
);

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java?rev=1300248&r1=1300247&r2=1300248&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/Changes10_9.java
Tue Mar 13 17:26:17 2012
@@ -217,11 +217,7 @@ public class Changes10_9 extends Upgrade
             rs.next();
             assertEquals( "fred", rs.getString( 1 ) );
 
-            // does nothing
-            s.execute( "call syscs_util.syscs_modify_password( 'test_dbo_password_rev0' )"
);
-
             s.execute( "call syscs_util.syscs_reset_password( 'fred', 'fredpassword_rev2'
)" );
-
             
             s.execute( "call syscs_util.syscs_drop_user( 'fred' )" );
             



Mime
View raw message