db-derby-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rhille...@apache.org
Subject svn commit: r1573030 - in /db/derby/code/trunk/java: engine/org/apache/derby/iapi/sql/compile/ engine/org/apache/derby/impl/sql/ engine/org/apache/derby/impl/sql/compile/ testing/org/apache/derbyTesting/functionTests/tests/lang/
Date Fri, 28 Feb 2014 18:46:35 GMT
Author: rhillegas
Date: Fri Feb 28 18:46:35 2014
New Revision: 1573030

URL: http://svn.apache.org/r1573030
Log:
DERBY-6491: Don't require USAGE priv on the datatypes of SELECTed columns; commit derby-6491-ab-stopRequiringUsagePriv.diff.

Modified:
    db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/compile/CompilerContext.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/GenericStatement.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CursorNode.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/FromList.java
    db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java
    db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/UDTPermsTest.java

Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/compile/CompilerContext.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/compile/CompilerContext.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/compile/CompilerContext.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/compile/CompilerContext.java
Fri Feb 28 18:46:35 2014
@@ -626,5 +626,14 @@ public interface CompilerContext extends
      * would be 2. Returns 0 if the compiler isn't inside any such scope.
      */
     public  int     scopeDepth( String scopeName );
+
+    /**
+     * Set whether we should skip adding USAGE privileges for user-defined types.
+     * Returns the previous setting of this variable.
+     */
+    public  boolean    skipTypePrivileges( boolean skip );
+
+    /** Return whether we are skipping USAGE privileges for user-defined types */
+    public  boolean skippingTypePrivileges();
     
 }

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/GenericStatement.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/GenericStatement.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/GenericStatement.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/GenericStatement.java Fri Feb
28 18:46:35 2014
@@ -454,7 +454,10 @@ public class GenericStatement
 						if (foundInCache)
 							((GenericLanguageConnectionContext)lcc).removeStatement(this);
 					}
-					
+
+                    // stop adding privileges for user-defined types
+                    cc.skipTypePrivileges( true );
+                    
 					qt.optimizeStatement();
 
 					optimizeTime = getCurrentTimeMillis(lcc);

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java
(original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java
Fri Feb 28 18:46:35 2014
@@ -146,6 +146,7 @@ public class CompilerContextImpl extends
         referencedSequences = null;
         privilegeCheckFilters =  null;
         namedScopes = null;
+        skippingTypePrivileges = false;
 	}
 
 	//
@@ -1039,6 +1040,21 @@ public class CompilerContextImpl extends
         else { return scopeDepth[ SCOPE_CELL ]; }
     }
 
+    /** Set whether we should skip adding USAGE privileges for user-defined types */
+    public  boolean    skipTypePrivileges( boolean skip )
+    {
+        boolean oldValue = skippingTypePrivileges;
+        
+        skippingTypePrivileges = skip;
+
+        return oldValue;
+    }
+
+    /** Return whether we are skipping USAGE privileges for user-defined types */
+    public  boolean skippingTypePrivileges()
+    {
+        return skippingTypePrivileges;
+    }
 
 	/*
 	** Context state must be reset in resetContext()
@@ -1065,6 +1081,7 @@ public class CompilerContextImpl extends
 	private SchemaDescriptor	compilationSchema;
     private ArrayList<VisitableFilter> privilegeCheckFilters;
     private HashMap<String,int[]> namedScopes;
+    private boolean             skippingTypePrivileges;
 
 	/**
 	 * Saved execution time default schema, if we need to change it

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CursorNode.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CursorNode.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CursorNode.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/CursorNode.java Fri
Feb 28 18:46:35 2014
@@ -240,6 +240,11 @@ public class CursorNode extends DMLState
     @Override
 	public void bindStatement() throws StandardException
 	{
+        //
+        // Don't add USAGE privilege on user-defined types.
+        //
+        boolean wasSkippingTypePrivileges = getCompilerContext().skipTypePrivileges( true
);
+            
 		DataDictionary				dataDictionary;
 
 		dataDictionary = getDataDictionary();
@@ -385,7 +390,8 @@ public class CursorNode extends DMLState
 				indexOfSessionTableNamesInSavedObjects = getCompilerContext().addSavedObject(sessionSchemaTableNames);
 		}
 
-	}
+        getCompilerContext().skipTypePrivileges( wasSkippingTypePrivileges );
+    }
 
     /**
      * Collects table descriptors for base tables whose index statistics we

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/FromList.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/FromList.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/FromList.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/FromList.java Fri Feb
28 18:46:35 2014
@@ -326,6 +326,12 @@ class FromList extends    QueryTreeNodeV
 							FromList fromListParam) 
 			throws StandardException
 	{
+        //
+        // Don't add USAGE privilege on user-defined types just because we're
+        // binding tables.
+        //
+        boolean wasSkippingTypePrivileges = getCompilerContext().skipTypePrivileges( true
);
+        
 		FromTable	fromTable;
 
 		/* Now we bind the tables - this is a 2 step process.
@@ -391,6 +397,7 @@ class FromList extends    QueryTreeNodeV
             }
         }
         cc.popCurrentPrivType();
+        getCompilerContext().skipTypePrivileges( wasSkippingTypePrivileges );
 	}
 
 	/**

Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java Fri
Feb 28 18:46:35 2014
@@ -1419,7 +1419,7 @@ public abstract class QueryTreeNode impl
     {
         getCompilerContext().createDependency( ad );
 
-        if ( isPrivilegeCollectionRequired() )
+        if ( isPrivilegeCollectionRequired() && !getCompilerContext().skippingTypePrivileges()
)
         {
             getCompilerContext().addRequiredUsagePriv( ad );
         }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java
Fri Feb 28 18:46:35 2014
@@ -11640,11 +11640,6 @@ public final class GrantRevokeDDLTest ex
             "    from test_dbo.selectTable_6434\n" +
             "    where selectColumn > ( select test_dbo.selectAggregate_6434( selectColumn
) from test_dbo.selectTable_6434 )\n";
 
-        // fails because ruth doesn't have USAGE permission on type SelectType_6434
-        expectExecutionError( ruthConnection, NO_GENERIC_PERMISSION, insert );
-
-        // succeeds after granting that permission
-        grant_6429( dboConnection, "usage on type SelectType_6434" );
         goodStatement( ruthConnection, insert );
         
         //
@@ -11886,11 +11881,6 @@ public final class GrantRevokeDDLTest ex
             "    where test_dbo.selectFunction_6434_2( selectColumn2, 'foo' ) < 100\n"
+
             ")\n";
 
-        // fails because ruth doesn't have USAGE permission on type SelectType_6434_2
-        expectExecutionError( ruthConnection, NO_GENERIC_PERMISSION, delete );
-
-        // succeeds after granting that permission
-        grant_6429( dboConnection, "usage on type SelectType_6434_2" );
         goodStatement( ruthConnection, delete );
         
         //
@@ -12250,4 +12240,69 @@ public final class GrantRevokeDDLTest ex
              );
     }
 
+    /**
+     * Test that SELECT does not require USAGE privilege on the user-defined
+     * types of the table columns.
+     */
+    public void test_6491()
+        throws Exception
+    {
+        Connection  dboConnection = openUserConnection( TEST_DBO );
+        Connection  ruthConnection = openUserConnection( RUTH );
+
+        //
+        // Schema
+        //
+        goodStatement
+            (
+             dboConnection,
+             "create type SourceUnreferencedType_6491 external name 'java.util.HashMap' language
java"
+             );
+        goodStatement
+            (
+             dboConnection,
+             "create type SourceValueType_6491 external name 'java.util.HashMap' language
java"
+             );
+        goodStatement
+            (
+             dboConnection,
+             "create table sourceTable_6491\n" +
+             "(\n" +
+             "    sourceUnreferencedColumn SourceUnreferencedType_6491,\n" +
+             "    sourceValueColumn SourceValueType_6491\n" +
+             ")\n"
+             );
+        goodStatement
+            (
+             dboConnection,
+             "grant select( sourceValueColumn ) on sourceTable_6491 to ruth"
+             );
+
+        // test that SELECT is the only privilege needed
+        goodStatement
+            (
+             ruthConnection,
+             "select sourceValueColumn from test_dbo.sourceTable_6491"
+             );
+
+        //
+        // Drop schema
+        //
+        goodStatement
+            (
+             dboConnection,
+             "drop table sourceTable_6491"
+             );
+        goodStatement
+            (
+             dboConnection,
+             "drop type SourceUnreferencedType_6491 restrict"
+             );
+        goodStatement
+            (
+             dboConnection,
+             "drop type SourceValueType_6491 restrict"
+             );
+    }
+    
 }

Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/UDTPermsTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/UDTPermsTest.java?rev=1573030&r1=1573029&r2=1573030&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/UDTPermsTest.java
(original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/UDTPermsTest.java
Fri Feb 28 18:46:35 2014
@@ -165,18 +165,18 @@ public class UDTPermsTest extends Genera
              "grant execute on function makePrice_ruth_01 to public\n"
              );
 
-        expectExecutionError
+        // should work fine. no USAGE priv required.
+        goodStatement
             (
-             aliceConnection,
-             LACK_USAGE_PRIV,
+             ruthConnection,
              "select * from ruth.t_ruth_01\n"
              );
-        expectExecutionError
+        goodStatement
             (
-             aliceConnection,
-             LACK_USAGE_PRIV,
+             ruthConnection,
              "values( ruth.makePrice_ruth_01() )\n"
              );
+        
         expectExecutionError
             (
              aliceConnection,



Mime
View raw message