Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 30570 invoked from network); 24 Feb 2006 20:50:29 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 24 Feb 2006 20:50:29 -0000 Received: (qmail 24107 invoked by uid 500); 24 Feb 2006 20:50:29 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 23917 invoked by uid 500); 24 Feb 2006 20:50:28 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 23895 invoked by uid 99); 24 Feb 2006 20:50:28 -0000 Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Feb 2006 12:50:28 -0800 X-ASF-Spam-Status: No, hits=0.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (asf.osuosl.org: domain of msatoor@gmail.com designates 64.233.182.198 as permitted sender) Received: from [64.233.182.198] (HELO nproxy.gmail.com) (64.233.182.198) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 24 Feb 2006 12:50:26 -0800 Received: by nproxy.gmail.com with SMTP id g2so273819nfe for ; Fri, 24 Feb 2006 12:50:05 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=t92bmqvv5u4fqn1VFMWNMJgQ+WFMcwuV0DW0TYqBhCMvZjAl5/rGpQ9K3l8GatEJ1tSwMJLjD6NiUMUhRUx3jFHLNbcjLEqZ2q7pjSku2dFiMLxWjncF7ZgvaEdhaWyYghPNLV1dIFhCdgaqFT6Gc0sHBPeTjK+6hIS7akYFTTo= Received: by 10.49.18.20 with SMTP id v20mr2907626nfi; Fri, 24 Feb 2006 12:50:05 -0800 (PST) Received: by 10.49.22.19 with HTTP; Fri, 24 Feb 2006 12:50:05 -0800 (PST) Message-ID: Date: Fri, 24 Feb 2006 12:50:05 -0800 From: "Mamta Satoor" To: derby-dev@db.apache.org Subject: Re: Grant/Revoke subtask - EXTERNAL SECURITY DEFINER | EXTERNAL SECURITY INVOKER In-Reply-To: <43FF6E52.1050104@Sourcery.Org> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_13179_29528530.1140814205216" References: <43FB8D6C.6060602@Sourcery.Org> <43FCAEAE.3040808@Sourcery.Org> <43FCB097.4080808@apache.org> <43FF6E52.1050104@Sourcery.Org> X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N ------=_Part_13179_29528530.1140814205216 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline That does sound cleaner. Thanks for your suggestion. Mamta On 2/24/06, Satheesh Bandaram wrote: > > Sounds right!... Minor comment, may be this should be changed: > > if (readMoreFromDisk =3D=3D 1) > > to > > if (readMoreFromDisk *> 0*) > > to support future versions. This approach does seem easier and "cleaner" > in this context. > > Satheesh > > Mamta Satoor wrote: > > Actually, I think I figured it out. > > A pre-10.2 db, in it's on disk AliasInfo format, will have an unused valu= e > which is set to 0. > > 10.2 release Derby will check if the on disk AliasInfo's unused value is > set to 0(which means it is dealing with pre-10.2 db) and if yes, then it > will default the external security info to true meaning use invoker's > privileges. > > A 10.2 db's on disk AliasInfo will have the unused value set to 1. This > will be an indication that we are dealing with a 10.2 database and we > should go ahead and read the external security information from the disk > which could be true/false. > > Here is how I think the changed readExternal and writeExternal should loo= k > like in 10.2 catalog.types.RoutineAliasInfo > > public void readExternal( ObjectInput in ) > throws IOException, ClassNotFoundException > { > super.readExternal(in); > specificName =3D (String) in.readObject(); > dynamicResultSets =3D in.readInt(); > parameterCount =3D in.readInt(); > parameterStyle =3D in.readShort(); > sqlAllowed =3D in.readShort(); > returnType =3D (TypeDescriptor) in.readObject(); > calledOnNullInput =3D in.readBoolean(); > int readMoreFromDisk =3D in.readInt(); //This will be 0 from pre-10.2 d= b > > if (parameterCount !=3D 0) { > parameterNames =3D new String[parameterCount]; > parameterTypes =3D new TypeDescriptor[parameterCount]; > > ArrayUtil.readArrayItems(in, parameterNames); > ArrayUtil.readArrayItems(in, parameterTypes); > parameterModes =3D ArrayUtil.readIntArray(in); > > } else { > parameterNames =3D null; > parameterTypes =3D null; > parameterModes =3D null; > } > > if (readMoreFromDisk =3D=3D 1) > //If true, that means we are dealing with 10.2 db and hence > //we should read external security info from the disk > executeUsingPermissionsOfRoutineInvoker =3D in.readBoolean (); > else > //We are dealing with pre-10.2 db, which doesn't have external > //security feature on routines and hence no information about > //external security will be found on the disk > executeUsingPermissionsOfRoutineInvoker =3D true; > > in.readInt(); //future expansion for post 10.2 release > > } > > /** > * Write this object to a stream of stored objects. > * > * @param out write bytes here. > * > * @exception IOException thrown on error > */ > public void writeExternal( ObjectOutput out ) > throws IOException > { > super.writeExternal(out); > out.writeObject(specificName); > out.writeInt(dynamicResultSets); > out.writeInt(parameterCount); > out.writeShort(parameterStyle); > out.writeShort (sqlAllowed); > out.writeObject(returnType); > out.writeBoolean(calledOnNullInput); > out.writeInt(1); // 1 means we are dealing with 10.2 on disk format > if (parameterCount !=3D 0) { > ArrayUtil.writeArrayItems (out, parameterNames); > ArrayUtil.writeArrayItems(out, parameterTypes); > ArrayUtil.writeIntArray(out, parameterModes); > } > out.writeBoolean(executeUsingPermissionsOfRoutineInvoker); > out.writeInt(0); //future expansion for post 10.2 releases > } > > > > On 2/24/06, Mamta Satoor wrote: > > > > Hi, > > > > Dan, could you expand a little more on > > "The RoutineAliasInfo has the correct structure to support expansion. I= t > > writes out an unused value, set at 0. This could be bumped to indicate > > that more data needs to be read, e.g. 1 means the external security inf= o > > > > flag is written to disk etc. etc"? > > > > What I am looking for is what happens during upgrade if I add another > > field to RoutineAliasInfo(since this change will become part of SYSALIA= SES > > AliasInfo field)? I am not sure if it is as easy as just changing the > > RoutineAliasInfo class and everything will work fine, especially during= an > > upgrade. > > > > Also, looking at Derby-337 (dblook doesn't generate SQL statements for > > SQL functions.), it seems like Army had encountered some problems when = he > > had to add a filed to RoutineAliasInfo. > > > > Any thoughts on this will be helpful, > > Mamta > > > > > > On 2/22/06, Daniel John Debrunner wrote: > > > > > > Satheesh Bandaram wrote: > > > > > > > > > > > Mamta Satoor wrote: > > > > > > > >> Satheesh, I was looking through the code last night and saw > > > following > > > >> comment, about external security info flag, in CreateAliasNode.ini= t > > > >> line 195 > > > >> // GrantRevoke TODO: Figure out how to save external security > > > >> info. Putting this in > > > >> // RoutineAliasInfo may not be the best long term solution > > > >> It seems like RoutineAliasInfo will be the logical place to keep > > > this > > > >> external security information, similar to the way we keep other > > > >> information like called on null input, parameter count etc. Did yo= u > > > > > > >> have reservations about this approach because we want to move away > > > >> from using objects in the system tables (which in this case is > > > >> AliasInfo in SYSALIASES table)? > > > > > > > > Here are some of my concerns about adding another field to > > > > RoutineAliasInfo. > > > > > > > > 1. It would become harder to extract this info from > > > RoutineAliasInfo > > > > as it is a Java object for any metadata processing... like in > > > > dblook or for other GUI tools. We would have to document how > > > > RoutineAliasInfo gets generated as a character type and > > > maintain > > > > that format in the future. > > > > 2. Have to support existing RoutineAliasInfo instances created i= n > > > > existing databases. You would have to introduce a new > > > > RoutineAliasInfo version or add a new mapping to another java > > > object. > > > > > > The RoutineAliasInfo has the correct structure to support expansion. > > > It > > > writes out an unused value, set at 0. This could be bumped to indicat= e > > > > > > that more data needs to be read, e.g. 1 means the external security > > > info > > > flag is written to disk etc. etc. > > > > > > Dan. > > > > > > > > > > > > ------=_Part_13179_29528530.1140814205216 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline
That does sound cleaner. Thanks for your suggestion.
 
Mamta

 
On 2/24/06, = Satheesh Bandaram <satheesh= @sourcery.org> wrote:
Sounds right!... Minor comment, = may be this should be changed:

if (readMoreFromDisk =3D=3D 1)
to

if (readMoreFromDisk > 0)

to support future versio= ns. This approach does seem easier and "cleaner" in this context.=

Satheesh=20


Mamta Satoor wro= te:
Actually, I think I figured it out.
 
A pre-10.2 db, in it's on disk AliasInfo format, will have a= n unused value which is set to 0.
 
10.2 release Derby will check if the on disk AliasInfo's unused&n= bsp;value is set to 0(which means it is dealing with pre-10.2 db) = ;and if yes, then it will default the external security info to true meanin= g use invoker's privileges.=20
 
A 10.2 db's on disk AliasInfo will have the unused value set to 1= . This will be an indication that we are dealing with a 10.2 database and w= e should go ahead and read the external security information from the disk = which could be true/false.=20
 
Here is how I think the changed readExternal and writeExternal should = look like in 10.2 catalog.types.RoutineAliasInfo

 public void readExternal( ObjectInput in )
   throws = IOException, ClassNotFoundException
 {
  super.readExt= ernal(in);
  specificName =3D (String) in.readObject();
&nb= sp; dynamicResultSets =3D in.readInt();
  parameterCount = =3D=20 in.readInt();
  parameterStyle =3D in.readShort();
 &n= bsp;sqlAllowed =3D in.readShort();
  returnType =3D (TypeDescr= iptor) in.readObject();
  calledOnNullInput =3D in.readBoolean= ();
  int readMoreFromDisk =3D in.readInt(); //This will be 0 = from=20 pre-10.2 db

  if (parameterCount !=3D 0) {
   parameterN= ames =3D new String[parameterCount];
   parameterTypes = =3D new TypeDescriptor[parameterCount];

   ArrayUtil.readArrayItems(in, parameterNames);
 = ;  ArrayUtil.readArrayItems(in, parameterTypes);
  &= nbsp;parameterModes =3D ArrayUtil.readIntArray(in);

  } else {
   parameterNames =3D null;
&n= bsp;  parameterTypes =3D null;
   parameterMode= s =3D null;
  }

  if (readMoreFromDisk =3D=3D 1)
   //If tru= e, that means we are dealing with 10.2 db and hence
   //= we should read external security info from the disk
   ex= ecuteUsingPermissionsOfRoutineInvoker =3D in.readBoolean ();
  else
   //We are dealing with pre-10.= 2 db, which doesn't have external
   //security feature o= n routines and hence no information about
   //external s= ecurity will be found on the disk
   executeUsingPermiss= ionsOfRoutineInvoker =3D true;=20

  in.readInt(); //future expansion for post 10.2 release

 }

 /**
  * Write this object to a stream of stored objects.  *
  * @param out write bytes here.
  *
  *= @exception IOException  thrown on error
  */
 pu= blic void writeExternal( ObjectOutput out )
   throws IOException
 {
  super.writeExtern= al(out);
  out.writeObject(specificName);
  out.w= riteInt(dynamicResultSets);
  out.writeInt(parameterCount);  out.writeShort(parameterStyle);
  out.writeShort (sqlAllowed);
  out.writeObject(returnType);
  o= ut.writeBoolean(calledOnNullInput);
  out.writeInt(1); // 1 me= ans we are dealing with 10.2 on disk format
  if (parameterCou= nt !=3D 0) {
   ArrayUtil.writeArrayItems (out, parameterNames);
   ArrayUtil.writeArrayItems(out,= parameterTypes);
   ArrayUtil.writeIntArray(out, paramet= erModes);
  }
  out.writeBoolean(executeUsingPerm= issionsOfRoutineInvoker);
  out.writeInt(0); //future expansio= n for post=20 10.2 releases
 }



 
On 2/24/06, = Mamta Satoor <msatoor@gmail.com= > wrote: =20
Hi,
 
Dan, could you expand a little more on
"The RoutineAliasInfo has the correct structure to support = expansion. It
writes out an unused value, set at 0. This could be bumped= to indicate
that more data needs to be read, e.g. 1 means the external = security info=20
flag is written to disk etc. etc"?
 
What I am looking for is what happens during upgrade if I add ano= ther field to RoutineAliasInfo(since this change will become part of SYSALI= ASES AliasInfo field)? I am not sure if it is as easy as just changing the = RoutineAliasInfo class and everything will work fine, especially during an = upgrade.=20
 
Also, looking at Derby-337 (dblook doesn't generate SQL statement= s for SQL functions.), it seems like Army had encountered some problems whe= n he had to add a filed to RoutineAliasInfo.
 
Any thoughts on this will be helpful,
Mamta

 
On 2/22/06, = Daniel John Debrunner <djd@apache.= org > wrote:=20
Satheesh Bandaram wr= ote:

>
> Mamta Satoor wrote:
>
>> Satheesh, = I was looking through the code last night and saw following=20
>> comment, about external security info flag, in CreateAliasNode= .init
>> line 195
>>     // GrantRevo= ke TODO: Figure out how to save external security
>> info. Putting= this in
>>     // RoutineAliasInfo may not be= the best long term solution=20
>> It seems like RoutineAliasInfo will be the logical place to ke= ep this
>> external security information, similar to the way we ke= ep other
>> information like called on null input, parameter count= etc. Did you=20
>> have reservations about this approach because we want to move = away
>> from using objects in the system tables (which in this cas= e is
>> AliasInfo in SYSALIASES table)?
>
> Here are s= ome of my concerns about adding another field to=20
> RoutineAliasInfo.
>
>    1. It wou= ld become harder to extract this info from RoutineAliasInfo
> &n= bsp;     as it is a Java object for any metadata proces= sing... like in
>       dblook or for o= ther GUI tools. We would have to document how=20
>       RoutineAliasInfo gets generate= d as a character type and maintain
>     &nb= sp; that format in the future.
>    2. Have to su= pport existing RoutineAliasInfo instances created in
>  &nb= sp;    existing databases. You would have to introduce a new= =20
>       RoutineAliasInfo version or ad= d a new mapping to another java object.

The RoutineAliasInfo has the= correct structure to support expansion. It
writes out an unused value, = set at 0. This could be bumped to indicate=20
that more data needs to be read, e.g. 1 means the external security inf= o
flag is written to disk etc. etc.

Dan.


=



------=_Part_13179_29528530.1140814205216--