db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mamta A. Satoor (JIRA)" <derby-...@db.apache.org>
Subject [jira] Commented: (DERBY-1858) A schema can be dropped by a non-schema owner in SQL authorization mode
Date Tue, 19 Sep 2006 05:49:23 GMT
    [ http://issues.apache.org/jira/browse/DERBY-1858?page=comments#action_12435671 ] 
            
Mamta A. Satoor commented on DERBY-1858:
----------------------------------------

Yip, I did a review of the attached package and following couple questions/comments.

1)I had question about changes to DropSchemaNode. I realize that my question here is related
to pre-existing logic that you needed to extend for drop schema. But I wondered why for table
privilege, we push the privilege requirement(select/trigger/update etc) by calling CompilerContext.pushCurrentPrivType
and use that to determine what kind of privilege is required for the table in CompilerContextImpl.addRequiredTablePriv
method. But for privilege requirement for schemas, we pass the privilege type to CompilerContextImpl.addRequiredSchemaPriv
rather than pushing it onto CompilerContext and then popping it back from there at the right
time. I should have asked this question when the code was originally checked in for CreateSchemaNode.
This is not a biggie, just a curiosity question.

2)In Authorizer.java, there is a constant called PRIV_TYPE_COUNT which has a value of 7. With
the patch attached to this Jira entry, we have added 1 more privilege type. Do we need to
change PRIV_TYPE_COUNT? May be the purpose of PRIV_TYPE_COUNT is to track only table and routine
level privilege types and that is why we didn't need to modify it for this patch.

3)Can we have some positive test cases for drop schema in grantRevokeDDL2.sql showing that
a database owner or schema owner can successfully drop the schema?

Other than that, the changes look pretty good to me. Thanks, Yip.

> A schema can be dropped by a non-schema owner in SQL authorization mode
> -----------------------------------------------------------------------
>
>                 Key: DERBY-1858
>                 URL: http://issues.apache.org/jira/browse/DERBY-1858
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.2.1.0, 10.2.2.0, 10.3.0.0
>         Environment: Any
>            Reporter: Yip Ng
>         Assigned To: Yip Ng
>             Fix For: 10.2.1.0
>
>         Attachments: derby1858-trunk-diff01.txt, derby1858-trunk-stat01.txt
>
>
> drop schema user2 restrict should fail since user3 does not own the schema user2.
> ij version 10.3
> ij> connect 'wombat;create=true' user 'user1' as user1;
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij> connect 'wombat;create=true' user 'user2' as user2;
> WARNING 01J01: Database 'wombat' not created, connection made to existing database instead.
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij(USER2)> create schema user2;
> 0 rows inserted/updated/deleted
> ij(USER2)> connect 'wombat;create=true' user 'user3' as user3;
> WARNING 01J01: Database 'wombat' not created, connection made to existing database instead.
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij(USER3)> drop schema user2 restrict;
> 0 rows inserted/updated/deleted
> sysinfo:
> ------------------ Java Information ------------------
> Java Version:    1.4.2_12
> Java Vendor:     Sun Microsystems Inc.
> Java home:       c:\jdk142\jre
> Java classpath:  classes;.
> OS name:         Windows XP
> OS architecture: x86
> OS version:      5.1
> Java user name:  Yip
> Java user home:  C:\Documents and Settings\Yip
> Java user dir:   C:\work3\derby\trunk
> java.specification.name: Java Platform API Specification
> java.specification.version: 1.4
> --------- Derby Information --------
> JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
> [C:\work3\derby\trunk\classes] 10.3.0.0 alpha - (446666)
> ------------------------------------------------------
> ----------------- Locale Information -----------------
> Current Locale :  [English/United States [en_US]]
> Found support for locale: [de_DE]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [es]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [fr]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [it]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [ja_JP]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [ko_KR]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [pt_BR]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [zh_CN]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [zh_TW]
>          version: 10.3.0.0 alpha - (446666)
> ------------------------------------------------------

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message