Return-Path: 
 <derby-dev-return-29113-apmail-db-derby-dev-archive=db.apache.org@db.apache.org>
Delivered-To: apmail-db-derby-dev-archive@www.apache.org
Received: (qmail 66261 invoked from network); 6 Sep 2006 20:41:03 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 6 Sep 2006 20:41:02 -0000
Received: (qmail 79158 invoked by uid 500); 6 Sep 2006 20:41:01 -0000
Delivered-To: apmail-db-derby-dev-archive@db.apache.org
Received: (qmail 79117 invoked by uid 500); 6 Sep 2006 20:41:01 -0000
Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:derby-dev-help@db.apache.org>
List-Unsubscribe: <mailto:derby-dev-unsubscribe@db.apache.org>
List-Post: <mailto:derby-dev@db.apache.org>
List-Id: <derby-dev.db.apache.org>
Reply-To: <derby-dev@db.apache.org>
Delivered-To: mailing list derby-dev@db.apache.org
Received: (qmail 79108 invoked by uid 99); 6 Sep 2006 20:41:01 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Sep 2006 13:41:01 -0700
X-ASF-Spam-Status: No, hits=0.0 required=10.0
	tests=
X-Spam-Check-By: apache.org
Received: from [209.237.227.198] (HELO brutus.apache.org) (209.237.227.198)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Sep 2006 13:40:59 -0700
Received: from brutus (localhost [127.0.0.1])
	by brutus.apache.org (Postfix) with ESMTP id 7A29C410011
	for <derby-dev@db.apache.org>; Wed,  6 Sep 2006 20:37:23 +0000 (GMT)
Message-ID: <9378084.1157575043498.JavaMail.jira@brutus>
Date: Wed, 6 Sep 2006 13:37:23 -0700 (PDT)
From: "Mamta A. Satoor (JIRA)" <derby-dev@db.apache.org>
To: derby-dev@db.apache.org
Subject: [jira] Commented: (DERBY-1729) Invoking Java stored procedure that
 contains GRANT or REVOKE statement with CONTAINS SQL should fail.
In-Reply-To: <10729652.1155937393904.JavaMail.jira@brutus>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Virus-Checked: Checked by ClamAV on apache.org
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

    [ http://issues.apache.org/jira/browse/DERBY-1729?page=comments#action_12432959 ] 
            
Mamta A. Satoor commented on DERBY-1729:
----------------------------------------

Yip, the changes look fine. +1 for commit

> Invoking Java stored procedure that contains GRANT or REVOKE statement with CONTAINS SQL should fail.
> -----------------------------------------------------------------------------------------------------
>
>                 Key: DERBY-1729
>                 URL: http://issues.apache.org/jira/browse/DERBY-1729
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.2.1.0
>         Environment: Sun JDK 1.4.2
>            Reporter: Yip Ng
>         Assigned To: Yip Ng
>             Fix For: 10.2.1.0
>
>         Attachments: derby1729-trunk-diff01.txt, derby1729-trunk-diff02.txt, derby1729-trunk-diff03.txt, derby1729-trunk-stat01.txt, derby1729-trunk-stat02.txt, derby1729-trunk-stat03.txt, repro-trunk-diff01.txt
>
>
> In Derby SQL authorization mode, invoking Java stored procedure that contains GRANT or REVOKE statement with CONTAINS SQL from a  trigger should fail but in the following test, it successfully executed the trigger action.  
> Attaching repro patch for trunk.
> i.e.:
> ij> connect 'triggerProcSQLAuth;create=true' user 'APP' as app;
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij> --- setup the environment
> --- table used in the procedures
> create table t1 (i int primary key, b char(15));
> 0 rows inserted/updated/deleted
> ij> insert into t1 values (1, 'XYZ');
> 1 row inserted/updated/deleted
> ij> insert into t1 values (2, 'XYZ');
> 1 row inserted/updated/deleted
> ij> --- table used in this test
> create table t2 (x integer, y integer);
> 0 rows inserted/updated/deleted
> ij> create procedure grant_select_proc() 
>        parameter style java
>        dynamic result sets 0 language java 
>        contains sql
>        external name 'org.apache.derbyTesting.functionTests.util.ProcedureTest.grantSelect';
> 0 rows inserted/updated/deleted
> ij> create procedure revoke_select_proc() 
>        parameter style java
>        dynamic result sets 0 language java 
>        contains sql
>        external name 'org.apache.derbyTesting.functionTests.util.ProcedureTest.revokeSelect';
> 0 rows inserted/updated/deleted
> ij> --- tests
> create trigger grant_select_trig AFTER delete on t1 
> 	for each STATEMENT mode db2sql call grant_select_proc();
> 0 rows inserted/updated/deleted
> ij> --- should fail
> delete from t1 where i = 1;
> 1 row inserted/updated/deleted
> ij> --- check delete failed
> select * from t1;
> I          |B              
> ---------------------------
> 2          |XYZ            
> 1 row selected
> ij> --- check if there are rows in sys.systableperms, should be 0
> select count(*) from SYS.SYSTABLEPERMS;
> 1          
> -----------
> 1          
> 1 row selected
> ij> drop trigger grant_select_trig;
> 0 rows inserted/updated/deleted
> ij> create trigger revoke_select_trig AFTER delete on t1 
> 	for each STATEMENT mode db2sql call revoke_select_proc();
> 0 rows inserted/updated/deleted
> ij> --- should fail
> delete from t1 where i = 2;
> 1 row inserted/updated/deleted
> ij> --- check delete failed
> select * from t1;
> I          |B              
> ---------------------------
> 0 rows selected
> ij> --- check if there are rows in sys.systableperms, should be 0
> select count(*) from SYS.SYSTABLEPERMS;
> 1          
> -----------
> 0          
> 1 row selected
> ij> drop trigger revoke_select_trig;
> 0 rows inserted/updated/deleted
> ij> 
> ------------------ Java Information ------------------
> Java Version:    1.4.2_12
> Java Vendor:     Sun Microsystems Inc.
> Java home:       C:\Program Files\Java\j2re1.4.2_12
> Java classpath:  derby.jar;derbytools.jar
> OS name:         Windows XP
> OS architecture: x86
> OS version:      5.1
> Java user name:  Yip
> Java user home:  C:\Documents and Settings\Yip
> Java user dir:   C:\work3\derby\trunk\jars\sane
> java.specification.name: Java Platform API Specification
> java.specification.version: 1.4
> --------- Derby Information --------
> JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
> [C:\work3\derby\trunk\jars\sane\derby.jar] 10.3.0.0 alpha - (432670M)
> [C:\work3\derby\trunk\jars\sane\derbytools.jar] 10.3.0.0 alpha - (432670M)
> ------------------------------------------------------
> ----------------- Locale Information -----------------
> Current Locale :  [English/United States [en_US]]
> Found support for locale: [de_DE]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [es]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [fr]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [it]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [ja_JP]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [ko_KR]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [pt_BR]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [zh_CN]
>          version: 10.3.0.0 alpha - (432670M)
> Found support for locale: [zh_TW]
>          version: 10.3.0.0 alpha - (432670M)
> ------------------------------------------------------

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira