db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Closed: (DERBY-2735) Add a system procedure to set a user's connection level authorization.
Date Wed, 06 Jun 2007 16:48:26 GMT

     [ https://issues.apache.org/jira/browse/DERBY-2735?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel John Debrunner closed DERBY-2735.
----------------------------------------

    Resolution: Fixed

Routines have been added with minor changes to the above.

1) Type of the permission changed to a VARCHAR(128)

 SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(128) CONNECTION_PERMISSION)

 SYSCS_UTIL.SYSCS_GET_USER_ACCESS(VARCHAR(128) USERNAME) RETURNS VARCHAR(128) 

2) Values for the connection permission changed to match the property settiing explicitly

  NOACCESS
  FULLACCESS
  READONLYACCESS

all case insensitive. 

> Add a system procedure to set a user's connection level authorization.
> ----------------------------------------------------------------------
>
>                 Key: DERBY-2735
>                 URL: https://issues.apache.org/jira/browse/DERBY-2735
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security
>            Reporter: Daniel John Debrunner
>            Assignee: Daniel John Debrunner
>            Priority: Minor
>             Fix For: 10.3.0.0
>
>
> Add procedure & function to set (and get ) a user's connection authorization to full
access, read-only or not defined.
> Based upon the existing UserUtility class but only exposing a single procedure that sets
the permission. This is to avoid any appearance that the procedure adds a user.
> SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(8) CONNECTION_PERMISSION)
> Valid values for  CONNECTION_PERMISSION
> FULL - Add the user to the list of full access users for the database, i.e. the database
property derby.database.fullAccessUsers)
> READONLY - - Add the user to the list of read-only  users for the database, i.e. the
database property derby.database.readOnlyAccessUsers)
> NULL - remove the user from the list of permissions, reverting it to the default permission.
> SYSCS_UTIL.SYSCS_GET_USER_ACCESS(VARCHAR(128) USERNAME) RETURNS VARCHAR(8)
> Gets the current connection access permissions for the user, factors in the default connection
mode.
> Return either FULL, READONLY, NO or NULL.
> (NO means connection attempt by user will be denied by the user not having an entry in
derby.database.fullAccessUsers or derby.database.readOnlyAccessUsers and derby.database.defaultConnectionMode
is set to noAccess)
> The names of the connection permissions match the existing names in use by Derby.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message