Return-Path: Delivered-To: apmail-db-derby-dev-archive@www.apache.org Received: (qmail 48967 invoked from network); 6 Jun 2007 16:48:47 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 6 Jun 2007 16:48:47 -0000 Received: (qmail 86196 invoked by uid 500); 6 Jun 2007 16:48:51 -0000 Delivered-To: apmail-db-derby-dev-archive@db.apache.org Received: (qmail 86099 invoked by uid 500); 6 Jun 2007 16:48:50 -0000 Mailing-List: contact derby-dev-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: Delivered-To: mailing list derby-dev@db.apache.org Received: (qmail 86090 invoked by uid 99); 6 Jun 2007 16:48:50 -0000 Received: from herse.apache.org (HELO herse.apache.org) (140.211.11.133) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Jun 2007 09:48:50 -0700 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO brutus.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 06 Jun 2007 09:48:46 -0700 Received: from brutus (localhost [127.0.0.1]) by brutus.apache.org (Postfix) with ESMTP id 1A15F71418E for ; Wed, 6 Jun 2007 09:48:26 -0700 (PDT) Message-ID: <6294626.1181148506103.JavaMail.jira@brutus> Date: Wed, 6 Jun 2007 09:48:26 -0700 (PDT) From: "Daniel John Debrunner (JIRA)" To: derby-dev@db.apache.org Subject: [jira] Closed: (DERBY-2735) Add a system procedure to set a user's connection level authorization. In-Reply-To: <982403.1180622835968.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/DERBY-2735?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel John Debrunner closed DERBY-2735. ---------------------------------------- Resolution: Fixed Routines have been added with minor changes to the above. 1) Type of the permission changed to a VARCHAR(128) SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(128) CONNECTION_PERMISSION) SYSCS_UTIL.SYSCS_GET_USER_ACCESS(VARCHAR(128) USERNAME) RETURNS VARCHAR(128) 2) Values for the connection permission changed to match the property settiing explicitly NOACCESS FULLACCESS READONLYACCESS all case insensitive. > Add a system procedure to set a user's connection level authorization. > ---------------------------------------------------------------------- > > Key: DERBY-2735 > URL: https://issues.apache.org/jira/browse/DERBY-2735 > Project: Derby > Issue Type: New Feature > Components: Security > Reporter: Daniel John Debrunner > Assignee: Daniel John Debrunner > Priority: Minor > Fix For: 10.3.0.0 > > > Add procedure & function to set (and get ) a user's connection authorization to full access, read-only or not defined. > Based upon the existing UserUtility class but only exposing a single procedure that sets the permission. This is to avoid any appearance that the procedure adds a user. > SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(8) CONNECTION_PERMISSION) > Valid values for CONNECTION_PERMISSION > FULL - Add the user to the list of full access users for the database, i.e. the database property derby.database.fullAccessUsers) > READONLY - - Add the user to the list of read-only users for the database, i.e. the database property derby.database.readOnlyAccessUsers) > NULL - remove the user from the list of permissions, reverting it to the default permission. > SYSCS_UTIL.SYSCS_GET_USER_ACCESS(VARCHAR(128) USERNAME) RETURNS VARCHAR(8) > Gets the current connection access permissions for the user, factors in the default connection mode. > Return either FULL, READONLY, NO or NULL. > (NO means connection attempt by user will be denied by the user not having an entry in derby.database.fullAccessUsers or derby.database.readOnlyAccessUsers and derby.database.defaultConnectionMode is set to noAccess) > The names of the connection permissions match the existing names in use by Derby. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.