db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laura Stewart (JIRA)" <j...@apache.org>
Subject [jira] Commented: (DERBY-2735) Add a system procedure to set a user's connection level authorization.
Date Tue, 07 Aug 2007 17:19:59 GMT

    [ https://issues.apache.org/jira/browse/DERBY-2735?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12518197
] 

Laura Stewart commented on DERBY-2735:
--------------------------------------

Hi Dan - I am going to document these procedures as part of Derby-2914.  I just want to be
certain that I understand the syntax...

SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(128) CONNECTION_PERMISSION)


means

SYSCS_UTIL.SYSCS_SET_USER_ACCESS(USERNAME. CONNECTION_PERMISSION) 

Where USERNAME and CONNECTION_PERMISSION are both VARCHARs with a max of 128 characters...
yes?

> Add a system procedure to set a user's connection level authorization.
> ----------------------------------------------------------------------
>
>                 Key: DERBY-2735
>                 URL: https://issues.apache.org/jira/browse/DERBY-2735
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security
>            Reporter: Daniel John Debrunner
>            Assignee: Daniel John Debrunner
>            Priority: Minor
>             Fix For: 10.3.0.0
>
>
> Add procedure & function to set (and get ) a user's connection authorization to full
access, read-only or not defined.
> Based upon the existing UserUtility class but only exposing a single procedure that sets
the permission. This is to avoid any appearance that the procedure adds a user.
> SYSCS_UTIL.SYSCS_SET_USER_ACCESS(VARCHAR(128) USERNAME, VARCHAR(8) CONNECTION_PERMISSION)
> Valid values for  CONNECTION_PERMISSION
> FULL - Add the user to the list of full access users for the database, i.e. the database
property derby.database.fullAccessUsers)
> READONLY - - Add the user to the list of read-only  users for the database, i.e. the
database property derby.database.readOnlyAccessUsers)
> NULL - remove the user from the list of permissions, reverting it to the default permission.
> SYSCS_UTIL.SYSCS_GET_USER_ACCESS(VARCHAR(128) USERNAME) RETURNS VARCHAR(8)
> Gets the current connection access permissions for the user, factors in the default connection
mode.
> Return either FULL, READONLY, NO or NULL.
> (NO means connection attempt by user will be denied by the user not having an entry in
derby.database.fullAccessUsers or derby.database.readOnlyAccessUsers and derby.database.defaultConnectionMode
is set to noAccess)
> The names of the connection permissions match the existing names in use by Derby.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message