You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafodion.apache.org by rm...@apache.org on 2016/01/21 00:05:44 UTC
[1/4] incubator-trafodion git commit: TRAFODION-1754 Showddl
component does not display grants correctly
Repository: incubator-trafodion
Updated Branches:
refs/heads/master bd86a4697 -> e846a0f6a
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp b/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
index 9b3a13f..fae5d0e 100644
--- a/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
@@ -89,6 +89,11 @@ public:
virtual ~MyRow() {};
inline void clear() {componentUID_ = 0;};
+ void describeGrant(
+ const std::string &operationName,
+ const std::string &componentName,
+ std::vector<std::string> & outlines);
+
// -------------------------------------------------------------------
// Data Members:
// -------------------------------------------------------------------
@@ -154,6 +159,18 @@ public:
OutputInfo & cliInterface,
PrivMgrMDRow & rowOut);
+ void describeGrantTree(
+ const int32_t grantorID,
+ const std::string &operationName,
+ const std::string &componentName,
+ const std::vector<MyRow> &rows,
+ std::vector<std::string> & outlines);
+
+ int32_t findGrantor(
+ int32_t currentRowID,
+ const int32_t grantorID,
+ const std::vector<MyRow> rows);
+
private:
MyTable();
@@ -220,9 +237,10 @@ MyTable &myTable = static_cast<MyTable &>(myTable_);
// *****************************************************************************
// * *
// * Function: PrivMgrComponentPrivileges::describeComponentPrivileges *
-// * lookup "_PRIVMGR_MD_".COMPONENT_PRIVILEGES joined with "_MD_".AUTHS *
-// * to generate GRANT COMPONENT PRIVILEGE statements *
-// * for a specified operation code and component name/UID. *
+// * calls selectAllWhere to get the list of privileges for the operation. *
+// * Once list is generated, starts at the root (system grant to owner) and *
+// * generates grant statements by traversing each branch based on grantor *
+// * -> grantee relationship. *
// * *
// * *
// *****************************************************************************
@@ -232,16 +250,16 @@ MyTable &myTable = static_cast<MyTable &>(myTable_);
// * componentUIDString const std::string & In *
// * used with operationCode to find wanted component privileges. *
// * *
-// * componentName const std::string & In *
+// * componentName const std::string & In *
// * used for generate grant statement on the component. *
// * *
-// * operationCode const std::string & In *
+// * operationCode const std::string & In *
// * used with componentUIDString to find wanted component privileges. *
// * *
-// * operationName const std::string & In *
+// * operationName const std::string & In *
// * used for generate grant statement as granted operation. *
// * *
-// * outlines std::vector<std::string> & Out*
+// * outlines std::vector<std::string> & Out*
// * output generated GRANT statements to this array. *
// *****************************************************************************
// * *
@@ -258,141 +276,50 @@ PrivStatus PrivMgrComponentPrivileges::describeComponentPrivileges(
const std::string & operationCode,
const std::string & operationName,
std::vector<std::string> & outlines)
-
{
-//do the following joined select to get database user name
-/*
-SELECT
-AU.AUTH_DB_NAME,
-CP.GRANTEE_ID,
-CP.GRANTOR_ID,
-CP.COMPONENT_UID,
-CP.OPERATION_CODE,
-CP.GRANT_DEPTH
-FROM
-TRAFODION."_PRIVMGR_MD_".COMPONENT_PRIVILEGES CP
-LEFT JOIN
-TRAFODION."_MD_".AUTHS AU
-ON
-AU.AUTH_ID = CP.GRANTEE_ID
-WHERE
-CP.OPERATION_CODE = operationCode
-AND
-CP.COMPONENT_UID = componentUIDString;
-*/
- std::string selectJoinStmt;
- selectJoinStmt += "SELECT "
- "AU.AUTH_DB_NAME, "
- "CP.GRANTEE_ID, "
- "CP.GRANTOR_ID, "
- "CP.COMPONENT_UID, "
- "CP.OPERATION_CODE, "
- "CP.GRANT_DEPTH "
- "FROM "
- "TRAFODION.\"_PRIVMGR_MD_\".COMPONENT_PRIVILEGES CP "
- "LEFT JOIN "
- "TRAFODION.\"_MD_\".AUTHS AU "
- "ON "
- "AU.AUTH_ID = CP.GRANTEE_ID "
- "WHERE ";
-
- selectJoinStmt += "CP.OPERATION_CODE = '" + operationCode + "'";
- selectJoinStmt += " AND CP.COMPONENT_UID = " + componentUIDString;
- ExeCliInterface cliInterface(STMTHEAP);
- Queue * tableQueue = NULL;
-
- int32_t diagsMark = pDiags_->mark();
- int32_t cliRC = cliInterface.fetchAllRows(tableQueue,
- (char *)selectJoinStmt.c_str(),
- 0, false, false, true);
-
- if (cliRC < 0)
- {
- cliInterface.retrieveSQLDiagnostics(CmpCommon::diags());
+ // Get the list of all privileges granted to the component and component
+ // operation
+ std::string whereClause (" WHERE COMPONENT_UID = ");
+ whereClause += componentUIDString;
+ whereClause += " AND OPERATION_CODE = '";
+ whereClause += operationCode;
+ whereClause += "'";
+
+ std::string orderByClause= "ORDER BY GRANTOR_ID, GRANTEE_ID, GRANT_DEPTH";
+
+ std::vector<MyRow> rows;
+ MyTable &myTable = static_cast<MyTable &>(myTable_);
+
+ PrivStatus privStatus = myTable.selectAllWhere(whereClause,orderByClause,rows);
+
+ // We should get at least 1 row back - the grant from the system to the
+ // component operation owner
+ int32_t rowIndex = 0;
+ if ((privStatus == STATUS_NOTFOUND) ||
+ (rows.size() == 0) ||
+ (rowIndex = myTable.findGrantor(0, SYSTEM_USER, rows) == -1))
+ {
+ std::string errorText("Unable to find any grants for operation ");
+ errorText += operationName;
+ errorText += " on component ";
+ errorText += componentName;
+ PRIVMGR_INTERNAL_ERROR(errorText.c_str());
return STATUS_ERROR;
- }
- if (cliRC == 100) // did not find the row
- {
- pDiags_->rewind(diagsMark);
- return STATUS_NOTFOUND;
- }
-
- tableQueue->position();
- char * ptr = NULL;
- Int32 len = 0;
- char value[500];
- std::string auth_db_name;
- int32_t grantee_id;
- int32_t grantor_id;
- int64_t component_uid;
- std::string operation_code;
- int32_t grant_depth;
- for (int idx = 0; idx < tableQueue->numEntries(); idx++)
- {
- OutputInfo * pCliRow = (OutputInfo*)tableQueue->getNext();
- std::string componentText;
- // column 1: AUTH_DB_NAME
- pCliRow->get(0,ptr,len);
- strncpy(value, ptr, len);
- value[len] = 0;
- auth_db_name= value;
-
- // column 2: GRANTEE_ID
- pCliRow->get(1,ptr,len);
- grantee_id = *(reinterpret_cast<int32_t*>(ptr));
-
- // column 3: GRANTOR_ID
- pCliRow->get(2,ptr,len);
- grantor_id = *(reinterpret_cast<int32_t*>(ptr));
-
- // column 4: COMPONENT_UID
- pCliRow->get(3,ptr,len);
- component_uid = *(reinterpret_cast<int64_t*>(ptr));
-
- // column 5: OPERATION_CODE
- pCliRow->get(4,ptr,len);
- strncpy(value, ptr, len);
- value[len] = 0;
- operation_code = value;
-
- // column 6: GRANT_DEPTH
- pCliRow->get(5,ptr,len);
- grant_depth = *(reinterpret_cast<int32_t*>(ptr));
-
- //generate grant statement
- if (grantor_id == SYSTEM_AUTH_ID)
- componentText += "-- ";
- componentText += " GRANT COMPONENT PRIVILEGE ";
- componentText += operationName;
- outlines.push_back(componentText);
- if(grant_depth != 0){
- componentText = " ON ";
- componentText += componentName ;
- componentText += " TO ";
- if(grantee_id == -1)
- componentText += "PUBLIC";
- else
- componentText += auth_db_name;
- outlines.push_back(componentText);
- componentText = " WITH GRANT OPTION;";
- outlines.push_back(componentText);
- }
- else
- {
- componentText = " ON ";
- componentText += componentName ;
- componentText += " TO ";
- if(grantee_id == -1)
- componentText += "PUBLIC;";
- else
- componentText += auth_db_name + ";";
- outlines.push_back(componentText);
- }
- outlines.push_back("");
- }
- return STATUS_GOOD;
-
+ }
+
+ // Add the initial grant (system grant -> owner) to text (outlines)
+ // There is only one system grant -> owner per component operation
+ MyRow row = rows[rowIndex];
+ row.describeGrant(operationName, componentName, outlines);
+
+ // Traverse the base branch that starts with the owner and proceeds
+ // outward. In otherwords, describe grants where the grantee is the grantor.
+ int32_t newGrantor = row.granteeID_;
+ myTable.describeGrantTree(newGrantor, operationName, componentName, rows, outlines);
+
+ return STATUS_GOOD;
}
+
//****** End of PrivMgrComponentPrivileges::describeComponentPrivileges ********
@@ -1002,8 +929,8 @@ MyRow row(fullTableName_);
row.operationCode_ = operationCode;
row.granteeID_ = granteeID;
row.granteeName_ = granteeName;
- row.grantorID_ = SYSTEM_AUTH_ID;
- row.grantorName_ = "_SYSTEM";
+ row.grantorID_ = SYSTEM_USER;
+ row.grantorName_ = SYSTEM_AUTH_NAME;
row.grantDepth_ = -1;
return myTable.insert(row);
@@ -1855,6 +1782,71 @@ static bool isSQLDMLPriv(
// *****************************************************************************
// * *
+// * Function: MyTable::describeGrantTree *
+// * *
+// * Describes grants for the specified grantor *
+// * Recursively calls itself to describe the grants for each grantee *
+// * *
+// *****************************************************************************
+// * *
+// * Parameters: *
+// * *
+// * grantorID const int32_t In *
+// * all grants granted by the grantorID are described. *
+// * *
+// * operationName const std::string & In *
+// * used for generate grant statement as granted operation. *
+// * *
+// * componentName const std::string & In *
+// * used for generate grant statement on the component. *
+// * *
+// * rows const std::vector<MyRow> & In *
+// * all the rows that represent grants for the component operation. *
+// * *
+// * outlines std::vector<std::string> & Out*
+// * output generated GRANT statements to this array. *
+// * *
+// *****************************************************************************
+void MyTable::describeGrantTree(
+ const int32_t grantorID,
+ const std::string &operationName,
+ const std::string &componentName,
+ const std::vector<MyRow> &rows,
+ std::vector<std::string> & outlines)
+{
+ // Starts at the beginning of the list searching for grants attributed to
+ // the grantorID
+ int32_t nextRowID = 0;
+ while (nextRowID >= 0 && nextRowID < rows.size())
+ {
+ int32_t rowID = findGrantor(nextRowID, grantorID, rows);
+
+ // If this grantor did not grant any requests, -1 is returned and we are
+ // done traversing this branch
+ if (rowID == -1)
+ return;
+
+ nextRowID = rowID;
+ MyRow row = rows[rowID];
+
+ // We found a grant, describe the grant
+ row.describeGrant(operationName, componentName, outlines);
+
+ // Traverser any grants that may have been performed by the grantee.
+ // If grantDepth is 0, then the grantee does not have the WITH GRANT
+ // OPTION so no reason to traverse this potential branch - there is none.
+ if (row.grantDepth_ != 0)
+ describeGrantTree(row.granteeID_, operationName, componentName, rows, outlines);
+
+ // get next grant for this grantorID
+ nextRowID++;
+ }
+}
+
+//******************* End of MyTable::describeGrantTree ************************
+
+// *****************************************************************************
+// * *
// * Function: MyTable::fetchDMLPrivInfo *
// * *
// * Reads from the COMPONENT_PRIVILEGES table and returns the *
@@ -1923,7 +1915,7 @@ std::string whereClause("WHERE COMPONENT_UID = 1 AND OPERATION_CODE IN ('");
whereClause += PrivMgr::authIDToString(roleIDs[ri]);
whereClause += ",";
}
- whereClause += PrivMgr::authIDToString(PUBLIC_AUTH_ID);
+ whereClause += PrivMgr::authIDToString(PUBLIC_USER);
whereClause += ")";
std::string orderByClause;
@@ -1996,7 +1988,51 @@ PrivStatus privStatus = selectAllWhere(whereClause,orderByClause,rows);
}
//******************* End of MyTable::fetchDMLPrivInfo *************************
+// *****************************************************************************
+// * *
+// * Function: MyTable::findGrantor *
+// * *
+// * Search the list of grants for the component operation looking for the *
+// * next row for the grantor. *
+// * *
+// *****************************************************************************
+// * *
+// * Parameters: *
+// * *
+// * currentRowID int32_t In *
+// * where to start searching for the next row for the grantor. *
+// * *
+// * grantorID const int32_t In *
+// * the grantor to search for. *
+// * *
+// * rows const std::vector<MyRow> & In *
+// * all the rows that represent grants for the component operation. *
+// * *
+// * *
+// * Returns *
+// * >= 0 -- the index into rows where the next row for grantor is described *
+// * -1 -- no more row, done *
+// * *
+// *****************************************************************************
+int32_t MyTable::findGrantor(
+ int32_t currentRowID,
+ const int32_t grantorID,
+ const std::vector<MyRow> rows)
+{
+ for (size_t i = currentRowID; i < rows.size(); i++)
+ {
+ if (rows[i].grantorID_ == grantorID)
+ return i;
+
+ // rows are sorted in grantorID order, so once the grantorID stored in
+ // rows is greater than the requested grantorID, we are done.
+ if (rows[i].grantorID_ > grantorID)
+ return -1;
+ }
+ return -1;
+}
+//******************* End of MyTable::findGrantor ******************************
// *****************************************************************************
// * *
@@ -2035,7 +2071,7 @@ PrivStatus MyTable::fetchOwner(
// Check the last row read before reading metadata.
- if (lastRowRead_.grantorID_ == SYSTEM_AUTH_ID &&
+ if (lastRowRead_.grantorID_ == SYSTEM_USER &&
lastRowRead_.componentUID_ == componentUID &&
lastRowRead_.operationCode_ == operationCode)
{
@@ -2176,7 +2212,7 @@ Queue * tableQueue = NULL;
PrivStatus privStatus = executeFetchAll(selectStmt,tableQueue);
- if (privStatus != STATUS_GOOD || privStatus != STATUS_WARNING)
+ if (privStatus == STATUS_ERROR)
return privStatus;
tableQueue->position();
@@ -2355,3 +2391,56 @@ std::string selectStmt ("SELECT COMPONENT_UID, OPERATION_CODE, GRANTEE_ID, GRANT
}
//************************** End of MyTable::setRow ****************************
+// *****************************************************************************
+// MyRow methods
+// *****************************************************************************
+
+// *****************************************************************************
+// * *
+// * Function: MyRow::describeGrant *
+// * *
+// * Generates text for the grant based on the row, operationName, and *
+// * componentName *
+// * *
+// *****************************************************************************
+// * *
+// * Parameters: *
+// * *
+// * operationName const std::string & In *
+// * used for generate grant statement as granted operation. *
+// * *
+// * componentName const std::string & In *
+// * used for generate grant statement on the component. *
+// * *
+// * outlines std::vector<std::string> & Out*
+// * output generated GRANT statements to this array. *
+// * *
+// *****************************************************************************
+void MyRow::describeGrant(
+ const std::string &operationName,
+ const std::string &componentName,
+ std::vector<std::string> & outlines)
+{
+ //generate grant statement
+ std::string grantText;
+ if (grantorID_ == SYSTEM_USER)
+ grantText += "-- ";
+ grantText += "GRANT COMPONENT PRIVILEGE \"";
+ grantText += operationName;
+ grantText += "\" ON \"";
+ grantText += componentName;
+ grantText += "\" TO \"";
+ if(granteeID_ == -1)
+ grantText += PUBLIC_AUTH_NAME;
+ else
+ grantText += granteeName_;
+ grantText += '"';
+ if(grantDepth_ != 0){
+ grantText += " WITH GRANT OPTION";
+ }
+ grantText += ";";
+ outlines.push_back(grantText);
+}
+
+
+//************************** End of MyRow::describeGrant ***********************
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrDefs.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrDefs.h b/core/sql/sqlcomp/PrivMgrDefs.h
index 72c5720..486c1f1 100644
--- a/core/sql/sqlcomp/PrivMgrDefs.h
+++ b/core/sql/sqlcomp/PrivMgrDefs.h
@@ -299,15 +299,6 @@ inline bool isDMLPrivType(PrivType privType)
#define PUBLIC_GRANTEE_LIT "P "
#define USER_GRANTEE_LIT "U "
-#define SYSTEM_AUTH_ID -2
-#define PUBLIC_AUTH_ID -1
-
-#define PUBLIC_AUTH_NAME "PUBLIC"
-#define SYSTEM_AUTH_NAME "_SYSTEM"
-
-#define DB_ROOTROLE_NAME "DB__ROOTROLE"
-#define DB_ROOTROLE_ID 1000000
-
#define MAX_SQL_IDENTIFIER_NAME_LEN 256
#endif
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrMD.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrMD.cpp b/core/sql/sqlcomp/PrivMgrMD.cpp
index 1109623..c04c778 100644
--- a/core/sql/sqlcomp/PrivMgrMD.cpp
+++ b/core/sql/sqlcomp/PrivMgrMD.cpp
@@ -207,8 +207,8 @@ PrivMgrComponentPrivileges componentPrivileges(metadataLocation_,pDiags_);
operationCodes,
ComUser::getRootUserID(),
ComUser::getRootUserName(),
- DB_ROOTROLE_ID,
- DB_ROOTROLE_NAME,-1);
+ ROOT_ROLE_ID,
+ DB__ROOTROLE,-1);
if (privStatus != STATUS_GOOD)
return privStatus;
@@ -223,7 +223,7 @@ std::vector<std::string> CSOperationCodes;
CSOperationCodes,
ComUser::getRootUserID(),
ComUser::getRootUserName(),
- PUBLIC_AUTH_ID,
+ PUBLIC_USER,
PUBLIC_AUTH_NAME,0);
if (privStatus != STATUS_GOOD)
@@ -264,7 +264,6 @@ PrivStatus PrivMgrMDAdmin::initializeMetadata (
const std::string &colsLocation,
std::vector<std::string> &tablesCreated,
std::vector<std::string> &tablesUpgraded)
-
{
PrivStatus retcode = STATUS_GOOD;
@@ -296,7 +295,7 @@ PrivStatus PrivMgrMDAdmin::initializeMetadata (
schemaCommand += metadataLocation_;
cliRC = cliInterface.executeImmediate(schemaCommand.c_str());
if (cliRC < 0)
- return STATUS_ERROR;
+ throw STATUS_ERROR;
}
// Create or upgrade the tables
@@ -333,17 +332,6 @@ PrivStatus PrivMgrMDAdmin::initializeMetadata (
cliRC = createTable(tableName.c_str(), tableDefinition.tableDDL,
cliInterface, pDiags_);
- // Temp code to verify error handling
- if (CmpCommon::getDefault(CAT_TEST_BOOL) == DF_ON)
- {
- std::string schemaName ("SCHEMA_PRIVILEGES");
- if (tableName.find(schemaName) !=std::string::npos)
- {
- *pDiags_ << DgSqlCode (-CAT_NOT_AUTHORIZED);
- cliRC = -CAT_NOT_AUTHORIZED;
- }
- }
-
// If create was successful, set flags to load default data
if (cliRC < 0)
throw STATUS_ERROR;
@@ -1290,7 +1278,7 @@ PrivStatus PrivMgrMDAdmin::updatePrivMgrMetadata(
{
-PrivStatus privStatus = STATUS_GOOD;
+ PrivStatus privStatus = STATUS_GOOD;
if (shouldPopulateObjectPrivs)
{
@@ -1301,9 +1289,9 @@ PrivStatus privStatus = STATUS_GOOD;
}
-CmpSeabaseDDLrole role;
+ CmpSeabaseDDLrole role;
- role.createStandardRole(DB__ROOTROLE,DB_ROOTROLE_ID);
+ role.createStandardRole(DB__ROOTROLE,ROOT_ROLE_ID);
role.createStandardRole(DB__HIVEROLE,HIVE_ROLE_ID);
role.createStandardRole(DB__HBASEROLE,HBASE_ROLE_ID);
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrMDDefs.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrMDDefs.h b/core/sql/sqlcomp/PrivMgrMDDefs.h
index fb394a3..ccf9106 100644
--- a/core/sql/sqlcomp/PrivMgrMDDefs.h
+++ b/core/sql/sqlcomp/PrivMgrMDDefs.h
@@ -170,8 +170,8 @@ static const PrivMgrTableStruct privMgrTables[] =
{ PRIVMGR_COMPONENTS, componentsDDL, false },
{ PRIVMGR_COMPONENT_OPERATIONS, componentOperationsDDL, false },
{ PRIVMGR_COMPONENT_PRIVILEGES, componentPrivilegesDDL, false },
- { PRIVMGR_ROLE_USAGE, roleUsageDDL, false }
- ,{ PRIVMGR_SCHEMA_PRIVILEGES, schemaPrivilegesDDL, false }
+ { PRIVMGR_ROLE_USAGE, roleUsageDDL, false },
+ { PRIVMGR_SCHEMA_PRIVILEGES, schemaPrivilegesDDL, false }
};
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrPrivileges.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrPrivileges.cpp b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
index 6eb9389..e38317b 100644
--- a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
@@ -636,7 +636,7 @@ PrivStatus PrivMgrPrivileges::getPrivRowsForObject(
for (size_t i = 0; i < objectRowList_.size(); i++)
{
ObjectPrivsMDRow &row = static_cast<ObjectPrivsMDRow &> (*objectRowList_[i]);
- if (row.grantorID_ != SYSTEM_AUTH_ID)
+ if (row.grantorID_ != SYSTEM_USER)
{
ObjectPrivsRow newRow;
@@ -955,7 +955,7 @@ char whereClause[1000];
sprintf(setClause," SET GRANTEE_ID = %d, GRANTEE_NAME = '%s' ",
newOwnerID,newOwnerName.c_str());
- sprintf(whereClause," WHERE GRANTOR_ID = %d ",SYSTEM_AUTH_ID);
+ sprintf(whereClause," WHERE GRANTOR_ID = %d ",SYSTEM_USER);
privStatus = objectPrivsTable.updateWhere(setClause,whereClause);
if (privStatus != STATUS_GOOD)
@@ -1266,7 +1266,7 @@ PrivStatus PrivMgrPrivileges::grantObjectPriv(
nameRequested.erase(std::remove(nameRequested.begin(), nameRequested.end(), theQuote), nameRequested.end());
nameToCheck.erase(std::remove(nameToCheck.begin(), nameToCheck.end(), theQuote), nameToCheck.end());
- if (nameRequested == nameToCheck && grantorID_ == SYSTEM_AUTH_ID)
+ if (nameRequested == nameToCheck && grantorID_ == SYSTEM_USER)
return STATUS_GOOD;
// If the granting to self or DB__ROOT, return an error
@@ -1467,7 +1467,7 @@ PrivStatus PrivMgrPrivileges::grantObjectPriv(
pObj->describe(traceMsg);
log (__FILE__, traceMsg, i);
- int32_t theGrantor = (pObj->objectType == COM_VIEW_OBJECT) ? SYSTEM_AUTH_ID : grantorID_;
+ int32_t theGrantor = (pObj->objectType == COM_VIEW_OBJECT) ? SYSTEM_USER : grantorID_;
int32_t theGrantee = pObj->objectOwner;
int64_t theUID = pObj->objectUID;
PrivMgrCoreDesc thePrivs = pObj->updatedPrivs.getTablePrivs();
@@ -1620,7 +1620,7 @@ PrivObjectBitmap grantableBitmap;
row.granteeID_ = ownerID;
row.granteeName_ = ownerName;
row.granteeType_ = USER_GRANTEE_LIT;
- row.grantorID_ = SYSTEM_AUTH_ID;
+ row.grantorID_ = SYSTEM_USER;
row.grantorName_ = SYSTEM_AUTH_NAME;
row.grantorType_ = COM_SYSTEM_GRANTOR_LIT;
row.privsBitmap_ = privsBitmap;
@@ -3001,7 +3001,7 @@ bool PrivMgrPrivileges::checkRevokeRestrict (
{
PrivType pType = PrivType(i);
- int32_t systemGrantor = SYSTEM_AUTH_ID;
+ int32_t systemGrantor = SYSTEM_USER;
scanObjectBranch (pType, systemGrantor, rowList);
// TDB - add a scan for column privileges
}
@@ -3681,7 +3681,7 @@ PrivStatus PrivMgrPrivileges::getRowsForGrantee(
// create the list of row pointers from the cached list
std::vector<int32_t> authIDs = roleIDs;
authIDs.push_back(granteeID);
- authIDs.push_back(PUBLIC_AUTH_ID);
+ authIDs.push_back(PUBLIC_USER);
std::vector<int32_t>::iterator it;
std::vector<PrivMgrMDRow *> privRowList;
if (isObjectTable)
@@ -4232,7 +4232,7 @@ void static buildGrantText(
{
- if (grantorID == SYSTEM_AUTH_ID)
+ if (grantorID == SYSTEM_USER)
grantText += "-- ";
grantText += "GRANT ";
@@ -4251,7 +4251,7 @@ void static buildGrantText(
else
if (grantorID != objectOwner &&
- grantorID != SYSTEM_AUTH_ID)
+ grantorID != SYSTEM_USER)
{
grantText += " GRANTED BY ";
bool delimited = isDelimited(grantorName);
@@ -4539,7 +4539,7 @@ static PrivStatus getColRowsForGrantee(
std::vector<int32_t> authIDs = roleIDs;
authIDs.push_back(granteeID);
- authIDs.push_back(PUBLIC_AUTH_ID);
+ authIDs.push_back(PUBLIC_USER);
std::vector<int32_t>::iterator it;
std::vector<PrivMgrMDRow *> privRowList;
@@ -4773,7 +4773,7 @@ std::vector<PrivMgrMDRow *> colRowList;
ColPrivSpec &colPrivEntry = colPrivsArray[i];
// See if the grantor has been granted WGO at column-level for priv.
- for (size_t j = 0; i < colRowList.size(); j++)
+ for (size_t j = 0; j < colRowList.size(); j++)
{
ColumnPrivsMDRow &columnRow = static_cast<ColumnPrivsMDRow &> (*colRowList[i]);
if (columnRow.grantableBitmap_.test(colPrivEntry.privType))
@@ -5401,7 +5401,7 @@ PrivStatus ObjectPrivsMDTable::updateWhere(const std::string & setClause,
// coalesce((select auth_db_name from AUTHS where auth_id = object_owner),
// 'DB__ROOT') --granteeName
// USER_GRANTEE_LIT, -- "U"
-// SYSTEM_AUTH_ID, -- system grantor ID (-2)
+// SYSTEM_USER, -- system grantor ID (-2)
// SYSTEM_AUTH_NAME, -- grantorName (_SYSTEM)
// SYSTEM_GRANTOR_LIST, -- "S"
// case
@@ -5471,7 +5471,7 @@ PrivStatus ObjectPrivsMDTable::insertSelect(
int64_t sequenceBits = privDesc.getTablePrivs().getPrivBitmap().to_ulong();
// for views, privilegesBitmap is set to 1 (SELECT), wgo to 0 (no)
- std::string systemGrantor("_SYSTEM");
+ std::string systemGrantor(SYSTEM_AUTH_NAME);
// Generate case stmt for grantable bitmap
sprintf (buf, "case when object_type = 'BT' then %ld "
@@ -5501,7 +5501,7 @@ PrivStatus ObjectPrivsMDTable::insertSelect(
tableName_.c_str(),
authsLocation.c_str(),
USER_GRANTEE_LIT,
- SYSTEM_AUTH_ID, SYSTEM_AUTH_NAME, SYSTEM_GRANTOR_LIT,
+ SYSTEM_USER, SYSTEM_AUTH_NAME, SYSTEM_GRANTOR_LIT,
privilegesClause.c_str(), grantableClause.c_str(),
objectsLocation.c_str());
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrRoles.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrRoles.cpp b/core/sql/sqlcomp/PrivMgrRoles.cpp
index 3f3c4e2..cc7abe8 100644
--- a/core/sql/sqlcomp/PrivMgrRoles.cpp
+++ b/core/sql/sqlcomp/PrivMgrRoles.cpp
@@ -797,7 +797,7 @@ MyTable &myTable = static_cast<MyTable &>(myTable_);
int32_t roleID = roleIDs[r];
// if the roleID is PUBLIC return an error
- if (roleID == PUBLIC_AUTH_ID)
+ if (roleID == PUBLIC_USER)
{
*pDiags_ << DgSqlCode (-CAT_IS_NOT_A_ROLE)
<< DgString0(PUBLIC_AUTH_NAME);
@@ -818,7 +818,7 @@ MyTable &myTable = static_cast<MyTable &>(myTable_);
{
// Currently roles cannot be granted to PUBLIC. This restriction
// could be lifted in the future. Grants to _SYSTEM never make sense.
- if (granteeIDs[g] == SYSTEM_AUTH_ID || granteeIDs[g] == PUBLIC_AUTH_ID)
+ if (granteeIDs[g] == SYSTEM_USER || granteeIDs[g] == PUBLIC_USER)
{
*pDiags_ << DgSqlCode(-CAT_NO_GRANT_ROLE_TO_PUBLIC_OR_SYSTEM);
return STATUS_ERROR;
@@ -961,8 +961,8 @@ MyRow row(fullTableName_);
row.granteeID_ = granteeID;
row.granteeName_ = granteeName;
row.granteeAuthClass_ = PrivAuthClass::USER;
- row.grantorID_ = SYSTEM_AUTH_ID;
- row.grantorName_ = "_SYSTEM";
+ row.grantorID_ = SYSTEM_USER;
+ row.grantorName_ = SYSTEM_AUTH_NAME;
row.grantorAuthClass_ = PrivAuthClass::USER;
row.grantDepth_ = -1;
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/udrserv/udrserv.cpp
----------------------------------------------------------------------
diff --git a/core/sql/udrserv/udrserv.cpp b/core/sql/udrserv/udrserv.cpp
index 8024edf..4310cd8 100644
--- a/core/sql/udrserv/udrserv.cpp
+++ b/core/sql/udrserv/udrserv.cpp
@@ -59,6 +59,7 @@
#include "LmRoutine.h"
#include "ComDefs.h"
#include "sqludr.h"
+#include "NAUserId.h"
#include "SCMVersHelp.h"
DEFINE_DOVERS(tdm_udrserv)
@@ -2018,7 +2019,7 @@ static Int32 invokeUdrMethod(const char *method,
ComRoutineExternalSecurity externalSecurity =
COM_ROUTINE_EXTERNAL_SECURITY_INVOKER;
- Int32 routineOwnerId = SUPER_USER; //dbRoot
+ Int32 routineOwnerId = ROOT_USER_ID; //dbRoot
while (result == LM_OK && i++ < nTimesToInvoke)
{
[3/4] incubator-trafodion git commit: TRAFODION-1087 - Security
regression tests run too long
Posted by rm...@apache.org.
TRAFODION-1087 - Security regression tests run too long
Add runregr scripts to git
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/a17587b9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/a17587b9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/a17587b9
Branch: refs/heads/master
Commit: a17587b9d7ae8e7b99dff43acfb59142ccaf12b2
Parents: 17d1b17
Author: Roberta Marton <ro...@apache.org>
Authored: Fri Jan 15 19:33:42 2016 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Fri Jan 15 19:33:42 2016 +0000
----------------------------------------------------------------------
core/sql/regress/privs1/runregr | 31 ++
core/sql/regress/privs2/EXPECTED135 | 14 +-
core/sql/regress/privs2/runregr | 31 ++
core/sql/regress/tools/runallsb | 1 -
core/sql/regress/tools/runregr_privs1.ksh | 492 ++++++++++++++++++++++++
core/sql/regress/tools/runregr_privs2.ksh | 494 +++++++++++++++++++++++++
6 files changed, 1056 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/privs1/runregr
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs1/runregr b/core/sql/regress/privs1/runregr
new file mode 100755
index 0000000..baff929
--- /dev/null
+++ b/core/sql/regress/privs1/runregr
@@ -0,0 +1,31 @@
+#! /bin/sh
+# @@@ START COPYRIGHT @@@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# @@@ END COPYRIGHT @@@
+
+if [ "$scriptsdir" != "" ]; then
+ $scriptsdir/tools/runregr $*
+elif [ -x ../tools/runregr ]; then
+ ../tools/runregr $*
+else
+ echo "run runregr from regress/tools directory"
+fi
+
+
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/privs2/EXPECTED135
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs2/EXPECTED135 b/core/sql/regress/privs2/EXPECTED135
index 9827fb3..b04504d 100644
--- a/core/sql/regress/privs2/EXPECTED135
+++ b/core/sql/regress/privs2/EXPECTED135
@@ -394,10 +394,10 @@ CREATE TABLE TRAFODION.T135SCH.T135_T1
;
-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T1 TO DB__ROOT WITH GRANT OPTION;
- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T1
- TO SQL_USER1;
-GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
- TRAFODION.T135SCH.T135_T1 TO SQL_USER2;
+ GRANT SELECT, INSERT, DELETE, UPDATE, USAGE, REFERENCES ON
+ TRAFODION.T135SCH.T135_T1 TO SQL_USER1;
+GRANT SELECT, INSERT, DELETE, UPDATE,
+ USAGE, REFERENCES ON TRAFODION.T135SCH.T135_T1 TO SQL_USER2;
--- SQL operation complete.
>>showddl t135_t2;
@@ -411,8 +411,8 @@ CREATE TABLE TRAFODION.T135SCH.T135_T2
;
-- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T2 TO DB__ROOT WITH GRANT OPTION;
- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T2
- TO SQL_USER2;
+ GRANT SELECT, INSERT, DELETE, UPDATE, USAGE, REFERENCES ON
+ TRAFODION.T135SCH.T135_T2 TO SQL_USER2;
--- SQL operation complete.
>>-- user can create view but just have select and references, it is
@@ -920,6 +920,7 @@ Roles
DB__HBASEROLE
DB__HIVEROLE
DB__ROOTROLE
+METADATA_ACCESS
PUBLIC
T135_ROLE1
@@ -1337,6 +1338,7 @@ Roles
DB__HBASEROLE
DB__HIVEROLE
DB__ROOTROLE
+METADATA_ACCESS
PUBLIC
--- SQL operation complete.
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/privs2/runregr
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs2/runregr b/core/sql/regress/privs2/runregr
new file mode 100755
index 0000000..baff929
--- /dev/null
+++ b/core/sql/regress/privs2/runregr
@@ -0,0 +1,31 @@
+#! /bin/sh
+# @@@ START COPYRIGHT @@@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# @@@ END COPYRIGHT @@@
+
+if [ "$scriptsdir" != "" ]; then
+ $scriptsdir/tools/runregr $*
+elif [ -x ../tools/runregr ]; then
+ ../tools/runregr $*
+else
+ echo "run runregr from regress/tools directory"
+fi
+
+
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/tools/runallsb
----------------------------------------------------------------------
diff --git a/core/sql/regress/tools/runallsb b/core/sql/regress/tools/runallsb
index 863392d..ac6f706 100755
--- a/core/sql/regress/tools/runallsb
+++ b/core/sql/regress/tools/runallsb
@@ -176,7 +176,6 @@ for dir in $TEST_SUBDIRS; do
;;
privs1)
pushd privs1
- echo "runregr -sb $diffStr"
./runregr -sb $diffStr
popd
;;
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/tools/runregr_privs1.ksh
----------------------------------------------------------------------
diff --git a/core/sql/regress/tools/runregr_privs1.ksh b/core/sql/regress/tools/runregr_privs1.ksh
new file mode 100755
index 0000000..09eb9d2
--- /dev/null
+++ b/core/sql/regress/tools/runregr_privs1.ksh
@@ -0,0 +1,492 @@
+#######################################################################
+# @@@ START COPYRIGHT @@@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# @@@ END COPYRIGHT @@@
+#######################################################################
+
+
+################################################################################
+# PRIVS1 REGRESSION TEST SUITE #
+# #
+# This script automates the running of privilege security tests #
+# #
+################################################################################
+
+#! /bin/sh
+
+# The command set -x, makes the script echo everything. Useful for debugging
+#set -x
+
+#------------------------------------------------------
+# User asked for help text (-h, -help or -? option) --
+# print it out and exit. --
+#------------------------------------------------------
+function usage {
+ echo ""
+ echo "Description: executes privilege tests"
+ echo ""
+ echo " [-help | -h | -?] -- this text "
+ echo " [-dircleanup] -- cleanup directory "
+ echo " [-diff] -- do not run, only do diffs "
+ echo " [<priv tests>] -- run the specified tests "
+ echo ""
+ echo "If no options specified, run all tests and perform diffs"
+ echo " "
+}
+
+#-----------------------------------------------------------------
+# Each command line option has an associated boolean variable --
+# indicating whether or not the option is in effect. Initalize --
+# these booleans to false. --
+#-----------------------------------------------------------------
+diffsonly=0
+dircleanup=0
+tests=
+
+echo ""
+echo "RUNNING SEABASE PRIVS1 TESTS"
+echo ""
+#--------------------------------------------------------------
+# Determine which command line arguments the user specified --
+# and set the corresponding boolean variable to TRUE. --
+#--------------------------------------------------------------
+while [ $# -gt 0 ]; do
+ case $1 in
+ -dircleanup)
+ dircleanup=1
+ ;;
+
+ -diff)
+ diffsonly=1
+ ;;
+
+ -h|-help)
+ usage
+ exit 0
+ ;;
+ *)
+ tests="$1 "
+ ;;
+ esac
+ shift
+done
+
+#########################################################################
+# E N D O F P A R S I N G C O M M A N D L I N E O P T I O N S #
+#########################################################################
+
+
+#----------------------------------------------------------------------
+# User specified -dircleanup option. Delete transient files and exit. --
+#----------------------------------------------------------------------
+if [ $dircleanup -eq 1 ]; then
+ echo "Cleaning up directory and exiting"
+ cd $REGRTSTDIR 2>$NULL
+ rm -f core dumpfile *.srt *.flt *.tflt
+ cd $REGRRUNDIR 2>$NULL
+ rm -f core dumpfile *.srt *.flt *.tflt
+ exit 0
+fi
+
+#---------------------------------------------------------------------
+# Initialize variables used in the test --
+#---------------------------------------------------------------------
+
+PRIVSDIR=${rundir}/privs1
+sbdefsfile="$REGRTOOLSDIR/sbdefs"
+export BUILD_FLAVOR=`echo $BUILD_FLAVOR | tr a-z A-Z`
+echo "build flavor: $BUILD_FLAVOR"
+
+seabase="$SEABASE_REGRESS"
+
+# set up default catalog and schema
+export TEST_CATALOG='TRAFODION'
+export TEST_SCHEMA_NAME='sch'
+export TEST_SCHEMA="$TEST_CATALOG.$TEST_SCHEMA_NAME"
+echo "test catalog and schema: $TEST_SCHEMA"
+
+cd $REGRTSTDIR 2>$NULL
+echo "current work directory: `pwd`"
+
+#---------------------------------------------------------------------
+# uppercase all test, expected, known, filter, and diff files --
+#---------------------------------------------------------------------
+lctestfiles=`ls -1 test???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lctestfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcxptdfiles=`ls -1 expected???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcxptdfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcknownfiles=`ls -1 *.known* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcknownfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcfilterfiles=`ls -1 filter???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcfilterfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+#--------------------------------------------------
+# Based on the command lines options specified, --
+# determine which test files to run. --
+# Grab either the list of specified tests or all --
+# the tests beginnning with "TEST". --
+# If only the number is specified, prepend TEST. --
+#--------------------------------------------------
+if [ "$tests" = "" ]; then
+ testfiles=`ls -1 TEST???* | tr a-z A-Z | sed -e /~$/d -e /.bak$/d | sort -fu`
+ prettyfiles=$testfiles
+else
+ testfiles=`echo $tests | tr a-z A-Z`
+ prettyfiles=
+ for i in $testfiles; do
+ if [ `expr substr $i 1 4` = "TEST" ]; then
+ prettyfiles="$prettyfiles $i"
+ else
+ prettyfiles="$prettyfiles TEST$i"
+ fi
+ done
+fi
+
+#-------------------------------------------------------
+# For now, don't run these tests --
+# Add list of tests to script in "skipTheseTests" --
+#-------------------------------------------------------
+skipTheseTests="TEST132"
+
+#skip these tests for Seabase
+skipTheseTests="$skipTheseTests"
+
+testfiles="$prettyfiles"
+prettyfiles=
+skippedfiles=
+for i in $testfiles; do
+ skipthis=0
+ for j in $skipTheseTests; do
+ if [ "$i" = "$j" ]; then
+ skipthis=1
+ fi
+ done
+
+ if [ $skipthis -eq 0 ]; then
+ prettyfiles="$prettyfiles $i"
+ else
+ skippedfiles="$skippedfiles $i"
+ fi
+done
+testfiles=$prettyfiles
+
+
+#-----------------------------------------
+# Inform user which tests will be run. --
+#-----------------------------------------
+echo "TESTS TO BE RUN: $testfiles"
+if [ "$skippedfiles" != "" ]; then
+ echo "TESTS NOT RUN: $skippedfiles"
+fi
+
+#--------------------------------------------------
+# Set up environment variables for running SQL. --
+#--------------------------------------------------
+cd $REGRRUNDIR 2>$NULL
+
+
+#--------------------------------------------------
+# If the user did not choose the -diff option, --
+# rename the old log file to have a .bak suffix. --
+# Write date and time to new log file. --
+#--------------------------------------------------
+test $diffsonly -eq 0 && mv -f $rgrlog $rgrlog.bak 2>$NULL
+echo "`date +'%D %T'`" > $rgrlog
+
+#---------------------------------------
+# For each test file in the list.... --
+#---------------------------------------
+for ix in $testfiles; do
+
+ #---------------------------------------
+ # Tell user whether we're just doing --
+ # diffs or actually running a test. --
+ #---------------------------------------
+ echo
+ if [ $diffsonly -eq 1 ]; then
+ echo "------------------------------------------------------------"
+ echo "-- Doing diff for test $ix: "
+ echo "------------------------------------------------------------"
+ else
+ echo "------------------------------------------------------------"
+ echo "-- Starting test $ix: "
+ echo "------------------------------------------------------------"
+ fi
+ echo
+
+ #---------------------------------------------------------
+ # Set up the test file, expected file, output file and --
+ # difference file names for this iteration. Also clear --
+ # out the log text for the current iteration. --
+ #---------------------------------------------------------
+ tnum=`echo $ix | cut -c 5-`
+ exp=EXPECTED$tnum
+ diff=DIFF$tnum
+ tfile=$REGRTSTDIR/$ix
+ dfile=$REGRRUNDIR/$diff
+ lfile=$REGRRUNDIR/LOG$tnum
+ logtxt=
+ runTheTest=1
+
+ # --------------------------------------------------------
+ # set up expected results file __
+ #---------------------------------------------------------
+
+ # if EXPECTED.SB exists, use that
+ if [ -r "$REGRTSTDIR/${exp}.SB" ]; then
+ exp="${exp}.SB"
+ fi
+ echo "Using expected result file: $exp"
+
+ # If a special file is needed for the release version, use it
+ if [ "$BUILD_FLAVOR" = "RELEASE" ]; then
+ if [ -r $REGRTSTDIR/$exp.L$BUILD_FLAVOR ]; then
+ exp=$exp.L$BUILD_FLAVOR
+ fi
+ fi
+
+ # use the default expected file
+ if [ -r "$REGRTSTDIR/$exp" ]; then
+ efile=$REGRTSTDIR/$exp
+ fi
+
+sqlci > $ix.tmp 2>&1 << eof
+env;
+eof
+authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
+if [ "$authDisabled" = "" ]; then
+ echo "Authorization is enabled"
+else
+ echo "Authorization is not initialized, to initialize it"
+ sqlci -i $scriptsdir/tools/reg_users.sql;
+ echo "Authorization has been enabled"
+fi
+rm -f $ix.tmp 2>$NULL
+
+ #--------------------------------------------------
+ # Run test if the -diff option not specified --
+ #--------------------------------------------------
+ if [ $diffsonly -eq 0 ]; then
+ if [ $runTheTest -eq 1 ]; then
+ rm -f $lfile.BAK $dfile.BAK 2>$NULL
+ mv -f $lfile $lfile.BAK 2>$NULL
+ mv -f $dfile $dfile.BAK 2>$NULL
+
+ if [ "$REGRTSTDIR" != "$REGRRUNDIR" ]; then
+ cp -f $REGRTSTDIR/$ix $REGRRUNDIR/$ix 2>$NULL
+ fi
+
+ echo "Executing: $sqlci -i$tfile"
+ $sqlci -i$tfile
+
+ if [ "$REGRTSTDIR" != "$REGRRUNDIR" ]; then
+ rm -f $REGRRUNDIR/$ix 2>$NULL
+ fi
+ fi
+ else
+ rm -f $dfile.BAK
+ mv -f $dfile $dfile.BAK
+ fi
+
+ #---------------------------------------
+ # Sort log and expected result file. --
+ #---------------------------------------
+ if [ -x $LOGSORT ]; then
+ efilesrt=$exp.srt
+ lfilesrt=$lfile.srt
+ rm -f $efilesrt $lfilesrt
+ echo
+ echo "SORTING EXPECTED AND LOG FILES"
+ echo "$LOGSORT $efile $efilesrt"
+ echo "$LOGSORT $lfile $lfilesrt"
+ echo
+ $LOGSORT $efile $efilesrt >> $NULL # not to $diff, because
+ $LOGSORT $lfile $lfilesrt >> $NULL # logsort writes too much junk
+ else
+ efilesrt=$efile
+ lfilesrt=$lfile
+ echo "Could not find $LOGSORT, comparing unsorted files"
+ fi
+
+ #------------------------------
+ # filter result files --
+ #------------------------------
+
+ # If special filter file exist for test, run it
+ if [ -x "$REGRTSTDIR/FILTER$tnum" -a -s "$REGRTSTDIR/FILTER$tnum" ]; then
+ efiletflt=$exp.tflt
+ lfiletflt=$lfile.tflt
+ rm -f $efiletflt $lfiletflt
+ echo "RUNNING SPECIAL FILTER FOR TEST $tnum"
+ echo "Special filtering expected file"
+ echo "$REGRTSTDIR/FILTER$tnum $efilesrt > $efiletflt"
+ echo "Special filtering log file"
+ echo "$REGRTSTDIR/FILTER$tnum $lfilesrt > $lfiletflt"
+ echo
+ $REGRTSTDIR/FILTER$tnum $efilesrt > $efiletflt 2>&1
+ $REGRTSTDIR/FILTER$tnum $lfilesrt > $lfiletflt 2>&1
+ else
+ efiletflt=$efilesrt
+ lfiletflt=$lfilesrt
+ fi
+
+ # Run general filter file common for all tests
+ echo "RUNNING STANDARD FILTER FILE ON SORTED OUTPUT"
+ rm -f $exp.flt $lfile.flt
+ echo "Filtering expected file:"
+ echo "$FILTER $efiletflt > $exp.flt"
+ echo "Filtering log file:"
+ echo "$FILTER $lfiletflt > $lfile.flt"
+ echo
+ $FILTER $efiletflt > $exp.flt 2>&1
+ $FILTER $lfiletflt > $lfile.flt 2>&1
+
+ #----------------------------------------------------------------
+ # Capture filtered files --
+ #----------------------------------------------------------------
+ echo
+ echo "RETAINING RESULTS OF FILTER OPERATION"
+ echo "Saving filtered expected files:"
+ echo "cp $exp.flt $FilteredLogs/expfiles/LOG$tnum"
+ cp $exp.flt $FilteredLogs/expfiles/LOG$tnum
+ echo "Saving filtered log files:"
+ echo "cp $lfile.flt $FilteredLogs/logfiles/LOG$tnum"
+ cp $lfile.flt $FilteredLogs/logfiles/LOG$tnum
+
+ #----------------------------------------------------------------
+ # Compare filtered expected and actual files for differences. --
+ #----------------------------------------------------------------
+ echo
+ echo "RUNNING DIFFs ON SORTED AND FILTERED LOGS/EXPECTED FILES"
+ echo "diff $exp.flt $lfile.flt >> $dfile"
+ echo
+ if [ -z "$DUMA_FILL" ] ; then
+ diff $exp.flt $lfile.flt >> $dfile 2>&1
+ else
+ diff $exp.flt $lfile.flt >> $dfile 2>/dev/null
+ fi
+
+
+ #rm -f $efilesrt $lfilesrt $efile.flt $lfile.flt $efiletflt $lfiletflt 2>$NULL
+
+ #------------------------------------------
+ # Determine how many lines differed --
+ # between the expected and actual files. --
+ #------------------------------------------
+ diffsize=`wc -l $dfile`; diffsize=`echo $diffsize | cut -f1 -d' '`
+
+ #-----------------------------------------------------------------
+ # Compare with the known diff file to see if differences are ok --
+ #-----------------------------------------------------------------
+ diffsAreKnown=0
+ diffknownfile=
+ knownsize=
+ if [ $diffsize -ne 0 ]; then
+ if [ -r $REGRRUNDIR/$diff.KNOWN.$BUILD_FLAVOR ]; then
+ diffknownfile=$REGRRUNDIR/$diff.KNOWN.$BUILD_FLAVOR
+ elif [ -r $REGRTSTDIR/$diff.KNOWN ]; then
+ diffknownfile=$REGRTSTDIR/$diff.KNOWN
+ fi
+ fi
+
+ # Diff the diff and the diff.known files and see how many lines differ
+ if [ "$diffknownfile" != "" ]; then
+ echo
+ echo "COMPARING KNOWN DIFFS FILE TO CURRENT DIFFS"
+ echo "Size of diff file: $diffsize"
+ # Filter known diff file to avoid schema differences
+ knownfiltered="$(dirname $dfile)/$(basename $diffknownfile).flt"
+ dfilefiltered="$dfile.flt"
+ echo "Filtering known diff file: "
+ echo "$FILTER $diffknownfile > $knownfiltered 2>&1"
+ $FILTER $diffknownfile > $knownfiltered 2>&1
+ echo "Filtering diff file: "
+ echo "$FILTER $dfile > $dfilefiltered 2>&1"
+ $FILTER $dfile > $dfilefiltered 2>&1
+ echo "Performing the DIFF: "
+ echo "diff $dfilefiltered $knownfiltered 2>&1"
+ diff $dfilefiltered $knownfiltered > $NULL
+ if [ $? -eq 0 ]; then
+ diffsAreKnown=1
+ else
+ ktmp=`wc -l $knownfiltered`; ktmp=`echo $ktmp | cut -f1 -d' '`
+ test "$ktmp" != "" &&
+ test $ktmp -ne 0 && knownsize=" (vs. $ktmp known)"
+ fi
+ fi
+
+ #--------------------------
+ # Print result of test. --
+ #--------------------------
+ if [ $diffsize -eq 0 -o $diffsAreKnown -ne 0 ]; then
+ if [ $diffsize -eq 0 ]; then
+ logtxt="### PASS ###$logtxt"
+ else
+ logtxt="### PASS with known diffs ###"
+ fi
+ else
+ logtxt="### FAIL ($diffsize lines$knownsize) ###"
+ fi
+
+
+ #-------------------------------------------------------------
+ # Print date, time, test name and test result in log file. --
+ #-------------------------------------------------------------
+ echo $logtxt
+ echo "`date +'%D %T'` $ix $logtxt" >> $rgrlog
+
+done
+
+#----------------------------------------
+# Print log file to screen --
+#----------------------------------------
+echo
+echo
+echo 'Test Summary'
+echo '============'
+echo
+cat $rgrlog
+echo
+
+#------------------------
+# Clean up dump files. --
+#------------------------
+rm -f core dumpfile 2>$NULL
+#rm -f $REGRRUNDIR/runmxci.ksh 2>$NULL
+rm -f $REGRRUNDIR/tmpfile.*.log 2>$NULL
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a17587b9/core/sql/regress/tools/runregr_privs2.ksh
----------------------------------------------------------------------
diff --git a/core/sql/regress/tools/runregr_privs2.ksh b/core/sql/regress/tools/runregr_privs2.ksh
new file mode 100755
index 0000000..5d9ea05
--- /dev/null
+++ b/core/sql/regress/tools/runregr_privs2.ksh
@@ -0,0 +1,494 @@
+#######################################################################
+# @@@ START COPYRIGHT @@@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# @@@ END COPYRIGHT @@@
+#######################################################################
+
+
+################################################################################
+# PRIVS2 REGRESSION TEST SUITE #
+# #
+# This script automates the running of privilege security tests #
+# #
+################################################################################
+
+#! /bin/sh
+
+# The command set -x, makes the script echo everything. Useful for debugging
+#set -x
+
+#------------------------------------------------------
+# User asked for help text (-h, -help or -? option) --
+# print it out and exit. --
+#------------------------------------------------------
+function usage {
+ echo ""
+ echo "Description: executes privilege tests"
+ echo ""
+ echo " [-help | -h | -?] -- this text "
+ echo " [-dircleanup] -- cleanup directory "
+ echo " [-diff] -- do not run, only do diffs "
+ echo " [<priv tests>] -- run the specified tests "
+ echo ""
+ echo "If no options specified, run all tests and perform diffs"
+ echo " "
+}
+
+#-----------------------------------------------------------------
+# Each command line option has an associated boolean variable --
+# indicating whether or not the option is in effect. Initalize --
+# these booleans to false. --
+#-----------------------------------------------------------------
+diffsonly=0
+dircleanup=0
+tests=
+
+echo ""
+echo "RUNNING SEABASE PRIVS2 TESTS"
+echo ""
+#--------------------------------------------------------------
+# Determine which command line arguments the user specified --
+# and set the corresponding boolean variable to TRUE. --
+#--------------------------------------------------------------
+while [ $# -gt 0 ]; do
+ case $1 in
+ -dircleanup)
+ dircleanup=1
+ ;;
+
+ -diff)
+ diffsonly=1
+ ;;
+
+ -h|-help)
+ usage
+ exit 0
+ ;;
+ *)
+ tests="$1 "
+ ;;
+ esac
+ shift
+done
+
+#########################################################################
+# E N D O F P A R S I N G C O M M A N D L I N E O P T I O N S #
+#########################################################################
+
+
+#----------------------------------------------------------------------
+# User specified -dircleanup option. Delete transient files and exit. --
+#----------------------------------------------------------------------
+if [ $dircleanup -eq 1 ]; then
+ echo "Cleaning up directory and exiting"
+ cd $REGRTSTDIR 2>$NULL
+ rm -f core dumpfile *.srt *.flt *.tflt
+ cd $REGRRUNDIR
+ rm -f core dumpfile *.srt *.flt *.tflt
+ exit 0
+fi
+
+#---------------------------------------------------------------------
+# Initialize variables used in the test --
+#---------------------------------------------------------------------
+
+PRIVSDIR=${rundir}/privs1
+sbdefsfile="$REGRTOOLSDIR/sbdefs"
+export BUILD_FLAVOR=`echo $BUILD_FLAVOR | tr a-z A-Z`
+echo "build flavor: $BUILD_FLAVOR"
+
+seabase="$SEABASE_REGRESS"
+
+# set up default catalog and schema
+export TEST_CATALOG='TRAFODION'
+export TEST_SCHEMA_NAME='sch'
+export TEST_SCHEMA="$TEST_CATALOG.$TEST_SCHEMA_NAME"
+echo "test catalog and schema: $TEST_SCHEMA"
+
+cd $REGRTSTDIR 2>$NULL
+echo "current work directory: `pwd`"
+
+#---------------------------------------------------------------------
+# uppercase all test, expected, known, filter, and diff files --
+#---------------------------------------------------------------------
+lctestfiles=`ls -1 test???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lctestfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcxptdfiles=`ls -1 expected???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcxptdfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcknownfiles=`ls -1 *.known* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcknownfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+lcfilterfiles=`ls -1 filter???* 2>$NULL | sed -e /~$/d -e /.bak$/d | \
+ sort -fu | pr -a -h "" -w 9999 -l 1` 2>$NULL
+for lcfile in $lcfilterfiles; do
+ ucfile=`ls -1 $lcfile | tr a-z A-Z`
+ cp -f $lcfile $ucfile 2>$NULL
+done
+
+#--------------------------------------------------
+# Based on the command lines options specified, --
+# determine which test files to run. --
+# Grab either the list of specified tests or all --
+# the tests beginnning with "TEST". --
+# If only the number is specified, prepend TEST. --
+#--------------------------------------------------
+if [ "$tests" = "" ]; then
+ testfiles=`ls -1 TEST???* | tr a-z A-Z | sed -e /~$/d -e /.bak$/d | sort -fu`
+ prettyfiles=$testfiles
+else
+ testfiles=`echo $tests | tr a-z A-Z`
+ prettyfiles=
+ for i in $testfiles; do
+ if [ `expr substr $i 1 4` = "TEST" ]; then
+ prettyfiles="$prettyfiles $i"
+ else
+ prettyfiles="$prettyfiles TEST$i"
+ fi
+ done
+fi
+
+#-------------------------------------------------------
+# For now, don't run these tests --
+# Add list of tests to script in "skipTheseTests" --
+#-------------------------------------------------------
+skipTheseTests=""
+
+#skip these tests for Seabase
+if [ "$seabase" -ne 0 ]; then
+ skipTheseTests="$skipTheseTests"
+fi
+
+testfiles="$prettyfiles"
+prettyfiles=
+skippedfiles=
+for i in $testfiles; do
+ skipthis=0
+ for j in $skipTheseTests; do
+ if [ "$i" = "$j" ]; then
+ skipthis=1
+ fi
+ done
+
+ if [ $skipthis -eq 0 ]; then
+ prettyfiles="$prettyfiles $i"
+ else
+ skippedfiles="$skippedfiles $i"
+ fi
+done
+testfiles=$prettyfiles
+
+
+#-----------------------------------------
+# Inform user which tests will be run. --
+#-----------------------------------------
+echo "TESTS TO BE RUN: $testfiles"
+if [ "$skippedfiles" != "" ]; then
+ echo "TESTS NOT RUN: $skippedfiles"
+fi
+
+#--------------------------------------------------
+# Set up environment variables for running SQL. --
+#--------------------------------------------------
+cd $REGRRUNDIR 2>$NULL
+
+
+#--------------------------------------------------
+# If the user did not choose the -diff option, --
+# rename the old log file to have a .bak suffix. --
+# Write date and time to new log file. --
+#--------------------------------------------------
+test $diffsonly -eq 0 && mv -f $rgrlog $rgrlog.bak 2>$NULL
+echo "`date +'%D %T'`" > $rgrlog
+
+#---------------------------------------
+# For each test file in the list.... --
+#---------------------------------------
+for ix in $testfiles; do
+
+ #---------------------------------------
+ # Tell user whether we're just doing --
+ # diffs or actually running a test. --
+ #---------------------------------------
+ echo
+ if [ $diffsonly -eq 1 ]; then
+ echo "------------------------------------------------------------"
+ echo "-- Doing diff for test $ix: "
+ echo "------------------------------------------------------------"
+ else
+ echo "------------------------------------------------------------"
+ echo "-- Starting test $ix: "
+ echo "------------------------------------------------------------"
+ fi
+ echo
+
+ #---------------------------------------------------------
+ # Set up the test file, expected file, output file and --
+ # difference file names for this iteration. Also clear --
+ # out the log text for the current iteration. --
+ #---------------------------------------------------------
+ tnum=`echo $ix | cut -c 5-`
+ exp=EXPECTED$tnum
+ diff=DIFF$tnum
+ tfile=$REGRTSTDIR/$ix
+ dfile=$REGRRUNDIR/$diff
+ lfile=$REGRRUNDIR/LOG$tnum
+ logtxt=
+ runTheTest=1
+
+ # --------------------------------------------------------
+ # set up expected results file __
+ #---------------------------------------------------------
+
+ # if EXPECTED.SB exists, use that
+ if [ -r "$REGRTSTDIR/${exp}.SB" ]; then
+ exp="${exp}.SB"
+ fi
+ echo "Using expected result file: $exp"
+
+ # If a special file is needed for the release version, use it
+ if [ "$BUILD_FLAVOR" = "RELEASE" ]; then
+ if [ -r $REGRTSTDIR/$exp.L$BUILD_FLAVOR ]; then
+ exp=$exp.L$BUILD_FLAVOR
+ fi
+ fi
+
+ # use the default expected file
+ if [ -r "$REGRTSTDIR/$exp" ]; then
+ efile=$REGRTSTDIR/$exp
+ fi
+
+sqlci > $ix.tmp 2>&1 << eof
+env;
+eof
+authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
+if [ "$authDisabled" = "" ]; then
+ echo "Authorization is enabled"
+else
+ echo "Authorization is not initialized, to initialize it"
+ sqlci -i $scriptsdir/tools/reg_users.sql;
+ echo "Authorization has been enabled"
+fi
+rm -f $ix.tmp 2>$NULL
+
+ #--------------------------------------------------
+ # Run test if the -diff option not specified --
+ #--------------------------------------------------
+ if [ $diffsonly -eq 0 ]; then
+ if [ $runTheTest -eq 1 ]; then
+ rm -f $lfile.BAK $dfile.BAK 2>$NULL
+ mv -f $lfile $lfile.BAK 2>$NULL
+ mv -f $dfile $dfile.BAK 2>$NULL
+
+ if [ "$REGRTSTDIR" != "$REGRRUNDIR" ]; then
+ cp -f $REGRTSTDIR/$ix $REGRRUNDIR/$ix 2>$NULL
+ fi
+
+ echo "Executing: $sqlci -i$tfile"
+ $sqlci -i$tfile
+
+ if [ "$REGRTSTDIR" != "$REGRRUNDIR" ]; then
+ rm -f $REGRRUNDIR/$ix 2>$NULL
+ fi
+ fi
+ else
+ rm -f $dfile.BAK 2>$NULL
+ mv -f $dfile $dfile.BAK 2>$NULL
+ fi
+
+ #---------------------------------------
+ # Sort log and expected result file. --
+ #---------------------------------------
+ if [ -x $LOGSORT ]; then
+ efilesrt=$exp.srt
+ lfilesrt=$lfile.srt
+ rm -f $efilesrt $lfilesrt
+ echo
+ echo "SORTING EXPECTED AND LOG FILES"
+ echo "$LOGSORT $efile $efilesrt"
+ echo "$LOGSORT $lfile $lfilesrt"
+ echo
+ $LOGSORT $efile $efilesrt >> $NULL # not to $diff, because
+ $LOGSORT $lfile $lfilesrt >> $NULL # logsort writes too much junk
+ else
+ efilesrt=$efile
+ lfilesrt=$lfile
+ echo "Could not find $LOGSORT, comparing unsorted files"
+ fi
+
+ #------------------------------
+ # filter result files --
+ #------------------------------
+
+ # If special filter file exist for test, run it
+ if [ -x "$REGRTSTDIR/FILTER$tnum" -a -s "$REGRTSTDIR/FILTER$tnum" ]; then
+ efiletflt=$exp.tflt
+ lfiletflt=$lfile.tflt
+ rm -f $efiletflt $lfiletflt
+ echo "RUNNING SPECIAL FILTER FOR TEST $tnum"
+ echo "Special filtering expected file"
+ echo "$REGRTSTDIR/FILTER$tnum $efilesrt > $efiletflt"
+ echo "Special filtering log file"
+ echo "$REGRTSTDIR/FILTER$tnum $lfilesrt > $lfiletflt"
+ echo
+ $REGRTSTDIR/FILTER$tnum $efilesrt > $efiletflt 2>&1
+ $REGRTSTDIR/FILTER$tnum $lfilesrt > $lfiletflt 2>&1
+ else
+ efiletflt=$efilesrt
+ lfiletflt=$lfilesrt
+ fi
+
+ # Run general filter file common for all tests
+ echo "RUNNING STANDARD FILTER FILE ON SORTED OUTPUT"
+ rm -f $exp.flt $lfile.flt
+ echo "Filtering expected file:"
+ echo "$FILTER $efiletflt > $exp.flt"
+ echo "Filtering log file:"
+ echo "$FILTER $lfiletflt > $lfile.flt"
+ echo
+ $FILTER $efiletflt > $exp.flt 2>&1
+ $FILTER $lfiletflt > $lfile.flt 2>&1
+
+ #----------------------------------------------------------------
+ # Capture filtered files --
+ #----------------------------------------------------------------
+ echo
+ echo "RETAINING RESULTS OF FILTER OPERATION"
+ echo "Saving filtered expected files:"
+ echo "cp $exp.flt $FilteredLogs/expfiles/LOG$tnum"
+ cp $exp.flt $FilteredLogs/expfiles/LOG$tnum
+ echo "Saving filtered log files:"
+ echo "cp $lfile.flt $FilteredLogs/logfiles/LOG$tnum"
+ cp $lfile.flt $FilteredLogs/logfiles/LOG$tnum
+
+ #----------------------------------------------------------------
+ # Compare filtered expected and actual files for differences. --
+ #----------------------------------------------------------------
+ echo
+ echo "RUNNING DIFFs ON SORTED AND FILTERED LOGS/EXPECTED FILES"
+ echo "diff $exp.flt $lfile.flt >> $dfile"
+ echo
+ if [ -z "$DUMA_FILL" ] ; then
+ diff $exp.flt $lfile.flt >> $dfile 2>&1
+ else
+ diff $exp.flt $lfile.flt >> $dfile 2>/dev/null
+ fi
+
+
+ #rm -f $efilesrt $lfilesrt $efile.flt $lfile.flt $efiletflt $lfiletflt 2>$NULL
+
+ #------------------------------------------
+ # Determine how many lines differed --
+ # between the expected and actual files. --
+ #------------------------------------------
+ diffsize=`wc -l $dfile`; diffsize=`echo $diffsize | cut -f1 -d' '`
+
+ #-----------------------------------------------------------------
+ # Compare with the known diff file to see if differences are ok --
+ #-----------------------------------------------------------------
+ diffsAreKnown=0
+ diffknownfile=
+ knownsize=
+ if [ $diffsize -ne 0 ]; then
+ if [ -r $REGRRUNDIR/$diff.KNOWN.$BUILD_FLAVOR ]; then
+ diffknownfile=$REGRRUNDIR/$diff.KNOWN.$BUILD_FLAVOR
+ elif [ -r $REGRTSTDIR/$diff.KNOWN ]; then
+ diffknownfile=$REGRTSTDIR/$diff.KNOWN
+ fi
+ fi
+
+ # Diff the diff and the diff.known files and see how many lines differ
+ if [ "$diffknownfile" != "" ]; then
+ echo
+ echo "COMPARING KNOWN DIFFS FILE TO CURRENT DIFFS"
+ echo "Size of diff file: $diffsize"
+ # Filter known diff file to avoid schema differences
+ knownfiltered="$(dirname $dfile)/$(basename $diffknownfile).flt"
+ dfilefiltered="$dfile.flt"
+ echo "Filtering known diff file: "
+ echo "$FILTER $diffknownfile > $knownfiltered 2>&1"
+ $FILTER $diffknownfile > $knownfiltered 2>&1
+ echo "Filtering diff file: "
+ echo "$FILTER $dfile > $dfilefiltered 2>&1"
+ $FILTER $dfile > $dfilefiltered 2>&1
+ echo "Performing the DIFF: "
+ echo "diff $dfilefiltered $knownfiltered 2>&1"
+ diff $dfilefiltered $knownfiltered > $NULL
+ if [ $? -eq 0 ]; then
+ diffsAreKnown=1
+ else
+ ktmp=`wc -l $knownfiltered`; ktmp=`echo $ktmp | cut -f1 -d' '`
+ test "$ktmp" != "" &&
+ test $ktmp -ne 0 && knownsize=" (vs. $ktmp known)"
+ fi
+ fi
+
+ #--------------------------
+ # Print result of test. --
+ #--------------------------
+ if [ $diffsize -eq 0 -o $diffsAreKnown -ne 0 ]; then
+ if [ $diffsize -eq 0 ]; then
+ logtxt="### PASS ###$logtxt"
+ else
+ logtxt="### PASS with known diffs ###"
+ fi
+ else
+ logtxt="### FAIL ($diffsize lines$knownsize) ###"
+ fi
+
+
+ #-------------------------------------------------------------
+ # Print date, time, test name and test result in log file. --
+ #-------------------------------------------------------------
+ echo $logtxt
+ echo "`date +'%D %T'` $ix $logtxt" >> $rgrlog
+
+done
+
+#----------------------------------------
+# Print log file to screen --
+#----------------------------------------
+echo
+echo
+echo 'Test Summary'
+echo '============'
+echo
+cat $rgrlog
+echo
+
+#------------------------
+# Clean up dump files. --
+#------------------------
+rm -f core dumpfile 2>$NULL
+#rm -f $REGRRUNDIR/runmxci.ksh 2>$NULL
+rm -f $REGRRUNDIR/tmpfile.*.log 2>$NULL
[4/4] incubator-trafodion git commit: Merge [TRAFODION-1754] PR-267
Showddl component does not display grants correctly
Posted by rm...@apache.org.
Merge [TRAFODION-1754] PR-267 Showddl component does not display grants correctly
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/e846a0f6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/e846a0f6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/e846a0f6
Branch: refs/heads/master
Commit: e846a0f6ab850ecb588c6d64e49e9f399e75cfbf
Parents: bd86a46 a17587b
Author: Roberta Marton <ro...@apache.org>
Authored: Wed Jan 20 23:04:47 2016 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Wed Jan 20 23:04:47 2016 +0000
----------------------------------------------------------------------
core/dbsecurity/auth/src/dbUserAuth.cpp | 1 +
core/sql/common/ComSmallDefs.h | 15 +-
core/sql/common/ComUser.h | 6 +-
core/sql/common/NAUserId.h | 24 +-
core/sql/regress/privs1/EXPECTED137 | 1274 +++++-------------
core/sql/regress/privs1/runregr | 31 +
core/sql/regress/privs2/EXPECTED135 | 14 +-
core/sql/regress/privs2/runregr | 31 +
core/sql/regress/tools/runallsb | 1 -
core/sql/regress/tools/runregr_privs1.ksh | 492 +++++++
core/sql/regress/tools/runregr_privs2.ksh | 494 +++++++
core/sql/sqlcomp/CmpSeabaseDDLauth.cpp | 27 +-
core/sql/sqlcomp/CmpSeabaseDDLauth.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLtable.cpp | 2 +-
core/sql/sqlcomp/PrivMgr.cpp | 12 +-
core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 2 +-
core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 377 ++++--
core/sql/sqlcomp/PrivMgrDefs.h | 9 -
core/sql/sqlcomp/PrivMgrMD.cpp | 26 +-
core/sql/sqlcomp/PrivMgrMDDefs.h | 4 +-
core/sql/sqlcomp/PrivMgrPrivileges.cpp | 28 +-
core/sql/sqlcomp/PrivMgrRoles.cpp | 8 +-
core/sql/udrserv/udrserv.cpp | 3 +-
23 files changed, 1727 insertions(+), 1155 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/e846a0f6/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
----------------------------------------------------------------------
[2/4] incubator-trafodion git commit: TRAFODION-1754 Showddl
component does not display grants correctly
Posted by rm...@apache.org.
TRAFODION-1754 Showddl component does not display grants correctly
Showddl should be displaying grants on an operation in a manner that allows
the privileges to be recreated. Currently, they are returned in the order
in which they are read from the metadata.
While working on this JIRA, several issues were fixed including:
- Consolidated privilege values into one location - NAUserId.h. They used to be
stored in NAUserId.h, ComSmallDefs.h, and PrivMgrDefs.h
- The check for getting the next available role ID was not correct.
- PrivMgrPrivileges::hasColWGO has incorrect indexing
- PrivMgrComponentPrivileges::selectAllWhere has incorrect error checking
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/17d1b177
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/17d1b177
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/17d1b177
Branch: refs/heads/master
Commit: 17d1b177864141e8670dcc8584f95eb0d845e756
Parents: a331938
Author: Roberta Marton <ro...@apache.org>
Authored: Thu Jan 14 17:29:35 2016 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Thu Jan 14 17:29:35 2016 +0000
----------------------------------------------------------------------
core/dbsecurity/auth/src/dbUserAuth.cpp | 1 +
core/sql/common/ComSmallDefs.h | 15 +-
core/sql/common/ComUser.h | 6 +-
core/sql/common/NAUserId.h | 24 +-
core/sql/regress/privs1/EXPECTED137 | 1274 +++++-------------
core/sql/sqlcomp/CmpSeabaseDDLauth.cpp | 27 +-
core/sql/sqlcomp/CmpSeabaseDDLauth.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLtable.cpp | 2 +-
core/sql/sqlcomp/PrivMgr.cpp | 12 +-
core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 2 +-
core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 377 ++++--
core/sql/sqlcomp/PrivMgrDefs.h | 9 -
core/sql/sqlcomp/PrivMgrMD.cpp | 26 +-
core/sql/sqlcomp/PrivMgrMDDefs.h | 4 +-
core/sql/sqlcomp/PrivMgrPrivileges.cpp | 28 +-
core/sql/sqlcomp/PrivMgrRoles.cpp | 8 +-
core/sql/udrserv/udrserv.cpp | 3 +-
17 files changed, 671 insertions(+), 1148 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/dbsecurity/auth/src/dbUserAuth.cpp
----------------------------------------------------------------------
diff --git a/core/dbsecurity/auth/src/dbUserAuth.cpp b/core/dbsecurity/auth/src/dbUserAuth.cpp
index 3733f0c..cf021f5 100644
--- a/core/dbsecurity/auth/src/dbUserAuth.cpp
+++ b/core/dbsecurity/auth/src/dbUserAuth.cpp
@@ -64,6 +64,7 @@ class Queue;
typedef int Lng32;
#endif
#include "ComSmallDefs.h"
+#include "NAUserId.h"
#include "ExExeUtilCli.h"
enum {INTERNAL_QUERY_FROM_EXEUTIL = 0x20000};
// LCOV_EXCL_STOP
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/common/ComSmallDefs.h
----------------------------------------------------------------------
diff --git a/core/sql/common/ComSmallDefs.h b/core/sql/common/ComSmallDefs.h
index 6e893c5..1c888fb 100644
--- a/core/sql/common/ComSmallDefs.h
+++ b/core/sql/common/ComSmallDefs.h
@@ -88,20 +88,7 @@ typedef Int32 ComUserID;
typedef NABoolean ComBoolean;
-
-// Defines for special users and roles
-#define DB__HIVEROLE "DB__HIVEROLE"
-#define DB__HBASEROLE "DB__HBASEROLE"
-#define DB__ROOTROLE "DB__ROOTROLE"
-#define DB__ROOT "DB__ROOT"
-#define SUPER_USER_LIT "33333"
-
-#define SYSTEM_USER -2
-#define PUBLIC_USER -1
-#define SUPER_USER 33333 // user id of DB__ROOT
-
-#define HIVE_ROLE_ID 1490000 // role id of DB__HIVEROLE
-#define HBASE_ROLE_ID 1490001 // role id of DB__HBASEROLE
+// user and role definitions have been moved to NAUserId.h
// Defaults for system attributes
#define SMD_LOCATION "$SYSTEM"
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/common/ComUser.h
----------------------------------------------------------------------
diff --git a/core/sql/common/ComUser.h b/core/sql/common/ComUser.h
index 8695c36..d5f5c2e 100644
--- a/core/sql/common/ComUser.h
+++ b/core/sql/common/ComUser.h
@@ -73,9 +73,9 @@ class ComUser
static Int32 getRootUserID() { return SUPER_USER; }
static Int32 getPublicUserID() { return PUBLIC_USER; }
static Int32 getSystemUserID() { return SYSTEM_USER; }
- static const char * getRootUserName() { return "DB__ROOT"; }
- static const char * getPublicUserName() { return "PUBLIC"; }
- static const char * getSystemUserName() { return "_SYSTEM"; }
+ static const char * getRootUserName() { return DB__ROOT; }
+ static const char * getPublicUserName() { return PUBLIC_AUTH_NAME; }
+ static const char * getSystemUserName() { return SYSTEM_AUTH_NAME; }
static char getAuthType(Int32 authID);
static Int16 getUserNameFromUserID(Int32 userID,
char *userName,
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/common/NAUserId.h
----------------------------------------------------------------------
diff --git a/core/sql/common/NAUserId.h b/core/sql/common/NAUserId.h
index b2e8a33..992c2c3 100644
--- a/core/sql/common/NAUserId.h
+++ b/core/sql/common/NAUserId.h
@@ -45,9 +45,31 @@
#define MIN_USERID 33333
#define MAX_USERID 999999
#define MIN_ROLEID 1000000
-#define MAX_ROLEID 1499999
+#define MAX_ROLEID 1490000
#define NA_UserId Int32
#define NA_AuthID Int32
#define NA_UserIdDefault 0
+// Defines for special users
+#define SYSTEM_AUTH_NAME "_SYSTEM"
+#define DB__ROOT "DB__ROOT"
+
+// Defines for special roles
+#define PUBLIC_AUTH_NAME "PUBLIC"
+#define DB__HIVEROLE "DB__HIVEROLE"
+#define DB__HBASEROLE "DB__HBASEROLE"
+#define DB__ROOTROLE "DB__ROOTROLE"
+
+#define SUPER_USER_LIT "33333"
+
+#define SYSTEM_USER -2
+#define PUBLIC_USER -1
+#define ROOT_USER_ID 33333
+#define SUPER_USER 33333
+
+#define ROOT_ROLE_ID 1000000
+#define HIVE_ROLE_ID 1490000
+#define HBASE_ROLE_ID 1490001
+
+
#endif /* NAUSERID_H*/
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/regress/privs1/EXPECTED137
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs1/EXPECTED137 b/core/sql/regress/privs1/EXPECTED137
index 41c5ebd..5f9b471 100755
--- a/core/sql/regress/privs1/EXPECTED137
+++ b/core/sql/regress/privs1/EXPECTED137
@@ -776,692 +776,403 @@ REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL 'Component for SQL operations';
CREATE COMPONENT PRIVILEGE ALTER AS 'A0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter database objects';
--- GRANT COMPONENT PRIVILEGE ALTER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION AS 'AA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to alter routine actions';
--- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TRIGGER AS 'AG' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter triggers';
--- GRANT COMPONENT PRIVILEGE ALTER_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SCHEMA AS 'AH' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter schemas';
--- GRANT COMPONENT PRIVILEGE ALTER_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_LIBRARY AS 'AL' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter libraries';
--- GRANT COMPONENT PRIVILEGE ALTER_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SEQUENCE AS 'AQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter sequence generators';
--- GRANT COMPONENT PRIVILEGE ALTER_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE AS 'AR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter routines';
--- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TABLE AS 'AT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter tables';
--- GRANT COMPONENT PRIVILEGE ALTER_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_VIEW AS 'AV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter views';
--- GRANT COMPONENT PRIVILEGE ALTER_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SYNONYM AS 'AY' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter synonyms';
--- GRANT COMPONENT PRIVILEGE ALTER_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE AS 'C0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create database objects';
--- GRANT COMPONENT PRIVILEGE CREATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION AS 'CA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to create routine actions';
--- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_CATALOG AS 'CC' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create catalogs';
--- GRANT COMPONENT PRIVILEGE CREATE_CATALOG
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_CATALOG
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TRIGGER AS 'CG' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create triggers';
--- GRANT COMPONENT PRIVILEGE CREATE_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SCHEMA AS 'CH' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create schemas';
- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO PUBLIC;
-
--- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "PUBLIC";
+GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_INDEX AS 'CI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create indexes';
--- GRANT COMPONENT PRIVILEGE CREATE_INDEX
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_INDEX
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_LIBRARY AS 'CL' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create libraries';
--- GRANT COMPONENT PRIVILEGE CREATE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_PROCEDURE AS 'CP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create procedures';
--- GRANT COMPONENT PRIVILEGE CREATE_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SEQUENCE AS 'CQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create sequence generators';
--- GRANT COMPONENT PRIVILEGE CREATE_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE AS 'CR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create routines';
--- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TABLE AS 'CT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create tables';
--- GRANT COMPONENT PRIVILEGE CREATE_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_VIEW AS 'CV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create views';
--- GRANT COMPONENT PRIVILEGE CREATE_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SYNONYM AS 'CY' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create synonyms';
--- GRANT COMPONENT PRIVILEGE CREATE_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP AS 'D0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop database objects';
--- GRANT COMPONENT PRIVILEGE DROP
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE_ACTION AS 'DA' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop routine actions';
--- GRANT COMPONENT PRIVILEGE DROP_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_CATALOG AS 'DC' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop catalogs';
--- GRANT COMPONENT PRIVILEGE DROP_CATALOG
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_CATALOG
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TRIGGER AS 'DG' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop triggers';
--- GRANT COMPONENT PRIVILEGE DROP_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SCHEMA AS 'DH' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop schemas';
--- GRANT COMPONENT PRIVILEGE DROP_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_INDEX AS 'DI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop indexes';
--- GRANT COMPONENT PRIVILEGE DROP_INDEX
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_INDEX
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_LIBRARY AS 'DL' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop libraries';
--- GRANT COMPONENT PRIVILEGE DROP_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_PROCEDURE AS 'DP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop procedures';
--- GRANT COMPONENT PRIVILEGE DROP_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SEQUENCE AS 'DQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop sequence generators';
--- GRANT COMPONENT PRIVILEGE DROP_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE AS 'DR' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop routines';
--- GRANT COMPONENT PRIVILEGE DROP_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TABLE AS 'DT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop tables';
--- GRANT COMPONENT PRIVILEGE DROP_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_VIEW AS 'DV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop views';
--- GRANT COMPONENT PRIVILEGE DROP_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SYNONYM AS 'DY' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop synonyms';
--- GRANT COMPONENT PRIVILEGE DROP_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE AS 'M0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage all SQL Operations';
--- GRANT COMPONENT PRIVILEGE MANAGE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_COMPONENTS AS 'MC' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage components';
--- GRANT COMPONENT PRIVILEGE MANAGE_COMPONENTS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_COMPONENTS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LIBRARY AS 'ML' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage libraries';
--- GRANT COMPONENT PRIVILEGE MANAGE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_PRIVILEGES AS 'MP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage privileges on SQL objects';
--- GRANT COMPONENT PRIVILEGE MANAGE_PRIVILEGES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_PRIVILEGES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_ROLES AS 'MR' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage roles';
--- GRANT COMPONENT PRIVILEGE MANAGE_ROLES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_ROLES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_STATISTICS AS 'MS' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to show and update statistics';
--- GRANT COMPONENT PRIVILEGE MANAGE_STATISTICS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_STATISTICS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LOAD AS 'MT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to perform LOAD and UNLOAD commands';
--- GRANT COMPONENT PRIVILEGE MANAGE_LOAD
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_LOAD
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_USERS AS 'MU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage users';
--- GRANT COMPONENT PRIVILEGE MANAGE_USERS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_USERS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_DELETE AS 'PD' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to delete rows';
--- GRANT COMPONENT PRIVILEGE DML_DELETE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_DELETE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_EXECUTE AS 'PE' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to execute functions';
--- GRANT COMPONENT PRIVILEGE DML_EXECUTE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_EXECUTE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_USAGE AS 'PG' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to use libraries and sequences';
--- GRANT COMPONENT PRIVILEGE DML_USAGE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_USAGE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_INSERT AS 'PI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to insert rows';
--- GRANT COMPONENT PRIVILEGE DML_INSERT
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_INSERT
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_REFERENCES AS 'PR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to reference columns';
--- GRANT COMPONENT PRIVILEGE DML_REFERENCES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_REFERENCES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_SELECT AS 'PS' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to select rows';
--- GRANT COMPONENT PRIVILEGE DML_SELECT
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_SELECT
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_UPDATE AS 'PU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to update rows';
--- GRANT COMPONENT PRIVILEGE DML_UPDATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_UPDATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_ACTIVATE AS 'QA' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to activate queries';
--- GRANT COMPONENT PRIVILEGE QUERY_ACTIVATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_ACTIVATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_CANCEL AS 'QC' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to cancel queries';
--- GRANT COMPONENT PRIVILEGE QUERY_CANCEL
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_CANCEL
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_SUSPEND AS 'QS' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to suspend queries';
--- GRANT COMPONENT PRIVILEGE QUERY_SUSPEND
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_SUSPEND
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE REMAP_USER AS 'RU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to remap DB__ users to a different external username';
--- GRANT COMPONENT PRIVILEGE REMAP_USER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE REMAP_USER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE SHOW AS 'SW' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to view metadata information about objects';
- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO PUBLIC;
-
--- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "PUBLIC";
+GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA AS 'UA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to use non-default schemas';
--- GRANT COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
--- SQL operation complete.
@@ -1607,692 +1318,403 @@ REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL 'Component for SQL operations';
CREATE COMPONENT PRIVILEGE ALTER AS 'A0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter database objects';
--- GRANT COMPONENT PRIVILEGE ALTER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION AS 'AA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to alter routine actions';
--- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TRIGGER AS 'AG' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter triggers';
--- GRANT COMPONENT PRIVILEGE ALTER_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SCHEMA AS 'AH' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter schemas';
--- GRANT COMPONENT PRIVILEGE ALTER_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_LIBRARY AS 'AL' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter libraries';
--- GRANT COMPONENT PRIVILEGE ALTER_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SEQUENCE AS 'AQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter sequence generators';
--- GRANT COMPONENT PRIVILEGE ALTER_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE AS 'AR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter routines';
--- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TABLE AS 'AT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter tables';
--- GRANT COMPONENT PRIVILEGE ALTER_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_VIEW AS 'AV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to alter views';
--- GRANT COMPONENT PRIVILEGE ALTER_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SYNONYM AS 'AY' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to alter synonyms';
--- GRANT COMPONENT PRIVILEGE ALTER_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE ALTER_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE AS 'C0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create database objects';
--- GRANT COMPONENT PRIVILEGE CREATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION AS 'CA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to create routine actions';
--- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_CATALOG AS 'CC' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create catalogs';
--- GRANT COMPONENT PRIVILEGE CREATE_CATALOG
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_CATALOG
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TRIGGER AS 'CG' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create triggers';
--- GRANT COMPONENT PRIVILEGE CREATE_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SCHEMA AS 'CH' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create schemas';
- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO PUBLIC;
-
--- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "PUBLIC";
+GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_INDEX AS 'CI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create indexes';
--- GRANT COMPONENT PRIVILEGE CREATE_INDEX
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_INDEX
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_LIBRARY AS 'CL' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create libraries';
--- GRANT COMPONENT PRIVILEGE CREATE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_PROCEDURE AS 'CP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create procedures';
--- GRANT COMPONENT PRIVILEGE CREATE_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SEQUENCE AS 'CQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create sequence generators';
--- GRANT COMPONENT PRIVILEGE CREATE_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE AS 'CR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create routines';
--- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TABLE AS 'CT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create tables';
--- GRANT COMPONENT PRIVILEGE CREATE_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_VIEW AS 'CV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to create views';
--- GRANT COMPONENT PRIVILEGE CREATE_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SYNONYM AS 'CY' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to create synonyms';
--- GRANT COMPONENT PRIVILEGE CREATE_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE CREATE_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP AS 'D0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop database objects';
--- GRANT COMPONENT PRIVILEGE DROP
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE_ACTION AS 'DA' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop routine actions';
--- GRANT COMPONENT PRIVILEGE DROP_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_ROUTINE_ACTION
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_CATALOG AS 'DC' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop catalogs';
--- GRANT COMPONENT PRIVILEGE DROP_CATALOG
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_CATALOG
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TRIGGER AS 'DG' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop triggers';
--- GRANT COMPONENT PRIVILEGE DROP_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_TRIGGER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SCHEMA AS 'DH' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop schemas';
--- GRANT COMPONENT PRIVILEGE DROP_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_INDEX AS 'DI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop indexes';
--- GRANT COMPONENT PRIVILEGE DROP_INDEX
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_INDEX
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_LIBRARY AS 'DL' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop libraries';
--- GRANT COMPONENT PRIVILEGE DROP_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_PROCEDURE AS 'DP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop procedures';
--- GRANT COMPONENT PRIVILEGE DROP_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_PROCEDURE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SEQUENCE AS 'DQ' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to drop sequence generators';
--- GRANT COMPONENT PRIVILEGE DROP_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SEQUENCE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE AS 'DR' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop routines';
--- GRANT COMPONENT PRIVILEGE DROP_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_ROUTINE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TABLE AS 'DT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop tables';
--- GRANT COMPONENT PRIVILEGE DROP_TABLE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_TABLE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_VIEW AS 'DV' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop views';
--- GRANT COMPONENT PRIVILEGE DROP_VIEW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_VIEW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SYNONYM AS 'DY' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to drop synonyms';
--- GRANT COMPONENT PRIVILEGE DROP_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DROP_SYNONYM
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE AS 'M0' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage all SQL Operations';
--- GRANT COMPONENT PRIVILEGE MANAGE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_COMPONENTS AS 'MC' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage components';
--- GRANT COMPONENT PRIVILEGE MANAGE_COMPONENTS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_COMPONENTS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LIBRARY AS 'ML' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage libraries';
--- GRANT COMPONENT PRIVILEGE MANAGE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_LIBRARY
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_PRIVILEGES AS 'MP' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to manage privileges on SQL objects';
--- GRANT COMPONENT PRIVILEGE MANAGE_PRIVILEGES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_PRIVILEGES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_ROLES AS 'MR' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage roles';
--- GRANT COMPONENT PRIVILEGE MANAGE_ROLES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_ROLES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_STATISTICS AS 'MS' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to show and update statistics';
--- GRANT COMPONENT PRIVILEGE MANAGE_STATISTICS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_STATISTICS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LOAD AS 'MT' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to perform LOAD and UNLOAD commands';
--- GRANT COMPONENT PRIVILEGE MANAGE_LOAD
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_LOAD
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_USERS AS 'MU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to manage users';
--- GRANT COMPONENT PRIVILEGE MANAGE_USERS
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE MANAGE_USERS
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_DELETE AS 'PD' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to delete rows';
--- GRANT COMPONENT PRIVILEGE DML_DELETE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_DELETE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_EXECUTE AS 'PE' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to execute functions';
--- GRANT COMPONENT PRIVILEGE DML_EXECUTE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_EXECUTE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_USAGE AS 'PG' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to use libraries and sequences';
--- GRANT COMPONENT PRIVILEGE DML_USAGE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_USAGE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_INSERT AS 'PI' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to insert rows';
--- GRANT COMPONENT PRIVILEGE DML_INSERT
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_INSERT
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_REFERENCES AS 'PR' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to reference columns';
--- GRANT COMPONENT PRIVILEGE DML_REFERENCES
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_REFERENCES
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_SELECT AS 'PS' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to select rows';
--- GRANT COMPONENT PRIVILEGE DML_SELECT
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_SELECT
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DML_UPDATE AS 'PU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to update rows';
--- GRANT COMPONENT PRIVILEGE DML_UPDATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE DML_UPDATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_ACTIVATE AS 'QA' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to activate queries';
--- GRANT COMPONENT PRIVILEGE QUERY_ACTIVATE
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_ACTIVATE
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_CANCEL AS 'QC' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to cancel queries';
--- GRANT COMPONENT PRIVILEGE QUERY_CANCEL
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_CANCEL
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_SUSPEND AS 'QS' ON SQL_OPERATIONS SYSTEM
DETAIL 'Allow grantee to suspend queries';
--- GRANT COMPONENT PRIVILEGE QUERY_SUSPEND
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE QUERY_SUSPEND
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE REMAP_USER AS 'RU' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to remap DB__ users to a different external username';
--- GRANT COMPONENT PRIVILEGE REMAP_USER
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE REMAP_USER
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
+ WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE SHOW AS 'SW' ON SQL_OPERATIONS SYSTEM DETAIL
'Allow grantee to view metadata information about objects';
- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO PUBLIC;
-
--- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE SHOW
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "PUBLIC";
+GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
+ GRANT OPTION;
CREATE COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA AS 'UA' ON SQL_OPERATIONS
SYSTEM DETAIL 'Allow grantee to use non-default schemas';
--- GRANT COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOT
- WITH GRANT OPTION;
-
- GRANT COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA
- ON SQL_OPERATIONS TO DB__ROOTROLE
- WITH GRANT OPTION;
-
+-- GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO
+ "DB__ROOTROLE" WITH GRANT OPTION;
--- SQL operation complete.
@@ -2481,7 +1903,9 @@ drop component privilege lib_view_benefactors cascade;
>>revoke component privilege lib_view_repository
+>on library_books from sql_user3;
---- SQL operation complete.
+*** ERROR[1025] Request failed. Dependent object exists.
+
+--- SQL operation failed with errors.
>>log;
>>unregister component Library_books cascade;
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp b/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp
index 6ca7c3c..7d7ac01 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp
@@ -185,7 +185,7 @@ CmpSeabaseDDLauth::getAuthDetails(const char *pAuthName, bool isExternal)
setAuthCreateTime(0);
setAuthDbName(PUBLIC_AUTH_NAME);
setAuthExtName(PUBLIC_AUTH_NAME);
- setAuthID(PUBLIC_AUTH_ID);
+ setAuthID(PUBLIC_USER);
setAuthRedefTime(0);
setAuthType(COM_ROLE_CLASS);
setAuthValid(false);
@@ -287,9 +287,9 @@ bool CmpSeabaseDDLauth::isAuthNameReserved (const NAString &authName)
authName.operator()(0,strlen(RESERVED_AUTH_NAME_PREFIX)) ==
RESERVED_AUTH_NAME_PREFIX
||
- authName == "_SYSTEM"
+ authName == SYSTEM_AUTH_NAME
||
- authName == "PUBLIC"
+ authName == PUBLIC_AUTH_NAME
||
authName == "NONE";
@@ -717,6 +717,13 @@ Int32 CmpSeabaseDDLuser::getUniqueID()
newUserID = MIN_USERID + 1;
else
newUserID++;
+
+ // We have 966,667 available ID's. Don't expect to run out of ID's for awhile
+ // but if/when we do, the algorithm needs to change. Can reuse ID's for users
+ // that were unregistered.
+ if (newUserID >= MAX_USERID)
+ SEABASEDDL_INTERNAL_ERROR("CmpSeabaseDDLrole::getUniqueID failed, ran out of available IDs");
+
return newUserID;
}
@@ -1828,14 +1835,24 @@ Int32 CmpSeabaseDDLrole::getUniqueID()
char roleIDString[MAX_AUTHID_AS_STRING_LEN];
NAString whereClause ("where auth_id >= ");
- sprintf(roleIDString,"%d",DB_ROOTROLE_ID);
+ sprintf(roleIDString,"%d",MIN_ROLEID);
+ whereClause += roleIDString;
+ whereClause += " and auth_id < ";
+ sprintf(roleIDString, "%d", MAX_ROLEID);
whereClause += roleIDString;
newRoleID = selectMaxAuthID(whereClause);
if (newRoleID == 0)
- newRoleID = DB_ROOTROLE_ID + 1;
+ newRoleID = ROOT_ROLE_ID + 1;
else
newRoleID++;
+
+ // We have 490000 available ID's. Don't expect to run out of ID's for awhile
+ // but if/when we do, the algorithm needs to change. Can reuse ID's for roles
+ // that were dropped.
+ if (newRoleID >= MAX_ROLEID)
+ SEABASEDDL_INTERNAL_ERROR("CmpSeabaseDDLrole::getUniqueID failed, ran out of available IDs");
+
return newRoleID;
}
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/CmpSeabaseDDLauth.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLauth.h b/core/sql/sqlcomp/CmpSeabaseDDLauth.h
index b91029a..382c64d 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLauth.h
+++ b/core/sql/sqlcomp/CmpSeabaseDDLauth.h
@@ -36,6 +36,7 @@
// *****************************************************************************
#include "ComSmallDefs.h"
+#include "NAUserId.h"
class StmtDDLRegisterUser;
class StmtDDLAlterUser;
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
index eb4efbd..3b4a5dc 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
@@ -7577,7 +7577,7 @@ void CmpSeabaseDDL::seabaseGrantRevoke(
if (pGranteeArray[j]->isPublic())
{
grantee = PUBLIC_USER;
- authName = "PUBLIC";
+ authName = PUBLIC_AUTH_NAME;
}
else
{
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgr.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgr.cpp b/core/sql/sqlcomp/PrivMgr.cpp
index dd6916c..b75f4b2 100644
--- a/core/sql/sqlcomp/PrivMgr.cpp
+++ b/core/sql/sqlcomp/PrivMgr.cpp
@@ -48,6 +48,7 @@
#include "CmpDDLCatErrorCodes.h"
#include "logmxevent_traf.h"
#include "ComUser.h"
+#include "NAUserId.h"
// ==========================================================================
@@ -101,7 +102,8 @@ PrivMgr::PrivMgr(
const std::string & metadataLocation,
ComDiagsArea * pDiags,
PrivMDStatus authorizationEnabled)
-: metadataLocation_ (metadataLocation),
+: trafMetadataLocation_ ("TRAFODION.\"_MD_\""),
+ metadataLocation_ (metadataLocation),
pDiags_(pDiags),
authorizationEnabled_(authorizationEnabled)
@@ -261,17 +263,17 @@ bool PrivMgr::getAuthNameFromAuthID(
{
switch (authID)
{
- case SYSTEM_AUTH_ID:
+ case SYSTEM_USER:
authName = SYSTEM_AUTH_NAME;
break;
- case PUBLIC_AUTH_ID:
+ case PUBLIC_USER:
authName = PUBLIC_AUTH_NAME;
break;
case SUPER_USER:
authName = DB__ROOT;
break;
- case DB_ROOTROLE_ID:
- authName = DB_ROOTROLE_NAME;
+ case ROOT_ROLE_ID:
+ authName = DB__ROOTROLE;
break;
case HIVE_ROLE_ID:
authName = DB__HIVEROLE;
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/17d1b177/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
index 9afdca2..f6b68fd 100644
--- a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
+++ b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
@@ -496,7 +496,7 @@ std::vector<std::string> operationCodes;
privStatus = componentPrivileges.grantPrivilegeInternal(componentUID,
operationCodes,
- SYSTEM_AUTH_ID,
+ SYSTEM_USER,
ComUser::getSystemUserName(),
granteeID,
granteeName,grantDepth);