You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Rick Hillegas (JIRA)" <ji...@apache.org> on 2008/05/14 17:55:55 UTC

[jira] Commented: (DERBY-3666) Make role descriptor a dependency Provider

    [ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12596803#action_12596803 ] 

Rick Hillegas commented on DERBY-3666:
--------------------------------------

Thanks for the patch, Dag. It looks good to me. I have a couple comments:

RoleDescriptor.getObjectName()

The string returned by this method can appear inside a localizable
exception thrown by GenericLanguageConnectionContext. So I think it
would be better if this method returned something without hard-coded
English bits. I realize that the corresponding method in RoutinePermisionsDescriptor
hard-codes English text too--I think that's a bad model.


RoleDescriptor vs. RoleGrantDescriptor

I wonder whether we are going to be confused in the future about the
name of this class. "RoleDescriptor" seems like a good name for a
collection of privileges which have been packaged up as a Role. This
class doesn't seem to be a collection. Instead, it seems to describe
a single arc in the Grant Graph. Might "RoleGrantDescriptor" be a
better name for this class? I realize that a similar question could be
asked about PermissionsDescriptor. I think that the distinction
between a Permission and a PermissionGrant is a little muddy and may
not be providing a good model here.

> Make role descriptor a dependency Provider
> ------------------------------------------
>
>                 Key: DERBY-3666
>                 URL: https://issues.apache.org/jira/browse/DERBY-3666
>             Project: Derby
>          Issue Type: Sub-task
>          Components: Security, SQL
>            Reporter: Dag H. Wanvik
>            Assignee: Dag H. Wanvik
>         Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.