You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by dj...@apache.org on 2006/08/05 21:33:53 UTC
svn commit: r429036 - in /db/derby/code/trunk/java:
engine/org/apache/derby/impl/sql/catalog/
testing/org/apache/derbyTesting/functionTests/master/
testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/
Author: djd
Date: Sat Aug 5 12:33:52 2006
New Revision: 429036
URL: http://svn.apache.org/viewvc?rev=429036&view=rev
Log:
DERBY-1544 Adds a method 'grantPublicAccessToSystemRoutines' to DataDictionaryImpl which is called when doing a
full upgrade. This method goes through list of routines that needs to be granted public access and calls
'createRoutinePermPublicDescriptor' for each routine. This is the same as the method that is called during
database creation. It is slightly modified to allow specifying of an authorization id for the grantor.
When upgrading, authorization id of user performing upgrade is used.
Adds a test to upgrade test to verify that the 5 system routines are added to the routine permissions table.
Patch contributed by Deepa Remesh
Modified:
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java?rev=429036&r1=429035&r2=429036&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DD_Version.java Sat Aug 5 12:33:52 2006
@@ -373,6 +373,9 @@
// Change system schemas to be owned by aid
bootingDictionary.updateSystemSchemaAuthorization(aid, tc);
+
+ // Grant PUBLIC access to some system routines
+ bootingDictionary.grantPublicAccessToSystemRoutines(tc, aid);
}
}
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java?rev=429036&r1=429035&r2=429036&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java Sat Aug 5 12:33:52 2006
@@ -409,7 +409,24 @@
private int systemSQLNameNumber;
private GregorianCalendar calendarForLastSystemSQLName = new GregorianCalendar();
private long timeForLastSystemSQLName;
-
+
+ /**
+ * List of procedures in SYSCS_UTIL schema with PUBLIC access
+ */
+ private static final String[] sysUtilProceduresWithPublicAccess = {
+ "SYSCS_SET_RUNTIMESTATISTICS",
+ "SYSCS_SET_STATISTICS_TIMING",
+ "SYSCS_INPLACE_COMPRESS_TABLE",
+ "SYSCS_COMPRESS_TABLE",
+ };
+
+ /**
+ * List of functions in SYSCS_UTIL schema with PUBLIC access
+ */
+ private static final String[] sysUtilFunctionsWithPublicAccess = {
+ "SYSCS_GET_RUNTIMESTATISTICS",
+ };
+
/*
** Constructor
*/
@@ -9648,11 +9665,73 @@
}
}
+
+ /**
+ * Grant PUBLIC access to specific system routines. Currently, this is
+ * done for some routines in SYSCS_UTIL schema.
+ *
+ * @param tc TransactionController to use
+ * @param authorizationID authorization ID of the permission grantor
+ * @throws StandardException Standard exception policy.
+ */
+ public void grantPublicAccessToSystemRoutines(TransactionController tc,
+ String authorizationID) throws StandardException {
+
+ // Get schema ID for SYSCS_UTIL schema
+ String schemaID = getSystemUtilSchemaDescriptor().getUUID().toString();
+
+ for(int i=0; i < sysUtilProceduresWithPublicAccess.length; i++) {
+ grantPublicAccessToSystemRoutine(schemaID,
+ sysUtilProceduresWithPublicAccess[i],
+ AliasInfo.ALIAS_NAME_SPACE_PROCEDURE_AS_CHAR,
+ tc, authorizationID);
+ }
+
+ for(int i=0; i < sysUtilFunctionsWithPublicAccess.length; i++) {
+ grantPublicAccessToSystemRoutine(schemaID,
+ sysUtilFunctionsWithPublicAccess[i],
+ AliasInfo.ALIAS_NAME_SPACE_FUNCTION_AS_CHAR,
+ tc, authorizationID);
+ }
+ }
+
+
+ /**
+ * Grant PUBLIC access to a system routine. This method should be used only
+ * for granting access to a system routine (other than routines in SYSFUN
+ * schema). It expects the routine to be present in SYSALIASES catalog.
+ *
+ * @param schemaID Schema ID
+ * @param routineName Routine Name
+ * @param nameSpace Indicates whether the routine is a function/procedure.
+ * @param tc TransactionController to use
+ * @param authorizationID authorization ID of the permission grantor
+ * @throws StandardException Standard exception policy.
+ */
+ private void grantPublicAccessToSystemRoutine(String schemaID,
+ String routineName,
+ char nameSpace,
+ TransactionController tc,
+ String authorizationID)
+ throws StandardException {
+ // For system routines, a valid alias descriptor will be returned.
+ AliasDescriptor ad = getAliasDescriptor(schemaID, routineName,
+ nameSpace);
+
+ if (SanityManager.DEBUG) {
+ SanityManager.ASSERT((ad != null), "Failed to get AliasDescriptor"
+ + " of the routine");
+ }
+
+ UUID routineUUID = ad.getUUID();
+ createRoutinePermPublicDescriptor(routineUUID, tc, authorizationID);
+ }
+
/**
* Create RoutinePermDescriptor to grant access to PUBLIC for
* this system routine. Currently only SYSUTIL routines need access
- * granted to execute them when a database is created.
+ * granted to execute them when a database is created/upgraded.
*
* @param routineUUID uuid of the routine
* @param tc TransactionController to use
@@ -9663,11 +9742,28 @@
UUID routineUUID,
TransactionController tc) throws StandardException
{
+ createRoutinePermPublicDescriptor(routineUUID, tc, authorizationDBA);
+ }
+
+ /**
+ * Create RoutinePermDescriptor to grant access to PUBLIC for
+ * this system routine using the grantor specified in authorizationID.
+ *
+ * @param routineUUID uuid of the routine
+ * @param tc TransactionController to use
+ * @param authorizationID authorization ID of the permission grantor
+ * @throws StandardException Standard exception policy.
+ */
+ void createRoutinePermPublicDescriptor(
+ UUID routineUUID,
+ TransactionController tc,
+ String authorizationID) throws StandardException
+ {
RoutinePermsDescriptor routinePermDesc =
new RoutinePermsDescriptor(
this,
"PUBLIC",
- authorizationDBA,
+ authorizationID,
routineUUID);
addDescriptor(
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out?rev=429036&r1=429035&r2=429036&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/master/Upgrade_10_1_10_2.out Sat Aug 5 12:33:52 2006
@@ -2199,6 +2199,12 @@
SCHEMANAME: SYSCS_UTIL , AUTHORIZATIONID: APP
SCHEMANAME: APP , AUTHORIZATIONID: APP
SCHEMANAME: D438 , AUTHORIZATIONID: APP
+Checking routine permissions in SYSROUTINEPERMS
+ROUTINE NAME: SYSCS_COMPRESS_TABLE , GRANTEE: PUBLIC , GRANTOR: APP
+ROUTINE NAME: SYSCS_GET_RUNTIMESTATISTICS , GRANTEE: PUBLIC , GRANTOR: APP
+ROUTINE NAME: SYSCS_INPLACE_COMPRESS_TABLE , GRANTEE: PUBLIC , GRANTOR: APP
+ROUTINE NAME: SYSCS_SET_RUNTIMESTATISTICS , GRANTEE: PUBLIC , GRANTOR: APP
+ROUTINE NAME: SYSCS_SET_STATISTICS_TIMING , GRANTEE: PUBLIC , GRANTOR: APP
Test metadata starting
Union Result -- precision: 10 scale: 2 display size: 13 type name: DECIMAL
dec(10,2) -- precision: 10 scale: 2 display size: 12 type name: DECIMAL
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java?rev=429036&r1=429035&r2=429036&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/upgradeTests/UpgradeTester.java Sat Aug 5 12:33:52 2006
@@ -371,6 +371,7 @@
conn = restartDatabase(classLoader);
passed = caseGrantRevoke(conn, phase, classLoader, true) && passed;
checkSysSchemas(conn);
+ checkRoutinePermissions(conn);
}
runMetadataTest(classLoader, conn);
conn.close();
@@ -965,6 +966,35 @@
rs.close();
s.close();
}
+
+ /**
+ * This method checks that some system routines are granted public access
+ * after a full upgrade.
+ *
+ * @param conn
+ * @throws SQLException
+ */
+ private void checkRoutinePermissions(Connection conn) throws SQLException{
+ System.out.println("Checking routine permissions in SYSROUTINEPERMS");
+
+ Statement s = conn.createStatement();
+ ResultSet rs = s.executeQuery("select aliases.ALIAS, " +
+ "routinePerms.GRANTEE, routinePerms.GRANTOR from " +
+ "SYS.SYSROUTINEPERMS routinePerms, " +
+ "SYS.SYSALIASES aliases " +
+ "where routinePerms.ALIASID=aliases.ALIASID " +
+ "order by aliases.ALIAS");
+
+ while(rs.next()) {
+ System.out.println("ROUTINE NAME: " + rs.getString(1) + " , " +
+ "GRANTEE: " + rs.getString(2) + " , " +
+ "GRANTOR: " + rs.getString(3));
+ }
+
+ rs.close();
+ s.close();
+ }
+
/**
* Run metadata test