You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by da...@apache.org on 2008/05/29 00:18:59 UTC
svn commit: r661123 - in /db/derby/code/trunk/java:
engine/org/apache/derby/iapi/sql/conn/
engine/org/apache/derby/iapi/sql/dictionary/
engine/org/apache/derby/impl/sql/catalog/
engine/org/apache/derby/impl/sql/conn/ engine/org/apache/derby/impl/sql/ex...
Author: dag
Date: Wed May 28 15:18:57 2008
New Revision: 661123
URL: http://svn.apache.org/viewvc?rev=661123&view=rev
Log:
DERBY-3137 SQL roles: add catalog support
Patch DERBY-3137-rename-b. Renaming plus misc cleanup. No behavioral change.
Added:
db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleGrantDescriptor.java
- copied, changed from r660773, db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java
Removed:
db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java
Modified:
db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/conn/LanguageConnectionContext.java
db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java
db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDictionary.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROLESRowFactory.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/conn/GenericLanguageConnectionContext.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/CreateRoleConstantAction.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/DropRoleConstantAction.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/GrantRoleConstantAction.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/RevokeRoleConstantAction.java
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java
db/derby/code/trunk/java/storeless/org/apache/derby/impl/storeless/EmptyDictionary.java
Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/conn/LanguageConnectionContext.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/conn/LanguageConnectionContext.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/conn/LanguageConnectionContext.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/conn/LanguageConnectionContext.java Wed May 28 15:18:57 2008
@@ -27,7 +27,7 @@
import org.apache.derby.iapi.sql.compile.CompilerContext;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
import org.apache.derby.iapi.sql.compile.OptimizerFactory;
import org.apache.derby.iapi.types.DataValueFactory;
Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDescriptorGenerator.java Wed May 28 15:18:57 2008
@@ -486,9 +486,10 @@
/**
- * Create a new role descriptor
+ * Create a new role grant descriptor
*
- * @param uuid unique identifier for this role descriptor in time and space
+ * @param uuid unique identifier for this role grant descriptor in
+ * time and space
* @param roleName the name of the role for which a new descriptor
* is created
* @param grantee authorization identifier of grantee
@@ -498,20 +499,20 @@
* @param isDef if true, this descriptor represents a role
* definition, otherwise it represents a grant.
*/
- public RoleDescriptor newRoleDescriptor(UUID uuid,
- String roleName,
- String grantee,
- String grantor,
- boolean withadminoption,
- boolean isDef)
+ public RoleGrantDescriptor newRoleGrantDescriptor(UUID uuid,
+ String roleName,
+ String grantee,
+ String grantor,
+ boolean withadminoption,
+ boolean isDef)
throws StandardException
{
- return new RoleDescriptor(dataDictionary,
- uuid,
- roleName,
- grantee,
- grantor,
- withadminoption,
- isDef);
+ return new RoleGrantDescriptor(dataDictionary,
+ uuid,
+ roleName,
+ grantee,
+ grantor,
+ withadminoption,
+ isDef);
}
}
Modified: db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDictionary.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDictionary.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDictionary.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/DataDictionary.java Wed May 28 15:18:57 2008
@@ -417,27 +417,27 @@
/**
- * Drop the descriptor for a role
+ * Drop a role grant
*
* @param roleName The name of the role to drop
- * @param grantee The grantee of the descriptor
- * @param grantor The grantor of the descriptor
+ * @param grantee The grantee
+ * @param grantor The grantor
* @param tc Transaction Controller
*
* @exception StandardException Thrown on failure
*/
- public void dropRoleDescriptor(String roleName,
- String grantee,
- String grantor,
- TransactionController tc)
+ public void dropRoleGrant(String roleName,
+ String grantee,
+ String grantor,
+ TransactionController tc)
throws StandardException;
/**
- * Drop all role descriptors corresponding to a grant of (any)
+ * Drop all role grants corresponding to a grant of (any)
* role to a named authentication identifier
*
- * @param grantee The grantee of the descriptor
+ * @param grantee The grantee
* @param tc Transaction Controller
*
* @exception StandardException Thrown on failure
@@ -448,7 +448,7 @@
/**
- * Drop all role descriptors corresponding to a grant of the
+ * Drop all role grants corresponding to a grant of the
* named role to any authentication identifier
*
* @param roleName The role name granted
@@ -1865,29 +1865,29 @@
/**
- * Get a role descriptor for a role definition.
+ * Get a role grant descriptor for a role definition.
*
* @param roleName The name of the role whose definition we seek
*
* @throws StandardException error
*/
- public RoleDescriptor getRoleDefinitionDescriptor(String roleName)
+ public RoleGrantDescriptor getRoleDefinitionDescriptor(String roleName)
throws StandardException;
/**
- * Get the descriptor corresponding to the uuid
+ * Get the role grant descriptor corresponding to the uuid provided
*
* @param uuid
*
- * @return The descriptor for the role (definition or grant descriptor)
+ * @return The descriptor for the role grant descriptor
*
* @exception StandardException Thrown on error
*/
- public RoleDescriptor getRoleDescriptor(UUID uuid)
+ public RoleGrantDescriptor getRoleGrantDescriptor(UUID uuid)
throws StandardException;
/**
- * Get a role descriptor for a role grant
+ * Get a descriptor for a role grant
*
* @param roleName The name of the role whose definition we seek
* @param grantee The grantee
@@ -1895,9 +1895,9 @@
*
* @throws StandardException error
*/
- public RoleDescriptor getRoleGrantDescriptor(String roleName,
- String grantee,
- String grantor)
+ public RoleGrantDescriptor getRoleGrantDescriptor(String roleName,
+ String grantee,
+ String grantor)
throws StandardException;
Copied: db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleGrantDescriptor.java (from r660773, db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java)
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleGrantDescriptor.java?p2=db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleGrantDescriptor.java&p1=db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java&r1=660773&r2=661123&rev=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/iapi/sql/dictionary/RoleGrantDescriptor.java Wed May 28 15:18:57 2008
@@ -1,6 +1,6 @@
/*
- Derby - Class org.apache.derby.iapi.sql.dictionary.RoleDescriptor
+ Derby - Class org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
@@ -34,9 +34,21 @@
/**
* This class is used by rows in the SYS.SYSROLES system table.
+ *
+ * An instance contains information for exactly:
+ * One <role definition>, cf. ISO/IEC 9075-2:2003 section 12.4 *or*
+ * one <grant role statement>, section 12.5.
+ *
+ * A role definition is also modeled as a role grant (hence the class
+ * name), but with the special grantor "_SYSTEM", and with a grantee
+ * of the definer, in Derby this is always the current user. For a
+ * role definition, the WITH ADMIN flag is also set. The information
+ * contained in the isDef flag is usually redundant, but was added as
+ * a precaution against a real user named _SYSTEM, for example when
+ * upgrading an older database that did not forbid this.
*/
-public class RoleDescriptor extends TupleDescriptor
- implements Provider
+public class RoleGrantDescriptor extends TupleDescriptor
+ implements Provider
{
private final UUID uuid;
private final String roleName;
@@ -59,13 +71,13 @@
* @param isDef
*
*/
- RoleDescriptor(DataDictionary dd,
- UUID uuid,
- String roleName,
- String grantee,
- String grantor,
- boolean withAdminOption,
- boolean isDef) {
+ RoleGrantDescriptor(DataDictionary dd,
+ UUID uuid,
+ String roleName,
+ String grantee,
+ String grantor,
+ boolean withAdminOption,
+ boolean isDef) {
super(dd);
this.uuid = uuid;
this.roleName = roleName;
@@ -137,7 +149,7 @@
DataDictionary dd = getDataDictionary();
TransactionController tc = lcc.getTransactionExecute();
- dd.dropRoleDescriptor(roleName, grantee, grantor, tc);
+ dd.dropRoleGrant(roleName, grantee, grantor, tc);
}
//////////////////////////////////////////////
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java Wed May 28 15:18:57 2008
@@ -259,9 +259,9 @@
return dd.getRoutinePermissions(dependableObjectID);
case StoredFormatIds.ROLE_GRANT_FINDER_V01_ID:
- return dd.getRoleDescriptor(dependableObjectID);
+ return dd.getRoleGrantDescriptor(dependableObjectID);
- default:
+ default:
if (SanityManager.DEBUG)
{
SanityManager.THROWASSERT(
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/DataDictionaryImpl.java Wed May 28 15:18:57 2008
@@ -53,7 +53,7 @@
import org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor;
import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
import org.apache.derby.iapi.sql.dictionary.ReferencedKeyConstraintDescriptor;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.SPSDescriptor;
import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
import org.apache.derby.iapi.sql.dictionary.CheckConstraintDescriptor;
@@ -1784,19 +1784,12 @@
/**
- * Drop the descriptor for a role
- *
- * @param roleName The name of the role to drop
- * @param grantee The grantee of the descriptor
- * @param grantor The grantor of the descriptor
- * @param tc TransactionController for the transaction
- *
- * @exception StandardException Thrown on error
+ * @see DataDictionary#dropRoleGrant
*/
- public void dropRoleDescriptor(String roleName,
- String grantee,
- String grantor,
- TransactionController tc)
+ public void dropRoleGrant(String roleName,
+ String grantee,
+ String grantor,
+ TransactionController tc)
throws StandardException
{
DataValueDescriptor roleNameOrderable;
@@ -2750,13 +2743,7 @@
/**
- * Drop all role descriptors corresponding to a grant of (any)
- * role to a named authentication identifier
- *
- * @param grantee The grantee of the descriptor
- * @param tc Transaction Controller
- *
- * @exception StandardException Thrown on failure
+ * @see DataDictionary#dropRoleGrantsByGrantee
*/
public void dropRoleGrantsByGrantee(String grantee,
TransactionController tc)
@@ -2784,8 +2771,8 @@
* @return true if there exists such a grant
* @exception StandardException Thrown on failure
*/
- public boolean existsRoleGrantByGrantee(String grantee,
- TransactionController tc)
+ private boolean existsRoleGrantByGrantee(String grantee,
+ TransactionController tc)
throws StandardException
{
TabInfoImpl ti = getNonCoreTI(SYSROLES_CATALOG_NUM);
@@ -2801,13 +2788,7 @@
/**
- * Drop all role descriptors corresponding to a grant of the
- * named role to any authentication identifier
- *
- * @param roleName The role name granted
- * @param tc Transaction Controller
- *
- * @exception StandardException Thrown on failure
+ * @see DataDictionary#dropRoleGrantsByName
*/
public void dropRoleGrantsByName(String roleName,
TransactionController tc)
@@ -2975,10 +2956,10 @@
* authorization id.
*/
private boolean existsPermByGrantee(String authId,
- TransactionController tc,
- int catalog,
- int indexNo,
- int granteeColnoInIndex)
+ TransactionController tc,
+ int catalog,
+ int indexNo,
+ int granteeColnoInIndex)
throws StandardException
{
return visitPermsByGrantee(authId,
@@ -11696,33 +11677,9 @@
/**
- * Get the descriptor for the named role.
- *
- * @param roleName The role name
- *
- * @return The descriptor for the role. Can be null if not found.
- *
- * @exception StandardException Thrown on error
- */
- public RoleDescriptor getRoleDefinitionDescriptor(String roleName)
- throws StandardException
- {
- RoleDescriptor rd = locateRoleDefinitionRow(roleName);
-
- return rd;
- }
-
-
- /**
- * Get the descriptor corresponding to the uuid
- *
- * @param uuid
- *
- * @return The descriptor for the role (definition or grant descriptor)
- *
- * @exception StandardException Thrown on error
+ * @see DataDictionary#getRoleGrantDescriptor(UUID)
*/
- public RoleDescriptor getRoleDescriptor(UUID uuid)
+ public RoleGrantDescriptor getRoleGrantDescriptor(UUID uuid)
throws StandardException
{
DataValueDescriptor UUIDStringOrderable;
@@ -11738,7 +11695,7 @@
ExecIndexRow keyRow = exFactory.getIndexableRow(1);
keyRow.setColumn(1, UUIDStringOrderable);
- return (RoleDescriptor)
+ return (RoleGrantDescriptor)
getDescriptorViaIndex(
SYSROLESRowFactory.SYSROLES_INDEX_UUID_IDX,
keyRow,
@@ -11751,26 +11708,6 @@
/**
- * Get a role descriptor for a role grant
- *
- * @param roleName The name of the role whose definition we seek
- * @param grantee The grantee
- * @param grantor The grantor
- *
- * @throws StandardException error
- */
- public RoleDescriptor getRoleGrantDescriptor(String roleName,
- String grantee,
- String grantor)
- throws StandardException
- {
- RoleDescriptor rd = locateRoleGrantRow(roleName, grantee, grantor);
-
- return rd;
- }
-
-
- /**
* Get the target role definition by searching for a matching row
* in SYSROLES by rolename where isDef==true. Read only scan.
* Uses index on (rolename, isDef) columns.
@@ -11778,10 +11715,11 @@
* @param roleName The name of the role we're interested in.
*
* @return The descriptor (row) for the role
- *
* @exception StandardException Thrown on error
+ *
+ * @see DataDictionary#getRoleDefinitionDescriptor
*/
- private RoleDescriptor locateRoleDefinitionRow(String roleName)
+ public RoleGrantDescriptor getRoleDefinitionDescriptor(String roleName)
throws StandardException
{
DataValueDescriptor roleNameOrderable;
@@ -11800,7 +11738,7 @@
keyRow.setColumn(1, roleNameOrderable);
keyRow.setColumn(2, isDefOrderable);
- return (RoleDescriptor)
+ return (RoleGrantDescriptor)
getDescriptorViaIndex(
SYSROLESRowFactory.SYSROLES_INDEX_ID_DEF_IDX,
keyRow,
@@ -11821,13 +11759,15 @@
* @param grantee The grantee
* @param grantor The grantor
*
- * @return The descriptor (row) for the role grant
+ * @return The descriptor for the role grant
*
* @exception StandardException Thrown on error
+ *
+ * @see DataDictionary#getRoleGrantDescriptor(String, String, String)
*/
- private RoleDescriptor locateRoleGrantRow(String roleName,
- String grantee,
- String grantor)
+ public RoleGrantDescriptor getRoleGrantDescriptor(String roleName,
+ String grantee,
+ String grantor)
throws StandardException
{
DataValueDescriptor roleNameOrderable;
@@ -11850,7 +11790,7 @@
keyRow.setColumn(2, granteeOrderable);
keyRow.setColumn(3, grantorOrderable);
- return (RoleDescriptor)
+ return (RoleGrantDescriptor)
getDescriptorViaIndex(
SYSROLESRowFactory.SYSROLES_INDEX_ID_EE_OR_IDX,
keyRow,
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROLESRowFactory.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROLESRowFactory.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROLESRowFactory.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/catalog/SYSROLESRowFactory.java Wed May 28 15:18:57 2008
@@ -30,7 +30,7 @@
import org.apache.derby.iapi.sql.dictionary.CatalogRowFactory;
import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;
import org.apache.derby.iapi.sql.execute.ExecutionFactory;
import org.apache.derby.iapi.sql.execute.ExecRow;
@@ -105,7 +105,7 @@
/**
* Make a SYSROLES row
*
- * @param td a role descriptor
+ * @param td a role grant descriptor
* @param parent unused
*
* @return Row suitable for inserting into SYSROLES.
@@ -126,14 +126,14 @@
if (td != null)
{
- RoleDescriptor roleDescriptor = (RoleDescriptor)td;
+ RoleGrantDescriptor rgd = (RoleGrantDescriptor)td;
- roleid = roleDescriptor.getRoleName();
- grantee = roleDescriptor.getGrantee();
- grantor = roleDescriptor.getGrantor();
- wao = roleDescriptor.isWithAdminOption();
- isdef = roleDescriptor.isDef();
- UUID oid = roleDescriptor.getUUID();
+ roleid = rgd.getRoleName();
+ grantee = rgd.getGrantee();
+ grantor = rgd.getGrantor();
+ wao = rgd.isWithAdminOption();
+ isdef = rgd.isDef();
+ UUID oid = rgd.getUUID();
oid_string = oid.toString();
}
@@ -186,7 +186,7 @@
throws StandardException {
DataValueDescriptor col;
- RoleDescriptor descriptor;
+ RoleGrantDescriptor descriptor;
String oid_string;
String roleid;
String grantee;
@@ -201,7 +201,7 @@
"Wrong number of columns for a SYSROLES row");
}
- // first column is uuid of this role descriptor (char(36))
+ // first column is uuid of this role grant descriptor (char(36))
col = row.getColumn(1);
oid_string = col.getString();
@@ -225,7 +225,7 @@
col = row.getColumn(6);
isdef = col.getString();
- descriptor = ddg.newRoleDescriptor
+ descriptor = ddg.newRoleGrantDescriptor
(getUUIDFactory().recreateUUID(oid_string),
roleid,
grantee,
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/conn/GenericLanguageConnectionContext.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/conn/GenericLanguageConnectionContext.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/conn/GenericLanguageConnectionContext.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/conn/GenericLanguageConnectionContext.java Wed May 28 15:18:57 2008
@@ -53,7 +53,7 @@
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.types.DataValueFactory;
import org.apache.derby.iapi.sql.compile.TypeCompilerFactory;
import org.apache.derby.iapi.sql.depend.DependencyManager;
@@ -3284,7 +3284,7 @@
DataDictionary dd = getDataDictionary();
String dbo = dd.getAuthorizationDatabaseOwner();
- RoleDescriptor grantDesc = null;
+ RoleGrantDescriptor grantDesc = null;
if (getAuthorizationId().equals(dbo)) {
grantDesc = dd.getRoleDefinitionDescriptor(role);
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/CreateRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/CreateRoleConstantAction.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/CreateRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/CreateRoleConstantAction.java Wed May 28 15:18:57 2008
@@ -31,7 +31,7 @@
import org.apache.derby.iapi.sql.conn.Authorizer;
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
import org.apache.derby.iapi.store.access.TransactionController;
import org.apache.derby.impl.jdbc.authentication.BasicAuthenticationServiceImpl;
@@ -95,7 +95,7 @@
//
// Check if this role already exists. If it does, throw.
//
- RoleDescriptor rd = dd.getRoleDefinitionDescriptor(roleName);
+ RoleGrantDescriptor rd = dd.getRoleDefinitionDescriptor(roleName);
if (rd != null) {
throw StandardException.
@@ -113,7 +113,7 @@
"User", roleName);
}
- rd = ddg.newRoleDescriptor(
+ rd = ddg.newRoleGrantDescriptor(
dd.getUUIDFactory().createUUID(),
roleName,
currentAuthId,// grantee
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/DropRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/DropRoleConstantAction.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/DropRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/DropRoleConstantAction.java Wed May 28 15:18:57 2008
@@ -27,7 +27,7 @@
import org.apache.derby.iapi.sql.Activation;
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.shared.common.reference.SQLState;
import org.apache.derby.iapi.store.access.TransactionController;
@@ -99,7 +99,7 @@
*/
dd.startWriting(lcc);
- RoleDescriptor rd = dd.getRoleDefinitionDescriptor(roleName);
+ RoleGrantDescriptor rd = dd.getRoleDefinitionDescriptor(roleName);
if (rd == null) {
throw StandardException.newException(
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/GrantRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/GrantRoleConstantAction.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/GrantRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/GrantRoleConstantAction.java Wed May 28 15:18:57 2008
@@ -30,7 +30,7 @@
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.conn.Authorizer;
import org.apache.derby.iapi.sql.dictionary.DataDescriptorGenerator;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
import org.apache.derby.iapi.store.access.TransactionController;
import org.apache.derby.shared.common.reference.SQLState;
@@ -98,7 +98,7 @@
String grantee = (String)gIter.next();
// check that role exists
- RoleDescriptor rd = dd.getRoleDefinitionDescriptor(role);
+ RoleGrantDescriptor rd = dd.getRoleDefinitionDescriptor(role);
if (rd == null) {
throw StandardException.
@@ -117,14 +117,13 @@
// rd = dd.findRoleGrantWithAdminToRoleOrPublic(grantor)
// if (rd != null) {
// :
- if (grantor.equals(rd.getGrantee())) {
+ if (grantor.equals(lcc.getDataDictionary().
+ getAuthorizationDatabaseOwner())) {
// All ok, we are database owner
if (SanityManager.DEBUG) {
SanityManager.ASSERT(
- lcc.getDataDictionary().
- getAuthorizationDatabaseOwner().
- equals(grantor),
- "expected database owner in role descriptor");
+ rd.getGrantee().equals(grantor),
+ "expected database owner in role grant descriptor");
SanityManager.ASSERT(
rd.isWithAdminOption(),
"expected role definition to have ADMIN OPTION");
@@ -134,6 +133,7 @@
(SQLState.AUTH_ROLE_DBO_ONLY, "GRANT role");
}
+ // Has it already been granted?
rd = dd.getRoleGrantDescriptor(role, grantee, grantor);
if (rd != null && withAdminOption && !rd.isWithAdminOption()) {
@@ -150,13 +150,15 @@
false, // no duplicatesAllowed
tc);
} else if (rd == null) {
- RoleDescriptor gd = dd.getRoleDefinitionDescriptor(grantee);
+ // Check if the grantee is a role (if not, it is a user)
+ RoleGrantDescriptor gd =
+ dd.getRoleDefinitionDescriptor(grantee);
if (gd != null) {
// FIXME: Grantee is role, need to check for circularity
}
- rd = ddg.newRoleDescriptor(
+ rd = ddg.newRoleGrantDescriptor(
dd.getUUIDFactory().createUUID(),
role,
grantee,
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/RevokeRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/RevokeRoleConstantAction.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/RevokeRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/RevokeRoleConstantAction.java Wed May 28 15:18:57 2008
@@ -29,7 +29,7 @@
import org.apache.derby.iapi.sql.Activation;
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.conn.Authorizer;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
import org.apache.derby.iapi.store.access.TransactionController;
import org.apache.derby.shared.common.reference.SQLState;
@@ -93,7 +93,7 @@
String grantee = (String)gIter.next();
// check that role exists
- RoleDescriptor rd = dd.getRoleDefinitionDescriptor(role);
+ RoleGrantDescriptor rd = dd.getRoleDefinitionDescriptor(role);
if (rd == null) {
throw StandardException.
@@ -112,14 +112,13 @@
// rd = dd.findRoleGrantWithAdminToRoleOrPublic(grantor)
// if (rd != null) {
// :
- if (grantor.equals(rd.getGrantee())) {
+ if (grantor.equals(lcc.getDataDictionary().
+ getAuthorizationDatabaseOwner())) {
// All ok, we are database owner
if (SanityManager.DEBUG) {
SanityManager.ASSERT(
- lcc.getDataDictionary().
- getAuthorizationDatabaseOwner().
- equals(grantor),
- "expected database owner in role descriptor");
+ rd.getGrantee().equals(grantor),
+ "expected database owner in role grant descriptor");
SanityManager.ASSERT(
rd.isWithAdminOption(),
"expected role definition to have ADMIN OPTION");
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java Wed May 28 15:18:57 2008
@@ -24,7 +24,7 @@
import org.apache.derby.iapi.sql.execute.ConstantAction;
import org.apache.derby.iapi.sql.dictionary.DataDictionary;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
import org.apache.derby.iapi.sql.ParameterValueSet;
import org.apache.derby.iapi.sql.StatementType;
@@ -118,7 +118,7 @@
thisRoleName = dvs.getString();
}
- RoleDescriptor rd = null;
+ RoleGrantDescriptor rd = null;
if (thisRoleName != null) {
try {
Modified: db/derby/code/trunk/java/storeless/org/apache/derby/impl/storeless/EmptyDictionary.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/storeless/org/apache/derby/impl/storeless/EmptyDictionary.java?rev=661123&r1=661122&r2=661123&view=diff
==============================================================================
--- db/derby/code/trunk/java/storeless/org/apache/derby/impl/storeless/EmptyDictionary.java (original)
+++ db/derby/code/trunk/java/storeless/org/apache/derby/impl/storeless/EmptyDictionary.java Wed May 28 15:18:57 2008
@@ -48,7 +48,7 @@
import org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor;
import org.apache.derby.iapi.sql.dictionary.SPSDescriptor;
import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
-import org.apache.derby.iapi.sql.dictionary.RoleDescriptor;
+import org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor;
import org.apache.derby.iapi.sql.dictionary.SubKeyConstraintDescriptor;
import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
import org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor;
@@ -165,10 +165,10 @@
return false;
}
- public void dropRoleDescriptor(String roleName,
- String grantee,
- String grantor,
- TransactionController tc)
+ public void dropRoleGrant(String roleName,
+ String grantee,
+ String grantor,
+ TransactionController tc)
throws StandardException {
// TODO Auto-generated method stub
}
@@ -202,23 +202,23 @@
return false;
}
- public RoleDescriptor getRoleDefinitionDescriptor(String roleName)
+ public RoleGrantDescriptor getRoleDefinitionDescriptor(String roleName)
throws StandardException {
// TODO Auto-generated method stub
return null;
}
- public RoleDescriptor getRoleDescriptor(UUID uuid)
+ public RoleGrantDescriptor getRoleGrantDescriptor(UUID uuid)
throws StandardException {
// TODO Auto-generated method stub
return null;
}
- public RoleDescriptor getRoleGrantDescriptor(String roleName,
- String grantee,
- String grantor)
+ public RoleGrantDescriptor getRoleGrantDescriptor(String roleName,
+ String grantee,
+ String grantor)
throws StandardException {
// TODO Auto-generated method stub
return null;