You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafodion.apache.org by rm...@apache.org on 2018/08/28 16:50:31 UTC
[1/4] trafodion git commit: Only expose supported component operations
Repository: trafodion
Updated Branches:
refs/heads/master 1650c784e -> 8697d9262
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
index bcbfa6b..280710a 100644
--- a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
+++ b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
@@ -58,6 +58,7 @@ namespace ComponentOperations
class MyRow : public PrivMgrMDRow
{
public:
+
// -------------------------------------------------------------------
// Constructors and destructors:
// -------------------------------------------------------------------
@@ -71,7 +72,7 @@ public:
componentUID_ = other.componentUID_;
operationCode_ = other.operationCode_;
operationName_ = other.operationName_;
- isSystem_ = other.isSystem_;
+ operationType_ = other.operationType_;
operationDescription_ = other.operationDescription_;
};
virtual ~MyRow() {};
@@ -82,14 +83,14 @@ public:
const int64_t componentUID,
const std::string & operationCode,
std::string & operationName,
- bool & isSystem,
+ PrivMgrComponentOperations::OperationType & operationType,
std::string & operationDescription);
bool lookupByName(
const int64_t componentUID,
const std::string & operationName,
std::string & operationCode,
- bool & isSystem,
+ PrivMgrComponentOperations::OperationType & operationType,
std::string & operationDescription);
// -------------------------------------------------------------------
@@ -100,7 +101,7 @@ public:
int64_t componentUID_;
std::string operationCode_;
std::string operationName_;
- bool isSystem_;
+ PrivMgrComponentOperations::OperationType operationType_;
std::string operationDescription_;
private:
@@ -155,6 +156,10 @@ public:
const std::string & whereClause,
std::vector<MyRow *> &rowList);
+ PrivStatus update(
+ const std::string &setClause,
+ const std::string &whereClause);
+
private:
MyTable();
void setRow(OutputInfo *pCliRow, MyRow &rowOut);
@@ -284,7 +289,7 @@ PrivStatus privStatus = myTable.fetchByCode(componentUID,operationCode,row);
// * is a 2 character code associated with the operation unique to the *
// * component. *
// * *
-// * <isSystemOperation> bool In *
+// * <isSystem> bool In *
// * is true if the operation is a system operation. *
// * *
// * <operationDescription> const std::string & In *
@@ -305,14 +310,12 @@ PrivStatus PrivMgrComponentOperations::createOperation(
const std::string & componentName,
const std::string & operationName,
const std::string & operationCode,
- bool isSystemOperation,
+ bool isSystem,
const std::string & operationDescription,
const bool existsErrorOK)
{
-//TODO: Related, could check for setting isSystem, could be separate
-// privilege, or restricted to DB__ROOT.
PrivMgrComponentPrivileges componentPrivileges(metadataLocation_, pDiags_);
if (!ComUser::isRootUserID()&&
@@ -379,7 +382,7 @@ std::string tempStr;
// An operation can only be a system operation if its component is a
// system component.
- if (isSystemOperation && !isSystemComponent)
+ if (isSystem && !isSystemComponent)
{
*pDiags_ << DgSqlCode(-CAT_COMPONENT_NOT_SYSTEM);
return STATUS_ERROR;
@@ -391,7 +394,7 @@ MyRow row(fullTableName_);
row.componentUID_ = componentUID;
row.operationCode_ = operationCode;
row.operationName_ = operationName;
- row.isSystem_ = isSystemOperation;
+ row.operationType_ = (isSystem ? OP_TYPE_SYSTEM : OP_TYPE_USER);
row.operationDescription_ = operationDescription;
MyTable &myTable = static_cast<MyTable &>(myTable_);
@@ -434,8 +437,8 @@ PrivMgrComponentPrivileges componentPrivilege(metadataLocation_,pDiags_);
// * is a 2 character code associated with the operation unique to the *
// * component. *
// * *
-// * <isSystemOperation> const bool In *
-// * is true if the operation is a system operation. *
+// * <operationTypeUnused> const bool In *
+// * type of component, user, system, or unused. *
// * *
// * <operationDescription> const std::string & In *
// * is a descrption of the operation. *
@@ -464,15 +467,13 @@ PrivStatus PrivMgrComponentOperations::createOperationInternal(
const int64_t componentUID,
const std::string & operationName,
const std::string & operationCode,
- const bool isSystemOperation,
+ const bool operationTypeUnused,
const std::string & operationDescription,
const int32_t granteeID,
const std::string & granteeName,
const int32_t grantDepth,
const bool checkExistence)
-
{
-
PrivStatus privStatus = STATUS_GOOD;
// If operation already created, no need to create
@@ -484,7 +485,7 @@ PrivStatus PrivMgrComponentOperations::createOperationInternal(
row.componentUID_ = componentUID;
row.operationCode_ = operationCode;
row.operationName_ = operationName;
- row.isSystem_ = isSystemOperation;
+ row.operationType_ = (operationTypeUnused ? OP_TYPE_UNUSED : OP_TYPE_SYSTEM);
row.operationDescription_ = operationDescription;
MyTable &myTable = static_cast<MyTable &>(myTable_);
@@ -563,6 +564,7 @@ PrivStatus PrivMgrComponentOperations::describeComponentOperations(
std::string whereClause("WHERE COMPONENT_UID = ");
whereClause += componentUIDString;
+ whereClause += " and is_system <> 'U'";
PrivStatus privStatus = myTable.selectWhere(whereClause, rowList);
@@ -571,13 +573,16 @@ PrivStatus PrivMgrComponentOperations::describeComponentOperations(
for(int i = 0; i < rowList.size(); i++)
{
MyRow* myRow = rowList[i];
+ if (myRow->operationType_ == OP_TYPE_UNUSED)
+ continue;
+
std::string componentText;
componentText += "CREATE COMPONENT PRIVILEGE ";
componentText += myRow->operationName_ + " AS ";
componentText += "'" + myRow->operationCode_ + "'";
componentText += " ON " + componentName;
- if(myRow->isSystem_)
+ if(myRow->operationType_ == OP_TYPE_SYSTEM)
componentText += " SYSTEM";
if(!myRow->operationDescription_.empty())
@@ -722,8 +727,6 @@ PrivStatus PrivMgrComponentOperations::dropOperation(
{
-//TODO: Related, could check for setting isSystem, could be separate
-// privilege, or restricted to DB__ROOT.
PrivMgrComponentPrivileges componentPrivileges(metadataLocation_, pDiags_);
if (!ComUser::isRootUserID()&&
@@ -808,7 +811,6 @@ std::string whereClause("WHERE COMPONENT_UID = ");
//************* End of PrivMgrComponentOperations::dropOperation ***************
-
// *****************************************************************************
// * *
// * Function: PrivMgrComponentOperations::fetchByName *
@@ -832,7 +834,6 @@ std::string whereClause("WHERE COMPONENT_UID = ");
// * *
// * <isSystem> bool & Out *
// * passes back true if the component operation is a system level *
-// * component operation, otherwise false. *
// * *
// * <operationDescription> std::string & Out *
// * passes back the description of the component operation. *
@@ -864,7 +865,7 @@ PrivStatus privStatus = myTable.fetchByName(componentUIDString,operationName,row
return STATUS_NOTFOUND;
operationCode = row.operationCode_;
- isSystem = row.isSystem_;
+ isSystem = (row.operationType_ == OP_TYPE_SYSTEM);
operationDescription = row.operationDescription_;
return STATUS_GOOD;
@@ -877,34 +878,76 @@ PrivStatus privStatus = myTable.fetchByName(componentUIDString,operationName,row
// * *
// * Function: PrivMgrComponentOperations::getCount *
// * *
-// * Returns the number of component operations. *
+// * Returns: *
+// * the total number of operations *
+// * the number of unused operations *
// * *
// *****************************************************************************
// * *
-// * Returns: int64_t *
+// * Returns: PrivStatus *
// * *
-// * Returns the number of component operations. *
+// * STATUS_GOOD : found operations *
+// * STATUS_NOTFOUND : no operations were found *
+// * STATUS_ERROR : unexpected error reading metadata *
// * *
// *****************************************************************************
-int64_t PrivMgrComponentOperations::getCount()
-
+PrivStatus PrivMgrComponentOperations::getCount(
+ const int64_t &componentUID,
+ int32_t &numOps,
+ int32_t &numUnusedOps)
{
-
-std::string whereClause(" ");
+ char buf[getMetadataLocation().size() + 300];
+ snprintf (buf, sizeof(buf), "select distinct is_system, count(is_system) over "
+ "(partition by is_system) from %s.%s where component_uid = %ld",
+ getMetadataLocation().c_str(),PRIVMGR_COMPONENT_OPERATIONS,
+ componentUID);
-int64_t rowCount = 0;
-MyTable &myTable = static_cast<MyTable &>(myTable_);
+ // set pointer in diags area
+ int32_t diagsMark = pDiags_->mark();
-// set pointer in diags area
-int32_t diagsMark = pDiags_->mark();
+ ExeCliInterface cliInterface(STMTHEAP, 0, NULL,
+ CmpCommon::context()->sqlSession()->getParentQid());
+ Queue * tableQueue = NULL;
+ int32_t cliRC = cliInterface.fetchAllRows(tableQueue, buf, 0, false, false, true);
+
+ if (cliRC < 0)
+ {
+ cliInterface.retrieveSQLDiagnostics(CmpCommon::diags());
+ return STATUS_ERROR;
+ }
+ if (cliRC == 100) // did not find the row
+ {
+ pDiags_->rewind(diagsMark);
+ return STATUS_NOTFOUND;
+ }
-PrivStatus privStatus = myTable.selectCountWhere(whereClause,rowCount);
+ numOps = 0;
+ numUnusedOps = 0;
- if (privStatus != STATUS_GOOD)
- pDiags_->rewind(diagsMark);
-
- return rowCount;
+ char * ptr = NULL;
+ int32_t len = 0;
+ char value[3];
+
+ int32_t opTypeCount;
+ // column 0: operation type
+ // column 1: count of rows for operation type
+ tableQueue->position();
+ for (int idx = 0; idx < tableQueue->numEntries(); idx++)
+ {
+ OutputInfo * pCliRow = (OutputInfo*)tableQueue->getNext();
+ pCliRow->get(0,ptr,len);
+ strncpy(value,ptr,len);
+ value[len] = 0;
+ pCliRow->get(1,ptr,len);
+ opTypeCount = *(reinterpret_cast<int32_t*>(ptr));
+
+ numOps += opTypeCount;
+ if (value[0] == 'U')
+ numUnusedOps += opTypeCount;
+ }
+
+ return STATUS_GOOD;
}
//***************** End of PrivMgrComponentOperations::getCount ****************
@@ -961,6 +1004,93 @@ PrivStatus privStatus = myTable.selectWhereUnique(whereClause,row);
// *****************************************************************************
+// method: updateOperationCodes
+//
+// Goes through the ComponentOpStruct for the sql_operations component and
+// creates two lists:
+// list of unused operations
+// list of system operations.
+//
+// Updates the component_operations table and
+// sets is_system to "U" for unused operations
+// sets is_system to "Y" for system operations
+//
+// TBD - add support for all components, not just sql_operations
+// *****************************************************************************
+PrivStatus PrivMgrComponentOperations::updateOperationCodes(
+ const int64_t & componentUID )
+{
+ if (componentUID != SQL_OPERATIONS_COMPONENT_UID)
+ {
+ PRIVMGR_INTERNAL_ERROR("Invalid component UID in PrivMgrComponentOperations::updateOperationCodes");
+ return STATUS_ERROR;
+ }
+
+ std::string unusedItems ("where component_uid = ");
+ unusedItems += UIDToString(componentUID);
+ unusedItems += " and operation_code in (";
+ std::string systemItems(unusedItems);
+
+ size_t numOps = sizeof(sqlOpList)/sizeof(ComponentOpStruct);
+ bool firstUnusedOp = true;
+ bool firstSystemOp = true;
+ for (int i = 0; i < numOps; i++)
+ {
+ const ComponentOpStruct &opDefinition = sqlOpList[i];
+ if (opDefinition.unusedOp)
+ {
+ if (firstUnusedOp)
+ {
+ unusedItems += "'";
+ firstUnusedOp = false;
+ }
+ else
+ unusedItems += ", '";
+
+ unusedItems += opDefinition.operationCode;
+ unusedItems += "'";
+ }
+
+
+ else
+ {
+ if (firstSystemOp)
+ {
+ systemItems += "'";
+ firstSystemOp = false;
+ }
+ else
+ systemItems += ", '";
+
+ systemItems += opDefinition.operationCode;
+ systemItems += "'";
+ }
+
+ }
+
+ MyTable &myTable = static_cast<MyTable &>(myTable_);
+
+ // Change system components to unused components
+ if (!firstUnusedOp)
+ {
+ unusedItems += ")";
+ std::string setClause("set is_system = 'U' ");
+ if (myTable.update(setClause, unusedItems) == STATUS_ERROR)
+ return STATUS_ERROR;
+ }
+
+ // Change unused components to system components
+ if (!firstSystemOp)
+ {
+ systemItems += ")";
+ std::string setClause("set is_system = 'Y' ");
+ if (myTable.update(setClause, systemItems) == STATUS_ERROR)
+ return STATUS_ERROR;
+ }
+ return STATUS_GOOD;
+}
+
+// *****************************************************************************
// * *
// * Function: PrivMgrComponentOperations::nameExists *
// * *
@@ -1005,9 +1135,6 @@ PrivStatus privStatus = myTable.fetchByName(componentUID,operationName,row);
//******************** End of PrivMgrComponents::nameExists ********************
-
-
-
// *****************************************************************************
// MyTable methods
// *****************************************************************************
@@ -1050,7 +1177,7 @@ PrivStatus MyTable::fetchByCode(
// Check the last row read before reading metadata.
if (lastRowRead_.lookupByCode(componentUID,operationCode,
- row.operationName_,row.isSystem_,
+ row.operationName_,row.operationType_,
row.operationDescription_))
{
row.componentUID_ = componentUID;
@@ -1175,7 +1302,7 @@ PrivStatus MyTable::fetchByName(
// Check the last row read before reading metadata.
if (lastRowRead_.lookupByName(componentUID,operationName,
- row.operationCode_,row.isSystem_,
+ row.operationCode_,row.operationType_,
row.operationDescription_))
{
row.componentUID_ = componentUID;
@@ -1242,23 +1369,16 @@ PrivStatus privStatus = selectWhereUnique(whereClause,row);
// *****************************************************************************
PrivStatus MyTable::insert(const PrivMgrMDRow & rowIn)
{
+ char insertStatement[1000];
+ const MyRow & row = static_cast<const MyRow &>(rowIn);
+ char operationType = PrivMgrComponentOperations::compTypeToLit(row.operationType_);
-char insertStatement[1000];
-
-const MyRow & row = static_cast<const MyRow &>(rowIn);
-char isSystem[3] = {0};
-
- if (row.isSystem_)
- isSystem[0] = 'Y';
- else
- isSystem[0] = 'N';
-
- sprintf(insertStatement, "insert into %s values (%ld, '%s', '%s', '%s', '%s')",
+ sprintf(insertStatement, "insert into %s values (%ld, '%s', '%s', '%c', '%s')",
tableName_.c_str(),
row.componentUID_,
row.operationCode_.c_str(),
row.operationName_.c_str(),
- isSystem,
+ operationType,
row.operationDescription_.c_str());
return CLIImmediate(insertStatement);
@@ -1340,10 +1460,7 @@ MyRow & row = static_cast<MyRow &>(rowOut);
cliInterface.getPtrAndLen(4,ptr,len);
strncpy(value,ptr,len);
value[len] = 0;
- if (value[0] == 'Y')
- row.isSystem_ = true;
- else
- row.isSystem_ = false;
+ row.operationType_ = PrivMgrComponentOperations::compTypeToEnum(value[0]);
// column 5: operation_description
cliInterface.getPtrAndLen(5,ptr,len);
@@ -1360,6 +1477,25 @@ MyRow & row = static_cast<MyRow &>(rowOut);
// *****************************************************************************
+// method: update
+//
+// Updates metadata based on the passed in set and where clauses.
+// *****************************************************************************
+PrivStatus MyTable::update(
+ const std::string & setClause,
+ const std::string & whereClause)
+{
+ char updateStatement[setClause.size() + whereClause.size() + tableName_.size() + 100];
+
+ sprintf(updateStatement, "update %s %s %s",
+ tableName_.c_str(),
+ setClause.c_str(),
+ whereClause.c_str());
+
+ return CLIImmediate(updateStatement);
+}
+
+// *****************************************************************************
// MyRow methods
// *****************************************************************************
@@ -1384,9 +1520,8 @@ MyRow & row = static_cast<MyRow &>(rowOut);
// * <operationName> std::string & Out *
// * passes back the name of the component operation. *
// * *
-// * <isSystem> bool & Out *
-// * passes back true if the component operation is a system level *
-// * component operation, otherwise false. *
+// * <operationType> OperationType & Out *
+// * passes back the component type, system, user, or unused. *
// * *
// * <operationDescription> std::string & Out *
// * passes back the description of the component operation. *
@@ -1403,7 +1538,7 @@ bool MyRow::lookupByCode(
const int64_t componentUID,
const std::string & operationCode,
std::string & operationName,
- bool & isSystem,
+ PrivMgrComponentOperations::OperationType & operationType,
std::string & operationDescription)
{
@@ -1415,7 +1550,7 @@ bool MyRow::lookupByCode(
operationCode != operationCode)
return false;
- isSystem = isSystem_;
+ operationType = operationType_;
operationName = operationName_;
operationDescription = operationDescription_;
return true;
@@ -1445,9 +1580,8 @@ bool MyRow::lookupByCode(
// * <operationCode> std::string & Out *
// * passes back the code associated with the component operation. *
// * *
-// * <isSystem> bool & Out *
-// * passes back true if the component operation is a system level *
-// * component operation, otherwise false. *
+// * <OperationType> operationType & Out *
+// * passes back the component type, system, user, or unused. *
// * *
// * <operationDescription> std::string & Out *
// * passes back the description of the component operation. *
@@ -1464,7 +1598,7 @@ bool MyRow::lookupByName(
const int64_t componentUID,
const std::string & operationName,
std::string & operationCode,
- bool & isSystem,
+ PrivMgrComponentOperations::OperationType & operationType,
std::string & operationDescription)
{
@@ -1476,7 +1610,7 @@ bool MyRow::lookupByName(
operationName != operationName_)
return false;
- isSystem = isSystem_;
+ operationType = operationType_;
operationCode = operationCode_;
operationDescription = operationDescription_;
return true;
@@ -1585,10 +1719,7 @@ void MyTable::setRow(OutputInfo *pCliRow, MyRow &row)
pCliRow->get(3,ptr,len);
strncpy(value,ptr,len);
value[len] = 0;
- if (value[0] == 'Y')
- row.isSystem_ = true;
- else
- row.isSystem_ = false;
+ row.operationType_ = PrivMgrComponentOperations::compTypeToEnum(value[0]);
// column 5: OPERATION_DESCRIPTION
pCliRow->get(4,ptr,len);
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentOperations.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentOperations.h b/core/sql/sqlcomp/PrivMgrComponentOperations.h
index 7d0069d..4e769c6 100644
--- a/core/sql/sqlcomp/PrivMgrComponentOperations.h
+++ b/core/sql/sqlcomp/PrivMgrComponentOperations.h
@@ -40,6 +40,11 @@ class PrivMgrComponentOperations : public PrivMgr
{
public:
+ enum OperationType { OP_TYPE_UNKNOWN,
+ OP_TYPE_SYSTEM,
+ OP_TYPE_USER,
+ OP_TYPE_UNUSED };
+
// -------------------------------------------------------------------
// Constructors and destructors:
// -------------------------------------------------------------------
@@ -55,6 +60,27 @@ public:
void clear();
+ static OperationType compTypeToEnum (const char operationType )
+ {
+ switch (operationType)
+ {
+ case 'Y': return OP_TYPE_SYSTEM;
+ case 'N': return OP_TYPE_USER;
+ case 'U': return OP_TYPE_UNUSED;
+ default: return OP_TYPE_UNKNOWN;
+ }
+ }
+ static char compTypeToLit (OperationType type)
+ {
+ switch(type)
+ {
+ case OP_TYPE_SYSTEM: return 'Y';
+ case OP_TYPE_USER: return 'N';
+ case OP_TYPE_UNUSED: return 'U';
+ default: return ' ';
+ }
+ }
+
PrivStatus createOperation(
const std::string & componentName,
const std::string & operationName,
@@ -67,7 +93,7 @@ public:
const int64_t componentUID,
const std::string & operationName,
const std::string & operationCode,
- const bool isSystemOperation,
+ const bool operationTypeUnused,
const std::string & operationDescription,
const int32_t granteeID,
const std::string & granteeName,
@@ -103,10 +129,16 @@ public:
bool isSystem,
std::string & operationDescription);
- int64_t getCount();
-
+ PrivStatus getCount(
+ const int64_t &componentUID,
+ int32_t &numOps,
+ int32_t &numUnusedOps);
+
bool isComponentUsed(const std::string & componentUIDString);
+ PrivStatus updateOperationCodes(
+ const int64_t & componentUID);
+
bool nameExists(
const int64_t componentUID,
const std::string & operationName);
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp b/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
index a82da0f..257a123 100644
--- a/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp
@@ -23,6 +23,7 @@
#include "PrivMgrComponentPrivileges.h"
#include "PrivMgrDefs.h"
+#include "PrivMgrComponentDefs.h"
#include "PrivMgrMD.h"
#include "PrivMgrMDTable.h"
#include "PrivMgrComponents.h"
@@ -142,12 +143,14 @@ public:
inline void clear() { lastRowRead_.clear(); };
- PrivStatus fetchDMLPrivInfo(
+ PrivStatus fetchCompPrivInfo(
const int32_t granteeID,
const std::vector<int32_t> & roleIDs,
- PrivObjectBitmap & DMLBitmap,
- bool & hasManagePrivileges);
-
+ PrivObjectBitmap & DMLPrivs,
+ bool & hasManagePrivPriv,
+ bool & hasSelectMetadata,
+ bool & hasAnyManagePriv);
+
PrivStatus fetchOwner(
const int64_t componentUID,
const std::string & operationCode,
@@ -430,8 +433,8 @@ std::string whereClause("WHERE ");
// * is a string representation of the unique ID associated with the *
// * component. *
// * *
-// * <operationCode> const std::string & In *
-// * is the two character code associated with the component operation. *
+// * <operationCodeList> const std::string & In *
+// * is a list of 2 character operation codes associateed with the component*
// * *
// *****************************************************************************
// * *
@@ -447,10 +450,8 @@ PrivStatus PrivMgrComponentPrivileges::dropAllForOperation(
const std::string & operationCode)
{
-
-MyTable &myTable = static_cast<MyTable &>(myTable_);
-
-std::string whereClause("WHERE ");
+ MyTable &myTable = static_cast<MyTable &>(myTable_);
+ std::string whereClause("WHERE ");
whereClause += "COMPONENT_UID = ";
whereClause += componentUIDString.c_str();
@@ -458,11 +459,8 @@ std::string whereClause("WHERE ");
whereClause += operationCode.c_str();
whereClause += "'";
- return myTable.deleteWhere(whereClause);
-
+ return myTable.deleteWhere(whereClause);
}
-//*********** End of PrivMgrComponentPrivileges::dropAllForOperation ***********
-
// *****************************************************************************
@@ -593,11 +591,15 @@ bool PrivMgrComponentPrivileges::dropAllForGrantee(
// * Returns the number of grants of component privileges. *
// * *
// *****************************************************************************
-int64_t PrivMgrComponentPrivileges::getCount()
-
+int64_t PrivMgrComponentPrivileges::getCount(int_32 componentUID)
{
-std::string whereClause(" ");
+std::string whereClause(" ");
+if (componentUID != INVALID_COMPONENT_UID)
+{
+ whereClause = "where component_uid = ";
+ whereClause += to_string((long long int)componentUID);
+}
int64_t rowCount = 0;
MyTable &myTable = static_cast<MyTable &>(myTable_);
@@ -619,10 +621,10 @@ PrivStatus privStatus = myTable.selectCountWhere(whereClause,rowCount);
// *****************************************************************************
// * *
-// * Function: PrivMgrComponentPrivileges::getSQLDMLPrivileges *
+// * Function: PrivMgrComponentPrivileges::getSQLCompPrivs *
// * *
-// * Returns the SQL_OPERATION privileges associated with DML privileges *
-// * for the specified authorization ID. *
+// * Returns the SQL_OPERATIONS privileges that may affect privileges *
+// * for metadata tables. *
// * *
// *****************************************************************************
// * *
@@ -637,25 +639,35 @@ PrivStatus privStatus = myTable.selectCountWhere(whereClause,rowCount);
// * <DMLBitmap> PrivObjectBitmap & In *
// * passes back the system-level DML privileges granted to the grantee. *
// * *
-// * <hasManagePrivileges> bool & In *
+// * <hasManagePrivPriv> bool & In *
// * passes back if the user has MANAGE_PRIVILEGES authority. *
// * *
+// * <hasSelectMetadata> bool & In *
+// * passes back if the user has DML_SELECT_PRIVILEGE *
+// * *
+// * <hasAnyManagePriv> bool & In *
+// * passes back if the user has any MANAGE privilege *
+// * *
// *****************************************************************************
-void PrivMgrComponentPrivileges::getSQLDMLPrivileges(
+
+void PrivMgrComponentPrivileges::getSQLCompPrivs(
const int32_t granteeID,
const std::vector<int32_t> & roleIDs,
- PrivObjectBitmap & DMLBitmap,
- bool & hasManagePrivileges)
+ PrivObjectBitmap & DMLPrivs,
+ bool & hasManagePrivPriv,
+ bool & hasSelectMetadata,
+ bool & hasAnyManagePriv)
{
-
+
MyTable &myTable = static_cast<MyTable &>(myTable_);
// set pointer in diags area
int32_t diagsMark = pDiags_->mark();
-PrivStatus privStatus = myTable.fetchDMLPrivInfo(granteeID,roleIDs,DMLBitmap,
- hasManagePrivileges);
+PrivStatus privStatus = myTable.fetchCompPrivInfo(granteeID,roleIDs,DMLPrivs,
+ hasManagePrivPriv, hasSelectMetadata,
+ hasAnyManagePriv);
if (privStatus != STATUS_GOOD)
pDiags_->rewind(diagsMark);
@@ -2033,7 +2045,7 @@ void MyTable::describeGrantTree(
// *****************************************************************************
// * *
-// * Function: MyTable::fetchDMLPrivInfo *
+// * Function: MyTable::fetchCompPrivInfo *
// * *
// * Reads from the COMPONENT_PRIVILEGES table and returns the *
// * SQL_OPERATIONS privileges associated with DML privileges. *
@@ -2051,7 +2063,7 @@ void MyTable::describeGrantTree(
// * <DMLBitmap> PrivObjectBitmap & In *
// * passes back the system-level DML privileges granted to the grantee. *
// * *
-// * <hasManagePrivileges> bool & In *
+// * <hasManagePrivPriv> bool & In *
// * passes back if the user has MANAGE_PRIVILEGES authority. *
// * *
// *****************************************************************************
@@ -2062,38 +2074,31 @@ void MyTable::describeGrantTree(
// * *: Error encountered. *
// * *
// *****************************************************************************
-PrivStatus MyTable::fetchDMLPrivInfo(
+PrivStatus MyTable::fetchCompPrivInfo(
const int32_t granteeID,
const std::vector<int32_t> & roleIDs,
- PrivObjectBitmap & DMLBitmap,
- bool & hasManagePrivileges)
-
-{
-
-// Check the last grantee data read before reading metadata.
+ PrivObjectBitmap & DMLPrivs,
+ bool & hasManagePrivPriv,
+ bool & hasSelectMetadata,
+ bool & hasAnyManagePriv)
+{
+ // Check the last grantee data read before reading metadata.
+#if 0
+ // If privileges change between calls, then cache is not refreshed
+ // comment out this check for now
if (userDMLPrivs_.granteeID_ == granteeID &&
userDMLPrivs_.roleIDs_ == roleIDs)
{
- DMLBitmap = userDMLPrivs_.DMLBitmap_;
- hasManagePrivileges = userDMLPrivs_.managePrivileges_;
+ DMLPrivs = userDMLPrivs_.DMLPrivs_;
+ hasManagePrivPriv = userDMLPrivs_.managePrivileges_;
return STATUS_GOOD;
}
-
-// Not found in cache, look for the priv info in metadata.
-// ??? - is the component_uid for SQL_OPERATIONS always going to be 1?
-std::string whereClause("WHERE COMPONENT_UID = 1 AND OPERATION_CODE IN ('");
+#endif
+ // Not found in cache, look for the priv info in metadata.
+ std::string whereClause("WHERE COMPONENT_UID = 1 ");
- for (SQLOperation operation = SQLOperation::FIRST_DML_PRIV;
- static_cast<int>(operation) <= static_cast<int>(SQLOperation::LAST_DML_PRIV);
- operation = static_cast<SQLOperation>(static_cast<int>(operation) + 1))
- {
- whereClause += PrivMgr::getSQLOperationCode(operation);
- whereClause += "','";
- }
-
- whereClause += PrivMgr::getSQLOperationCode(SQLOperation::MANAGE_PRIVILEGES);
- whereClause += "') AND GRANTEE_ID IN (";
+ whereClause += "AND GRANTEE_ID IN (";
whereClause += PrivMgr::authIDToString(granteeID);
whereClause += ",";
for (size_t ri = 0; ri < roleIDs.size(); ri++)
@@ -2103,76 +2108,86 @@ std::string whereClause("WHERE COMPONENT_UID = 1 AND OPERATION_CODE IN ('");
}
whereClause += PrivMgr::authIDToString(PUBLIC_USER);
whereClause += ")";
-
-std::string orderByClause;
-
-std::vector<MyRow> rows;
-PrivStatus privStatus = selectAllWhere(whereClause,orderByClause,rows);
+ std::string orderByClause;
+
+ std::vector<MyRow> rows;
+
+ PrivStatus privStatus = selectAllWhere(whereClause,orderByClause,rows);
if (privStatus != STATUS_GOOD && privStatus != STATUS_WARNING)
return privStatus;
-
-// Initialize cache.
+
+ // Initialize cache.
userDMLPrivs_.granteeID_ = granteeID;
userDMLPrivs_.roleIDs_ = roleIDs;
userDMLPrivs_.managePrivileges_ = false;
- userDMLPrivs_.DMLBitmap_.reset();
-
- for (size_t r = 0; r < rows.size(); r++)
+ userDMLPrivs_.DMLBitmap_.reset();
+
+ hasAnyManagePriv = false;
+
+ for (size_t r = 0; r < rows.size(); r++)
{
MyRow &row = rows[r];
-
+
+ if (PrivMgr::isSQLManageOperation(row.operationCode_.c_str()))
+ hasAnyManagePriv = true;
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::MANAGE_PRIVILEGES))
{
userDMLPrivs_.managePrivileges_ = true;
continue;
- }
-
+ }
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_DELETE))
{
userDMLPrivs_.DMLBitmap_.set(DELETE_PRIV);
continue;
- }
-
+ }
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_INSERT))
{
userDMLPrivs_.DMLBitmap_.set(INSERT_PRIV);
continue;
- }
-
+ }
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_REFERENCES))
{
userDMLPrivs_.DMLBitmap_.set(REFERENCES_PRIV);
continue;
- }
-
+ }
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_SELECT))
{
userDMLPrivs_.DMLBitmap_.set(SELECT_PRIV);
continue;
- }
-
+ }
+
+ if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_EXECUTE))
+ {
+ userDMLPrivs_.DMLBitmap_.set(EXECUTE_PRIV);
+ continue;
+ }
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_UPDATE))
{
userDMLPrivs_.DMLBitmap_.set(UPDATE_PRIV);
continue;
- }
-
+ }
+
if (row.operationCode_ == PrivMgr::getSQLOperationCode(SQLOperation::DML_USAGE))
{
userDMLPrivs_.DMLBitmap_.set(USAGE_PRIV);
continue;
- }
+ }
}
-
- hasManagePrivileges = userDMLPrivs_.managePrivileges_;
- DMLBitmap = userDMLPrivs_.DMLBitmap_;
-
- return STATUS_GOOD;
-}
-//******************* End of MyTable::fetchDMLPrivInfo *************************
+ hasManagePrivPriv = userDMLPrivs_.managePrivileges_;
+ DMLPrivs = userDMLPrivs_.DMLBitmap_;
+
+
+ return STATUS_GOOD;
+}
+//******************* End of MyTable::fetchCompPrivInfo*************************
// *****************************************************************************
// * *
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentPrivileges.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentPrivileges.h b/core/sql/sqlcomp/PrivMgrComponentPrivileges.h
index b87e31f..3f7eadf 100644
--- a/core/sql/sqlcomp/PrivMgrComponentPrivileges.h
+++ b/core/sql/sqlcomp/PrivMgrComponentPrivileges.h
@@ -82,14 +82,16 @@ public:
const std::string & componentName,
const std::string & operationName);
- int64_t getCount();
+ int64_t getCount( const int32_t componentUID = INVALID_COMPONENT_UID );
- void getSQLDMLPrivileges(
+ void getSQLCompPrivs(
const int32_t granteeID,
const std::vector<int32_t> & roleIDs,
- PrivObjectBitmap & DMLBitmap,
- bool & hasManagePrivileges);
-
+ PrivObjectBitmap & DMLPrivs,
+ bool & hasManagePrivPriv,
+ bool & hasSelectMetadata,
+ bool & hasAnyManagePriv);
+
PrivStatus grantPrivilege(
const std::string & componentName,
const std::vector<std::string> & operations,
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrDefs.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrDefs.h b/core/sql/sqlcomp/PrivMgrDefs.h
index 5820460..8f69e9e 100644
--- a/core/sql/sqlcomp/PrivMgrDefs.h
+++ b/core/sql/sqlcomp/PrivMgrDefs.h
@@ -38,6 +38,13 @@
// *
// *****************************************************************************
+#define PRIVMGR_INTERNAL_ERROR(text) \
+ *pDiags_ << DgSqlCode(-CAT_INTERNAL_EXCEPTION_ERROR) \
+ << DgString0(__FILE__) \
+ << DgInt0(__LINE__) \
+ << DgString1(text)
+
+
// Returns the result of the operation
enum PrivStatus { STATUS_UNKNOWN = 20,
STATUS_GOOD = 21,
@@ -70,16 +77,6 @@ inline const char * privStatusEnumToLit(PrivStatus privStatus)
}
-enum {SQL_OPERATIONS_COMPONENT_UID = 1};
-#define SQL_OPERATION_NAME "SQL_OPERATIONS"
-
-#define PRIVMGR_INTERNAL_ERROR(text) \
- *pDiags_ << DgSqlCode(-CAT_INTERNAL_EXCEPTION_ERROR) \
- << DgString0(__FILE__) \
- << DgInt0(__LINE__) \
- << DgString1(text)
-
-
enum class PrivClass {
ALL = 2,
OBJECT = 3,
@@ -155,77 +152,6 @@ inline bool isSequenceGeneratorPrivType(PrivType privType)
}
-// Defines the list of privileges that are supported for the
-// SQLOperation component
-enum class SQLOperation {
- ALTER = 2,
- ALTER_LIBRARY,
- ALTER_ROUTINE,
- ALTER_ROUTINE_ACTION,
- ALTER_SCHEMA,
- ALTER_SEQUENCE,
- ALTER_SYNONYM,
- ALTER_TABLE,
- ALTER_TRIGGER,
- ALTER_VIEW,
- CREATE,
- CREATE_CATALOG,
- CREATE_INDEX,
- CREATE_LIBRARY,
- CREATE_PROCEDURE,
- CREATE_ROUTINE,
- CREATE_ROUTINE_ACTION,
- CREATE_SCHEMA,
- CREATE_SEQUENCE,
- CREATE_SYNONYM,
- CREATE_TABLE,
- CREATE_TRIGGER,
- CREATE_VIEW,
- DML_DELETE,
- DML_EXECUTE,
- DML_INSERT,
- DML_REFERENCES,
- DML_SELECT,
- DML_UPDATE,
- DML_USAGE,
- DROP,
- DROP_CATALOG,
- DROP_INDEX,
- DROP_LIBRARY,
- DROP_PROCEDURE,
- DROP_ROUTINE,
- DROP_ROUTINE_ACTION,
- DROP_SCHEMA,
- DROP_SEQUENCE,
- DROP_SYNONYM,
- DROP_TABLE,
- DROP_TRIGGER,
- DROP_VIEW,
- MANAGE,
- MANAGE_COMPONENTS,
- MANAGE_LIBRARY,
- MANAGE_LOAD,
- MANAGE_PRIVILEGES,
- MANAGE_ROLES,
- MANAGE_STATISTICS,
- MANAGE_USERS,
- QUERY_ACTIVATE,
- QUERY_CANCEL,
- QUERY_SUSPEND,
- REMAP_USER,
- REGISTER_HIVE_OBJECT,
- SHOW,
- UNREGISTER_HIVE_OBJECT,
- USE_ALTERNATE_SCHEMA,
- COMMENT,
- FIRST_OPERATION = ALTER,
- LAST_OPERATION = COMMENT,
- NUMBER_OF_OPERATIONS = LAST_OPERATION - FIRST_OPERATION + 1,
- UNKNOWN,
- FIRST_DML_PRIV = DML_DELETE,
- LAST_DML_PRIV = DML_USAGE
-};
-
enum class PrivDropBehavior {
CASCADE = 2,
RESTRICT = 3
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrMD.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrMD.cpp b/core/sql/sqlcomp/PrivMgrMD.cpp
index 91047e7..94e8226 100644
--- a/core/sql/sqlcomp/PrivMgrMD.cpp
+++ b/core/sql/sqlcomp/PrivMgrMD.cpp
@@ -153,127 +153,171 @@ PrivMgrMDAdmin::~PrivMgrMDAdmin()
// ----------------------------------------------------------------------------
PrivStatus PrivMgrMDAdmin::initializeComponentPrivileges()
-
{
std::string traceMsg;
- log(__FILE__, "initializing component privileges", -1);
+ log(__FILE__, "Initializing component privileges", -1);
PrivStatus privStatus = STATUS_GOOD;
- // First register the component.
- PrivMgrComponents components(metadataLocation_,pDiags_);
- bool componentExists = (components.exists(SQL_OPERATION_NAME));
- if (!componentExists)
- {
- privStatus = components.registerComponentInternal(SQL_OPERATION_NAME,
- SQL_OPERATIONS_COMPONENT_UID,
- true,"Component for SQL operations");
- if (privStatus != STATUS_GOOD)
- {
- log(__FILE__, "ERROR: unable to register SQL_OPERATIONS component", -1);
- return STATUS_ERROR;
- }
- }
-
-// Component is registered, now create all the operations associated with
-// the component. A grant from the system to the grantee (DB__ROOT) will
-// be added for each operation.
-
-PrivMgrComponentOperations componentOperations(metadataLocation_,pDiags_);
-std::vector<std::string> operationCodes;
-
-int32_t DB__ROOTID = ComUser::getRootUserID();
-std::string DB__ROOTName(ComUser::getRootUserName());
-
- for (SQLOperation operation = SQLOperation::FIRST_OPERATION;
- static_cast<int>(operation) <= static_cast<int>(SQLOperation::LAST_OPERATION);
- operation = static_cast<SQLOperation>(static_cast<int>(operation) + 1))
+ PrivMgrComponents components(metadataLocation_,pDiags_);
+ size_t numComps = sizeof(componentList)/sizeof(ComponentListStruct);
+ for (int c = 0; c < numComps; c++)
{
- const char *codePtr = PrivMgr::getSQLOperationCode(operation);
- privStatus = componentOperations.createOperationInternal(SQL_OPERATIONS_COMPONENT_UID,
- PrivMgr::getSQLOperationName(operation),
- codePtr,true,
- PrivMgr::getSQLOperationDescription(operation),
- DB__ROOTID,DB__ROOTName,-1,
- componentExists);
-
- if (privStatus == STATUS_GOOD)
- operationCodes.push_back(codePtr);
- else
+ // Get description of component
+ const ComponentListStruct &compDefinition = componentList[c];
+ int64_t compUID(compDefinition.componentUID);
+ std::string compName(compDefinition.componentName);
+ std::string compDef("System component ");
+ compDef += compName;
+
+ log(__FILE__, compDef, -1);
+
+ bool componentExists = (components.exists(compName));
+ if (!componentExists)
{
- traceMsg = "WARNING unable to create component operation: ";
- traceMsg += PrivMgr::getSQLOperationName(operation);
- log(__FILE__, traceMsg, -1);
- }
- }
+ // Register component
+ privStatus = components.registerComponentInternal(compName,compUID,true,compDef);
+ if (privStatus != STATUS_GOOD)
+ {
+ traceMsg = "ERROR: unable to register component ";
+ traceMsg += compName.c_str();
+ log(__FILE__, traceMsg.c_str(), -1);
+ return STATUS_ERROR;
+ }
+ }
-// In the unlikely event no operations were created, we are done.
- if (operationCodes.size() == 0)
- return STATUS_GOOD;
+ // Component is registered, now create all the operations associated with
+ // the component. A grant from the system to the owner (DB__ROOT) will
+ // be added for each operation. In addition, set up the list of grants
+ // for different users/roles.
+ // allOpsList - list of operations (granted to owner)
+ // rootRoleList - list of operations granted to DB__ROOTROLE
+ // publicList - list of operations granted to PUBLIC
+ std::vector<std::string> allOpsList;
+ std::vector<std::string> rootRoleList;
+ std::vector<std::string> publicList;
+
+ PrivMgrComponentPrivileges componentPrivileges(metadataLocation_,pDiags_);
+ PrivMgrComponentOperations componentOperations(metadataLocation_,pDiags_);
+ int32_t DB__ROOTID = ComUser::getRootUserID();
+ std::string DB__ROOTName(ComUser::getRootUserName());
+
+ int32_t numOps = compDefinition.numOps;
+ int32_t numExistingOps = 0;
+ int32_t numExistingUnusedOps = 0;
+ if (componentOperations.getCount(compUID, numExistingOps, numExistingUnusedOps) == STATUS_ERROR)
+ return STATUS_ERROR;
+
+ // Add any new operations
+ if ( numExistingOps < numOps)
+ {
+ // The ComponentOpStruct describes the component operations required for
+ // each component. Each entry contains the operationCode,
+ // operationName, whether the privileges should be granted for
+ // DB__ROOTROLE, and PUBLIC, etc.
+ for (int i = 0; i < numOps; i++)
+ {
+ const ComponentOpStruct opDefinition = compDefinition.componentOps[i];
+
+ std::string description = "Allow grantee to perform ";
+ description += opDefinition.operationName;
+ description += " operation";
+
+ // create the operation
+ privStatus = componentOperations.createOperationInternal(compUID,
+ opDefinition.operationName,
+ opDefinition.operationCode,
+ opDefinition.unusedOp,
+ description,
+ DB__ROOTID,DB__ROOTName,-1,
+ componentExists);
+
+ if (privStatus == STATUS_GOOD)
+ {
+ // All operations are included in the allOpsList
+ allOpsList.push_back(opDefinition.operationName);
+ if (opDefinition.isRootRoleOp)
+ rootRoleList.push_back(opDefinition.operationCode);
+ if (opDefinition.isPublicOp)
+ publicList.push_back(opDefinition.operationCode);
+ }
+ else
+ {
+ traceMsg = "WARNING unable to create component operation: ";
+ traceMsg += opDefinition.operationName;
+ log(__FILE__, traceMsg, -1);
+ return privStatus;
+ }
+ }
+
+ // In the unlikely event no operations were created, we are done.
+ if (allOpsList.size() == 0)
+ return STATUS_GOOD;
-PrivMgrComponentPrivileges componentPrivileges(metadataLocation_,pDiags_);
-
-// Grant all SQL_OPERATIONS to DB__ROOTROLE WITH GRANT OPTION
- privStatus = componentPrivileges.grantPrivilegeInternal(SQL_OPERATIONS_COMPONENT_UID,
- operationCodes,
- ComUser::getRootUserID(),
- ComUser::getRootUserName(),
- ROOT_ROLE_ID,
- DB__ROOTROLE,-1,
- componentExists);
+ // Grant all SQL_OPERATIONS to DB__ROOTROLE WITH GRANT OPTION
+ privStatus = componentPrivileges.grantPrivilegeInternal(compUID,
+ rootRoleList,
+ DB__ROOTID,
+ ComUser::getRootUserName(),
+ ROOT_ROLE_ID,
+ DB__ROOTROLE,-1,
+ componentExists);
- if (privStatus != STATUS_GOOD)
- {
- traceMsg = "ERROR unable to grant DB__ROOTROLE to components";
- log(__FILE__, traceMsg, -1);
- return privStatus;
- }
-
-// Grant SQL_OPERATIONS CREATE_SCHEMA and SHOW to PUBLIC
-std::vector<std::string> CSOperationCodes;
-
- CSOperationCodes.push_back(PrivMgr::getSQLOperationCode(SQLOperation::CREATE_SCHEMA));
- CSOperationCodes.push_back(PrivMgr::getSQLOperationCode(SQLOperation::SHOW));
-
- privStatus = componentPrivileges.grantPrivilegeInternal(SQL_OPERATIONS_COMPONENT_UID,
- CSOperationCodes,
- ComUser::getRootUserID(),
- ComUser::getRootUserName(),
- PUBLIC_USER,
- PUBLIC_AUTH_NAME,0,
- componentExists);
+ if (privStatus != STATUS_GOOD)
+ {
+ traceMsg = "ERROR unable to grant DB__ROOTROLE to components";
+ log(__FILE__, traceMsg, -1);
+ return privStatus;
+ }
- if (privStatus != STATUS_GOOD)
- {
- traceMsg = "ERROR unable to grant PUBLIC to components";
- log(__FILE__, traceMsg, -1);
- return privStatus;
- }
-
-// Verify counts for tables.
+ // Grant privileges to PUBLIC
+ privStatus = componentPrivileges.grantPrivilegeInternal(compUID,
+ publicList,
+ DB__ROOTID,
+ ComUser::getRootUserName(),
+ PUBLIC_USER,
+ PUBLIC_AUTH_NAME,0,
+ componentExists);
+ if (privStatus != STATUS_GOOD)
+ {
+ traceMsg = "ERROR unable to grant PUBLIC to components";
+ log(__FILE__, traceMsg, -1);
+ return privStatus;
+ }
+ }
-// Minimum number of privileges granted is 2 for each operation (one each
-// for DB__ROOT and DB__ROOTROLE) plus the two grants to PUBLIC.
+ // Update component_privileges and update operation codes appropriately
+ size_t numUnusedOps = PrivMgr::getSQLUnusedOpsCount();
+ if (numExistingOps > 0 /* doing upgrade */ &&
+ (numUnusedOps != numExistingUnusedOps))
+ {
+ privStatus = componentOperations.updateOperationCodes(compUID);
+ if (privStatus == STATUS_ERROR)
+ return privStatus;
+ }
-int64_t expectedPrivCount = static_cast<int64_t>(SQLOperation::NUMBER_OF_OPERATIONS) * 2 + 2;
+ // Verify counts from tables.
- if (components.getCount() != 1 ||
- componentOperations.getCount() != static_cast<int64_t>(SQLOperation::NUMBER_OF_OPERATIONS) ||
- componentPrivileges.getCount() < expectedPrivCount)
- {
- std::string message ("Expecting ");
- message += to_string((long long int)expectedPrivCount);
- message += " component privileges, instead ";
- message += to_string((long long int)componentPrivileges.getCount());
- message += " were found.";
- traceMsg = "ERROR: ";
- traceMsg += message;
- log(__FILE__, message, -1);
- PRIVMGR_INTERNAL_ERROR(message.c_str());
- return STATUS_ERROR;
+ // Minimum number of privileges granted is:
+ // one for each operation (owner)
+ // one for each entry in rootRoleList and publicList
+ // This check was added because of issues with insert/upsert, is it still needed?
+ int64_t expectedPrivCount = numOps + rootRoleList.size() + publicList.size();
+
+ if (componentPrivileges.getCount(compUID) < expectedPrivCount)
+ {
+ std::string message ("Expecting ");
+ message += to_string((long long int)expectedPrivCount);
+ message += " component privileges, instead ";
+ message += PrivMgr::authIDToString(numExistingOps);
+ message += " were found.";
+ traceMsg = "ERROR: ";
+ traceMsg += message;
+ log(__FILE__, message, -1);
+ PRIVMGR_INTERNAL_ERROR(message.c_str());
+ return STATUS_ERROR;
+ }
}
-
return STATUS_GOOD;
-
}
// ----------------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrPrivileges.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrPrivileges.cpp b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
index 513a2bd..81e6b37 100644
--- a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
@@ -4375,7 +4375,7 @@ PrivStatus PrivMgrPrivileges::getUserPrivs(
// * <objectType> is the type of the subject object.
// * <granteeID> specifies the userID to accumulate
// * <roleIDs> is vector of roleIDs granted to the grantee
-// * <hasManagePrivileges> returns whether the grantee has MANAGE_PRIVILEGES authority
+// * <hasManagePrivPriv> returns whether the grantee has MANAGE_PRIVILEGES authority
// * <summarizedPrivs> contains the summarized privileges
// *
// * Returns: PrivStatus
@@ -4390,12 +4390,12 @@ PrivStatus PrivMgrPrivileges::getPrivsFromAllGrantors(
const int32_t granteeID,
const std::vector<int32_t> & roleIDs,
PrivMgrDesc &summarizedPrivs,
- bool & hasManagePrivileges,
+ bool & hasManagePrivPriv,
std::vector <ComSecurityKey *>* secKeySet
)
{
PrivStatus retcode = STATUS_GOOD;
- hasManagePrivileges = false;
+ hasManagePrivPriv = false;
bool hasPublicGrantee = false;
// Check to see if the granteeID is the system user
@@ -4406,7 +4406,7 @@ PrivStatus PrivMgrPrivileges::getPrivsFromAllGrantors(
bitmap.set();
PrivMgrCoreDesc coreTablePrivs(bitmap, bitmap);
summarizedPrivs.setTablePrivs(coreTablePrivs);
- hasManagePrivileges = true;
+ hasManagePrivPriv = true;
return STATUS_GOOD;
}
@@ -4414,10 +4414,13 @@ PrivStatus PrivMgrPrivileges::getPrivsFromAllGrantors(
PrivObjectBitmap systemPrivs;
PrivMgrComponentPrivileges componentPrivileges(metadataLocation_,pDiags_);
- componentPrivileges.getSQLDMLPrivileges(granteeID,roleIDs,systemPrivs,
- hasManagePrivileges);
+ bool hasSelectMetadata = false;
+ bool hasAnyManagePriv = false;
+ componentPrivileges.getSQLCompPrivs(granteeID,roleIDs,systemPrivs,
+ hasManagePrivPriv, hasSelectMetadata,
+ hasAnyManagePriv);
- if (hasManagePrivileges && hasAllDMLPrivs(objectType,systemPrivs))
+ if (hasManagePrivPriv && hasAllDMLPrivs(objectType,systemPrivs))
{
PrivMgrCoreDesc coreTablePrivs(systemPrivs,systemPrivs);
summarizedPrivs.setTablePrivs(coreTablePrivs);
@@ -4454,7 +4457,7 @@ PrivStatus PrivMgrPrivileges::getPrivsFromAllGrantors(
PrivObjectBitmap grantableBitmap;
- if (hasManagePrivileges)
+ if (hasManagePrivPriv)
grantableBitmap = systemPrivs;
PrivMgrCoreDesc temp2(systemPrivs,grantableBitmap);
[3/4] trafodion git commit: Updated expected results for
compGeneral/EXPECTED042
Posted by rm...@apache.org.
Updated expected results for compGeneral/EXPECTED042
There were changes in hybridquerycacheentries due to changes made to
select from component_privileges. The changed select query does not
contain the "operation_code in (...)" clause any more which reduces the
number of non-parametized literals reported by hybridquerycacheentries.
Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/dfddd000
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/dfddd000
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/dfddd000
Branch: refs/heads/master
Commit: dfddd0009581938a7050bb76c9eadbe8cfa3955a
Parents: 88ed058
Author: Roberta Marton <ro...@apache.org>
Authored: Mon Aug 27 16:45:31 2018 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Mon Aug 27 16:45:31 2018 +0000
----------------------------------------------------------------------
core/sql/regress/compGeneral/EXPECTED042 | 48 +++++++++++++--------------
1 file changed, 24 insertions(+), 24 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafodion/blob/dfddd000/core/sql/regress/compGeneral/EXPECTED042
----------------------------------------------------------------------
diff --git a/core/sql/regress/compGeneral/EXPECTED042 b/core/sql/regress/compGeneral/EXPECTED042
index 1cd8b5f..e90380e 100644
--- a/core/sql/regress/compGeneral/EXPECTED042
+++ b/core/sql/regress/compGeneral/EXPECTED042
@@ -1,9 +1,9 @@
>>showstats for table t042_orderline on ol_o_id detail;
Detailed Histogram data for Table TRAFODION.ORDERENTRY.T042_ORDERLINE
-Table ID: 8379103414832633643
+Table ID: 3587850068614533656
-Hist ID: 1428267625
+Hist ID: 1404295272
Column(s): OL_O_ID
Total Rows: 10
Total UEC: 4
@@ -1759,7 +1759,7 @@ HQC key=SELECT T . VARCHAR0_UNIQ AS T_VARCHAR0_UNIQ , T . CHAR2_2 AS T_CHAR2_2 ,
>>-- test compile time
>>
>>sh more /proc/loadavg | cut -d' ' -f 1-3 | sed -e 's/^/System load: /' >> LOG042;
-System load: 1.39 2.74 2.71
+System load: 2.75 2.02 1.56
>>sh grep "model name" /proc/cpuinfo | head -1 | cut -d '@' -f 2 | sed -e 's/^/CPU frequency: /' >> LOG042;
CPU frequency: model name : Intel Core Processor (Haswell)
>>set statistics on;
@@ -1767,10 +1767,10 @@ CPU frequency: model name : Intel Core Processor (Haswell)
--- SQL command prepared.
-Start Time 2018/03/22 01:04:54.921227
-End Time 2018/03/22 01:04:54.924930
-Elapsed Time 00:00:00.003703
-Compile Time 00:00:00.003703
+Start Time 2018/08/27 16:40:52.450248
+End Time 2018/08/27 16:40:52.453421
+Elapsed Time 00:00:00.003173
+Compile Time 00:00:00.003173
Execution Time 00:00:00.000000
@@ -1801,10 +1801,10 @@ HQC key=SELECT * FROM T042_ORDERLINE WHERE OL_O_ID = #NP# ;
--- SQL command prepared.
-Start Time 2018/03/22 01:04:55.115150
-End Time 2018/03/22 01:04:55.117539
-Elapsed Time 00:00:00.002389
-Compile Time 00:00:00.002389
+Start Time 2018/08/27 16:40:52.648361
+End Time 2018/08/27 16:40:52.651112
+Elapsed Time 00:00:00.002751
+Compile Time 00:00:00.002751
Execution Time 00:00:00.000000
@@ -1952,29 +1952,29 @@ NUM_HITS NUM_PARAMS (EXPR) (EXPR)
NUM_HITS NUM_PARAMS (EXPR) (EXPR)
---------- ---------- ---------- --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- 0 1 ====QUERY: select is_audited, num_salt_partns, row_format, flags from TRAFODION."_MD_".TABLES where table_uid = 8379103414832633643 for read committed access
+ 0 1 ====QUERY: select is_audited, num_salt_partns, row_format, flags from TRAFODION."_MD_".TABLES where table_uid = 3587850068614533656 for read committed access
0 2 ====QUERY: select column_name, column_number, column_class, fs_data_type, column_size, column_precision, column_scale, datetime_start_field, datetime_end_field, trim(is_upshifted), column_flags, nullable, trim(c
- 0 3 ====QUERY: select column_name, column_number, keyseq_number, ordering, cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 8379103414832633643 and nonkeycol = 0 for read committed access order
+ 0 3 ====QUERY: select column_name, column_number, keyseq_number, ordering, cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 3587850068614533656 and nonkeycol = 0 for read committed access order
0 4 ====QUERY: select object_uid, object_owner, schema_owner, flags, create_time from TRAFODION."_MD_".OBJECTS where catalog_name = 'TRAFODION' and schema_name = 'ORDERENTRY' and object_name = 'DESCRIBE__' and obje
0 4 ====QUERY: select object_uid, object_owner, schema_owner, flags, create_time from TRAFODION."_MD_".OBJECTS where catalog_name = 'TRAFODION' and schema_name = '_MD_' and object_name = 'OBJECTS' and object_type =
0 5 ====QUERY: select object_uid, object_owner, schema_owner, flags, create_time from TRAFODION."_MD_".OBJECTS where catalog_name = 'TRAFODION' and schema_name = 'ORDERENTRY' and object_name = 'T042_ORDERLINE' and
- 1 1 ====QUERY: select is_audited, num_salt_partns, row_format, flags from TRAFODION."_MD_".TABLES where table_uid = 8379103414832637810 for read committed access
+ 1 1 ====QUERY: select is_audited, num_salt_partns, row_format, flags from TRAFODION."_MD_".TABLES where table_uid = 3587850068614538557 for read committed access
1 1 ====QUERY: select trim(O.catalog_name || '.' || '"' || O.schema_name || '"' || '.' || '"' || O.object_name || '"' ) constr_name, trim(O2.catalog_name || '.' || '"' || O2.schema_name || '"' || '.' || '"' || O2.ob
1 2 ====QUERY: select column_name, column_number, column_class, fs_data_type, column_size, column_precision, column_scale, datetime_start_field, datetime_end_field, trim(is_upshifted), column_flags, nullable, trim(c
- 1 2 ====QUERY: select column_name, column_number, keyseq_number, ordering , cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 8379103414832633687 for read committed access order by keyseq_number
- 1 3 ====QUERY: select column_name, column_number, keyseq_number, ordering, cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 8379103414832637810 and nonkeycol = 0 for read committed access order
+ 1 2 ====QUERY: select column_name, column_number, keyseq_number, ordering , cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 3587850068614533750 for read committed access order by keyseq_number
+ 1 3 ====QUERY: select column_name, column_number, keyseq_number, ordering, cast(0 as int not null) from TRAFODION."_MD_".KEYS where object_uid = 3587850068614538557 and nonkeycol = 0 for read committed access order
1 5 ====QUERY: select object_uid, object_owner, schema_owner, flags, create_time from TRAFODION."_MD_".OBJECTS where catalog_name = 'TRAFODION' and schema_name = 'ORDERENTRY' and object_name = 'T042_T1' and object_
- 2 1 ====QUERY: SELECT COMPONENT_UID, OPERATION_CODE, GRANTEE_ID, GRANTOR_ID, GRANTEE_NAME, GRANTOR_NAME, GRANT_DEPTH FROM TRAFODION."_PRIVMGR_MD_".COMPONENT_PRIVILEGES WHERE COMPONENT_UID = 1 AND OPERATION_CODE IN (
- 2 1 ====QUERY: SELECT COMPONENT_UID, OPERATION_CODE, GRANTEE_ID, GRANTOR_ID, GRANTEE_NAME, GRANTOR_NAME, GRANT_DEPTH FROM TRAFODION."_PRIVMGR_MD_".COMPONENT_PRIVILEGES WHERE COMPONENT_UID = 1 AND OPERATION_CODE IN (
+ 2 1 ====QUERY: SELECT COMPONENT_UID, OPERATION_CODE, GRANTEE_ID, GRANTOR_ID, GRANTEE_NAME, GRANTOR_NAME, GRANT_DEPTH FROM TRAFODION."_PRIVMGR_MD_".COMPONENT_PRIVILEGES WHERE COMPONENT_UID = 1 AND GRANTEE_ID IN (1000
+ 2 1 ====QUERY: SELECT COMPONENT_UID, OPERATION_CODE, GRANTEE_ID, GRANTOR_ID, GRANTEE_NAME, GRANTOR_NAME, GRANT_DEPTH FROM TRAFODION."_PRIVMGR_MD_".COMPONENT_PRIVILEGES WHERE COMPONENT_UID = 1 AND GRANTEE_ID IN (3333
2 1 ====QUERY: SELECT HISTOGRAM_ID, COLUMN_NUMBER, COLCOUNT, INTERVAL_COUNT, ROWCOUNT, TOTAL_UEC, JULIANTIMESTAMP(STATS_TIME), LOW_VALUE, HIGH_VALUE, JULIANTIMESTAMP(READ_TIME), READ_COUNT, SAMPLE_SECS, COL_SECS, SA
2 1 ====QUERY: SELECT HISTOGRAM_ID, INTERVAL_NUMBER, INTERVAL_ROWCOUNT, INTERVAL_UEC, INTERVAL_BOUNDARY, CAST(STD_DEV_OF_FREQ AS DOUBLE PRECISION), V1, V2, V5 FROM TRAFODION.ORDERENTRY.SB_HISTOGRAM_INTERVALS WHERE T
2 1 ====QUERY: SELECT OBJECT_UID, OBJECT_NAME, OBJECT_TYPE, GRANTEE_ID, GRANTEE_NAME, GRANTEE_TYPE, GRANTOR_ID, GRANTOR_NAME, GRANTOR_TYPE, PRIVILEGES_BITMAP, GRANTABLE_BITMAP FROM TRAFODION."_PRIVMGR_MD_".OBJECT_PR
- 2 1 ====QUERY: SELECT object_uid,object_name,grantee_id,grantee_name,grantor_id,grantor_name,column_number,privileges_bitmap,grantable_bitmap FROM TRAFODION."_PRIVMGR_MD_".COLUMN_PRIVILEGES where object_uid = 837910
- 2 1 ====QUERY: select check_option, is_updatable, is_insertable from TRAFODION."_MD_".VIEWS where view_uid = 8379103414832633643 for read committed access
+ 2 1 ====QUERY: SELECT object_uid,object_name,grantee_id,grantee_name,grantor_id,grantor_name,column_number,privileges_bitmap,grantable_bitmap FROM TRAFODION."_PRIVMGR_MD_".COLUMN_PRIVILEGES where object_uid = 358785
+ 2 1 ====QUERY: select check_option, is_updatable, is_insertable from TRAFODION."_MD_".VIEWS where view_uid = 3587850068614533656 for read committed access
2 2 ====QUERY: select O.catalog_name, O.schema_name, O.object_name, I.keytag, I.is_unique, I.is_explicit, I.key_colcount, I.nonkey_colcount, T.num_salt_partns, T.row_format, I.index_uid from TRAFODION."_MD_".INDEXES
2 3 ====QUERY: select O.object_name, C.constraint_type, C.col_count, C.constraint_uid, C.enforced, C.flags from TRAFODION."_MD_".OBJECTS O, TRAFODION."_MD_".TABLE_CONSTRAINTS C where O.catalog_name = 'TRAFODION' and
- 2 3 ====QUERY: select octet_length(text), text from TRAFODION."_MD_".TEXT where text_uid = 8379103414832633643 and text_type = 2 and sub_id = 0 for read committed access order by seq_num
- 3 3 ====QUERY: select octet_length(text), text from TRAFODION."_MD_".TEXT where text_uid = 8379103414832637810 and text_type = 2 and sub_id = 0 for read committed access order by seq_num
+ 2 3 ====QUERY: select octet_length(text), text from TRAFODION."_MD_".TEXT where text_uid = 3587850068614533656 and text_type = 2 and sub_id = 0 for read committed access order by seq_num
+ 3 3 ====QUERY: select octet_length(text), text from TRAFODION."_MD_".TEXT where text_uid = 3587850068614538557 and text_type = 2 and sub_id = 0 for read committed access order by seq_num
12 4 ====QUERY: select object_uid, object_owner, schema_owner, flags, create_time from TRAFODION."_MD_".OBJECTS where catalog_name = 'TRAFODION' and schema_name = '_MD_' and object_name = 'TABLES' and object_type =
--- 24 row(s) selected.
@@ -2115,8 +2115,8 @@ NUM_HITS NUM_PLITERALS NUM_NPLITERALS
2 1 0
2 1 0
2 1 1
- 2 1 10
- 2 1 10
+ 2 1 2
+ 2 1 2
2 2 3
2 3 0
3 3 0
[4/4] trafodion git commit: merge pr 1703 Only expose supported
component operations
Posted by rm...@apache.org.
merge pr 1703 Only expose supported component operations
Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/8697d926
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/8697d926
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/8697d926
Branch: refs/heads/master
Commit: 8697d926249c621160fb5cea45dc8bf6208f4df9
Parents: 1650c78 dfddd00
Author: Roberta Marton <ro...@apache.org>
Authored: Tue Aug 28 16:50:06 2018 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Tue Aug 28 16:50:06 2018 +0000
----------------------------------------------------------------------
core/sql/executor/ExExeUtilGet.cpp | 29 +-
core/sql/regress/compGeneral/EXPECTED042 | 48 +-
core/sql/regress/privs1/EXPECTED132 | 26 +-
core/sql/regress/privs1/EXPECTED137 | 468 ++++---------------
core/sql/regress/privs1/TEST132 | 6 +-
core/sql/sqlcomp/CmpSeabaseDDL.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLauth.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp | 49 +-
core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp | 2 +-
core/sql/sqlcomp/PrivMgr.cpp | 58 +++
core/sql/sqlcomp/PrivMgr.h | 5 +-
core/sql/sqlcomp/PrivMgrComponentDefs.h | 182 +++-----
core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 277 ++++++++---
core/sql/sqlcomp/PrivMgrComponentOperations.h | 38 +-
core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 181 +++----
core/sql/sqlcomp/PrivMgrComponentPrivileges.h | 12 +-
core/sql/sqlcomp/PrivMgrDefs.h | 88 +---
core/sql/sqlcomp/PrivMgrMD.cpp | 256 +++++-----
core/sql/sqlcomp/PrivMgrPrivileges.cpp | 19 +-
19 files changed, 810 insertions(+), 936 deletions(-)
----------------------------------------------------------------------
[2/4] trafodion git commit: Only expose supported component operations
Posted by rm...@apache.org.
Only expose supported component operations
There is a set of component operations and many are about features that we do
not support such as CREATE_TRIGGER. This checkin no longer returns these
privileges through
get privileges on component sql_operations
showddl component sql_operations
The is_system metadata column in the component_operations table now supports
three values:
Y - it is a system operation
N - it is a user operation
U - it is an unsupported (unused) operation (new)
An "initialize authorization" or fresh installation is required to make these
changes available.
Installating this code version calls initialize authorization
Running regrinit.sql also calls initialize authorization
Some performance enhancements were made to make "initialize authorization" run
faster.
Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/88ed0582
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/88ed0582
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/88ed0582
Branch: refs/heads/master
Commit: 88ed0582c7e09c51acc924735031806210968675
Parents: c8ffae3
Author: Roberta Marton <ro...@apache.org>
Authored: Fri Aug 24 22:29:06 2018 +0000
Committer: Roberta Marton <ro...@apache.org>
Committed: Fri Aug 24 22:29:06 2018 +0000
----------------------------------------------------------------------
core/sql/executor/ExExeUtilGet.cpp | 29 +-
core/sql/regress/privs1/EXPECTED132 | 26 +-
core/sql/regress/privs1/EXPECTED137 | 468 ++++---------------
core/sql/regress/privs1/TEST132 | 6 +-
core/sql/sqlcomp/CmpSeabaseDDL.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLauth.h | 1 +
core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp | 49 +-
core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp | 2 +-
core/sql/sqlcomp/PrivMgr.cpp | 58 +++
core/sql/sqlcomp/PrivMgr.h | 5 +-
core/sql/sqlcomp/PrivMgrComponentDefs.h | 182 +++-----
core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 277 ++++++++---
core/sql/sqlcomp/PrivMgrComponentOperations.h | 38 +-
core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 181 +++----
core/sql/sqlcomp/PrivMgrComponentPrivileges.h | 12 +-
core/sql/sqlcomp/PrivMgrDefs.h | 88 +---
core/sql/sqlcomp/PrivMgrMD.cpp | 256 +++++-----
core/sql/sqlcomp/PrivMgrPrivileges.cpp | 19 +-
18 files changed, 786 insertions(+), 912 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/executor/ExExeUtilGet.cpp
----------------------------------------------------------------------
diff --git a/core/sql/executor/ExExeUtilGet.cpp b/core/sql/executor/ExExeUtilGet.cpp
index b54674e..b9d4c68 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -298,6 +298,7 @@ static const QueryString getComponentPrivileges[] =
{" where (c.component_uid=o.component_uid) "},
{" and (o.component_uid=p.component_uid) "},
{" and (o.operation_code=p.operation_code) "},
+ {" and (o.is_system <> 'U') "},
{" and (c.component_name='%s') %s "},
{" order by 1 "},
{" ; "}
@@ -1716,34 +1717,6 @@ NABoolean ExExeUtilGetMetadataInfoTcb::checkUserPrivs(
break;
}
- // if user has DML_SELECT, can perform object operations
- case ComTdbExeUtilGetMetadataInfo::CATALOGS_:
- case ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_:
- case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_CATALOG_:
- case ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_:
- case ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::INDEXES_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_:
- case ComTdbExeUtilGetMetadataInfo::INDEXES_ON_TABLE_:
- case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_:
- case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_VIEW_:
- case ComTdbExeUtilGetMetadataInfo::OBJECTS_ON_TABLE_:
- case ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_:
- case ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_:
- case ComTdbExeUtilGetMetadataInfo::TABLES_IN_VIEW_:
- case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_VIEW_:
- case ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_VIEW_:
- {
- if (componentPrivileges.hasSQLPriv(ComUser::getCurrentUser(),SQLOperation::DML_SELECT,true))
- return FALSE;
- break;
- }
default:
break;
}
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/regress/privs1/EXPECTED132
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs1/EXPECTED132 b/core/sql/regress/privs1/EXPECTED132
index 7a60061..e56bc0a 100644
--- a/core/sql/regress/privs1/EXPECTED132
+++ b/core/sql/regress/privs1/EXPECTED132
@@ -344,7 +344,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
>>create index t132t1_ndx1 on t132t1 (c2) no populate;
--- SQL operation complete.
->>drop index t132t2_ndx1;
+>>cleanup index t132t2_ndx1;
--- SQL operation complete.
>>create index t132t2_ndx1 on t132t2 (c2) no populate;
@@ -404,7 +404,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
>>create index t132t1_ndx1 on t132t1 (c2) no populate;
--- SQL operation complete.
->>drop index t132t2_ndx1;
+>>cleanup index t132t2_ndx1;
--- SQL operation complete.
>>create index t132t2_ndx1 on t132t2 (c2) no populate;
@@ -412,7 +412,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
--- SQL operation complete.
>>
>>
->>-- if user belongs to DB__ROOTROLE, has DML privileges, so can populate indexes
+>>-- if user belongs to DB__ROOTROLE, DB__ROOTROLE does not have DML privileges
>>grant role DB__ROOTROLE to sql_user2;
--- SQL operation complete.
@@ -424,10 +424,18 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
>>
>>populate index t132t1_ndx1 on t132t1;
---- SQL operation complete.
+*** ERROR[4481] The user does not have SELECT privilege on table or view TRAFODION.T132SCH.T132T1.
+
+*** ERROR[4481] The user does not have INSERT privilege on table or view TRAFODION.T132SCH.T132T1.
+
+--- SQL operation failed with errors.
>>populate index t132t2_ndx1 on t132t2;
---- SQL operation complete.
+*** ERROR[4481] The user does not have SELECT privilege on table or view TRAFODION.T132SCH.T132T2.
+
+*** ERROR[4481] The user does not have INSERT privilege on table or view TRAFODION.T132SCH.T132T2.
+
+--- SQL operation failed with errors.
>>
>>changeuser db__root;
>>obey TEST132(popindex_check_reset);
@@ -443,7 +451,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
(EXPR)
--------------------
- 8
+ 0
--- 1 row(s) selected.
>>select count(*) from table (index_table t132t2_ndx1);
@@ -451,7 +459,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
(EXPR)
--------------------
- 8
+ 0
--- 1 row(s) selected.
>>
@@ -461,7 +469,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
>>create index t132t1_ndx1 on t132t1 (c2) no populate;
--- SQL operation complete.
->>drop index t132t2_ndx1;
+>>cleanup index t132t2_ndx1;
--- SQL operation complete.
>>create index t132t2_ndx1 on t132t2 (c2) no populate;
@@ -527,7 +535,7 @@ CREATE TABLE TRAFODION.T132SCH.T132T2
>>create index t132t1_ndx1 on t132t1 (c2) no populate;
--- SQL operation complete.
->>drop index t132t2_ndx1;
+>>cleanup index t132t2_ndx1;
--- SQL operation complete.
>>create index t132t2_ndx1 on t132t2 (c2) no populate;
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/regress/privs1/EXPECTED137
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs1/EXPECTED137 b/core/sql/regress/privs1/EXPECTED137
index 208beb0..127963f 100755
--- a/core/sql/regress/privs1/EXPECTED137
+++ b/core/sql/regress/privs1/EXPECTED137
@@ -922,108 +922,67 @@ GRANT ROLE "LIBRARY_CKOUT_CLERKS" TO
--- SQL operation complete.
>>showddl component sql_operations;
-REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL 'Component for SQL operations';
+REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL
+ 'System component SQL_OPERATIONS';
CREATE COMPONENT PRIVILEGE ALTER AS 'A0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter database objects';
+ 'Allow grantee to perform ALTER operation';
-- GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION AS 'AA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to alter routine actions';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE ALTER_TRIGGER AS 'AG' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter triggers';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE ALTER_SCHEMA AS 'AH' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter schemas';
+ 'Allow grantee to perform ALTER_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_LIBRARY AS 'AL' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter libraries';
+ DETAIL 'Allow grantee to perform ALTER_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SEQUENCE AS 'AQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter sequence generators';
+ DETAIL 'Allow grantee to perform ALTER_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE AS 'AR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter routines';
+ DETAIL 'Allow grantee to perform ALTER_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TABLE AS 'AT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter tables';
+ 'Allow grantee to perform ALTER_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_VIEW AS 'AV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter views';
+ 'Allow grantee to perform ALTER_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE ALTER_SYNONYM AS 'AY' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter synonyms';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE CREATE AS 'C0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create database objects';
+ 'Allow grantee to perform CREATE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION AS 'CA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to create routine actions';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE CREATE_CATALOG AS 'CC' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create catalogs';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE CREATE_TRIGGER AS 'CG' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create triggers';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE CREATE_SCHEMA AS 'CH' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create schemas';
+ DETAIL 'Allow grantee to perform CREATE_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "PUBLIC";
@@ -1031,321 +990,216 @@ GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_INDEX AS 'CI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create indexes';
+ 'Allow grantee to perform CREATE_INDEX operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_LIBRARY AS 'CL' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create libraries';
+ DETAIL 'Allow grantee to perform CREATE_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE COMMENT AS 'CO' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to comment on objects and columns';
+ 'Allow grantee to perform COMMENT operation';
-- GRANT COMPONENT PRIVILEGE "COMMENT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "COMMENT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_PROCEDURE AS 'CP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create procedures';
+ DETAIL 'Allow grantee to perform CREATE_PROCEDURE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SEQUENCE AS 'CQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create sequence generators';
+ DETAIL 'Allow grantee to perform CREATE_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE AS 'CR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create routines';
+ DETAIL 'Allow grantee to perform CREATE_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TABLE AS 'CT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create tables';
+ 'Allow grantee to perform CREATE_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_VIEW AS 'CV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create views';
+ 'Allow grantee to perform CREATE_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE CREATE_SYNONYM AS 'CY' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create synonyms';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE DROP AS 'D0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop database objects';
+ 'Allow grantee to perform DROP operation';
-- GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DROP_ROUTINE_ACTION AS 'DA' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop routine actions';
-
--- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DROP_CATALOG AS 'DC' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop catalogs';
-
--- GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DROP_TRIGGER AS 'DG' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop triggers';
-
--- GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE DROP_SCHEMA AS 'DH' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop schemas';
+ 'Allow grantee to perform DROP_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_INDEX AS 'DI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop indexes';
+ 'Allow grantee to perform DROP_INDEX operation';
-- GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_LIBRARY AS 'DL' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop libraries';
+ 'Allow grantee to perform DROP_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_PROCEDURE AS 'DP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop procedures';
+ DETAIL 'Allow grantee to perform DROP_PROCEDURE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SEQUENCE AS 'DQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop sequence generators';
+ DETAIL 'Allow grantee to perform DROP_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE AS 'DR' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop routines';
+ 'Allow grantee to perform DROP_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TABLE AS 'DT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop tables';
+ 'Allow grantee to perform DROP_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_VIEW AS 'DV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop views';
+ 'Allow grantee to perform DROP_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DROP_SYNONYM AS 'DY' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop synonyms';
-
--- GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE MANAGE AS 'M0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage all SQL Operations';
+ 'Allow grantee to perform MANAGE operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_COMPONENTS AS 'MC' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage components';
+ DETAIL 'Allow grantee to perform MANAGE_COMPONENTS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LIBRARY AS 'ML' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage libraries';
+ DETAIL 'Allow grantee to perform MANAGE_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_PRIVILEGES AS 'MP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage privileges on SQL objects';
+ DETAIL 'Allow grantee to perform MANAGE_PRIVILEGES operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_ROLES AS 'MR' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage roles';
+ 'Allow grantee to perform MANAGE_ROLES operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_STATISTICS AS 'MS' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to show and update statistics';
+ DETAIL 'Allow grantee to perform MANAGE_STATISTICS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LOAD AS 'MT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to perform LOAD and UNLOAD commands';
+ 'Allow grantee to perform MANAGE_LOAD operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_USERS AS 'MU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage users';
+ 'Allow grantee to perform MANAGE_USERS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DML_DELETE AS 'PD' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to delete rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_EXECUTE AS 'PE' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to execute functions';
-
--- GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_USAGE AS 'PG' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to use libraries and sequences';
-
--- GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_INSERT AS 'PI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to insert rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_REFERENCES AS 'PR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to reference columns';
+CREATE COMPONENT PRIVILEGE DML_SELECT_METADATA AS 'PM' ON SQL_OPERATIONS SYSTEM
+ DETAIL 'Allow grantee to perform DML_SELECT_METADATA operation';
--- GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO
+-- GRANT COMPONENT PRIVILEGE "DML_SELECT_METADATA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_SELECT_METADATA" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DML_SELECT AS 'PS' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to select rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_UPDATE AS 'PU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to update rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE QUERY_ACTIVATE AS 'QA' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to activate queries';
+ DETAIL 'Allow grantee to perform QUERY_ACTIVATE operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_CANCEL AS 'QC' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to cancel queries';
+ 'Allow grantee to perform QUERY_CANCEL operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_SUSPEND AS 'QS' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to suspend queries';
+ DETAIL 'Allow grantee to perform QUERY_SUSPEND operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE REGISTER_HIVE_OBJECT AS 'RH' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to register hive object in traf metadata';
-
--- GRANT COMPONENT PRIVILEGE "REGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "REGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE REMAP_USER AS 'RU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to remap DB__ users to a different external username';
-
--- GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE SHOW AS 'SW' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to view metadata information about objects';
+ 'Allow grantee to perform SHOW operation';
-- GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "PUBLIC";
GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA AS 'UA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to use non-default schemas';
-
--- GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE UNREGISTER_HIVE_OBJECT AS 'UH' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to unregister hive object from traf metadata';
-
--- GRANT COMPONENT PRIVILEGE "UNREGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "UNREGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
--- SQL operation complete.
>>
@@ -1485,108 +1339,67 @@ GRANT COMPONENT PRIVILEGE "UNREGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO
>>
>>showddl component sql_operations;
-REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL 'Component for SQL operations';
+REGISTER COMPONENT SQL_OPERATIONS SYSTEM DETAIL
+ 'System component SQL_OPERATIONS';
CREATE COMPONENT PRIVILEGE ALTER AS 'A0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter database objects';
+ 'Allow grantee to perform ALTER operation';
-- GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE ALTER_ROUTINE_ACTION AS 'AA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to alter routine actions';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE ALTER_TRIGGER AS 'AG' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter triggers';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE ALTER_SCHEMA AS 'AH' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter schemas';
+ 'Allow grantee to perform ALTER_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_LIBRARY AS 'AL' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter libraries';
+ DETAIL 'Allow grantee to perform ALTER_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_SEQUENCE AS 'AQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter sequence generators';
+ DETAIL 'Allow grantee to perform ALTER_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_SEQUENCE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_ROUTINE AS 'AR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter routines';
+ DETAIL 'Allow grantee to perform ALTER_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_TABLE AS 'AT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter tables';
+ 'Allow grantee to perform ALTER_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE ALTER_VIEW AS 'AV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to alter views';
+ 'Allow grantee to perform ALTER_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "ALTER_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE ALTER_SYNONYM AS 'AY' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to alter synonyms';
-
--- GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "ALTER_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE CREATE AS 'C0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create database objects';
+ 'Allow grantee to perform CREATE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE CREATE_ROUTINE_ACTION AS 'CA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to create routine actions';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE CREATE_CATALOG AS 'CC' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create catalogs';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_CATALOG" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE CREATE_TRIGGER AS 'CG' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create triggers';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_TRIGGER" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE CREATE_SCHEMA AS 'CH' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create schemas';
+ DETAIL 'Allow grantee to perform CREATE_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "PUBLIC";
@@ -1594,321 +1407,216 @@ GRANT COMPONENT PRIVILEGE "CREATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_INDEX AS 'CI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create indexes';
+ 'Allow grantee to perform CREATE_INDEX operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_LIBRARY AS 'CL' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create libraries';
+ DETAIL 'Allow grantee to perform CREATE_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_LIBRARY" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE COMMENT AS 'CO' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to comment on objects and columns';
+ 'Allow grantee to perform COMMENT operation';
-- GRANT COMPONENT PRIVILEGE "COMMENT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "COMMENT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_PROCEDURE AS 'CP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create procedures';
+ DETAIL 'Allow grantee to perform CREATE_PROCEDURE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_PROCEDURE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_SEQUENCE AS 'CQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create sequence generators';
+ DETAIL 'Allow grantee to perform CREATE_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_SEQUENCE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_ROUTINE AS 'CR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create routines';
+ DETAIL 'Allow grantee to perform CREATE_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_ROUTINE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_TABLE AS 'CT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create tables';
+ 'Allow grantee to perform CREATE_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE CREATE_VIEW AS 'CV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to create views';
+ 'Allow grantee to perform CREATE_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "CREATE_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE CREATE_SYNONYM AS 'CY' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to create synonyms';
-
--- GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "CREATE_SYNONYM" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE DROP AS 'D0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop database objects';
+ 'Allow grantee to perform DROP operation';
-- GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DROP_ROUTINE_ACTION AS 'DA' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop routine actions';
-
--- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_ROUTINE_ACTION" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DROP_CATALOG AS 'DC' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop catalogs';
-
--- GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_CATALOG" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DROP_TRIGGER AS 'DG' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop triggers';
-
--- GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_TRIGGER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE DROP_SCHEMA AS 'DH' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop schemas';
+ 'Allow grantee to perform DROP_SCHEMA operation';
-- GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_INDEX AS 'DI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop indexes';
+ 'Allow grantee to perform DROP_INDEX operation';
-- GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_INDEX" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_LIBRARY AS 'DL' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop libraries';
+ 'Allow grantee to perform DROP_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_PROCEDURE AS 'DP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop procedures';
+ DETAIL 'Allow grantee to perform DROP_PROCEDURE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_PROCEDURE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_SEQUENCE AS 'DQ' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to drop sequence generators';
+ DETAIL 'Allow grantee to perform DROP_SEQUENCE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_SEQUENCE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_ROUTINE AS 'DR' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop routines';
+ 'Allow grantee to perform DROP_ROUTINE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_ROUTINE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_TABLE AS 'DT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop tables';
+ 'Allow grantee to perform DROP_TABLE operation';
-- GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_TABLE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE DROP_VIEW AS 'DV' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop views';
+ 'Allow grantee to perform DROP_VIEW operation';
-- GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "DROP_VIEW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DROP_SYNONYM AS 'DY' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to drop synonyms';
-
--- GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DROP_SYNONYM" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE MANAGE AS 'M0' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage all SQL Operations';
+ 'Allow grantee to perform MANAGE operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_COMPONENTS AS 'MC' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage components';
+ DETAIL 'Allow grantee to perform MANAGE_COMPONENTS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_COMPONENTS" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LIBRARY AS 'ML' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage libraries';
+ DETAIL 'Allow grantee to perform MANAGE_LIBRARY operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_LIBRARY" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_PRIVILEGES AS 'MP' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to manage privileges on SQL objects';
+ DETAIL 'Allow grantee to perform MANAGE_PRIVILEGES operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_PRIVILEGES" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_ROLES AS 'MR' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage roles';
+ 'Allow grantee to perform MANAGE_ROLES operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_ROLES" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_STATISTICS AS 'MS' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to show and update statistics';
+ DETAIL 'Allow grantee to perform MANAGE_STATISTICS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_STATISTICS" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_LOAD AS 'MT' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to perform LOAD and UNLOAD commands';
+ 'Allow grantee to perform MANAGE_LOAD operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_LOAD" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE MANAGE_USERS AS 'MU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to manage users';
+ 'Allow grantee to perform MANAGE_USERS operation';
-- GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "MANAGE_USERS" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DML_DELETE AS 'PD' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to delete rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_DELETE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_EXECUTE AS 'PE' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to execute functions';
-
--- GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_EXECUTE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_USAGE AS 'PG' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to use libraries and sequences';
-
--- GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_USAGE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_INSERT AS 'PI' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to insert rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_INSERT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_REFERENCES AS 'PR' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to reference columns';
+CREATE COMPONENT PRIVILEGE DML_SELECT_METADATA AS 'PM' ON SQL_OPERATIONS SYSTEM
+ DETAIL 'Allow grantee to perform DML_SELECT_METADATA operation';
--- GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_REFERENCES" ON "SQL_OPERATIONS" TO
+-- GRANT COMPONENT PRIVILEGE "DML_SELECT_METADATA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
+GRANT COMPONENT PRIVILEGE "DML_SELECT_METADATA" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE DML_SELECT AS 'PS' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to select rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_SELECT" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE DML_UPDATE AS 'PU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to update rows';
-
--- GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "DML_UPDATE" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE QUERY_ACTIVATE AS 'QA' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to activate queries';
+ DETAIL 'Allow grantee to perform QUERY_ACTIVATE operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_ACTIVATE" ON "SQL_OPERATIONS" TO
"DB__ROOTROLE" WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_CANCEL AS 'QC' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to cancel queries';
+ 'Allow grantee to perform QUERY_CANCEL operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_CANCEL" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
CREATE COMPONENT PRIVILEGE QUERY_SUSPEND AS 'QS' ON SQL_OPERATIONS SYSTEM
- DETAIL 'Allow grantee to suspend queries';
+ DETAIL 'Allow grantee to perform QUERY_SUSPEND operation';
-- GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "QUERY_SUSPEND" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
WITH GRANT OPTION;
-CREATE COMPONENT PRIVILEGE REGISTER_HIVE_OBJECT AS 'RH' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to register hive object in traf metadata';
-
--- GRANT COMPONENT PRIVILEGE "REGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "REGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE REMAP_USER AS 'RU' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to remap DB__ users to a different external username';
-
--- GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "REMAP_USER" ON "SQL_OPERATIONS" TO "DB__ROOTROLE"
- WITH GRANT OPTION;
-
CREATE COMPONENT PRIVILEGE SHOW AS 'SW' ON SQL_OPERATIONS SYSTEM DETAIL
- 'Allow grantee to view metadata information about objects';
+ 'Allow grantee to perform SHOW operation';
-- GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "PUBLIC";
GRANT COMPONENT PRIVILEGE "SHOW" ON "SQL_OPERATIONS" TO "DB__ROOTROLE" WITH
GRANT OPTION;
-CREATE COMPONENT PRIVILEGE USE_ALTERNATE_SCHEMA AS 'UA' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to use non-default schemas';
-
--- GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "USE_ALTERNATE_SCHEMA" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
-CREATE COMPONENT PRIVILEGE UNREGISTER_HIVE_OBJECT AS 'UH' ON SQL_OPERATIONS
- SYSTEM DETAIL 'Allow grantee to unregister hive object from traf metadata';
-
--- GRANT COMPONENT PRIVILEGE "UNREGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO "DB__ROOT" WITH GRANT OPTION;
-GRANT COMPONENT PRIVILEGE "UNREGISTER_HIVE_OBJECT" ON "SQL_OPERATIONS" TO
- "DB__ROOTROLE" WITH GRANT OPTION;
-
--- SQL operation complete.
>>
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/regress/privs1/TEST132
----------------------------------------------------------------------
diff --git a/core/sql/regress/privs1/TEST132 b/core/sql/regress/privs1/TEST132
index 58d22b9..bc26393 100755
--- a/core/sql/regress/privs1/TEST132
+++ b/core/sql/regress/privs1/TEST132
@@ -159,7 +159,7 @@ obey TEST132(populate_index);
changeuser db__root;
obey TEST132(popindex_check_reset);
--- if user belongs to DB__ROOTROLE, has DML privileges, so can populate indexes
+-- if user belongs to DB__ROOTROLE, DB__ROOTROLE does not have DML privileges
grant role DB__ROOTROLE to sql_user2;
changeuser sql_user2;
obey TEST132(populate_index);
@@ -184,7 +184,7 @@ get tables, match 'T132%';
?section populate_index
set schema t132sch;
-populate index t132t1_ndx1 on t132t1;;
+populate index t132t1_ndx1 on t132t1;
populate index t132t2_ndx1 on t132t2;
?section popindex_check_reset
@@ -196,7 +196,7 @@ select count(*) from table (index_table t132t2_ndx1);
cleanup index t132t1_ndx1;
create index t132t1_ndx1 on t132t1 (c2) no populate;
-drop index t132t2_ndx1;
+cleanup index t132t2_ndx1;
create index t132t2_ndx1 on t132t2 (c2) no populate;
?section test_show
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/CmpSeabaseDDL.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDL.h b/core/sql/sqlcomp/CmpSeabaseDDL.h
index 6215f7d..22ee692 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDL.h
+++ b/core/sql/sqlcomp/CmpSeabaseDDL.h
@@ -1456,6 +1456,7 @@ protected:
short createPrivMgrRepos(ExeCliInterface *cliInterface, NABoolean ddlXns);
short initSeabaseAuthorization(ExeCliInterface *cliInterface,
NABoolean ddlXns,
+ NABoolean isUpgrade,
std::vector<std::string> &tablesCreated,
std::vector<std::string> &tablesUpgraded);
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/CmpSeabaseDDLauth.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLauth.h b/core/sql/sqlcomp/CmpSeabaseDDLauth.h
index 1fc6d42..fbfe354 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLauth.h
+++ b/core/sql/sqlcomp/CmpSeabaseDDLauth.h
@@ -37,6 +37,7 @@
#include "ComSmallDefs.h"
#include "PrivMgrDefs.h"
+#include "PrivMgrComponentDefs.h"
#include "NAUserId.h"
#include <vector>
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
index ae401f8..79ed311 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
@@ -7466,7 +7466,7 @@ short CmpSeabaseDDL::createPrivMgrRepos(ExeCliInterface *cliInterface,
std::vector<std::string> tablesCreated;
std::vector<std::string> tablesUpgraded;
- if (initSeabaseAuthorization(cliInterface, ddlXns,
+ if (initSeabaseAuthorization(cliInterface, ddlXns, FALSE /*isUpgrade*/,
tablesCreated, tablesUpgraded) < 0)
return -1;
@@ -7985,6 +7985,7 @@ NABoolean CmpSeabaseDDL::appendErrorObjName(char * errorObjs,
short CmpSeabaseDDL::initSeabaseAuthorization(
ExeCliInterface *cliInterface,
NABoolean ddlXns,
+ NABoolean isUpgrade,
std::vector<std::string> &tablesCreated,
std::vector<std::string> &tablesUpgraded)
{
@@ -8069,28 +8070,34 @@ short CmpSeabaseDDL::initSeabaseAuthorization(
NABoolean warnings = FALSE;
- // Adjust hive external table ownership - if someone creates external
- // tables before initializing authorization, the external schemas are
- // owned by DB__ROOT -> change to DB__HIVEROLE.
- // Also if you have initialized authorization and created external tables
- // before the fix for JIRA 1895, rerunning initialize authorization will
- // fix the metadata inconsistencies
- if (adjustHiveExternalSchemas(cliInterface) != 0)
- warnings = TRUE;
-
- // If someone initializes trafodion with library management but does not
- // initialize authorization, then the role DB__LIBMGRROLE has not been
- // granted to LIBMGR procedures. Do this now
- cliRC = existsInSeabaseMDTable(cliInterface,
- getSystemCatalog(), SEABASE_LIBMGR_SCHEMA,
- SEABASE_LIBMGR_LIBRARY,
- COM_LIBRARY_OBJECT, TRUE, FALSE);
- if (cliRC == 1) // library exists
+ // Now that initialize trafodion creates authorization tables, only need
+ // to make adjustments for existing installations.
+ if (isUpgrade)
{
- cliRC = grantLibmgrPrivs(cliInterface);
- if (cliRC == -1)
+ // Adjust hive external table ownership - if someone creates external
+ // tables before initializing authorization, the external schemas are
+ // owned by DB__ROOT -> change to DB__HIVEROLE.
+ // Also if you have initialized authorization and created external tables
+ // before the fix for JIRA 1895, rerunning initialize authorization will
+ // fix the metadata inconsistencies
+ if (adjustHiveExternalSchemas(cliInterface) != 0)
warnings = TRUE;
+
+ // If someone initializes trafodion with library management but does not
+ // initialize authorization, then the role DB__LIBMGRROLE has not been
+ // granted to LIBMGR procedures.
+ cliRC = existsInSeabaseMDTable(cliInterface,
+ getSystemCatalog(), SEABASE_LIBMGR_SCHEMA,
+ SEABASE_LIBMGR_LIBRARY,
+ COM_LIBRARY_OBJECT, TRUE, FALSE);
+ if (cliRC == 1) // library exists
+ {
+ cliRC = grantLibmgrPrivs(cliInterface);
+ if (cliRC == -1)
+ warnings = TRUE;
+ }
}
+
if (NOT ddlXns)
endXnIfStartedHere(cliInterface, xnWasStartedHere, cliRC);
@@ -8781,7 +8788,7 @@ short CmpSeabaseDDL::executeSeabaseDDL(DDLExpr * ddlExpr, ExprNode * ddlNode,
std::vector<std::string> tablesUpgraded;
// Can ignore status returned, diags area contains any unexpected errors
- initSeabaseAuthorization(&cliInterface, ddlExpr->ddlXns(),
+ initSeabaseAuthorization(&cliInterface, ddlExpr->ddlXns(), TRUE /*isUpgrade*/,
tablesCreated, tablesUpgraded);
#ifdef _DEBUG
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp b/core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp
index eb68813..b2cea77 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp
@@ -2602,7 +2602,7 @@ short CmpSeabaseMDupgrade::upgradePrivMgr (
std::vector<std::string> tablesUpgraded;
// initSeabaseAuthorization will create or upgrade PrivMgr metadata tables
- if (initSeabaseAuthorization(cliInterface, ddlXns,
+ if (initSeabaseAuthorization(cliInterface, ddlXns, TRUE /*isUpgrade*/,
tablesCreated, tablesUpgraded) < 0)
return -1;
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgr.cpp
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgr.cpp b/core/sql/sqlcomp/PrivMgr.cpp
index 679bf28..0a5f265 100644
--- a/core/sql/sqlcomp/PrivMgr.cpp
+++ b/core/sql/sqlcomp/PrivMgr.cpp
@@ -302,6 +302,27 @@ bool PrivMgr::getAuthNameFromAuthID(
}
// *****************************************************************************
+// * Function: PrivMgr::getSQLUnusedOpsCount()
+// *
+// * Returns the number of unused operations from the hard coded table
+// * in PrivMgrComponentDefs.h for the sql_operations component.
+// *
+// *****************************************************************************
+int32_t PrivMgr::getSQLUnusedOpsCount()
+{
+ int32_t numUnusedOps = 0;
+ size_t numOps = sizeof(sqlOpList)/sizeof(ComponentOpStruct);
+ for (int i = 0; i < numOps; i++)
+ {
+ const ComponentOpStruct &opDefinition = sqlOpList[i];
+ if (opDefinition.unusedOp)
+ numUnusedOps++;
+ }
+ return numUnusedOps;
+}
+
+
+// *****************************************************************************
// * *
// * Function: PrivMgr::getSQLOperationName *
// * *
@@ -592,6 +613,7 @@ const char * PrivMgr::getSQLOperationDescription(SQLOperation operation)
}
//**************** End of PrivMgr::getSQLOperationDescription ******************
+
// *****************************************************************************
// * *
// * Function: PrivMgr::isAuthIDGrantedPrivs *
@@ -860,6 +882,42 @@ bool PrivMgr::isSQLManageOperation(SQLOperation operation)
// *****************************************************************************
// * *
+// * Function: PrivMgr::isSQLManageOperation *
+// * *
+// * Determines if a SQL operation is within the list of manage operations. *
+// * *
+// *****************************************************************************
+// * *
+// * Parameters: *
+// * *
+// * <operation> SQLOperation In *
+// * is the operation. *
+// * *
+// *****************************************************************************
+// * *
+// * Returns: bool *
+// * *
+// * true: operation is a manage operation. *
+// * false: operation is not a manage operation. *
+// * *
+// *****************************************************************************
+bool PrivMgr::isSQLManageOperation(const char * operationCode)
+
+{
+ size_t numOps = sizeof(sqlOpList)/sizeof(ComponentOpStruct);
+ for (int i = 0; i < numOps; i++)
+ {
+ const ComponentOpStruct &opDefinition = sqlOpList[i];
+ if (std::string(opDefinition.operationCode) == std::string(operationCode))
+ return (PrivMgr::isSQLManageOperation((SQLOperation)opDefinition.operationID));
+ }
+ return false;
+}
+//******************* End of PrivMgr::isSQLManageOperation *********************
+
+
+// *****************************************************************************
+// * *
// * Function: PrivMgr::ObjectEnumToLit *
// * *
// * Returns the two character literal associated with the object type enum.*
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgr.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgr.h b/core/sql/sqlcomp/PrivMgr.h
index d04c410..fd6b8bd 100644
--- a/core/sql/sqlcomp/PrivMgr.h
+++ b/core/sql/sqlcomp/PrivMgr.h
@@ -28,6 +28,7 @@
#include <string>
#include <vector>
#include "PrivMgrDefs.h"
+#include "PrivMgrComponentDefs.h"
#include "ComSmallDefs.h"
#include "CmpSeabaseDDLauth.h"
@@ -103,13 +104,15 @@ class PrivMgr
const int32_t authID,
std::string &authName);
- static const char * getSQLOperationName(SQLOperation operation);
static const char * getSQLOperationCode(SQLOperation operation);
static const char * getSQLOperationDescription(SQLOperation operation);
+ static const char * getSQLOperationName(SQLOperation operation);
+ static int32_t getSQLUnusedOpsCount();
static bool isSQLAlterOperation(SQLOperation operation);
static bool isSQLCreateOperation(SQLOperation operation);
static bool isSQLDropOperation(SQLOperation operation);
static bool isSQLManageOperation(SQLOperation operation);
+ static bool isSQLManageOperation(const char * operationCode);
static const char * ObjectEnumToLit(ComObjectType objectType);
static ComObjectType ObjectLitToEnum(const char *objectLiteral);
static bool isRoleID(int_32 authID){ return CmpSeabaseDDLauth::isRoleID(authID); }
http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentDefs.h
----------------------------------------------------------------------
diff --git a/core/sql/sqlcomp/PrivMgrComponentDefs.h b/core/sql/sqlcomp/PrivMgrComponentDefs.h
index 8986dd9..c5a4289 100644
--- a/core/sql/sqlcomp/PrivMgrComponentDefs.h
+++ b/core/sql/sqlcomp/PrivMgrComponentDefs.h
@@ -53,6 +53,7 @@
// isAdminOp - grant DB__ADMIN/DB__ADMINROLE this operation
// isDMLOp - this is a DML operation
// isPublicOp - grant PUBLIC this operation
+// unusedOp - operation is not supported at this time but maybe later
struct ComponentOpStruct
{
int32_t operationID;
@@ -62,6 +63,7 @@ struct ComponentOpStruct
const bool isAdminOp;
const bool isDMLOp;
const bool isPublicOp;
+ const bool unusedOp;
};
// The ComponentListStruct describes the relationship between a component UID,
@@ -83,14 +85,10 @@ struct ComponentListStruct
// USER_COMPONENT_START_UID begins user defined components
enum ComponentOp{ INVALID_COMPONENT_UID = 0,
SQL_OPERATIONS_COMPONENT_UID = 1,
- DBMGR_COMPONENT_UID = 2,
- WMS_COMPONENT_UID = 3,
USER_COMPONENT_START_UID = 1000};
// List of components
#define SQL_OPERATIONS_NAME "SQL_OPERATIONS"
-#define DBMGR_NAME "DBMGR"
-#define WMS_NAME "WMS"
// Defines component operations for SQL_OPERATIONS:
// to add a new operation, add an entry to this list (in alphebetic order)
@@ -106,6 +104,7 @@ enum class SQLOperation {
ALTER_TABLE,
ALTER_TRIGGER,
ALTER_VIEW,
+ COMMENT,
CREATE,
CREATE_CATALOG,
CREATE_INDEX,
@@ -147,7 +146,6 @@ enum class SQLOperation {
MANAGE_PRIVILEGES,
MANAGE_ROLES,
MANAGE_STATISTICS,
- MANAGE_TENANTS,
MANAGE_USERS,
QUERY_ACTIVATE,
QUERY_CANCEL,
@@ -171,114 +169,78 @@ enum class SQLOperation {
// recommend that PUBLIC granted only a small subset of privileges
static const ComponentOpStruct sqlOpList[] =
{
- {(int32_t)SQLOperation::ALTER, "A0","ALTER",true,true,false,false},
- {(int32_t)SQLOperation::ALTER_LIBRARY, "AL","ALTER_LIBRARY",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_ROUTINE, "AR","ALTER_ROUTINE",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_ROUTINE_ACTION,"AA","ALTER_ROUTINE_ACTION",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_SCHEMA, "AH","ALTER_SCHEMA",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_SEQUENCE, "AQ","ALTER_SEQUENCE",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_SYNONYM, "AY","ALTER_SYNONYM",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_TABLE, "AT","ALTER_TABLE",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_TRIGGER, "AG","ALTER_TRIGGER",true,false,false,false},
- {(int32_t)SQLOperation::ALTER_VIEW, "AV","ALTER_VIEW",true,false,false,false},
-
- {(int32_t)SQLOperation::CREATE, "C0","CREATE",true,true,false,false },
- {(int32_t)SQLOperation::CREATE_CATALOG, "CC","CREATE_CATALOG",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_INDEX, "CI","CREATE_INDEX",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_LIBRARY, "CL","CREATE_LIBRARY",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_PROCEDURE, "CP","CREATE_PROCEDURE",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_ROUTINE, "CR","CREATE_ROUTINE",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_ROUTINE_ACTION,"CA","CREATE_ROUTINE_ACTION",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_SCHEMA, "CH","CREATE_SCHEMA",true,false,false,true},
- {(int32_t)SQLOperation::CREATE_SEQUENCE, "CQ","CREATE_SEQUENCE",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_SYNONYM, "CY","CREATE_SYNONYM",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_TABLE, "CT","CREATE_TABLE",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_TRIGGER, "CG","CREATE_TRIGGER",true,false,false,false},
- {(int32_t)SQLOperation::CREATE_VIEW, "CV","CREATE_VIEW",true,false,false,false},
-
- {(int32_t)SQLOperation::DML_DELETE, "PD","DML_DELETE",false,false,true,false},
- {(int32_t)SQLOperation::DML_EXECUTE, "PE","DML_EXECUTE",false,false,true,false},
- {(int32_t)SQLOperation::DML_INSERT, "PI","DML_INSERT",false,false,true,false},
- {(int32_t)SQLOperation::DML_REFERENCES, "PR","DML_REFERENCES",false,false,true,false},
- {(int32_t)SQLOperation::DML_SELECT, "PS","DML_SELECT",false,false,true,false},
- {(int32_t)SQLOperation::DML_SELECT_METADATA,"PM","DML_SELECT_METADATA",true,true,true,false},
- {(int32_t)SQLOperation::DML_UPDATE, "PU","DML_UPDATE",false,false,true,false},
- {(int32_t)SQLOperation::DML_USAGE, "PG","DML_USAGE",false,false,true,false},
-
- {(int32_t)SQLOperation::DROP, "D0","DROP",true,true,false,false },
- {(int32_t)SQLOperation::DROP_CATALOG, "DC","DROP_CATALOG",true,false,false,false},
- {(int32_t)SQLOperation::DROP_INDEX, "DI","DROP_INDEX",true,false,false,false},
- {(int32_t)SQLOperation::DROP_LIBRARY, "DL","DROP_LIBRARY",true,false,false,false},
- {(int32_t)SQLOperation::DROP_PROCEDURE, "DP","DROP_PROCEDURE",true,false,false,false},
- {(int32_t)SQLOperation::DROP_ROUTINE, "DR","DROP_ROUTINE",true,false,false,false},
- {(int32_t)SQLOperation::DROP_ROUTINE_ACTION,"DA","DROP_ROUTINE_ACTION",true,false,false,false},
- {(int32_t)SQLOperation::DROP_SCHEMA, "DH","DROP_SCHEMA",true,false,false,false},
- {(int32_t)SQLOperation::DROP_SEQUENCE, "DQ","DROP_SEQUENCE",true,false,false,false},
- {(int32_t)SQLOperation::DROP_SYNONYM, "DY","DROP_SYNONYM",true,false,false,false},
- {(int32_t)SQLOperation::DROP_TABLE, "DT","DROP_TABLE",true,false,false,false},
- {(int32_t)SQLOperation::DROP_TRIGGER, "DG","DROP_TRIGGER",true,false,false,false},
- {(int32_t)SQLOperation::DROP_VIEW, "DV","DROP_VIEW",true,false,false,false},
-
- {(int32_t)SQLOperation::MANAGE, "M0","MANAGE",true,true,false,false},
- {(int32_t)SQLOperation::MANAGE_COMPONENTS, "MC","MANAGE_COMPONENTS",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_LIBRARY, "ML","MANAGE_LIBRARY",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_LOAD, "MT","MANAGE_LOAD",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_PRIVILEGES, "MP","MANAGE_PRIVILEGES",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_ROLES, "MR","MANAGE_ROLES",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_STATISTICS, "MS","MANAGE_STATISTICS",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_TENANTS, "MX","MANAGE_TENANTS",true,false,false,false},
- {(int32_t)SQLOperation::MANAGE_USERS, "MU","MANAGE_USERS",true,false,false,false},
-
- {(int32_t)SQLOperation::QUERY_ACTIVATE, "QA","QUERY_ACTIVATE",true,true,false,false},
- {(int32_t)SQLOperation::QUERY_CANCEL, "QC","QUERY_CANCEL",true,true,false,false},
- {(int32_t)SQLOperation::QUERY_SUSPEND, "QS","QUERY_SUSPEND",true,true,false,false},
- {(int32_t)SQLOperation::REGISTER_HIVE_OBJECT, "RH","REGISTER_HIVE_OBJECT",true,true,false,false},
-
- {(int32_t)SQLOperation::REMAP_USER, "RU","REMAP_USER",true,true,false,false},
- {(int32_t)SQLOperation::SHOW, "SW","SHOW",true,true,false,false},
- {(int32_t)SQLOperation::UNREGISTER_HIVE_OBJECT, "UH","UNREGISTER_HIVE_OBJECT",true,true,false,false},
- {(int32_t)SQLOperation::USE_ALTERNATE_SCHEMA, "UA","USE_ALTERNATE_SCHEMA",true,true,false,false}
-};
-
-// Defines the component operations for DBMGR:
-// add an entry to this list for new DBMGR operations(in alphabetic order)
-// and to the corresponding dbmgrOpList
-enum class DBMGROperation {
- MANAGE_ALERTS = 2,
- MANAGE_SESSIONS,
- SHOW_ACTIVE_QUERIES,
- SHOW_EVENT_LOGS,
- SHOW_REPOS_QUERIES
+ {(int32_t)SQLOperation::ALTER, "A0","ALTER",true,true,false,false,false},
+ {(int32_t)SQLOperation::ALTER_LIBRARY, "AL","ALTER_LIBRARY",true,false,false,false,false},
+ {(int32_t)SQLOperation::ALTER_ROUTINE, "AR","ALTER_ROUTINE",true,false,false,false,false},
+ {(int32_t)SQLOperation::ALTER_ROUTINE_ACTION,"AA","ALTER_ROUTINE_ACTION",true,false,false,false,true},
+ {(int32_t)SQLOperation::ALTER_SCHEMA, "AH","ALTER_SCHEMA",true,false,false,false,false},
+ {(int32_t)SQLOperation::ALTER_SEQUENCE, "AQ","ALTER_SEQUENCE",true,false,false,false,false},
+ {(int32_t)SQLOperation::ALTER_SYNONYM, "AY","ALTER_SYNONYM",true,false,false,false,true},
+ {(int32_t)SQLOperation::ALTER_TABLE, "AT","ALTER_TABLE",true,false,false,false,false},
+ {(int32_t)SQLOperation::ALTER_TRIGGER, "AG","ALTER_TRIGGER",true,false,false,false,true},
+ {(int32_t)SQLOperation::ALTER_VIEW, "AV","ALTER_VIEW",true,false,false,false,false},
+
+ {(int32_t)SQLOperation::COMMENT, "CO","COMMENT",true,true,false,false,false},
+
+ {(int32_t)SQLOperation::CREATE, "C0","CREATE",true,true,false,false,false },
+ {(int32_t)SQLOperation::CREATE_CATALOG, "CC","CREATE_CATALOG",true,false,false,false,true},
+ {(int32_t)SQLOperation::CREATE_INDEX, "CI","CREATE_INDEX",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_LIBRARY, "CL","CREATE_LIBRARY",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_PROCEDURE, "CP","CREATE_PROCEDURE",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_ROUTINE, "CR","CREATE_ROUTINE",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_ROUTINE_ACTION,"CA","CREATE_ROUTINE_ACTION",true,false,false,false,true},
+ {(int32_t)SQLOperation::CREATE_SCHEMA, "CH","CREATE_SCHEMA",true,false,false,true,false},
+ {(int32_t)SQLOperation::CREATE_SEQUENCE, "CQ","CREATE_SEQUENCE",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_SYNONYM, "CY","CREATE_SYNONYM",true,false,false,false,true},
+ {(int32_t)SQLOperation::CREATE_TABLE, "CT","CREATE_TABLE",true,false,false,false,false},
+ {(int32_t)SQLOperation::CREATE_TRIGGER, "CG","CREATE_TRIGGER",true,false,false,false,true},
+ {(int32_t)SQLOperation::CREATE_VIEW, "CV","CREATE_VIEW",true,false,false,false,false},
+
+ {(int32_t)SQLOperation::DML_DELETE, "PD","DML_DELETE",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_EXECUTE, "PE","DML_EXECUTE",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_INSERT, "PI","DML_INSERT",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_REFERENCES, "PR","DML_REFERENCES",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_SELECT, "PS","DML_SELECT",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_SELECT_METADATA,"PM","DML_SELECT_METADATA",true,true,true,false,false},
+ {(int32_t)SQLOperation::DML_UPDATE, "PU","DML_UPDATE",false,false,true,false,true},
+ {(int32_t)SQLOperation::DML_USAGE, "PG","DML_USAGE",false,false,true,false,true},
+
+ {(int32_t)SQLOperation::DROP, "D0","DROP",true,true,false,false,false},
+ {(int32_t)SQLOperation::DROP_CATALOG, "DC","DROP_CATALOG",true,false,false,false,true},
+ {(int32_t)SQLOperation::DROP_INDEX, "DI","DROP_INDEX",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_LIBRARY, "DL","DROP_LIBRARY",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_PROCEDURE, "DP","DROP_PROCEDURE",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_ROUTINE, "DR","DROP_ROUTINE",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_ROUTINE_ACTION,"DA","DROP_ROUTINE_ACTION",true,false,false,false,true},
+ {(int32_t)SQLOperation::DROP_SCHEMA, "DH","DROP_SCHEMA",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_SEQUENCE, "DQ","DROP_SEQUENCE",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_SYNONYM, "DY","DROP_SYNONYM",true,false,false,false,true},
+ {(int32_t)SQLOperation::DROP_TABLE, "DT","DROP_TABLE",true,false,false,false,false},
+ {(int32_t)SQLOperation::DROP_TRIGGER, "DG","DROP_TRIGGER",true,false,false,false,true},
+ {(int32_t)SQLOperation::DROP_VIEW, "DV","DROP_VIEW",true,false,false,false,false},
+
+ {(int32_t)SQLOperation::MANAGE, "M0","MANAGE",true,true,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_COMPONENTS, "MC","MANAGE_COMPONENTS",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_LIBRARY, "ML","MANAGE_LIBRARY",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_LOAD, "MT","MANAGE_LOAD",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_PRIVILEGES, "MP","MANAGE_PRIVILEGES",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_ROLES, "MR","MANAGE_ROLES",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_STATISTICS, "MS","MANAGE_STATISTICS",true,false,false,false,false},
+ {(int32_t)SQLOperation::MANAGE_USERS, "MU","MANAGE_USERS",true,false,false,false,false},
+
+ {(int32_t)SQLOperation::QUERY_ACTIVATE, "QA","QUERY_ACTIVATE",true,true,false,false,false},
+ {(int32_t)SQLOperation::QUERY_CANCEL, "QC","QUERY_CANCEL",true,true,false,false,false},
+ {(int32_t)SQLOperation::QUERY_SUSPEND, "QS","QUERY_SUSPEND",true,true,false,false,false},
+ {(int32_t)SQLOperation::REGISTER_HIVE_OBJECT, "RH","REGISTER_HIVE_OBJECT",true,true,false,false,true},
+
+ {(int32_t)SQLOperation::REMAP_USER, "RU","REMAP_USER",true,true,false,false,true},
+ {(int32_t)SQLOperation::SHOW, "SW","SHOW",true,true,false,true,false},
+ {(int32_t)SQLOperation::UNREGISTER_HIVE_OBJECT, "UH","UNREGISTER_HIVE_OBJECT",true,true,false,false,true},
+ {(int32_t)SQLOperation::USE_ALTERNATE_SCHEMA, "UA","USE_ALTERNATE_SCHEMA",true,true,false,false,true}
};
-// Assign initial privileges for DBMGROperation (based on ComponentOpStruct):
-static const ComponentOpStruct dbmgrOpList[] =
-{
- {(int32_t)DBMGROperation::MANAGE_ALERTS, "MA","MANAGE_ALERTS",true,true,false,false},
- {(int32_t)DBMGROperation::MANAGE_SESSIONS, "MS","MANAGE_SESSIONS",true,true,false,false},
- {(int32_t)DBMGROperation::SHOW_ACTIVE_QUERIES, "AQ","SHOW_ACTIVE_QUERIES",true,true,false,false},
- {(int32_t)DBMGROperation::SHOW_EVENT_LOGS, "EL","SHOW_EVENT_LOGS",true,true,false,false},
- {(int32_t)DBMGROperation::SHOW_REPOS_QUERIES, "RQ","SHOW_REPOS_QUERIES",true,true,false,false}
-};
-
-// Defines the component operations for WMS:
-// add an entry to this list for new WMS operations (in alphabetic order)
-// and to the corresponding wmsOpList
-enum class WMSOperation {
- MANAGE_WMS = 2
-};
-
-// Assign initial privileges for DBMGROperation (based on ComponentOpStruct):
-static const ComponentOpStruct wmsOpList[] =
-{
- {(int32_t)WMSOperation::MANAGE_WMS, "MW","MANAGE_WMS",true,true,false,false},
-};
-
-
// List of components
static const ComponentListStruct componentList[]
-{ { (int64_t)SQL_OPERATIONS_COMPONENT_UID, SQL_OPERATIONS_NAME, sizeof(sqlOpList)/sizeof(ComponentOpStruct), (ComponentOpStruct *)&sqlOpList },
- { (int64_t)DBMGR_COMPONENT_UID, DBMGR_NAME, sizeof(dbmgrOpList)/sizeof(ComponentOpStruct), (ComponentOpStruct *)&dbmgrOpList },
- { (int64_t)WMS_COMPONENT_UID, WMS_NAME, sizeof(wmsOpList)/sizeof(ComponentOpStruct), (ComponentOpStruct *)&wmsOpList } };
+{ { (int64_t)SQL_OPERATIONS_COMPONENT_UID, SQL_OPERATIONS_NAME, sizeof(sqlOpList)/sizeof(ComponentOpStruct), (ComponentOpStruct *)&sqlOpList } };
#endif