You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2013/11/08 14:35:18 UTC
[jira] [Updated] (DERBY-6411) Minimal select privilege should be
checked in subqueries
[ https://issues.apache.org/jira/browse/DERBY-6411?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Knut Anders Hatlen updated DERBY-6411:
--------------------------------------
Attachment: d6411-1a.diff
The attached patch (d6411-1a.diff) attempts to fix this problem by moving the privilege collection from CursorNode, which only represents top-level queries, to FromList, which is used by both top-level SELECT statements and subqueries.
The patch makes the following changes:
{{java/engine/org/apache/derby/impl/sql/compile/FromList.java}}:
* When the FromList is being bound, register which tables need a minimal select privilege. Only do this if the FromList is part of a SELECT statement, which is checked by calling {{FromTable.forUpdate()}}.
{{java/engine/org/apache/derby/impl/sql/compile/CursorNode.java}}:
* Remove the MIN_SELECT_PRIV privilege collection, since that's now performed on a lower level (in FromList).
* Create a separate method for the automatic index statistics update machinery, which previously had piggybacked on the now removed privilege collection code.
{{java/engine/org/apache/derby/impl/sql/compile/QueryTreeNode.java}}:
* Reduce visibility of a flag used by the privilege collection code in FromList. Non-essential change.
{{java/engine/org/apache/derby/impl/sql/compile/CompilerContextImpl.java}}:
* Non-essential changes/optimizations in {{addRequiredColumnPriv()}} and {{addRequiredTablePriv()}}:
** Simplify HashMap access:
*** Use {{HashMap.containsKey()}} instead of checking if {{HashMap.get()}} returns null.
*** Remove redundant checking of a key's existence before calling {{HashMap.remove()}}.
** Skip adding SELECT_MIN_PRIV if we've already added a table-level SELECT_PRIV on the same table (for symmetry, since we already have code to remove existing SELECT_MIN_PRIV if we later add SELECT_PRIV on the same table).
{{java/testing/org/apache/derbyTesting/functionTests/tests/lang/GrantRevokeDDLTest.java}}:
* Add more test cases to the existing test for DERBY-4191 to verify that minimum select privileges are checked in subqueries.
All regression tests ran cleanly with the patch.
> Minimal select privilege should be checked in subqueries
> --------------------------------------------------------
>
> Key: DERBY-6411
> URL: https://issues.apache.org/jira/browse/DERBY-6411
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.10.1.1
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Attachments: d6411-1a.diff
>
>
> DERBY-4191 added checks for minimal select privilege in cases where a SELECT query didn't access any actual column in the base table, such as SELECT COUNT(*) FROM USER1.T and SELECT 1 FROM USER1.T. That privilege checking is only done for top-level SELECT statements. It should also be done for subqueries.
> Examples of queries where Derby does not currently check for minimal select privileges on the accessed tables (performed as USER2, which has no privileges on any of USER1's tables):
> SELECT * FROM (SELECT COUNT(*) FROM USER1.T) S
> SELECT 1 FROM USER1.T UNION SELECT 2 FROM USER1.T
> INSERT INTO USER2.T SELECT 1 FROM USER1.T
> I believe that the above statements should have failed, but currently they succeed.
--
This message was sent by Atlassian JIRA
(v6.1#6144)