You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Mamta A. Satoor (JIRA)" <de...@db.apache.org> on 2006/09/19 07:49:23 UTC

[jira] Commented: (DERBY-1858) A schema can be dropped by a non-schema owner in SQL authorization mode

    [ http://issues.apache.org/jira/browse/DERBY-1858?page=comments#action_12435671 ] 
            
Mamta A. Satoor commented on DERBY-1858:
----------------------------------------

Yip, I did a review of the attached package and following couple questions/comments.

1)I had question about changes to DropSchemaNode. I realize that my question here is related to pre-existing logic that you needed to extend for drop schema. But I wondered why for table privilege, we push the privilege requirement(select/trigger/update etc) by calling CompilerContext.pushCurrentPrivType and use that to determine what kind of privilege is required for the table in CompilerContextImpl.addRequiredTablePriv method. But for privilege requirement for schemas, we pass the privilege type to CompilerContextImpl.addRequiredSchemaPriv rather than pushing it onto CompilerContext and then popping it back from there at the right time. I should have asked this question when the code was originally checked in for CreateSchemaNode. This is not a biggie, just a curiosity question.

2)In Authorizer.java, there is a constant called PRIV_TYPE_COUNT which has a value of 7. With the patch attached to this Jira entry, we have added 1 more privilege type. Do we need to change PRIV_TYPE_COUNT? May be the purpose of PRIV_TYPE_COUNT is to track only table and routine level privilege types and that is why we didn't need to modify it for this patch.

3)Can we have some positive test cases for drop schema in grantRevokeDDL2.sql showing that a database owner or schema owner can successfully drop the schema?

Other than that, the changes look pretty good to me. Thanks, Yip.

> A schema can be dropped by a non-schema owner in SQL authorization mode
> -----------------------------------------------------------------------
>
>                 Key: DERBY-1858
>                 URL: http://issues.apache.org/jira/browse/DERBY-1858
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.2.1.0, 10.2.2.0, 10.3.0.0
>         Environment: Any
>            Reporter: Yip Ng
>         Assigned To: Yip Ng
>             Fix For: 10.2.1.0
>
>         Attachments: derby1858-trunk-diff01.txt, derby1858-trunk-stat01.txt
>
>
> drop schema user2 restrict should fail since user3 does not own the schema user2.
> ij version 10.3
> ij> connect 'wombat;create=true' user 'user1' as user1;
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij> connect 'wombat;create=true' user 'user2' as user2;
> WARNING 01J01: Database 'wombat' not created, connection made to existing database instead.
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij(USER2)> create schema user2;
> 0 rows inserted/updated/deleted
> ij(USER2)> connect 'wombat;create=true' user 'user3' as user3;
> WARNING 01J01: Database 'wombat' not created, connection made to existing database instead.
> WARNING 01J14: SQL authorization is being used without first enabling authentication.
> ij(USER3)> drop schema user2 restrict;
> 0 rows inserted/updated/deleted
> sysinfo:
> ------------------ Java Information ------------------
> Java Version:    1.4.2_12
> Java Vendor:     Sun Microsystems Inc.
> Java home:       c:\jdk142\jre
> Java classpath:  classes;.
> OS name:         Windows XP
> OS architecture: x86
> OS version:      5.1
> Java user name:  Yip
> Java user home:  C:\Documents and Settings\Yip
> Java user dir:   C:\work3\derby\trunk
> java.specification.name: Java Platform API Specification
> java.specification.version: 1.4
> --------- Derby Information --------
> JRE - JDBC: J2SE 1.4.2 - JDBC 3.0
> [C:\work3\derby\trunk\classes] 10.3.0.0 alpha - (446666)
> ------------------------------------------------------
> ----------------- Locale Information -----------------
> Current Locale :  [English/United States [en_US]]
> Found support for locale: [de_DE]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [es]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [fr]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [it]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [ja_JP]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [ko_KR]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [pt_BR]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [zh_CN]
>          version: 10.3.0.0 alpha - (446666)
> Found support for locale: [zh_TW]
>          version: 10.3.0.0 alpha - (446666)
> ------------------------------------------------------

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira