You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Dag H. Wanvik (JIRA)" <ji...@apache.org> on 2008/05/06 17:46:57 UTC
[jira] Created: (DERBY-3666) Make role descriptor a dependency
Provider
Make role descriptor a dependency Provider
------------------------------------------
Key: DERBY-3666
URL: https://issues.apache.org/jira/browse/DERBY-3666
Project: Derby
Issue Type: Sub-task
Components: Security, SQL
Reporter: Dag H. Wanvik
Since dropping roles and revoking role grants (and setting the current
role) can effect dependent objects, we need to track such
dependencies. Derby already has a system for this, so we make the role
descriptor as Provider in that system. This allows us to track
dependencies that view, constraints and triggers may have on roles, as well
prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik closed DERBY-3666.
--------------------------------
Resolution: Fixed
Fix Version/s: 10.5.0.0
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Fix For: 10.5.0.0
>
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Rick Hillegas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12596803#action_12596803 ]
Rick Hillegas commented on DERBY-3666:
--------------------------------------
Thanks for the patch, Dag. It looks good to me. I have a couple comments:
RoleDescriptor.getObjectName()
The string returned by this method can appear inside a localizable
exception thrown by GenericLanguageConnectionContext. So I think it
would be better if this method returned something without hard-coded
English bits. I realize that the corresponding method in RoutinePermisionsDescriptor
hard-codes English text too--I think that's a bad model.
RoleDescriptor vs. RoleGrantDescriptor
I wonder whether we are going to be confused in the future about the
name of this class. "RoleDescriptor" seems like a good name for a
collection of privileges which have been packaged up as a Role. This
class doesn't seem to be a collection. Instead, it seems to describe
a single arc in the Grant Graph. Might "RoleGrantDescriptor" be a
better name for this class? I realize that a similar question could be
asked about PermissionsDescriptor. I think that the distinction
between a Permission and a PermissionGrant is a little muddy and may
not be providing a good model here.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: derby-3666-1.diff
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Derby Info: (was: [Patch Available])
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12599414#action_12599414 ]
Dag H. Wanvik commented on DERBY-3666:
--------------------------------------
I made a patch to address your comments, Rick, but the renaming
you suggested, RoleDescriptor to RoleGrantDescriptor, turned out to
create some volume which makes the intent of the patch harder to see, so
I will do that in a separate patch. So the first patch will just include
the basic functionality plus your point a), then the subsequent patch will address
your point b).
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Derby Info: [Patch Available]
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: (was: derby-3666-1.diff)
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: derby-3666-1.diff
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: derby-3666-2.stat
derby-3666-2.diff
Uploading derby-3666-2. It is the same as version 1, except I have changed the text of RoleDescriptor.getObjectName to only use the appropriate SQL keywords (in caps), so that way there should not be a localization issue for the inlined strings.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik reassigned DERBY-3666:
------------------------------------
Assignee: Dag H. Wanvik
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12599644#action_12599644 ]
Dag H. Wanvik commented on DERBY-3666:
--------------------------------------
Rick, I have made a patch which addresses your renaming suggestion
as DERBY-3137-rename; I felt it belonged there rather than in this issue.
If you concur I can close this issue.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12599582#action_12599582 ]
Dag H. Wanvik commented on DERBY-3666:
--------------------------------------
derby-3666-2 committed as svn 659805.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Description:
Since dropping roles and revoking role grants (and setting the current
role) can effect dependent objects, we need to track such
dependencies. Derby already has a system for this, so we make the role
descriptor as Provider in that system. This allows us to track
dependencies that view, constraints and triggers, as well
prepared statements and/or activations, may have on roles.
was:
Since dropping roles and revoking role grants (and setting the current
role) can effect dependent objects, we need to track such
dependencies. Derby already has a system for this, so we make the role
descriptor as Provider in that system. This allows us to track
dependencies that view, constraints and triggers may have on roles, as well
prepared statements and/or activations.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Rick Hillegas (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12600232#action_12600232 ]
Rick Hillegas commented on DERBY-3666:
--------------------------------------
Hi Dag. The renaming patch looks good to me and derby-3137 seems like a fine place for it. Cheers-Rick
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat, derby-3666-2.diff, derby-3666-2.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: (was: derby-3666-1.diff)
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12597103#action_12597103 ]
Dag H. Wanvik commented on DERBY-3666:
--------------------------------------
Thanks for reviewing this patch, Rick!
a) RoleDescriptor.getObjectName: I agree.
b) RoleDescriptor vs. RoleGrantDescriptor : I agree this can be a bit
confusing. SQL models a role creation as a grant, too (grantor:
_SYSTEM), which is reflected in the implementation. In some contexts,
especially if we later want to implement the full standard for roles
(non-dbo can define a role, WITH ADMIN option, grantor specification),
it will be useful to view the descriptor as a grant, other times as
the role definition. But in any case, since all SYSROLES rows are
representable with the current RoleDescriptor, RoleGrantDescriptor
would just as suitable as a name. Let me think about this one; right
now I favor your suggestion.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers, as well
> prepared statements and/or activations, may have on roles.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3666) Make role descriptor a dependency
Provider
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3666?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dag H. Wanvik updated DERBY-3666:
---------------------------------
Attachment: derby-3666-1.stat
derby-3666-1.diff
Patch derby-3666-1 makes the role descriptor a dependency Provider.
Regression tests ran OK.
Detailed patch comments:
M java/engine/org/apache/derby/iapi/sql/dictionary/RoleDescriptor.java
This change makes the role (or technically, the role descriptor, as
stored in SYS.SYSROLES) a Derby Provider by having RoleDescriptor
implement the Provider interface. That is, other Derby objects can
register dependencies against role grants (role definitions are also
technically a grant) and get invalidation actions performed, for
example when a role is dropped, when a session's current role is
changed, or when a role grant is revoked. The role as provider is
persistent, since it is stored in SYS.SYSROLES. Being a persistent
provider relies on the UUID of the role descriptor (we introduced an
UUID earlier for this purpose, see DERBY-3137-uuid*). Dependents can
be in-memory (e.g prepared statements or maybe activations,
cf. discussion in DERBY-2207 with Dan) or persistent (views,
constraints, triggers).
M java/engine/org/apache/derby/catalog/Dependable.java
Adds role grant to the universe of known dependables (a Provider is a
Dependable, which is a super-interface for Providers and Dependents).
M java/engine/org/apache/derby/iapi/services/io/RegisteredFormatIds.java
M java/engine/org/apache/derby/iapi/services/io/StoredFormatIds.java
Registering a format id for role grant formatable, to be handled by
the class CoreDDFinderClassInfo.
M java/engine/org/apache/derby/iapi/sql/depend/DependencyManager.java
Adds a new "REVOKE ROLE" action to handle invalidation when a role
grant is revoke or a role is dropped.
M java/engine/org/apache/derby/impl/sql/depend/BasicDependencyManager.java
Adds an entry to getActionString for the "REVOKE ROLE" action.
M java/engine/org/apache/derby/impl/sql/catalog/DDdependableFinder.java
Extends this to handle role grant.
M java/engine/org/apache/derby/impl/sql/catalog/CoreDDFinderClassInfo.java
Specifies that DDdependableFinder is to be used for role grant.
In the experimental patch in DERBY-3223,
DDdependableFinder#findDependable is never called for role grants,
since role grants do no rely on other objects, only vice versa. I
added the code to CoreDDFinderClassInfo and DDdependableFinder for
completeness anyway, since, as a Provider it is a dependable. If
someone thinks this is the wrong decision, I can backtrack it.
> Make role descriptor a dependency Provider
> ------------------------------------------
>
> Key: DERBY-3666
> URL: https://issues.apache.org/jira/browse/DERBY-3666
> Project: Derby
> Issue Type: Sub-task
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Attachments: derby-3666-1.diff, derby-3666-1.stat
>
>
> Since dropping roles and revoking role grants (and setting the current
> role) can effect dependent objects, we need to track such
> dependencies. Derby already has a system for this, so we make the role
> descriptor as Provider in that system. This allows us to track
> dependencies that view, constraints and triggers may have on roles, as well
> prepared statements and/or activations.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.