You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-commits@db.apache.org by da...@apache.org on 2008/10/15 03:02:46 UTC
svn commit: r704754 - in /db/derby/code/trunk/java:
engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java
testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java
Author: dag
Date: Tue Oct 14 18:02:46 2008
New Revision: 704754
URL: http://svn.apache.org/viewvc?rev=704754&view=rev
Log:
DERBY-3137 SQL roles: add catalog support
Patch DERBY-3137-setRoleNoDynamicNone, which forbids use of "NONE" as an identifier to
a dynamic SET ROLE statement, unless delimited.
Modified:
db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java
db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java
Modified: db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java?rev=704754&r1=704753&r2=704754&view=diff
==============================================================================
--- db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java (original)
+++ db/derby/code/trunk/java/engine/org/apache/derby/impl/sql/execute/SetRoleConstantAction.java Tue Oct 14 18:02:46 2008
@@ -35,6 +35,7 @@
import org.apache.derby.iapi.reference.SQLState;
import org.apache.derby.iapi.store.access.TransactionController;
import org.apache.derby.iapi.util.IdUtil;
+import org.apache.derby.iapi.util.StringUtil;
/**
* This class describes actions that are ALWAYS performed for a
@@ -126,7 +127,17 @@
thisRoleName = thisRoleName.trim();
+ // NONE is a special case and is not allowed with its special
+ // meaning in SET ROLE ?. Even if there is a role with case normal
+ // form "NONE", we require it to be delimited here, since it would
+ // have had to be delimited to get created, too. We could have
+ // chosen to be lenient here, but it seems safer to be restrictive.
+ if (StringUtil.SQLToUpperCase(thisRoleName).equals("NONE")) {
+ throw StandardException.newException(SQLState.ID_PARSE_ERROR);
+ }
+
thisRoleName = IdUtil.parseSQLIdentifier(thisRoleName);
+
}
RoleGrantDescriptor rdDef = null;
Modified: db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java
URL: http://svn.apache.org/viewvc/db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java?rev=704754&r1=704753&r2=704754&view=diff
==============================================================================
--- db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java (original)
+++ db/derby/code/trunk/java/testing/org/apache/derbyTesting/functionTests/tests/lang/RolesTest.java Tue Oct 14 18:02:46 2008
@@ -1047,7 +1047,7 @@
int rowcnt = pstmt.executeUpdate();
fail("Expected syntax error on identifier");
} catch (SQLException e) {
- assertSQLState(idParseError ,e);
+ assertSQLState(idParseError, e);
}
try {
@@ -1055,7 +1055,7 @@
int rowcnt = pstmt.executeUpdate();
fail("Expected syntax error on identifier");
} catch (SQLException e) {
- assertSQLState(idParseError ,e);
+ assertSQLState(idParseError, e);
}
@@ -1066,12 +1066,20 @@
try {
pstmt.setString(1, "NONE");
int rowcnt = pstmt.executeUpdate();
+ fail("NONE should not be allowed as a dynamic parameter");
+ } catch (SQLException e) {
+ assertSQLState(idParseError, e);
+ }
+
+ try {
+ pstmt.setString(1, "\"NONE\"");
+ int rowcnt = pstmt.executeUpdate();
assertEquals("rowcount from set role ? not 0", rowcnt, 0);
ResultSet rs = doQuery("values current_role", n_a, null , n_a );
assertRoleInRs(rs, "\"NONE\"", n_a);
rs.close();
} catch (SQLException e) {
- fail("execute of set role ? failed: [NONE] " + e, e);
+ fail("execute of set role ? failed: [\"NONE\"] " + e, e);
}
}