Example 1 with PrivilegedSQLObject
use of org.apache.derby.iapi.sql.dictionary.PrivilegedSQLObject in project derby by apache.
the class PermissionsCacheable method setIdentity.
/* Cacheable interface */
public Cacheable setIdentity(Object key) throws StandardException {
// to access that column subset.
if (key instanceof TablePermsDescriptor) {
TablePermsDescriptor tablePermsKey = (TablePermsDescriptor) key;
permissions = dd.getUncachedTablePermsDescriptor(tablePermsKey);
if (permissions == null) {
// The owner has all privileges unless they have been revoked.
TableDescriptor td = dd.getTableDescriptor(tablePermsKey.getTableUUID());
SchemaDescriptor sd = td.getSchemaDescriptor();
if (sd.isSystemSchema()) {
// RESOLVE The access to system tables is hard coded to SELECT only to everyone.
// Is this the way we want Derby to work? Should we allow revocation of read access
// to system tables? If so we must explicitly add a row to the SYS.SYSTABLEPERMISSIONS
// table for each system table when a database is created.
permissions = new TablePermsDescriptor(dd, tablePermsKey.getGrantee(), (String) null, tablePermsKey.getTableUUID(), "Y", "N", "N", "N", "N", "N");
// give the permission the same UUID as the system table
((TablePermsDescriptor) permissions).setUUID(tablePermsKey.getTableUUID());
} else if (tablePermsKey.getGrantee().equals(sd.getAuthorizationId())) {
permissions = new TablePermsDescriptor(dd, tablePermsKey.getGrantee(), Authorizer.SYSTEM_AUTHORIZATION_ID, tablePermsKey.getTableUUID(), "Y", "Y", "Y", "Y", "Y", "Y");
} else {
permissions = new TablePermsDescriptor(dd, tablePermsKey.getGrantee(), (String) null, tablePermsKey.getTableUUID(), "N", "N", "N", "N", "N", "N");
}
}
} else if (key instanceof ColPermsDescriptor) {
ColPermsDescriptor colPermsKey = (ColPermsDescriptor) key;
permissions = dd.getUncachedColPermsDescriptor(colPermsKey);
if (permissions == null)
permissions = new ColPermsDescriptor(dd, colPermsKey.getGrantee(), (String) null, colPermsKey.getTableUUID(), colPermsKey.getType(), (FormatableBitSet) null);
} else if (key instanceof RoutinePermsDescriptor) {
RoutinePermsDescriptor routinePermsKey = (RoutinePermsDescriptor) key;
permissions = dd.getUncachedRoutinePermsDescriptor(routinePermsKey);
if (permissions == null) {
// The owner has all privileges unless they have been revoked.
try {
AliasDescriptor ad = dd.getAliasDescriptor(routinePermsKey.getRoutineUUID());
SchemaDescriptor sd = dd.getSchemaDescriptor(ad.getSchemaUUID(), ConnectionUtil.getCurrentLCC().getTransactionExecute());
if (sd.isSystemSchema() && !sd.isSchemaWithGrantableRoutines())
permissions = new RoutinePermsDescriptor(dd, routinePermsKey.getGrantee(), (String) null, routinePermsKey.getRoutineUUID(), true);
else if (routinePermsKey.getGrantee().equals(sd.getAuthorizationId()))
permissions = new RoutinePermsDescriptor(dd, routinePermsKey.getGrantee(), Authorizer.SYSTEM_AUTHORIZATION_ID, routinePermsKey.getRoutineUUID(), true);
} catch (java.sql.SQLException sqle) {
throw StandardException.plainWrapException(sqle);
}
}
} else if (key instanceof PermDescriptor) {
PermDescriptor permKey = (PermDescriptor) key;
permissions = dd.getUncachedGenericPermDescriptor(permKey);
if (permissions == null) {
// The owner has all privileges unless they have been revoked.
String objectType = permKey.getObjectType();
String privilege = permKey.getPermission();
UUID protectedObjectsID = permKey.getPermObjectId();
PrivilegedSQLObject pso = PermDescriptor.getProtectedObject(dd, protectedObjectsID, objectType);
SchemaDescriptor sd = pso.getSchemaDescriptor();
if (permKey.getGrantee().equals(sd.getAuthorizationId())) {
permissions = new PermDescriptor(dd, null, objectType, pso.getUUID(), privilege, Authorizer.SYSTEM_AUTHORIZATION_ID, permKey.getGrantee(), true);
}
}
} else {
if (SanityManager.DEBUG)
SanityManager.NOTREACHED();
return null;
}
if (permissions != null) {
return this;
}
return null;
}
Also used :
SchemaDescriptor(org.apache.derby.iapi.sql.dictionary.SchemaDescriptor)
PrivilegedSQLObject(org.apache.derby.iapi.sql.dictionary.PrivilegedSQLObject)
PermDescriptor(org.apache.derby.iapi.sql.dictionary.PermDescriptor)
TableDescriptor(org.apache.derby.iapi.sql.dictionary.TableDescriptor)
ColPermsDescriptor(org.apache.derby.iapi.sql.dictionary.ColPermsDescriptor)
AliasDescriptor(org.apache.derby.iapi.sql.dictionary.AliasDescriptor)
FormatableBitSet(org.apache.derby.iapi.services.io.FormatableBitSet)
RoutinePermsDescriptor(org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor)
UUID(org.apache.derby.catalog.UUID)
TablePermsDescriptor(org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor)
Aggregations
UUID (org.apache.derby.catalog.UUID)1
FormatableBitSet (org.apache.derby.iapi.services.io.FormatableBitSet)1
AliasDescriptor (org.apache.derby.iapi.sql.dictionary.AliasDescriptor)1
ColPermsDescriptor (org.apache.derby.iapi.sql.dictionary.ColPermsDescriptor)1
PermDescriptor (org.apache.derby.iapi.sql.dictionary.PermDescriptor)1
PrivilegedSQLObject (org.apache.derby.iapi.sql.dictionary.PrivilegedSQLObject)1
RoutinePermsDescriptor (org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor)1
SchemaDescriptor (org.apache.derby.iapi.sql.dictionary.SchemaDescriptor)1
TableDescriptor (org.apache.derby.iapi.sql.dictionary.TableDescriptor)1
TablePermsDescriptor (org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor)1
