use of org.apache.derby.iapi.sql.dictionary.StatementColumnPermission in project derby by apache.
the class CompilerContextImpl method getRequiredPermissionsList.
/**
* @return The list of required privileges.
*/
public List<StatementPermission> getRequiredPermissionsList() {
int size = 0;
if (requiredRoutinePrivileges != null) {
size += requiredRoutinePrivileges.size();
}
if (requiredUsagePrivileges != null) {
size += requiredUsagePrivileges.size();
}
if (requiredTablePrivileges != null) {
size += requiredTablePrivileges.size();
}
if (requiredSchemaPrivileges != null) {
size += requiredSchemaPrivileges.size();
}
if (requiredColumnPrivileges != null) {
size += requiredColumnPrivileges.size();
}
if (requiredRolePrivileges != null) {
size += requiredRolePrivileges.size();
}
ArrayList<StatementPermission> list = new ArrayList<StatementPermission>(size);
if (requiredRoutinePrivileges != null) {
for (Iterator<UUID> itr = requiredRoutinePrivileges.keySet().iterator(); itr.hasNext(); ) {
UUID routineUUID = itr.next();
list.add(new StatementRoutinePermission(routineUUID));
}
}
if (requiredUsagePrivileges != null) {
for (Iterator<UUID> itr = requiredUsagePrivileges.keySet().iterator(); itr.hasNext(); ) {
UUID objectID = itr.next();
list.add(new StatementGenericPermission(objectID, requiredUsagePrivileges.get(objectID), PermDescriptor.USAGE_PRIV));
}
}
if (requiredTablePrivileges != null) {
for (Iterator<StatementTablePermission> itr = requiredTablePrivileges.values().iterator(); itr.hasNext(); ) {
list.add(itr.next());
}
}
if (requiredSchemaPrivileges != null) {
for (Iterator<StatementSchemaPermission> itr = requiredSchemaPrivileges.values().iterator(); itr.hasNext(); ) {
list.add(itr.next());
}
}
if (requiredColumnPrivileges != null) {
for (Iterator<StatementColumnPermission> itr = requiredColumnPrivileges.values().iterator(); itr.hasNext(); ) {
list.add(itr.next());
}
}
if (requiredRolePrivileges != null) {
for (Iterator<StatementRolePermission> itr = requiredRolePrivileges.values().iterator(); itr.hasNext(); ) {
list.add(itr.next());
}
}
return list;
}
use of org.apache.derby.iapi.sql.dictionary.StatementColumnPermission in project derby by apache.
the class DDLConstantAction method storeConstraintDependenciesOnPrivileges.
/**
* This method saves dependencies of constraints on privileges in the
* dependency system. It gets called by CreateConstraintConstantAction.
* Views and triggers and constraints run with definer's privileges. If
* one of the required privileges is revoked from the definer, the
* dependent view/trigger/constraint on that privilege will be dropped
* automatically. In order to implement this behavior, we need to save
* view/trigger/constraint dependencies on required privileges in the
* dependency system. Following method accomplishes that part of the
* equation for constraints only. The dependency collection for
* constraints is not same as for views and triggers and hence
* constraints are handled by this special method.
*
* Views and triggers can depend on many different kind of privileges
* where as constraints only depend on REFERENCES privilege on a table
* (FOREIGN KEY constraints) or EXECUTE privileges on one or more
* functions (CHECK constraints).
*
* Another difference is only one view or trigger can be defined by a
* sql statement and hence all the dependencies collected for the sql
* statement apply to the view or trigger in question. As for constraints,
* one sql statement can defined multiple constraints and hence the
* all the privileges required by the statement are not necessarily
* required by all the constraints defined by that sql statement. We need
* to identify right privileges for right constraints for a given sql
* statement. Because of these differences between constraints and views
* (and triggers), there are 2 different methods in this class to save
* their privileges in the dependency system.
*
* For each required privilege, we now register a dependency on a role if
* that role was required to find an applicable privilege.
*
* @param activation The execution environment for this constant action.
* @param dependent Make this object depend on required privileges
* @param refTableUUID Make sure we are looking for REFERENCES privilege
* for right table
* @param providers set of providers for this constraint
* @exception StandardException Thrown on failure
*/
protected void storeConstraintDependenciesOnPrivileges(Activation activation, Dependent dependent, UUID refTableUUID, ProviderInfo[] providers) throws StandardException {
LanguageConnectionContext lcc = activation.getLanguageConnectionContext();
DataDictionary dd = lcc.getDataDictionary();
DependencyManager dm = dd.getDependencyManager();
String currentUser = lcc.getCurrentUserId(activation);
SettableBoolean roleDepAdded = new SettableBoolean();
// access any objects without any restrictions
if (!currentUser.equals(dd.getAuthorizationDatabaseOwner())) {
PermissionsDescriptor permDesc;
// Now, it is time to add into dependency system the FOREIGN
// constraint's dependency on REFERENCES privilege, or, if it is a
// CHECK constraint, any EXECUTE or USAGE privileges. If the REFERENCES is
// revoked from the constraint owner, the constraint will get
// dropped automatically.
List<StatementPermission> requiredPermissionsList = activation.getPreparedStatement().getRequiredPermissionsList();
if (requiredPermissionsList != null && !requiredPermissionsList.isEmpty()) {
for (StatementPermission statPerm : requiredPermissionsList) {
// are not required for a foreign key constraint.
if (statPerm instanceof StatementTablePermission) {
// It is a table/column level privilege
StatementTablePermission statementTablePermission = (StatementTablePermission) statPerm;
// required privileges list
if (statementTablePermission.getPrivType() != Authorizer.REFERENCES_PRIV)
continue;
// privilege in the required privileges list
if (!statementTablePermission.getTableUUID().equals(refTableUUID))
continue;
} else if (statPerm instanceof StatementSchemaPermission || statPerm instanceof StatementRolePermission || statPerm instanceof StatementGenericPermission) {
continue;
} else {
if (SanityManager.DEBUG) {
SanityManager.ASSERT(statPerm instanceof StatementRoutinePermission, "only StatementRoutinePermission expected");
}
// skip if this permission concerns a function not
// referenced by this constraint
StatementRoutinePermission rp = (StatementRoutinePermission) statPerm;
if (!inProviderSet(providers, rp.getRoutineUUID())) {
continue;
}
}
// We know that we are working with a REFERENCES, EXECUTE, or USAGE
// privilege. Find all the PermissionDescriptors for this
// privilege and make constraint depend on it through
// dependency manager. The REFERENCES privilege could be
// defined at the table level or it could be defined at
// individual column levels. In addition, individual column
// REFERENCES privilege could be available at the user
// level, PUBLIC or role level. EXECUTE and USAGE privileges could be
// available at the user level, PUBLIC or role level.
permDesc = statPerm.getPermissionDescriptor(currentUser, dd);
if (permDesc == null) {
// No privilege exists for given user. The privilege
// has to exist at at PUBLIC level....
permDesc = statPerm.getPermissionDescriptor(Authorizer.PUBLIC_AUTHORIZATION_ID, dd);
// .... or at the role level. Additionally, for column
// level privileges, even if *some* were available at
// the PUBLIC level others may be still be missing,
// hence the call in the test below to
// allColumnsCoveredByUserOrPUBLIC.
boolean roleUsed = false;
if (permDesc == null || ((permDesc instanceof ColPermsDescriptor) && !((StatementColumnPermission) statPerm).allColumnsCoveredByUserOrPUBLIC(currentUser, dd))) {
roleUsed = true;
permDesc = findRoleUsage(activation, statPerm);
}
// for the owner.
if (!permDesc.checkOwner(currentUser)) {
dm.addDependency(dependent, permDesc, lcc.getContextManager());
if (roleUsed) {
// We had to rely on role, so track that
// dependency, too.
trackRoleDependency(activation, dependent, roleDepAdded);
}
}
} else // object's privilege dependency in the dependency system
if (!permDesc.checkOwner(currentUser)) {
dm.addDependency(dependent, permDesc, lcc.getContextManager());
if (permDesc instanceof ColPermsDescriptor) {
// The if statement above means we found a
// REFERENCES privilege at column level for the
// given authorizer. If this privilege doesn't
// cover all the column , then there has to exisit
// REFERENCES for the remaining columns at PUBLIC
// level or at role level. Get that permission
// descriptor and save it in dependency system
StatementColumnPermission statementColumnPermission = (StatementColumnPermission) statPerm;
permDesc = statementColumnPermission.getPUBLIClevelColPermsDescriptor(currentUser, dd);
// into the dependency system
if (permDesc != null && permDesc.getObjectID() != null) {
// User did not have all required column
// permissions and at least one column is
// covered by PUBLIC.
dm.addDependency(dependent, permDesc, lcc.getContextManager());
}
// upon.
if (!statementColumnPermission.allColumnsCoveredByUserOrPUBLIC(currentUser, dd)) {
// Role has been relied upon, so register a
// dependency.
trackRoleDependency(activation, dependent, roleDepAdded);
}
}
}
if (!(statPerm instanceof StatementRoutinePermission)) {
// for this sql statement.
break;
} else {
// For EXECUTE privilege there may be several functions
// referenced in the constraint, so continue looking.
}
}
}
}
}
use of org.apache.derby.iapi.sql.dictionary.StatementColumnPermission in project derby by apache.
the class DDLConstantAction method storeViewTriggerDependenciesOnPrivileges.
/**
* This method saves dependencies of views and triggers on privileges in
* the dependency system. It gets called by CreateViewConstantAction
* and CreateTriggerConstantAction. Views and triggers and constraints
* run with definer's privileges. If one of the required privileges is
* revoked from the definer, the dependent view/trigger/constraint on
* that privilege will be dropped automatically. In order to implement
* this behavior, we need to save view/trigger/constraint dependencies
* on required privileges in the dependency system. Following method
* accomplishes that part of the equation for views and triggers. The
* dependency collection for constraints is not same as for views and
* triggers and hence constraints are not covered by this method.
* Views and triggers can depend on many different kind of privileges
* where as constraints only depend on REFERENCES privilege on a table.
* Another difference is only one view or trigger can be defined by a
* sql statement and hence all the dependencies collected for the sql
* statement apply to the view or trigger in question. As for constraints,
* one sql statement can defined multiple constraints and hence the
* all the privileges required by the statement are not necessarily
* required by all the constraints defined by that sql statement. We need
* to identify right privileges for right constraints for a given sql
* statement. Because of these differences between constraints and views
* (and triggers), there are 2 different methods in this class to save
* their privileges in the dependency system.
*
* For each required privilege, we now register of a dependency on a role
* if that role was required to find an applicable privilege.
*
* @param activation The execution environment for this constant action.
* @param dependent Make this object depend on required privileges
*
* @exception StandardException Thrown on failure
*/
protected void storeViewTriggerDependenciesOnPrivileges(Activation activation, Dependent dependent) throws StandardException {
LanguageConnectionContext lcc = activation.getLanguageConnectionContext();
DataDictionary dd = lcc.getDataDictionary();
DependencyManager dm = dd.getDependencyManager();
String dbo = dd.getAuthorizationDatabaseOwner();
String currentUser = lcc.getCurrentUserId(activation);
SettableBoolean roleDepAdded = new SettableBoolean();
// access any objects without any restrictions.
if (!currentUser.equals(dbo)) {
PermissionsDescriptor permDesc;
List<StatementPermission> requiredPermissionsList = activation.getPreparedStatement().getRequiredPermissionsList();
if (requiredPermissionsList != null && !requiredPermissionsList.isEmpty()) {
for (StatementPermission statPerm : requiredPermissionsList) {
// Also, StatementRolePermission should not occur here.
if (statPerm instanceof StatementSchemaPermission || statPerm instanceof StatementRolePermission) {
if (SanityManager.DEBUG) {
if (statPerm instanceof StatementRolePermission) {
SanityManager.THROWASSERT("Unexpected StatementRolePermission");
}
}
continue;
}
// See if we can find the required privilege for given authorizer?
permDesc = statPerm.getPermissionDescriptor(currentUser, dd);
if (// privilege not found for given authorizer
permDesc == null) {
// The if condition above means that required privilege does
// not exist at the user level. The privilege has to exist at
// PUBLIC level... ,
permDesc = statPerm.getPermissionDescriptor(Authorizer.PUBLIC_AUTHORIZATION_ID, dd);
boolean roleUsed = false;
// .. or at role level
if (permDesc == null || ((permDesc instanceof ColPermsDescriptor) && !((StatementColumnPermission) statPerm).allColumnsCoveredByUserOrPUBLIC(currentUser, dd))) {
roleUsed = true;
permDesc = findRoleUsage(activation, statPerm);
}
// owner.
if (!permDesc.checkOwner(currentUser)) {
dm.addDependency(dependent, permDesc, lcc.getContextManager());
// dependency, too.
if (roleUsed) {
trackRoleDependency(activation, dependent, roleDepAdded);
}
}
continue;
}
// object's privilege dependency in the dependency system
if (!permDesc.checkOwner(currentUser)) {
dm.addDependency(dependent, permDesc, lcc.getContextManager());
if (permDesc instanceof ColPermsDescriptor) {
// For a given table, the table owner can give privileges
// on some columns at individual user level and privileges
// on some columns at PUBLIC level. Hence, when looking for
// column level privileges, we need to look both at user
// level as well as PUBLIC level(only if user level column
// privileges do not cover all the columns accessed by this
// object). We have finished adding dependency for user level
// columns, now we are checking if some required column
// level privileges are at PUBLIC level.
// A specific eg of a view
// user1
// create table t11(c11 int, c12 int);
// grant select(c11) on t1 to user2;
// grant select(c12) on t1 to PUBLIC;
// user2
// create view v1 as select c11 from user1.t11 where c12=2;
// For the view above, there are 2 column level privilege
// depencies, one for column c11 which exists directly
// for user2 and one for column c12 which exists at PUBLIC level.
StatementColumnPermission statementColumnPermission = (StatementColumnPermission) statPerm;
permDesc = statementColumnPermission.getPUBLIClevelColPermsDescriptor(currentUser, dd);
if (permDesc != null && permDesc.getObjectID() != null) {
// User did not have all required column
// permissions and at least one column is
// covered by PUBLIC.
dm.addDependency(dependent, permDesc, lcc.getContextManager());
}
// upon?
if (!statementColumnPermission.allColumnsCoveredByUserOrPUBLIC(currentUser, dd)) {
trackRoleDependency(activation, dependent, roleDepAdded);
}
}
}
}
}
}
}
use of org.apache.derby.iapi.sql.dictionary.StatementColumnPermission in project derby by apache.
the class CompilerContextImpl method addRequiredColumnPriv.
/**
* Add a column privilege to the list of used column privileges.
*
* @param column The column whose privileges we're interested in.
*/
public void addRequiredColumnPriv(ColumnDescriptor column) {
if (// Using old style authorization
requiredColumnPrivileges == null || currPrivType == Authorizer.NULL_PRIV || // Table privilege only
currPrivType == Authorizer.DELETE_PRIV || // Table privilege only
currPrivType == Authorizer.INSERT_PRIV || // Table privilege only
currPrivType == Authorizer.TRIGGER_PRIV || currPrivType == Authorizer.EXECUTE_PRIV || column == null) {
return;
}
/*
* Note that to look up the privileges for this column,
* we need to know what table the column is in. However,
* not all ColumnDescriptor objects are associated with
* a table object. Sometimes a ColumnDescriptor
* describes a column but doesn't specify the table. An
* example of this occurs in the set-clause of the
* UPDATE statement in SQL, where we may have a
* ColumnDescriptor which describes the expression that
* is being used in the UPDATE statement to provide the
* new value that will be computed by the UPDATE. In such a
* case, there is no column privilege to be added, so we
* just take an early return. DERBY-1583 has more details.
*/
TableDescriptor td = column.getTableDescriptor();
if (td == null)
return;
if (td.getTableType() == TableDescriptor.GLOBAL_TEMPORARY_TABLE_TYPE) {
// no priv needed, it is per session anyway
return;
}
UUID tableUUID = td.getUUID();
// DERBY-4191
if (currPrivType == Authorizer.MIN_SELECT_PRIV) {
// If we are here for MIN_SELECT_PRIV requirement, then first
// check if there is already a SELECT privilege requirement on any
// of the columns in the table, or on the table itself. If yes,
// then we do not need to add MIN_SELECT_PRIV requirement for the
// table because that requirement is already getting satisfied with
// the already existing SELECT privilege requirement.
StatementTablePermission key = new StatementTablePermission(tableUUID, Authorizer.SELECT_PRIV);
if (requiredColumnPrivileges.containsKey(key) || requiredTablePrivileges.containsKey(key)) {
return;
}
}
if (currPrivType == Authorizer.SELECT_PRIV) {
// If we are here for SELECT_PRIV requirement, then first check
// if there is already any MIN_SELECT_PRIV privilege required
// on this table. If yes, then that requirement will be fulfilled
// by the SELECT_PRIV requirement we are adding now. Because of
// that, remove the MIN_SELECT_PRIV privilege requirement
StatementTablePermission key = new StatementTablePermission(tableUUID, Authorizer.MIN_SELECT_PRIV);
requiredColumnPrivileges.remove(key);
}
StatementTablePermission key = new StatementTablePermission(tableUUID, currPrivType);
StatementColumnPermission tableColumnPrivileges = requiredColumnPrivileges.get(key);
if (tableColumnPrivileges == null) {
tableColumnPrivileges = new StatementColumnPermission(tableUUID, currPrivType, new FormatableBitSet(td.getNumberOfColumns()));
requiredColumnPrivileges.put(key, tableColumnPrivileges);
}
tableColumnPrivileges.getColumns().set(column.getPosition() - 1);
}
Aggregations