Examples with TableDescriptor org.apache.derby.iapi.sql.dictionary.TableDescriptor used on opensource projects

Example 61 with TableDescriptor

use of org.apache.derby.iapi.sql.dictionary.TableDescriptor in project derby by apache.

the class DDLStatementNode method getTableDescriptor.

protected final TableDescriptor getTableDescriptor(UUID tableId) throws StandardException {
    TableDescriptor td = getDataDictionary().getTableDescriptor(tableId);
    td = checkTableDescriptor(td, true);
    return td;
}

Example 62 with TableDescriptor

use of org.apache.derby.iapi.sql.dictionary.TableDescriptor in project derby by apache.

the class DDLStatementNode method getTableDescriptor.

/**
 * Validate that the table is ok for DDL -- e.g.
 * that it exists, it is not a view, and is not
 * a system table, and that its schema is ok.
 *
 * @return the validated table descriptor, never null
 *
 * @exception StandardException on error
 */
protected final TableDescriptor getTableDescriptor(TableName tableName) throws StandardException {
    TableDescriptor td = justGetDescriptor(tableName);
    /* beetle 4444, td may have changed when we obtain shared lock */
    td = checkTableDescriptor(td, true);
    return td;
}

Example 63 with TableDescriptor

use of org.apache.derby.iapi.sql.dictionary.TableDescriptor in project derby by apache.

the class CompilerContextImpl method addRequiredColumnPriv.

/**
 * Add a column privilege to the list of used column privileges.
 *
 * @param column The column whose privileges we're interested in.
 */
public void addRequiredColumnPriv(ColumnDescriptor column) {
    if (// Using old style authorization
    requiredColumnPrivileges == null || currPrivType == Authorizer.NULL_PRIV || // Table privilege only
    currPrivType == Authorizer.DELETE_PRIV || // Table privilege only
    currPrivType == Authorizer.INSERT_PRIV || // Table privilege only
    currPrivType == Authorizer.TRIGGER_PRIV || currPrivType == Authorizer.EXECUTE_PRIV || column == null) {
        return;
    }
    /*
		* Note that to look up the privileges for this column,
		* we need to know what table the column is in. However,
		* not all ColumnDescriptor objects are associated with
		* a table object. Sometimes a ColumnDescriptor
		* describes a column but doesn't specify the table. An
		* example of this occurs in the set-clause of the
		* UPDATE statement in SQL, where we may have a
		* ColumnDescriptor which describes the expression that
		* is being used in the UPDATE statement to provide the
		* new value that will be computed by the UPDATE. In such a
		* case, there is no column privilege to be added, so we
		* just take an early return. DERBY-1583 has more details.
		*/
    TableDescriptor td = column.getTableDescriptor();
    if (td == null)
        return;
    if (td.getTableType() == TableDescriptor.GLOBAL_TEMPORARY_TABLE_TYPE) {
        // no priv needed, it is per session anyway
        return;
    }
    UUID tableUUID = td.getUUID();
    // DERBY-4191
    if (currPrivType == Authorizer.MIN_SELECT_PRIV) {
        // If we are here for MIN_SELECT_PRIV requirement, then first
        // check if there is already a SELECT privilege requirement on any
        // of the columns in the table, or on the table itself. If yes,
        // then we do not need to add MIN_SELECT_PRIV requirement for the
        // table because that requirement is already getting satisfied with
        // the already existing SELECT privilege requirement.
        StatementTablePermission key = new StatementTablePermission(tableUUID, Authorizer.SELECT_PRIV);
        if (requiredColumnPrivileges.containsKey(key) || requiredTablePrivileges.containsKey(key)) {
            return;
        }
    }
    if (currPrivType == Authorizer.SELECT_PRIV) {
        // If we are here for SELECT_PRIV requirement, then first check
        // if there is already any MIN_SELECT_PRIV privilege required
        // on this table. If yes, then that requirement will be fulfilled
        // by the SELECT_PRIV requirement we are adding now. Because of
        // that, remove the MIN_SELECT_PRIV privilege requirement
        StatementTablePermission key = new StatementTablePermission(tableUUID, Authorizer.MIN_SELECT_PRIV);
        requiredColumnPrivileges.remove(key);
    }
    StatementTablePermission key = new StatementTablePermission(tableUUID, currPrivType);
    StatementColumnPermission tableColumnPrivileges = requiredColumnPrivileges.get(key);
    if (tableColumnPrivileges == null) {
        tableColumnPrivileges = new StatementColumnPermission(tableUUID, currPrivType, new FormatableBitSet(td.getNumberOfColumns()));
        requiredColumnPrivileges.put(key, tableColumnPrivileges);
    }
    tableColumnPrivileges.getColumns().set(column.getPosition() - 1);
}

Example 64 with TableDescriptor

use of org.apache.derby.iapi.sql.dictionary.TableDescriptor in project derby by apache.

the class TablePrivilegeInfo method checkPrivileges.

/**
 * Determines if the privilege is grantable by this grantor
 * for the given view.
 *
 * Note that the database owner can access database objects
 * without needing to be their owner.  This method should only
 * be called if it is a GRANT.
 *
 * @param user					authorizationId of current user
 * @param td		            TableDescriptor to be checked against
 * @param sd					SchemaDescriptor
 * @param dd					DataDictionary
 * @param lcc                   LanguageConnectionContext
 *
 * @exception StandardException if user does not have permission to grant
 */
private void checkPrivileges(String user, TableDescriptor td, SchemaDescriptor sd, DataDictionary dd, LanguageConnectionContext lcc) throws StandardException {
    if (user.equals(dd.getAuthorizationDatabaseOwner()))
        return;
    // check view specific
    if (td.getTableType() == TableDescriptor.VIEW_TYPE) {
        if (descriptorList != null) {
            TransactionController tc = lcc.getTransactionExecute();
            int siz = descriptorList.size();
            for (int i = 0; i < siz; i++) {
                TupleDescriptor p;
                SchemaDescriptor s = null;
                p = (TupleDescriptor) descriptorList.get(i);
                if (p instanceof TableDescriptor) {
                    TableDescriptor t = (TableDescriptor) p;
                    s = t.getSchemaDescriptor();
                } else if (p instanceof ViewDescriptor) {
                    ViewDescriptor v = (ViewDescriptor) p;
                    s = dd.getSchemaDescriptor(v.getCompSchemaId(), tc);
                } else if (p instanceof AliasDescriptor) {
                    AliasDescriptor a = (AliasDescriptor) p;
                    s = dd.getSchemaDescriptor(a.getSchemaUUID(), tc);
                }
                if (s != null && !user.equals(s.getAuthorizationId())) {
                    throw StandardException.newException(SQLState.AUTH_NO_OBJECT_PERMISSION, user, "grant", sd.getSchemaName(), td.getName());
                }
            // FUTURE: if object is not own by grantor then check if
            // the grantor have grant option.
            }
        }
    }
}

Example 65 with TableDescriptor

use of org.apache.derby.iapi.sql.dictionary.TableDescriptor in project derby by apache.

the class TablePrivilegesNode method bindPrivilegesForView.

/**
 *  Retrieve all the underlying stored dependencies such as table(s),
 *  view(s) and routine(s) descriptors which the view depends on.
 *  This information is then passed to the runtime to determine if
 *  the privilege is grantable to the grantees by this grantor at
 *  execution time.
 *
 *  Go through the providers regardless who the grantor is since
 *  the statement cache may be in effect.
 *
 * @param td the TableDescriptor to check
 *
 * @exception StandardException standard error policy.
 */
private void bindPrivilegesForView(TableDescriptor td) throws StandardException {
    LanguageConnectionContext lcc = getLanguageConnectionContext();
    DataDictionary dd = lcc.getDataDictionary();
    ViewDescriptor vd = dd.getViewDescriptor(td);
    DependencyManager dm = dd.getDependencyManager();
    ProviderInfo[] pis = dm.getPersistentProviderInfos(vd);
    this.descriptorList = new ArrayList<Provider>();
    int siz = pis.length;
    for (int i = 0; i < siz; i++) {
        Provider provider = (Provider) pis[i].getDependableFinder().getDependable(dd, pis[i].getObjectId());
        if (provider instanceof TableDescriptor || provider instanceof ViewDescriptor || provider instanceof AliasDescriptor) {
            descriptorList.add(provider);
        }
    }
}