Package org.apache.derby.iapi.sql.dictionary

Examples of org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor


  {
    TabInfoImpl  ti = getNonCoreTI(SYSROUTINEPERMS_CATALOG_NUM);
    SYSROUTINEPERMSRowFactory rf = (SYSROUTINEPERMSRowFactory) ti.getCatalogRowFactory();
    DataValueDescriptor  routineIdOrderable;
    ExecRow curRow;
    PermissionsDescriptor perm;

    // In Derby authorization mode, permission catalogs may not be present
    if (!usesSqlAuthorization)
      return;
View Full Code Here


          TransactionController tc,
          ExecIndexRow keyRow)
      throws StandardException
  {
    ExecRow curRow;
    PermissionsDescriptor perm;
    TabInfoImpl  ti = getNonCoreTI(SYSTABLEPERMS_CATALOG_NUM);
    SYSTABLEPERMSRowFactory rf = (SYSTABLEPERMSRowFactory) ti.getCatalogRowFactory();

    while ((curRow=ti.getRow(tc, keyRow, rf.TABLEID_INDEX_NUM)) != null)
    {
View Full Code Here

          TransactionController tc,
          ExecIndexRow keyRow)
      throws StandardException
  {
    ExecRow curRow;
    PermissionsDescriptor perm;
    TabInfoImpl  ti = getNonCoreTI(SYSCOLPERMS_CATALOG_NUM);
    SYSCOLPERMSRowFactory rf = (SYSCOLPERMSRowFactory) ti.getCatalogRowFactory();

    while ((curRow=ti.getRow(tc, keyRow, rf.TABLEID_INDEX_NUM)) != null)
    {
View Full Code Here

  {
    TabInfoImpl  ti = getNonCoreTI(SYSROUTINEPERMS_CATALOG_NUM);
    SYSROUTINEPERMSRowFactory rf = (SYSROUTINEPERMSRowFactory) ti.getCatalogRowFactory();
    DataValueDescriptor  routineIdOrderable;
    ExecRow curRow;
    PermissionsDescriptor perm;

    // In Derby authorization mode, permission catalogs may not be present
    if (!usesSqlAuthorization)
      return;
View Full Code Here

          TransactionController tc,
          ExecIndexRow keyRow)
      throws StandardException
  {
    ExecRow curRow;
    PermissionsDescriptor perm;
    TabInfoImpl  ti = getNonCoreTI(SYSTABLEPERMS_CATALOG_NUM);
    SYSTABLEPERMSRowFactory rf = (SYSTABLEPERMSRowFactory) ti.getCatalogRowFactory();

    while ((curRow=ti.getRow(tc, keyRow, rf.TABLEID_INDEX_NUM)) != null)
    {
View Full Code Here

          TransactionController tc,
          ExecIndexRow keyRow)
      throws StandardException
  {
    ExecRow curRow;
    PermissionsDescriptor perm;
    TabInfoImpl  ti = getNonCoreTI(SYSCOLPERMS_CATALOG_NUM);
    SYSCOLPERMSRowFactory rf = (SYSCOLPERMSRowFactory) ti.getCatalogRowFactory();

    while ((curRow=ti.getRow(tc, keyRow, rf.TABLEID_INDEX_NUM)) != null)
    {
View Full Code Here

    //If the Database Owner is creating this constraint, then no need to
    //collect any privilege dependencies because the Database Owner can  
    //access any objects without any restrictions
    if (!(lcc.getAuthorizationId().equals(dd.getAuthorizationDatabaseOwner())))
    {
      PermissionsDescriptor permDesc;
      //Now, it is time to add into dependency system, constraint's
      //dependency on REFERENCES privilege. If the REFERENCES privilege is
      //revoked from the constraint owner, the constraint will get
      //dropped automatically.
      List requiredPermissionsList = activation.getPreparedStatement().getRequiredPermissionsList();
      if (requiredPermissionsList != null && ! requiredPermissionsList.isEmpty())
      {
        for(Iterator iter = requiredPermissionsList.iterator();iter.hasNext();)
        {
          StatementPermission statPerm = (StatementPermission) iter.next();
          //First check if we are dealing with a Table or
          //Column level privilege. All the other privileges
          //are not required for a foreign key constraint.
          if (statPerm instanceof StatementTablePermission)
          {//It is a table/column level privilege
            StatementTablePermission statementTablePermission =
              (StatementTablePermission) statPerm;
            //Check if we are dealing with REFERENCES privilege.
            //If not, move on to the next privilege in the
            //required privileges list
            if (statementTablePermission.getPrivType() != Authorizer.REFERENCES_PRIV)
              continue;
            //Next check is this REFERENCES privilege is
            //on the same table as referenced by the foreign
            //key constraint? If not, move on to the next
            //privilege in the required privileges list
            if (!statementTablePermission.getTableUUID().equals(refTableUUID))
              continue;
          } else if (statPerm instanceof StatementSchemaPermission
              || statPerm instanceof StatementRoutinePermission)
            continue;

          //We know that we are working with a REFERENCES
          //privilege. Find all the PermissionDescriptors for
          //this privilege and make constraint depend on it
          //through dependency manager.
          //The REFERENCES privilege could be defined at the
          //table level or it could be defined at individual
          //column levels. In addition, individual column
          //REFERENCES privilege could be available at the
          //user level or PUBLIC level.
          permDesc = statPerm.getPermissionDescriptor(lcc.getAuthorizationId(), dd);       
          if (permDesc == null)
          {
            //No REFERENCES privilege exists for given
            //authorizer at table or column level.
            //REFERENCES privilege has to exist at at PUBLIC level
            permDesc = statPerm.getPermissionDescriptor(Authorizer.PUBLIC_AUTHORIZATION_ID, dd);
            if (!(permDesc.checkOwner(lcc.getAuthorizationId())))
              dm.addDependency(dependent, permDesc, lcc.getContextManager());
          } else
            //if the object on which permission is required is owned by the
            //same user as the current user, then no need to keep that
            //object's privilege dependency in the dependency system
          if (!(permDesc.checkOwner(lcc.getAuthorizationId())))
          {
            dm.addDependency(dependent, permDesc, lcc.getContextManager());
            if (permDesc instanceof ColPermsDescriptor)
            {
              //The if statement above means we found a
View Full Code Here

    //If the Database Owner is creating this view/triiger, then no need to 
    //collect any privilege dependencies because the Database Owner can 
    //access any objects without any restrictions
    if (!(lcc.getAuthorizationId().equals(dd.getAuthorizationDatabaseOwner())))
    {
      PermissionsDescriptor permDesc;
      List requiredPermissionsList = activation.getPreparedStatement().getRequiredPermissionsList();
      if (requiredPermissionsList != null && ! requiredPermissionsList.isEmpty())
      {
        for(Iterator iter = requiredPermissionsList.iterator();iter.hasNext();)
        {
          StatementPermission statPerm = (StatementPermission) iter.next();
          //The schema ownership permission just needs to be checked
          //at object creation time, to see if the object creator has
          //permissions to create the object in the specified schema.
          //But we don't need to add schema permission to list of
          //permissions that the object is dependent on once it is
          //created.
          if (statPerm instanceof StatementSchemaPermission)
            continue;
          //See if we can find the required privilege for given authorizer?
          permDesc = statPerm.getPermissionDescriptor(lcc.getAuthorizationId(), dd);       
          if (permDesc == null)//privilege not found for given authorizer
          {
            //The if condition above means that required privilege does
            //not exist at the user level. The privilege has to exist at
            //PUBLIC level.
            permDesc = statPerm.getPermissionDescriptor(Authorizer.PUBLIC_AUTHORIZATION_ID, dd);
            //If the user accessing the object is the owner of that
            //object, then no privilege tracking is needed for the
            //owner.
            if (!(permDesc.checkOwner(lcc.getAuthorizationId())))
              dm.addDependency(dependent, permDesc, lcc.getContextManager());
            continue;
          }
          //if the object on which permission is required is owned by the
          //same user as the current user, then no need to keep that
          //object's privilege dependency in the dependency system
          if (!(permDesc.checkOwner(lcc.getAuthorizationId())))
          {
            dm.addDependency(dependent, permDesc, lcc.getContextManager());                          
            if (permDesc instanceof ColPermsDescriptor)
            {
              //For a given table, the table owner can give privileges
View Full Code Here

  {
    TabInfoImpl  ti = getNonCoreTI(SYSROUTINEPERMS_CATALOG_NUM);
    SYSROUTINEPERMSRowFactory rf = (SYSROUTINEPERMSRowFactory) ti.getCatalogRowFactory();
    DataValueDescriptor  routineIdOrderable;
    ExecRow curRow;
    PermissionsDescriptor perm;

    // In Derby authorization mode, permission catalogs may not be present
    if (!usesSqlAuthorization)
      return;
View Full Code Here

          TransactionController tc,
          ExecIndexRow keyRow)
      throws StandardException
  {
    ExecRow curRow;
    PermissionsDescriptor perm;
    TabInfoImpl  ti = getNonCoreTI(SYSTABLEPERMS_CATALOG_NUM);
    SYSTABLEPERMSRowFactory rf = (SYSTABLEPERMSRowFactory) ti.getCatalogRowFactory();

    while ((curRow=ti.getRow(tc, keyRow, rf.TABLEID_INDEX_NUM)) != null)
    {
View Full Code Here

TOP

Related Classes of org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.