Examples of RoleGrantDescriptor

org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor
This class is used by rows in the SYS.SYSROLES system table. An instance contains information for exactly: One <role definition>, cf. ISO/IEC 9075-2:2003 section 12.4 or one <grant role statement>, section 12.5. A role definition is also modeled as a role grant (hence the class name), but with the special grantor "_SYSTEM", and with a grantee of the definer, in Derby this is always the current user. For a role definition, the WITH ADMIN flag is also set. The information contained in the isDef flag is usually redundant, but was added as a precaution against a real user named _SYSTEM, for example when upgrading an older database that did not forbid this.

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

      scanQualifier,                //
      (DataValueDescriptor[]) null, // stop position -through last row
      0);                           // stopSearchOperation - none


    ExecRow outRow =  rf.makeEmptyRow();
    RoleGrantDescriptor grantDescr;


    while (sc.fetchNext(outRow.getRowArray())) {
      grantDescr = (RoleGrantDescriptor)rf.buildDescriptor(
        outRow,
        (TupleDescriptor) null,
        this);


      // Next call is potentially inefficient.  We could read in
      // definitions first in a separate hash table limiting
      // this to a 2-pass scan.
      RoleGrantDescriptor granteeDef = getRoleDefinitionDescriptor
        (grantDescr.getGrantee());


      if (granteeDef == null) {
        // not a role, must be user authid, skip
        continue;
      }


      String hashKey;
      if (inverse) {
        hashKey = granteeDef.getRoleName();
      } else {
        hashKey = grantDescr.getRoleName();
      }


      List arcs = (List)hm.get(hashKey);

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

            throws StandardException {


        DataDictionary dd = getDataDictionary();
        String dbo = dd.getAuthorizationDatabaseOwner();


        RoleGrantDescriptor grantDesc = null;
        String currentUser = getCurrentUserId(a);


        if (currentUser.equals(dbo)) {
            grantDesc = dd.getRoleDefinitionDescriptor(role);
        } else {

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

   */
  public boolean roleIsSettable(String role) throws StandardException {
    DataDictionary dd = getDataDictionary();
    String dbo = dd.getAuthorizationDatabaseOwner();


    RoleGrantDescriptor grantDesc = null;


    if (getAuthorizationId().equals(dbo)) {
      grantDesc = dd.getRoleDefinitionDescriptor(role);
    } else {
      grantDesc = dd.getRoleGrantDescriptor

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

      scanQualifier,                //
      (DataValueDescriptor[]) null, // stop position -through last row
      0);                           // stopSearchOperation - none


    ExecRow outRow =  rf.makeEmptyRow();
    RoleGrantDescriptor grantDescr;


    while (sc.fetchNext(outRow.getRowArray())) {
      grantDescr = (RoleGrantDescriptor)rf.buildDescriptor(
        outRow,
        (TupleDescriptor) null,
        this);


      // Next call is potentially inefficient.  We could read in
      // definitions first in a separate hash table limiting
      // this to a 2-pass scan.
      RoleGrantDescriptor granteeDef = getRoleDefinitionDescriptor
        (grantDescr.getGrantee());


      if (granteeDef == null) {
        // not a role, must be user authid, skip
        continue;
      }


      String hashKey;
      if (inverse) {
        hashKey = granteeDef.getRoleName();
      } else {
        hashKey = grantDescr.getRoleName();
      }


      List arcs = (List)hm.get(hashKey);

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

     StatementPermission statPerm) throws StandardException {


    LanguageConnectionContext lcc =
      activation.getLanguageConnectionContext();
    DataDictionary dd = lcc.getDataDictionary();
    RoleGrantDescriptor rootGrant = null;
    String role = lcc.getCurrentRoleId(activation);
    String dbo = dd.getAuthorizationDatabaseOwner();
    String authId = lcc.getAuthorizationId();
    PermissionsDescriptor permDesc = null;

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

      DataDictionary dd = lcc.getDataDictionary();
      DependencyManager dm = dd.getDependencyManager();


      String role =
        lcc.getCurrentRoleId(activation);
      RoleGrantDescriptor rgd =
        dd.getRoleDefinitionDescriptor(role);


      dm.addDependency
        (dependent, rgd,
         lcc.getContextManager());

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

      scanQualifier,                //
      (DataValueDescriptor[]) null, // stop position -through last row
      0);                           // stopSearchOperation - none


    ExecRow outRow =  rf.makeEmptyRow();
    RoleGrantDescriptor grantDescr;


    while (sc.fetchNext(outRow.getRowArray())) {
      grantDescr = (RoleGrantDescriptor)rf.buildDescriptor(
        outRow,
        (TupleDescriptor) null,
        this);


      // Next call is potentially inefficient.  We could read in
      // definitions first in a separate hash table limiting
      // this to a 2-pass scan.
      RoleGrantDescriptor granteeDef = getRoleDefinitionDescriptor
        (grantDescr.getGrantee());


      if (granteeDef == null) {
        // not a role, must be user authid, skip
        continue;
      }


      String hashKey;
      if (inverse) {
        hashKey = granteeDef.getRoleName();
      } else {
        hashKey = grantDescr.getRoleName();
      }


      List arcs = (List)hm.get(hashKey);

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor


            for (Iterator gIter = grantees.iterator(); gIter.hasNext();) {
                String grantee = (String)gIter.next();


                // check that role exists
                RoleGrantDescriptor rdDef =
                    dd.getRoleDefinitionDescriptor(role);


                if (rdDef == null) {
                    throw StandardException.
                        newException(SQLState.ROLE_INVALID_SPECIFICATION, role);
                }


                // Check that role is granted to us (or PUBLIC) with
                // WITH ADMIN option so we can grant it. For database
                // owner, a role definition always fulfills this
                // requirement.  If we implement granting with WITH ADMIN
                // option later, we need to look for a grant to us (or
                // PUBLIC) which has WITH ADMIN. The role definition
                // descriptor will not suffice in that case, so we
                // need something like:
                //
                // rdDef = dd.findRoleGrantWithAdminToRoleOrPublic(grantor)
                // if (rdDef != null) {
                //   :
                if (grantor.equals(lcc.getDataDictionary().
                                       getAuthorizationDatabaseOwner())) {
                    // All ok, we are database owner
                    if (SanityManager.DEBUG) {
                        SanityManager.ASSERT(
                            rdDef.getGrantee().equals(grantor),
                            "expected database owner in role grant descriptor");
                        SanityManager.ASSERT(
                            rdDef.isWithAdminOption(),
                            "expected role definition to have ADMIN OPTION");
                    }
                } else {
                    throw StandardException.newException
                        (SQLState.AUTH_ROLE_DBO_ONLY, "GRANT role");
                }


                // Has it already been granted?
                RoleGrantDescriptor rgd =
                    dd.getRoleGrantDescriptor(role, grantee, grantor);


                if (rgd != null &&
                        withAdminOption && !rgd.isWithAdminOption()) {


                    // NOTE: Never called yet, withAdminOption not yet
                    // implemented.


                    // Remove old descriptor and add a new one with admin
                    // option: cf. SQL 2003, section 12.5, general rule 3
                    rgd.drop(lcc);
                    rgd.setWithAdminOption(true);
                    dd.addDescriptor(rgd,
                                     null,  // parent
                                     DataDictionary.SYSROLES_CATALOG_NUM,
                                     false, // no duplicatesAllowed
                                     tc);
                } else if (rgd == null) {
                    // Check if the grantee is a role (if not, it is a user)
                    RoleGrantDescriptor granteeDef =
                        dd.getRoleDefinitionDescriptor(grantee);


                    if (granteeDef != null) {
                        checkCircularity(role, grantee, grantor, tc, dd);
                    }

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

     StatementPermission statPerm) throws StandardException {


    LanguageConnectionContext lcc =
      activation.getLanguageConnectionContext();
    DataDictionary dd = lcc.getDataDictionary();
    RoleGrantDescriptor rootGrant = null;
    String role = lcc.getCurrentRoleId(activation);
    String dbo = dd.getAuthorizationDatabaseOwner();
    String authId = lcc.getAuthorizationId();
    PermissionsDescriptor permDesc = null;

View Full Code Here

Examples of org.apache.derby.iapi.sql.dictionary.RoleGrantDescriptor

      DataDictionary dd = lcc.getDataDictionary();
      DependencyManager dm = dd.getDependencyManager();


      String role =
        lcc.getCurrentRoleId(activation);
      RoleGrantDescriptor rgd =
        dd.getRoleDefinitionDescriptor(role);


      dm.addDependency
        (dependent, rgd,
         lcc.getContextManager());

View Full Code Here

0 1 2 3 4 5

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.