KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > com > daffodilwoods > daffodildb > server > sql99 > ddl > schemadefinition > grantrolestatement


1 package com.daffodilwoods.daffodildb.server.sql99.ddl.schemadefinition;
2
3 import java.util.*;
4
5 import com.daffodilwoods.daffodildb.server.datadictionarysystem.*;
6 import com.daffodilwoods.daffodildb.server.serversystem.*;
7 import com.daffodilwoods.daffodildb.server.sql99.*;
8 import com.daffodilwoods.daffodildb.server.sql99.common.*;
9 import com.daffodilwoods.daffodildb.server.sql99.ddl.descriptors.*;
10 import com.daffodilwoods.daffodildb.server.sql99.ddl.utility.*;
11 import com.daffodilwoods.daffodildb.server.sql99.dql.iterator.*;
12 import com.daffodilwoods.daffodildb.server.sql99.token.*;
13 import com.daffodilwoods.database.resource.*;
14
15 public class grantrolestatement implements grantstatement {
16    public SNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor _OptSNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor0;
17    public SRESERVEDWORD1206543922SRESERVEDWORD1206543922SNONRESERVEDWORD136444255 _OptSRESERVEDWORD1206543922SRESERVEDWORD1206543922SNONRESERVEDWORD1364442551;
18    public grantee[] _OptRepScomma94843605grantee2;
19    public grantee _grantee3;
20    public SRESERVEDWORD1206543922 _SRESERVEDWORD12065439224;
21    public rolegranted[] _OptRepScomma94843605rolegranted5;
22    public rolegranted _rolegranted6;
23    public SRESERVEDWORD1206543922 _SRESERVEDWORD12065439227;
24
25    private SchemaDescriptor schemaDes;
26    private boolean isGrantorRole;
27
28    /**
29     * @param object - is a object casttable to _ServerSession
30     * used for getting information and saving information of database
31     * Algo :-
32     * initialize the variables -- currentSession, globalSession, nestedStatement, RoleDescriptor
33     * retrieve the roles to be granted
34     * Ensure all roles exists -- check if no constraint is applied on system table
35     *
36     * retrieve the grantees
37     * Ensure all grantees exists -- check if no constraint is applied on system table
38     *
39     * validate grantor -- if not nestedStatement
40     * a. ensure that grantor has grant privilege for the roles.
41     * setProperties()
42     * a. set admin option
43     * save the role descriptor for every grantee.
44     * @return null
45     * @throws DException incase grant role statement is not sucessfully executed
46     */
47    public Object JavaDoc run(Object JavaDoc object) throws
48        DException {
49       _ServerSession currentSession = (_ServerSession) object;
50       TreeSet grantees = getGrantees(currentSession);
51       String JavaDoc grantor0 = getGrantor(currentSession);
52       ArrayList rolesList = getRolesTobeGranted(currentSession, grantees, grantor0);
53       saveRoleAuthorizationDescriptors(currentSession, grantees, rolesList, grantor0);
54       /** @todo
55        * refreshing of Privileges of grantees, had got more of roles.
56        * */
57       return null;
58    }
59
60    /**
61     * @param currentSession - _ServerSession used for retriving inforamtion
62     * checks for the grantee existance
63     * @return the list of all grantees;
64     * @throws DException
65     */
66    private TreeSet getGrantees(_ServerSession currentSession) throws DException {
67       TreeSet granttesList = new TreeSet(String.CASE_INSENSITIVE_ORDER);
68       _Executer userExecuter = SqlSchemaConstants.getExecuter(currentSession, QueryMaker.getUsersQuery());
69       _Executer rolesExecuter = SqlSchemaConstants.getExecuter(currentSession, QueryMaker.getRolesQuery());
70       String JavaDoc granteeName = (String JavaDoc) _grantee3.run(null);
71       if (! (granteeName.equalsIgnoreCase(SystemTables.SYSTEM) || granteeName.equalsIgnoreCase(ServerSystem.browserUser))) {
72          checkGranteeExistance(userExecuter, rolesExecuter, granteeName);
73       }
74       granttesList.add(granteeName);
75       if (_OptRepScomma94843605grantee2 != null) {
76          for (int i = 0; i < _OptRepScomma94843605grantee2.length; i++) {
77             String JavaDoc granteeName1 = (String JavaDoc) _OptRepScomma94843605grantee2[i].run(null);
78             if (! (granteeName1.equalsIgnoreCase(SystemTables.SYSTEM) || granteeName1.equalsIgnoreCase(ServerSystem.browserUser))) {
79                checkGranteeExistance(userExecuter, rolesExecuter, granteeName1);
80             }
81             granttesList.add(granteeName1);
82          }
83       }
84       return granttesList;
85    }
86
87    /**
88     * checks for the grantee existance
89     * @param userExecuter - _Executer on users Table with contion user_name = ?
90     * @param rolesExecuter - _Executer on roles Table wirh condition role_name = ?
91     * @param granteeName - user/role whose existance is to be checked
92     * @throws DException - is user/role doesn't exists
93     */
94    private void checkGranteeExistance(_Executer userExecuter, _Executer rolesExecuter, String JavaDoc granteeName) throws DException {
95       _SelectQueryIterator iterator = (_SelectQueryIterator) userExecuter.executeForFresh(new Object JavaDoc[] {granteeName});
96       if (!iterator.first()) {
97          iterator = (_SelectQueryIterator) rolesExecuter.executeForFresh(new Object JavaDoc[] {granteeName});
98          if (!iterator.first()) {
99             throw new DException("DSE8094", new Object JavaDoc[] {granteeName});
100          }
101       }
102    }
103
104    /**
105     * @param currentSession - _serverSesion object usered for
106     * getting CURRENT_USER / CURRENT_ROLE
107     * Returns the current grantor
108     * if GRANTED BY <grantor> is not specified
109     * if CURRENT_USER == null then CURRENT_ROLE otherwise CURRENT_USER
110     * if GRANTED BY <grantor> is specified
111     * if grantor == CURRENT_USER then CURRENT_USER
112     * if grantor == CURRENT_ROLE then CURRENT_ROLE
113     * @return the grantor
114     * @throws DException in case of internal error
115     */
116    private String JavaDoc getGrantor(_ServerSession currentSession) throws DException {
117       String JavaDoc grantor0 = null;
118       if (_OptSNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor0 == null) {
119          String JavaDoc current_role = currentSession.getCurrentRole();
120          isGrantorRole = current_role == null;
121          grantor0 = isGrantorRole ?
122               currentSession.getCurrentUser() : current_role;
123
124       } else {
125          String JavaDoc grantorType =
126              _OptSNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor0.
127              _grantor0.toString();
128          isGrantorRole = grantorType.equalsIgnoreCase(SqlKeywords.CURRENT_ROLE);
129          grantor0 = isGrantorRole ? currentSession.getCurrentRole() : currentSession.getCurrentUser();
130          if (grantor0 == null) {
131             throw new DException("DSE520", null);
132          }
133       }
134       return grantor0;
135    }
136
137    /**
138     * @param currentSession - _ServerSession used for
139     * retriving required information frm database
140     * @param granteesList - list of grantees to whom the roles are to be granted
141     * @param grantor0 - the user/role who is granting the role
142     * checks whether the role granted and grantee are not same
143     * checks that roles to be granted should be included in apllicable roles of grantor
144     * and the specific RoleAuthorization Descriptor shall specify WITH ADMIN OPTION
145     * returns all the roles that are to be grantes
146     * @return the list of roles which are to be granted
147     * @throws DException in case cylce of grant is formed ,
148     * (i.e. when a role is granted to istself) ,
149     * or when the grantor dosen't have right to grant any of role.
150     */
151    private ArrayList getRolesTobeGranted(_ServerSession currentSession,
152                                          TreeSet granteesList, String JavaDoc grantor0) throws DException {
153       ArrayList rolesList = new ArrayList();
154       TreeMap applicableRoles = isGrantorRole ? GeneralUtility.getApplicableRoles(currentSession, grantor0)
155           : GeneralUtility.getApplicableRolesForUser(currentSession, grantor0);
156       _Executer rolesExecuter = ( (DataDictionary) currentSession.getDataDictionary()).getPreparedStatementGetter().getExecuterForRoleValidity();
157       String JavaDoc roleName = (String JavaDoc) _rolegranted6.run(null);
158       _Iterator iterator = (_Iterator) rolesExecuter.executeForFresh(new Object JavaDoc[] {roleName});
159       if (!iterator.first()) {
160          throw new DException("DSE8185", new Object JavaDoc[] {roleName});
161       }
162       checkCyclicRoles(currentSession, roleName, granteesList);
163
164       RoleAuthorizationDescriptor roleAuthDes = (RoleAuthorizationDescriptor) applicableRoles.get(roleName);
165       if (roleAuthDes == null || roleAuthDes.is_grantable.equalsIgnoreCase(SqlSchemaConstants.NO)) {
166          throw new DException("DSE8096", new Object JavaDoc[] {grantor0});
167       }
168       rolesList.add(roleName);
169       if (_OptRepScomma94843605rolegranted5 != null) {
170          for (int i = 0; i < _OptRepScomma94843605rolegranted5.length; i++) {
171             String JavaDoc roleName1 = (String JavaDoc) _OptRepScomma94843605rolegranted5[i].run(null);
172             _Iterator iter = (_Iterator) rolesExecuter.executeForFresh(new Object JavaDoc[] {roleName1});
173             if (!iter.first()) {
174                throw new DException("DSE8185", new Object JavaDoc[] {roleName1});
175             }
176             checkCyclicRoles(currentSession, roleName1, granteesList);
177             roleAuthDes = (RoleAuthorizationDescriptor) applicableRoles.get(roleName);
178             if (roleAuthDes == null || roleAuthDes.is_grantable.equalsIgnoreCase(SqlSchemaConstants.NO)) {
179                throw new DException("DSE8096", new Object JavaDoc[] {grantor0});
180             }
181             rolesList.add(roleName1);
182          }
183       }
184       return rolesList;
185    }
186
187    private void checkCyclicRoles(_ServerSession currentSession, String JavaDoc roleName, TreeSet granteesList) throws DException {
188       if (granteesList.contains(roleName)) {
189          throw new DException("DSE8093", null);
190       }
191       String JavaDoc[] applicableRolesOfRole = GeneralUtility.getApplicableRoleNames( ( (DataDictionary) currentSession.getDataDictionary()).getPreparedStatementGetter(), roleName);
192       if (applicableRolesOfRole != null) {
193          for (int i = 0; i < applicableRolesOfRole.length; i++) {
194             if (granteesList.contains(applicableRolesOfRole[i])) {
195                throw new DException("DSE8093", null);
196             }
197          }
198       }
199    }
200
201    /**
202     * @param currentSession -_ServerSesion used for saving information in database
203     * @param grantees - list of users/roles to whom the roles are to be granted
204     * @param rolesList - list of roles to be granted
205     * Initilaize the values of RoleAuthoriztionDescriptor
206     * saves all the RoleAuthorization Descriptors
207     * If the role is already granted to grantee then
208     * update if the current RoleAuthorizationDescriptor have is_grantable as 'YES'
209     * @param grantor0 - the user/role granting the role
210     * @throws DException In case of internal error
211     */
212    private void saveRoleAuthorizationDescriptors(_ServerSession currentSession, TreeSet grantees, ArrayList rolesList, String JavaDoc grantor0) throws DException {
213       String JavaDoc isGranteable = _OptSRESERVEDWORD1206543922SRESERVEDWORD1206543922SNONRESERVEDWORD1364442551 != null
214           ? SqlSchemaConstants.YES : SqlSchemaConstants.NO;
215       Object JavaDoc[] granteeList = grantees.toArray();
216       int noOfGrantees = grantees.size();
217       for (int i = 0, size = rolesList.size(); i < size; i++) {
218          for (int j = 0; j < noOfGrantees; j++) {
219             RoleAuthorizationDescriptor roleAuthoDes = new RoleAuthorizationDescriptor();
220             roleAuthoDes.role_name = (String JavaDoc) rolesList.get(i);
221             roleAuthoDes.grantee = (String JavaDoc) granteeList[j];
222             roleAuthoDes.grantor = grantor0;
223             roleAuthoDes.is_grantable = isGranteable;
224             try {
225                roleAuthoDes.save(currentSession);
226             } catch (DException ex) {
227                if (ex.getDseCode().equals("DSE1151") &&
228                    roleAuthoDes.is_grantable.equalsIgnoreCase(SqlSchemaConstants.YES)) {
229                   roleAuthoDes.updateIsGrantableValue(currentSession,
230                       roleAuthoDes.is_grantable);
231                }
232             }
233          }
234       }
235    }
236
237    public Object JavaDoc clone() throws CloneNotSupportedException JavaDoc {
238       return this;
239    }
240
241    public String JavaDoc toString() {
242       StringBuffer JavaDoc sb = new StringBuffer JavaDoc();
243       sb.append(" ");
244       sb.append(_SRESERVEDWORD12065439227);
245       sb.append(" ");
246       sb.append(_rolegranted6);
247       sb.append(" ");
248       if (_OptRepScomma94843605rolegranted5 != null) {
249          for (int i = 0; i < _OptRepScomma94843605rolegranted5.length; i++) {
250             sb.append(",").append(_OptRepScomma94843605rolegranted5[i]);
251          }
252       }
253       sb.append(" ");
254       sb.append(_SRESERVEDWORD12065439224);
255       sb.append(" ");
256       sb.append(_grantee3);
257       sb.append(" ");
258       if (_OptRepScomma94843605grantee2 != null) {
259          for (int i = 0; i < _OptRepScomma94843605grantee2.length; i++) {
260             sb.append(",").append(_OptRepScomma94843605grantee2[i]);
261          }
262       }
263       sb.append(" ");
264       if (
265           _OptSRESERVEDWORD1206543922SRESERVEDWORD1206543922SNONRESERVEDWORD1364442551 != null) {
266          sb.append(
267              _OptSRESERVEDWORD1206543922SRESERVEDWORD1206543922SNONRESERVEDWORD1364442551);
268       }
269       sb.append(" ");
270       if (_OptSNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor0 != null) {
271          sb.append(_OptSNONRESERVEDWORD136444255SRESERVEDWORD1206543922grantor0);
272       }
273       return sb.toString();
274    }
275
276    public void setSchemaDescriptor(_Descriptor schemaDes0) throws
277        DException {
278       schemaDes = (SchemaDescriptor) schemaDes0;
279    }
280 }
281
Popular Tags