UserUtility


1   /*
2   
3      Derby - Class org.apache.derby.database.UserUtility
4   
5      Licensed to the Apache Software Foundation (ASF) under one or more
6      contributor license agreements.  See the NOTICE file distributed with
7      this work for additional information regarding copyright ownership.
8      The ASF licenses this file to You under the Apache License, Version 2.0
9      (the "License"); you may not use this file except in compliance with
10     the License.  You may obtain a copy of the License at
11  
12        http://www.apache.org/licenses/LICENSE-2.0
13  
14     Unless required by applicable law or agreed to in writing, software
15     distributed under the License is distributed on an "AS IS" BASIS,
16     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17     See the License for the specific language governing permissions and
18     limitations under the License.
19  
20   */
21  
22  package org.apache.derby.database;
23  import org.apache.derby.iapi.db.PropertyInfo;
24  import org.apache.derby.iapi.store.access.TransactionController;
25  import org.apache.derby.iapi.util.IdUtil;
26  import org.apache.derby.iapi.error.StandardException;
27  import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
28  import org.apache.derby.iapi.sql.conn.ConnectionUtil;
29  import org.apache.derby.iapi.reference.SQLState;
30  import org.apache.derby.iapi.reference.Property;
31  
32  import java.sql.SQLException  ;
33  import org.apache.derby.iapi.error.PublicAPI;
34  
35  /**
36    This utility class provides static methods for managing user authorization in a Cloudscape database.
37    
38     <p>This class can only be used within an SQL-J statement, a Java procedure or a server side Java method.
39     <p>This class can be accessed using the class alias <code> USERUTILITY </code> in SQL-J statements.
40    */
41  public abstract class UserUtility
42  {
43      /** Enumeration value for read access permission ("READ_ACCESS_PERMISSION"). */
44      public final static String   READ_ACCESS_PERMISSION = "READ_ACCESS_PERMISSION";
45      /** Enumeration value for full access permission ("FULL_ACCESS_PERMISSION"). */
46      public final static String   FULL_ACCESS_PERMISSION = "FULL_ACCESS_PERMISSION";
47  
48      /** Prevent users from creating UserUtility Objects. */
49      private UserUtility() {}
50  
51      /**
52        Add a user's authorization permission to the database.
53  
54        <P>
55        Only users with FULL_ACCESS_PERMISSION may use this.
56        
57        @param userName the user's name. A valid possibly delimited
58        SQL identifier.
59        @param permission READ_ACCESS_PERMISSION or FULL_ACCESS_PERMISSION.
60        @exception SQLException thrown if this fails.
61        */
62      public static final void add(String   userName, String   permission)
63           throws SQLException  
64      {
65          String   pv;
66          TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
67          try {
68          normalizeIdParam("userName",userName); //Validate
69          if (permission==null)
70              throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, "permission","null");           
71          if (permission.equals(READ_ACCESS_PERMISSION))
72          {
73              pv = (String  )tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
74              pv = IdUtil.appendId(userName,pv);
75              PropertyInfo.setDatabaseProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY,pv);
76          }
77          else if (permission.equals(FULL_ACCESS_PERMISSION))
78          {
79              pv = (String  )tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
80              pv = IdUtil.appendId(userName,pv);
81              PropertyInfo.setDatabaseProperty(Property.FULL_ACCESS_USERS_PROPERTY,pv);
82          }
83          else
84              throw StandardException.newException(SQLState.UU_UNKNOWN_PERMISSION, permission);
85          } catch (StandardException se) {
86              throw PublicAPI.wrapStandardException(se);
87          }
88      }
89  
90      /**
91        Set the authorization permission for a user in the database.
92  
93        <P>
94        Only users with FULL_ACCESS_PERMISSION may use this.
95  
96        @param userName the user's name. A valid possibly delimited
97        SQL identifier.
98        @param permission READ_ACCESS_PERMISSION or FULL_ACCESS_PERMISSION.
99        @exception SQLException thrown if this fails.
100       */
101     public static final void set(String   userName, String   permission)
102          throws SQLException  
103     {
104         drop(userName);
105         add(userName,permission);
106     }
107 
108     /**
109       Drop a user's authorization permission from the database.
110 
111       <P>
112       Only users with FULL_ACCESS_PERMISSION may use this.
113 
114       @param userName the user's name. A valid possibly delimited
115       SQL identifier.
116 
117       @exception SQLException thrown if this fails or the user
118       being dropped does not exist.
119       */
120     public static final void drop(String   userName) throws
121     SQLException  
122     {
123         TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
124 
125         try {
126         String   userId = normalizeIdParam("userName",userName); 
127 
128         String   access = getPermission(userName);
129         if (access != null && access.equals(READ_ACCESS_PERMISSION))
130         {
131             String   pv = (String  )tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
132             String   newList = IdUtil.deleteId(userId,pv);
133             PropertyInfo.setDatabaseProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY,newList);
134         }
135         else if (access != null && access.equals(FULL_ACCESS_PERMISSION))
136         {
137             String   pv = (String  )tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
138             String   newList = IdUtil.deleteId(userId,pv);
139             PropertyInfo.setDatabaseProperty(Property.FULL_ACCESS_USERS_PROPERTY,newList);
140         }
141         else
142         {
143             throw StandardException.newException(SQLState.UU_UNKNOWN_USER, userName);
144         }
145         } catch (StandardException se) {
146             throw PublicAPI.wrapStandardException(se);
147         }
148     }
149 
150     /**
151       Return a user's authorization permission in a database.
152 
153       <P>
154       Users with FULL_ACCESS_PERMISSION or READ_ACCESS_PERMISSION
155       may use this.
156       
157       @param userName the user's name. A valid possibly delimited
158       SQL identifier.
159       @return FULL_ACCESS_PERMISSION if the user is in "derby.database.fullAccessUsers",
160               READ_ACCESS_PERMISSION if the user is in "derby.database.readOnlyAccessUsers",
161               or null if the user is not in either list.
162       @exception SQLException thrown if this fails.
163       */
164     public static final String   getPermission(String   userName)
165          throws SQLException  
166     {
167         TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
168 
169         try {
170 
171         String   pv = (String  )
172             tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
173         String   userId = normalizeIdParam("userName",userName); 
174         if (IdUtil.idOnList(userId,pv)) return READ_ACCESS_PERMISSION;
175         pv = (String  )tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
176         if (IdUtil.idOnList(userId,pv)) return FULL_ACCESS_PERMISSION;
177         return null;
178         } catch (StandardException se) {
179             throw PublicAPI.wrapStandardException(se);
180         }
181     }
182 
183     private static String   normalizeIdParam(String   pName, String   pValue)
184          throws StandardException
185     {
186         if (pValue==null)
187             throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, pName,"null");
188             
189         try {
190             return IdUtil.parseId(pValue);
191         }
192         catch (StandardException se) {
193             throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, se, pName,pValue);
194         }
195     }
196 }
197
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags