StatementTablePermission


1   /*
2   
3      Derby - Class org.apache.derby.iapi.sql.dictionary.StatementTablePermission
4   
5      Licensed to the Apache Software Foundation (ASF) under one or more
6      contributor license agreements.  See the NOTICE file distributed with
7      this work for additional information regarding copyright ownership.
8      The ASF licenses this file to you under the Apache License, Version 2.0
9      (the "License"); you may not use this file except in compliance with
10     the License.  You may obtain a copy of the License at
11  
12        http://www.apache.org/licenses/LICENSE-2.0
13  
14     Unless required by applicable law or agreed to in writing, software
15     distributed under the License is distributed on an "AS IS" BASIS,
16     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17     See the License for the specific language governing permissions and
18     limitations under the License.
19  
20   */
21  
22  package org.apache.derby.iapi.sql.dictionary;
23  
24  import org.apache.derby.iapi.error.StandardException;
25  import org.apache.derby.catalog.UUID;
26  import org.apache.derby.iapi.sql.conn.Authorizer;
27  import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
28  import org.apache.derby.iapi.reference.SQLState;
29  
30  /**
31   * This class describes a table permission required by a statement.
32   */
33  
34  public class StatementTablePermission extends StatementPermission
35  {
36      UUID tableUUID;
37      int privType; // One of Authorizer.SELECT_PRIV, UPDATE_PRIV, etc.
38  
39      /**
40       * Constructor for StatementTablePermission. Creates an instance of
41       * table permission requested for the given access.
42       * 
43       * @param tableUUID UUID of the table
44       * @param privType  Access privilege requested
45       *
46       */
47      public StatementTablePermission(UUID tableUUID, int privType)
48      {
49          this.tableUUID = tableUUID;
50          this.privType = privType;
51      }
52  
53      /**
54       * Return privilege access requested for this access descriptor
55       *
56       * @return  Privilege access
57       */
58      public int getPrivType()
59      {
60          return privType;
61      }
62  
63      /**
64       * Return table UUID for this access descriptor
65       *
66       * @return  Table UUID
67       */
68      public UUID getTableUUID()
69      {
70          return tableUUID;
71      }
72  
73      /**
74       * Routine to check if another instance of access descriptor matches this.
75       * Used to ensure only one access descriptor for a table of given privilege is created.
76       * Otherwise, every column reference from a table may create a descriptor for that table.
77       *
78       * @param obj   Another instance of StatementPermission
79       *
80       * @return  true if match
81       */
82      public boolean equals( Object   obj)
83      {
84          if( obj == null)
85              return false;
86          if( getClass().equals( obj.getClass()))
87          {
88              StatementTablePermission other = (StatementTablePermission) obj;
89              return privType == other.privType && tableUUID.equals( other.tableUUID);
90          }
91          return false;
92      } // end of equals
93  
94      /**
95       * Return hash code for this instance
96       *
97       * @return  Hashcode
98       *
99       */
100     public int hashCode()
101     {
102         return privType + tableUUID.hashCode();
103     }
104     
105     /**
106      * @see StatementPermission#check
107      */
108     public void check( LanguageConnectionContext lcc,
109                        String   authorizationId,
110                        boolean forGrant)
111         throws StandardException
112     {
113         DataDictionary dd = lcc.getDataDictionary();
114     
115         if( ! hasPermissionOnTable( dd, authorizationId, forGrant))
116         {
117             TableDescriptor td = getTableDescriptor( dd);
118             throw StandardException.newException( forGrant ? SQLState.AUTH_NO_TABLE_PERMISSION_FOR_GRANT
119                                                   : SQLState.AUTH_NO_TABLE_PERMISSION,
120                                                   authorizationId,
121                                                   getPrivName(),
122                                                   td.getSchemaName(),
123                                                   td.getName());
124         }
125     } // end of check
126 
127     protected TableDescriptor getTableDescriptor(DataDictionary dd)  throws StandardException
128     {
129         TableDescriptor td = dd.getTableDescriptor( tableUUID);
130         if( td == null)
131             throw StandardException.newException(SQLState.AUTH_INTERNAL_BAD_UUID, "table");
132         return td;
133     } // end of getTableDescriptor
134 
135     /*
136      * Check if authorizationId has permission on the table
137      */
138     protected boolean hasPermissionOnTable(DataDictionary dd, String   authorizationId, boolean forGrant)
139         throws StandardException
140     {
141         return oneAuthHasPermissionOnTable( dd, Authorizer.PUBLIC_AUTHORIZATION_ID, forGrant)
142           || oneAuthHasPermissionOnTable( dd, authorizationId, forGrant);
143     }
144 
145     protected boolean oneAuthHasPermissionOnTable(DataDictionary dd, String   authorizationId, boolean forGrant)
146         throws StandardException
147     {
148         TablePermsDescriptor perms = dd.getTablePermissions( tableUUID, authorizationId);
149         if( perms == null)
150             return false;
151         
152         String   priv = null;
153             
154         switch( privType)
155         {
156         case Authorizer.SELECT_PRIV:
157             priv = perms.getSelectPriv();
158             break;
159         case Authorizer.UPDATE_PRIV:
160             priv = perms.getUpdatePriv();
161             break;
162         case Authorizer.REFERENCES_PRIV:
163             priv = perms.getReferencesPriv();
164             break;
165         case Authorizer.INSERT_PRIV:
166             priv = perms.getInsertPriv();
167             break;
168         case Authorizer.DELETE_PRIV:
169             priv = perms.getDeletePriv();
170             break;
171         case Authorizer.TRIGGER_PRIV:
172             priv = perms.getTriggerPriv();
173             break;
174         }
175 
176         return "Y".equals(priv) || (!forGrant) && "y".equals( priv);
177     } // end of hasPermissionOnTable
178 
179     /**
180      * @see StatementPermission#getPermissionDescriptor
181      */
182     public PermissionsDescriptor getPermissionDescriptor(String   authid, DataDictionary dd)
183     throws StandardException
184     {
185         //if the required type of privilege exists for the given authorizer,
186         //then pass the permission descriptor for it.
187         if (oneAuthHasPermissionOnTable( dd, authid, false))
188             return dd.getTablePermissions(tableUUID, authid);
189         else return null;
190     }
191 
192     /**
193      * Return privilege needed for this access as string
194      *
195      * @return  privilege string
196      */
197     public String   getPrivName( )
198     {
199         switch( privType)
200         {
201         case Authorizer.SELECT_PRIV:
202             return "select";
203         case Authorizer.UPDATE_PRIV:
204             return "update";
205         case Authorizer.REFERENCES_PRIV:
206             return "references";
207         case Authorizer.INSERT_PRIV:
208             return "insert";
209         case Authorizer.DELETE_PRIV:
210             return "delete";
211         case Authorizer.TRIGGER_PRIV:
212             return "trigger";
213         }
214         return "?";
215     } // end of getPrivName
216 }
217
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags