PermissionsCacheable


1   /*
2   
3      Derby - Class org.apache.derby.impl.sql.catalog.PermissionsCacheable
4   
5      Licensed to the Apache Software Foundation (ASF) under one or more
6      contributor license agreements.  See the NOTICE file distributed with
7      this work for additional information regarding copyright ownership.
8      The ASF licenses this file to you under the Apache License, Version 2.0
9      (the "License"); you may not use this file except in compliance with
10     the License.  You may obtain a copy of the License at
11  
12        http://www.apache.org/licenses/LICENSE-2.0
13  
14     Unless required by applicable law or agreed to in writing, software
15     distributed under the License is distributed on an "AS IS" BASIS,
16     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17     See the License for the specific language governing permissions and
18     limitations under the License.
19  
20   */
21  
22  package org.apache.derby.impl.sql.catalog;
23  
24  import org.apache.derby.iapi.error.StandardException;
25  
26  import org.apache.derby.iapi.services.cache.Cacheable;
27  import org.apache.derby.iapi.services.cache.CacheManager;
28  import org.apache.derby.iapi.services.io.FormatableBitSet;
29  
30  import org.apache.derby.iapi.sql.conn.Authorizer;
31  import org.apache.derby.iapi.sql.conn.ConnectionUtil;
32  
33  import org.apache.derby.iapi.sql.dictionary.TableDescriptor;
34  import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;
35  import org.apache.derby.iapi.sql.dictionary.AliasDescriptor;
36  import org.apache.derby.iapi.sql.dictionary.TablePermsDescriptor;
37  import org.apache.derby.iapi.sql.dictionary.PermissionsDescriptor;
38  import org.apache.derby.iapi.sql.dictionary.ColPermsDescriptor;
39  import org.apache.derby.iapi.sql.dictionary.RoutinePermsDescriptor;
40  
41  import org.apache.derby.iapi.services.sanity.SanityManager;
42  
43  /**
44   * This class implements a Cacheable for a DataDictionary cache of
45   * permissions.
46   */
47  class PermissionsCacheable implements Cacheable
48  {
49      protected final DataDictionaryImpl dd;
50      private PermissionsDescriptor permissions;
51      
52      PermissionsCacheable(DataDictionaryImpl dd)
53      {
54          this.dd = dd;
55      }
56  
57      /* Cacheable interface */
58      public Cacheable setIdentity(Object   key) throws StandardException
59      {
60          // If the user does not have permission then cache an empty (no permission) descriptor in
61          // case the same user asks again. That is particularly important for table permission because
62          // we ask about table permission before column permissions. If a user has permission to use a
63          // proper subset of the columns we will still ask about table permission every time he tries
64          // to access that column subset.
65          if( key instanceof TablePermsDescriptor)
66          {
67              TablePermsDescriptor tablePermsKey = (TablePermsDescriptor) key;
68              permissions = dd.getUncachedTablePermsDescriptor( tablePermsKey);
69              if( permissions == null)
70              {
71                  // The owner has all privileges unless they have been revoked.
72                  TableDescriptor td = dd.getTableDescriptor( tablePermsKey.getTableUUID());
73                  SchemaDescriptor sd = td.getSchemaDescriptor();
74                  if( sd.isSystemSchema())
75                      // RESOLVE The access to system tables is hard coded to SELECT only to everyone.
76                      // Is this the way we want Derby to work? Should we allow revocation of read access
77                      // to system tables? If so we must explicitly add a row to the SYS.SYSTABLEPERMISSIONS
78                      // table for each system table when a database is created.
79                      permissions = new TablePermsDescriptor( dd,
80                                                              tablePermsKey.getGrantee(),
81                                                              (String  ) null,
82                                                              tablePermsKey.getTableUUID(),
83                                                              "Y", "N", "N", "N", "N", "N");
84                  else if( tablePermsKey.getGrantee().equals( sd.getAuthorizationId()))
85                      permissions = new TablePermsDescriptor( dd,
86                                                              tablePermsKey.getGrantee(),
87                                                              Authorizer.SYSTEM_AUTHORIZATION_ID,
88                                                              tablePermsKey.getTableUUID(),
89                                                              "Y", "Y", "Y", "Y", "Y", "Y");
90                  else
91                      permissions = new TablePermsDescriptor( dd,
92                                                              tablePermsKey.getGrantee(),
93                                                              (String  ) null,
94                                                              tablePermsKey.getTableUUID(),
95                                                              "N", "N", "N", "N", "N", "N");
96              }
97          }
98          else if( key instanceof ColPermsDescriptor)
99          {
100             ColPermsDescriptor colPermsKey = (ColPermsDescriptor) key;
101             permissions = dd.getUncachedColPermsDescriptor(colPermsKey );
102             if( permissions == null)
103                 permissions = new ColPermsDescriptor( dd,
104                                                       colPermsKey.getGrantee(),
105                                                       (String  ) null,
106                                                       colPermsKey.getTableUUID(),
107                                                       colPermsKey.getType(),
108                                                       (FormatableBitSet) null);
109         }
110         else if( key instanceof RoutinePermsDescriptor)
111         {
112             RoutinePermsDescriptor routinePermsKey = (RoutinePermsDescriptor) key;
113             permissions = dd.getUncachedRoutinePermsDescriptor( routinePermsKey);
114             if( permissions == null)
115             {
116                 // The owner has all privileges unless they have been revoked.
117                 try
118                 {
119                     AliasDescriptor ad = dd.getAliasDescriptor( routinePermsKey.getRoutineUUID());
120                     SchemaDescriptor sd = dd.getSchemaDescriptor( ad.getSchemaUUID(),
121                                               ConnectionUtil.getCurrentLCC().getTransactionExecute());
122                     if (sd.isSystemSchema() && !sd.isSchemaWithGrantableRoutines())
123                         permissions = new RoutinePermsDescriptor( dd,
124                                                                   routinePermsKey.getGrantee(),
125                                                                   (String  ) null,
126                                                                   routinePermsKey.getRoutineUUID(),
127                                                                   true);
128                     else if( routinePermsKey.getGrantee().equals( sd.getAuthorizationId()))
129                         permissions = new RoutinePermsDescriptor( dd,
130                                                                   routinePermsKey.getGrantee(),
131                                                                   Authorizer.SYSTEM_AUTHORIZATION_ID,
132                                                                   routinePermsKey.getRoutineUUID(),
133                                                                   true);
134                 }
135                 catch( java.sql.SQLException   sqle)
136                 {
137                     throw StandardException.plainWrapException( sqle);
138                 }
139             }
140         }
141         else
142         {
143             if( SanityManager.DEBUG)
144                 SanityManager.NOTREACHED();
145             return null;
146         }
147         if( permissions != null)
148             return this;
149         return null;
150     } // end of setIdentity
151 
152     public Cacheable createIdentity(Object   key, Object   createParameter) throws StandardException
153     {
154         if (SanityManager.DEBUG)
155         {
156             SanityManager.ASSERT( (key instanceof TablePermsDescriptor) ||
157                                   (key instanceof ColPermsDescriptor) ||
158                                   (key instanceof RoutinePermsDescriptor),
159                                   "Invalid class, " + key.getClass().getName()
160                                   + ", passed as key to PermissionsCacheable.createIdentity");
161         }
162         if( key == null)
163             return null;
164         permissions = (PermissionsDescriptor) ((PermissionsDescriptor)key).clone();
165         return this;
166     } // end of createIdentity
167 
168     public void clearIdentity()
169     {
170         permissions = null;
171     }
172 
173     public Object   getIdentity()
174     {
175         return permissions;
176     }
177 
178     public boolean isDirty()
179     {
180         return false;
181     }
182 
183     public void clean(boolean forRemove) throws StandardException
184     {
185     }
186 }
187
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags