|
1
5 package org.h2.command.ddl;
6
7 import java.sql.SQLException  ;
8
9 import org.h2.engine.Database;
10 import org.h2.engine.Right;
11 import org.h2.engine.RightOwner;
12 import org.h2.engine.Role;
13 import org.h2.engine.Session;
14 import org.h2.jdbc.JdbcSQLException;
15 import org.h2.message.Message;
16 import org.h2.table.Table;
17 import org.h2.util.ObjectArray;
18
19 public class GrantRevoke extends DefineCommand {
20
21 public static final int GRANT = 0, REVOKE = 1;
22 private ObjectArray roleNames;
23 private int operationType;
24 private int rightMask;
25 private ObjectArray tables = new ObjectArray();
26 private RightOwner grantee;
27
28 public GrantRevoke(Session session) {
29 super(session);
30 }
31
32 public void setOperationType(int operationType) {
33 this.operationType = operationType;
34 }
35
36 public void addRight(int right) {
37 this.rightMask |= right;
38 }
39
40 public void addRoleName(String roleName) {
41 if(roleNames == null) {
42 roleNames = new ObjectArray();
43 }
44 roleNames.add(roleName);
45 }
46
47 public void setGranteeName(String granteeName) throws JdbcSQLException {
48 Database db = session.getDatabase();
49 grantee = db.findUser(granteeName);
50 if(grantee == null) {
51 grantee = db.findRole(granteeName);
52 if(grantee == null) {
53 throw Message.getSQLException(Message.USER_OR_ROLE_NOT_FOUND_1, granteeName);
54 }
55 }
56 }
57
58 public int update() throws SQLException {
59 session.getUser().checkAdmin();
60 session.commit();
61 Database db = session.getDatabase();
62 if(roleNames != null) {
63 for(int i=0; i<roleNames.size(); i++) {
64 String name = (String ) roleNames.get(i);
65 Role grantedRole = db.findRole(name);
66 if (grantedRole == null) {
67 throw Message.getSQLException(Message.ROLE_NOT_FOUND_1, name);
68 }
69 if(operationType == GRANT) {
70 grantRole(grantedRole);
71 } else if (operationType == REVOKE) {
72 revokeRole(grantedRole);
73 } else {
74 throw Message.getInternalError("type="+operationType);
75 }
76 }
77 } else {
78 if(operationType == GRANT) {
79 grantRight();
80 } else if (operationType == REVOKE) {
81 revokeRight();
82 } else {
83 throw Message.getInternalError("type="+operationType);
84 }
85 }
86 return 0;
87 }
88
89 private void grantRight() throws SQLException {
90 Database db = session.getDatabase();
91 for(int i=0; i<tables.size(); i++) {
92 Table table = (Table) tables.get(i);
93 Right right = grantee.getRightForTable(table);
94 if(right == null) {
95 int id = getObjectId(true, true);
96 right = new Right(db, id, grantee, rightMask, table);
97 grantee.grantRight(table, right);
98 db.addDatabaseObject(session, right);
99 } else {
100 right.setRightMask(right.getRightMask() | rightMask);
101 }
102 }
103 }
104
105 private void grantRole(Role grantedRole) throws SQLException {
106 if(grantee.isRoleGranted(grantedRole)) {
107 throw Message.getSQLException(Message.ROLE_ALREADY_GRANTED_1, grantedRole.getSQL());
108 }
109 if(grantee instanceof Role) {
110 Role granteeRole = (Role) grantee;
111 if(grantedRole.isRoleGranted(granteeRole)) {
112 throw Message.getSQLException(Message.ROLE_ALREADY_GRANTED_1, grantedRole.getSQL());
114 }
115 }
116 Database db = session.getDatabase();
117 int id = getObjectId(true, true);
118 Right right = new Right(db, id, grantee, grantedRole);
119 db.addDatabaseObject(session, right);
120 grantee.grantRole(session, grantedRole, right);
121 }
122
123 private void revokeRight() throws SQLException {
124 for(int i=0; i<tables.size(); i++) {
125 Table table = (Table) tables.get(i);
126 Right right = grantee.getRightForTable(table);
127 if(right == null) {
128 throw Message.getSQLException(Message.RIGHT_NOT_FOUND);
129 }
130 int mask = right.getRightMask();
131 if((mask & rightMask) != rightMask) {
132 throw Message.getSQLException(Message.RIGHT_NOT_FOUND);
133 }
134 int newRight = mask ^ rightMask;
135 Database db = session.getDatabase();
136 if(newRight == 0) {
137 db.removeDatabaseObject(session, right);
138 } else {
139 right.setRightMask(newRight);
140 db.update(session, right);
141 }
142 }
143 }
144
145 private void revokeRole(Role grantedRole) throws SQLException {
146 Right right = grantee.getRightForRole(grantedRole);
147 if(right == null) {
148 throw Message.getSQLException(Message.RIGHT_NOT_FOUND);
149 }
150 Database db = session.getDatabase();
151 db.removeDatabaseObject(session, right);
152 }
153
154 public boolean isTransactional() {
155 return false;
156 }
157
158 public void addTable(Table table) {
159 tables.add(table);
160 }
161
162 }
163 |
Popular Tags |
Java API By Example, From Geeks To Geeks.