Source Code Cross Referenced for StatementTablePermission.java in  » Database-DBMS » db-derby-10.2 » org » apache » derby » iapi » sql » dictionary » Java Source Code / Java DocumentationJava Source Code and Java Documentation

001:        /*
002:
003:           Derby - Class org.apache.derby.iapi.sql.dictionary.StatementTablePermission
004:
005:           Licensed to the Apache Software Foundation (ASF) under one or more
006:           contributor license agreements.  See the NOTICE file distributed with
007:           this work for additional information regarding copyright ownership.
008:           The ASF licenses this file to you under the Apache License, Version 2.0
009:           (the "License"); you may not use this file except in compliance with
010:           the License.  You may obtain a copy of the License at
011:
012:        	  http://www.apache.org/licenses/LICENSE-2.0
013:
014:           Unless required by applicable law or agreed to in writing, software
015:           distributed under the License is distributed on an "AS IS" BASIS,
016:           WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
017:           See the License for the specific language governing permissions and
018:           limitations under the License.
019:
020:         */
021:
022:        package org.apache.derby.iapi.sql.dictionary;
023:
024:        import org.apache.derby.iapi.error.StandardException;
025:        import org.apache.derby.catalog.UUID;
026:        import org.apache.derby.iapi.sql.conn.Authorizer;
027:        import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
028:        import org.apache.derby.iapi.reference.SQLState;
029:
030:        /**
031:         * This class describes a table permission required by a statement.
032:         */
033:
034:        public class StatementTablePermission extends StatementPermission {
035:            UUID tableUUID;
036:            int privType; // One of Authorizer.SELECT_PRIV, UPDATE_PRIV, etc.
037:
038:            /**
039:             * Constructor for StatementTablePermission. Creates an instance of
040:             * table permission requested for the given access.
041:             * 
042:             * @param tableUUID	UUID of the table
043:             * @param privType	Access privilege requested
044:             *
045:             */
046:            public StatementTablePermission(UUID tableUUID, int privType) {
047:                this .tableUUID = tableUUID;
048:                this .privType = privType;
049:            }
050:
051:            /**
052:             * Return privilege access requested for this access descriptor
053:             *
054:             * @return	Privilege access
055:             */
056:            public int getPrivType() {
057:                return privType;
058:            }
059:
060:            /**
061:             * Return table UUID for this access descriptor
062:             *
063:             * @return	Table UUID
064:             */
065:            public UUID getTableUUID() {
066:                return tableUUID;
067:            }
068:
069:            /**
070:             * Routine to check if another instance of access descriptor matches this.
071:             * Used to ensure only one access descriptor for a table of given privilege is created.
072:             * Otherwise, every column reference from a table may create a descriptor for that table.
073:             *
074:             * @param obj	Another instance of StatementPermission
075:             *
076:             * @return	true if match
077:             */
078:            public boolean equals(Object obj) {
079:                if (obj == null)
080:                    return false;
081:                if (getClass().equals(obj.getClass())) {
082:                    StatementTablePermission other = (StatementTablePermission) obj;
083:                    return privType == other.privType
084:                            && tableUUID.equals(other.tableUUID);
085:                }
086:                return false;
087:            } // end of equals
088:
089:            /**
090:             * Return hash code for this instance
091:             *
092:             * @return	Hashcode
093:             *
094:             */
095:            public int hashCode() {
096:                return privType + tableUUID.hashCode();
097:            }
098:
099:            /**
100:             * @see StatementPermission#check
101:             */
102:            public void check(LanguageConnectionContext lcc,
103:                    String authorizationId, boolean forGrant)
104:                    throws StandardException {
105:                DataDictionary dd = lcc.getDataDictionary();
106:
107:                if (!hasPermissionOnTable(dd, authorizationId, forGrant)) {
108:                    TableDescriptor td = getTableDescriptor(dd);
109:                    throw StandardException
110:                            .newException(
111:                                    forGrant ? SQLState.AUTH_NO_TABLE_PERMISSION_FOR_GRANT
112:                                            : SQLState.AUTH_NO_TABLE_PERMISSION,
113:                                    authorizationId, getPrivName(), td
114:                                            .getSchemaName(), td.getName());
115:                }
116:            } // end of check
117:
118:            protected TableDescriptor getTableDescriptor(DataDictionary dd)
119:                    throws StandardException {
120:                TableDescriptor td = dd.getTableDescriptor(tableUUID);
121:                if (td == null)
122:                    throw StandardException.newException(
123:                            SQLState.AUTH_INTERNAL_BAD_UUID, "table");
124:                return td;
125:            } // end of getTableDescriptor
126:
127:            /*
128:             * Check if authorizationId has permission on the table
129:             */
130:            protected boolean hasPermissionOnTable(DataDictionary dd,
131:                    String authorizationId, boolean forGrant)
132:                    throws StandardException {
133:                return oneAuthHasPermissionOnTable(dd,
134:                        Authorizer.PUBLIC_AUTHORIZATION_ID, forGrant)
135:                        || oneAuthHasPermissionOnTable(dd, authorizationId,
136:                                forGrant);
137:            }
138:
139:            protected boolean oneAuthHasPermissionOnTable(DataDictionary dd,
140:                    String authorizationId, boolean forGrant)
141:                    throws StandardException {
142:                TablePermsDescriptor perms = dd.getTablePermissions(tableUUID,
143:                        authorizationId);
144:                if (perms == null)
145:                    return false;
146:
147:                String priv = null;
148:
149:                switch (privType) {
150:                case Authorizer.SELECT_PRIV:
151:                    priv = perms.getSelectPriv();
152:                    break;
153:                case Authorizer.UPDATE_PRIV:
154:                    priv = perms.getUpdatePriv();
155:                    break;
156:                case Authorizer.REFERENCES_PRIV:
157:                    priv = perms.getReferencesPriv();
158:                    break;
159:                case Authorizer.INSERT_PRIV:
160:                    priv = perms.getInsertPriv();
161:                    break;
162:                case Authorizer.DELETE_PRIV:
163:                    priv = perms.getDeletePriv();
164:                    break;
165:                case Authorizer.TRIGGER_PRIV:
166:                    priv = perms.getTriggerPriv();
167:                    break;
168:                }
169:
170:                return "Y".equals(priv) || (!forGrant) && "y".equals(priv);
171:            } // end of hasPermissionOnTable
172:
173:            /**
174:             * @see StatementPermission#getPermissionDescriptor
175:             */
176:            public PermissionsDescriptor getPermissionDescriptor(String authid,
177:                    DataDictionary dd) throws StandardException {
178:                //if the required type of privilege exists for the given authorizer,
179:                //then pass the permission descriptor for it.
180:                if (oneAuthHasPermissionOnTable(dd, authid, false))
181:                    return dd.getTablePermissions(tableUUID, authid);
182:                else
183:                    return null;
184:            }
185:
186:            /**
187:             * Return privilege needed for this access as string
188:             *
189:             * @return	privilege string
190:             */
191:            public String getPrivName() {
192:                switch (privType) {
193:                case Authorizer.SELECT_PRIV:
194:                    return "select";
195:                case Authorizer.UPDATE_PRIV:
196:                    return "update";
197:                case Authorizer.REFERENCES_PRIV:
198:                    return "references";
199:                case Authorizer.INSERT_PRIV:
200:                    return "insert";
201:                case Authorizer.DELETE_PRIV:
202:                    return "delete";
203:                case Authorizer.TRIGGER_PRIV:
204:                    return "trigger";
205:                }
206:                return "?";
207:            } // end of getPrivName
208:        }