Repository: incubator-trafodion Updated Branches: refs/heads/master a9e168f49 -> 2d69b7354
TRAFODION-1031: PUBLIC" is not recognized in some statements Fixed a couple of issues where PUBLIC was not returned. With this check-in we will treat PUBLIC as a special role. Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/19a95cd8 Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/19a95cd8 Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/19a95cd8 Branch: refs/heads/master Commit: 19a95cd836de4bb51ff03ea6f3d30dd02637c3dd Parents: 187e753 Author: Roberta Marton <[email protected]> Authored: Wed Dec 9 21:13:48 2015 +0000 Committer: Roberta Marton <[email protected]> Committed: Wed Dec 9 21:13:48 2015 +0000 ---------------------------------------------------------------------- core/sql/bin/SqlciErrors.txt | 2 +- core/sql/executor/ExExeUtilGet.cpp | 2 ++ core/sql/regress/catman1/EXPECTED135 | 2 ++ core/sql/sqlcomp/CmpSeabaseDDLauth.cpp | 15 +++++++++++++++ core/sql/sqlcomp/CmpSeabaseDDLauth.h | 2 +- core/sql/sqlcomp/PrivMgrRoles.cpp | 11 ++++++++++- 6 files changed, 31 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/bin/SqlciErrors.txt ---------------------------------------------------------------------- diff --git a/core/sql/bin/SqlciErrors.txt b/core/sql/bin/SqlciErrors.txt index f012c2e..689ea8d 100644 --- a/core/sql/bin/SqlciErrors.txt +++ b/core/sql/bin/SqlciErrors.txt @@ -330,7 +330,7 @@ 1336 ZZZZZ 99999 ADVANCED MAJOR DBADMIN INITIALIZE SQL must specify a $0~String0 statement for the $1~String1. INITIALIZE SQL fails. 1337 ZZZZZ 99999 BEGINNER MINOR DBADMIN $0~String0 is a reserved authorization identifier. 1338 ZZZZZ 99999 ADVANCED MAJOR DBADMIN Role $0~string0 is not defined in the database. -1339 ZZZZZ 99999 BEGINNER MINOR DBADMIN $0~string0 is not a role. +1339 ZZZZZ 99999 BEGINNER MINOR DBADMIN $0~string0 is not a grantable role. 1340 ZZZZZ 99999 BEGINNER MINOR DBADMIN $0~string0 is not a user. 1341 ZZZZZ 99999 BEGINNER MINOR DBADMIN Cannot unregister user. User owns one or more catalogs. 1342 ZZZZZ 99999 BEGINNER MINOR DBADMIN Cannot unregister user. User owns one or more schemas. http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/executor/ExExeUtilGet.cpp ---------------------------------------------------------------------- diff --git a/core/sql/executor/ExExeUtilGet.cpp b/core/sql/executor/ExExeUtilGet.cpp index cbf1d89..a51bbb6 100644 --- a/core/sql/executor/ExExeUtilGet.cpp +++ b/core/sql/executor/ExExeUtilGet.cpp @@ -447,6 +447,7 @@ static const QueryString getTrafRoles[] = {" select distinct auth_db_name "}, {" from %s.\"%s\".%s "}, {" where auth_type = 'R' "}, + {" union select * from (values ('PUBLIC')) "}, {" for read uncommitted access "}, {" order by 1 "}, {" ; "} @@ -1986,6 +1987,7 @@ short ExExeUtilGetMetadataInfoTcb::work() case ComTdbExeUtilGetMetadataInfo::ROLES_: { qs = getTrafRoles; + sizeOfqs = sizeof(getTrafRoles); param_[0] = cat; http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/regress/catman1/EXPECTED135 ---------------------------------------------------------------------- diff --git a/core/sql/regress/catman1/EXPECTED135 b/core/sql/regress/catman1/EXPECTED135 index 5ff82da..9827fb3 100644 --- a/core/sql/regress/catman1/EXPECTED135 +++ b/core/sql/regress/catman1/EXPECTED135 @@ -920,6 +920,7 @@ Roles DB__HBASEROLE DB__HIVEROLE DB__ROOTROLE +PUBLIC T135_ROLE1 --- SQL operation complete. @@ -1336,6 +1337,7 @@ Roles DB__HBASEROLE DB__HIVEROLE DB__ROOTROLE +PUBLIC --- SQL operation complete. >> http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp ---------------------------------------------------------------------- diff --git a/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp b/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp index 0bb32db..6ca7c3c 100644 --- a/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp +++ b/core/sql/sqlcomp/CmpSeabaseDDLauth.cpp @@ -177,6 +177,21 @@ UserException excp(NULL,0); CmpSeabaseDDLauth::AuthStatus CmpSeabaseDDLauth::getAuthDetails(const char *pAuthName, bool isExternal) { + // If the authname is a special PUBLIC authorization ID, set it up + std::string authName = pAuthName; + if (authName == PUBLIC_AUTH_NAME) + { + setAuthCreator(SUPER_USER); + setAuthCreateTime(0); + setAuthDbName(PUBLIC_AUTH_NAME); + setAuthExtName(PUBLIC_AUTH_NAME); + setAuthID(PUBLIC_AUTH_ID); + setAuthRedefTime(0); + setAuthType(COM_ROLE_CLASS); + setAuthValid(false); + return STATUS_GOOD; + } + try { NAString whereClause ("where "); http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/sqlcomp/CmpSeabaseDDLauth.h ---------------------------------------------------------------------- diff --git a/core/sql/sqlcomp/CmpSeabaseDDLauth.h b/core/sql/sqlcomp/CmpSeabaseDDLauth.h index 9da96b4..b91029a 100644 --- a/core/sql/sqlcomp/CmpSeabaseDDLauth.h +++ b/core/sql/sqlcomp/CmpSeabaseDDLauth.h @@ -83,7 +83,7 @@ class CmpSeabaseDDLauth ComIdClass getAuthType() const { return authType_; } bool isAuthValid() const { return authValid_; } - bool isPublic() const { return false; } + bool isPublic() const { return authID_ == PUBLIC_USER; } bool isRole() const { return authType_ == COM_ROLE_CLASS; } bool isUser() const { return authType_ == COM_USER_CLASS; } static bool isRoleID(Int32 authID); http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/19a95cd8/core/sql/sqlcomp/PrivMgrRoles.cpp ---------------------------------------------------------------------- diff --git a/core/sql/sqlcomp/PrivMgrRoles.cpp b/core/sql/sqlcomp/PrivMgrRoles.cpp index c842906..3f3c4e2 100644 --- a/core/sql/sqlcomp/PrivMgrRoles.cpp +++ b/core/sql/sqlcomp/PrivMgrRoles.cpp @@ -794,10 +794,19 @@ MyTable &myTable = static_cast<MyTable &>(myTable_); for (size_t r = 0; r < roleIDs.size(); r++) { + int32_t roleID = roleIDs[r]; + + // if the roleID is PUBLIC return an error + if (roleID == PUBLIC_AUTH_ID) + { + *pDiags_ << DgSqlCode (-CAT_IS_NOT_A_ROLE) + << DgString0(PUBLIC_AUTH_NAME); + return STATUS_ERROR; + } + // For each role ID we loop through the list of grantees. // Most of the WHERE clause is known for this role (only // difference is the grantee), so build the header now. - int32_t roleID = roleIDs[r]; std::string whereClauseHeader(" WHERE ROLE_ID = "); whereClauseHeader += authIDToString(roleID);
