[
http://issues.apache.org/jira/browse/DERBY-1330?page=comments#action_12419837 ]
Daniel John Debrunner commented on DERBY-1330:
----------------------------------------------
Mamta wrote: "I am proposing the method name to be changed from
"isExecutingWithInvokerPrivileges" to "isPrivilegeCollectionRequired". I tend
to get too verbose with my method names"
Not at all, that method name describes exactly what it does, a perfect name.
One issue with the patch is that your change to the new (correct) name seems to
be only half implemented, e.g.
+ public boolean isPrivilegeCollectionRequired()
+ {
+ return(accessWithInvokerPrivileges);
+ }
Shouldn't the field name accessWithInvokerPrivileges be the same as the method
name?
Then for:
+ public void accessThisWithDefinerPrivileges()
+ {
+ accessWithInvokerPrivileges = false;
+ }
Shouldn't this method be called something like, ' disablePrivilegeCollection'?
Otherwise my earlier concerns still stand, in the future will we have to change
the name of accessWithInvokerPrivileges /accessThisWithDefinerPrivileges
because their usage (stop collection) might not match the access mode.
Other comments on the patch are the similarity of the code in the create
constant actions for triggers and views, in fact the one in trigger has only
views as examples in the comments. This is the code that converts the list of
privileges into a list of dependencies (or added dependencies). Could this code
be shared, what about the one in create constraint?
If you can address these & earlier comments I will commit the patch.
> Provide runtime privilege checking for grant/revoke functionality
> -----------------------------------------------------------------
>
> Key: DERBY-1330
> URL: http://issues.apache.org/jira/browse/DERBY-1330
> Project: Derby
> Type: Sub-task
> Components: SQL
> Versions: 10.2.0.0
> Reporter: Mamta A. Satoor
> Assignee: Mamta A. Satoor
> Attachments: AuthorizationModelForDerbySQLStandardAuthorization.html,
> AuthorizationModelForDerbySQLStandardAuthorizationV2.html,
> Derby1330PrivilegeCollectionV2diff.txt,
> Derby1330PrivilegeCollectionV2stat.txt,
> Derby1330ViewPrivilegeCollectionV1diff.txt,
> Derby1330ViewPrivilegeCollectionV1stat.txt
>
> Additional work needs to be done for grant/revoke to make sure that only
> users with required privileges can access various database objects. In order
> to do that, first we need to collect the privilege requirements for various
> database objects and store them in SYS.SYSREQUIREDPERM. Once we have this
> information then when a user tries to access an object, the required
> SYS.SYSREQUIREDPERM privileges for the object will be checked against the
> user privileges in SYS.SYSTABLEPERMS, SYS.SYSCOLPERMS and
> SYS.SYSROUTINEPERMS. The database object access will succeed only if the user
> has the necessary privileges.
> SYS.SYSTABLEPERMS, SYS.SYSCOLPERMS and SYS.SYSROUTINEPERMS are already
> populated by Satheesh's work on DERBY-464. But SYS.SYSREQUIREDPERM doesn't
> have any information in it at this point and hence no runtime privilege
> checking is getting done at this point.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
