[
https://issues.apache.org/jira/browse/DERBY-3137?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12563830#action_12563830
]
Daniel John Debrunner commented on DERBY-3137:
----------------------------------------------
For the TRIM issue the standard says:
3a) Let S be <value specification> and let V be the character string that is
the value of TRIM ( BOTH ' ' FROM S )
3b) If V does not conform to the Format and Syntax Rules of a <role name>, then
an exception
condition is raised: invalid role specification.
Note V needs to conform to the *format and syntax rules* of a <role name> which
is an <identifier>.
The discussion over system authorization and user names (DERBY-2109) made the
case that this means the format of V is either a regular identifier or a
delimited identifier. Ie. the value V needs to contain a regular or delimited
identifier with delimited identifiers using double quotes,
This would mean examples of valid parameters to a SET ROLE ? in a prepared
statement are:
ps.setString(1, "payadmin"); // Role CNF of PAYADMIN
ps.setString(1, "PAYADMIN"); // Role CNF of PAYADMIN
ps.setString(1, "\"salesadmin\""); // Role CNF of salesadmin
ps.setString(1, "\" SPACEADMIN \""); // Role CNF of SPACEADMIN
(surrounded by spaces on each side)
Thus any valid identifier can be used in a value specification for SET ROLE.
Now that doesn't match what SET SCHEMA does (which should follow the same rules
as the SET ROLE) and thus SET SCHEMA is non-standard.
If this is correct then it's a choice of following the standard or existing
behaviour for a similar command.
If we follow then standard then we would eventually reach a state where 9/10
<SQL session statements> follow the standard, if we follow the existing
behaviour then we reach a state where 1/10 <SQL session statements> follow the
standard. (Assuming they have similar syntax requirements, I haven't checked
them all).
> SQL roles: add catalog support
> ------------------------------
>
> Key: DERBY-3137
> URL: https://issues.apache.org/jira/browse/DERBY-3137
> Project: Derby
> Issue Type: New Feature
> Components: Security, SQL
> Reporter: Dag H. Wanvik
> Assignee: Dag H. Wanvik
> Fix For: 10.4.0.0
>
> Attachments: DERBY-3137-2.diff, DERBY-3137-2.stat, DERBY-3137-2.txt,
> DERBY-3137-uuid.diff, DERBY-3137-uuid.stat, DERBY-3137.diff, DERBY-3137.diff,
> DERBY-3137.stat, DERBY-3137.txt
>
>
> As a next step after adding support for the roles syntax, I intend to
> make a patch which implements catalog support for roles,
> cf. SYS.SYSROLES described in the specification (attached to
> DERBY-2207). Also the patch should tie this support up to the parser
> support, so the role statements can be executed. Any privileges
> granted to roles would still have no effect at run-time.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
