[jira] Commented: (DERBY-3137) SQL roles: add catalog support

Wed, 30 Jan 2008 11:19:59 -0800 

    [ 
https://issues.apache.org/jira/browse/DERBY-3137?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12564133#action_12564133
 ] 

Daniel John Debrunner commented on DERBY-3137:
----------------------------------------------

I'm still struggling with the SQL Standard here for SET ROLE (and identifiers 
in general):

3a) Let S be <value specification> and let V be the character string that is 
the value of TRIM ( BOTH ' ' FROM S )
3b) If V does not conform to the Format and Syntax Rules of a <role name>, then 
an exception
condition is raised: invalid role specification. 

DERBY-2109 discussion implied that this means the format of V needs to be that 
of a SQL identifier (regular or delimited).

Now CURRENT_ROLE is a valid <value specification>, does this mean CURRENT_ROLE 
needs to return the role name as SQL identifier, instead of the CNF of the role 
name? The spec says "value of the current role".

I'm not convinced that the conclusion in DERBY-2109 is correct, seems more 
logical to me that V here should be the CNF of the role name.

Section 5.2 SR 24) says the CNF of a regular identifier is used in the system 
catalogs, thus if CURRENT_ROLE is to be used in queries against the catalogs it 
has to return the CNF of the role name. Which then contradicts SET ROLE and 
value specification.

I can't see any explicit statement about what the "value of the current role" 
means, or the more general "value of an identifier".



> SQL roles: add catalog support
> ------------------------------
>
>                 Key: DERBY-3137
>                 URL: https://issues.apache.org/jira/browse/DERBY-3137
>             Project: Derby
>          Issue Type: New Feature
>          Components: Security, SQL
>            Reporter: Dag H. Wanvik
>            Assignee: Dag H. Wanvik
>             Fix For: 10.4.0.0
>
>         Attachments: DERBY-3137-2.diff, DERBY-3137-2.stat, DERBY-3137-2.txt, 
> DERBY-3137-uuid.diff, DERBY-3137-uuid.stat, DERBY-3137.diff, DERBY-3137.diff, 
> DERBY-3137.stat, DERBY-3137.txt
>
>
> As a next step after adding support for the roles syntax, I intend to
> make a patch which implements catalog support for roles,
> cf. SYS.SYSROLES described in the specification (attached to
> DERBY-2207). Also the patch should tie this support up to the parser
> support, so the role statements can be executed. Any privileges
> granted to roles would still have no effect at run-time.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to