Daniel John Debrunner <[EMAIL PROTECTED]> writes: > It is possible to provide a quick summary of what the current state is > (what works and what doesn't)?
Sure. Works: - Parsing, binding and constant actions for all specified new syntax works (see spec.html attached to DERBY-2207), including persisting and accessing role dictionary information, basic checks and dictionary soft/hard upgrade behavior. Thus, permissions can be granted and revoked to/from roles, but currently such permissions are not activated when permissions are checked. The relaxing of role name length and SYS prefix reservation is checked in. - Tests for the above: RolesTest, two new Changes10_4 fixtures. - ij "show roles" command Patches available (not committed yet): - SQL session context implementation (DERBY-3327) (routine stack behavior for current roles, schema). Also solves DERBY-1331. Not sure if I should commit this before branch cut; changing default schema semantics and implementation may be risky. Running some performance checks on schema part of this patch now. - Additional checks for "PUBLIC" keyword (DERBY-3333). Sandbox stage yet (partly implemented, partly works): - making use of permissions through roles, including in roles in role grant closure - registering dependencies on roles for persistent objects (views, constraints, triggers) and prepared statements/activations - invalidation actions when roles are dropped, role grants revoked, and current role changes. Not yet started: - "best effort" attempt to check that new role does not overlap with a user name, cf. spec section 6.1. - memory caching of roles descriptors for performance - user documentation Dag
