This is an automated email from the ASF dual-hosted git repository.
duanzhengqiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git
The following commit(s) were added to refs/heads/master by this push:
new 8ccdb6a Proofread SQLServer DENY statement (#16151)
8ccdb6a is described below
commit 8ccdb6aebad5535c527b2ae7ef0678ef3ea637a5
Author: Thanoshan MV <[email protected]>
AuthorDate: Fri Mar 18 05:36:30 2022 +0530
Proofread SQLServer DENY statement (#16151)
* Add SQLServer DENY statement
* Add SQLServer DENY statement
---
.../main/antlr4/imports/sqlserver/DCLStatement.g4 | 56 ++++-------
.../impl/SQLServerDCLStatementSQLVisitor.java | 106 ++++++++++++---------
.../sqlserver/dcl/SQLServerDenyUserStatement.java | 6 ++
.../dcl/impl/DenyUserStatementAssert.java | 12 +++
.../statement/dcl/DenyUserStatementTestCase.java | 6 ++
.../src/main/resources/case/dcl/deny-user.xml | 53 +++++++++++
.../main/resources/sql/supported/dcl/deny-user.xml | 22 +++++
7 files changed, 179 insertions(+), 82 deletions(-)
diff --git
a/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/antlr4/imports/sqlserver/DCLStatement.g4
b/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/antlr4/imports/sqlserver/DCLStatement.g4
index 36dcccb..ce93682 100644
---
a/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/antlr4/imports/sqlserver/DCLStatement.g4
+++
b/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/antlr4/imports/sqlserver/DCLStatement.g4
@@ -24,27 +24,27 @@ grant
;
grantClassPrivilegesClause
- : grantClassPrivileges (ON grantOnClassClause)? TO principal (COMMA_
principal)* (WITH GRANT OPTION)? (AS principal)?
+ : classPrivileges (ON onClassClause)? TO principal (COMMA_ principal)*
(WITH GRANT OPTION)? (AS principal)?
;
grantClassTypePrivilegesClause
- : grantClassTypePrivileges (ON grantOnClassTypeClause)? TO principal
(COMMA_ principal)* (WITH GRANT OPTION)?
+ : classTypePrivileges (ON onClassTypeClause)? TO principal (COMMA_
principal)* (WITH GRANT OPTION)?
;
-grantClassPrivileges
+classPrivileges
: privilegeType columnNames? (COMMA_ privilegeType columnNames?)*
;
-grantOnClassClause
+onClassClause
: (classItem COLON_ COLON_)? securable
;
-grantClassTypePrivileges
+classTypePrivileges
: privilegeType (COMMA_ privilegeType)*
;
-grantOnClassTypeClause
- : (grantClassType COLON_ COLON_)? securable
+onClassTypeClause
+ : (classType COLON_ COLON_)? securable
;
securable
@@ -60,50 +60,34 @@ revoke
;
revokeClassPrivilegesClause
- : grantClassPrivileges (ON grantOnClassClause)? (TO | FROM) principal
(COMMA_ principal)* (CASCADE)? (AS principal)?
+ : classPrivileges (ON onClassClause)? (TO | FROM) principal (COMMA_
principal)* (CASCADE)? (AS principal)?
;
revokeClassTypePrivilegesClause
- : grantClassTypePrivileges (ON grantOnClassTypeClause)? (TO | FROM)
principal (COMMA_ principal)* (CASCADE)?
+ : classTypePrivileges (ON onClassTypeClause)? (TO | FROM) principal
(COMMA_ principal)* (CASCADE)?
;
deny
- : DENY (classPrivilegesClause | classTypePrivilegesClause)
+ : DENY (denyClassPrivilegesClause | denyClassTypePrivilegesClause)
;
-classPrivilegesClause
- : classPrivileges (ON onClassClause)?
+denyClassPrivilegesClause
+ : classPrivileges (ON onClassClause)? TO principal (COMMA_ principal)*
(CASCADE)? (AS principal)?
;
-classTypePrivilegesClause
- : classTypePrivileges (ON onClassTypeClause)?
+denyClassTypePrivilegesClause
+ : classTypePrivileges (ON onClassTypeClause)? TO principal (COMMA_
principal)* (CASCADE)?
;
optionForClause
: GRANT OPTION FOR
;
-classPrivileges
- : privilegeType columnNames? (COMMA_ privilegeType columnNames?)*
- ;
-
-onClassClause
- : class_? tableName
- ;
-
-classTypePrivileges
- : privilegeType (COMMA_ privilegeType)*
- ;
-
-onClassTypeClause
- : classType? tableName
- ;
-
privilegeType
: ALL PRIVILEGES?
| assemblyPermission | asymmetricKeyPermission
| availabilityGroupPermission | certificatePermission
- | objectPermission
+ | objectPermission | systemObjectPermission
| databasePermission | databasePrincipalPermission
| databaseScopedCredentialPermission | endpointPermission
| fullTextPermission
@@ -248,12 +232,12 @@ xmlSchemaCollectionPermission
: ALTER | CONTROL | EXECUTE | REFERENCES | TAKE OWNERSHIP | VIEW DEFINITION
;
-class_
- : IDENTIFIER_ COLON_ COLON_
+systemObjectPermission
+ : SELECT | EXECUTE
;
-classType
- : (LOGIN | DATABASE | OBJECT | ROLE | SCHEMA | USER) COLON_ COLON_
+class_
+ : IDENTIFIER_ COLON_ COLON_
;
classItem
@@ -263,7 +247,7 @@ classItem
| SELECT | EXECUTE | TYPE | XML SCHEMA COLLECTION
;
-grantClassType
+classType
: LOGIN | DATABASE | OBJECT | ROLE | SCHEMA | USER
;
diff --git
a/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/java/org/apache/shardingsphere/sql/parser/sqlserver/visitor/statement/impl/SQLServerDCLStatementSQLVisitor.java
b/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/java/org/apache/shardingsphere/sql/parser/sqlserver/visitor/statement/impl/SQLServerDCLStatementSQLVisitor.java
index 1630842..4b83c82 100644
---
a/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/java/org/apache/shardingsphere/sql/parser/sqlserver/visitor/statement/impl/SQLServerDCLStatementSQLVisitor.java
+++
b/shardingsphere-sql-parser/shardingsphere-sql-parser-dialect/shardingsphere-sql-parser-sqlserver/src/main/java/org/apache/shardingsphere/sql/parser/sqlserver/visitor/statement/impl/SQLServerDCLStatementSQLVisitor.java
@@ -24,14 +24,14 @@ import
org.apache.shardingsphere.sql.parser.api.visitor.type.DCLSQLVisitor;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.AlterLoginContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.AlterRoleContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.AlterUserContext;
-import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.ClassPrivilegesClauseContext;
-import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.ClassTypePrivilegesClauseContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.ColumnNamesContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.CreateLoginContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.CreateRoleContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.CreateUserContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.CreateUserLoginWindowsPrincipalClauseContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.CreateUserWindowsPrincipalClauseContext;
+import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.DenyClassPrivilegesClauseContext;
+import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.DenyClassTypePrivilegesClauseContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.DenyContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.DropLoginContext;
import
org.apache.shardingsphere.sql.parser.autogen.SQLServerStatementParser.DropRoleContext;
@@ -69,9 +69,8 @@ import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.dcl.
import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.dcl.SQLServerRevokeStatement;
import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.dcl.SQLServerSetUserStatement;
-import java.util.ArrayList;
import java.util.Collection;
-import java.util.Collections;
+import java.util.LinkedList;
import java.util.Properties;
/**
@@ -91,8 +90,8 @@ public final class SQLServerDCLStatementSQLVisitor extends
SQLServerStatementSQL
for (SimpleTableSegment each :
getTableFromGrantPrivilegeClause(ctx.grantClassPrivilegesClause())) {
result.getTables().add(each);
}
- if (null !=
ctx.grantClassPrivilegesClause().grantClassPrivileges().columnNames()) {
- for (ColumnNamesContext each :
ctx.grantClassPrivilegesClause().grantClassPrivileges().columnNames()) {
+ if (null !=
ctx.grantClassPrivilegesClause().classPrivileges().columnNames()) {
+ for (ColumnNamesContext each :
ctx.grantClassPrivilegesClause().classPrivileges().columnNames()) {
result.getColumns().addAll(((CollectionValue<ColumnSegment>)
visit(each)).getValue());
}
}
@@ -106,25 +105,23 @@ public final class SQLServerDCLStatementSQLVisitor
extends SQLServerStatementSQL
}
private Collection<SimpleTableSegment>
getTableFromGrantPrivilegeClause(final GrantClassPrivilegesClauseContext ctx) {
- Collection<SimpleTableSegment> result = new ArrayList<>();
- if (null != ctx.grantOnClassClause()) {
- if (null != ctx.grantOnClassClause().classItem() && null !=
ctx.grantOnClassClause().classItem().OBJECT()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
- }
- if (null !=
ctx.grantClassPrivileges().privilegeType().get(0).objectPermission()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
- }
- if (null !=
ctx.grantClassPrivileges().privilegeType().get(0).PRIVILEGES()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassClause()) {
+ if (null != ctx.onClassClause().classItem() && null !=
ctx.onClassClause().classItem().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).objectPermission()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).PRIVILEGES()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
}
}
return result;
}
private Collection<SimpleTableSegment>
getTableFromGrantTypePrivilegeClause(final
GrantClassTypePrivilegesClauseContext ctx) {
- Collection<SimpleTableSegment> result = new ArrayList<>();
- if (null != ctx.grantOnClassTypeClause() && null !=
ctx.grantOnClassTypeClause().grantClassType() && null !=
ctx.grantOnClassTypeClause().grantClassType().OBJECT()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassTypeClause().securable()));
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassTypeClause() && null !=
ctx.onClassTypeClause().classType() && null !=
ctx.onClassTypeClause().classType().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassTypeClause().securable()));
}
return result;
}
@@ -136,8 +133,8 @@ public final class SQLServerDCLStatementSQLVisitor extends
SQLServerStatementSQL
for (SimpleTableSegment each :
getTableFromRevokeClassPrivilegesClause(ctx.revokeClassPrivilegesClause())) {
result.getTables().add(each);
}
- if (null !=
ctx.revokeClassPrivilegesClause().grantClassPrivileges().columnNames()) {
- for (ColumnNamesContext each :
ctx.revokeClassPrivilegesClause().grantClassPrivileges().columnNames()) {
+ if (null !=
ctx.revokeClassPrivilegesClause().classPrivileges().columnNames()) {
+ for (ColumnNamesContext each :
ctx.revokeClassPrivilegesClause().classPrivileges().columnNames()) {
result.getColumns().addAll(((CollectionValue<ColumnSegment>)
visit(each)).getValue());
}
}
@@ -151,25 +148,23 @@ public final class SQLServerDCLStatementSQLVisitor
extends SQLServerStatementSQL
}
private Collection<SimpleTableSegment>
getTableFromRevokeClassPrivilegesClause(final
RevokeClassPrivilegesClauseContext ctx) {
- Collection<SimpleTableSegment> result = new ArrayList<>();
- if (null != ctx.grantOnClassClause()) {
- if (null != ctx.grantOnClassClause().classItem() && null !=
ctx.grantOnClassClause().classItem().OBJECT()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
- }
- if (null !=
ctx.grantClassPrivileges().privilegeType().get(0).objectPermission()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
- }
- if (null !=
ctx.grantClassPrivileges().privilegeType().get(0).PRIVILEGES()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassClause().securable()));
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassClause()) {
+ if (null != ctx.onClassClause().classItem() && null !=
ctx.onClassClause().classItem().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).objectPermission()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).PRIVILEGES()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
}
}
return result;
}
private Collection<SimpleTableSegment>
getTableFromRevokeClassTypePrivilegesClause(final
RevokeClassTypePrivilegesClauseContext ctx) {
- Collection<SimpleTableSegment> result = new ArrayList<>();
- if (null != ctx.grantOnClassTypeClause() && null !=
ctx.grantOnClassTypeClause().grantClassType() && null !=
ctx.grantOnClassTypeClause().grantClassType().OBJECT()) {
- result = Collections.singletonList((SimpleTableSegment)
visit(ctx.grantOnClassTypeClause().securable()));
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassTypeClause() && null !=
ctx.onClassTypeClause().classType() && null !=
ctx.onClassTypeClause().classType().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassTypeClause().securable()));
}
return result;
}
@@ -184,14 +179,6 @@ public final class SQLServerDCLStatementSQLVisitor extends
SQLServerStatementSQL
return result;
}
- private Collection<SimpleTableSegment> getTableFromPrivilegeClause(final
ClassPrivilegesClauseContext ctx) {
- return null == ctx.onClassClause().tableName() ?
Collections.emptyList() : Collections.singletonList((SimpleTableSegment)
visit(ctx.onClassClause().tableName()));
- }
-
- private Collection<SimpleTableSegment> getTableFromPrivilegeClause(final
ClassTypePrivilegesClauseContext ctx) {
- return null == ctx.onClassTypeClause().tableName() ?
Collections.emptyList() : Collections.singletonList((SimpleTableSegment)
visit(ctx.onClassTypeClause().tableName()));
- }
-
@Override
public ASTNode visitCreateUser(final CreateUserContext ctx) {
SQLServerCreateUserStatement result = new
SQLServerCreateUserStatement();
@@ -260,19 +247,46 @@ public final class SQLServerDCLStatementSQLVisitor
extends SQLServerStatementSQL
@Override
public ASTNode visitDeny(final DenyContext ctx) {
SQLServerDenyUserStatement result = new SQLServerDenyUserStatement();
- if (null != ctx.classPrivilegesClause()) {
- for (SimpleTableSegment each :
getTableFromPrivilegeClause(ctx.classPrivilegesClause())) {
+ if (null != ctx.denyClassPrivilegesClause()) {
+ for (SimpleTableSegment each :
getTableFromDenyClassPrivilegesClause(ctx.denyClassPrivilegesClause())) {
result.setTable(each);
}
+ if (null !=
ctx.denyClassPrivilegesClause().classPrivileges().columnNames()) {
+ for (ColumnNamesContext each :
ctx.denyClassPrivilegesClause().classPrivileges().columnNames()) {
+
result.getColumns().addAll(((CollectionValue<ColumnSegment>)
visit(each)).getValue());
+ }
+ }
}
- if (null != ctx.classTypePrivilegesClause()) {
- for (SimpleTableSegment each :
getTableFromPrivilegeClause(ctx.classTypePrivilegesClause())) {
+ if (null != ctx.denyClassTypePrivilegesClause()) {
+ for (SimpleTableSegment each :
getTableFromDenyClassTypePrivilegesClause(ctx.denyClassTypePrivilegesClause()))
{
result.setTable(each);
}
}
return result;
}
+ private Collection<SimpleTableSegment>
getTableFromDenyClassPrivilegesClause(final DenyClassPrivilegesClauseContext
ctx) {
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassClause()) {
+ if (null != ctx.onClassClause().classItem() && null !=
ctx.onClassClause().classItem().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).objectPermission()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ } else if (null !=
ctx.classPrivileges().privilegeType().get(0).PRIVILEGES()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassClause().securable()));
+ }
+ }
+ return result;
+ }
+
+ private Collection<SimpleTableSegment>
getTableFromDenyClassTypePrivilegesClause(final
DenyClassTypePrivilegesClauseContext ctx) {
+ Collection<SimpleTableSegment> result = new LinkedList<>();
+ if (null != ctx.onClassTypeClause() && null !=
ctx.onClassTypeClause().classType() && null !=
ctx.onClassTypeClause().classType().OBJECT()) {
+ result.add((SimpleTableSegment)
visit(ctx.onClassTypeClause().securable()));
+ }
+ return result;
+ }
+
@Override
public ASTNode visitDropUser(final DropUserContext ctx) {
return new SQLServerDropUserStatement();
diff --git
a/shardingsphere-sql-parser/shardingsphere-sql-parser-statement/src/main/java/org/apache/shardingsphere/sql/parser/sql/dialect/statement/sqlserver/dcl/SQLServerDenyUserStatement.java
b/shardingsphere-sql-parser/shardingsphere-sql-parser-statement/src/main/java/org/apache/shardingsphere/sql/parser/sql/dialect/statement/sqlserver/dcl/SQLServerDenyUserStatement.java
index 84c8952..21ad689 100644
---
a/shardingsphere-sql-parser/shardingsphere-sql-parser-statement/src/main/java/org/apache/shardingsphere/sql/parser/sql/dialect/statement/sqlserver/dcl/SQLServerDenyUserStatement.java
+++
b/shardingsphere-sql-parser/shardingsphere-sql-parser-statement/src/main/java/org/apache/shardingsphere/sql/parser/sql/dialect/statement/sqlserver/dcl/SQLServerDenyUserStatement.java
@@ -20,11 +20,15 @@ package
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.dcl
import lombok.Getter;
import lombok.Setter;
import lombok.ToString;
+import
org.apache.shardingsphere.sql.parser.sql.common.segment.dml.column.ColumnSegment;
import
org.apache.shardingsphere.sql.parser.sql.common.segment.generic.table.SimpleTableSegment;
import
org.apache.shardingsphere.sql.parser.sql.common.statement.AbstractSQLStatement;
import
org.apache.shardingsphere.sql.parser.sql.common.statement.dcl.DCLStatement;
import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.SQLServerStatement;
+import java.util.Collection;
+import java.util.LinkedList;
+
/**
* SQLServer deny user statement.
*/
@@ -34,4 +38,6 @@ import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.SQLS
public final class SQLServerDenyUserStatement extends AbstractSQLStatement
implements DCLStatement, SQLServerStatement {
private SimpleTableSegment table;
+
+ private final Collection<ColumnSegment> columns = new LinkedList<>();
}
diff --git
a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/statement/dcl/impl/DenyUserStatementAssert.java
b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/statement/dcl/impl/DenyUserStatementAssert.java
index 6f2b32a..1a99e3e 100644
---
a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/statement/dcl/impl/DenyUserStatementAssert.java
+++
b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/asserts/statement/dcl/impl/DenyUserStatementAssert.java
@@ -21,11 +21,14 @@ import lombok.AccessLevel;
import lombok.NoArgsConstructor;
import
org.apache.shardingsphere.sql.parser.sql.dialect.statement.sqlserver.dcl.SQLServerDenyUserStatement;
import
org.apache.shardingsphere.test.sql.parser.parameterized.asserts.SQLCaseAssertContext;
+import
org.apache.shardingsphere.test.sql.parser.parameterized.asserts.segment.column.ColumnAssert;
import
org.apache.shardingsphere.test.sql.parser.parameterized.asserts.segment.table.TableAssert;
import
org.apache.shardingsphere.test.sql.parser.parameterized.jaxb.cases.domain.statement.dcl.DenyUserStatementTestCase;
+import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThat;
/**
* Deny user statement assert.
@@ -42,6 +45,7 @@ public final class DenyUserStatementAssert {
*/
public static void assertIs(final SQLCaseAssertContext assertContext,
final SQLServerDenyUserStatement actual, final DenyUserStatementTestCase
expected) {
assertTable(assertContext, actual, expected);
+ assertColumns(assertContext, actual, expected);
}
private static void assertTable(final SQLCaseAssertContext assertContext,
final SQLServerDenyUserStatement actual, final DenyUserStatementTestCase
expected) {
@@ -52,4 +56,12 @@ public final class DenyUserStatementAssert {
assertNull(assertContext.getText("Actual table segment should not
exist."), actual.getTable());
}
}
+
+ private static void assertColumns(final SQLCaseAssertContext
assertContext, final SQLServerDenyUserStatement actual, final
DenyUserStatementTestCase expected) {
+ if (0 != expected.getColumns().size()) {
+ ColumnAssert.assertIs(assertContext, actual.getColumns(),
expected.getColumns());
+ } else {
+ assertThat(assertContext.getText("Actual columns segments should
not exist."), actual.getColumns().size(), is(0));
+ }
+ }
}
diff --git
a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/statement/dcl/DenyUserStatementTestCase.java
b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/statement/dcl/DenyUserStatementTestCase.java
index 6c6e08f..576c8e7 100644
---
a/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/statement/dcl/DenyUserStatementTestCase.java
+++
b/shardingsphere-test/shardingsphere-parser-test/src/main/java/org/apache/shardingsphere/test/sql/parser/parameterized/jaxb/cases/domain/statement/dcl/DenyUserStatementTestCase.java
@@ -19,10 +19,13 @@ package
org.apache.shardingsphere.test.sql.parser.parameterized.jaxb.cases.domai
import lombok.Getter;
import lombok.Setter;
+import
org.apache.shardingsphere.test.sql.parser.parameterized.jaxb.cases.domain.segment.impl.column.ExpectedColumn;
import
org.apache.shardingsphere.test.sql.parser.parameterized.jaxb.cases.domain.segment.impl.table.ExpectedSimpleTable;
import
org.apache.shardingsphere.test.sql.parser.parameterized.jaxb.cases.domain.statement.SQLParserTestCase;
import javax.xml.bind.annotation.XmlElement;
+import java.util.LinkedList;
+import java.util.List;
/**
* Deny user statement test case.
@@ -33,4 +36,7 @@ public final class DenyUserStatementTestCase extends
SQLParserTestCase {
@XmlElement
private ExpectedSimpleTable table;
+
+ @XmlElement(name = "column")
+ private final List<ExpectedColumn> columns = new LinkedList<>();
}
diff --git
a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/dcl/deny-user.xml
b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/dcl/deny-user.xml
index cc5f9f7..0f5ec6d 100644
---
a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/dcl/deny-user.xml
+++
b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/case/dcl/deny-user.xml
@@ -27,10 +27,12 @@
<deny-user sql-case-id="deny_select_column">
<table name="t_order" start-index="26" stop-index="32" />
+ <column name="order_id" start-index="13" stop-index="20" />
</deny-user>
<deny-user sql-case-id="deny_select_to_users">
<table name="t_order" start-index="26" stop-index="32" />
+ <column name="order_id" start-index="13" stop-index="20" />
</deny-user>
<deny-user sql-case-id="deny_crud">
@@ -40,4 +42,55 @@
<deny-user sql-case-id="deny_all">
<table name="t_order" start-index="23" stop-index="29" />
</deny-user>
+
+ <deny-user
sql-case-id="deny_view_definition_on_availability_group_to_login" />
+ <deny-user sql-case-id="deny_take_ownership_on_availability_group_to_user"
/>
+ <deny-user sql-case-id="deny_create_certificate_to_user" />
+ <deny-user sql-case-id="deny_references_to_role" />
+ <deny-user sql-case-id="deny_view_definition_to_user" />
+ <deny-user sql-case-id="deny_control_on_user" />
+ <deny-user sql-case-id="deny_view_definition_on_role_to_user" />
+ <deny-user sql-case-id="deny_impersonate_on_user_to_role" />
+ <deny-user sql-case-id="deny_view_definition_on_endpoint_to_login" />
+ <deny-user sql-case-id="deny_take_ownership_on_endpoint_to_user" />
+
+ <deny-user sql-case-id="deny_select_on_object_to_user">
+ <table name="t_order" start-index="23" stop-index="33" >
+ <owner name="db1" start-index="23" stop-index="25" />
+ </table>
+ </deny-user>
+
+ <deny-user sql-case-id="deny_execute_on_object_to_role">
+ <table name="t_order" start-index="24" stop-index="34" >
+ <owner name="db1" start-index="24" stop-index="26" />
+ </table>
+ </deny-user>
+
+ <deny-user sql-case-id="deny_references_on_object_to_user">
+ <table name="t_order" start-index="38" stop-index="48" >
+ <owner name="db1" start-index="38" stop-index="40" />
+ </table>
+ <column name="order_id" start-index="17" stop-index="24" />
+ </deny-user>
+
+ <deny-user sql-case-id="deny_connect_sql_to_login" />
+ <deny-user sql-case-id="deny_create_endpoint_to_user_as_principal" />
+ <deny-user sql-case-id="deny_impersonate_on_login_to_windows_user" />
+ <deny-user sql-case-id="deny_view_definition_on_login" />
+ <deny-user sql-case-id="deny_view_definition_on_server_role" />
+ <deny-user sql-case-id="deny_alter_on_symmetric_key_to_user" />
+
+ <deny-user sql-case-id="deny_execute_on_system_object">
+ <table name="xp_cmdshell" start-index="16" stop-index="30" >
+ <owner name="sys" start-index="16" stop-index="18" />
+ </table>
+ </deny-user>
+
+ <deny-user sql-case-id="deny_view_definition_on_type_to_user" />
+
+ <deny-user sql-case-id="deny_execute_on_xml_schema_collection_to_user">
+ <table name="xmlschemacollection1" start-index="39" stop-index="66" >
+ <owner name="schema1" start-index="39" stop-index="45" />
+ </table>
+ </deny-user>
</sql-parser-test-cases>
diff --git
a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/dcl/deny-user.xml
b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/dcl/deny-user.xml
index f392b40..8a73264 100644
---
a/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/dcl/deny-user.xml
+++
b/shardingsphere-test/shardingsphere-parser-test/src/main/resources/sql/supported/dcl/deny-user.xml
@@ -23,4 +23,26 @@
<sql-case id="deny_select_to_users" value="DENY SELECT (order_id) ON
t_order TO user1, user2" db-types="SQLServer" />
<sql-case id="deny_crud" value="DENY INSERT, SELECT, UPDATE, DELETE ON
t_order TO user1" db-types="SQLServer" />
<sql-case id="deny_all" value="DENY ALL PRIVILEGES ON t_order TO user1"
db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_availability_group_to_login"
value="DENY VIEW DEFINITION ON AVAILABILITY GROUP::group1 TO login1"
db-types="SQLServer" />
+ <sql-case id="deny_take_ownership_on_availability_group_to_user"
value="DENY TAKE OWNERSHIP ON AVAILABILITY GROUP::group1 TO user1 CASCADE"
db-types="SQLServer" />
+ <sql-case id="deny_create_certificate_to_user" value="DENY CREATE
CERTIFICATE TO user1" db-types="SQLServer" />
+ <sql-case id="deny_references_to_role" value="DENY REFERENCES TO role1"
db-types="SQLServer" />
+ <sql-case id="deny_view_definition_to_user" value="DENY VIEW DEFINITION TO
user1 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_control_on_user" value="DENY CONTROL ON USER::user1 TO
user2" db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_role_to_user" value="DENY VIEW
DEFINITION ON ROLE::role1 TO user1 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_impersonate_on_user_to_role" value="DENY IMPERSONATE ON
USER::user1 TO role1" db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_endpoint_to_login" value="DENY VIEW
DEFINITION ON ENDPOINT::endpoint1 TO login1" db-types="SQLServer" />
+ <sql-case id="deny_take_ownership_on_endpoint_to_user" value="DENY TAKE
OWNERSHIP ON ENDPOINT::endpoint1 TO user1 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_select_on_object_to_user" value="DENY SELECT ON
OBJECT::db1.t_order TO user1" db-types="SQLServer" />
+ <sql-case id="deny_execute_on_object_to_role" value="DENY EXECUTE ON
OBJECT::db1.t_order TO role1" db-types="SQLServer" />
+ <sql-case id="deny_references_on_object_to_user" value="DENY REFERENCES
(order_id) ON OBJECT::db1.t_order TO user1 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_connect_sql_to_login" value="DENY CONNECT SQL TO login1
CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_create_endpoint_to_user_as_principal" value="DENY
CREATE ENDPOINT TO user1 AS principal1" db-types="SQLServer" />
+ <sql-case id="deny_impersonate_on_login_to_windows_user" value="DENY
IMPERSONATE ON LOGIN::login1 TO [windows\user]" db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_login" value="DENY VIEW DEFINITION
ON LOGIN::login1 TO login2 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_server_role" value="DENY VIEW
DEFINITION ON SERVER ROLE::role1 TO role2" db-types="SQLServer" />
+ <sql-case id="deny_alter_on_symmetric_key_to_user" value="DENY ALTER ON
SYMMETRIC KEY::key1 TO user1" db-types="SQLServer" />
+ <sql-case id="deny_execute_on_system_object" value="DENY EXECUTE ON
sys.xp_cmdshell TO public" db-types="SQLServer" />
+ <sql-case id="deny_view_definition_on_type_to_user" value="DENY VIEW
DEFINITION ON TYPE::schema1.type1 TO user1 CASCADE" db-types="SQLServer" />
+ <sql-case id="deny_execute_on_xml_schema_collection_to_user" value="DENY
EXECUTE ON XML SCHEMA COLLECTION::schema1.xmlschemacollection1 TO user1"
db-types="SQLServer" />
</sql-cases>
