Revision: 57743
http://sourceforge.net/p/firebird/code/57743
Author: dimitr
Date: 2013-03-07 13:59:03 +0000 (Thu, 07 Mar 2013)
Log Message:
-----------
1) Cleanup and renaming in the SCL code.
2) Reimplemented the USAGE privilege as a separate one.
3) Added USAGE permission checks for generators/sequences and exceptions.
4) Supported USAGE in GRANT/REVOKE for all object types.
5) Refactored SET GENERATOR and ALTER SEQUENCE as true DDL. blr_set_generator is supported only for backward compatibility, it's not generated by DSQL anymore.
6) Added START WITH clause for [RE]CREATE SEQUENCE and CREATE OR ALTER SEQUENCE.
7) Fixed a number of related errors.
Modified Paths:
--------------
firebird/trunk/src/dsql/DdlNodes.epp
firebird/trunk/src/dsql/DdlNodes.h
firebird/trunk/src/dsql/ExprNodes.cpp
firebird/trunk/src/dsql/ExprNodes.h
firebird/trunk/src/dsql/Nodes.h
firebird/trunk/src/dsql/StmtNodes.cpp
firebird/trunk/src/dsql/StmtNodes.h
firebird/trunk/src/dsql/parse.y
firebird/trunk/src/jrd/RecordSourceNodes.cpp
firebird/trunk/src/jrd/acl.h
firebird/trunk/src/jrd/dfw.epp
firebird/trunk/src/jrd/dyn.h
firebird/trunk/src/jrd/filters.cpp
firebird/trunk/src/jrd/grant.epp
firebird/trunk/src/jrd/idx.cpp
firebird/trunk/src/jrd/ini.epp
firebird/trunk/src/jrd/irq.h
firebird/trunk/src/jrd/met.epp
firebird/trunk/src/jrd/met_proto.h
firebird/trunk/src/jrd/opt.cpp
firebird/trunk/src/jrd/scl.epp
firebird/trunk/src/jrd/scl.h
firebird/trunk/src/jrd/tra.h
firebird/trunk/src/jrd/vio.cpp
firebird/trunk/src/yvalve/keywords.cpp
Modified: firebird/trunk/src/dsql/DdlNodes.epp
===================================================================
--- firebird/trunk/src/dsql/DdlNodes.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/DdlNodes.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -4843,28 +4843,77 @@
//----------------------
-void CreateSequenceNode::print(string& text) const
+void CreateAlterSequenceNode::print(string& text) const
{
text.printf(
- "CreateSequenceNode\n"
+ "CreateAlterSequenceNode\n"
" name: %s\n",
name.c_str());
}
-void CreateSequenceNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch,
+void CreateAlterSequenceNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch,
jrd_tra* transaction)
{
+ fb_assert(create || alter);
+
// run all statements under savepoint control
AutoSavePoint savePoint(tdbb, transaction);
+ if (alter)
+ {
+ if (!executeAlter(tdbb, dsqlScratch, transaction))
+ {
+ if (create) // create or alter
+ executeCreate(tdbb, dsqlScratch, transaction);
+ else
+ {
+ // msg 214: "Sequence not found"
+ status_exception::raise(Arg::PrivateDyn(214) << name);
+ }
+ }
+ }
+ else
+ executeCreate(tdbb, dsqlScratch, transaction);
+
+ savePoint.release(); // everything is ok
+
+}
+
+void CreateAlterSequenceNode::executeCreate(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch,
+ jrd_tra* transaction)
+{
executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_BEFORE, DDL_TRIGGER_CREATE_SEQUENCE, name);
- store(tdbb, transaction, name, fb_sysflag_user);
+
+ const SSHORT id = store(tdbb, transaction, name, fb_sysflag_user);
+ fb_assert(id > 0);
+
+ // the store() call above has caused the DFW item to be posted,
+ // so we just adjust the cached generator value
+ transaction->getGenIdCache()->put(id, value);
+
executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_AFTER, DDL_TRIGGER_CREATE_SEQUENCE, name);
+}
- savePoint.release(); // everything is ok
+bool CreateAlterSequenceNode::executeAlter(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch,
+ jrd_tra* transaction)
+{
+ const SLONG id = MET_lookup_generator(tdbb, name);
+ if (id < 0)
+ return false;
+
+ executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_BEFORE, DDL_TRIGGER_ALTER_SEQUENCE, name);
+
+ transaction->getGenIdCache()->put(id, value);
+ dsc desc;
+ desc.makeText((USHORT) name.length(), ttype_metadata, (UCHAR*) name.c_str());
+ DFW_post_work(transaction, dfw_set_generator, &desc, id);
+
+ executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_AFTER, DDL_TRIGGER_ALTER_SEQUENCE, name);
+
+ return true;
}
-void CreateSequenceNode::store(thread_db* tdbb, jrd_tra* transaction, const MetaName& name,
+SSHORT CreateAlterSequenceNode::store(thread_db* tdbb, jrd_tra* transaction, const MetaName& name,
fb_sysflag sysFlag)
{
Attachment* const attachment = transaction->tra_attachment;
@@ -4874,6 +4923,7 @@
AutoCacheRequest request(tdbb, drq_s_gens, DYN_REQUESTS);
int faults = 0;
+ SSHORT storedId = -1;
while (true)
{
@@ -4897,6 +4947,7 @@
}
END_STORE
+ storedId = id;
break;
}
catch (const status_exception& ex)
@@ -4912,6 +4963,8 @@
}
storePrivileges(tdbb, transaction, name, obj_generator, USAGE_PRIVILEGES);
+
+ return storedId;
}
@@ -5443,7 +5496,7 @@
DYN_UTIL_generate_generator_name(tdbb, fieldDefinition.identitySequence);
- CreateSequenceNode::store(tdbb, transaction, fieldDefinition.identitySequence,
+ CreateAlterSequenceNode::store(tdbb, transaction, fieldDefinition.identitySequence,
fb_sysflag_identity_generator);
}
@@ -5744,7 +5797,7 @@
// Check that we have references permissions on the table and
// fields that the index:referredIndexName is on.
- SCL_check_index(tdbb, referredIndexName, 0, SCL_sql_references);
+ SCL_check_index(tdbb, referredIndexName, 0, SCL_references);
break;
}
@@ -7557,7 +7610,7 @@
// circumvent DYN.
priv = SCL_get_mask(tdbb, PREL.RDB$RELATION_NAME, "");
- if (!(priv & SCL_read))
+ if (!(priv & SCL_select))
{
// msg 32: no permission for %s access to %s %s
status_exception::raise(
@@ -9202,7 +9255,7 @@
const GranteeClause* usersPtr;
const GranteeClause* usersEnd;
- if (!isGrant && roles.isEmpty() && privileges.isEmpty() && !table) // REVOKE ALL ON ALL
+ if (!isGrant && roles.isEmpty() && privileges.isEmpty() && !object) // REVOKE ALL ON ALL
{
usersEnd = users.end();
for (usersPtr = users.begin(); usersPtr != usersEnd; ++usersPtr)
@@ -9247,7 +9300,7 @@
for (PrivilegeClause* i = privileges.begin(); i != privileges.end(); ++i)
{
if (i->first == 'A')
- grantRevoke(tdbb, transaction, table, user, "A", NULL, option);
+ grantRevoke(tdbb, transaction, object, user, "A", NULL, option);
else if (i->second)
{
char privs0[2] = {i->first, '\0'};
@@ -9256,7 +9309,7 @@
for (NestConst<ValueExprNode>* ptr = fields->items.begin(); ptr != fields->items.end(); ++ptr)
{
- grantRevoke(tdbb, transaction, table, user, privs0,
+ grantRevoke(tdbb, transaction, object, user, privs0,
(*ptr)->as<FieldNode>()->dsqlName, option);
}
}
@@ -9265,11 +9318,11 @@
}
if (privs.hasData())
- grantRevoke(tdbb, transaction, table, user, privs.c_str(), NULL, option);
+ grantRevoke(tdbb, transaction, object, user, privs.c_str(), NULL, option);
}
// Execute SQL grant/revoke operation.
-void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const GranteeClause* table,
+void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const GranteeClause* object,
const GranteeClause* userNod, const char* privs,
const MetaName& field, int options)
{
@@ -9364,26 +9417,25 @@
return;
}
- SSHORT objType = table->first;
+ const SSHORT objType = object->first;
+ const MetaName objName(object->second);
char privileges[16];
strcpy(privileges, privs);
if (strcmp(privileges, "A") == 0)
strcpy(privileges, ALL_PRIVILEGES);
- MetaName object(table->second);
-
- if (objType == obj_sql_role && object == NULL_ROLE)
+ if (objType == obj_sql_role && objName == NULL_ROLE)
{
if (isGrant)
{
// msg 195: keyword NONE could not be used as SQL role name.
- status_exception::raise(Arg::PrivateDyn(195) << object.c_str());
+ status_exception::raise(Arg::PrivateDyn(195) << objName.c_str());
}
else
{
///CVC: Make this a warning in the future.
- ///DYN_error_punt(false, 195, object.c_str());
+ ///DYN_error_punt(false, 195, objName.c_str());
}
}
@@ -9401,7 +9453,7 @@
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
PRIV IN RDB$USER_PRIVILEGES
- WITH PRIV.RDB$RELATION_NAME EQ object.c_str() AND
+ WITH PRIV.RDB$RELATION_NAME EQ objName.c_str() AND
PRIV.RDB$OBJECT_TYPE = objType AND
PRIV.RDB$PRIVILEGE EQ priv AND
PRIV.RDB$USER = user.c_str() AND
@@ -9425,7 +9477,7 @@
if (objType == obj_sql_role)
{
- checkGrantorCanGrantRole(tdbb, transaction, grantorRevoker, object);
+ checkGrantorCanGrantRole(tdbb, transaction, grantorRevoker, objName);
if (userType == obj_sql_role)
{
@@ -9451,12 +9503,12 @@
{
// Relation or view because we cannot distinguish at this point.
checkGrantorCanGrant(tdbb, transaction,
- tdbb->getAttachment()->att_user->usr_user_name.c_str(), priv, object,
+ tdbb->getAttachment()->att_user->usr_user_name.c_str(), priv, objName,
field, true);
}
}
- storePrivilege(tdbb, transaction, object, user, field, pr, userType, objType,
+ storePrivilege(tdbb, transaction, objName, user, field, pr, userType, objType,
options, grantorRevoker);
}
}
@@ -9473,7 +9525,7 @@
{
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
PRIV IN RDB$USER_PRIVILEGES
- WITH PRIV.RDB$RELATION_NAME EQ object.c_str() AND
+ WITH PRIV.RDB$RELATION_NAME EQ objName.c_str() AND
PRIV.RDB$OBJECT_TYPE = objType AND
PRIV.RDB$PRIVILEGE EQ priv AND
PRIV.RDB$USER = user.c_str() AND
@@ -9495,7 +9547,7 @@
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
PRIV IN RDB$USER_PRIVILEGES
WITH PRIV.RDB$PRIVILEGE EQ priv AND
- PRIV.RDB$RELATION_NAME EQ object.c_str() AND
+ PRIV.RDB$RELATION_NAME EQ objName.c_str() AND
PRIV.RDB$OBJECT_TYPE = objType AND
PRIV.RDB$USER EQ user.c_str() AND
PRIV.RDB$USER_TYPE = userType
@@ -9521,7 +9573,7 @@
// rdb$user_privileges which disallows the table from being updated. It would have
// to be changed such that only the grant_option field can be updated.
- storePrivilege(tdbb, transaction, object, user, field, pr, userType, objType,
+ storePrivilege(tdbb, transaction, objName, user, field, pr, userType, objType,
0, grantorRevoker);
}
@@ -9529,7 +9581,7 @@
{
// msg 246: @1 is not grantor of @2 on @3 to @4.
status_exception::raise(Arg::PrivateDyn(246) <<
- grantorRevoker.c_str() << privilegeName(priv[0]) << object.c_str() <<
+ grantorRevoker.c_str() << privilegeName(priv[0]) << objName.c_str() <<
user.c_str());
}
@@ -9538,7 +9590,7 @@
// msg 247: Warning: @1 on @2 is not granted to @3.
ERR_post_warning(
Arg::Warning(isc_dyn_miss_priv_warning) <<
- Arg::Str(privilegeName(priv[0])) << Arg::Str(object) << Arg::Str(user));
+ Arg::Str(privilegeName(priv[0])) << Arg::Str(objName) << Arg::Str(user));
}
}
}
Modified: firebird/trunk/src/dsql/DdlNodes.h
===================================================================
--- firebird/trunk/src/dsql/DdlNodes.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/DdlNodes.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -29,6 +29,7 @@
#include "../dsql/make_proto.h"
#include "../dsql/BlrDebugWriter.h"
#include "../dsql/Nodes.h"
+#include "../dsql/ExprNodes.h"
#include "../common/classes/array.h"
#include "../common/classes/ByteChunk.h"
#include "../common/classes/Nullable.h"
@@ -902,30 +903,72 @@
RecreateExceptionNode;
-class CreateSequenceNode : public DdlNode
+class CreateAlterSequenceNode : public DdlNode
{
public:
- CreateSequenceNode(MemoryPool& pool, const Firebird::MetaName& aName)
+ CreateAlterSequenceNode(MemoryPool& pool, const Firebird::MetaName& aName, const ValueExprNode* val)
: DdlNode(pool),
+ create(true),
+ alter(false),
+ legacy(false),
name(pool, aName)
{
+ bool negate = false;
+ const NegateNode* negation = val->as<NegateNode>();
+ while (negation)
+ {
+ negate = !negate;
+ val = negation->arg;
+ negation = ExprNode::as<NegateNode>(val);
+ }
+
+ const LiteralNode* const lit = val->as<LiteralNode>();
+ fb_assert(lit);
+
+ if (lit->litDesc.dsc_dtype == dtype_int64)
+ value = *(SINT64*) lit->litDesc.dsc_address;
+ else if (lit->litDesc.dsc_dtype == dtype_long)
+ value = *(SLONG*) lit->litDesc.dsc_address;
+ else
+ fb_assert(false);
+
+ if (negate)
+ {
+ fb_assert(value != MIN_SINT64);
+ value = -value;
+ }
}
- static void store(thread_db* tdbb, jrd_tra* transaction, const Firebird::MetaName& name,
+ static SSHORT store(thread_db* tdbb, jrd_tra* transaction, const Firebird::MetaName& name,
fb_sysflag sysFlag);
public:
virtual void print(Firebird::string& text) const;
virtual void execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction);
+ virtual DdlNode* dsqlPass(DsqlCompilerScratch* dsqlScratch)
+ {
+ dsqlScratch->getStatement()->setType(
+ legacy ? DsqlCompiledStatement::TYPE_SET_GENERATOR : DsqlCompiledStatement::TYPE_DDL);
+ return this;
+ }
+
protected:
virtual void putErrorPrefix(Firebird::Arg::StatusVector& statusVector)
{
statusVector << Firebird::Arg::Gds(isc_dsql_create_sequence_failed) << name;
}
+private:
+ void executeCreate(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction);
+ bool executeAlter(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction);
+
public:
+ bool create;
+ bool alter;
+ bool legacy;
Firebird::MetaName name;
+ SINT64 value;
};
@@ -958,7 +1001,7 @@
};
-typedef RecreateNode<CreateSequenceNode, DropSequenceNode, isc_dsql_recreate_sequence_failed>
+typedef RecreateNode<CreateAlterSequenceNode, DropSequenceNode, isc_dsql_recreate_sequence_failed>
RecreateSequenceNode;
@@ -1840,7 +1883,7 @@
isGrant(aIsGrant),
privileges(p),
roles(p),
- table(NULL),
+ object(NULL),
users(p),
grantAdminOption(NULL),
grantor(NULL)
@@ -1860,7 +1903,7 @@
private:
void modifyPrivileges(thread_db* tdbb, jrd_tra* transaction, SSHORT option, const GranteeClause* user);
- void grantRevoke(thread_db* tdbb, jrd_tra* transaction, const GranteeClause* table,
+ void grantRevoke(thread_db* tdbb, jrd_tra* transaction, const GranteeClause* object,
const GranteeClause* userNod, const char* privs, const Firebird::MetaName& field, int options);
static void checkGrantorCanGrant(thread_db* tdbb, jrd_tra* transaction, const char* grantor,
const char* privilege, const Firebird::MetaName& relationName,
@@ -1885,6 +1928,7 @@
case 'D': return "Delete";
case 'S': return "Select";
case 'X': return "Execute";
+ case 'G': return "Usage";
case 'M': return "Role";
case 'R': return "Reference";
}
@@ -1896,7 +1940,7 @@
bool isGrant;
Firebird::Array<PrivilegeClause> privileges;
Firebird::Array<GranteeClause> roles;
- NestConst<GranteeClause> table;
+ NestConst<GranteeClause> object;
Firebird::Array<GranteeClause> users;
bool grantAdminOption;
NestConst<Firebird::MetaName> grantor;
Modified: firebird/trunk/src/dsql/ExprNodes.cpp
===================================================================
--- firebird/trunk/src/dsql/ExprNodes.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/ExprNodes.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -5455,29 +5455,29 @@
if (!csb->csb_validate_expr)
{
CMP_post_access(tdbb, csb, relation->rel_security_name, viewId,
- SCL_sql_update, SCL_object_table, relation->rel_name);
+ SCL_update, SCL_object_table, relation->rel_name);
CMP_post_access(tdbb, csb, field->fld_security_name, viewId,
- SCL_sql_update, SCL_object_column, field->fld_name, relation->rel_name);
+ SCL_update, SCL_object_column, field->fld_name, relation->rel_name);
}
}
else if (tail->csb_flags & csb_erase)
{
CMP_post_access(tdbb, csb, relation->rel_security_name, viewId,
- SCL_sql_delete, SCL_object_table, relation->rel_name);
+ SCL_delete, SCL_object_table, relation->rel_name);
}
else if (tail->csb_flags & csb_store)
{
CMP_post_access(tdbb, csb, relation->rel_security_name, viewId,
- SCL_sql_insert, SCL_object_table, relation->rel_name);
+ SCL_insert, SCL_object_table, relation->rel_name);
CMP_post_access(tdbb, csb, field->fld_security_name, viewId,
- SCL_sql_insert, SCL_object_column, field->fld_name, relation->rel_name);
+ SCL_insert, SCL_object_column, field->fld_name, relation->rel_name);
}
else
{
CMP_post_access(tdbb, csb, relation->rel_security_name, viewId,
- SCL_read, SCL_object_table, relation->rel_name);
+ SCL_select, SCL_object_table, relation->rel_name);
CMP_post_access(tdbb, csb, field->fld_security_name, viewId,
- SCL_read, SCL_object_column, field->fld_name, relation->rel_name);
+ SCL_select, SCL_object_column, field->fld_name, relation->rel_name);
}
ValueExprNode* sub;
@@ -5670,12 +5670,13 @@
static RegisterNode<GenIdNode> regGenIdNode(blr_gen_id);
-GenIdNode::GenIdNode(MemoryPool& pool, bool aDialect1, const MetaName& aName, ValueExprNode* aArg)
+GenIdNode::GenIdNode(MemoryPool& pool, bool aDialect1,
+ const Firebird::MetaName& name,
+ ValueExprNode* aArg)
: TypedNode<ValueExprNode, ExprNode::TYPE_GEN_ID>(pool),
dialect1(aDialect1),
- name(pool, aName),
- arg(aArg),
- id(0)
+ generator(pool, name),
+ arg(aArg)
{
addChildNode(arg, arg);
}
@@ -5685,34 +5686,34 @@
MetaName name;
PAR_name(csb, name);
- const SLONG id = MET_lookup_generator(tdbb, name);
- if (id < 0)
+ GenIdNode* const node =
+ FB_NEW(pool) GenIdNode(pool, (csb->blrVersion == 4), name, PAR_parse_value(tdbb, csb));
+
+ if (!MET_load_generator(tdbb, node->generator))
PAR_error(csb, Arg::Gds(isc_gennotdef) << Arg::Str(name));
if (csb->csb_g_flags & csb_get_dependencies)
{
CompilerScratch::Dependency dependency(obj_generator);
- dependency.number = id;
+ dependency.number = node->generator.id;
csb->csb_dependencies.push(dependency);
}
- GenIdNode* node = FB_NEW(pool) GenIdNode(pool, (csb->blrVersion == 4), name);
- node->id = id;
- node->arg = PAR_parse_value(tdbb, csb);
-
return node;
}
void GenIdNode::print(string& text) const
{
- text.printf("GenIdNode %s (%d)", name.c_str(), (dialect1 ? 1 : 3));
+ text.printf("GenIdNode %s (%d)", generator.name.c_str(), (dialect1 ? 1 : 3));
ExprNode::print(text);
}
ValueExprNode* GenIdNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
{
- return FB_NEW(getPool()) GenIdNode(getPool(), dialect1, name,
- doDsqlPass(dsqlScratch, arg));
+ GenIdNode* const node = FB_NEW(getPool())
+ GenIdNode(getPool(), dialect1, generator.name, doDsqlPass(dsqlScratch, arg));
+ node->generator = generator;
+ return node;
}
void GenIdNode::setParameterName(dsql_par* parameter) const
@@ -5729,7 +5730,7 @@
void GenIdNode::genBlr(DsqlCompilerScratch* dsqlScratch)
{
dsqlScratch->appendUChar(blr_gen_id);
- dsqlScratch->appendNullString(name.c_str());
+ dsqlScratch->appendNullString(generator.name.c_str());
GEN_expr(dsqlScratch, arg);
}
@@ -5756,10 +5757,10 @@
ValueExprNode* GenIdNode::copy(thread_db* tdbb, NodeCopier& copier) const
{
- GenIdNode* node = FB_NEW(*tdbb->getDefaultPool()) GenIdNode(*tdbb->getDefaultPool(),
- dialect1, name);
- node->id = id;
- node->arg = copier.copy(tdbb, arg);
+ GenIdNode* const node = FB_NEW(*tdbb->getDefaultPool())
+ GenIdNode(*tdbb->getDefaultPool(), dialect1,
+ generator.name, copier.copy(tdbb, arg));
+ node->generator = generator;
return node;
}
@@ -5771,15 +5772,25 @@
const GenIdNode* o = other->as<GenIdNode>();
fb_assert(o);
- return dialect1 == o->dialect1 && name == o->name;
+ return dialect1 == o->dialect1 && generator.name == o->generator.name;
}
bool GenIdNode::sameAs(thread_db* /*tdbb*/, CompilerScratch* /*csb*/, /*const*/ ExprNode* other)
{
GenIdNode* otherNode = other->as<GenIdNode>();
- return otherNode && dialect1 == otherNode->dialect1 && id == otherNode->id;
+ return otherNode && dialect1 == otherNode->dialect1 && generator.id == otherNode->generator.id;
}
+ValueExprNode* GenIdNode::pass1(thread_db* tdbb, CompilerScratch* csb)
+{
+ ValueExprNode::pass1(tdbb, csb);
+
+ CMP_post_access(tdbb, csb, generator.secName, 0,
+ SCL_usage, SCL_object_generator, generator.name);
+
+ return this;
+}
+
ValueExprNode* GenIdNode::pass2(thread_db* tdbb, CompilerScratch* csb)
{
ValueExprNode::pass2(tdbb, csb);
@@ -5796,21 +5807,17 @@
request->req_flags &= ~req_null;
impure_value* const impure = request->getImpure<impure_value>(impureOffset);
- const dsc* value = EVL_expr(tdbb, request, arg);
+ const dsc* const value = EVL_expr(tdbb, request, arg);
if (request->req_flags & req_null)
return NULL;
+ const SINT64 new_val = DPM_gen_id(tdbb, generator.id, false, MOV_get_int64(value, 0));
+
if (dialect1)
- {
- SLONG temp = (SLONG) DPM_gen_id(tdbb, id, false, MOV_get_int64(value, 0));
- impure->make_long(temp);
- }
+ impure->make_long((SLONG) new_val);
else
- {
- SINT64 temp = DPM_gen_id(tdbb, id, false, MOV_get_int64(value, 0));
- impure->make_int64(temp);
- }
+ impure->make_int64(new_val);
return &impure->vlu_desc;
}
Modified: firebird/trunk/src/dsql/ExprNodes.h
===================================================================
--- firebird/trunk/src/dsql/ExprNodes.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/ExprNodes.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -37,7 +37,6 @@
class RelationSourceNode;
class ValueListNode;
-
class ArithmeticNode : public TypedNode<ValueExprNode, ExprNode::TYPE_ARITHMETIC>
{
public:
@@ -658,8 +657,9 @@
class GenIdNode : public TypedNode<ValueExprNode, ExprNode::TYPE_GEN_ID>
{
public:
- GenIdNode(MemoryPool& pool, bool aDialect1, const Firebird::MetaName& aName,
- ValueExprNode* aArg = NULL);
+ GenIdNode(MemoryPool& pool, bool aDialect1,
+ const Firebird::MetaName& name,
+ ValueExprNode* aArg = NULL);
static DmlNode* parse(thread_db* tdbb, MemoryPool& pool, CompilerScratch* csb, UCHAR blrOp);
@@ -680,14 +680,14 @@
virtual ValueExprNode* copy(thread_db* tdbb, NodeCopier& copier) const;
virtual bool dsqlMatch(const ExprNode* other, bool ignoreMapCast) const;
virtual bool sameAs(thread_db* tdbb, CompilerScratch* csb, /*const*/ ExprNode* other) /*const*/;
+ virtual ValueExprNode* pass1(thread_db* tdbb, CompilerScratch* csb);
virtual ValueExprNode* pass2(thread_db* tdbb, CompilerScratch* csb);
virtual dsc* execute(thread_db* tdbb, jrd_req* request) const;
public:
bool dialect1;
- Firebird::MetaName name;
+ GeneratorItem generator;
NestConst<ValueExprNode> arg;
- SLONG id;
};
Modified: firebird/trunk/src/dsql/Nodes.h
===================================================================
--- firebird/trunk/src/dsql/Nodes.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/Nodes.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -1483,6 +1483,27 @@
};
+class GeneratorItem
+{
+public:
+ GeneratorItem(Firebird::MemoryPool& pool, const Firebird::MetaName& name)
+ : id(0), name(pool, name), secName(pool)
+ {}
+
+ GeneratorItem& operator=(const GeneratorItem& other)
+ {
+ id = other.id;
+ name = other.name;
+ secName = other.secName;
+ return *this;
+ }
+
+ SLONG id;
+ Firebird::MetaName name;
+ Firebird::MetaName secName;
+};
+
+
} // namespace
#endif // DSQL_NODES_H
Modified: firebird/trunk/src/dsql/StmtNodes.cpp
===================================================================
--- firebird/trunk/src/dsql/StmtNodes.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/StmtNodes.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -2059,10 +2059,10 @@
// access on the base table. If field-level select privileges are implemented, this needs
// to be enhanced.
- SecurityClass::flags_t priv = SCL_sql_delete;
+ SecurityClass::flags_t priv = SCL_delete;
if (parent)
- priv |= SCL_read;
+ priv |= SCL_select;
const trig_vec* trigger = relation->rel_pre_erase ?
relation->rel_pre_erase : relation->rel_post_erase;
@@ -2325,9 +2325,8 @@
case blr_exception:
{
- item.type = ExceptionItem::XCP_CODE;
PAR_name(csb, item.name);
- if (!(item.code = MET_lookup_exception_number(tdbb, item.name)))
+ if (!MET_load_exception(tdbb, item))
PAR_error(csb, Arg::Gds(isc_xcpnotdef) << item.name);
CompilerScratch::Dependency dependency(obj_exception);
@@ -3989,34 +3988,33 @@
// Don't create ExceptionItem if blr_raise is used.
if (codeType != blr_raise)
{
- node->exception = FB_NEW(pool) ExceptionItem(pool);
+ ExceptionItem* const item = FB_NEW(pool) ExceptionItem(pool);
switch (codeType)
{
case blr_sql_code:
- node->exception->type = ExceptionItem::SQL_CODE;
- node->exception->code = (SSHORT) csb->csb_blr_reader.getWord();
+ item->type = ExceptionItem::SQL_CODE;
+ item->code = (SSHORT) csb->csb_blr_reader.getWord();
break;
case blr_gds_code:
- node->exception->type = ExceptionItem::GDS_CODE;
- PAR_name(csb, node->exception->name);
- node->exception->name.lower();
- if (!(node->exception->code = PAR_symbol_to_gdscode(node->exception->name)))
- PAR_error(csb, Arg::Gds(isc_codnotdef) << node->exception->name);
+ item->type = ExceptionItem::GDS_CODE;
+ PAR_name(csb, item->name);
+ item->name.lower();
+ if (!(item->code = PAR_symbol_to_gdscode(item->name)))
+ PAR_error(csb, Arg::Gds(isc_codnotdef) << item->name);
break;
case blr_exception:
case blr_exception_msg:
case blr_exception_params:
{
- node->exception->type = ExceptionItem::XCP_CODE;
- PAR_name(csb, node->exception->name);
- if (!(node->exception->code = MET_lookup_exception_number(tdbb, node->exception->name)))
- PAR_error(csb, Arg::Gds(isc_xcpnotdef) << node->exception->name);
+ PAR_name(csb, item->name);
+ if (!MET_load_exception(tdbb, *item))
+ PAR_error(csb, Arg::Gds(isc_xcpnotdef) << item->name);
CompilerScratch::Dependency dependency(obj_exception);
- dependency.number = node->exception->code;
+ dependency.number = item->code;
csb->csb_dependencies.push(dependency);
}
break;
@@ -4025,6 +4023,8 @@
fb_assert(false);
break;
}
+
+ node->exception = item;
}
if (type == blr_exception_params)
@@ -4097,6 +4097,13 @@
{
doPass1(tdbb, csb, messageExpr.getAddress());
doPass1(tdbb, csb, parameters.getAddress());
+
+ if (exception)
+ {
+ CMP_post_access(tdbb, csb, exception->secName, 0,
+ SCL_usage, SCL_object_exception, exception->name);
+ }
+
return this;
}
@@ -5615,10 +5622,10 @@
// access on the base table. If field-level select privileges are implemented, this needs
// to be enhanced.
- SecurityClass::flags_t priv = SCL_sql_update;
+ SecurityClass::flags_t priv = SCL_update;
if (parent)
- priv |= SCL_read;
+ priv |= SCL_select;
const trig_vec* trigger = (relation->rel_pre_modify) ?
relation->rel_pre_modify : relation->rel_post_modify;
@@ -6389,10 +6396,10 @@
// access on the base table. If field-level select privileges are implemented, this needs
// to be enhanced.
- SecurityClass::flags_t priv = SCL_sql_insert;
+ SecurityClass::flags_t priv = SCL_insert;
if (parent)
- priv |= SCL_read;
+ priv |= SCL_select;
// Get the source relation, either a table or yet another view.
@@ -6520,7 +6527,9 @@
stack.push(assign);
- if ((*ptr1)->fld_generator_name.hasData())
+ const MetaName& generatorName = (*ptr1)->fld_generator_name;
+
+ if (generatorName.hasData())
{
// Make a gen_id(<generator name>, 1) expression.
@@ -6528,11 +6537,12 @@
SLONG* increment = FB_NEW(csb->csb_pool) SLONG(1);
literal->litDesc.makeLong(0, increment);
- GenIdNode* genNode = FB_NEW(csb->csb_pool) GenIdNode(csb->csb_pool,
- (csb->blrVersion == 4), (*ptr1)->fld_generator_name);
- genNode->id = MET_lookup_generator(tdbb, (*ptr1)->fld_generator_name);
- genNode->arg = literal;
+ GenIdNode* const genNode = FB_NEW(csb->csb_pool)
+ GenIdNode(csb->csb_pool, (csb->blrVersion == 4), generatorName, literal);
+ if (!MET_load_generator(tdbb, genNode->generator))
+ PAR_error(csb, Arg::Gds(isc_gennotdef) << Arg::Str(generatorName));
+
assign->asgnFrom = genNode;
}
else //if (value)
@@ -7163,10 +7173,9 @@
MetaName name;
PAR_name(csb, name);
- SetGeneratorNode* node = FB_NEW(pool) SetGeneratorNode(pool, name);
+ SetGeneratorNode* const node = FB_NEW(pool) SetGeneratorNode(pool, name);
- node->genId = MET_lookup_generator(tdbb, name);
- if (node->genId < 0)
+ if (!MET_load_generator(tdbb, node->generator))
PAR_error(csb, Arg::Gds(isc_gennotdef) << Arg::Str(name));
node->value = PAR_parse_value(tdbb, csb);
@@ -7176,8 +7185,9 @@
SetGeneratorNode* SetGeneratorNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
{
- SetGeneratorNode* node = FB_NEW(getPool()) SetGeneratorNode(getPool(), name,
- doDsqlPass(dsqlScratch, value));
+ SetGeneratorNode* node = FB_NEW(getPool())
+ SetGeneratorNode(getPool(), generator.name, doDsqlPass(dsqlScratch, value));
+ node->generator = generator;
dsqlScratch->getStatement()->setType(DsqlCompiledStatement::TYPE_SET_GENERATOR);
@@ -7192,13 +7202,17 @@
void SetGeneratorNode::genBlr(DsqlCompilerScratch* dsqlScratch)
{
dsqlScratch->appendUChar(blr_set_generator);
- dsqlScratch->appendNullString(name.c_str());
+ dsqlScratch->appendNullString(generator.name.c_str());
GEN_expr(dsqlScratch, value);
}
SetGeneratorNode* SetGeneratorNode::pass1(thread_db* tdbb, CompilerScratch* csb)
{
doPass1(tdbb, csb, value.getAddress());
+
+ CMP_post_access(tdbb, csb, generator.secName, 0,
+ SCL_usage, SCL_object_generator, generator.name);
+
return this;
}
@@ -7212,19 +7226,16 @@
{
if (request->req_operation == jrd_req::req_evaluate)
{
- jrd_tra* transaction = request->req_transaction;
+ jrd_tra* const transaction = request->req_transaction;
- MetaName genName;
- MET_lookup_generator_id(tdbb, genId, genName);
-
DdlNode::executeDdlTrigger(tdbb, transaction, DdlNode::DTW_BEFORE,
- DDL_TRIGGER_ALTER_SEQUENCE, genName, *request->getStatement()->sqlText);
+ DDL_TRIGGER_ALTER_SEQUENCE, generator.name, *request->getStatement()->sqlText);
- dsc* desc = EVL_expr(tdbb, request, value);
- DPM_gen_id(tdbb, genId, true, MOV_get_int64(desc, 0));
+ dsc* const desc = EVL_expr(tdbb, request, value);
+ DPM_gen_id(tdbb, generator.id, true, MOV_get_int64(desc, 0));
DdlNode::executeDdlTrigger(tdbb, transaction, DdlNode::DTW_AFTER,
- DDL_TRIGGER_ALTER_SEQUENCE, genName, *request->getStatement()->sqlText);
+ DDL_TRIGGER_ALTER_SEQUENCE, generator.name, *request->getStatement()->sqlText);
request->req_operation = jrd_req::req_return;
}
Modified: firebird/trunk/src/dsql/StmtNodes.h
===================================================================
--- firebird/trunk/src/dsql/StmtNodes.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/StmtNodes.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -37,6 +37,7 @@
class PlanNode;
class RelationSourceNode;
class SelectNode;
+class GeneratorItem;
typedef Firebird::Pair<
Firebird::NonPooled<NestConst<ValueListNode>, NestConst<ValueListNode> > > ReturningClause;
@@ -57,23 +58,24 @@
: PermanentStorage(pool),
type(o.type),
code(o.code),
- name(pool, o.name)
+ name(pool, o.name),
+ secName(pool, o.secName)
{
}
explicit ExceptionItem(MemoryPool& pool)
: PermanentStorage(pool),
- type(Type(0)),
code(0),
- name(pool)
+ name(pool),
+ secName(pool)
{
}
ExceptionItem& operator =(const ExceptionItem& o)
{
- type = o.type;
code = o.code;
name = o.name;
+ secName = o.secName;
return *this;
}
@@ -83,6 +85,7 @@
// while there are system exceptions with 32 chars. The parser always expects metanames, but
// I'm following the legacy code and making this a string.
Firebird::string name;
+ Firebird::MetaName secName;
};
typedef Firebird::ObjectsArray<ExceptionItem> ExceptionArray;
@@ -1312,11 +1315,9 @@
class SetGeneratorNode : public TypedNode<StmtNode, StmtNode::TYPE_SET_GENERATOR>
{
public:
- SetGeneratorNode(MemoryPool& pool, const Firebird::MetaName& aName, ValueExprNode* aValue = NULL)
+ SetGeneratorNode(MemoryPool& pool, const Firebird::MetaName& name, ValueExprNode* aValue = NULL)
: TypedNode<StmtNode, StmtNode::TYPE_SET_GENERATOR>(pool),
- name(aName),
- value(aValue),
- genId(0)
+ generator(pool, name), value(aValue)
{
}
@@ -1331,9 +1332,8 @@
virtual const StmtNode* execute(thread_db* tdbb, jrd_req* request, ExeState* exeState) const;
public:
- Firebird::MetaName name;
+ GeneratorItem generator;
NestConst<ValueExprNode> value;
- USHORT genId;
};
Modified: firebird/trunk/src/dsql/parse.y
===================================================================
--- firebird/trunk/src/dsql/parse.y 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/dsql/parse.y 2013-03-07 13:59:03 UTC (rev 57743)
@@ -559,6 +559,7 @@
%token <metaNamePtr> KW_FALSE
%token <metaNamePtr> KW_TRUE
%token <metaNamePtr> UNKNOWN
+%token <metaNamePtr> USAGE
%token <metaNamePtr> RDB_RECORD_VERSION
// precedence declarations for expression evaluation
@@ -643,7 +644,8 @@
Jrd::CreateAlterTriggerNode* createAlterTriggerNode;
Jrd::CreateAlterPackageNode* createAlterPackageNode;
Jrd::CreateFilterNode::NameNumber* filterNameNumber;
- Jrd::CreateSequenceNode* createSequenceNode;
+ Jrd::CreateAlterExceptionNode* createAlterExceptionNode;
+ Jrd::CreateAlterSequenceNode* createAlterSequenceNode;
Jrd::CreateShadowNode* createShadowNode;
Firebird::Array<Jrd::CreateAlterPackageNode::Item>* packageItems;
Jrd::ExceptionArray* exceptionArray;
@@ -701,16 +703,13 @@
%type <stmtNode> dml_statement
dml_statement
- // ASF: ALTER SEQUENCE is defined here cause it's treated as DML.
- : ALTER SEQUENCE alter_sequence_clause { $$ = $3; }
- | delete { $$ = $1; }
+ : delete { $$ = $1; }
| insert { $$ = $1; }
| merge { $$ = $1; }
| exec_procedure { $$ = $1; }
| exec_block { $$ = $1; }
| savepoint { $$ = $1; }
| select { $$ = $1; }
- | set_generator { $$ = $1; }
| update { $$ = $1; }
| update_or_insert { $$ = $1; }
;
@@ -752,31 +751,73 @@
: privileges(NOTRIAL(&$node->privileges)) ON table_noise symbol_table_name
TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
{
- $node->table = newNode<GranteeClause>(obj_relation, *$4);
+ $node->object = newNode<GranteeClause>(obj_relation, *$4);
$node->grantAdminOption = $7;
$node->grantor = $8;
}
- | execute_privilege(NOTRIAL(&$node->privileges)) ON PROCEDURE simple_proc_name
+ | execute_privilege(NOTRIAL(&$node->privileges)) ON PROCEDURE symbol_procedure_name
TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
{
- $node->table = $4;
+ $node->object = newNode<GranteeClause>(obj_procedure, *$4);
$node->grantAdminOption = $7;
$node->grantor = $8;
}
- | execute_privilege(NOTRIAL(&$node->privileges)) ON FUNCTION simple_UDF_name
+ | execute_privilege(NOTRIAL(&$node->privileges)) ON FUNCTION symbol_UDF_name
TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
{
- $node->table = $4;
+ $node->object = newNode<GranteeClause>(obj_udf, *$4);
$node->grantAdminOption = $7;
$node->grantor = $8;
}
- | execute_privilege(NOTRIAL(&$node->privileges)) ON PACKAGE simple_package_name
+ | execute_privilege(NOTRIAL(&$node->privileges)) ON PACKAGE symbol_package_name
TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
{
- $node->table = $4;
+ $node->object = newNode<GranteeClause>(obj_package_header, *$4);
$node->grantAdminOption = $7;
$node->grantor = $8;
}
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON DOMAIN symbol_domain_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_field, *$4);
+ $node->grantAdminOption = $7;
+ $node->grantor = $8;
+ }
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON EXCEPTION symbol_exception_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_exception, *$4);
+ $node->grantAdminOption = $7;
+ $node->grantor = $8;
+ }
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON GENERATOR symbol_generator_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_generator, *$4);
+ $node->grantAdminOption = $7;
+ $node->grantor = $8;
+ }
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON SEQUENCE symbol_generator_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_generator, *$4);
+ $node->grantAdminOption = $7;
+ $node->grantor = $8;
+ }
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON CHARACTER SET symbol_character_set_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_charset, *$5);
+ $node->grantAdminOption = $8;
+ $node->grantor = $9;
+ }
+ | usage_privilege(NOTRIAL(&$node->privileges)) ON COLLATION symbol_collation_name
+ TO non_role_grantee_list(NOTRIAL(&$node->users)) grant_option granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_collation, *$4);
+ $node->grantAdminOption = $7;
+ $node->grantor = $8;
+ }
| role_name_list(NOTRIAL(&$node->roles)) TO role_grantee_list(NOTRIAL(&$node->users))
role_admin_option granted_by
{
@@ -808,6 +849,11 @@
: EXECUTE { $privilegeArray->add(PrivilegeClause('X', NULL)); }
;
+%type usage_privilege(<privilegeArray>)
+usage_privilege($privilegeArray)
+ : USAGE { $privilegeArray->add(PrivilegeClause('G', NULL)); }
+ ;
+
%type privilege(<privilegeArray>)
privilege($privilegeArray)
: SELECT { $privilegeArray->add(PrivilegeClause('S', NULL)); }
@@ -846,22 +892,7 @@
| USER symbol_user_name { $$ = $2; }
;
-%type <granteeClause> simple_package_name
-simple_package_name
- : symbol_package_name { $$ = newNode<GranteeClause>(obj_package_header, *$1); }
- ;
-%type <granteeClause> simple_proc_name
-simple_proc_name
- : symbol_procedure_name { $$ = newNode<GranteeClause>(obj_procedure, *$1); }
- ;
-
-%type <granteeClause> simple_UDF_name
-simple_UDF_name
- : symbol_UDF_name { $$ = newNode<GranteeClause>(obj_udf, *$1); }
- ;
-
-
// REVOKE statement
%type <grantRevokeNode> revoke
@@ -877,32 +908,74 @@
: rev_grant_option privileges(NOTRIAL(&$node->privileges)) ON table_noise symbol_table_name
FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
{
- $node->table = newNode<GranteeClause>(obj_relation, *$5);
+ $node->object = newNode<GranteeClause>(obj_relation, *$5);
$node->grantAdminOption = $1;
$node->grantor = $8;
}
- | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON PROCEDURE simple_proc_name
+ | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON PROCEDURE symbol_procedure_name
FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
{
- $node->table = $5;
+ $node->object = newNode<GranteeClause>(obj_procedure, *$5);
$node->grantAdminOption = $1;
$node->grantor = $8;
}
- | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON FUNCTION simple_UDF_name
+ | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON FUNCTION symbol_UDF_name
FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
{
- $node->table = $5;
+ $node->object = newNode<GranteeClause>(obj_udf, *$5);
$node->grantAdminOption = $1;
$node->grantor = $8;
}
- | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON PACKAGE simple_package_name
+ | rev_grant_option execute_privilege(NOTRIAL(&$node->privileges)) ON PACKAGE symbol_package_name
FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
{
- $node->table = $5;
+ $node->object = newNode<GranteeClause>(obj_package_header, *$5);
$node->grantAdminOption = $1;
$node->grantor = $8;
}
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON DOMAIN symbol_domain_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_field, *$5);
+ $node->grantAdminOption = $1;
+ $node->grantor = $8;
+ }
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON EXCEPTION symbol_exception_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_exception, *$5);
+ $node->grantAdminOption = $1;
+ $node->grantor = $8;
+ }
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON GENERATOR symbol_generator_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_generator, *$5);
+ $node->grantAdminOption = $1;
+ $node->grantor = $8;
+ }
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON SEQUENCE symbol_generator_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_generator, *$5);
+ $node->grantAdminOption = $1;
+ $node->grantor = $8;
+ }
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON CHARACTER SET symbol_character_set_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_charset, *$6);
+ $node->grantAdminOption = $1;
+ $node->grantor = $9;
+ }
+ | rev_grant_option usage_privilege(NOTRIAL(&$node->privileges)) ON COLLATION symbol_collation_name
+ FROM non_role_grantee_list(NOTRIAL(&$node->users)) granted_by
+ {
+ $node->object = newNode<GranteeClause>(obj_collation, *$5);
+ $node->grantAdminOption = $1;
+ $node->grantor = $8;
+ }
| rev_admin_option role_name_list(NOTRIAL(&$node->roles))
FROM role_grantee_list(NOTRIAL(&$node->users)) granted_by
{
@@ -1165,20 +1238,20 @@
{ $$ = newNode<RecreateProcedureNode>($2); }
| FUNCTION function_clause
{ $$ = newNode<RecreateFunctionNode>($2); }
- | TABLE rtable_clause
- { $$ = $2; }
- | GLOBAL TEMPORARY TABLE gtt_recreate_clause
- { $$ = $4; }
- | VIEW rview_clause
- { $$ = $2; }
+ | TABLE table_clause
+ { $$ = newNode<RecreateTableNode>($2); }
+ | GLOBAL TEMPORARY TABLE gtt_table_clause
+ { $$ = newNode<RecreateTableNode>($4); }
+ | VIEW view_clause
+ { $$ = newNode<RecreateViewNode>($2); }
| TRIGGER trigger_clause
{ $$ = newNode<RecreateTriggerNode>($2); }
| PACKAGE package_clause
{ $$ = newNode<RecreatePackageNode>($2); }
| PACKAGE BODY package_body_clause
{ $$ = newNode<RecreatePackageBodyNode>($3); }
- | EXCEPTION rexception_clause
- { $$ = $2; }
+ | EXCEPTION exception_clause
+ { $$ = newNode<RecreateExceptionNode>($2); }
| GENERATOR generator_clause
{ $$ = newNode<RecreateSequenceNode>($2); }
| SEQUENCE generator_clause
@@ -1198,29 +1271,21 @@
| PACKAGE replace_package_clause { $$ = $2; }
| VIEW replace_view_clause { $$ = $2; }
| EXCEPTION replace_exception_clause { $$ = $2; }
+ | GENERATOR replace_sequence_clause { $$ = $2; }
+ | SEQUENCE replace_sequence_clause { $$ = $2; }
;
// CREATE EXCEPTION
// ASF: The charset from sql_string is discarded because the database column uses NONE.
-%type <ddlNode> exception_clause
+%type <createAlterExceptionNode> exception_clause
exception_clause
: symbol_exception_name sql_string
{ $$ = newNode<CreateAlterExceptionNode>(*$1, $2->getString()); }
;
-%type <ddlNode> rexception_clause
-rexception_clause
- : symbol_exception_name sql_string
- {
- CreateAlterExceptionNode* createNode = newNode<CreateAlterExceptionNode>(*$1,
- $2->getString());
- $$ = newNode<RecreateExceptionNode>(createNode);
- }
- ;
-
-%type <ddlNode> replace_exception_clause
+%type <createAlterExceptionNode> replace_exception_clause
replace_exception_clause
: symbol_exception_name sql_string
{
@@ -1230,7 +1295,7 @@
}
;
-%type <ddlNode> alter_exception_clause
+%type <createAlterExceptionNode> alter_exception_clause
alter_exception_clause
: symbol_exception_name sql_string
{
@@ -1390,12 +1455,64 @@
// CREATE SEQUENCE/GENERATOR
-%type <createSequenceNode> generator_clause
+%type <createAlterSequenceNode> generator_clause
generator_clause
- : symbol_generator_name { $$ = newNode<CreateSequenceNode>(*$1); }
+ : symbol_generator_name start_with_opt
+ { $$ = newNode<CreateAlterSequenceNode>(*$1, $2); }
;
+%type <createAlterSequenceNode> replace_sequence_clause
+replace_sequence_clause
+ : symbol_generator_name start_with_opt
+ {
+ CreateAlterSequenceNode* node = newNode<CreateAlterSequenceNode>(*$1, $2);
+ node->alter = true;
+ $$ = node;
+ }
+ ;
+%type <createAlterSequenceNode> alter_sequence_clause
+alter_sequence_clause
+ : symbol_generator_name RESTART WITH sequence_value
+ {
+ CreateAlterSequenceNode* node = newNode<CreateAlterSequenceNode>(*$1, $4);
+ node->create = false;
+ node->alter = true;
+ $$ = node;
+ }
+ ;
+
+%type <createAlterSequenceNode> set_generator_clause
+set_generator_clause
+ : SET GENERATOR symbol_generator_name TO sequence_value
+ {
+ CreateAlterSequenceNode* node = newNode<CreateAlterSequenceNode>(*$1, $5);
+ node->create = false;
+ node->alter = true;
+ node->legacy = true;
+ $$ = node;
+ }
+ ;
+
+%type <valueExprNode> start_with_opt
+start_with_opt
+ : START WITH sequence_value
+ { $$ = $3; }
+ |
+ { $$ = MAKE_const_slong(0); }
+ ;
+
+%type <valueExprNode> sequence_value
+sequence_value
+ : signed_long_integer
+ { $$ = MAKE_const_slong($1); }
+ | NUMBER64BIT
+ { $$ = MAKE_constant(*$1, CONSTANT_SINT64); }
+ | '-' NUMBER64BIT
+ { $$ = newNode<NegateNode>(MAKE_constant(*$2, CONSTANT_SINT64)); }
+ ;
+
+
// CREATE ROLE
%type <ddlNode> role_clause
@@ -1614,12 +1731,6 @@
{ $$ = $3; }
;
-%type <ddlNode> rtable_clause
-rtable_clause
- : table_clause
- { $$ = newNode<RecreateTableNode>($1); }
- ;
-
%type <createRelationNode> gtt_table_clause
gtt_table_clause
: simple_table_name
@@ -1631,12 +1742,6 @@
}
;
-%type <ddlNode> gtt_recreate_clause
-gtt_recreate_clause
- : gtt_table_clause
- { $$ = newNode<RecreateTableNode>($1); }
- ;
-
%type <intVal> gtt_scope
gtt_scope
: /* nothing */ { $$ = rel_global_temp_delete; }
@@ -2958,12 +3063,6 @@
}
;
-%type <ddlNode> rview_clause
-rview_clause
- : view_clause
- { $$ = newNode<RecreateViewNode>($1); }
- ;
-
%type <ddlNode> replace_view_clause
replace_view_clause
: view_clause
@@ -3193,6 +3292,7 @@
%type <ddlNode> alter
alter
: ALTER alter_clause { $$ = $2; }
+ | set_generator_clause { $$ = $1; }
;
%type <ddlNode> alter_clause
@@ -3217,6 +3317,7 @@
| ROLE alter_role_clause { $$ = $2; }
| USER alter_user_clause { $$ = $2; }
| CHARACTER SET alter_charset_clause { $$ = $3; }
+ | SEQUENCE alter_sequence_clause { $$ = $2; }
;
%type <alterDomainNode> alter_domain
@@ -3449,19 +3550,6 @@
| symbol_index_name INACTIVE { $$ = newNode<AlterIndexNode>(*$1, false); }
;
-%type <stmtNode> alter_sequence_clause
-alter_sequence_clause
- : symbol_generator_name RESTART WITH signed_long_integer
- { $$ = newNode<SetGeneratorNode>(*$1, MAKE_const_slong($4)); }
- | symbol_generator_name RESTART WITH NUMBER64BIT
- { $$ = newNode<SetGeneratorNode>(*$1, MAKE_constant(*$4, CONSTANT_SINT64)); }
- | symbol_generator_name RESTART WITH '-' NUMBER64BIT
- {
- $$ = newNode<SetGeneratorNode>(*$1,
- newNode<NegateNode>(MAKE_constant(*$5, CONSTANT_SINT64)));
- }
- ;
-
%type <ddlNode> alter_udf_clause
alter_udf_clause
: symbol_UDF_name entry_op module_op
@@ -4144,20 +4232,6 @@
;
-%type <stmtNode> set_generator
-set_generator
- : SET GENERATOR symbol_generator_name TO signed_long_integer
- { $$ = newNode<SetGeneratorNode>(*$3, MAKE_const_slong($5)); }
- | SET GENERATOR symbol_generator_name TO NUMBER64BIT
- { $$ = newNode<SetGeneratorNode>(*$3, MAKE_constant(*$5, CONSTANT_SINT64)); }
- | SET GENERATOR symbol_generator_name TO '-' NUMBER64BIT
- {
- $$ = newNode<SetGeneratorNode>(*$3,
- newNode<NegateNode>(MAKE_constant(*$6, CONSTANT_SINT64)));
- }
- ;
-
-
// transaction statements
%type <stmtNode> savepoint
@@ -6925,6 +6999,7 @@
| LEAD
| RANK
| ROW_NUMBER
+ | USAGE
;
%%
Modified: firebird/trunk/src/jrd/RecordSourceNodes.cpp
===================================================================
--- firebird/trunk/src/jrd/RecordSourceNodes.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/RecordSourceNodes.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -658,7 +658,7 @@
{
CMP_post_access(tdbb, csb, relation->rel_security_name,
(tail->csb_view) ? tail->csb_view->rel_id : (view ? view->rel_id : 0),
- SCL_read, SCL_object_table, relation->rel_name);
+ SCL_select, SCL_object_table, relation->rel_name);
}
}
Modified: firebird/trunk/src/jrd/acl.h
===================================================================
--- firebird/trunk/src/jrd/acl.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/acl.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -38,17 +38,19 @@
const int priv_end = 0;
const int priv_control = 1; // Control over ACL
-const int priv_grant = 2; // Grant subset of rights to others
-const int priv_delete = 3; // Delete object
-const int priv_read = 4; // Read object
-const int priv_write = 5; // Write object
-const int priv_protect = 6; // Change protection
-const int priv_sql_insert = 7; // SQL insertion
-const int priv_sql_delete = 8; // SQL deletion
-const int priv_sql_update = 9; // SQL update
-const int priv_sql_references = 10; // SQL references for foreign key
-const int priv_execute = 11; // Execute (procedure)
-const int priv_max = 12;
+const int priv_grant = 2; // Unused
+const int priv_drop = 3; // Drop object
+const int priv_select = 4; // SELECT
+const int priv_write = 5; // Unused
+const int priv_alter = 6; // Alter object
+const int priv_insert = 7; // INSERT
+const int priv_delete = 8; // DELETE
+const int priv_update = 9; // UPDATE
+const int priv_references = 10; // REFERENCES for foreign key
+const int priv_execute = 11; // EXECUTE (procedure, function, package)
+// New in FB3
+const int priv_usage = 12; // USAGE (domain, exception, sequence, collation)
+const int priv_max = 13;
// Identification criterias
@@ -67,13 +69,7 @@
// New in FB3
const int id_package = 12; // Package name
const int id_function = 13; // Function name
-const int id_schema = 14; // Schema name
-const int id_generator = 15;
-const int id_domain = 16; // global field (domain)
-const int id_charset = 17;
-const int id_collation = 18;
-const int id_exception = 19;
-const int id_max = 20;
+const int id_max = 14;
/* Format of access control list:
Modified: firebird/trunk/src/jrd/dfw.epp
===================================================================
--- firebird/trunk/src/jrd/dfw.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/dfw.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -380,9 +380,8 @@
static bool create_collation(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool delete_collation(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool delete_exception(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
-static bool create_generator(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
+static bool set_generator(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool delete_generator(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
-static bool modify_generator(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool create_function(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool delete_function(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
static bool modify_function(thread_db*, SSHORT, DeferredWork*, jrd_tra*);
@@ -413,7 +412,6 @@
const Firebird::MetaName& fieldName);
static void check_dependencies(thread_db*, const TEXT*, const TEXT*, const TEXT*, int, jrd_tra*);
static void check_filename(const Firebird::string&, bool);
-static void check_system_generator(const TEXT*, const dfw_t);
static bool formatsAreEqual(const Format*, const Format*);
static bool find_depend_in_dfw(thread_db*, TEXT*, USHORT, USHORT, jrd_tra*);
static void get_array_desc(thread_db*, const TEXT*, Ods::InternalArrayDesc*);
@@ -482,9 +480,8 @@
{ dfw_create_collation, create_collation },
{ dfw_delete_collation, delete_collation },
{ dfw_delete_exception, delete_exception },
- { dfw_create_generator, create_generator },
+ { dfw_set_generator, set_generator },
{ dfw_delete_generator, delete_generator },
- { dfw_modify_generator, modify_generator },
{ dfw_create_function, create_function },
{ dfw_delete_function, delete_function },
{ dfw_modify_function, modify_function },
@@ -2102,23 +2099,6 @@
}
-static void check_system_generator(const TEXT* gen_name, const dfw_t action)
-{
- // CVC: Replace this with a call to SCL when we have ACL's for gens.
- for (const gen* generator = generators; generator->gen_name; generator++)
- {
- if (!strcmp(generator->gen_name, gen_name)) // did we find a sys gen?
- {
- ERR_post(Arg::Gds(isc_no_meta_update) <<
- Arg::Gds(action == dfw_delete_generator ? isc_no_delete : isc_no_update) <<
- // Msg353: can not delete Msg520: can not update
- Arg::Gds(isc_generator_name) << Arg::Str(gen_name) <<
- Arg::Gds(isc_random) << Arg::Str("This is a system generator."));
- }
- }
-}
-
-
static bool formatsAreEqual(const Format* old_format, const Format* new_format)
{
/**************************************
@@ -2191,7 +2171,7 @@
FOR(REQUEST_HANDLE handle) X IN RDB$DATABASE
WITH X.RDB$SECURITY_CLASS EQ work->dfw_name.c_str()
{
- tdbb->getAttachment()->att_security_class = s_class;
+ attachment->att_security_class = s_class;
}
END_FOR
}
@@ -2680,7 +2660,7 @@
relation->rel_owner_name != partner_relation->rel_owner_name)
{
SCL_check_index(tdbb, partner_relation->rel_name,
- idx.idx_id + 1, SCL_sql_references);
+ idx.idx_id + 1, SCL_references);
}
*/
}
@@ -3123,19 +3103,19 @@
}
-static bool create_generator(thread_db* tdbb,
- SSHORT phase,
- DeferredWork* work,
- jrd_tra* transaction)
+static bool set_generator(thread_db* tdbb,
+ SSHORT phase,
+ DeferredWork* work,
+ jrd_tra* transaction)
{
/**************************************
*
- * c r e a t e _ g e n e r a t o r
+ * s e t _ g e n e r a t o r
*
**************************************
*
* Functional description
- * Initialize the generator after creation.
+ * Set the generator to the given value.
*
**************************************/
SET_TDBB(tdbb);
@@ -3186,7 +3166,6 @@
switch (phase)
{
case 1:
- check_system_generator(gen_name, dfw_delete_generator);
check_dependencies(tdbb, gen_name, NULL, NULL, obj_generator, transaction);
break;
}
@@ -3195,41 +3174,6 @@
}
-static bool modify_generator(thread_db* tdbb, SSHORT phase, DeferredWork* work, jrd_tra*)
-{
-/**************************************
- *
- * m o d i f y _ g e n e r a t o r
- *
- **************************************
- *
- * Functional description
- * Check if it is allowable to modify
- * a generator's information in rdb$generators.
- * CVC: For now, the function always forbids this operation.
- * This has nothing to do with gen_id or set generator.
- *
- **************************************/
-
- SET_TDBB(tdbb);
- const char* gen_name = work->dfw_name.c_str();
-
- switch (phase)
- {
- case 1:
- check_system_generator(gen_name, dfw_modify_generator);
- if (work->dfw_id) // != 0 means not only the desc was changed.
- ERR_post(Arg::Gds(isc_no_meta_update) <<
- Arg::Gds(isc_generator_name) << Arg::Str(gen_name) <<
- Arg::Gds(isc_random) << Arg::Str("Only can modify description for user generators."));
- break;
- }
-
- return false;
-
-}
-
-
static bool create_field(thread_db* tdbb, SSHORT phase, DeferredWork* work, jrd_tra* transaction)
{
/**************************************
Modified: firebird/trunk/src/jrd/dyn.h
===================================================================
--- firebird/trunk/src/jrd/dyn.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/dyn.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -31,8 +31,8 @@
#include "../common/dsc.h"
const char* const ALL_PRIVILEGES = "SIUDR"; // all applicable grant/revoke privileges
-const char* const EXEC_PRIVILEGES = "X"; // execute privilege for procedures, functions and packages
-const char* const USAGE_PRIVILEGES = "S"; // usage privilege, currently equal to the select one
+const char* const EXEC_PRIVILEGES = "X"; // execute privilege
+const char* const USAGE_PRIVILEGES = "G"; // usage privilege
const int DYN_MSG_FAC = 8;
Modified: firebird/trunk/src/jrd/filters.cpp
===================================================================
--- firebird/trunk/src/jrd/filters.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/filters.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -80,9 +80,24 @@
const char* const WILD_CARD_UIC = "(*.*)";
// TXNN: Used on filter of internal data structure to text
-static const TEXT acl_privs[] = "?CGDRWPIEUTX??";
+static const TEXT* acl_privs[priv_max] =
+{
+ "?",
+ "control",
+ "grant",
+ "drop",
+ "select",
+ "write",
+ "alter",
+ "insert",
+ "delete",
+ "update",
+ "references",
+ "execute",
+ "usage"
+};
-static const TEXT acl_ids[][16] =
+static const TEXT* acl_ids[id_max] =
{
"?: ",
"group: ",
@@ -95,7 +110,9 @@
"all views",
"trigger: ",
"procedure: ",
- "role: "
+ "role: ",
+ "package: ",
+ "function: "
};
// TXNN: Used on filter of internal data structure to text
@@ -188,8 +205,19 @@
sprintf(out, "privileges: (");
while (*out)
++out;
- while (c = *p++)
- *out++ = acl_privs[c];
+ if ((c = *p++) != 0)
+ {
+ sprintf(out, "%s", acl_privs[c]);
+ while (*out)
+ ++out;
+
+ while ((c = *p++) != 0)
+ {
+ sprintf(out, ", %s", acl_privs[c]);
+ while (*out)
+ ++out;
+ }
+ }
*out++ = ')';
*out = 0;
string_put(control, line);
Modified: firebird/trunk/src/jrd/grant.epp
===================================================================
--- firebird/trunk/src/jrd/grant.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/grant.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -58,7 +58,7 @@
// privileges given to the owner of a relation
-const SecurityClass::flags_t OWNER_PRIVS = SCL_control | SCL_read | SCL_write | SCL_delete | SCL_protect;
+const SecurityClass::flags_t OWNER_PRIVS = SCL_control | SCL_drop | SCL_alter;
inline void CHECK_AND_MOVE(Acl& to, UCHAR from)
{
@@ -118,11 +118,30 @@
SecurityClass::flags_t priv = OWNER_PRIVS;
- if (id == obj_procedure ||
- id == obj_udf ||
- id == obj_package_header)
+ switch (id)
{
- priv |= SCL_execute;
+ case obj_relation:
+ priv |= SCL_references;
+ case obj_view:
+ priv |= SCL_select | SCL_insert | SCL_update | SCL_delete;
+ break;
+
+ case obj_procedure:
+ case obj_udf:
+ case obj_package_header:
+ priv |= SCL_execute;
+ break;
+
+ case obj_field:
+ case obj_exception:
+ case obj_generator:
+ case obj_charset:
+ case obj_collation:
+ priv |= SCL_usage;
+ break;
+
+ default:
+ break;
}
grant_user(acl, owner, obj_user, priv);
@@ -843,23 +862,26 @@
switch (UPPER7(privileges[0]))
{
case 'S':
- priv |= SCL_read;
+ priv |= SCL_select;
break;
case 'I':
- priv |= SCL_sql_insert;
+ priv |= SCL_insert;
break;
case 'U':
- priv |= SCL_sql_update;
+ priv |= SCL_update;
break;
case 'D':
- priv |= SCL_sql_delete;
+ priv |= SCL_delete;
break;
case 'R':
- priv |= SCL_sql_references;
+ priv |= SCL_references;
break;
case 'X':
priv |= SCL_execute;
break;
+ case 'G':
+ priv |= SCL_usage;
+ break;
}
return priv;
@@ -993,46 +1015,51 @@
privilege |= SCL_control;
break;
- case priv_read:
- privilege |= SCL_read;
+ case priv_select:
+ privilege |= SCL_select;
break;
- case priv_write:
- privilege |= SCL_write;
+ case priv_insert:
+ privilege |= SCL_insert;
break;
- case priv_sql_insert:
- privilege |= SCL_sql_insert;
+ case priv_delete:
+ privilege |= SCL_delete;
break;
- case priv_sql_delete:
- privilege |= SCL_sql_delete;
+ case priv_references:
+ privilege |= SCL_references;
break;
- case priv_sql_references:
- privilege |= SCL_sql_references;
+ case priv_update:
+ privilege |= SCL_update;
break;
- case priv_sql_update:
- privilege |= SCL_sql_update;
+ case priv_drop:
+ privilege |= SCL_drop;
break;
- case priv_delete:
- privilege |= SCL_delete;
+ case priv_alter:
+ privilege |= SCL_alter;
break;
- case priv_grant:
- privilege |= SCL_grant;
+ case priv_execute:
+ privilege |= SCL_execute;
break;
- case priv_protect:
- privilege |= SCL_protect;
+ case priv_usage:
+ privilege |= SCL_usage;
break;
- case priv_execute:
- privilege |= SCL_execute;
+ case priv_write:
+ // unused, but supported for backward compatibility
+ privilege |= SCL_insert | SCL_update | SCL_delete;
break;
+ case priv_grant:
+ // unused
+ break;
+
default:
BUGCHECK(293); // bad ACL
}
Modified: firebird/trunk/src/jrd/idx.cpp
===================================================================
--- firebird/trunk/src/jrd/idx.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/idx.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -150,11 +150,11 @@
CMP_post_access(tdbb, csb,
referenced_relation->rel_security_name,
(view ? view->rel_id : 0),
- SCL_sql_references, SCL_object_table,
+ SCL_references, SCL_object_table,
referenced_relation->rel_name);
CMP_post_access(tdbb, csb,
referenced_field->fld_security_name, 0,
- SCL_sql_references, SCL_object_column,
+ SCL_references, SCL_object_column,
referenced_field->fld_name, referenced_relation->rel_name);
}
Modified: firebird/trunk/src/jrd/ini.epp
===================================================================
--- firebird/trunk/src/jrd/ini.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/ini.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -73,7 +73,7 @@
static void add_security_to_sys_obj(thread_db*, const MetaName&, USHORT, const MetaName&,
USHORT = 0, const UCHAR* = NULL);
static void add_security_to_sys_rel(thread_db*, const MetaName&,
- const TEXT*, const USHORT, const UCHAR*, const bool);
+ const TEXT*, const USHORT, const UCHAR*);
static void store_generator(thread_db*, const gen*, AutoRequest&, const MetaName&);
static void store_global_field(thread_db*, const gfld*, AutoRequest&, const MetaName&);
static void store_intlnames(thread_db*, const MetaName&);
@@ -436,31 +436,39 @@
DFW_perform_system_work(tdbb);
+ const size_t ownerNameLength = ownerName.length();
+ fb_assert(ownerNameLength <= MAX_UCHAR);
+
// Add security for the non-relation system metadata objects
+ const UCHAR NON_REL_OWNER_ACL[] =
+ {ACL_priv_list, priv_control, priv_alter, priv_drop, priv_usage, ACL_end};
+
+ const UCHAR NON_REL_PUBLIC_ACL[] =
+ {ACL_priv_list, priv_usage, ACL_end};
+
UCHAR buffer[FB_MAX_ACL_SIZE];
UCHAR* acl = buffer;
*acl++ = ACL_version;
*acl++ = ACL_id_list;
*acl++ = id_person;
- USHORT length = ownerName.length();
- fb_assert(length <= MAX_UCHAR);
- *acl++ = (UCHAR) length;
- memcpy(acl, ownerName.c_str(), length);
- acl += length;
+ *acl++ = (UCHAR) ownerNameLength;
+ memcpy(acl, ownerName.c_str(), ownerNameLength);
+ acl += ownerNameLength;
*acl++ = ACL_end;
- *acl++ = ACL_priv_list;
- *acl++ = priv_protect;
- *acl++ = priv_control;
- *acl++ = priv_delete;
- *acl++ = priv_write;
- *acl++ = priv_read;
+
+ memcpy(acl, NON_REL_OWNER_ACL, sizeof(NON_REL_OWNER_ACL));
+ acl += sizeof(NON_REL_OWNER_ACL);
+
+ *acl++ = ACL_id_list;
*acl++ = ACL_end;
- *acl++ = ACL_end;
- length = acl - buffer;
+ memcpy(acl, NON_REL_PUBLIC_ACL, sizeof(NON_REL_PUBLIC_ACL));
+ acl += sizeof(NON_REL_PUBLIC_ACL);
+ USHORT length = acl - buffer;
+
for (const gfld* gfield = gfields; gfield->gfld_name; gfield++)
{
add_security_to_sys_obj(tdbb, ownerName, obj_field,
@@ -487,22 +495,40 @@
add_security_to_sys_obj(tdbb, ownerName, obj_collation, collation->name, length, buffer);
}
- // Add security on RDB$ROLES system table
+ // Add security on system tables
- acl--; // go before the last ACL_end, it's to be overwritten
+ const UCHAR REL_OWNER_ACL[] =
+ {ACL_priv_list, priv_control, priv_alter, priv_drop,
+ priv_select, priv_insert, priv_update, priv_delete, ACL_end};
+ const UCHAR REL_PUBLIC_ACL[] =
+ {ACL_priv_list, priv_select, ACL_end};
+
+ acl = buffer;
+ *acl++ = ACL_version;
*acl++ = ACL_id_list;
+ *acl++ = id_person;
+
+ *acl++ = (UCHAR) ownerNameLength;
+ memcpy(acl, ownerName.c_str(), ownerNameLength);
+ acl += ownerNameLength;
+
*acl++ = ACL_end;
- *acl++ = ACL_priv_list;
- *acl++ = priv_read;
+
+ memcpy(acl, REL_OWNER_ACL, sizeof(REL_OWNER_ACL));
+ acl += sizeof(REL_OWNER_ACL);
+
+ *acl++ = ACL_id_list;
*acl++ = ACL_end;
- *acl++ = ACL_end;
+ memcpy(acl, REL_PUBLIC_ACL, sizeof(REL_PUBLIC_ACL));
+ acl += sizeof(REL_PUBLIC_ACL);
+
length = acl - buffer;
- add_security_to_sys_rel(tdbb, ownerName, "RDB$ROLES", length, buffer, true);
- add_security_to_sys_rel(tdbb, ownerName, "RDB$PAGES", length, buffer, true);
+ add_security_to_sys_rel(tdbb, ownerName, "RDB$ROLES", length, buffer);
+ add_security_to_sys_rel(tdbb, ownerName, "RDB$PAGES", length, buffer);
// DFW writes here
- add_security_to_sys_rel(tdbb, ownerName, "RDB$FORMATS", length, buffer, true);
+ add_security_to_sys_rel(tdbb, ownerName, "RDB$FORMATS", length, buffer);
}
@@ -918,8 +944,7 @@
const Firebird::MetaName& user_name,
const TEXT* rel_name,
const USHORT acl_length,
- const UCHAR* acl,
- const bool pub_select)
+ const UCHAR* acl)
{
/**************************************
*
@@ -991,7 +1016,7 @@
handle1.reset();
- for (int cnt = 0; cnt < (pub_select ? 6 : 5); cnt++)
+ for (int cnt = 0; cnt < 6; cnt++)
{
STORE(REQUEST_HANDLE handle1) PRIV IN RDB$USER_PRIVILEGES
switch (cnt)
Modified: firebird/trunk/src/jrd/irq.h
===================================================================
--- firebird/trunk/src/jrd/irq.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/irq.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -66,7 +66,8 @@
irq_s_deps, // store RDB$DEPENDENCIES
irq_d_deps, // delete RDB$DEPENDENCIES
irq_r_fld_dim, // read RDB$FIELD_DIMENSIONS
- irq_r_gen_id, // read RDB$GENERATORS, lookup by name.
+ irq_l_gen_id, // lookup generator
+ irq_r_gen_id, // read generator
irq_ch_f_dpd, // check object field dependencies
irq_ch_dpd, // check object dependencies
irq_ch_cmp_dpd, // check computed field dependencies
Modified: firebird/trunk/src/jrd/met.epp
===================================================================
--- firebird/trunk/src/jrd/met.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/met.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -1882,16 +1882,16 @@
}
-SLONG MET_lookup_exception_number(thread_db* tdbb, const MetaName& name)
+bool MET_load_exception(thread_db* tdbb, ExceptionItem& item)
{
/**************************************
*
- * M E T _ l o o k u p _ e x c e p t i o n _ n u m b e r
+ * M E T _ l o a d _ e x c e p t i o n
*
**************************************
*
* Functional description
- * Lookup exception by name and return its number.
+ * Lookup exception by name and fill the passed instance.
*
**************************************/
SET_TDBB(tdbb);
@@ -1901,16 +1901,18 @@
AutoCacheRequest request(tdbb, irq_l_except_no, IRQ_REQUESTS);
- SLONG number = 0;
-
FOR(REQUEST_HANDLE request)
- X IN RDB$EXCEPTIONS WITH X.RDB$EXCEPTION_NAME = name.c_str()
+ X IN RDB$EXCEPTIONS WITH X.RDB$EXCEPTION_NAME = item.name.c_str()
{
- number = X.RDB$EXCEPTION_NUMBER;
+ item.type = ExceptionItem::XCP_CODE;
+ item.code = X.RDB$EXCEPTION_NUMBER;
+ item.secName = X.RDB$SECURITY_CLASS;
+
+ return true;
}
END_FOR
- return number;
+ return false;
}
@@ -2021,17 +2023,51 @@
}
-SLONG MET_lookup_generator(thread_db* tdbb, const Firebird::MetaName& name)
+bool MET_load_generator(thread_db* tdbb, GeneratorItem& item)
{
/**************************************
*
+ * M E T _ l o a d _ g e n e r a t o r
+ *
+ **************************************
+ *
+ * Functional description
+ * Lookup generator ID by its name and load its metadata into the passed object.
+ *
+ **************************************/
+ SET_TDBB(tdbb);
+ Jrd::Attachment* attachment = tdbb->getAttachment();
+
+ if (item.name == "RDB$GENERATORS")
+ {
+ item.id = 0;
+ return true;
+ }
+
+ AutoCacheRequest request(tdbb, irq_r_gen_id, IRQ_REQUESTS);
+
+ FOR(REQUEST_HANDLE request)
+ X IN RDB$GENERATORS WITH X.RDB$GENERATOR_NAME EQ item.name.c_str()
+ {
+ item.id = X.RDB$GENERATOR_ID;
+ item.secName = X.RDB$SECURITY_CLASS;
+ return true;
+ }
+ END_FOR
+
+ return false;
+}
+
+SLONG MET_lookup_generator(thread_db* tdbb, const MetaName& name)
+{
+/**************************************
+ *
* M E T _ l o o k u p _ g e n e r a t o r
*
**************************************
*
* Functional description
* Lookup generator ID by its name.
- * If the name is not found, return -1.
*
**************************************/
SET_TDBB(tdbb);
@@ -2040,21 +2076,19 @@
if (name == "RDB$GENERATORS")
return 0;
- SLONG gen_id = -1;
+ AutoCacheRequest request(tdbb, irq_l_gen_id, IRQ_REQUESTS);
- AutoCacheRequest request(tdbb, irq_r_gen_id, IRQ_REQUESTS);
-
FOR(REQUEST_HANDLE request)
X IN RDB$GENERATORS WITH X.RDB$GENERATOR_NAME EQ name.c_str()
{
- gen_id = X.RDB$GENERATOR_ID;
+ return X.RDB$GENERATOR_ID;
}
END_FOR
- return gen_id;
+ return -1;
}
-void MET_lookup_generator_id (thread_db* tdbb, SLONG gen_id, MetaName& name)
+void MET_lookup_generator_id(thread_db* tdbb, SLONG gen_id, MetaName& name)
{
/**************************************
*
Modified: firebird/trunk/src/jrd/met_proto.h
===================================================================
--- firebird/trunk/src/jrd/met_proto.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/met_proto.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -44,6 +44,7 @@
class Shadow;
class DeferredWork;
struct FieldInfo;
+ class ExceptionItem;
}
struct SubtypeInfo
@@ -83,13 +84,14 @@
void MET_get_shadow_files(Jrd::thread_db*, bool);
void MET_load_db_triggers(Jrd::thread_db*, int);
void MET_load_ddl_triggers(Jrd::thread_db* tdbb);
+bool MET_load_exception(Jrd::thread_db*, Jrd::ExceptionItem&);
void MET_load_trigger(Jrd::thread_db*, Jrd::jrd_rel*, const Firebird::MetaName&, Jrd::trig_vec**);
void MET_lookup_cnstrt_for_index(Jrd::thread_db*, Firebird::MetaName& constraint, const Firebird::MetaName& index_name);
void MET_lookup_cnstrt_for_trigger(Jrd::thread_db*, Firebird::MetaName&, Firebird::MetaName&, const Firebird::MetaName&);
void MET_lookup_exception(Jrd::thread_db*, SLONG, /* OUT */ Firebird::MetaName&, /* OUT */ Firebird::string*);
-SLONG MET_lookup_exception_number(Jrd::thread_db*, const Firebird::MetaName&);
int MET_lookup_field(Jrd::thread_db*, Jrd::jrd_rel*, const Firebird::MetaName&);
Jrd::BlobFilter* MET_lookup_filter(Jrd::thread_db*, SSHORT, SSHORT);
+bool MET_load_generator(Jrd::thread_db*, Jrd::GeneratorItem&);
SLONG MET_lookup_generator(Jrd::thread_db*, const Firebird::MetaName&);
void MET_lookup_generator_id(Jrd::thread_db*, SLONG, Firebird::MetaName&);
void MET_lookup_index(Jrd::thread_db*, Firebird::MetaName&, const Firebird::MetaName&, USHORT);
Modified: firebird/trunk/src/jrd/opt.cpp
===================================================================
--- firebird/trunk/src/jrd/opt.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/opt.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -835,7 +835,7 @@
{
CMP_post_access(tdbb, csb, r->csb_relation->rel_security_name,
r->csb_view ? r->csb_view->rel_id : 0,
- SCL_sql_update, SCL_object_table, r->csb_relation->rel_name);
+ SCL_update, SCL_object_table, r->csb_relation->rel_name);
}
}
}
Modified: firebird/trunk/src/jrd/scl.epp
===================================================================
--- firebird/trunk/src/jrd/scl.epp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/scl.epp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -85,17 +85,16 @@
const P_NAMES p_names[] =
{
- { SCL_protect, priv_protect, "protect" },
- { SCL_control, priv_control, "control" },
- { SCL_delete, priv_delete, "delete" },
- { SCL_sql_insert, priv_sql_insert, "insert/write" },
- { SCL_sql_update, priv_sql_update, "update/write" },
- { SCL_sql_delete, priv_sql_delete, "delete/write" },
- { SCL_write, priv_write, "write" },
- { SCL_read, priv_read, "read/select" },
- { SCL_grant, priv_grant, "grant" },
- { SCL_sql_references, priv_sql_references, "references" },
- { SCL_execute, priv_execute, "execute" },
+ { SCL_alter, priv_alter, "ALTER" },
+ { SCL_control, priv_control, "CONTROL" },
+ { SCL_drop, priv_drop, "DROP" },
+ { SCL_insert, priv_insert, "INSERT" },
+ { SCL_update, priv_update, "UPDATE" },
+ { SCL_delete, priv_delete, "DELETE" },
+ { SCL_select, priv_select, "SELECT" },
+ { SCL_references, priv_references, "REFERENCES" },
+ { SCL_execute, priv_execute, "EXECUTE" },
+ { SCL_usage, priv_usage, "USAGE" },
{ 0, 0, "" }
};
@@ -200,7 +199,7 @@
// Allow the database owner to back up a database even if he does not have
// read access to all the tables in the database
- if ((attachment.att_flags & ATT_gbak_attachment) && (mask & SCL_read))
+ if ((attachment.att_flags & ATT_gbak_attachment) && (mask & SCL_select))
{
return;
}
@@ -291,7 +290,7 @@
}
END_FOR
- SCL_check_access(tdbb, s_class, 0, id_charset, name, mask, SCL_object_charset, name);
+ SCL_check_access(tdbb, s_class, 0, 0, name, mask, SCL_object_charset, name);
}
@@ -322,7 +321,7 @@
}
END_FOR
- SCL_check_access(tdbb, s_class, 0, id_collation, name, mask, SCL_object_collation, name);
+ SCL_check_access(tdbb, s_class, 0, 0, name, mask, SCL_object_collation, name);
}
@@ -353,7 +352,7 @@
}
END_FOR
- SCL_check_access(tdbb, s_class, 0, id_domain, name, mask, SCL_object_domain, name);
+ SCL_check_access(tdbb, s_class, 0, 0, name, mask, SCL_object_domain, name);
}
@@ -384,7 +383,7 @@
}
END_FOR
- SCL_check_access(tdbb, s_class, 0, id_exception, name, mask, SCL_object_exception, name);
+ SCL_check_access(tdbb, s_class, 0, 0, name, mask, SCL_object_exception, name);
}
@@ -415,7 +414,7 @@
}
END_FOR
- SCL_check_access(tdbb, s_class, 0, id_generator, name, mask, SCL_object_generator, name);
+ SCL_check_access(tdbb, s_class, 0, 0, name, mask, SCL_object_generator, name);
}
@@ -789,10 +788,10 @@
}
}
- return access & (SCL_read | SCL_write | SCL_delete | SCL_control |
- SCL_grant | SCL_sql_insert | SCL_sql_update |
- SCL_sql_delete | SCL_protect | SCL_sql_references |
- SCL_execute);
+ return access & (SCL_select | SCL_drop | SCL_control |
+ SCL_insert | SCL_update |
+ SCL_delete | SCL_alter | SCL_references |
+ SCL_execute | SCL_usage);
}
@@ -1167,7 +1166,7 @@
Jrd::Attachment* const attachment = tdbb->getAttachment();
jrd_tra* sysTransaction = attachment->getSysTransaction();
- SecurityClass::flags_t privileges = SCL_scanned;
+ SecurityClass::flags_t privileges = 0;
AutoCacheRequest request(tdbb, irq_l_security, IRQ_REQUESTS);
@@ -1375,49 +1374,54 @@
privilege |= SCL_control;
break;
- case priv_read:
- // Note that READ access must imply REFERENCES
+ case priv_select:
+ // Note that SELECT access must imply REFERENCES
// access for upward compatibility of existing
// security classes
- privilege |= SCL_read | SCL_sql_references;
+ privilege |= SCL_select | SCL_references;
break;
- case priv_write:
- privilege |= SCL_write | SCL_sql_insert | SCL_sql_update | SCL_sql_delete;
+ case priv_insert:
+ privilege |= SCL_insert;
break;
- case priv_sql_insert:
- privilege |= SCL_sql_insert;
+ case priv_delete:
+ privilege |= SCL_delete;
break;
- case priv_sql_delete:
- privilege |= SCL_sql_delete;
+ case priv_references:
+ privilege |= SCL_references;
break;
- case priv_sql_references:
- privilege |= SCL_sql_references;
+ case priv_update:
+ privilege |= SCL_update;
break;
- case priv_sql_update:
- privilege |= SCL_sql_update;
+ case priv_drop:
+ privilege |= SCL_drop;
break;
- case priv_delete:
- privilege |= SCL_delete;
+ case priv_alter:
+ privilege |= SCL_alter;
break;
- case priv_grant:
- privilege |= SCL_grant;
+ case priv_execute:
+ privilege |= SCL_execute;
break;
- case priv_protect:
- privilege |= SCL_protect;
+ case priv_usage:
+ privilege |= SCL_usage;
break;
- case priv_execute:
- privilege |= SCL_execute;
+ case priv_write:
+ // unused, but supported for backward compatibility
+ privilege |= SCL_insert | SCL_update | SCL_delete;
break;
+ case priv_grant:
+ // unused
+ break;
+
default:
return SCL_corrupt;
}
Modified: firebird/trunk/src/jrd/scl.h
===================================================================
--- firebird/trunk/src/jrd/scl.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/scl.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -60,20 +60,18 @@
> SecurityClassList;
-const SecurityClass::flags_t SCL_read = 1; // Read access
-const SecurityClass::flags_t SCL_write = 2; // Write access
-const SecurityClass::flags_t SCL_delete = 4; // Delete access
-const SecurityClass::flags_t SCL_control = 8; // Control access
-const SecurityClass::flags_t SCL_grant = 16; // Grant privileges
-const SecurityClass::flags_t SCL_exists = 32; // At least ACL exists
-const SecurityClass::flags_t SCL_scanned = 64; // But we did look
-const SecurityClass::flags_t SCL_protect = 128; // Change protection
-const SecurityClass::flags_t SCL_corrupt = 256; // ACL does look too good
-const SecurityClass::flags_t SCL_sql_insert = 512;
-const SecurityClass::flags_t SCL_sql_delete = 1024;
-const SecurityClass::flags_t SCL_sql_update = 2048;
-const SecurityClass::flags_t SCL_sql_references = 4096;
-const SecurityClass::flags_t SCL_execute = 8192;
+const SecurityClass::flags_t SCL_select = 1; // SELECT access
+const SecurityClass::flags_t SCL_drop = 2; // DROP access
+const SecurityClass::flags_t SCL_control = 4; // Control access
+const SecurityClass::flags_t SCL_exists = 8; // At least ACL exists
+const SecurityClass::flags_t SCL_alter = 16; // ALTER access
+const SecurityClass::flags_t SCL_corrupt = 32; // ACL does look too good
+const SecurityClass::flags_t SCL_insert = 64; // INSERT access
+const SecurityClass::flags_t SCL_delete = 128; // DELETE access
+const SecurityClass::flags_t SCL_update = 256; // UPDATE access
+const SecurityClass::flags_t SCL_references = 512; // REFERENCES access
+const SecurityClass::flags_t SCL_execute = 1024; // EXECUTE access
+const SecurityClass::flags_t SCL_usage = 2048; // USAGE access
Modified: firebird/trunk/src/jrd/tra.h
===================================================================
--- firebird/trunk/src/jrd/tra.h 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/tra.h 2013-03-07 13:59:03 UTC (rev 57743)
@@ -480,7 +480,6 @@
dfw_delete_exception,
//dfw_unlink_file,
dfw_delete_generator,
- dfw_modify_generator,
dfw_create_function,
dfw_modify_function,
dfw_delete_function,
@@ -493,7 +492,7 @@
dfw_drop_package_body,
dfw_check_not_null,
dfw_store_view_context_type,
- dfw_create_generator,
+ dfw_set_generator,
// deferred works argument types
dfw_arg_index_name, // index name for dfw_delete_expression_index, mandatory
Modified: firebird/trunk/src/jrd/vio.cpp
===================================================================
--- firebird/trunk/src/jrd/vio.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/jrd/vio.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -98,7 +98,6 @@
using namespace Firebird;
static void check_class(thread_db*, jrd_tra*, record_param*, record_param*, USHORT);
-static void check_control(thread_db*);
static bool check_user(thread_db*, const dsc*);
static int check_precommitted(const jrd_tra*, const record_param*);
static void check_rel_field_class(thread_db*, record_param*, SecurityClass::flags_t, jrd_tra*);
@@ -1316,7 +1315,7 @@
case rel_relations:
if (EVL_field(0, rpb->rpb_record, f_rel_name, &desc))
{
- SCL_check_relation(tdbb, &desc, SCL_delete);
+ SCL_check_relation(tdbb, &desc, SCL_drop);
}
if (EVL_field(0, rpb->rpb_record, f_rel_id, &desc2))
{
@@ -1334,7 +1333,7 @@
case rel_packages:
if (EVL_field(0, rpb->rpb_record, f_pkg_name, &desc))
- SCL_check_package(tdbb, &desc, SCL_delete);
+ SCL_check_package(tdbb, &desc, SCL_drop);
break;
case rel_procedures:
@@ -1344,11 +1343,11 @@
if (EVL_field(0, rpb->rpb_record, f_prc_pkg_name, &desc2))
{
MOV_get_metaname(&desc2, package_name);
- SCL_check_package(tdbb, &desc2, SCL_delete);
+ SCL_check_package(tdbb, &desc2, SCL_drop);
}
if (EVL_field(0, rpb->rpb_record, f_prc_name, &desc) && package_name.isEmpty())
- SCL_check_procedure(tdbb, &desc, SCL_delete);
+ SCL_check_procedure(tdbb, &desc, SCL_drop);
DFW_post_work(transaction, dfw_delete_procedure, &desc, id, package_name);
MET_lookup_procedure_id(tdbb, id, false, true, 0);
@@ -1357,7 +1356,7 @@
case rel_charsets:
EVL_field(0, rpb->rpb_record, f_cs_cs_name, &desc);
MOV_get_metaname(&desc, object_name);
- SCL_check_charset(tdbb, object_name, SCL_delete);
+ SCL_check_charset(tdbb, object_name, SCL_drop);
break;
case rel_collations:
@@ -1369,21 +1368,21 @@
EVL_field(0, rpb->rpb_record, f_coll_name, &desc);
MOV_get_metaname(&desc, object_name);
- SCL_check_collation(tdbb, object_name, SCL_delete);
+ SCL_check_collation(tdbb, object_name, SCL_drop);
DFW_post_work(transaction, dfw_delete_collation, &desc, id);
break;
case rel_exceptions:
EVL_field(0, rpb->rpb_record, f_xcp_name, &desc);
MOV_get_metaname(&desc, object_name);
- SCL_check_exception(tdbb, object_name, SCL_delete);
+ SCL_check_exception(tdbb, object_name, SCL_drop);
DFW_post_work(transaction, dfw_delete_exception, &desc, 0);
break;
case rel_gens:
EVL_field(0, rpb->rpb_record, f_gen_name, &desc);
MOV_get_metaname(&desc, object_name);
- SCL_check_generator(tdbb, object_name, SCL_delete);
+ SCL_check_generator(tdbb, object_name, SCL_drop);
DFW_post_work(transaction, dfw_delete_generator, &desc, 0);
break;
@@ -1393,11 +1392,11 @@
if (EVL_field(0, rpb->rpb_record, f_fun_pkg_name, &desc2))
{
MOV_get_metaname(&desc2, package_name);
- SCL_check_package(tdbb, &desc2, SCL_delete);
+ SCL_check_package(tdbb, &desc2, SCL_drop);
}
else
{
- SCL_check_function(tdbb, &desc, SCL_delete);
+ SCL_check_function(tdbb, &desc, SCL_drop);
}
EVL_field(0, rpb->rpb_record, f_fun_id, &desc2);
@@ -1523,7 +1522,7 @@
case rel_fields:
EVL_field(0, rpb->rpb_record, f_fld_name, &desc);
MOV_get_metaname(&desc, object_name);
- SCL_check_domain(tdbb, object_name, SCL_delete);
+ SCL_check_domain(tdbb, object_name, SCL_drop);
DFW_post_work(transaction, dfw_delete_field, &desc, 0);
MET_change_fields(tdbb, transaction, &desc);
break;
@@ -2385,14 +2384,14 @@
case rel_relations:
EVL_field(0, org_rpb->rpb_record, f_rel_name, &desc1);
- SCL_check_relation(tdbb, &desc1, SCL_protect);
+ SCL_check_relation(tdbb, &desc1, SCL_alter);
check_class(tdbb, transaction, org_rpb, new_rpb, f_rel_class);
DFW_post_work(transaction, dfw_update_format, &desc1, 0);
break;
case rel_packages:
if (EVL_field(0, org_rpb->rpb_record, f_pkg_name, &desc1))
- SCL_check_package(tdbb, &desc1, SCL_protect);
+ SCL_check_package(tdbb, &desc1, SCL_alter);
check_class(tdbb, transaction, org_rpb, new_rpb, f_pkg_class);
break;
@@ -2402,11 +2401,11 @@
if (EVL_field(0, org_rpb->rpb_record, f_prc_pkg_name, &desc2))
{
MOV_get_metaname(&desc2, package_name);
- SCL_check_package(tdbb, &desc2, SCL_protect);
+ SCL_check_package(tdbb, &desc2, SCL_alter);
}
else
{
- SCL_check_procedure(tdbb, &desc1, SCL_protect);
+ SCL_check_procedure(tdbb, &desc1, SCL_alter);
}
check_class(tdbb, transaction, org_rpb, new_rpb, f_prc_class);
@@ -2425,11 +2424,11 @@
if (EVL_field(0, org_rpb->rpb_record, f_fun_pkg_name, &desc2))
{
MOV_get_metaname(&desc2, package_name);
- SCL_check_package(tdbb, &desc2, SCL_protect);
+ SCL_check_package(tdbb, &desc2, SCL_alter);
}
else
{
- SCL_check_function(tdbb, &desc1, SCL_protect);
+ SCL_check_function(tdbb, &desc1, SCL_alter);
}
check_class(tdbb, transaction, org_rpb, new_rpb, f_fun_class);
@@ -2445,14 +2444,7 @@
case rel_gens:
EVL_field(0, org_rpb->rpb_record, f_gen_name, &desc1);
MOV_get_metaname(&desc1, object_name);
- SCL_check_generator(tdbb, object_name, SCL_protect);
- {
- // We won't accept modifying sys generators and for user gens,
- // only the description.
- // This is poor man's version of a trigger discovering changed fields.
- bool important_change = dfw_should_know(org_rpb, new_rpb, f_gen_desc);
- DFW_post_work(transaction, dfw_modify_generator, &desc1, (USHORT) important_change);
- }
+ SCL_check_generator(tdbb, object_name, SCL_alter);
break;
case rel_rfr:
@@ -2479,7 +2471,7 @@
case rel_fields:
EVL_field(0, org_rpb->rpb_record, f_fld_name, &desc1);
MOV_get_metaname(&desc1, object_name);
- SCL_check_domain(tdbb, object_name, SCL_protect);
+ SCL_check_domain(tdbb, object_name, SCL_alter);
if (dfw_should_know(org_rpb, new_rpb, f_fld_desc, true))
{
@@ -2585,19 +2577,19 @@
case rel_charsets:
EVL_field(0, new_rpb->rpb_record, f_cs_cs_name, &desc1);
MOV_get_metaname(&desc1, object_name);
- SCL_check_charset(tdbb, object_name, SCL_protect);
+ SCL_check_charset(tdbb, object_name, SCL_alter);
break;
case rel_collations:
EVL_field(0, new_rpb->rpb_record, f_coll_name, &desc1);
MOV_get_metaname(&desc1, object_name);
- SCL_check_collation(tdbb, object_name, SCL_protect);
+ SCL_check_collation(tdbb, object_name, SCL_alter);
break;
case rel_exceptions:
EVL_field(0, new_rpb->rpb_record, f_xcp_name, &desc1);
MOV_get_metaname(&desc1, object_name);
- SCL_check_exception(tdbb, object_name, SCL_protect);
+ SCL_check_exception(tdbb, object_name, SCL_alter);
break;
default:
@@ -3020,7 +3012,6 @@
break;
case rel_fields:
- check_control(tdbb);
EVL_field(0, rpb->rpb_record, f_fld_name, &desc);
DFW_post_work(transaction, dfw_create_field, &desc, 0);
set_system_flag(tdbb, rpb->rpb_record, f_fld_sys_flag, 0);
@@ -3112,7 +3103,7 @@
{
const USHORT id = MOV_get_long(&desc2, 0);
transaction->getGenIdCache()->put(id, 0);
- DFW_post_work(transaction, dfw_create_generator, &desc, id);
+ DFW_post_work(transaction, dfw_set_generator, &desc, id);
}
set_security_class(tdbb, rpb->rpb_record, f_gen_class);
break;
@@ -3841,36 +3832,10 @@
if (!MOV_compare(&desc1, &desc2))
return;
- Jrd::Attachment* attachment = tdbb->getAttachment();
-
- SCL_check_access(tdbb, attachment->att_security_class, 0, 0, NULL, SCL_protect,
- SCL_object_database, "");
DFW_post_work(transaction, dfw_compute_security, &desc2, 0);
}
-static void check_control(thread_db* tdbb)
-{
-/**************************************
- *
- * c h e c k _ c o n t r o l
- *
- **************************************
- *
- * Functional description
- * Check to see if we have control
- * privilege on the current database.
- *
- **************************************/
- SET_TDBB(tdbb);
-
- Jrd::Attachment* attachment = tdbb->getAttachment();
-
- SCL_check_access(tdbb, attachment->att_security_class, 0, 0, NULL, SCL_control,
- SCL_object_database, "");
-}
-
-
static bool check_user(thread_db* tdbb, const dsc* desc)
{
/**************************************
Modified: firebird/trunk/src/yvalve/keywords.cpp
===================================================================
--- firebird/trunk/src/yvalve/keywords.cpp 2013-03-07 12:23:14 UTC (rev 57742)
+++ firebird/trunk/src/yvalve/keywords.cpp 2013-03-07 13:59:03 UTC (rev 57743)
@@ -412,6 +412,7 @@
{UPDATE, "UPDATE", 1, false},
{UPDATING, "UPDATING", 2, true},
{KW_UPPER, "UPPER", 1, false},
+ {USAGE, "USAGE", 2, true},
{USER, "USER", 1, false},
{USING, "USING", 2, false},
{UUID_TO_CHAR, "UUID_TO_CHAR", 2, false},
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
