Example #1
0
  @Override
  public AuthorizationProperty generateAuthorizationProperty(Object... arguments) {

    if ((arguments == null) || (arguments.length != 1) || !(arguments[0] instanceof String)) {

      return null;
    }

    String sql = (String) arguments[0];

    Statement statement = null;

    try {
      statement = _jSqlParser.parse(new StringReader(sql));
    } catch (Exception e) {
      _log.error("Unable to parse SQL " + sql);

      return null;
    }

    String key = null;
    String value = null;

    if (statement instanceof CreateIndex) {
      key = "security-manager-sql-tables-index-create";

      CreateIndex createIndex = (CreateIndex) statement;

      Table table = createIndex.getTable();

      value = table.getName();
    } else if (statement instanceof CreateTable) {
      key = "security-manager-sql-tables-create";

      CreateTable createTable = (CreateTable) statement;

      Table table = createTable.getTable();

      value = table.getName();
    } else if (statement instanceof Delete) {
      key = "security-manager-sql-tables-delete";

      TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();

      Delete delete = (Delete) statement;

      List<String> tableNames = tablesNamesFinder.getTableList(delete);

      value = StringUtil.merge(tableNames);
    } else if (statement instanceof Drop) {
      key = "security-manager-sql-tables-drop";

      Drop drop = (Drop) statement;

      value = drop.getName();
    } else if (statement instanceof Insert) {
      key = "security-manager-sql-tables-insert";

      TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();

      Insert insert = (Insert) statement;

      List<String> tableNames = tablesNamesFinder.getTableList(insert);

      value = StringUtil.merge(tableNames);
    } else if (statement instanceof Replace) {
      key = "security-manager-sql-tables-replace";

      TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();

      Replace replace = (Replace) statement;

      List<String> tableNames = tablesNamesFinder.getTableList(replace);

      value = StringUtil.merge(tableNames);
    } else if (statement instanceof Select) {
      key = "security-manager-sql-tables-select";

      TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();

      Select select = (Select) statement;

      List<String> tableNames = tablesNamesFinder.getTableList(select);

      value = StringUtil.merge(tableNames);
    } else if (statement instanceof Truncate) {
      key = "security-manager-sql-tables-truncate";

      Truncate truncate = (Truncate) statement;

      Table table = truncate.getTable();

      value = table.getName();
    } else if (statement instanceof Update) {
      key = "security-manager-sql-tables-update";

      TablesNamesFinder tablesNamesFinder = new TablesNamesFinder();

      Update update = (Update) statement;

      List<String> tableNames = tablesNamesFinder.getTableList(update);

      value = StringUtil.merge(tableNames);
    } else {
      return null;
    }

    AuthorizationProperty authorizationProperty = new AuthorizationProperty();

    authorizationProperty.setKey(key);
    authorizationProperty.setValue(value);

    return authorizationProperty;
  }
Example #2
0
 protected boolean hasSQL(CreateIndex createIndex) {
   return isAllowedTable(createIndex.getTable(), _indexTableNames);
 }