Java Select.checkUserSelectPermissions Examples

Example #1

File: ViewManager.java Project: Orvid/SQLInterfaceCollection

  public Table evaluate() throws DatabaseException {

    DatabaseQueryContext context = new DatabaseQueryContext(database);

    if (type.equals("create")) {
      // Does the user have privs to create this tables?
      if (!database.getDatabase().canUserCreateTableObject(context, user, vname)) {
        throw new UserAccessException("User not permitted to create view: " + view_name);
      }

      // Does the schema exist?
      boolean ignore_case = database.isInCaseInsensitiveMode();
      SchemaDef schema = database.resolveSchemaCase(vname.getSchema(), ignore_case);
      if (schema == null) {
        throw new DatabaseException("Schema '" + vname.getSchema() + "' doesn't exist.");
      } else {
        vname = new TableName(schema.getName(), vname.getName());
      }

      // Check the permissions for this user to select from the tables in the
      // given plan.
      Select.checkUserSelectPermissions(context, user, plan);

      // Does the table already exist?
      if (database.tableExists(vname)) {
        throw new DatabaseException("View or table with name '" + vname + "' already exists.");
      }

      // Before evaluation, make a clone of the plan,
      QueryPlanNode plan_copy;
      try {
        plan_copy = (QueryPlanNode) plan.clone();
      } catch (CloneNotSupportedException e) {
        Debug().writeException(e);
        throw new DatabaseException("Clone error: " + e.getMessage());
      }

      // We have to execute the plan to get the DataTableDef that represents the
      // result of the view execution.
      Table t = plan.evaluate(context);
      DataTableDef data_table_def = new DataTableDef(t.getDataTableDef());
      data_table_def.setTableName(vname);

      // Create a ViewDef object,
      ViewDef view_def = new ViewDef(data_table_def, plan_copy);

      // And create the view object,
      database.createView(query, view_def);

      // The initial grants for a view is to give the user who created it
      // full access.
      database
          .getGrantManager()
          .addGrant(
              Privileges.TABLE_ALL_PRIVS,
              GrantManager.TABLE,
              vname.toString(),
              user.getUserName(),
              true,
              Database.INTERNAL_SECURE_USERNAME);

    } else if (type.equals("drop")) {

      // Does the user have privs to drop this tables?
      if (!database.getDatabase().canUserDropTableObject(context, user, vname)) {
        throw new UserAccessException("User not permitted to drop view: " + view_name);
      }

      // Drop the view object
      database.dropView(vname);

      // Drop the grants for this object
      database.getGrantManager().revokeAllGrantsOnObject(GrantManager.TABLE, vname.toString());

    } else {
      throw new Error("Unknown view command type: " + type);
    }

    return FunctionTable.resultTable(context, 0);
  }