Example #1
0
  /**
   * Retrieves the <code>User</code> objects representing the database users that are visible to the
   * <code>User</code> object represented by the <code>session</code> argument.
   *
   * <p>If the <code>session</code> argument's <code>User</code> object attribute has isAdmin() true
   * (directly or by virtue of a Role), then all of the <code>User</code> objects in this collection
   * are considered visible. Otherwise, only this object's special <code>PUBLIC</code> <code>User
   * </code> object attribute and the session <code>User</code> object, if it exists in this
   * collection, are considered visible.
   *
   * <p>
   *
   * @param session The <code>Session</code> object used to determine visibility
   * @return a list of <code>User</code> objects visible to the <code>User</code> object contained
   *     by the <code>session</code> argument.
   */
  public HsqlArrayList listVisibleUsers(Session session) {

    HsqlArrayList list;
    User user;
    boolean isAdmin;
    String sessionName;
    String userName;

    list = new HsqlArrayList();
    isAdmin = session.isAdmin();
    sessionName = session.getUsername();

    if (userList == null || userList.size() == 0) {
      return list;
    }

    for (int i = 0; i < userList.size(); i++) {
      user = (User) userList.get(i);

      if (user == null) {
        continue;
      }

      userName = user.getName().getNameString();

      if (isAdmin) {
        list.add(user);
      } else if (sessionName.equals(userName)) {
        list.add(user);
      }
    }

    return list;
  }
  /**
   * Determines if the authorizations are adequate to execute the compiled object. Completion
   * requires the list of all database objects in a compiled statement.
   */
  void checkAccessRights(Session session) {

    if (targetTable != null && !targetTable.isTemp()) {
      Grantee owner = targetTable.getOwner();

      if (owner != null && owner.isSystem()) {
        if (!session.getUser().isSystem()) {
          throw Error.error(ErrorCode.X_42501, targetTable.getName().name);
        }
      }

      if (!session.isProcessingScript) {
        targetTable.checkDataReadOnly();
      }

      session.checkReadWrite();
    }

    if (session.isAdmin()) {
      return;
    }

    for (int i = 0; i < sequences.length; i++) {
      session.getGrantee().checkAccess(sequences[i]);
    }

    for (int i = 0; i < routines.length; i++) {
      if (routines[i].isLibraryRoutine()) {
        continue;
      }

      session.getGrantee().checkAccess(routines[i]);
    }

    for (int i = 0; i < rangeVariables.length; i++) {
      RangeVariable range = rangeVariables[i];

      if (range.rangeTable.getSchemaName() == SqlInvariants.SYSTEM_SCHEMA_HSQLNAME) {
        continue;
      }

      session.getGrantee().checkSelect(range.rangeTable, range.usedColumns);
    }

    switch (type) {
      case StatementTypes.CALL:
        {
          break;
        }
      case StatementTypes.INSERT:
        {
          session.getGrantee().checkInsert(targetTable, insertCheckColumns);

          break;
        }
      case StatementTypes.SELECT_CURSOR:
        break;

      case StatementTypes.DELETE_WHERE:
        {
          session.getGrantee().checkDelete(targetTable);

          break;
        }
      case StatementTypes.UPDATE_WHERE:
        {
          session.getGrantee().checkUpdate(targetTable, updateCheckColumns);

          break;
        }
      case StatementTypes.MERGE:
        {
          session.getGrantee().checkInsert(targetTable, insertCheckColumns);
          session.getGrantee().checkUpdate(targetTable, updateCheckColumns);

          break;
        }
    }
  }