public void createFirstUser(String username, String password) {
boolean isQuoted = true;
if (username.equalsIgnoreCase("SA")) {
username = "******";
isQuoted = false;
}
HsqlName name =
granteeManager.database.nameManager.newHsqlName(username, isQuoted, SchemaObject.GRANTEE);
User user = createUser(null, name, password, false);
user.isLocalOnly = true;
granteeManager.grant(name.name, SqlInvariants.DBA_ADMIN_ROLE_NAME, granteeManager.getDBARole());
}
/**
* Attempts to drop a User object with the specified name from this object's set.
*
* <p>A successful drop action consists of:
*
* <p>
*
* <UL>
* <LI>removing the User object with the specified name from the set.
* <LI>revoking all rights from the removed User<br>
* (this ensures that in case there are still references to the just dropped User object,
* those references cannot be used to erronously access database objects).
* </UL>
*
* <p>
*/
public void dropUser(String name) {
boolean reservedUser = GranteeManager.isReserved(name);
if (reservedUser) {
throw Error.error(ErrorCode.X_28502, name);
}
boolean result = granteeManager.removeGrantee(name);
if (!result) {
throw Error.error(ErrorCode.X_28501, name);
}
User user = (User) userList.remove(name);
if (user == null) {
throw Error.error(ErrorCode.X_28501, name);
}
}
/**
* Creates a new User object under management of this object.
*
* <p>A set of constraints regarding user creation is imposed:
*
* <p>
*
* <OL>
* <LI>If the specified name is null, then an ASSERTION_FAILED exception is thrown stating that
* the name is null.
* <LI>If this object's collection already contains an element whose name attribute equals the
* name argument, then a GRANTEE_ALREADY_EXISTS exception is thrown. (This will catch
* attempts to create Reserved grantee names).
* </OL>
*/
public User createUser(Session session, HsqlName name, String password, boolean isDigest) {
// This will throw an appropriate exception if grantee already exists,
// regardless of whether the name is in any User, Role, etc. list.
User user = granteeManager.addUser(name);
if (session == null) {
user.setPassword(password, isDigest);
} else {
try {
setPassword(session, user, password, isDigest);
} catch (HsqlException e) {
granteeManager.removeNewUser(name);
throw e;
}
}
// this cannot fail
boolean success = userList.add(name.name, user);
return user;
}
/**
* Creates a new User object under management of this object.
*
* <p>A set of constraints regarding user creation is imposed:
*
* <p>
*
* <OL>
* <LI>If the specified name is null, then an ASSERTION_FAILED exception is thrown stating that
* the name is null.
* <LI>If this object's collection already contains an element whose name attribute equals the
* name argument, then a GRANTEE_ALREADY_EXISTS exception is thrown. (This will catch
* attempts to create Reserved grantee names).
* </OL>
*/
public User createUser(HsqlName name, String password) {
// This will throw an appropriate exception if grantee already exists,
// regardless of whether the name is in any User, Role, etc. list.
User user = granteeManager.addUser(name);
user.setPassword(password);
boolean success = userList.add(name.name, user);
if (!success) {
throw Error.error(ErrorCode.X_28503, name.statementName);
}
return user;
}
/** Returns the User object with the specified name and password from this object's set. */
public User getUser(String name, String password) {
if (name == null) {
name = "";
}
if (password == null) {
password = "";
}
User user = (User) userList.get(name);
boolean isLocal = user != null && user.isLocalOnly;
if (extAuthenticationFunction == null || isLocal) {
user = get(name);
user.checkPassword(password);
return user;
}
/*
* Authentication returns String[]. When null, use the existing
* user object only, with existing privileges.
* When not null, ignore if user exists. Otherwise create a user and
* assign the list of roles to the user.
*/
Result result =
extAuthenticationFunction.invokeJavaMethodDirect(
new String[] {granteeManager.database.getUniqueName(), name, password});
if (result.isError()) {
throw Error.error(ErrorCode.X_28501, result.getMainString());
}
Object[] roles = (Object[]) result.getValueObject();
if (user == null) {
HsqlName hsqlName =
granteeManager.database.nameManager.newHsqlName(name, true, SchemaObject.GRANTEE);
user = createUser(null, hsqlName, "", false);
user.isExternalOnly = true;
}
if (roles == null) {
user.updateAllRights();
return user;
}
// this clears all existing privileges of the user
user.clearPrivileges();
// assigns the roles to the user
for (int i = 0; i < roles.length; i++) {
try {
Grantee role = granteeManager.getRole((String) roles[i]);
user.grant(role);
} catch (HsqlException e) {
}
}
user.updateAllRights();
for (int i = 0; i < roles.length; i++) {
Schema schema = granteeManager.database.schemaManager.findSchema((String) roles[i]);
if (schema != null) {
user.setInitialSchema(schema.getName());
break;
}
}
return user;
}
