[teiid-commits] teiid SVN: r2765 - in trunk: build/kits/jboss-container and 12 other directories.
teiid-commits at lists.jboss.org
teiid-commits at lists.jboss.org
Fri Dec 10 13:28:30 EST 2010
Author: shawkins
Date: 2010-12-10 13:28:27 -0500 (Fri, 10 Dec 2010)
New Revision: 2765
Modified:
trunk/api/src/main/java/org/teiid/translator/SourceSystemFunctions.java
trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
trunk/build/kits/jboss-container/teiid-releasenotes.html
trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java
trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java
trunk/client/src/main/resources/vdb-deployer.xsd
trunk/client/src/test/java/org/teiid/adminapi/impl/TestVDBMetaData.java
trunk/connectors/translator-jdbc/src/main/java/org/teiid/translator/jdbc/h2/H2ExecutionFactory.java
trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
trunk/engine/src/main/java/org/teiid/dqp/internal/process/Request.java
trunk/engine/src/main/java/org/teiid/query/function/source/SystemSource.java
trunk/engine/src/main/java/org/teiid/query/rewriter/QueryRewriter.java
trunk/engine/src/main/java/org/teiid/query/sql/lang/Insert.java
trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
Log:
TEIID-89 adding the ability to restrict access to temporary table usage
Modified: trunk/api/src/main/java/org/teiid/translator/SourceSystemFunctions.java
===================================================================
--- trunk/api/src/main/java/org/teiid/translator/SourceSystemFunctions.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/api/src/main/java/org/teiid/translator/SourceSystemFunctions.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -59,6 +59,7 @@
public static final String TO_BYTES = "to_bytes"; //$NON-NLS-1$
public static final String TO_CHARS = "to_chars"; //$NON-NLS-1$
public static final String UCASE = "ucase"; //$NON-NLS-1$
+ public static final String UNESCAPE = "unescape"; //$NON-NLS-1$
//numeric
public static final String ABS = "abs"; //$NON-NLS-1$
Modified: trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml
===================================================================
--- trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/build/kits/jboss-container/deploy/teiid/teiid-jboss-beans.xml 2010-12-10 18:28:27 UTC (rev 2765)
@@ -99,8 +99,10 @@
This includes both user plans and internal prepared plans.
Note: this is a memory based cache. (default 512) -->
<property name="preparedPlanCacheMaxCount">512</property>
- <!-- Turn on role checking of resources based on the roles defined in VDB (default true) -->
+ <!-- Turn on role checking based upon the data roles defined in VDBs. (default true) -->
<property name="useDataRoles">true</property>
+ <!-- Sets whether temporary table usage is enabled by default (default true) -->
+ <property name="allowCreateTemporaryTablesByDefault">true</property>
<!-- Long running query threshold, after which a alert can be generated by tooling if configured-->
<property name="queryThresholdInSecs">600</property>
<!-- Maximum rows allowed from a source query. -1 indicates no limit. (default -1)-->
Modified: trunk/build/kits/jboss-container/teiid-releasenotes.html
===================================================================
--- trunk/build/kits/jboss-container/teiid-releasenotes.html 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/build/kits/jboss-container/teiid-releasenotes.html 2010-12-10 18:28:27 UTC (rev 2765)
@@ -32,7 +32,8 @@
<LI>Added support to perform simple pass-through and more complicated updates through views by default.
<LI>Added support for "FOR EACH ROW" update procedure handling (similar to INSTEAD OF triggers in other DBMS's), which should be used instead of the deprecated TRANSLATE criteria approach.
</UL>
- <LI><B>UDF</B> - new API objects added to teiid-api to support user defined functions that are capable of pushdown to source.
+ <LI><B>UDF</B> - new API objects added to teiid-api to support user defined functions that are capable of pushdown to source.
+ <LI><B>Unescape Function</B> - a new system function, unescape, was added to handle common \ escaping in strings including octal, hex/unicode, \b, \r, \n, \f, and \t.
</UL>
<h2><a name="Compatibility">Compatibility Issues</a></h2>
@@ -85,6 +86,13 @@
See the <a href="teiid-docs/teiid_admin_guide.pdf">Admin Guide</a> for more on configuration and installation.
+<h4>from 7.2</h4>
+<ul>
+ <LI>Temporary tables can now be restricted by data roles. Use the data-role attribute allow-create-temporary-tables to explicitly enable or disable the usage of temporary tables.
+There is also a allowCreateTemporaryTablesByDefault property in the teiid-jboss-beans.xml to control whether usage is allowed by default. For compatibility with prior 7.x releases, the default is to allow
+temporary table access.
+</ul>
+
<h4>from 7.1</h4>
<ul>
<li>Teiid clients now allow the usage of anonymous SSL by default.
Modified: trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java
===================================================================
--- trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -51,8 +51,18 @@
*/
List<String> getMappedRoleNames();
+ /**
+ * If the policy applies to any authenticated user
+ * @return
+ */
boolean isAnyAuthenticated();
+ /**
+ * If the policy allows for temporary table usage
+ * @return
+ */
+ Boolean isAllowCreateTemporaryTables();
+
interface DataPermission {
/**
* Get the Resource Name that Data Permission representing
Modified: trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java
===================================================================
--- trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -54,6 +54,8 @@
protected String description;
@XmlAttribute(name = "any-authenticated")
protected boolean anyAuthenticated;
+ @XmlAttribute(name = "allow-create-temporary-tables")
+ protected Boolean allowCreateTemporaryTables;
@XmlElement(name = "permission")
protected PermissionMap permissions = new PermissionMap(new KeyBuilder<PermissionMetaData>() {
@@ -254,6 +256,13 @@
}
}
+ public Boolean isAllowCreateTemporaryTables() {
+ return allowCreateTemporaryTables;
+ }
+
+ public void setAllowCreateTemporaryTables(Boolean allowCreateTemporaryTables) {
+ this.allowCreateTemporaryTables = allowCreateTemporaryTables;
+ }
@Override
@ManagementProperty(description="Indicates if the role is mapped to any authenticated user.")
@@ -264,4 +273,5 @@
public void setAnyAuthenticated(boolean anyAuthenticated) {
this.anyAuthenticated = anyAuthenticated;
}
+
}
Modified: trunk/client/src/main/resources/vdb-deployer.xsd
===================================================================
--- trunk/client/src/main/resources/vdb-deployer.xsd 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/client/src/main/resources/vdb-deployer.xsd 2010-12-10 18:28:27 UTC (rev 2765)
@@ -100,6 +100,7 @@
</xs:sequence>
<xs:attribute name="name" type="xs:string" use="required"/>
<xs:attribute name="any-authenticated" type="xs:boolean"/>
+ <xs:attribute name="allow-create-temporary-tables" type="xs:boolean"/>
</xs:complexType>
</xs:element>
<xs:element name="entry" minOccurs="0" maxOccurs="unbounded">
Modified: trunk/client/src/test/java/org/teiid/adminapi/impl/TestVDBMetaData.java
===================================================================
--- trunk/client/src/test/java/org/teiid/adminapi/impl/TestVDBMetaData.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/client/src/test/java/org/teiid/adminapi/impl/TestVDBMetaData.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -94,7 +94,7 @@
DataPolicyMetadata roleOne = new DataPolicyMetadata();
roleOne.setName("roleOne"); //$NON-NLS-1$
roleOne.setDescription("roleOne described"); //$NON-NLS-1$
-
+ roleOne.setAllowCreateTemporaryTables(true);
PermissionMetaData perm1 = new PermissionMetaData();
perm1.setResourceName("myTable.T1"); //$NON-NLS-1$
perm1.setAllowRead(true);
@@ -167,6 +167,7 @@
assertTrue(roles.size() == 1);
DataPolicyMetadata role = vdb.getDataPolicy("roleOne"); //$NON-NLS-1$
+ assertTrue(role.isAllowCreateTemporaryTables());
assertEquals("roleOne described", role.getDescription()); //$NON-NLS-1$
assertNotNull(role.getMappedRoleNames());
assertTrue(role.getMappedRoleNames().contains("ROLE1")); //$NON-NLS-1$
Modified: trunk/connectors/translator-jdbc/src/main/java/org/teiid/translator/jdbc/h2/H2ExecutionFactory.java
===================================================================
--- trunk/connectors/translator-jdbc/src/main/java/org/teiid/translator/jdbc/h2/H2ExecutionFactory.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/connectors/translator-jdbc/src/main/java/org/teiid/translator/jdbc/h2/H2ExecutionFactory.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -50,6 +50,7 @@
registerFunctionModifier(SourceSystemFunctions.DAYOFMONTH, new AliasModifier("day_of_month")); //$NON-NLS-1$
registerFunctionModifier(SourceSystemFunctions.DAYOFWEEK, new AliasModifier("day_of_week")); //$NON-NLS-1$
registerFunctionModifier(SourceSystemFunctions.DAYOFYEAR, new AliasModifier("day_of_year")); //$NON-NLS-1$
+ registerFunctionModifier(SourceSystemFunctions.UNESCAPE, new AliasModifier("stringdecode")); //$NON-NLS-1$
registerFunctionModifier(SourceSystemFunctions.MOD, new ModFunctionModifier(SourceSystemFunctions.MOD, getLanguageFactory()));
//TODO: this behavior is configurable in h2 starting with 1.1.119
registerFunctionModifier(SourceSystemFunctions.CONCAT, new ConcatFunctionModifier(getLanguageFactory()));
@@ -139,6 +140,7 @@
supportedFunctions.add(SourceSystemFunctions.RTRIM);
supportedFunctions.add(SourceSystemFunctions.SUBSTRING);
supportedFunctions.add(SourceSystemFunctions.UCASE);
+ supportedFunctions.add(SourceSystemFunctions.UNESCAPE);
supportedFunctions.add(SourceSystemFunctions.DAYNAME);
supportedFunctions.add(SourceSystemFunctions.DAYOFMONTH);
Modified: trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
===================================================================
--- trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml 2010-12-10 18:28:27 UTC (rev 2765)
@@ -147,8 +147,10 @@
<para>The "mapped-role-name" defines the container JAAS roles that are assigned the data role. For assigning roles to your users in the JBoss AS,
check out the instructions for the selected Login Module. Check the "Admin Guide" for configuring Login Modules. You may also choose to allow any
- authenticated user to have a data role by setting the any-authenticated attribute value to true on data-role element.</para>
+ authenticated user to have a data role by setting the any-authenticated attribute value to true on data-role element.</para>
+ <para>The "allow-create-temporary-tables" data-role boolean attribute is used to explicitly enable or disable temporary table usage for the role. If it is left unspecified, then the value will be determined by the configuration setting allowCreateTemporaryTablesByDefault located in the &jboss-beans; file in the <code>RuntimeEngineDeployer</code> section.</para>
+
</section>
<section>
<title>System Functions</title>
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -25,6 +25,7 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
+import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
@@ -48,7 +49,9 @@
import org.teiid.query.function.FunctionLibrary;
import org.teiid.query.metadata.TempMetadataID;
import org.teiid.query.resolver.util.ResolverUtil;
+import org.teiid.query.sql.lang.Create;
import org.teiid.query.sql.lang.Delete;
+import org.teiid.query.sql.lang.Drop;
import org.teiid.query.sql.lang.Insert;
import org.teiid.query.sql.lang.Into;
import org.teiid.query.sql.lang.Query;
@@ -66,6 +69,8 @@
public class AuthorizationValidationVisitor extends AbstractValidationVisitor {
public enum Context {
+ CREATE,
+ DROP,
QUERY,
INSERT,
UPDATE,
@@ -75,14 +80,69 @@
private HashMap<String, DataPolicy> allowedPolicies;
private String userName;
+ private boolean allowCreateTemporaryTablesDefault = true;
public AuthorizationValidationVisitor(HashMap<String, DataPolicy> policies, String user) {
this.allowedPolicies = policies;
this.userName = user;
}
+
+ public void setAllowCreateTemporaryTablesDefault(
+ boolean allowCreateTemporaryTablesDefault) {
+ this.allowCreateTemporaryTablesDefault = allowCreateTemporaryTablesDefault;
+ }
// ############### Visitor methods for language objects ##################
+ @Override
+ public void visit(Create obj) {
+ Set<String> resources = Collections.singleton(obj.getTable().getName());
+ Collection<GroupSymbol> symbols = Arrays.asList(obj.getTable());
+ validateTemp(resources, symbols, Context.CREATE);
+ }
+
+ private void validateTemp(Set<String> resources,
+ Collection<GroupSymbol> symbols, Context context) {
+ logRequest(resources, context);
+
+ boolean allowed = false;
+ for(DataPolicy p:this.allowedPolicies.values()) {
+ DataPolicyMetadata policy = (DataPolicyMetadata)p;
+
+ if (policy.isAllowCreateTemporaryTables() == null) {
+ if (allowCreateTemporaryTablesDefault) {
+ allowed = true;
+ break;
+ }
+ } else if (policy.isAllowCreateTemporaryTables()) {
+ allowed = true;
+ break;
+ }
+ }
+
+ logResult(resources, context, allowed);
+ if (!allowed) {
+ handleValidationError(
+ QueryPlugin.Util.getString("ERR.018.005.0095", userName, "CREATE_TEMPORARY_TABLES"), //$NON-NLS-1$
+ symbols);
+ }
+ }
+
+ private void logRequest(Set<String> resources, Context context) {
+ if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
+ // Audit - request
+ AuditMessage msg = new AuditMessage(context.name(), "getInaccessibleResources-request", this.userName, resources.toArray(new String[resources.size()])); //$NON-NLS-1$
+ LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, msg);
+ }
+ }
+
+ @Override
+ public void visit(Drop obj) {
+ Set<String> resources = Collections.singleton(obj.getTable().getName());
+ Collection<GroupSymbol> symbols = Arrays.asList(obj.getTable());
+ validateTemp(resources, symbols, Context.CREATE);
+ }
+
public void visit(Delete obj) {
validateEntitlements(obj);
}
@@ -206,16 +266,6 @@
validateEntitlements(Arrays.asList(obj.getGroup()), DataPolicy.PermissionType.READ, Context.STORED_PROCEDURE);
}
- private String getActionLabel(DataPolicy.PermissionType actionCode) {
- switch(actionCode) {
- case READ: return "Read"; //$NON-NLS-1$
- case CREATE: return "Create"; //$NON-NLS-1$
- case UPDATE: return "Update"; //$NON-NLS-1$
- case DELETE: return "Delete"; //$NON-NLS-1$
- default: return "UNKNOWN"; //$NON-NLS-1$
- }
- }
-
/**
* Check that the user is entitled to access all data elements in the command.
*
@@ -256,33 +306,28 @@
}
if (!nameToSymbolMap.isEmpty()) {
- Collection<String> inaccessibleResources = getInaccessibleResources(actionCode, nameToSymbolMap.keySet(), auditContext);
- if(inaccessibleResources.size() > 0) {
- List<Symbol> inaccessibleSymbols = new ArrayList<Symbol>(inaccessibleResources.size());
- for (String name : inaccessibleResources) {
- inaccessibleSymbols.add(nameToSymbolMap.get(name));
- }
-
- // CASE 2362 - do not include the names of the elements for which the user
- // is not authorized in the exception message
-
- handleValidationError(
- QueryPlugin.Util.getString("ERR.018.005.0095", userName, getActionLabel(actionCode)), //$NON-NLS-1$
- inaccessibleSymbols);
- }
+ Collection<String> inaccessibleResources = getInaccessibleResources(actionCode, nameToSymbolMap.keySet(), auditContext);
+ if(inaccessibleResources.size() > 0) {
+ List<Symbol> inaccessibleSymbols = new ArrayList<Symbol>(inaccessibleResources.size());
+ for (String name : inaccessibleResources) {
+ inaccessibleSymbols.add(nameToSymbolMap.get(name));
+ }
+
+ // CASE 2362 - do not include the names of the elements for which the user
+ // is not authorized in the exception message
+
+ handleValidationError(
+ QueryPlugin.Util.getString("ERR.018.005.0095", userName, actionCode), //$NON-NLS-1$
+ inaccessibleSymbols);
+ }
}
+ }
- }
-
/**
* Out of resources specified, return the subset for which the specified not have authorization to access.
*/
public Set<String> getInaccessibleResources(DataPolicy.PermissionType action, Set<String> resources, Context context) {
- if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
- // Audit - request
- AuditMessage msg = new AuditMessage(context.name(), "getInaccessibleResources-request", this.userName, resources.toArray(new String[resources.size()])); //$NON-NLS-1$
- LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, msg);
- }
+ logRequest(resources, context);
HashSet<String> results = new HashSet<String>(resources);
@@ -301,8 +346,14 @@
}
}
+ logResult(resources, context, results.isEmpty());
+ return results;
+ }
+
+ private void logResult(Set<String> resources, Context context,
+ boolean granted) {
if (LogManager.isMessageToBeRecorded(LogConstants.CTX_AUDITLOGGING, MessageLevel.DETAIL)) {
- if (results.isEmpty()) {
+ if (granted) {
AuditMessage msg = new AuditMessage(context.name(), "getInaccessibleResources-granted all", this.userName, resources.toArray(new String[resources.size()])); //$NON-NLS-1$
LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, msg);
} else {
@@ -310,6 +361,5 @@
LogManager.logDetail(LogConstants.CTX_AUDITLOGGING, msg);
}
}
- return results;
- }
+ }
}
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPConfiguration.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -44,7 +44,8 @@
private int maxRowsFetchSize = DEFAULT_FETCH_SIZE;
private int lobChunkSizeInKB = 100;
private int preparedPlanCacheMaxCount = SessionAwareCache.DEFAULT_MAX_SIZE_TOTAL;
- private boolean useDataRoles = false;
+ private boolean useDataRoles = true;
+ private boolean allowCreateTemporaryTablesByDefault = true;
private int queryThresholdInSecs = DEFAULT_QUERY_THRESHOLD;
private boolean exceptionOnMaxSourceRows = true;
private int maxSourceRows = -1;
@@ -122,7 +123,7 @@
* Determine whether role checking is enabled on the server.
* @return <code>true</code> if server-side role checking is enabled.
*/
- @ManagementProperty(description="Turn on role checking on resources based on the roles defined in VDB")
+ @ManagementProperty(description="Turn on role checking based upon the data roles defined in VDBs. (default true)")
public boolean getUseDataRoles() {
return useDataRoles;
}
@@ -131,6 +132,20 @@
this.useDataRoles = useEntitlements;
}
+ /**
+ * Whether temporary table usage is enabled by default.
+ * @return <code>true</code> if temporary table usage is enabled by default.
+ */
+ @ManagementProperty(description="Sets whether temporary table usage is enabled by default. (default true)")
+ public boolean isAllowCreateTemporaryTablesByDefault() {
+ return allowCreateTemporaryTablesByDefault;
+ }
+
+ public void setAllowCreateTemporaryTablesByDefault(
+ boolean allowCreateTemporaryTablesByDefault) {
+ this.allowCreateTemporaryTablesByDefault = allowCreateTemporaryTablesByDefault;
+ }
+
@ManagementProperty(description="Long running query threshold, after which a alert can be generated by tooling if configured")
public int getQueryThresholdInSecs() {
return queryThresholdInSecs;
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/DQPCore.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -184,9 +184,6 @@
private ThreadReuseExecutor processWorkerPool;
- private int maxFetchSize = DQPConfiguration.DEFAULT_FETCH_SIZE;
- private int queryThreshold = DQPConfiguration.DEFAULT_QUERY_THRESHOLD;
-
// Resources
private BufferManager bufferManager;
private ProcessorDataManager dataTierMgr;
@@ -195,17 +192,12 @@
private TransactionService transactionService;
private BufferService bufferService;
- // Query worker pool for processing plans
- private int processorTimeslice = DQPConfiguration.DEFAULT_PROCESSOR_TIMESLICE;
+ private DQPConfiguration config = new DQPConfiguration();
- private int maxSourceRows = DQPConfiguration.DEFAULT_MAX_SOURCE_ROWS;
- private boolean exceptionOnMaxSourceRows = true;
-
private int chunkSize = Streamable.STREAMING_BATCH_SIZE_IN_BYTES;
private Map<RequestID, RequestWorkItem> requests = new ConcurrentHashMap<RequestID, RequestWorkItem>();
private Map<String, ClientState> clientState = new ConcurrentHashMap<String, ClientState>();
- private boolean useEntitlements = false;
private int maxActivePlans = DQPConfiguration.DEFAULT_MAX_ACTIVE_PLANS;
private int currentlyActivePlans;
@@ -258,7 +250,7 @@
}
public List<RequestMetadata> getLongRunningRequests(){
- return buildRequestInfos(requests.keySet(), this.queryThreshold);
+ return buildRequestInfos(requests.keySet(), this.config.getQueryThresholdInSecs());
}
private List<RequestMetadata> buildRequestInfos(Collection<RequestID> ids, int longRunningQueryThreshold) {
@@ -331,7 +323,7 @@
public ResultsFuture<ResultsMessage> executeRequest(long reqID,RequestMessage requestMsg) {
DQPWorkContext workContext = DQPWorkContext.getWorkContext();
RequestID requestID = workContext.getRequestID(reqID);
- requestMsg.setFetchSize(Math.min(requestMsg.getFetchSize(), maxFetchSize));
+ requestMsg.setFetchSize(Math.min(requestMsg.getFetchSize(), this.config.getMaxRowsFetchSize()));
Request request = null;
if ( requestMsg.isPreparedStatement() || requestMsg.isCallableStatement()) {
request = new PreparedStatementRequest(prepPlanCache);
@@ -341,8 +333,9 @@
ClientState state = this.getClientState(workContext.getSessionId(), true);
request.initialize(requestMsg, bufferManager,
dataTierMgr, transactionService, state.sessionTables,
- workContext, this.useEntitlements, this.prepPlanCache);
+ workContext, this.config.getUseDataRoles(), this.prepPlanCache);
request.setResultSetCacheEnabled(this.rsCache != null);
+ request.setAllowCreateTemporaryTablesByDefault(this.config.isAllowCreateTemporaryTablesByDefault());
ResultsFuture<ResultsMessage> resultsFuture = new ResultsFuture<ResultsMessage>();
RequestWorkItem workItem = new RequestWorkItem(this, requestMsg, request, resultsFuture.getResultsReceiver(), requestID, workContext);
logMMCommand(workItem, Event.NEW, null);
@@ -368,7 +361,7 @@
DQPWorkContext workContext = DQPWorkContext.getWorkContext();
ResultsFuture<ResultsMessage> resultsFuture = new ResultsFuture<ResultsMessage>();
RequestWorkItem workItem = getRequestWorkItem(workContext.getRequestID(reqID));
- workItem.requestMore(batchFirst, batchFirst + Math.min(fetchSize, maxFetchSize) - 1, resultsFuture.getResultsReceiver());
+ workItem.requestMore(batchFirst, batchFirst + Math.min(fetchSize, this.config.getMaxRowsFetchSize()) - 1, resultsFuture.getResultsReceiver());
return resultsFuture;
}
@@ -671,7 +664,7 @@
}
int getProcessorTimeSlice() {
- return this.processorTimeslice;
+ return this.config.getTimeSliceInMilli();
}
int getChunkSize() {
@@ -679,12 +672,7 @@
}
public void start(DQPConfiguration config) {
- this.processorTimeslice = config.getTimeSliceInMilli();
- this.maxFetchSize = config.getMaxRowsFetchSize();
- this.useEntitlements = config.getUseDataRoles();
- this.queryThreshold = config.getQueryThresholdInSecs();
- this.maxSourceRows = config.getMaxSourceRows();
- this.exceptionOnMaxSourceRows = config.isExceptionOnMaxSourceRows();
+ this.config = config;
this.chunkSize = config.getLobChunkSizeInKB() * 1024;
@@ -853,11 +841,11 @@
}
public boolean isExceptionOnMaxSourceRows() {
- return exceptionOnMaxSourceRows;
+ return this.config.isExceptionOnMaxSourceRows();
}
public int getMaxSourceRows() {
- return maxSourceRows;
+ return this.config.getMaxSourceRows();
}
public void setCacheFactory(CacheFactory factory) {
Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/Request.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/Request.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/Request.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -134,6 +134,7 @@
private TempTableStore globalTables;
private SessionAwareCache<PreparedPlan> planCache;
private boolean resultSetCacheEnabled = true;
+ private boolean allowCreateTemporaryTablesByDefault;
void initialize(RequestMessage requestMsg,
BufferManager bufferManager,
@@ -168,6 +169,11 @@
public void setResultSetCacheEnabled(boolean resultSetCacheEnabled) {
this.resultSetCacheEnabled = resultSetCacheEnabled;
}
+
+ public void setAllowCreateTemporaryTablesByDefault(
+ boolean allowCreateTemporaryTablesByDefault) {
+ this.allowCreateTemporaryTablesByDefault = allowCreateTemporaryTablesByDefault;
+ }
/**
* if the metadata has not been supplied via setMetadata, this method will create the appropriate state
@@ -460,6 +466,7 @@
protected void validateAccess(Command command) throws QueryValidatorException, TeiidComponentException {
if (useEntitlements) {
AuthorizationValidationVisitor visitor = new AuthorizationValidationVisitor(this.workContext.getAllowedDataPolicies(), this.workContext.getUserName());
+ visitor.setAllowCreateTemporaryTablesDefault(this.allowCreateTemporaryTablesByDefault);
validateWithVisitor(visitor, this.metadata, command);
}
}
Modified: trunk/engine/src/main/java/org/teiid/query/function/source/SystemSource.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/function/source/SystemSource.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/query/function/source/SystemSource.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -196,7 +196,7 @@
}
private void addUnescape() {
- functions.add(new FunctionMethod("unescape", QueryPlugin.Util.getString("SystemSource.unescape_desc"), STRING, PushDown.CANNOT_PUSHDOWN, FUNCTION_CLASS, "unescape", //$NON-NLS-1$ //$NON-NLS-2$ //$NON-NLS-3$
+ functions.add(new FunctionMethod(SourceSystemFunctions.UNESCAPE, QueryPlugin.Util.getString("SystemSource.unescape_desc"), STRING, PushDown.CANNOT_PUSHDOWN, FUNCTION_CLASS, SourceSystemFunctions.UNESCAPE, //$NON-NLS-1$
new FunctionParameter[] {
new FunctionParameter("string", DataTypeManager.DefaultDataTypes.STRING, QueryPlugin.Util.getString("SystemSource.unescape_param1"))}, //$NON-NLS-1$ //$NON-NLS-2$
new FunctionParameter("result", DataTypeManager.DefaultDataTypes.STRING, QueryPlugin.Util.getString("SystemSource.unescape_result")), false, Determinism.DETERMINISTIC ) ); //$NON-NLS-1$ //$NON-NLS-2$
Modified: trunk/engine/src/main/java/org/teiid/query/rewriter/QueryRewriter.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/rewriter/QueryRewriter.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/query/rewriter/QueryRewriter.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -969,7 +969,7 @@
private Insert correctDatatypes(Insert insert) {
boolean needsView = false;
for (int i = 0; !needsView && i < insert.getVariables().size(); i++) {
- SingleElementSymbol ses = (SingleElementSymbol)insert.getVariables().get(i);
+ SingleElementSymbol ses = insert.getVariables().get(i);
if (ses.getType() != insert.getQueryExpression().getProjectedSymbols().get(i).getType()) {
needsView = true;
}
@@ -2466,7 +2466,7 @@
public static Query createInlineViewQuery(GroupSymbol inlineGroup,
Command nested,
QueryMetadataInterface metadata,
- List<SingleElementSymbol> actualSymbols) throws QueryMetadataException,
+ List<? extends SingleElementSymbol> actualSymbols) throws QueryMetadataException,
QueryResolverException,
TeiidComponentException {
Query query = new Query();
@@ -2488,7 +2488,7 @@
actualTypes.add(ses.getType());
}
List<SingleElementSymbol> selectSymbols = SetQuery.getTypedProjectedSymbols(ResolverUtil.resolveElementsInGroup(inlineGroup, tma), actualTypes, tma);
- Iterator<SingleElementSymbol> iter = actualSymbols.iterator();
+ Iterator<? extends SingleElementSymbol> iter = actualSymbols.iterator();
for (SingleElementSymbol ses : selectSymbols) {
ses = (SingleElementSymbol)ses.clone();
SingleElementSymbol actual = iter.next();
Modified: trunk/engine/src/main/java/org/teiid/query/sql/lang/Insert.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/sql/lang/Insert.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/main/java/org/teiid/query/sql/lang/Insert.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -23,7 +23,6 @@
package org.teiid.query.sql.lang;
import java.util.Collection;
-import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.LinkedList;
import java.util.List;
@@ -81,7 +80,7 @@
* @param variables List of ElementSymbols that represent columns for the values, null implies all columns
* @param values List of Expression values to be inserted
*/
- public Insert(GroupSymbol group, List variables, List values) {
+ public Insert(GroupSymbol group, List<ElementSymbol> variables, List values) {
this.group = group;
this.variables = variables;
this.values = values;
@@ -121,7 +120,7 @@
* Return an ordered List of variables, may be null if no columns were specified
* @return List of {@link org.teiid.query.sql.symbol.ElementSymbol}
*/
- public List getVariables() {
+ public List<ElementSymbol> getVariables() {
return variables;
}
@@ -137,7 +136,7 @@
* Add a collection of variables to end of list
* @param vars Variables to add to the list - collection of ElementSymbol
*/
- public void addVariables(Collection vars) {
+ public void addVariables(Collection<ElementSymbol> vars) {
variables.addAll(vars);
}
@@ -256,14 +255,10 @@
List<ElementSymbol> copyVars = LanguageObject.Util.deepClone(getVariables(), ElementSymbol.class);
- List copyVals = new LinkedList();
+ List<Expression> copyVals = null;
- if ( getValues() != null && getValues().size() > 0 ) {
- Iterator iter = getValues().iterator();
- while(iter.hasNext()) {
- Expression expression = (Expression) iter.next();
- copyVals.add( expression.clone() );
- }
+ if ( getValues() != null) {
+ copyVals = LanguageObject.Util.deepClone(getValues(), Expression.class);
}
Insert copy = new Insert(copyGroup, copyVars, copyVals);
@@ -280,7 +275,7 @@
* single column.
* @return Ordered list of SingleElementSymbol
*/
- public List getProjectedSymbols(){
+ public List<SingleElementSymbol> getProjectedSymbols(){
return Command.getUpdateCommandSymbol();
}
Modified: trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
===================================================================
--- trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java 2010-12-08 20:55:34 UTC (rev 2764)
+++ trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java 2010-12-10 18:28:27 UTC (rev 2765)
@@ -51,7 +51,7 @@
import org.teiid.query.validator.ValidatorFailure;
import org.teiid.query.validator.ValidatorReport;
-
+ at SuppressWarnings("nls")
public class TestAuthorizationValidationVisitor {
public static final String CONN_ID = "connID"; //$NON-NLS-1$
@@ -142,7 +142,7 @@
// pm3.g2
svc.addPermission(addResource(DataPolicy.PermissionType.CREATE, "pm3.g2.e1")); //$NON-NLS-1$
svc.addPermission(addResource(DataPolicy.PermissionType.CREATE, "pm3.g2.e2")); //$NON-NLS-1$
-
+ svc.setAllowCreateTemporaryTables(false);
return svc;
}
@@ -176,6 +176,13 @@
}
}
+ @Test public void testTemp() throws Exception {
+ //allowed by default
+ helpTest(exampleAuthSvc1(), "create local temporary table x (y string)", FakeMetadataFactory.example1Cached(), new String[] {}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$
+ //explicitly denied
+ helpTest(exampleAuthSvc2(), "create local temporary table x (y string)", FakeMetadataFactory.example1Cached(), new String[] {"x"}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$
+ }
+
@Test public void testEverythingAccessible() throws Exception {
helpTest(exampleAuthSvc1(), "SELECT e1 FROM pm1.g1", FakeMetadataFactory.example1Cached(), new String[] {}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$
}
More information about the teiid-commits
mailing list