[teiid-commits] teiid SVN: r3135 - in trunk: client/src/main/java/org/teiid/adminapi/impl and 8 other directories.

Mon May 2 14:34:41 EDT 2011

Author: shawkins
Date: 2011-05-02 14:34:41 -0400 (Mon, 02 May 2011)
New Revision: 3135

Modified:
   trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java
   trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java
   trunk/client/src/main/resources/vdb-deployer.xsd
   trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
   trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
   trunk/engine/src/main/java/org/teiid/query/sql/navigator/PreOrPostOrderNavigator.java
   trunk/engine/src/main/java/org/teiid/query/sql/visitor/CommandCollectorVisitor.java
   trunk/engine/src/main/java/org/teiid/query/validator/AbstractValidationVisitor.java
   trunk/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java
   trunk/engine/src/main/java/org/teiid/query/validator/Validator.java
   trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
   trunk/engine/src/test/java/org/teiid/query/validator/TestAlterValidation.java
Log:
TEIID-1574 adding permissions for alter/execute

Modified: trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java
===================================================================

--- trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/client/src/main/java/org/teiid/adminapi/DataPolicy.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -25,7 +25,7 @@
 
 public interface DataPolicy {
 	
-	public enum PermissionType {CREATE, READ, UPDATE, DELETE};
+	public enum PermissionType {CREATE, READ, UPDATE, DELETE, ALTER, EXECUTE};
 	
 	/**
 	 * Get the Name of the Data Policy
@@ -92,6 +92,18 @@
 		 * Is "DELETE" allowed?
 		 * @return
 		 */
-		Boolean getAllowDelete();		
+		Boolean getAllowDelete();
+
+		/**
+		 * Is "ALTER" allowed?
+		 * @return
+		 */
+		Boolean getAllowAlter();
+
+		/**
+		 * Is "EXECUTE" allowed?
+		 * @return
+		 */
+		Boolean getAllowExecute();		
 	}
 }

Modified: trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java
===================================================================
--- trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/client/src/main/java/org/teiid/adminapi/impl/DataPolicyMetadata.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -146,7 +146,9 @@
         "allowCreate",
         "allowRead",
         "allowUpdate",
-        "allowDelete"
+        "allowDelete",
+        "allowExecute",
+        "allowAlter"
     })	
     @ManagementObject(properties=ManagementProperties.EXPLICIT)
 	public static class PermissionMetaData implements DataPermission, Serializable {
@@ -162,6 +164,10 @@
         protected Boolean allowUpdate;
         @XmlElement(name = "allow-delete")
         protected Boolean allowDelete;
+        @XmlElement(name = "allow-execute")
+        protected Boolean allowExecute;
+        @XmlElement(name = "allow-alter")
+        protected Boolean allowAlter;
         
         @Override
         @ManagementProperty(description="Resource Name, for which permission defined")
@@ -229,13 +235,25 @@
         	if (Boolean.TRUE.equals(getAllowDelete())) {
         		sb.append("D");//$NON-NLS-1$
         	}     
+        	if (Boolean.TRUE.equals(getAllowExecute())) {
+        		sb.append("E");//$NON-NLS-1$
+        	}     
+        	if (Boolean.TRUE.equals(getAllowAlter())) {
+        		sb.append("A");//$NON-NLS-1$
+        	}     
         	return sb.toString();
         }
         
         public Boolean allows(PermissionType type) {
             switch (type) {
+            case ALTER:
+            	return getAllowAlter();
             case CREATE:
             	return getAllowCreate();
+            case EXECUTE:
+            	if (getAllowExecute() != null) {
+            		return getAllowExecute();
+            	}
             case READ:
             	return getAllowRead();
             case UPDATE:
@@ -246,7 +264,27 @@
             throw new AssertionError();
         }
         
-        public String toString() {
+        @Override
+        @ManagementProperty(description="Allows Alter")
+        public Boolean getAllowAlter() {
+			return allowAlter;
+		}
+
+        @Override
+        @ManagementProperty(description="Allows Execute")
+		public Boolean getAllowExecute() {
+			return allowExecute;
+		}
+		
+		public void setAllowAlter(Boolean allowAlter) {
+			this.allowAlter = allowAlter;
+		}
+		
+		public void setAllowExecute(Boolean allowExecute) {
+			this.allowExecute = allowExecute;
+		}
+
+		public String toString() {
         	StringBuilder sb = new StringBuilder();
         	sb.append(getResourceName());
         	sb.append("["); //$NON-NLS-1$

Modified: trunk/client/src/main/resources/vdb-deployer.xsd
===================================================================
--- trunk/client/src/main/resources/vdb-deployer.xsd	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/client/src/main/resources/vdb-deployer.xsd	2011-05-02 18:34:41 UTC (rev 3135)
@@ -93,6 +93,8 @@
 							             <xs:element name="allow-read" type="xs:boolean" minOccurs="0"/>
 							             <xs:element name="allow-update" type="xs:boolean" minOccurs="0"/>
 							             <xs:element name="allow-delete" type="xs:boolean" minOccurs="0"/>
+							             <xs:element name="allow-execute" type="xs:boolean" minOccurs="0"/>
+							             <xs:element name="allow-alter" type="xs:boolean" minOccurs="0"/>
                                    </xs:sequence>      
                                 </xs:complexType>
                             </xs:element>                                                                      

Modified: trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml
===================================================================
--- trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/documentation/reference/src/main/docbook/en-US/content/dataroles.xml	2011-05-02 18:34:41 UTC (rev 3135)
@@ -73,16 +73,20 @@
 	    </orderedlist> 
 	    
 	    <orderedlist>
-	    	<para>To process a <emphasis>EXEC</emphasis> statement, the user account requires the following access rights:</para>
-	        <listitem> <para><emphasis>READ</emphasis> - on the Procedure being executed.</para></listitem>
+	    	<para>To process a <emphasis>EXEC/CALL</emphasis> statement, the user account requires the following access rights:</para>
+	        <listitem> <para><emphasis>EXECUTE (or READ)</emphasis> - on the Procedure being executed.</para></listitem>
 	    </orderedlist>
 	    
 	    <orderedlist>
 	    	<para>To process any function, the user account requires the following access rights:</para>
-	        <listitem> <para><emphasis>READ</emphasis> - on the Function being called.</para> </listitem>
-	        <note><para>For backwards compatibility RuntimeEngineDeployer.allowFunctionCallsByDefault located in the &jboss-beans; file in the <code>RuntimeEngineDeployer</code> section defaults to true. 
-	        This means that to actually require permissions for functions, you need to set this property to false.</para></note>
+	        <listitem> <para><emphasis>EXECUTE (or READ)</emphasis> - on the Function being called.</para> <note><para>For backwards compatibility RuntimeEngineDeployer.allowFunctionCallsByDefault located in the &jboss-beans; file in the <code>RuntimeEngineDeployer</code> section defaults to true. 
+	        This means that to actually require permissions for functions, you need to set this property to false.</para></note></listitem>
 	    </orderedlist>
+	    
+	    <orderedlist>
+	    	<para>To process any ALTER or CREATE TRIGGER statement, the user account requires the following access rights:</para>
+	        <listitem> <para><emphasis>ALTER</emphasis> - on the view or procedure that is effected.  INSTEAD OF Triggers (update procedures) are not yet treated as full schema objects and are instead treated as attributes of the view.</para></listitem>
+	    </orderedlist>
 	       
     </section>
     

Modified: trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -51,6 +51,9 @@
 import org.teiid.query.metadata.TempMetadataID;
 import org.teiid.query.resolver.util.ResolverUtil;
 import org.teiid.query.sql.LanguageObject;
+import org.teiid.query.sql.lang.AlterProcedure;
+import org.teiid.query.sql.lang.AlterTrigger;
+import org.teiid.query.sql.lang.AlterView;
 import org.teiid.query.sql.lang.Create;
 import org.teiid.query.sql.lang.Delete;
 import org.teiid.query.sql.lang.Drop;
@@ -78,6 +81,7 @@
 		UPDATE,
 		DELETE,
 		FUNCTION,
+		ALTER,
 		STORED_PROCEDURE;
     }
     
@@ -108,6 +112,21 @@
     	Collection<GroupSymbol> symbols = Arrays.asList(obj.getTable());
     	validateTemp(resources, symbols, Context.CREATE);
     }
+    
+    @Override
+    public void visit(AlterProcedure obj) {
+    	validateEntitlements(Arrays.asList(obj.getTarget()), DataPolicy.PermissionType.ALTER, Context.ALTER);
+    }
+    
+    @Override
+    public void visit(AlterTrigger obj) {
+    	validateEntitlements(Arrays.asList(obj.getTarget()), DataPolicy.PermissionType.ALTER, obj.isCreate()?Context.CREATE:Context.ALTER);
+    }
+    
+    @Override
+    public void visit(AlterView obj) {
+    	validateEntitlements(Arrays.asList(obj.getTarget()), DataPolicy.PermissionType.ALTER, Context.ALTER);
+    }
 
 	private void validateTemp(Set<String> resources,
 			Collection<GroupSymbol> symbols, Context context) {
@@ -190,7 +209,7 @@
     		if (schema != null && !isSystemSchema(schema)) {
     			Map<String, Function> map = new HashMap<String, Function>();
     			map.put(schema + '.' + obj.getFunctionDescriptor().getName(), obj);
-    			validateEntitlements(PermissionType.READ, Context.FUNCTION, map);
+    			validateEntitlements(PermissionType.EXECUTE, Context.FUNCTION, map);
     		}
     	}
     }
@@ -212,12 +231,15 @@
      */
     protected void validateEntitlements(Update obj) {
         // Check that all elements used in criteria have read permission
+    	HashSet<ElementSymbol> elements = new HashSet<ElementSymbol>(); 
+    	ElementCollectorVisitor.getElements(obj.getChangeList().getClauseMap().values(), elements);
         if (obj.getCriteria() != null) {
-            validateEntitlements(
-                ElementCollectorVisitor.getElements(obj.getCriteria(), true),
+            ElementCollectorVisitor.getElements(obj.getCriteria(), elements);
+        }
+        validateEntitlements(
+        		elements,
                 DataPolicy.PermissionType.READ,
                 Context.UPDATE);
-        }
 
         // The variables from the changes must be checked for UPDATE entitlement
         // validateEntitlements on all the variables used in the update.
@@ -278,7 +300,7 @@
      * Validate query entitlements
      */
     protected void validateEntitlements(StoredProcedure obj) {
-        validateEntitlements(Arrays.asList(obj.getGroup()), DataPolicy.PermissionType.READ, Context.STORED_PROCEDURE);
+        validateEntitlements(Arrays.asList(obj.getGroup()), DataPolicy.PermissionType.EXECUTE, Context.STORED_PROCEDURE);
     }
 
     /**

Modified: trunk/engine/src/main/java/org/teiid/query/sql/navigator/PreOrPostOrderNavigator.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/sql/navigator/PreOrPostOrderNavigator.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/query/sql/navigator/PreOrPostOrderNavigator.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -674,7 +674,9 @@
     public void visit(AlterProcedure obj) {
     	preVisitVisitor(obj);
         visitNode(obj.getTarget());
-        visitNode(obj.getDefinition());
+        if (deep) {
+        	visitNode(obj.getDefinition());
+        }
         postVisitVisitor(obj);
     }
     
@@ -682,7 +684,9 @@
     public void visit(AlterTrigger obj) {
     	preVisitVisitor(obj);
         visitNode(obj.getTarget());
-        visitNode(obj.getDefinition());
+        if (deep) {
+        	visitNode(obj.getDefinition());
+        }
         postVisitVisitor(obj);
     }
     
@@ -690,7 +694,9 @@
     public void visit(AlterView obj) {
     	preVisitVisitor(obj);
         visitNode(obj.getTarget());
-        visitNode(obj.getDefinition());
+        if (deep) {
+        	visitNode(obj.getDefinition());
+        }
         postVisitVisitor(obj);
     }
     

Modified: trunk/engine/src/main/java/org/teiid/query/sql/visitor/CommandCollectorVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/sql/visitor/CommandCollectorVisitor.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/query/sql/visitor/CommandCollectorVisitor.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -27,9 +27,6 @@
 
 import org.teiid.query.sql.LanguageObject;
 import org.teiid.query.sql.LanguageVisitor;
-import org.teiid.query.sql.lang.AlterProcedure;
-import org.teiid.query.sql.lang.AlterTrigger;
-import org.teiid.query.sql.lang.AlterView;
 import org.teiid.query.sql.lang.BatchedUpdateCommand;
 import org.teiid.query.sql.lang.Command;
 import org.teiid.query.sql.lang.ExistsCriteria;
@@ -119,23 +116,6 @@
         this.commands.addAll(obj.getUpdateCommands());
     }
     
-    @Override
-    public void visit(AlterProcedure alterProcedure) {
-    	this.commands.add(alterProcedure.getDefinition());
-    }
-    
-    @Override
-    public void visit(AlterTrigger alterTrigger) {
-    	if (alterTrigger.getDefinition() != null) {
-    		this.commands.add(alterTrigger.getDefinition());
-    	}
-    }
-    
-    @Override
-    public void visit(AlterView alterView) {
-    	this.commands.add(alterView.getDefinition());
-    }
-    
     /**
      * Helper to quickly get the commands from obj
      * @param obj Language object

Modified: trunk/engine/src/main/java/org/teiid/query/validator/AbstractValidationVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/validator/AbstractValidationVisitor.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/query/validator/AbstractValidationVisitor.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -45,7 +45,7 @@
     private LanguageObject exceptionObject;
         
     // Validation error handling
-    private ValidatorReport report;
+    protected ValidatorReport report;
     
     private QueryMetadataInterface metadata;
     

Modified: trunk/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/query/validator/ValidationVisitor.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -1434,6 +1434,7 @@
     public void visit(AlterView obj) {
     	try {
 			QueryResolver.validateProjectedSymbols(obj.getTarget(), getMetadata(), obj.getDefinition());
+			Validator.validate(obj.getDefinition(), getMetadata(), this);
 		} catch (QueryValidatorException e) {
 			handleValidationError(e.getMessage(), obj.getDefinition());
 		} catch (TeiidComponentException e) {
@@ -1449,6 +1450,7 @@
 	    		handleValidationError(QueryPlugin.Util.getString("ValidationVisitor.not_a_procedure", gs), gs); //$NON-NLS-1$
 	    		return;
 	    	}
+	    	Validator.validate(obj.getDefinition(), getMetadata(), this);
 	    	StoredProcedureInfo info = getMetadata().getStoredProcedureInfoForProcedure(gs.getName());
 	    	for (SPParameter param : info.getParameters()) {
 	    		if (param.getParameterType() == SPParameter.RESULT_SET) {
@@ -1466,6 +1468,13 @@
     @Override
     public void visit(AlterTrigger obj) {
     	validateGroupSupportsUpdate(obj.getTarget());
+		try {
+			if (obj.getDefinition() != null) {
+				Validator.validate(obj.getDefinition(), getMetadata(), this);
+			}			
+		} catch (TeiidComponentException e) {
+			handleException(e);
+		}
     }
 
     //TODO: it may be simpler to catch this in the parser

Modified: trunk/engine/src/main/java/org/teiid/query/validator/Validator.java
===================================================================
--- trunk/engine/src/main/java/org/teiid/query/validator/Validator.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/main/java/org/teiid/query/validator/Validator.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -51,9 +51,9 @@
         // Construct combined runtime / query metadata if necessary
         if(object instanceof Command) {                        
             // Recursively validate subcommands
-            Iterator iter = CommandCollectorVisitor.getCommands((Command)object).iterator();
+            Iterator<Command> iter = CommandCollectorVisitor.getCommands((Command)object).iterator();
             while(iter.hasNext()) {
-                Command subCommand = (Command) iter.next();
+                Command subCommand = iter.next();
                 validate(subCommand, metadata, visitor);
             }
         }

Modified: trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
===================================================================
--- trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -51,6 +51,7 @@
 import org.teiid.query.sql.symbol.ElementSymbol;
 import org.teiid.query.unittest.FakeMetadataFacade;
 import org.teiid.query.unittest.FakeMetadataFactory;
+import org.teiid.query.unittest.RealMetadataFactory;
 import org.teiid.query.validator.Validator;
 import org.teiid.query.validator.ValidatorFailure;
 import org.teiid.query.validator.ValidatorReport;
@@ -76,6 +77,12 @@
     	case UPDATE:
     		p.setAllowUpdate(flag);
     		break;
+    	case ALTER:
+    		p.setAllowAlter(flag);
+    		break;
+    	case EXECUTE:
+    		p.setAllowExecute(flag);
+    		break;
     	}
     	return p;    	
     }
@@ -149,6 +156,13 @@
         svc.setAllowCreateTemporaryTables(false);
         return svc;
     }
+    
+    private DataPolicyMetadata examplePolicyBQT() {
+    	DataPolicyMetadata svc = new DataPolicyMetadata();
+    	svc.setName("test"); //$NON-NLS-1$
+    	svc.addPermission(addResource(DataPolicy.PermissionType.ALTER, "VQT.SmallA_2589")); //$NON-NLS-1$
+        return svc;
+    }
 
     private void helpTest(DataPolicyMetadata policy, String sql, QueryMetadataInterface metadata, String[] expectedInaccesible, VDBMetaData vdb) throws QueryParserException, QueryResolverException, TeiidComponentException {
         QueryParser parser = QueryParser.getQueryParser();
@@ -236,6 +250,10 @@
     @Test public void testUpdateCriteriaInaccessibleForRead() throws Exception {        
         helpTest(exampleAuthSvc1(), "UPDATE pm1.g2 SET e2 = 5 WHERE e1 = 'x'", FakeMetadataFactory.example1Cached(), new String[] {"pm1.g2.e1"}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$ //$NON-NLS-2$
     }
+    
+    @Test public void testUpdateCriteriaInaccessibleForRead1() throws Exception {        
+        helpTest(exampleAuthSvc1(), "UPDATE pm1.g2 SET e2 = cast(e1 as integer)", FakeMetadataFactory.example1Cached(), new String[] {"pm1.g2.e1"}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$ //$NON-NLS-2$
+    }
 
     @Test public void testUpdateElementInaccessibleForUpdate() throws Exception {        
         helpTest(exampleAuthSvc1(), "UPDATE pm1.g1 SET e1 = 5 WHERE e1 = 'x'", FakeMetadataFactory.example1Cached(), new String[] {"pm1.g1.e1"}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$ //$NON-NLS-2$
@@ -293,6 +311,14 @@
         helpTest(exampleAuthSvc1(), "select * from xmltest.doc1", FakeMetadataFactory.example1Cached(), new String[] {"xmltest.doc1"}, FakeMetadataFactory.example1VDB()); //$NON-NLS-1$ //$NON-NLS-2$
     }
     
+    @Test public void testAlter() throws Exception {
+        helpTest(exampleAuthSvc1(), "alter view SmallA_2589 as select * from bqt1.smalla", RealMetadataFactory.exampleBQTCached(), new String[] {"SmallA_2589"}, FakeMetadataFactory.exampleBQTVDB()); //$NON-NLS-1$ //$NON-NLS-2$
+        helpTest(examplePolicyBQT(), "alter view SmallA_2589 as select * from bqt1.smalla", RealMetadataFactory.exampleBQTCached(), new String[] {}, FakeMetadataFactory.exampleBQTVDB()); //$NON-NLS-1$ //$NON-NLS-2$
+        
+        helpTest(exampleAuthSvc1(), "alter trigger on SmallA_2589 INSTEAD OF UPDATE enabled", RealMetadataFactory.exampleBQTCached(), new String[] {"SmallA_2589"}, FakeMetadataFactory.exampleBQTVDB()); //$NON-NLS-1$ //$NON-NLS-2$
+        helpTest(examplePolicyBQT(), "alter trigger on SmallA_2589 INSTEAD OF UPDATE enabled", RealMetadataFactory.exampleBQTCached(), new String[] {}, FakeMetadataFactory.exampleBQTVDB()); //$NON-NLS-1$ //$NON-NLS-2$
+    }
+    
 	private void helpTestLookupVisibility(boolean visible) throws QueryParserException, QueryValidatorException, TeiidComponentException {
 		VDBMetaData vdb = FakeMetadataFactory.example1VDB();
 		vdb.getModel("pm1").setVisible(visible); //$NON-NLS-1$

Modified: trunk/engine/src/test/java/org/teiid/query/validator/TestAlterValidation.java
===================================================================
--- trunk/engine/src/test/java/org/teiid/query/validator/TestAlterValidation.java	2011-05-02 17:02:28 UTC (rev 3134)
+++ trunk/engine/src/test/java/org/teiid/query/validator/TestAlterValidation.java	2011-05-02 18:34:41 UTC (rev 3135)
@@ -31,10 +31,15 @@
 	@Test public void testValidateAlterView() {
 		TestValidator.helpValidate("alter view SmallA_2589 as select 2", new String[] {"SELECT 2"}, RealMetadataFactory.exampleBQTCached());
 		TestValidator.helpValidate("alter view Defect15355 as select 'a', 1", new String[] {"SELECT 'a', 1"}, RealMetadataFactory.exampleBQTCached());
+		TestValidator.helpValidate("alter view Defect15355 as select 'a', cast(1 as biginteger)", new String[] {}, RealMetadataFactory.exampleBQTCached());
 		
 		TestValidator.helpValidate("alter view SmallA_2589 as select * from bqt1.smalla", new String[] {}, RealMetadataFactory.exampleBQTCached());
 	}
 	
+	@Test public void testValidateAlterViewDeep() {
+		TestValidator.helpValidate("alter view Defect15355 as select xpathvalue('a', ':'), cast(1 as biginteger)", new String[] {"xpathvalue('a', ':')"}, RealMetadataFactory.exampleBQTCached());
+	}
+	
 	@Test public void testValidateAlterTrigger() {
 		TestValidator.helpValidate("alter trigger on SmallA_2589 instead of insert as for each row select 1;", new String[] {"SmallA_2589"}, RealMetadataFactory.exampleBQTCached());
 	}

