Author: shawkins
Date: 2011-10-24 16:43:57 -0400 (Mon, 24 Oct 2011)
New Revision: 3578
Modified:
branches/7.4.x/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
branches/7.4.x/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
Log:
TEIID-1793 fix for proc relational permission check
Modified:
branches/7.4.x/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java
===================================================================
---
branches/7.4.x/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java 2011-10-24
17:25:36 UTC (rev 3577)
+++
branches/7.4.x/engine/src/main/java/org/teiid/dqp/internal/process/AuthorizationValidationVisitor.java 2011-10-24
20:43:57 UTC (rev 3578)
@@ -284,7 +284,6 @@
Map<String, LanguageObject> nameToSymbolMap = new LinkedHashMap<String,
LanguageObject>();
for (LanguageObject symbol : symbols) {
try {
- String fullName = null;
Object metadataID = null;
if(symbol instanceof ElementSymbol) {
metadataID = ((ElementSymbol)symbol).getMetadataID();
@@ -294,20 +293,18 @@
} else if(symbol instanceof GroupSymbol) {
GroupSymbol group = (GroupSymbol)symbol;
metadataID = group.getMetadataID();
- if (metadataID instanceof TempMetadataID &&
!group.isProcedure()) {
- if (group.isTempTable()) {
+ if (metadataID instanceof TempMetadataID) {
+ if (group.isProcedure()) {
+ Map<String, LanguageObject> procMap = new
LinkedHashMap<String, LanguageObject>();
+ addToNameMap(((TempMetadataID)metadataID).getOriginalMetadataID(),
symbol, procMap);
+ validateEntitlements(PermissionType.EXECUTE, auditContext,
procMap);
+ } else if (group.isTempTable()) {
validateTemp(actionCode, group, auditContext);
}
continue;
}
}
- fullName = getMetadata().getFullName(metadataID);
- Object modelId = getMetadata().getModelID(metadataID);
- String modelName = getMetadata().getFullName(modelId);
- if (isSystemSchema(modelName)) {
- continue;
- }
- nameToSymbolMap.put(fullName, symbol);
+ addToNameMap(metadataID, symbol, nameToSymbolMap);
} catch(QueryMetadataException e) {
handleException(e);
} catch(TeiidComponentException e) {
@@ -317,6 +314,15 @@
validateEntitlements(actionCode, auditContext, nameToSymbolMap);
}
+
+ private void addToNameMap(Object metadataID, LanguageObject symbol, Map<String,
LanguageObject> nameToSymbolMap) throws QueryMetadataException, TeiidComponentException
{
+ String fullName = getMetadata().getFullName(metadataID);
+ Object modelId = getMetadata().getModelID(metadataID);
+ String modelName = getMetadata().getFullName(modelId);
+ if (!isSystemSchema(modelName)) {
+ nameToSymbolMap.put(fullName, symbol);
+ }
+ }
private boolean isSystemSchema(String modelName) {
return CoreConstants.SYSTEM_MODEL.equalsIgnoreCase(modelName) ||
CoreConstants.ODBC_MODEL.equalsIgnoreCase(modelName);
Modified:
branches/7.4.x/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java
===================================================================
---
branches/7.4.x/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java 2011-10-24
17:25:36 UTC (rev 3577)
+++
branches/7.4.x/engine/src/test/java/org/teiid/dqp/internal/process/TestAuthorizationValidationVisitor.java 2011-10-24
20:43:57 UTC (rev 3578)
@@ -116,7 +116,8 @@
svc.addPermission(addResource(DataPolicy.PermissionType.UPDATE,
"pm1.g1.e3")); //$NON-NLS-1$
svc.addPermission(addResource(DataPolicy.PermissionType.UPDATE,
"pm1.g1.e4")); //$NON-NLS-1$
-
+ svc.addPermission(addResource(PermissionType.EXECUTE, "pm1.sp1"));
+
// pm1.g2
svc.addPermission(addResource(DataPolicy.PermissionType.CREATE,
"pm1.g2")); //$NON-NLS-1$
svc.addPermission(addResource(DataPolicy.PermissionType.CREATE, false,
"pm1.g2.e1")); //$NON-NLS-1$
@@ -206,6 +207,12 @@
}
}
+ @Test public void testProcRelational() throws Exception {
+ helpTest("select * from sp1", RealMetadataFactory.example1Cached(), new
String[] {}, RealMetadataFactory.example1VDB(), exampleAuthSvc1()); //$NON-NLS-1$
+ helpTest("select * from pm1.sp1", RealMetadataFactory.example1Cached(),
new String[] {}, RealMetadataFactory.example1VDB(), exampleAuthSvc1()); //$NON-NLS-1$
+ helpTest("select * from sp1", RealMetadataFactory.example1Cached(), new
String[] {"sp1"}, RealMetadataFactory.example1VDB(), exampleAuthSvc2());
//$NON-NLS-1$
+ }
+
@Test public void testTemp() throws Exception {
//allowed by default
helpTest("create local temporary table x (y string)",
RealMetadataFactory.example1Cached(), new String[] {}, RealMetadataFactory.example1VDB(),
exampleAuthSvc1()); //$NON-NLS-1$