Package com.mckoi.database

Class GrantManager

java.lang.Object

com.mckoi.database.GrantManager

public class GrantManager
extends java.lang.Object

A class that manages the grants on a database for a given database connection and user.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private static class	GrantManager.GrantQuery	Inner class that represents a grant query on a particular object, param and user name.

Field Summary

Fields

Modifier and Type	Field	Description
static int	CATALOG	Represents a CATALOG object to grant privs over for this user.
private DatabaseConnection	connection	The DatabaseConnection instance.
private QueryContext	context	The QueryContext instance.
static int	DOMAIN	Represents a DOMAIN object to grant privs over for the user.
private boolean	grant_table_changed	Set to true if the grant table is modified in this manager.
private Cache	priv_cache	A cache of privileges for the various tables in the database.
static TObject	PUBLIC_USERNAME	The name of the 'public' username.
static java.lang.String	PUBLIC_USERNAME_STR	The string representing the public user (privs granted to all users).
static int	SCHEMA	Represents a SCHEMA object to grant privs over for the user.
static int	TABLE	Represents a TABLE object to grant privs over for the user.

Constructor Summary

Constructors

Constructor	Description
GrantManager(DatabaseConnection connection)	Constructs the GrantManager.

Method Summary

Modifier and Type	Method	Description
void	addGrant(Privileges privs, int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)	Adds a grant on the given database object.
void	addGrantToAllTablesInSchema(java.lang.String schema, Privileges privs, java.lang.String grantee, boolean grant_option, java.lang.String granter)	For all tables in the given schema, this adds the given grant for each of the tables.
private Privileges	getPrivs(int object, java.lang.String param, java.lang.String username, boolean only_grant_options, java.lang.String granter, boolean include_public_privs)
private void	internalSetPrivs(Privileges new_privs, int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)	Internal method that sets the privs for the given object, param, grantee, grant option and granter.
private void	invalidateGrantCache()	Flushes any grant information that's being cached.
void	removeGrant(Privileges privs, int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)	Removes a grant on the given object for the given grantee, grant option and granter.
void	revokeAllGrantsOnObject(int object, java.lang.String param)	Completely removes all privs granted on the given object for all users.
void	revokeAllGrantsOnObject(int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)	Removes all privs granted on the given object for the given grantee with the given grant option.
Privileges	userGrantOptions(int object, java.lang.String param, java.lang.String username)	Returns all Privileges for the given object for the given grantee (user) that the user is allowed to give grant options for.
Privileges	userGrants(int object, java.lang.String param, java.lang.String username)	Returns all Privileges for the given object for the given grantee (user).

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

TABLE

public static final int TABLE

Represents a TABLE object to grant privs over for the user.

See Also:

Constant Field Values

DOMAIN

public static final int DOMAIN

Represents a DOMAIN object to grant privs over for the user.

See Also:

Constant Field Values

SCHEMA

public static final int SCHEMA

Represents a SCHEMA object to grant privs over for the user.

See Also:

Constant Field Values

CATALOG

public static final int CATALOG

Represents a CATALOG object to grant privs over for this user.

See Also:

Constant Field Values

PUBLIC_USERNAME_STR

public static final java.lang.String PUBLIC_USERNAME_STR

The string representing the public user (privs granted to all users).

See Also:

Constant Field Values

PUBLIC_USERNAME

public static final TObject PUBLIC_USERNAME

The name of the 'public' username. If a grant is made on 'public' then all users are given the grant.

connection

private DatabaseConnection connection

The DatabaseConnection instance.

context

private QueryContext context

The QueryContext instance.

priv_cache

private Cache priv_cache

A cache of privileges for the various tables in the database. This cache is populated as the user 'visits' a table.

grant_table_changed

private boolean grant_table_changed

Set to true if the grant table is modified in this manager.

Constructor Detail

GrantManager

GrantManager(DatabaseConnection connection)

Constructs the GrantManager. Should only be constructed from DatabaseConnection.

Method Detail

invalidateGrantCache

private void invalidateGrantCache()

Flushes any grant information that's being cached.

getPrivs

private Privileges getPrivs(int object,
                            java.lang.String param,
                            java.lang.String username,
                            boolean only_grant_options,
                            java.lang.String granter,
                            boolean include_public_privs)
                     throws DatabaseException

Throws:

DatabaseException

internalSetPrivs

private void internalSetPrivs(Privileges new_privs,
                              int object,
                              java.lang.String param,
                              java.lang.String grantee,
                              boolean grant_option,
                              java.lang.String granter)
                       throws DatabaseException

Internal method that sets the privs for the given object, param, grantee, grant option and granter. This first revokes any grants that have been setup for the object, and adds a new record with the new grants.

Throws:

DatabaseException

addGrant

public void addGrant(Privileges privs,
                     int object,
                     java.lang.String param,
                     java.lang.String grantee,
                     boolean grant_option,
                     java.lang.String granter)
              throws DatabaseException

Adds a grant on the given database object.

Parameters:

privs - the privileges to grant.

object - the object to grant (TABLE, DOMAIN, etc)

param - the parameter of the object (eg. the table name)

grantee - the user name to grant the privs to.

grant_option - if true, allows the user to pass grants to other users.

granter - the user granting.

Throws:

DatabaseException

addGrantToAllTablesInSchema

public void addGrantToAllTablesInSchema(java.lang.String schema,
                                        Privileges privs,
                                        java.lang.String grantee,
                                        boolean grant_option,
                                        java.lang.String granter)
                                 throws DatabaseException

For all tables in the given schema, this adds the given grant for each of the tables.

Throws:

DatabaseException

removeGrant

public void removeGrant(Privileges privs,
                        int object,
                        java.lang.String param,
                        java.lang.String grantee,
                        boolean grant_option,
                        java.lang.String granter)
                 throws DatabaseException

Removes a grant on the given object for the given grantee, grant option and granter.

Throws:

DatabaseException

revokeAllGrantsOnObject

public void revokeAllGrantsOnObject(int object,
                                    java.lang.String param,
                                    java.lang.String grantee,
                                    boolean grant_option,
                                    java.lang.String granter)
                             throws DatabaseException

Removes all privs granted on the given object for the given grantee with the given grant option.

Throws:

DatabaseException

revokeAllGrantsOnObject

public void revokeAllGrantsOnObject(int object,
                                    java.lang.String param)
                             throws DatabaseException

Completely removes all privs granted on the given object for all users. This would typically be used when the object is dropped from the database.

Throws:

DatabaseException

userGrants

public Privileges userGrants(int object,
                             java.lang.String param,
                             java.lang.String username)
                      throws DatabaseException

Returns all Privileges for the given object for the given grantee (user). This would be used to determine the access a user has to a table.

Note that the Privileges object includes all the grants on the object given to PUBLIC also.

This method will concatenate multiple privs granted on the same object.

PERFORMANCE: This method is called a lot (at least once on every query).

Throws:

DatabaseException

userGrantOptions

public Privileges userGrantOptions(int object,
                                   java.lang.String param,
                                   java.lang.String username)
                            throws DatabaseException

Returns all Privileges for the given object for the given grantee (user) that the user is allowed to give grant options for. This would be used to determine if a user has privs to give another user grants on an object.

Note that the Privileges object includes all the grants on the object given to PUBLIC also.

This method will concatenate multiple grant options given on the same object to the user.

Throws:

DatabaseException