Package org.apache.derby.impl.sql.conn
Class GenericAuthorizer
java.lang.Object
org.apache.derby.impl.sql.conn.GenericAuthorizer
- All Implemented Interfaces:
Authorizer
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate static final int
private final LanguageConnectionContext
private static final int
private static final int
(package private) boolean
private int
Fields inherited from interface org.apache.derby.iapi.sql.conn.Authorizer
CREATE_ROLE_PRIV, CREATE_SCHEMA_PRIV, DELETE_PRIV, DROP_ROLE_PRIV, DROP_SCHEMA_PRIV, EXECUTE_PRIV, INSERT_PRIV, JAR_WRITE_OP, MIN_SELECT_PRIV, MODIFY_SCHEMA_PRIV, NULL_PRIV, PRIV_TYPE_COUNT, PROPERTY_WRITE_OP, PUBLIC_AUTHORIZATION_ID, REFERENCES_PRIV, SELECT_PRIV, SQL_ARBITARY_OP, SQL_CALL_OP, SQL_DDL_OP, SQL_SELECT_OP, SQL_WRITE_OP, SYSTEM_AUTHORIZATION_ID, TRIGGER_PRIV, UPDATE_PRIV, USAGE_PRIV
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionvoid
authorize
(int operation) Used for operations that do not involve tables or routines.void
authorize
(List<StatementPermission> requiredPermissionsList, Activation activation) Verify the connected user possesses the indicated permissionsvoid
authorize
(Activation activation, int operation) Verify the connected user is authorized to perform the requested operation.private boolean
private static StandardException
externalRoutineException
(int operation, int sqlAllowed) Throw an exception if the user does not have all of the required permissions.private int
private void
boolean
Get the readOnly status for this authorizer's connection.final void
refresh()
Refresh this authorizer to reflect a change in the database permissions.void
setReadOnlyConnection
(boolean on, boolean authorize) Set the readOnly status for this authorizer's connection.private boolean
userOnAccessList
(String listName)
-
Field Details
-
NO_ACCESS
private static final int NO_ACCESS- See Also:
-
READ_ACCESS
private static final int READ_ACCESS- See Also:
-
FULL_ACCESS
private static final int FULL_ACCESS- See Also:
-
userAccessLevel
private int userAccessLevel -
readOnlyConnection
boolean readOnlyConnection -
lcc
-
-
Constructor Details
-
GenericAuthorizer
GenericAuthorizer(LanguageConnectionContext lcc) throws StandardException - Throws:
StandardException
-
-
Method Details
-
connectionMustRemainReadOnly
private boolean connectionMustRemainReadOnly() -
authorize
Used for operations that do not involve tables or routines.- Specified by:
authorize
in interfaceAuthorizer
- Parameters:
operation
- the enumeration code for the requsted operation.- Throws:
StandardException
- Thrown if the operation is not allowed- See Also:
-
authorize
Description copied from interface:Authorizer
Verify the connected user is authorized to perform the requested operation.- Specified by:
authorize
in interfaceAuthorizer
- Parameters:
activation
- holds the list of tables, columns, and routines used.operation
- the enumeration code for the requsted operation.- Throws:
StandardException
- Thrown if the operation is not allowed- See Also:
-
authorize
public void authorize(List<StatementPermission> requiredPermissionsList, Activation activation) throws StandardException Description copied from interface:Authorizer
Verify the connected user possesses the indicated permissions- Specified by:
authorize
in interfaceAuthorizer
- Parameters:
requiredPermissionsList
- the required permissionsactivation
- holds the execution logic- Throws:
StandardException
- Thrown if the operation is not allowed
-
externalRoutineException
Throw an exception if the user does not have all of the required permissions. -
getUserAccessLevel
- Throws:
StandardException
-
getDefaultAccessLevel
- Throws:
StandardException
-
userOnAccessList
- Throws:
StandardException
-
isReadOnlyConnection
public boolean isReadOnlyConnection()Description copied from interface:Authorizer
Get the readOnly status for this authorizer's connection.- Specified by:
isReadOnlyConnection
in interfaceAuthorizer
- See Also:
-
setReadOnlyConnection
Description copied from interface:Authorizer
Set the readOnly status for this authorizer's connection.- Specified by:
setReadOnlyConnection
in interfaceAuthorizer
- Parameters:
on
- true means set the connection to read only mode, false means set the connection to read wrte mode.authorize
- true means to verify the caller has authority to set the connection and false means do not check.- Throws:
StandardException
- Thrown if the operation is not allowed- See Also:
-
refresh
Description copied from interface:Authorizer
Refresh this authorizer to reflect a change in the database permissions.- Specified by:
refresh
in interfaceAuthorizer
- Throws:
StandardException
- Thrown if the operation is not allowed- See Also:
-