firebird-mirror/src/jrd/acl.h

/*
 *	PROGRAM:	JRD Access Method
 *	MODULE:		acl.h
 *	DESCRIPTION:	Access control list definitions
 *
 * The contents of this file are subject to the Interbase Public
 * License Version 1.0 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy
 * of the License at http://www.Inprise.com/IPL.html
 *
 * Software distributed under the License is distributed on an
 * "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express
 * or implied. See the License for the specific language governing
 * rights and limitations under the License.
 *
 * The Original Code was created by Inprise Corporation
 * and its predecessors. Portions created by Inprise Corporation are
 * Copyright (C) Inprise Corporation.
 *
 * All Rights Reserved.
 * Contributor(s): ______________________________________.
 */

#ifndef JRD_ACL_H
#define JRD_ACL_H

// CVC: The correct type for these ACL_ and privileges seems to be UCHAR instead
// of int, based on usage, but they aren't coherent either with scl.epp's
// P_NAMES.p_names_acl that's USHORT.

const int ACL_version	= 1;

const int ACL_end		= 0;
const int ACL_id_list	= 1;
const int ACL_priv_list	= 2;

// Privileges to be granted

const int priv_end			= 0;
const int priv_control		= 1;		// Control over ACL
const int priv_grant		= 2;		// Unused
const int priv_drop			= 3;		// Drop object
const int priv_select		= 4;		// SELECT
const int priv_write		= 5;		// Unused
const int priv_alter		= 6;		// Alter object
const int priv_insert		= 7;		// INSERT
const int priv_delete		= 8;		// DELETE
const int priv_update		= 9;		// UPDATE
const int priv_references	= 10;		// REFERENCES for foreign key
const int priv_execute		= 11;		// EXECUTE (procedure, function, package)
// New in FB3
const int priv_usage		= 12;		// USAGE (domain, exception, sequence, collation)
const int priv_create		= 13;		// Create object
const int priv_alter_any	= 14;		// Alter any object
const int priv_drop_any		= 15;		// Drop any object
const int priv_max		= 16;

// Identification criterias

const int id_end			= 0;
const int id_group			= 1;		// UNIX group id
const int id_user			= 2;		// UNIX user
const int id_person			= 3;		// User name
const int id_project		= 4;		// Project name
const int id_organization	= 5;		// Organization name
const int id_node			= 6;		// Node id
const int id_view			= 7;		// View name
const int id_views			= 8;		// All views
const int id_trigger		= 9;		// Trigger name
const int id_procedure		= 10;		// Procedure name
const int id_sql_role		= 11;		// SQL role
// New in FB3
const int id_package		= 12;		// Package name
const int id_function		= 13;		// Function name
const int id_filter			= 14;		// Filter name
// New in FB4
const int id_privilege		= 15;		// System privilege
const int id_max			= 16;

/* Format of access control list:

	acl		:=	<ACL_version> [ <acl_element> ]... <0>
	acl_element	:=	<ACL_id_list> <id_list> <ACL_priv_list> <priv_list>
	id_list		:=	[ <id_item> ]... <id_end>
	id_item		:=	<id_criteria> <length> [<name>]
	priv_list	:=	[ <privilege> ]... <priv_end>

*/


// Transaction Description Record
// CVC: This information should match enum tdr_vals in alice.h

const int TDR_VERSION			= 1;
const int TDR_HOST_SITE			= 1;
const int TDR_DATABASE_PATH		= 2;
const int TDR_TRANSACTION_ID	= 3;
const int TDR_REMOTE_SITE		= 4;

#endif // JRD_ACL_H
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00			`/*`
			`* PROGRAM: JRD Access Method`
			`* MODULE: acl.h`
			`* DESCRIPTION: Access control list definitions`
			`*`
			`* The contents of this file are subject to the Interbase Public`
			`* License Version 1.0 (the "License"); you may not use this file`
			`* except in compliance with the License. You may obtain a copy`
			`* of the License at http://www.Inprise.com/IPL.html`
			`*`
			`* Software distributed under the License is distributed on an`
			`* "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express`
			`* or implied. See the License for the specific language governing`
			`* rights and limitations under the License.`
			`*`
			`* The Original Code was created by Inprise Corporation`
			`* and its predecessors. Portions created by Inprise Corporation are`
			`* Copyright (C) Inprise Corporation.`
			`*`
			`* All Rights Reserved.`
			`* Contributor(s): ______________________________________.`
			`*/`

extern cleaning removing underscores in macros DLL_EXPORT cleaning 2003-10-03 03:34:14 +02:00			`#ifndef JRD_ACL_H`
			`#define JRD_ACL_H`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
1.- Try to fix the mess caused by different data types used to represent bifields of SCL_ constants defined in scl.h, second round. 2.- Prevent users from deleting system generators and modifying any entry in rdb$generators. VIO passes the task to DFW, the only problem being that the user gets the error when a commit is done, not before. 2004-07-06 07:59:40 +02:00			`// CVC: The correct type for these ACL_ and privileges seems to be UCHAR instead`
			`// of int, based on usage, but they aren't coherent either with scl.epp's`
			`// P_NAMES.p_names_acl that's USHORT.`
1.- const correctness 2.- style 3.- Try to fix the mess caused by different data types used to represent bifields of SCL_ constants defined in scl.h, first round. No circular dependencies found through MSVC. Still pending dyn* and grant.epp files. 2004-06-29 06:37:59 +02:00
Replace defines for constants 2004-04-29 16:51:02 +02:00			`const int ACL_version = 1;`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Replace defines for constants 2004-04-29 16:51:02 +02:00			`const int ACL_end = 0;`
			`const int ACL_id_list = 1;`
			`const int ACL_priv_list = 2;`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00			`// Privileges to be granted`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Replace defines for constants 2004-04-29 16:51:02 +02:00			`const int priv_end = 0;`
Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00			`const int priv_control = 1; // Control over ACL`
1) Cleanup and renaming in the SCL code. 2) Reimplemented the USAGE privilege as a separate one. 3) Added USAGE permission checks for generators/sequences and exceptions. 4) Supported USAGE in GRANT/REVOKE for all object types. 5) Refactored SET GENERATOR and ALTER SEQUENCE as true DDL. blr_set_generator is supported only for backward compatibility, it's not generated by DSQL anymore. 6) Added START WITH clause for [RE]CREATE SEQUENCE and CREATE OR ALTER SEQUENCE. 7) Fixed a number of related errors. 2013-03-07 14:59:03 +01:00			`const int priv_grant = 2; // Unused`
			`const int priv_drop = 3; // Drop object`
			`const int priv_select = 4; // SELECT`
			`const int priv_write = 5; // Unused`
			`const int priv_alter = 6; // Alter object`
			`const int priv_insert = 7; // INSERT`
			`const int priv_delete = 8; // DELETE`
			`const int priv_update = 9; // UPDATE`
			`const int priv_references = 10; // REFERENCES for foreign key`
			`const int priv_execute = 11; // EXECUTE (procedure, function, package)`
			`// New in FB3`
			`const int priv_usage = 12; // USAGE (domain, exception, sequence, collation)`
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing. 2014-07-08 09:35:27 +02:00			`const int priv_create = 13; // Create object`
			`const int priv_alter_any = 14; // Alter any object`
			`const int priv_drop_any = 15; // Drop any object`
			`const int priv_max = 16;`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00			`// Identification criterias`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Replace defines for constants 2004-04-29 16:51:02 +02:00			`const int id_end = 0;`
Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00			`const int id_group = 1; // UNIX group id`
			`const int id_user = 2; // UNIX user`
			`const int id_person = 3; // User name`
			`const int id_project = 4; // Project name`
			`const int id_organization = 5; // Organization name`
			`const int id_node = 6; // Node id`
			`const int id_view = 7; // View name`
			`const int id_views = 8; // All views`
			`const int id_trigger = 9; // Trigger name`
			`const int id_procedure = 10; // Procedure name`
			`const int id_sql_role = 11; // SQL role`
Now that Dmitry added ACLs to several object types previously unprotected, let's assign each of them an identifier in the ACL. 2010-01-26 09:38:30 +01:00			`// New in FB3`
- External Engines implementation. - Plugins API. - Feature CORE-2700 - UDR (User Defined Routines) Engine - C++ API supporting functions, triggers and stored procedures. - Feature CORE-2470 - Support for alternate format of strings literals. - Feature CORE-2310 - DDL triggers. - Feature CORE-2312 - PSQL Packages. - Feature CORE-1209 - CONTINUE statement. - Feature CORE-1180 - DDL syntax to change (not) nullable state of columns. - Feature CORE-2090 - Support OVER () clause with current aggregate functions. - Fixed CORE-2699 - Common table expression context could be used with parameters. - Introduce ODS 12.0. - Work in progress in type-safe parser. - Refactor some DDL commands (procedures and triggers) from DYN to DdlNodes. - Refactor virtual tables to use a class hierarchy instead of namespaces. This is basic thing, not based on the changes done in Vulcan. Window functions is based on this work. - Refactor COMMENT ON and DROP FUNCTION from DYN to DdlNodes. COMMENT ON do not use GDML anymore, it uses DSQL with PreparedStatement class. - Refactor EXECUTE BLOCK to StmtNodes. - Refactor the IUDF to SysFunctions. That eliminates RDB$GET_CONTEXT and RDB$SET_CONTEXT from RDB$FUNCTIONS. 2009-10-21 02:42:38 +02:00			`const int id_package = 12; // Package name`
Support for PSQL functions. 2009-12-21 17:48:06 +01:00			`const int id_function = 13; // Function name`
Fixed CORE-735: User rights for metadata changes. We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing. 2014-07-08 09:35:27 +02:00			`const int id_filter = 14; // Filter name`
Added support for system privileges 2016-05-31 19:07:08 +02:00			`// New in FB4`
			`const int id_privilege = 15; // System privilege`
			`const int id_max = 16;`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Remove trailing spaces (.h files) 2008-12-05 01:56:15 +01:00			`/* Format of access control list:`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
			`acl := <ACL_version> [ <acl_element> ]... <0>`
			`acl_element := <ACL_id_list> <id_list> <ACL_priv_list> <priv_list>`
			`id_list := [ <id_item> ]... <id_end>`
			`id_item := <id_criteria> <length> [<name>]`
			`priv_list := [ <privilege> ]... <priv_end>`

			`*/`

Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00
			`// Transaction Description Record`
			`// CVC: This information should match enum tdr_vals in alice.h`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Replace defines for constants 2004-04-29 16:51:02 +02:00			`const int TDR_VERSION = 1;`
			`const int TDR_HOST_SITE = 1;`
			`const int TDR_DATABASE_PATH = 2;`
			`const int TDR_TRANSACTION_ID = 3;`
			`const int TDR_REMOTE_SITE = 4;`
First steps towards a C++ conversion. 2001-05-23 15:26:42 +02:00
Comments and misc (unused enum member). 2009-08-18 14:38:45 +02:00			`#endif // JRD_ACL_H`