Fixes for DB level triggers

2025-01-22 17:23:03 +01:00 · 2016-10-03 17:55:40 +03:00 · 2016-10-03 17:55:40 +03:00 · 052c97b662
commit 052c97b662
parent 7a53286d54
6 changed files with 7 additions and 7 deletions
--- a/doc/sql.extensions/README.sql_security.txt
+++ b/doc/sql.extensions/README.sql_security.txt
@ -30,7 +30,7 @@ it will take effect next time trigger will be loaded into metadata cache.
 For procedures and functions defined in package explicit SQL SECURITY clause is prohibit.


-Example 1. It's enought to grant only SELECT privilege to user US for table T.
+Example 1. It's enough to grant only SELECT privilege to user US for table T.
 In case of INVOKER it will require also EXECUTE for function F.

 set term ^;
--- a/src/jrd/ExtEngineManager.cpp
+++ b/src/jrd/ExtEngineManager.cpp
@ -1274,8 +1274,7 @@ void ExtEngineManager::makeTrigger(thread_db* tdbb, CompilerScratch* csb, Jrd::T
 	entryPointTrimmed.trim();

 	EngineAttachmentInfo* attInfo = getEngineAttachment(tdbb, engine);
-	Nullable<bool>& ssDefiner = trg->ssDefiner.specified ? trg->ssDefiner : trg->relation->rel_ss_definer;
-	const MetaName& userName = ssDefiner.specified && ssDefiner.value ? trg->relation->rel_owner_name : "";
+	const MetaName& userName = trg->ssDefiner.specified && trg->ssDefiner.value ? trg->owner : "";
 	ContextManager<IExternalTrigger> ctxManager(tdbb, attInfo, attInfo->adminCharSet,
 		CallerName(obj_trigger, trg->name, userName));

--- a/src/jrd/JrdStatement.cpp
+++ b/src/jrd/JrdStatement.cpp
@ -664,7 +664,7 @@ void JrdStatement::verifyTriggerAccess(thread_db* tdbb, jrd_rel* ownerRelation,
 					userName = view->rel_owner_name;
 			}
 			else if (t.ssDefiner.specified && t.ssDefiner.value)
-				userName = ownerRelation->rel_owner_name;
+				userName = t.owner;

 			const SecurityClass* sec_class = SCL_get_class(tdbb, access->acc_security_name.c_str());
 			SCL_check_access(tdbb, sec_class, userName, id_trigger,
--- a/src/jrd/jrd.cpp
+++ b/src/jrd/jrd.cpp
@ -844,9 +844,8 @@ void Trigger::compile(thread_db* tdbb)
 		}

 		statement->triggerName = name;
-		const Nullable<bool>& ss = ssDefiner.specified ? ssDefiner : relation->rel_ss_definer;
-		if (ss.specified && ss.value)
-			statement->triggerOwner = relation->rel_owner_name;
+		if (ssDefiner.specified && ssDefiner.value)
+			statement->triggerOwner = owner;

 		if (sys_trigger)
 			statement->flags |= JrdStatement::FLAG_SYS_TRIGGER;
--- a/src/jrd/jrd.h
+++ b/src/jrd/jrd.h
@ -157,6 +157,7 @@ public:
 	Firebird::string	extBody;			// External trigger body
 	ExtEngineManager::Trigger* extTrigger;	// External trigger
 	Nullable<bool> ssDefiner;
+	Firebird::MetaName	owner;				// Owner for SQL SECURITY

 	void compile(thread_db*);				// Ensure that trigger is compiled
 	void release(thread_db*);				// Try to free trigger request
--- a/src/jrd/met.epp
+++ b/src/jrd/met.epp
@ -4900,6 +4900,7 @@ static void save_trigger_data(thread_db* tdbb, trig_vec** ptr, jrd_rel* relation
 	t.engine = engine;
 	t.entryPoint = entryPoint;
 	t.ssDefiner = ssDefiner;
+	t.owner = relation ? relation->rel_owner_name : tdbb->getDatabase()->dbb_owner;
 }