firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-23 18:03:04 +01:00
Code Issues

More backport from v2.5.

Browse Source
This commit is contained in:
dimitr 2010-10-13 15:15:24 +00:00
parent 501dadee9d
commit 1d7ca1713f
5 changed files with 60 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/jrd/cmp.cpp
View File

@ -372,8 +372,8 @@ static void verify_trigger_access(thread_db* tdbb, jrd_rel* owner_relation, trig
} }
} }
// a direct access to an object from this trigger // a direct access to an object from this trigger
const SecurityClass* sec_class = SCL_get_class(access->acc_security_name.c_str()); const SecurityClass* sec_class = SCL_get_class(tdbb, access->acc_security_name.c_str());
SCL_check_access(sec_class, SCL_check_access(tdbb, sec_class,
(access->acc_view_id) ? access->acc_view_id : (access->acc_view_id) ? access->acc_view_id :
(view ? view->rel_id : 0), (view ? view->rel_id : 0),
t.request->req_trg_name, NULL, access->acc_mask, t.request->req_trg_name, NULL, access->acc_mask,
@ -407,8 +407,8 @@ void CMP_verify_access(thread_db* tdbb, jrd_req* request)
access < prc->prc_request->req_access.end(); access < prc->prc_request->req_access.end();
access++) access++)
{ {
const SecurityClass* sec_class = SCL_get_class(access->acc_security_name.c_str()); const SecurityClass* sec_class = SCL_get_class(tdbb, access->acc_security_name.c_str());
SCL_check_access(sec_class, access->acc_view_id, NULL, prc->prc_name, SCL_check_access(tdbb, sec_class, access->acc_view_id, NULL, prc->prc_name,
access->acc_mask, access->acc_type, access->acc_name, access->acc_r_name); access->acc_mask, access->acc_type, access->acc_name, access->acc_r_name);
} }
} }
@ -442,8 +442,8 @@ void CMP_verify_access(thread_db* tdbb, jrd_req* request)
for (const AccessItem* access = request->req_access.begin(); access < request->req_access.end(); for (const AccessItem* access = request->req_access.begin(); access < request->req_access.end();
access++) access++)
{ {
const SecurityClass* sec_class = SCL_get_class(access->acc_security_name.c_str()); const SecurityClass* sec_class = SCL_get_class(tdbb, access->acc_security_name.c_str());
SCL_check_access(sec_class, access->acc_view_id, NULL, NULL, SCL_check_access(tdbb, sec_class, access->acc_view_id, NULL, NULL,
access->acc_mask, access->acc_type, access->acc_name, access->acc_r_name); access->acc_mask, access->acc_type, access->acc_name, access->acc_r_name);
} }
} }
@ -488,8 +488,8 @@ jrd_req* CMP_clone_request(thread_db* tdbb, jrd_req* request, USHORT level, bool
const TEXT* prc_sec_name = const TEXT* prc_sec_name =
(procedure->prc_security_name.length() > 0 ? (procedure->prc_security_name.length() > 0 ?
procedure->prc_security_name.c_str() : NULL); procedure->prc_security_name.c_str() : NULL);
const SecurityClass* sec_class = SCL_get_class(prc_sec_name); const SecurityClass* sec_class = SCL_get_class(tdbb, prc_sec_name);
SCL_check_access(sec_class, 0, NULL, NULL, SCL_execute, SCL_check_access(tdbb, sec_class, 0, NULL, NULL, SCL_execute,
object_procedure, procedure->prc_name); object_procedure, procedure->prc_name);
} }

2
src/jrd/met.epp
View File

@ -770,7 +770,7 @@ DeferredWork* MET_change_fields(thread_db* tdbb, jrd_tra* transaction, const dsc
INTL_ASSIGN_DSC(&relation_name, CS_METADATA, COLLATE_NONE); INTL_ASSIGN_DSC(&relation_name, CS_METADATA, COLLATE_NONE);
relation_name.dsc_length = sizeof(X.RDB$RELATION_NAME); relation_name.dsc_length = sizeof(X.RDB$RELATION_NAME);
relation_name.dsc_address = (UCHAR *) X.RDB$RELATION_NAME; relation_name.dsc_address = (UCHAR *) X.RDB$RELATION_NAME;
SCL_check_relation(&relation_name, SCL_control); SCL_check_relation(tdbb, &relation_name, SCL_control);
dw = DFW_post_work(transaction, dfw_update_format, &relation_name, 0); dw = DFW_post_work(transaction, dfw_update_format, &relation_name, 0);
END_FOR; END_FOR;

56
src/jrd/scl.epp
View File

@ -113,7 +113,8 @@ static const P_NAMES p_names[] =
}; };
void SCL_check_access(const SecurityClass* s_class, void SCL_check_access(thread_db* tdbb,
const SecurityClass* s_class,
SLONG view_id, SLONG view_id,
const Firebird::MetaName& trg_name, const Firebird::MetaName& trg_name,
const Firebird::MetaName& prc_name, const Firebird::MetaName& prc_name,
@ -134,7 +135,7 @@ void SCL_check_access(const SecurityClass* s_class,
* object in question. * object in question.
* *
**************************************/ **************************************/
thread_db* tdbb = JRD_get_thread_data(); SET_TDBB(tdbb);
if (s_class && (s_class->scl_flags & SCL_corrupt)) if (s_class && (s_class->scl_flags & SCL_corrupt))
{ {
@ -263,9 +264,9 @@ void SCL_check_index(thread_db* tdbb, const Firebird::MetaName& index_name, UCHA
reln_name = REL.RDB$RELATION_NAME; reln_name = REL.RDB$RELATION_NAME;
if (!REL.RDB$SECURITY_CLASS.NULL) if (!REL.RDB$SECURITY_CLASS.NULL)
s_class = SCL_get_class(REL.RDB$SECURITY_CLASS); s_class = SCL_get_class(tdbb, REL.RDB$SECURITY_CLASS);
if (!REL.RDB$DEFAULT_CLASS.NULL) if (!REL.RDB$DEFAULT_CLASS.NULL)
default_s_class = SCL_get_class(REL.RDB$DEFAULT_CLASS); default_s_class = SCL_get_class(tdbb, REL.RDB$DEFAULT_CLASS);
END_FOR; END_FOR;
CMP_release(tdbb, request); CMP_release(tdbb, request);
@ -281,9 +282,9 @@ void SCL_check_index(thread_db* tdbb, const Firebird::MetaName& index_name, UCHA
reln_name = REL.RDB$RELATION_NAME; reln_name = REL.RDB$RELATION_NAME;
aux_idx_name = IND.RDB$INDEX_NAME; aux_idx_name = IND.RDB$INDEX_NAME;
if (!REL.RDB$SECURITY_CLASS.NULL) if (!REL.RDB$SECURITY_CLASS.NULL)
s_class = SCL_get_class(REL.RDB$SECURITY_CLASS); s_class = SCL_get_class(tdbb, REL.RDB$SECURITY_CLASS);
if (!REL.RDB$DEFAULT_CLASS.NULL) if (!REL.RDB$DEFAULT_CLASS.NULL)
default_s_class = SCL_get_class(REL.RDB$DEFAULT_CLASS); default_s_class = SCL_get_class(tdbb, REL.RDB$DEFAULT_CLASS);
END_FOR; END_FOR;
CMP_release (tdbb, request); CMP_release (tdbb, request);
@ -296,7 +297,7 @@ void SCL_check_index(thread_db* tdbb, const Firebird::MetaName& index_name, UCHA
return; return;
} }
SCL_check_access(s_class, 0, NULL, NULL, mask, object_table, reln_name); SCL_check_access(tdbb, s_class, 0, NULL, NULL, mask, object_table, reln_name);
request = NULL; request = NULL;
@ -320,8 +321,8 @@ void SCL_check_index(thread_db* tdbb, const Firebird::MetaName& index_name, UCHA
AND ISEG.RDB$INDEX_NAME EQ idx_name_ptr->c_str() AND ISEG.RDB$INDEX_NAME EQ idx_name_ptr->c_str()
s_class = (!RF.RDB$SECURITY_CLASS.NULL) ? s_class = (!RF.RDB$SECURITY_CLASS.NULL) ?
SCL_get_class(RF.RDB$SECURITY_CLASS) : default_s_class; SCL_get_class(tdbb, RF.RDB$SECURITY_CLASS) : default_s_class;
SCL_check_access(s_class, 0, NULL, NULL, mask, SCL_check_access(tdbb, s_class, 0, NULL, NULL, mask,
object_column, RF.RDB$FIELD_NAME, reln_name); object_column, RF.RDB$FIELD_NAME, reln_name);
END_FOR; END_FOR;
@ -337,7 +338,7 @@ void SCL_check_index(thread_db* tdbb, const Firebird::MetaName& index_name, UCHA
} }
void SCL_check_procedure(const dsc* dsc_name, SecurityClass::flags_t mask) void SCL_check_procedure(Jrd::thread_db* tdbb, const dsc* dsc_name, SecurityClass::flags_t mask)
{ {
/************************************** /**************************************
* *
@ -351,7 +352,7 @@ void SCL_check_procedure(const dsc* dsc_name, SecurityClass::flags_t mask)
* scanned. This is used exclusively for meta-data operations. * scanned. This is used exclusively for meta-data operations.
* *
**************************************/ **************************************/
thread_db* tdbb = JRD_get_thread_data(); SET_TDBB(tdbb);
// Get the name in CSTRING format, ending on NULL or SPACE // Get the name in CSTRING format, ending on NULL or SPACE
fb_assert(dsc_name->dsc_dtype == dtype_text); fb_assert(dsc_name->dsc_dtype == dtype_text);
@ -370,17 +371,17 @@ void SCL_check_procedure(const dsc* dsc_name, SecurityClass::flags_t mask)
REQUEST(irq_p_security) = request; REQUEST(irq_p_security) = request;
if (!SPROC.RDB$SECURITY_CLASS.NULL) if (!SPROC.RDB$SECURITY_CLASS.NULL)
s_class = SCL_get_class(SPROC.RDB$SECURITY_CLASS); s_class = SCL_get_class(tdbb, SPROC.RDB$SECURITY_CLASS);
END_FOR; END_FOR;
if (!REQUEST(irq_p_security)) if (!REQUEST(irq_p_security))
REQUEST(irq_p_security) = request; REQUEST(irq_p_security) = request;
SCL_check_access(s_class, 0, NULL, name, mask, object_procedure, name); SCL_check_access(tdbb, s_class, 0, NULL, name, mask, object_procedure, name);
} }
void SCL_check_relation(const dsc* dsc_name, SecurityClass::flags_t mask) void SCL_check_relation(Jrd::thread_db* tdbb, const dsc* dsc_name, SecurityClass::flags_t mask)
{ {
/************************************** /**************************************
* *
@ -394,7 +395,7 @@ void SCL_check_relation(const dsc* dsc_name, SecurityClass::flags_t mask)
* scanned. This is used exclusively for meta-data operations. * scanned. This is used exclusively for meta-data operations.
* *
**************************************/ **************************************/
thread_db* tdbb = JRD_get_thread_data(); SET_TDBB(tdbb);
// Get the name in CSTRING format, ending on NULL or SPACE // Get the name in CSTRING format, ending on NULL or SPACE
fb_assert(dsc_name->dsc_dtype == dtype_text); fb_assert(dsc_name->dsc_dtype == dtype_text);
@ -414,17 +415,17 @@ void SCL_check_relation(const dsc* dsc_name, SecurityClass::flags_t mask)
REQUEST(irq_v_security) = request; REQUEST(irq_v_security) = request;
if (!REL.RDB$SECURITY_CLASS.NULL) if (!REL.RDB$SECURITY_CLASS.NULL)
s_class = SCL_get_class(REL.RDB$SECURITY_CLASS); s_class = SCL_get_class(tdbb, REL.RDB$SECURITY_CLASS);
END_FOR; END_FOR;
if (!REQUEST(irq_v_security)) if (!REQUEST(irq_v_security))
REQUEST(irq_v_security) = request; REQUEST(irq_v_security) = request;
SCL_check_access(s_class, 0, NULL, NULL, mask, object_table, name); SCL_check_access(tdbb, s_class, 0, NULL, NULL, mask, object_table, name);
} }
SecurityClass* SCL_get_class(const TEXT* par_string) SecurityClass* SCL_get_class(Jrd::thread_db* tdbb, const TEXT* par_string)
{ {
/************************************** /**************************************
* *
@ -438,20 +439,21 @@ SecurityClass* SCL_get_class(const TEXT* par_string)
* class block. * class block.
* *
**************************************/ **************************************/
thread_db* tdbb = JRD_get_thread_data(); SET_TDBB(tdbb);
Database* dbb = tdbb->getDatabase(); Database* dbb = tdbb->getDatabase();
// Name may be absent or terminated with NULL or blank. Clean up name. // Name may be absent or terminated with NULL or blank. Clean up name.
if (!par_string) { if (!par_string)
{
return NULL; return NULL;
} }
Firebird::string string = par_string; const Firebird::MetaName string(par_string);
fb_utils::exact_name(string); //fb_utils::exact_name(string);
if (string.empty()) if (string.isEmpty())
{ {
return NULL; return NULL;
} }
@ -515,7 +517,7 @@ SecurityClass::flags_t SCL_get_mask(const TEXT* relation_name, const TEXT* field
(relation = MET_lookup_relation(tdbb, relation_name))) (relation = MET_lookup_relation(tdbb, relation_name)))
{ {
MET_scan_relation(tdbb, relation); MET_scan_relation(tdbb, relation);
if ( (s_class = SCL_get_class(relation->rel_security_name.c_str())) ) if ( (s_class = SCL_get_class(tdbb, relation->rel_security_name.c_str())) )
{ {
access &= s_class->scl_flags; access &= s_class->scl_flags;
} }
@ -525,7 +527,7 @@ SecurityClass::flags_t SCL_get_mask(const TEXT* relation_name, const TEXT* field
if (field_name && if (field_name &&
(id = MET_lookup_field(tdbb, relation, field_name)) >= 0 && (id = MET_lookup_field(tdbb, relation, field_name)) >= 0 &&
(field = MET_get_field(relation, id)) && (field = MET_get_field(relation, id)) &&
(s_class = SCL_get_class(field->fld_security_name.c_str()))) (s_class = SCL_get_class(tdbb, field->fld_security_name.c_str())))
{ {
access &= s_class->scl_flags; access &= s_class->scl_flags;
} }
@ -670,7 +672,7 @@ void SCL_init(bool create,
if (!X.RDB$SECURITY_CLASS.NULL) if (!X.RDB$SECURITY_CLASS.NULL)
tdbb->getAttachment()->att_security_class = tdbb->getAttachment()->att_security_class =
SCL_get_class(X.RDB$SECURITY_CLASS); SCL_get_class(tdbb, X.RDB$SECURITY_CLASS);
END_FOR; END_FOR;
CMP_release(tdbb, handle); CMP_release(tdbb, handle);
@ -744,7 +746,7 @@ SecurityClass* SCL_recompute_class(thread_db* tdbb, const TEXT* string)
**************************************/ **************************************/
SET_TDBB(tdbb); SET_TDBB(tdbb);
SecurityClass* s_class = SCL_get_class(string); SecurityClass* s_class = SCL_get_class(tdbb, string);
if (!s_class) { if (!s_class) {
return NULL; return NULL;
} }

8
src/jrd/scl_proto.h
View File

@ -33,13 +33,13 @@
struct dsc; struct dsc;
void SCL_check_access(const Jrd::SecurityClass*, SLONG, const Firebird::MetaName&, void SCL_check_access(Jrd::thread_db*, const Jrd::SecurityClass*, SLONG, const Firebird::MetaName&,
const Firebird::MetaName&, Jrd::SecurityClass::flags_t, const Firebird::MetaName&, Jrd::SecurityClass::flags_t,
const TEXT*, const Firebird::MetaName&, const Firebird::MetaName& = ""); const TEXT*, const Firebird::MetaName&, const Firebird::MetaName& = "");
void SCL_check_index(Jrd::thread_db*, const Firebird::MetaName&, UCHAR, Jrd::SecurityClass::flags_t); void SCL_check_index(Jrd::thread_db*, const Firebird::MetaName&, UCHAR, Jrd::SecurityClass::flags_t);
void SCL_check_procedure(const dsc*, Jrd::SecurityClass::flags_t); void SCL_check_procedure(Jrd::thread_db*, const dsc*, Jrd::SecurityClass::flags_t);
void SCL_check_relation(const dsc*, Jrd::SecurityClass::flags_t); void SCL_check_relation(Jrd::thread_db*, const dsc*, Jrd::SecurityClass::flags_t);
Jrd::SecurityClass* SCL_get_class(const TEXT*); Jrd::SecurityClass* SCL_get_class(Jrd::thread_db*, const TEXT*);
Jrd::SecurityClass::flags_t SCL_get_mask(const TEXT*, const TEXT*); Jrd::SecurityClass::flags_t SCL_get_mask(const TEXT*, const TEXT*);
void SCL_init(bool, const Jrd::UserId& tempId, Jrd::thread_db*); void SCL_init(bool, const Jrd::UserId& tempId, Jrd::thread_db*);
Jrd::SecurityClass* SCL_recompute_class(Jrd::thread_db*, const TEXT*); Jrd::SecurityClass* SCL_recompute_class(Jrd::thread_db*, const TEXT*);

36
src/jrd/vio.cpp
View File

@ -1208,7 +1208,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_relations: case rel_relations:
if (EVL_field(0, rpb->rpb_record, f_rel_name, &desc)) if (EVL_field(0, rpb->rpb_record, f_rel_name, &desc))
{ {
SCL_check_relation(&desc, SCL_delete); SCL_check_relation(tdbb, &desc, SCL_delete);
} }
if (EVL_field(0, rpb->rpb_record, f_rel_id, &desc2)) if (EVL_field(0, rpb->rpb_record, f_rel_id, &desc2))
{ {
@ -1225,7 +1225,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_procedures: case rel_procedures:
if (EVL_field(0, rpb->rpb_record, f_prc_name, &desc)) if (EVL_field(0, rpb->rpb_record, f_prc_name, &desc))
{ {
SCL_check_procedure(&desc, SCL_delete); SCL_check_procedure(tdbb, &desc, SCL_delete);
} }
EVL_field(0, rpb->rpb_record, f_prc_id, &desc2); EVL_field(0, rpb->rpb_record, f_prc_id, &desc2);
id = MOV_get_long(&desc2, 0); id = MOV_get_long(&desc2, 0);
@ -1261,7 +1261,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_indices: case rel_indices:
EVL_field(0, rpb->rpb_record, f_idx_relation, &desc); EVL_field(0, rpb->rpb_record, f_idx_relation, &desc);
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
EVL_field(0, rpb->rpb_record, f_idx_id, &desc2); EVL_field(0, rpb->rpb_record, f_idx_id, &desc2);
if ( (id = MOV_get_long(&desc2, 0)) ) if ( (id = MOV_get_long(&desc2, 0)) )
{ {
@ -1320,7 +1320,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_rfr: case rel_rfr:
EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc); EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc);
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
DFW_post_work(transaction, dfw_update_format, &desc, 0); DFW_post_work(transaction, dfw_update_format, &desc, 0);
EVL_field(0, rpb->rpb_record, f_rfr_fname, &desc2); EVL_field(0, rpb->rpb_record, f_rfr_fname, &desc2);
MOV_get_metadata_str(&desc, relation_name, sizeof(relation_name)); MOV_get_metadata_str(&desc, relation_name, sizeof(relation_name));
@ -1335,7 +1335,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_prc_prms: case rel_prc_prms:
EVL_field(0, rpb->rpb_record, f_prm_procedure, &desc); EVL_field(0, rpb->rpb_record, f_prm_procedure, &desc);
SCL_check_procedure(&desc, SCL_control); SCL_check_procedure(tdbb, &desc, SCL_control);
EVL_field(0, rpb->rpb_record, f_prm_name, &desc2); EVL_field(0, rpb->rpb_record, f_prm_name, &desc2);
MOV_get_metadata_str(&desc, procedure_name, sizeof(procedure_name)); MOV_get_metadata_str(&desc, procedure_name, sizeof(procedure_name));
if ( (procedure = MET_lookup_procedure(tdbb, procedure_name, true)) ) if ( (procedure = MET_lookup_procedure(tdbb, procedure_name, true)) )
@ -1391,7 +1391,7 @@ void VIO_erase(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
/* check if this request go through without checking permissions */ /* check if this request go through without checking permissions */
if (!(request->req_flags & req_ignore_perm)) { if (!(request->req_flags & req_ignore_perm)) {
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
} }
EVL_field(0, rpb->rpb_record, f_trg_rname, &desc2); EVL_field(0, rpb->rpb_record, f_trg_rname, &desc2);
@ -2233,14 +2233,14 @@ void VIO_modify(thread_db* tdbb, record_param* org_rpb, record_param* new_rpb,
case rel_relations: case rel_relations:
EVL_field(0, org_rpb->rpb_record, f_rel_name, &desc1); EVL_field(0, org_rpb->rpb_record, f_rel_name, &desc1);
SCL_check_relation(&desc1, SCL_protect); SCL_check_relation(tdbb, &desc1, SCL_protect);
check_class(tdbb, transaction, org_rpb, new_rpb, f_rel_class); check_class(tdbb, transaction, org_rpb, new_rpb, f_rel_class);
DFW_post_work(transaction, dfw_update_format, &desc1, 0); DFW_post_work(transaction, dfw_update_format, &desc1, 0);
break; break;
case rel_procedures: case rel_procedures:
EVL_field(0, org_rpb->rpb_record, f_prc_name, &desc1); EVL_field(0, org_rpb->rpb_record, f_prc_name, &desc1);
SCL_check_procedure(&desc1, SCL_protect); SCL_check_procedure(tdbb, &desc1, SCL_protect);
check_class(tdbb, transaction, org_rpb, new_rpb, f_prc_class); check_class(tdbb, transaction, org_rpb, new_rpb, f_prc_class);
EVL_field(0, org_rpb->rpb_record, f_prc_id, &desc2); EVL_field(0, org_rpb->rpb_record, f_prc_id, &desc2);
{ // scope { // scope
@ -2299,7 +2299,7 @@ void VIO_modify(thread_db* tdbb, record_param* org_rpb, record_param* new_rpb,
case rel_indices: case rel_indices:
EVL_field(0, new_rpb->rpb_record, f_idx_relation, &desc1); EVL_field(0, new_rpb->rpb_record, f_idx_relation, &desc1);
SCL_check_relation(&desc1, SCL_control); SCL_check_relation(tdbb, &desc1, SCL_control);
EVL_field(0, new_rpb->rpb_record, f_idx_name, &desc1); EVL_field(0, new_rpb->rpb_record, f_idx_name, &desc1);
if (dfw_should_know(org_rpb, new_rpb, f_idx_desc, true)) if (dfw_should_know(org_rpb, new_rpb, f_idx_desc, true))
{ {
@ -2317,7 +2317,7 @@ void VIO_modify(thread_db* tdbb, record_param* org_rpb, record_param* new_rpb,
case rel_triggers: case rel_triggers:
{ {
EVL_field(0, new_rpb->rpb_record, f_trg_rname, &desc1); EVL_field(0, new_rpb->rpb_record, f_trg_rname, &desc1);
SCL_check_relation(&desc1, SCL_control); SCL_check_relation(tdbb, &desc1, SCL_control);
EVL_field(0, new_rpb->rpb_record, f_trg_rname, &desc1); EVL_field(0, new_rpb->rpb_record, f_trg_rname, &desc1);
DFW_post_work(transaction, dfw_update_format, &desc1, 0); DFW_post_work(transaction, dfw_update_format, &desc1, 0);
EVL_field(0, org_rpb->rpb_record, f_trg_rname, &desc1); EVL_field(0, org_rpb->rpb_record, f_trg_rname, &desc1);
@ -2700,7 +2700,7 @@ void VIO_store(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_indices: case rel_indices:
EVL_field(0, rpb->rpb_record, f_idx_relation, &desc); EVL_field(0, rpb->rpb_record, f_idx_relation, &desc);
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
EVL_field(0, rpb->rpb_record, f_idx_name, &desc); EVL_field(0, rpb->rpb_record, f_idx_name, &desc);
if (EVL_field(0, rpb->rpb_record, f_idx_exp_blr, &desc2)) { if (EVL_field(0, rpb->rpb_record, f_idx_exp_blr, &desc2)) {
DFW_post_work(transaction, dfw_create_expression_index, &desc, DFW_post_work(transaction, dfw_create_expression_index, &desc,
@ -2714,7 +2714,7 @@ void VIO_store(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
case rel_rfr: case rel_rfr:
EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc); EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc);
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
DFW_post_work(transaction, dfw_update_format, &desc, 0); DFW_post_work(transaction, dfw_update_format, &desc, 0);
set_system_flag(tdbb, rpb, f_rfr_sys_flag, 0); set_system_flag(tdbb, rpb, f_rfr_sys_flag, 0);
break; break;
@ -2768,7 +2768,7 @@ void VIO_store(thread_db* tdbb, record_param* rpb, jrd_tra* transaction)
/* check if this request go through without checking permissions */ /* check if this request go through without checking permissions */
if (!(request->req_flags & req_ignore_perm)) { if (!(request->req_flags & req_ignore_perm)) {
SCL_check_relation(&desc, SCL_control); SCL_check_relation(tdbb, &desc, SCL_control);
} }
if (EVL_field(0, rpb->rpb_record, f_trg_rname, &desc2)) if (EVL_field(0, rpb->rpb_record, f_trg_rname, &desc2))
@ -3374,14 +3374,14 @@ static void check_rel_field_class(thread_db* tdbb,
{ {
const Firebird::MetaName class_name(reinterpret_cast<TEXT*>(desc.dsc_address), const Firebird::MetaName class_name(reinterpret_cast<TEXT*>(desc.dsc_address),
desc.dsc_length); desc.dsc_length);
const SecurityClass* s_class = SCL_get_class(class_name.c_str()); const SecurityClass* s_class = SCL_get_class(tdbb, class_name.c_str());
if (s_class) if (s_class)
{ {
// In case when user has no access to the field, // In case when user has no access to the field,
// he may have access to relation as whole. // he may have access to relation as whole.
try try
{ {
SCL_check_access(s_class, 0, NULL, NULL, flags, object_column, ""); SCL_check_access(tdbb, s_class, 0, NULL, NULL, flags, object_column, "");
} }
catch (const Firebird::Exception&) catch (const Firebird::Exception&)
{ {
@ -3394,7 +3394,7 @@ static void check_rel_field_class(thread_db* tdbb,
EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc); EVL_field(0, rpb->rpb_record, f_rfr_rname, &desc);
if (! okField) if (! okField)
{ {
SCL_check_relation(&desc, flags); SCL_check_relation(tdbb, &desc, flags);
} }
DFW_post_work(transaction, dfw_update_format, &desc, 0); DFW_post_work(transaction, dfw_update_format, &desc, 0);
} }
@ -3425,7 +3425,7 @@ static void check_class(thread_db* tdbb,
Attachment* attachment = tdbb->getAttachment(); Attachment* attachment = tdbb->getAttachment();
SCL_check_access(attachment->att_security_class, SCL_check_access(tdbb, attachment->att_security_class,
0, NULL, NULL, SCL_protect, object_database, ""); 0, NULL, NULL, SCL_protect, object_database, "");
DFW_post_work(transaction, dfw_compute_security, &desc2, 0); DFW_post_work(transaction, dfw_compute_security, &desc2, 0);
} }
@ -3448,7 +3448,7 @@ static void check_control(thread_db* tdbb)
Attachment* attachment = tdbb->getAttachment(); Attachment* attachment = tdbb->getAttachment();
SCL_check_access(attachment->att_security_class, SCL_check_access(tdbb, attachment->att_security_class,
0, NULL, NULL, SCL_control, object_database, ""); 0, NULL, NULL, SCL_control, object_database, "");
} }