firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-22 17:23:03 +01:00
Code Issues

Add ability to change sql security option in alter function

Browse Source
This commit is contained in:
Alexander Zhdanov 2023-10-16 14:59:31 +03:00
parent 3b5e64db97
commit 9b823e6996
4 changed files with 79 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
doc/sql.extensions/README.ddl.txt
View File

@ -604,7 +604,7 @@ ALTER TABLE <name> ... [ {ENABLE | DISABLE} PUBLICATION ]
Defines whether replication is enabled for the specified table. Defines whether replication is enabled for the specified table.
If not specified in the CREATE TABLE statement, the database-level default behaviour is applied. If not specified in the CREATE TABLE statement, the database-level default behaviour is applied.
24) Added the ability to change deterministic option without specifying the entire body of the function. 24) Added the ability to change deterministic and sql security option without specifying the entire body of the function.
(Alexander Zhdanov) (Alexander Zhdanov)
ALTER FUNCTION <name> {DETERMINISTIC | NOT DETERMINISTIC} ALTER FUNCTION <name> [ {DETERMINISTIC | NOT DETERMINISTIC} ] [ SQL SECURITY {DEFINER | INVOKER} | DROP SQL SECURITY ]

31
src/dsql/DdlNodes.epp
View File

@ -1695,7 +1695,7 @@ DdlNode* CreateAlterFunctionNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
returnType->type->resolve(dsqlScratch); returnType->type->resolve(dsqlScratch);
// check SQL SECURITY is not set if function declared in package // check SQL SECURITY is not set if function declared in package
if (package.hasData() && ssDefiner.isAssigned()) if (package.hasData() && ssDefiner.has_value())
{ {
ERRD_post(Arg::Gds(isc_sqlerr) << Arg::Num(-204) << ERRD_post(Arg::Gds(isc_sqlerr) << Arg::Num(-204) <<
Arg::Gds(isc_invalid_clause) << Arg::Str("SQL SECURITY for functions is prohibit in packages")); Arg::Gds(isc_invalid_clause) << Arg::Str("SQL SECURITY for functions is prohibit in packages"));
@ -1905,13 +1905,13 @@ bool CreateAlterFunctionNode::executeAlter(thread_db* tdbb, DsqlCompilerScratch*
attachment->storeMetaDataBlob(tdbb, transaction, &FUN.RDB$FUNCTION_SOURCE, source); attachment->storeMetaDataBlob(tdbb, transaction, &FUN.RDB$FUNCTION_SOURCE, source);
FUN.RDB$DETERMINISTIC_FLAG.NULL = FALSE; FUN.RDB$DETERMINISTIC_FLAG.NULL = FALSE;
FUN.RDB$DETERMINISTIC_FLAG = deterministic ? TRUE : FALSE; FUN.RDB$DETERMINISTIC_FLAG = deterministic.asBool() ? TRUE : FALSE;
FUN.RDB$RETURN_ARGUMENT = 0; FUN.RDB$RETURN_ARGUMENT = 0;
if (ssDefiner.isAssigned()) if (ssDefiner.has_value())
{ {
FUN.RDB$SQL_SECURITY.NULL = FALSE; FUN.RDB$SQL_SECURITY.NULL = FALSE;
FUN.RDB$SQL_SECURITY = ssDefiner.asBool() ? FB_TRUE : FB_FALSE; FUN.RDB$SQL_SECURITY = ssDefiner.value() == SqlSecurity::SS_DEFINER ? FB_TRUE : FB_FALSE;
} }
else else
FUN.RDB$SQL_SECURITY.NULL = TRUE; FUN.RDB$SQL_SECURITY.NULL = TRUE;
@ -2101,8 +2101,21 @@ bool CreateAlterFunctionNode::executeAlterIndividualParameters(thread_db* tdbb,
} }
MODIFY FUN MODIFY FUN
FUN.RDB$DETERMINISTIC_FLAG.NULL = FALSE; if(deterministic.isAssigned())
FUN.RDB$DETERMINISTIC_FLAG = deterministic ? TRUE : FALSE; {
FUN.RDB$DETERMINISTIC_FLAG.NULL = FALSE;
FUN.RDB$DETERMINISTIC_FLAG = deterministic.asBool() ? TRUE : FALSE;
}
if (ssDefiner.has_value())
{
if(ssDefiner.value() != SqlSecurity::SS_DROP)
{
FUN.RDB$SQL_SECURITY.NULL = FALSE;
FUN.RDB$SQL_SECURITY = ssDefiner.value() == SqlSecurity::SS_DEFINER ? FB_TRUE : FB_FALSE;
}
else
FUN.RDB$SQL_SECURITY.NULL = TRUE;
}
modifed = true; modifed = true;
END_MODIFY END_MODIFY
@ -3516,10 +3529,10 @@ bool TriggerDefinition::modify(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch
if (ssDefiner.has_value()) if (ssDefiner.has_value())
{ {
if (ssDefiner.value() != SS_DROP) if (ssDefiner.value() != SqlSecurity::SS_DROP)
{ {
TRG.RDB$SQL_SECURITY.NULL = FALSE; TRG.RDB$SQL_SECURITY.NULL = FALSE;
TRG.RDB$SQL_SECURITY = ssDefiner.value() == SS_DEFINER ? FB_TRUE : FB_FALSE; TRG.RDB$SQL_SECURITY = ssDefiner.value() == SqlSecurity::SS_DEFINER ? FB_TRUE : FB_FALSE;
} }
else else
TRG.RDB$SQL_SECURITY.NULL = TRUE; TRG.RDB$SQL_SECURITY.NULL = TRUE;
@ -3573,7 +3586,7 @@ DdlNode* CreateAlterTriggerNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
} }
} }
if (create && ssDefiner.has_value() && ssDefiner.value() == TriggerDefinition::SS_DROP) if (create && ssDefiner.has_value() && ssDefiner.value() == SqlSecurity::SS_DROP)
status_exception::raise(Arg::Gds(isc_dsql_command_err) << Arg::Gds(isc_dsql_invalid_drop_ss_clause)); status_exception::raise(Arg::Gds(isc_dsql_command_err) << Arg::Gds(isc_dsql_invalid_drop_ss_clause));
return DdlNode::dsqlPass(dsqlScratch); return DdlNode::dsqlPass(dsqlScratch);

18
src/dsql/DdlNodes.h
View File

@ -40,6 +40,13 @@
namespace Jrd { namespace Jrd {
enum SqlSecurity
{
SS_INVOKER,
SS_DEFINER,
SS_DROP
};
class LocalDeclarationsNode; class LocalDeclarationsNode;
class RelationSourceNode; class RelationSourceNode;
class ValueListNode; class ValueListNode;
@ -414,7 +421,6 @@ public:
create(true), create(true),
alter(false), alter(false),
external(NULL), external(NULL),
deterministic(false),
parameters(pool), parameters(pool),
returnType(NULL), returnType(NULL),
localDeclList(NULL), localDeclList(NULL),
@ -469,7 +475,7 @@ public:
bool create; bool create;
bool alter; bool alter;
NestConst<ExternalClause> external; NestConst<ExternalClause> external;
bool deterministic; TriState deterministic;
Firebird::Array<NestConst<ParameterClause> > parameters; Firebird::Array<NestConst<ParameterClause> > parameters;
NestConst<ParameterClause> returnType; NestConst<ParameterClause> returnType;
NestConst<LocalDeclarationsNode> localDeclList; NestConst<LocalDeclarationsNode> localDeclList;
@ -482,7 +488,7 @@ public:
bool privateScope; bool privateScope;
bool preserveDefaults; bool preserveDefaults;
SLONG udfReturnPos; SLONG udfReturnPos;
TriState ssDefiner; std::optional<SqlSecurity> ssDefiner;
}; };
@ -661,12 +667,6 @@ typedef RecreateNode<CreateAlterProcedureNode, DropProcedureNode, isc_dsql_recre
class TriggerDefinition class TriggerDefinition
{ {
public: public:
enum SqlSecurity
{
SS_INVOKER,
SS_DEFINER,
SS_DROP
};
explicit TriggerDefinition(MemoryPool& p) explicit TriggerDefinition(MemoryPool& p)
: name(p), : name(p),

61
src/dsql/parse.y
View File

@ -736,7 +736,7 @@ using namespace Firebird;
std::optional<int> nullableIntVal; std::optional<int> nullableIntVal;
TriState triState; TriState triState;
std::optional<Jrd::TriggerDefinition::SqlSecurity> nullableSqlSecurityVal; std::optional<Jrd::SqlSecurity> nullableSqlSecurityVal;
std::optional<Jrd::OverrideClause> nullableOverrideClause; std::optional<Jrd::OverrideClause> nullableOverrideClause;
struct { bool first; bool second; } boolPair; struct { bool first; bool second; } boolPair;
bool boolVal; bool boolVal;
@ -2833,12 +2833,11 @@ function_clause
%type <createAlterFunctionNode> change_opt_function_clause %type <createAlterFunctionNode> change_opt_function_clause
change_opt_function_clause change_opt_function_clause
: change_deterministic_opt_function_clause
; ;
%type <createAlterFunctionNode> psql_function_clause %type <createAlterFunctionNode> psql_function_clause
psql_function_clause psql_function_clause
: function_clause_start sql_security_clause_opt AS local_declarations_opt full_proc_block : function_clause_start optional_sql_security_full_alter_clause AS local_declarations_opt full_proc_block
{ {
$$ = $1; $$ = $1;
$$->ssDefiner = $2; $$->ssDefiner = $2;
@ -2872,17 +2871,27 @@ function_clause_start
} }
; ;
%type <createAlterFunctionNode> change_deterministic_opt_function_clause %type <createAlterFunctionNode> change_opt_function_clause
change_deterministic_opt_function_clause change_opt_function_clause
: symbol_UDF_name : symbol_UDF_name
{ $$ = newNode<CreateAlterFunctionNode>(*$1); } { $$ = newNode<CreateAlterFunctionNode>(*$1); }
deterministic_clause alter_individual_ops($2)
{ { $$ = $2; }
$$ = $2;
$$->deterministic = $3;
}
; ;
%type alter_individual_ops(<createAlterFunctionNode>)
alter_individual_ops($createAlterFunctionNode)
: alter_individual_op($createAlterFunctionNode)
| alter_individual_ops alter_individual_op($createAlterFunctionNode)
;
%type alter_individual_op(<createAlterFunctionNode>)
alter_individual_op($createAlterFunctionNode)
: deterministic_clause
{ setClause($createAlterFunctionNode->deterministic, "DETERMINISTIC", $1); }
| optional_sql_security_partial_alter_clause
{ setClause($createAlterFunctionNode->ssDefiner, "SQL SECURITY", $1); }
;
%type <boolVal> deterministic_clause %type <boolVal> deterministic_clause
deterministic_clause deterministic_clause
@ -4672,16 +4681,38 @@ trigger_type_opt // we do not allow alter database triggers, hence we do not use
{ $$ = std::nullopt; } { $$ = std::nullopt; }
; ;
%type <nullableSqlSecurityVal> optional_sql_security_clause
optional_sql_security_clause
: SQL SECURITY DEFINER
{ $$ = SS_DEFINER; }
| SQL SECURITY INVOKER
{ $$ = SS_INVOKER; }
;
%type <nullableSqlSecurityVal> optional_sql_security_full_alter_clause
optional_sql_security_full_alter_clause
: optional_sql_security_clause
{ $$ = $1; }
| // nothing
{ $$ = std::nullopt; }
;
%type <nullableSqlSecurityVal> optional_sql_security_partial_alter_clause
optional_sql_security_partial_alter_clause
: optional_sql_security_clause
{ $$ = $1; }
| DROP SQL SECURITY
{ $$ = SS_DROP; }
;
%type <nullableSqlSecurityVal> trg_sql_security_clause %type <nullableSqlSecurityVal> trg_sql_security_clause
trg_sql_security_clause trg_sql_security_clause
: // nothing : // nothing
{ $$ = std::nullopt; } { $$ = std::nullopt; }
| SQL SECURITY DEFINER | optional_sql_security_clause
{ $$ = TriggerDefinition::SS_DEFINER; } { $$ = $1; }
| SQL SECURITY INVOKER
{ $$ = TriggerDefinition::SS_INVOKER; }
| DROP SQL SECURITY | DROP SQL SECURITY
{ $$ = TriggerDefinition::SS_DROP; } { $$ = SS_DROP; }
; ;
// DROP metadata operations // DROP metadata operations