firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-01-23 22:03:03 +01:00
Code Issues

Backport of pull request #163 from FirebirdSQL/trigger1_refac

Browse Source 
Fixed CORE-5852: There is no check of existance generator and exception when privileges are granted
Moved check of the object existance from trigger1 to grantRevoke method.
This commit is contained in:
Roman Simakov 2018-06-22 13:14:47 +03:00
parent 1a29188566
commit a01d81d1ed
5 changed files with 768 additions and 931 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
src/dsql/DdlNodes.epp
View File

@ -11026,11 +11026,51 @@ static bool checkObjectExist(thread_db* tdbb, jrd_tra* transaction, const MetaNa
END_FOR
break;
}
case obj_exception:
{
AutoCacheRequest request(tdbb, drq_exception_exist, DYN_REQUESTS);
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
X IN RDB$EXCEPTIONS
WITH X.RDB$EXCEPTION_NAME EQ name.c_str()
{
rc = true;
}
END_FOR
break;
}
case obj_generator:
{
AutoCacheRequest request(tdbb, drq_generator_exist, DYN_REQUESTS);
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
X IN RDB$GENERATORS
WITH X.RDB$GENERATOR_NAME EQ name.c_str()
{
rc = true;
}
END_FOR
break;
}
}
return rc;
}
static bool checkFieldExist(thread_db* tdbb, jrd_tra* transaction, const MetaName& relation, const MetaName& field)
{
bool rc = false;
AutoCacheRequest request(tdbb, drq_rel_field_exist, DYN_REQUESTS);
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
X IN RDB$RELATION_FIELDS
WITH X.RDB$RELATION_NAME EQ relation.c_str() AND
X.RDB$FIELD_NAME EQ field.c_str()
{
rc = true;
}
END_FOR
return rc;
}
// Execute SQL grant/revoke operation.
void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const GranteeClause* object,
@ -11039,9 +11079,10 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
{
SSHORT userType = userNod->first;
MetaName user(userNod->second);
MetaName dummyName;
MetaName dummyName;
const SSHORT objType = object ? object->first : obj_type_MAX;
bool crdb = false;
const MetaName objName(object->second);
bool crdb = false;
char privileges[16];
strcpy(privileges, privs ? privs : "");
@ -11069,6 +11110,7 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
memmove(cPtr, cPtr + 1, len);
}
// Check if grant object exists
switch (userType)
{
case obj_user_or_role:
@ -11092,27 +11134,27 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
case obj_udf:
if (!checkObjectExist(tdbb, transaction, user, userType))
status_exception::raise(Arg::PrivateDyn(301) << user.c_str());
status_exception::raise(Arg::PrivateDyn(301) << user.c_str()); // Function @1 does not exist
break;
case obj_procedure:
if (!checkObjectExist(tdbb, transaction, user, userType))
status_exception::raise(Arg::PrivateDyn(302) << user.c_str());
status_exception::raise(Arg::PrivateDyn(302) << user.c_str()); // Procedure @1 does not exist
break;
case obj_package_header:
if (!checkObjectExist(tdbb, transaction, user, userType))
status_exception::raise(Arg::PrivateDyn(303) << user.c_str());
status_exception::raise(Arg::PrivateDyn(303) << user.c_str()); // Package @1 does not exist
break;
case obj_trigger:
if (!checkObjectExist(tdbb, transaction, user, userType))
status_exception::raise(Arg::PrivateDyn(304) << user.c_str());
status_exception::raise(Arg::PrivateDyn(304) << user.c_str()); // Trigger @1 does not exist
break;
case obj_view:
if (!checkObjectExist(tdbb, transaction, user, userType))
status_exception::raise(Arg::PrivateDyn(305) << user.c_str());
status_exception::raise(Arg::PrivateDyn(305) << user.c_str()); // View @1 does not exist
break;
case obj_sql_role:
@ -11129,6 +11171,56 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
break;
}
// Check if grant subject exists
switch (objType)
{
case obj_view:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(305) << objName.c_str()); // View @1 does not exist
break;
case obj_relation:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(306) << objName.c_str()); // Table @1 does not exist
if (field.hasData() && !checkFieldExist(tdbb, transaction, objName, field))
status_exception::raise(Arg::PrivateDyn(309) << field.c_str() << objName.c_str()); // Field @1 of table @2 does not exist
break;
case obj_trigger:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(304) << objName.c_str()); // Trigger @1 does not exist
break;
case obj_procedure:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(302) << objName.c_str()); // Procedure @1 does not exist
break;
case obj_exception:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(307) << objName.c_str()); // Exception @1 does not exist
break;
case obj_generator:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(308) << objName.c_str()); // Generator/Sequence @1 does not exist
break;
case obj_udf:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(301) << objName.c_str()); // Function @1 does not exist
break;
case obj_package_header:
if (!checkObjectExist(tdbb, transaction, objName, objType))
status_exception::raise(Arg::PrivateDyn(303) << objName.c_str()); // Package @1 does not exist
break;
default:
fb_assert(false);
}
if (options == 1) // with grant option
{
switch (userType)
@ -11192,8 +11284,6 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
return;
}
const MetaName objName(object->second);
if (objType == obj_sql_role && objName == NULL_ROLE)
{
if (isGrant)

3
src/jrd/drq.h
View File

@ -240,6 +240,9 @@ enum drq_type_t
drq_package_exist, // check if package exists
drq_trigger_exist, // check if trigger exists
drq_rel_exist, // check if relation or view exists
drq_exception_exist, // check if exception exists
drq_generator_exist, // check if generator exists
drq_rel_field_exist, // check if a field of relation or view exists
drq_MAX
};

1580
src/jrd/trig.h
View File

File diff suppressed because it is too large Load Diff

4
src/msgs/facilities2.sql
View File

@ -5,8 +5,8 @@ set bulk_insert INSERT INTO FACILITIES (LAST_CHANGE, FACILITY, FAC_CODE, MAX_NUM
('2015-03-17 18:33:00', 'QLI', 1, 533)
('2015-01-07 18:01:51', 'GFIX', 3, 134)
('1996-11-07 13:39:40', 'GPRE', 4, 1)
('2016-02-23 00:00:00', 'DSQL', 7, 40)
('2018-01-15 00:15:00', 'DYN', 8, 299)
('2017-02-05 20:37:00', 'DSQL', 7, 40)
('2018-01-15 00:15:00', 'DYN', 8, 309)
('1996-11-07 13:39:40', 'INSTALL', 10, 1)
('1996-11-07 13:38:41', 'TEST', 11, 4)
('2015-07-23 14:20:00', 'GBAK', 12, 370)

4
src/msgs/messages2.sql
View File

@ -1979,6 +1979,10 @@ COMMIT WORK;
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 303, NULL, 'Package @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 304, NULL, 'Trigger @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 305, NULL, 'View @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 306, NULL, 'Table @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 307, NULL, 'Exception @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 308, NULL, 'Generator/Sequence @1 does not exist', NULL, NULL);
(NULL, 'GrantRevokeNode::grantRevoke', 'DdlNodes.epp', NULL, 8, 309, NULL, 'Field @1 of table @2 does not exist', NULL, NULL);
COMMIT WORK;
-- TEST
(NULL, 'main', 'test.c', NULL, 11, 0, NULL, 'This is a modified text message', NULL, NULL);