diff --git a/doc/sql.extensions/README.user_management b/doc/sql.extensions/README.user_management index de830fb46d..8cc2047770 100644 --- a/doc/sql.extensions/README.user_management +++ b/doc/sql.extensions/README.user_management @@ -11,6 +11,7 @@ Syntax is: CREATE USER name {PASSWORD 'password'} [ options ] [ TAGS ( tag [, tag [, tag ...]] ) ] ALTER USER name SET [PASSWORD 'password'] [ options ] [ TAGS ( tag [, tag [, tag ...]] ) ] + ALTER CURRENT USER SET [PASSWORD 'password'] [ options ] [ TAGS ( tag [, tag [, tag ...]] ) ] CREATE OR ALTER USER name SET [PASSWORD 'password'] [ options ] [ TAGS ( tag [, tag [, tag ...]] ) ] DROP USER name; @@ -22,10 +23,10 @@ where OPTIONS is a (probably empty) list of following options: - INACTIVE and each TAG may have one of two forms: -NAME = 'VALUE' + name = 'string value' or: -DROP NAME - where NAME is any valid SQL identifier. + DROP name +where NAME is any valid SQL identifier. Description: @@ -37,7 +38,8 @@ do not support it and use of them to manage users is deprecated. CREATE and DROP clauses are available only for SYSDBA (or other user, granted RDB$ADMIN role in security database). Ordinary user can ALTER his own password, wide names and tags. Attempt to modify -another user will fail. +another user will fail. Also will fail an attempt to make yourself inactive or active. In order to +avoid typing your name each time simplified form ALTER CURRENT USER is present. At least one of PASSWORD, FIRSTNAME, MIDDLENAME, LASTNAME, ACTIVE, INACTIVE or TAGS must be present in ALTER USER statement. Also notice that PASSWORD clause is required when creating new user. @@ -62,6 +64,7 @@ Samples: ALTER USER alex SET FIRSTNAME 'Alex' LASTNAME 'Peshkoff'; CREATE OR ALTER USER alex SET PASSWORD 'IdQfA'; DROP USER alex; + ALTER CURRENT USER SET PASSWORD 'SomethingLongEnough'; Working with tags: ALTER USER alex SET TAGS (a='a', b='b'); diff --git a/src/dsql/DdlNodes.epp b/src/dsql/DdlNodes.epp index 172c687fd5..8628a2f684 100644 --- a/src/dsql/DdlNodes.epp +++ b/src/dsql/DdlNodes.epp @@ -9186,6 +9186,17 @@ void CreateAlterUserNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScra Auth::DynamicUserData* userData = FB_NEW(*transaction->tra_pool) Auth::DynamicUserData; string text = name.c_str(); + if (text.isEmpty() && mode == USER_MOD) + { + // alter current user + UserId* usr = tdbb->getAttachment()->att_user; + fb_assert(usr); + if (!usr) + { + (Arg::Gds(isc_random) << "Missing user name for ALTER CURRENT USER").raise(); + } + text = usr->usr_user_name; + } text.upper(); userData->op = mode == USER_ADD ? Auth::ADD_OPER : mode == USER_MOD ? diff --git a/src/dsql/parse.y b/src/dsql/parse.y index a0b591742c..1c7caf3fd8 100644 --- a/src/dsql/parse.y +++ b/src/dsql/parse.y @@ -3394,6 +3394,7 @@ alter_clause | FUNCTION alter_function_clause { $$ = $2; } | ROLE alter_role_clause { $$ = $2; } | USER alter_user_clause { $$ = $2; } + | CURRENT USER alter_cur_user_clause { $$ = $3; } | CHARACTER SET alter_charset_clause { $$ = $3; } | GENERATOR alter_sequence_clause { $$ = $2; } | SEQUENCE alter_sequence_clause { $$ = $2; } @@ -5832,6 +5833,20 @@ alter_user_clause } ; +%type alter_cur_user_clause +alter_cur_user_clause + : SET passwd_opt + { + $$ = newNode(CreateAlterUserNode::USER_MOD, ""); + $$->password = $2; + } + user_fixed_opts(NOTRIAL($3)) + user_var_opts(NOTRIAL($3)) + { + $$ = $3; + } + ; + %type replace_user_clause replace_user_clause : symbol_user_name SET passwd_opt