firebird/firebird-mirror
firebird/firebird-mirror
8
0
Fork 1
mirror of https://github.com/FirebirdSQL/firebird.git synced 2025-02-02 09:20:39 +01:00
Code Issues

Misc.

Browse Source
This commit is contained in:
asfernandes 2014-07-10 02:21:18 +00:00
parent 5f86a8f1f8
commit fa0c3dd11c
17 changed files with 207 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/dbcrypt/CryptKeyHolder.cpp
View File

@ -267,7 +267,7 @@ public:
p->addRef();
return p;
}
catch(const Exception& ex)
catch (const Exception& ex)
{
ex.stuffException(status);
}

2
examples/dbcrypt/DbCrypt.cpp
View File

@ -255,7 +255,7 @@ public:
p->addRef();
return p;
}
catch(const Exception& ex)
catch (const Exception& ex)
{
ex.stuffException(status);
}

241
src/auth/SecurityDatabase/LegacyManagement.epp
View File

@ -560,74 +560,74 @@ int FB_CARG SecurityDatabaseManagement::execute(Firebird::IStatus* st, IUser* us
Firebird::LocalStatus s2;
Firebird::IStatus* s = st;
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS
try
{
try
{
Firebird::string attr, a1, a2, a3;
{
Firebird::string attr, a1, a2, a3;
if (!U.PLG$UID.NULL)
a1.printf("Uid=%d\n", U.PLG$UID);
if (!U.PLG$UID.NULL)
a1.printf("Uid=%d\n", U.PLG$UID);
if (!U.PLG$GID.NULL)
a2.printf("Gid=%d\n", U.PLG$GID);
if (!U.PLG$GID.NULL)
a2.printf("Gid=%d\n", U.PLG$GID);
if (!U.PLG$GROUP_NAME.NULL)
a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME);
if (!U.PLG$GROUP_NAME.NULL)
a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME);
attr = a1 + a2 + a3;
user->attributes()->set(s, attr.c_str());
attr = a1 + a2 + a3;
user->attributes()->set(s, attr.c_str());
check(s);
user->attributes()->setEntered(s, attr.hasData() ? 1 : 0);
check(s);
}
user->userName()->set(s, U.PLG$USER_NAME);
check(s);
user->attributes()->setEntered(s, attr.hasData() ? 1 : 0);
user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1);
check(s);
user->password()->set(s, "");
check(s);
user->password()->setEntered(s, 0);
check(s);
user->firstName()->set(s, U.PLG$FIRST_NAME);
check(s);
user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1);
check(s);
user->middleName()->set(s, U.PLG$MIDDLE_NAME);
check(s);
user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1);
check(s);
user->lastName()->set(s, U.PLG$LAST_NAME);
check(s);
user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1);
check(s);
user->admin()->set(s, 0);
check(s);
user->admin()->setEntered(s, 1);
check(s);
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2)
P IN RDB$USER_PRIVILEGES
WITH P.RDB$USER EQ U.PLG$USER_NAME AND
P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND
P.RDB$PRIVILEGE EQ 'M'
{
user->admin()->set(s, 1);
}
END_FOR
check(s);
callback->list(s, user);
check(s);
found = true;
}
user->userName()->set(s, U.PLG$USER_NAME);
check(s);
user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1);
check(s);
user->password()->set(s, "");
check(s);
user->password()->setEntered(s, 0);
check(s);
user->firstName()->set(s, U.PLG$FIRST_NAME);
check(s);
user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1);
check(s);
user->middleName()->set(s, U.PLG$MIDDLE_NAME);
check(s);
user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1);
check(s);
user->lastName()->set(s, U.PLG$LAST_NAME);
check(s);
user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1);
check(s);
user->admin()->set(s, 0);
check(s);
user->admin()->setEntered(s, 1);
check(s);
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2)
P IN RDB$USER_PRIVILEGES
WITH P.RDB$USER EQ U.PLG$USER_NAME AND
P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND
P.RDB$PRIVILEGE EQ 'M'
catch(const Firebird::Exception& ex)
{
user->admin()->set(s, 1);
ex.stuffException(s);
s = &s2;
}
END_FOR
check(s);
callback->list(s, user);
check(s);
found = true;
}
catch(const Firebird::Exception& ex)
{
ex.stuffException(s);
s = &s2;
}
END_FOR
ON_ERROR
ret = GsecMsg28; // gsec - find/display record error
@ -644,71 +644,70 @@ int FB_CARG SecurityDatabaseManagement::execute(Firebird::IStatus* st, IUser* us
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request) U IN PLG$VIEW_USERS
WITH U.PLG$USER_NAME EQ user->userName()->get()
try
{
if (!U.PLG$UID.NULL)
a1.printf("Uid=%d\n", U.PLG$UID);
if (!U.PLG$GID.NULL)
a2.printf("Gid=%d\n", U.PLG$GID);
if (!U.PLG$GROUP_NAME.NULL)
a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME);
attr = a1 + a2 + a3;
user->attributes()->set(s, attr.c_str());
check(s);
user->attributes()->setEntered(s, attr.hasData() ? 1 : 0);
check(s);
user->userName()->set(s, U.PLG$USER_NAME);
check(s);
user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1);
check(s);
user->password()->set(s, "");
check(s);
user->password()->setEntered(s, 0);
check(s);
user->firstName()->set(s, U.PLG$FIRST_NAME);
check(s);
user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1);
check(s);
user->middleName()->set(s, U.PLG$MIDDLE_NAME);
check(s);
user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1);
check(s);
user->lastName()->set(s, U.PLG$LAST_NAME);
check(s);
user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1);
check(s);
user->admin()->set(s, 0);
check(s);
user->admin()->setEntered(s, 1);
check(s);
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2)
P IN RDB$USER_PRIVILEGES
WITH P.RDB$USER EQ U.PLG$USER_NAME AND
P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND
P.RDB$PRIVILEGE EQ 'M'
try
{
user->admin()->set(s, 1);
if (!U.PLG$UID.NULL)
a1.printf("Uid=%d\n", U.PLG$UID);
if (!U.PLG$GID.NULL)
a2.printf("Gid=%d\n", U.PLG$GID);
if (!U.PLG$GROUP_NAME.NULL)
a3.printf("GroupName=%s\n", U.PLG$GROUP_NAME);
attr = a1 + a2 + a3;
user->attributes()->set(s, attr.c_str());
check(s);
user->attributes()->setEntered(s, attr.hasData() ? 1 : 0);
check(s);
user->userName()->set(s, U.PLG$USER_NAME);
check(s);
user->userName()->setEntered(s, U.PLG$USER_NAME.NULL ? 0 : 1);
check(s);
user->password()->set(s, "");
check(s);
user->password()->setEntered(s, 0);
check(s);
user->firstName()->set(s, U.PLG$FIRST_NAME);
check(s);
user->firstName()->setEntered(s, U.PLG$FIRST_NAME.NULL ? 0 : 1);
check(s);
user->middleName()->set(s, U.PLG$MIDDLE_NAME);
check(s);
user->middleName()->setEntered(s, U.PLG$MIDDLE_NAME.NULL ? 0 : 1);
check(s);
user->lastName()->set(s, U.PLG$LAST_NAME);
check(s);
user->lastName()->setEntered(s, U.PLG$LAST_NAME.NULL ? 0 : 1);
check(s);
user->admin()->set(s, 0);
check(s);
user->admin()->setEntered(s, 1);
check(s);
FOR (TRANSACTION_HANDLE transaction REQUEST_HANDLE request2)
P IN RDB$USER_PRIVILEGES
WITH P.RDB$USER EQ U.PLG$USER_NAME AND
P.RDB$RELATION_NAME EQ 'RDB$ADMIN' AND
P.RDB$PRIVILEGE EQ 'M'
{
user->admin()->set(s, 1);
}
END_FOR
check(s);
callback->list(s, user);
check(s);
found = true;
}
catch(const Firebird::Exception& ex)
{
ex.stuffException(s);
s = &s2;
}
END_FOR
check(s);
callback->list(s, user);
check(s);
found = true;
}
catch(const Firebird::Exception& ex)
{
ex.stuffException(s);
s = &s2;
}
END_FOR
ON_ERROR
ret = GsecMsg28; // gsec - find/display record error

4
src/auth/SecurityDatabase/LegacyServer.cpp
View File

@ -511,8 +511,10 @@ int SecurityDatabaseServer::authenticate(Firebird::IStatus* status, IServerBlock
LocalStatus s;
TimerInterfacePtr()->start(&s, instance, 10 * 1000 * 1000);
if (!s.isSuccess())
#endif
instance->handler();
#else
instance->handler();
#endif
return rc;
}
catch (const Firebird::Exception& ex)

6
src/common/Auth.cpp
View File

@ -75,7 +75,7 @@ void WriterImplementation::add(Firebird::IStatus* st, const char* name)
}
type = "USER";
}
catch(const Firebird::Exception& ex)
catch (const Firebird::Exception& ex)
{
ex.stuffException(st);
}
@ -105,7 +105,7 @@ void WriterImplementation::setType(Firebird::IStatus* st, const char* value)
if (value)
type = value;
}
catch(const Firebird::Exception& ex)
catch (const Firebird::Exception& ex)
{
ex.stuffException(st);
}
@ -122,7 +122,7 @@ void WriterImplementation::setDb(Firebird::IStatus* st, const char* value)
current.insertPath(AuthReader::AUTH_SECURE_DB, target);
}
}
catch(const Firebird::Exception& ex)
catch (const Firebird::Exception& ex)
{
ex.stuffException(st);
}

2
src/common/classes/ImplementHelper.h
View File

@ -153,7 +153,7 @@ public:
p->addRef();
return p;
}
catch(const Firebird::Exception& ex)
catch (const Firebird::Exception& ex)
{
ex.stuffException(status);
}

2
src/common/security.h
View File

@ -74,7 +74,7 @@ public:
{
value = newValue ? newValue : "";
}
catch(const Firebird::Exception& ex)
catch (const Firebird::Exception& ex)
{
ex.stuffException(status);
}

77
src/dsql/DdlNodes.epp
View File

@ -748,7 +748,8 @@ static void updateRdbFields(const TypeClause* type,
//----------------------
SecureDdlNodeExecute::SecureDdlNodeExecute(thread_db* tdbb, DdlNode* ddlNode,
DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction): _tdbb(tdbb)
DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction)
: _tdbb(tdbb)
{
if (ddlNode->checkPermission(tdbb, transaction))
tdbb->tdbb_flags |= TDBB_trusted_ddl;
@ -1382,7 +1383,7 @@ DdlNode* CreateAlterFunctionNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool CreateAlterFunctionNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
if (alter)
SCL_check_function(tdbb, &dscName, SCL_alter);
else
@ -2011,7 +2012,7 @@ void AlterExternalFunctionNode::print(string& text) const
bool AlterExternalFunctionNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_function(tdbb, &dscName, SCL_alter);
return true;
}
@ -2136,7 +2137,7 @@ DdlNode* DropFunctionNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool DropFunctionNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_function(tdbb, &dscName, SCL_drop);
return true;
}
@ -2329,7 +2330,7 @@ DdlNode* CreateAlterProcedureNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool CreateAlterProcedureNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
if (alter)
SCL_check_procedure(tdbb, &dscName, SCL_alter);
else
@ -2883,7 +2884,7 @@ DdlNode* DropProcedureNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool DropProcedureNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_procedure(tdbb, &dscName, SCL_drop);
return true;
}
@ -3146,7 +3147,7 @@ DdlNode* CreateAlterTriggerNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool CreateAlterTriggerNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -3342,7 +3343,7 @@ bool DropTriggerNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
status_exception::raise(Arg::PrivateDyn(48));
}
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -4859,6 +4860,7 @@ void CreateAlterExceptionNode::executeCreate(thread_db* tdbb, DsqlCompilerScratc
{
Attachment* const attachment = transaction->getAttachment();
const string& userName = attachment->att_user->usr_user_name;
executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_BEFORE,
DDL_TRIGGER_CREATE_EXCEPTION, name);
@ -6844,7 +6846,7 @@ void AlterRelationNode::print(string& text) const
bool AlterRelationNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -7540,7 +7542,7 @@ void DropRelationNode::print(string& text) const
bool DropRelationNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
if (view)
SCL_check_view(tdbb, &dscName, SCL_drop);
else
@ -7785,7 +7787,7 @@ DdlNode* CreateAlterViewNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool CreateAlterViewNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
if (alter)
SCL_check_view(tdbb, &dscName, SCL_alter);
else
@ -7848,6 +7850,7 @@ void CreateAlterViewNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScra
REL.RDB$VIEW_BLR NOT MISSING
{
found = true;
MODIFY REL
attachment->storeMetaDataBlob(tdbb, transaction, &REL.RDB$VIEW_SOURCE, source);
attachment->storeBinaryBlob(tdbb, transaction, &REL.RDB$VIEW_BLR,
@ -8918,7 +8921,7 @@ bool CreateIndexNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
const MetaName &relationName = relation->dsqlName;
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -9003,7 +9006,7 @@ bool AlterIndexNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
status_exception::raise(Arg::PrivateDyn(48));
}
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -9075,7 +9078,7 @@ bool SetStatisticsNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
status_exception::raise(Arg::PrivateDyn(48));
}
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -9166,7 +9169,7 @@ bool DropIndexNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
status_exception::raise(Arg::PrivateDyn(48));
}
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*)relationName.c_str());
dscName.makeText(relationName.length(), CS_METADATA, (UCHAR*) relationName.c_str());
SCL_check_relation(tdbb, &dscName, SCL_alter);
return true;
}
@ -10006,7 +10009,7 @@ void DropRoleNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch, jr
executeDdlTrigger(tdbb, dsqlScratch, transaction, DTW_BEFORE,
DDL_TRIGGER_DROP_ROLE, name);
if (ROL.RDB$SYSTEM_FLAG != 0)
{
@ -10014,7 +10017,7 @@ void DropRoleNode::execute(thread_db* tdbb, DsqlCompilerScratch* dsqlScratch, jr
status_exception::raise(Arg::PrivateDyn(284) << name);
}
AutoCacheRequest request2(tdbb, drq_del_role_1, DYN_REQUESTS);
// The first OR clause finds all members of the role.
@ -10373,23 +10376,24 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
break;
}
if (options == 1) { // with grant option
switch (userType) {
case obj_procedure: {
if (options == 1) // with grant option
{
switch (userType)
{
case obj_procedure:
ERRD_post(Arg::Gds(isc_dsql_cant_grant_option) << Arg::Str("procedures"));
break;
}
case obj_trigger: {
case obj_trigger:
ERRD_post(Arg::Gds(isc_dsql_cant_grant_option) << Arg::Str("triggers"));
break;
}
case obj_view: {
case obj_view:
ERRD_post(Arg::Gds(isc_dsql_cant_grant_option) << Arg::Str("views"));
break;
}
default: {
default:
break;
}
}
}
@ -10531,7 +10535,8 @@ void GrantRevokeNode::grantRevoke(thread_db* tdbb, jrd_tra* transaction, const G
tdbb->getAttachment()->att_user->usr_user_name.c_str(), priv, objName,
field, true);
}
else if (objType >= obj_database) {
else if (objType >= obj_database)
{
checkGrantorCanGrantDdl(tdbb, transaction,
tdbb->getAttachment()->att_user->usr_user_name.c_str(), priv, objName);
}
@ -10872,7 +10877,7 @@ void GrantRevokeNode::checkGrantorCanGrantRole(thread_db* tdbb, jrd_tra* transac
// Check if the grantor has grant option on DDL privilege
void GrantRevokeNode::checkGrantorCanGrantDdl(thread_db* tdbb, jrd_tra* transaction,
const Firebird::MetaName& grantor, const char* privilege, const Firebird::MetaName& objName)
const MetaName& grantor, const char* privilege, const MetaName& objName)
{
if (tdbb->getAttachment()->locksmith())
return;
@ -10880,13 +10885,13 @@ void GrantRevokeNode::checkGrantorCanGrantDdl(thread_db* tdbb, jrd_tra* transact
AutoCacheRequest request(tdbb, drq_l_grant_option, DYN_REQUESTS);
bool grantable = false;
FOR(REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
PRV IN RDB$USER_PRIVILEGES WITH
PRV.RDB$USER = UPPERCASE(grantor.c_str()) AND
PRV.RDB$USER_TYPE = obj_user AND
PRV.RDB$RELATION_NAME EQ objName.c_str() AND
PRV.RDB$OBJECT_TYPE >= obj_database AND
PRV.RDB$PRIVILEGE EQ privilege
FOR (REQUEST_HANDLE request TRANSACTION_HANDLE transaction)
PRV IN RDB$USER_PRIVILEGES
WITH PRV.RDB$USER = UPPERCASE(grantor.c_str()) AND
PRV.RDB$USER_TYPE = obj_user AND
PRV.RDB$RELATION_NAME EQ objName.c_str() AND
PRV.RDB$OBJECT_TYPE >= obj_database AND
PRV.RDB$PRIVILEGE EQ privilege
{
grantable = PRV.RDB$GRANT_OPTION == 1;
}

4
src/dsql/DdlNodes.h
View File

@ -2031,7 +2031,7 @@ private:
case 'G': return "Usage";
case 'M': return "Role";
case 'R': return "Reference";
//ddl
// ddl
case 'C': return "Create";
case 'L': return "Alter";
case 'O': return "DROP";
@ -2048,7 +2048,7 @@ public:
Firebird::Array<GranteeClause> users;
bool grantAdminOption;
NestConst<Firebird::MetaName> grantor;
// ddl rights
// ddl rights
bool isDdl;
};

2
src/dsql/Nodes.h
View File

@ -158,7 +158,7 @@ class SecureDdlNodeExecute
{
public:
explicit SecureDdlNodeExecute(thread_db* tdbb, DdlNode* ddlNode,
DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction);
DsqlCompilerScratch* dsqlScratch, jrd_tra* transaction);
~SecureDdlNodeExecute()
{

6
src/dsql/PackageNodes.epp
View File

@ -462,7 +462,7 @@ DdlNode* CreateAlterPackageNode::dsqlPass(DsqlCompilerScratch* dsqlScratch)
bool CreateAlterPackageNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
if (alter)
SCL_check_package(tdbb, &dscName, SCL_alter);
else
@ -635,7 +635,7 @@ void DropPackageNode::print(string& text) const
bool DropPackageNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_package(tdbb, &dscName, SCL_drop);
return true;
}
@ -1095,7 +1095,7 @@ void DropPackageBodyNode::print(string& text) const
bool DropPackageBodyNode::checkPermission(thread_db* tdbb, jrd_tra* transaction)
{
dsc dscName;
dscName.makeText(name.length(), CS_METADATA, (UCHAR*)name.c_str());
dscName.makeText(name.length(), CS_METADATA, (UCHAR*) name.c_str());
SCL_check_package(tdbb, &dscName, SCL_drop);
return true;
}

17
src/dsql/parse.y
View File

@ -855,7 +855,8 @@ grant0($node)
;
%type <granteeClause> object
object : TABLE
object
: TABLE
{ $$ = newNode<GranteeClause>(obj_relations, get_object_name(obj_relations)); }
| VIEW
{ $$ = newNode<GranteeClause>(obj_views, get_object_name(obj_views)); }
@ -925,8 +926,18 @@ privilege($privilegeArray)
%type ddl_privileges(<privilegeArray>)
ddl_privileges($privilegeArray)
: ALL { $privilegeArray->add(PrivilegeClause('C', NULL)); $privilegeArray->add(PrivilegeClause('L', NULL)); $privilegeArray->add(PrivilegeClause('O', NULL)); }
| ALL PRIVILEGES { $privilegeArray->add(PrivilegeClause('C', NULL)); $privilegeArray->add(PrivilegeClause('L', NULL)); $privilegeArray->add(PrivilegeClause('O', NULL)); }
: ALL
{
$privilegeArray->add(PrivilegeClause('C', NULL));
$privilegeArray->add(PrivilegeClause('L', NULL));
$privilegeArray->add(PrivilegeClause('O', NULL));
}
| ALL PRIVILEGES
{
$privilegeArray->add(PrivilegeClause('C', NULL));
$privilegeArray->add(PrivilegeClause('L', NULL));
$privilegeArray->add(PrivilegeClause('O', NULL));
}
| ddl_privilege_list($privilegeArray)
;

6
src/jrd/grant.epp
View File

@ -141,11 +141,9 @@ void GRANT_privileges(thread_db* tdbb, const Firebird::string& name, USHORT id,
break;
default:
if (id >= obj_database &&
id < obj_type_MAX)
{
if (id >= obj_database && id < obj_type_MAX)
priv = OWNER_PRIVS;
}
break;
}
grant_user(acl, owner, obj_user, priv);

6
src/jrd/ini.epp
View File

@ -478,7 +478,7 @@ void INI_format(const MetaName& owner, const MetaName& charset)
add_security_to_sys_obj(tdbb, ownerName, obj_collation, collation->name, length, buffer);
}
for (int ddl_obj = obj_database + 1; ddl_obj < obj_type_MAX; ddl_obj++)
for (int ddl_obj = obj_database + 1; ddl_obj < obj_type_MAX; ++ddl_obj)
{
add_security_class(tdbb, get_object_name(ddl_obj), length, buffer);
}
@ -1182,7 +1182,7 @@ static void add_security_class(thread_db* tdbb, const MetaName& class_name, USHO
bid blob_id;
attachment->storeBinaryBlob(tdbb, attachment->getSysTransaction(), &blob_id,
ByteChunk(acl, acl_length));
ByteChunk(acl, acl_length));
AutoRequest handle;
@ -1193,8 +1193,6 @@ static void add_security_class(thread_db* tdbb, const MetaName& class_name, USHO
CLS.RDB$ACL = blob_id;
}
END_STORE
handle.reset();
}

2
src/jrd/jrd.h
View File

@ -369,7 +369,7 @@ const USHORT TDBB_use_db_page_space = 256; // use database (not temporary) page
const USHORT TDBB_detaching = 512; // detach is in progress
const USHORT TDBB_wait_cancel_disable = 1024; // don't cancel current waiting operation
const USHORT TDBB_cache_unwound = 2048; // page cache was unwound
const USHORT TDBB_trusted_ddl = 4096; // skip DDL permission checks. set after DDL permission check and clear after DDL execution
const USHORT TDBB_trusted_ddl = 4096; // skip DDL permission checks. Set after DDL permission check and clear after DDL execution
class thread_db : public Firebird::ThreadData
{

6
src/jrd/obj.h
View File

@ -48,17 +48,17 @@ const int obj_collation = 17;
const int obj_package_header = 18;
const int obj_package_body = 19;
//objects types for ddl operations
// objects types for ddl operations
const int obj_database = 20;
const int obj_relations = 21;
const int obj_views = 22;
const int obj_views = 22;
const int obj_procedures = 23;
const int obj_functions = 24;
const int obj_packages = 25;
const int obj_generators = 26;
const int obj_domains = 27;
const int obj_exceptions = 28;
const int obj_roles = 29;
const int obj_roles = 29;
const int obj_shadows = 30;
const int obj_charsets = 31;
const int obj_collations = 32;

16
src/jrd/scl.epp
View File

@ -1249,28 +1249,28 @@ SecurityClass::flags_t SCL_get_object_mask(const int object_type)
* S C L _ g e t _ o b j e c t _ m a s k
*
**************************************
*
*
* Functional description
* Get a protection mask for database object.
*
**************************************/
thread_db* tdbb = JRD_get_thread_data();
Database* dbb = tdbb->getDatabase();
UserId* user = tdbb->getAttachment()->att_user;
/*if (object_type == obj_roles)
{
if (user->isSecAdmin())
return -1 & ~SCL_corrupt;
return -1 & ~SCL_corrupt;
}*/
const TEXT* object_name = get_object_name(object_type);
const Jrd::SecurityClass* s_class = SCL_recompute_class(tdbb, object_name);
if (s_class)
return s_class->scl_flags;
return -1 & ~SCL_corrupt;
}
@ -1283,7 +1283,7 @@ void SCL_set_user(const Firebird::MetaName& user_name, UserId& user)
**************************************
*
* Functional description
* Set user attributes.
* Set user attributes.
*
**************************************/
thread_db* tdbb = JRD_get_thread_data();
@ -1293,7 +1293,7 @@ void SCL_set_user(const Firebird::MetaName& user_name, UserId& user)
if (!user.usr_user_name.compare(dbb->dbb_owner.c_str())) {
user.usr_flags |= USR_owner;
}
}
}
static bool check_number(const UCHAR* acl, USHORT number)