Class GenericAuthorizer

java.lang.Object

org.apache.derby.impl.sql.conn.GenericAuthorizer

All Implemented Interfaces:

Authorizer

class GenericAuthorizer
extends Object
implements Authorizer

Field Summary

Fields

Modifier and Type	Field	Description
private static final int	FULL_ACCESS
private final LanguageConnectionContext	lcc
private static final int	NO_ACCESS
private static final int	READ_ACCESS
(package private) boolean	readOnlyConnection
private int	userAccessLevel

Fields inherited from interface Authorizer

CREATE_ROLE_PRIV, CREATE_SCHEMA_PRIV, DELETE_PRIV, DROP_ROLE_PRIV, DROP_SCHEMA_PRIV, EXECUTE_PRIV, INSERT_PRIV, JAR_WRITE_OP, MIN_SELECT_PRIV, MODIFY_SCHEMA_PRIV, NULL_PRIV, PRIV_TYPE_COUNT, PROPERTY_WRITE_OP, PUBLIC_AUTHORIZATION_ID, REFERENCES_PRIV, SELECT_PRIV, SQL_ARBITARY_OP, SQL_CALL_OP, SQL_DDL_OP, SQL_SELECT_OP, SQL_WRITE_OP, SYSTEM_AUTHORIZATION_ID, TRIGGER_PRIV, UPDATE_PRIV, USAGE_PRIV

Constructor Summary

Constructors

Constructor	Description
GenericAuthorizer(LanguageConnectionContext lcc)

Method Summary

Modifier and Type	Method	Description
void	authorize(int operation)	Used for operations that do not involve tables or routines.
void	authorize(List<StatementPermission> requiredPermissionsList, Activation activation)	Verify the connected user possesses the indicated permissions
void	authorize(Activation activation, int operation)	Verify the connected user is authorized to perform the requested operation.
private boolean	connectionMustRemainReadOnly()
private static StandardException	externalRoutineException(int operation, int sqlAllowed)	Throw an exception if the user does not have all of the required permissions.
private int	getDefaultAccessLevel()
private void	getUserAccessLevel()
boolean	isReadOnlyConnection()	Get the readOnly status for this authorizer's connection.
final void	refresh()	Refresh this authorizer to reflect a change in the database permissions.
void	setReadOnlyConnection(boolean on, boolean authorize)	Set the readOnly status for this authorizer's connection.
private boolean	userOnAccessList(String listName)

Methods inherited from class Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Details

NO_ACCESS

private static final int NO_ACCESS

See Also:

• Constant Field Values

READ_ACCESS

private static final int READ_ACCESS

See Also:

• Constant Field Values

FULL_ACCESS

private static final int FULL_ACCESS

See Also:

• Constant Field Values

userAccessLevel

private int userAccessLevel

readOnlyConnection

boolean readOnlyConnection

lcc

private final LanguageConnectionContext lcc

Constructor Details

GenericAuthorizer

GenericAuthorizer(LanguageConnectionContext lcc)
           throws StandardException

Throws:

StandardException

Method Details

connectionMustRemainReadOnly

private boolean connectionMustRemainReadOnly()

authorize

public void authorize(int operation)
               throws StandardException

Used for operations that do not involve tables or routines.

Specified by:

authorize in interface Authorizer

Parameters:

operation - the enumeration code for the requsted operation.

Throws:

StandardException - Thrown if the operation is not allowed

See Also:

• Authorizer.authorize(int)

authorize

public void authorize(Activation activation,
 int operation)
               throws StandardException

Description copied from interface: Authorizer

Verify the connected user is authorized to perform the requested operation.

Specified by:

authorize in interface Authorizer

Parameters:

activation - holds the list of tables, columns, and routines used.

operation - the enumeration code for the requsted operation.

Throws:

StandardException - Thrown if the operation is not allowed

See Also:

• Authorizer.authorize(int)

authorize

public void authorize(List<StatementPermission> requiredPermissionsList,
 Activation activation)
               throws StandardException

Description copied from interface: Authorizer

Verify the connected user possesses the indicated permissions

Specified by:

authorize in interface Authorizer

Parameters:

requiredPermissionsList - the required permissions

activation - holds the execution logic

Throws:

StandardException - Thrown if the operation is not allowed

externalRoutineException

private static StandardException externalRoutineException(int operation,
 int sqlAllowed)

Throw an exception if the user does not have all of the required permissions.

getUserAccessLevel

private void getUserAccessLevel()
                         throws StandardException

Throws:

StandardException

getDefaultAccessLevel

private int getDefaultAccessLevel()
                           throws StandardException

Throws:

StandardException

userOnAccessList

private boolean userOnAccessList(String listName)
                          throws StandardException

Throws:

StandardException

isReadOnlyConnection

public boolean isReadOnlyConnection()

Description copied from interface: Authorizer

Get the readOnly status for this authorizer's connection.

Specified by:

isReadOnlyConnection in interface Authorizer

See Also:

• Authorizer.isReadOnlyConnection()

setReadOnlyConnection

public void setReadOnlyConnection(boolean on,
 boolean authorize)
                           throws StandardException

Description copied from interface: Authorizer

Set the readOnly status for this authorizer's connection.

Specified by:

setReadOnlyConnection in interface Authorizer

Parameters:

on - true means set the connection to read only mode, false means set the connection to read wrte mode.

authorize - true means to verify the caller has authority to set the connection and false means do not check.

Throws:

StandardException - Thrown if the operation is not allowed

See Also:

• Authorizer.isReadOnlyConnection()

refresh

public final void refresh()
                   throws StandardException

Description copied from interface: Authorizer

Refresh this authorizer to reflect a change in the database permissions.

Specified by:

refresh in interface Authorizer

Throws:

StandardException - Thrown if the operation is not allowed

See Also:

• Authorizer.refresh()