Fixed CORE-735: User rights for metadata changes.

We check DDL in DDL nodes and skip at vio level. vio level still exists for direct metadata editing.
FirebirdSQL · Jul 8, 2014 · 573e93e · 573e93e
1 parent a1d0c2b
commit 573e93e
Show file tree

Hide file tree

Showing 34 changed files with 1,119 additions and 101 deletions.
diff --git a/doc/sql.extensions/README.ddl_access.txt b/doc/sql.extensions/README.ddl_access.txt
@@ -0,0 +1,35 @@
+SQL Language Extension: GRANT/REVOKE permissions on DDL operations
+
+   Implements capability to manage permissions on DDL operations.
+
+Author:
+   Red Soft Corporation, roman.simakov(at)red-soft.biz
+
+Syntax is:
+
+GRANT CREATE <OBJECT> TO USER|ROLE [with grant option];
+GRANT ALTER ANY <OBJECT> TO USER|ROLE [with grant option];
+GRANT DROP ANY <OBJECT> TO USER|ROLE [with grant option];
+
+REVOKE [grant option for] CREATE <OBJECT> FROM USER|ROLE;
+REVOKE [grant option for] ALTER ANY <OBJECT> FROM USER|ROLE;
+REVOKE [grant option for] DROP ANY <OBJECT> FROM USER|ROLE;
+
+Where <OBJECT> could be:
+TABLE, VIEW, PROCEDURE, FUNCTION, PACKAGE, GENERATOR, SEQUENCE, DOMAIN, 
+EXCEPTION, ROLE, SHADOW, DATABASE, CHARACTER SET, COLLATION, FILTER
+
+Description:
+
+Makes it possible to grant and revoke privileges on DDL operations. 
+
+DDL operations for managing triggers and indices re-use table privileges.
+
+If ANY keyword is used a user will be able to perform operation on any object. Otherwise only on object which he owns.
+If ANY keyword was used due GRANT operation it also must be used in according REVOKE operation.
+
+Sample:
+
+GRANT CREATE TABLE TO Joe;
+GRANT ALTER ANY TABLE TO Joe; 
+REVOKE CREATE TABLE FROM Joe;
diff --git a/lang_helpers/gds_codes.ftn b/lang_helpers/gds_codes.ftn
@@ -1598,6 +1598,10 @@ C --
       PARAMETER (GDS__cursor_not_positioned            = 335545092)
       INTEGER*4 GDS__dup_attribute                   
       PARAMETER (GDS__dup_attribute                    = 335545093)
+      INTEGER*4 GDS__dyn_no_priv                     
+      PARAMETER (GDS__dyn_no_priv                      = 335545094)
+      INTEGER*4 GDS__dsql_cant_grant_option          
+      PARAMETER (GDS__dsql_cant_grant_option           = 335545095)
       INTEGER*4 GDS__gfix_db_name                    
       PARAMETER (GDS__gfix_db_name                     = 335740929)
       INTEGER*4 GDS__gfix_invalid_sw                 

diff --git a/lang_helpers/gds_codes.pas b/lang_helpers/gds_codes.pas
@@ -806,6 +806,8 @@
 	gds_set_invalid_role                 = 335545091;
 	gds_cursor_not_positioned            = 335545092;
 	gds_dup_attribute                    = 335545093;
+	gds_dyn_no_priv                      = 335545094;
+	gds_dsql_cant_grant_option           = 335545095;
 	gds_gfix_db_name                     = 335740929;
 	gds_gfix_invalid_sw                  = 335740930;
 	gds_gfix_incmp_sw                    = 335740932;