From 021faec6a18336cfefd11b30d100a8fe4e3da1ee Mon Sep 17 00:00:00 2001 From: Roberta Marton Date: Tue, 10 Apr 2018 18:35:39 +0000 Subject: [PATCH] Get statement enhancements Added support and privilege checks for the following commands: get functions for library get procedures for library get table_mapping functions for library get indexes on table get objects on table get views on table get views on view get libraries in schema get objects in view get tables in view get views in view get indexes for user get tables for user get libraries for user get views for user Changed "get libraries for schema" to include libraries where the current user has execute privilege on one of the libraries routines (functions, procedures, or table_mapping functions). Addressed a performance issue when determining if the user has column level privileges. If the user has granted privileges against native Hive tables through EsgynDB, we need to get the column name from Hive. The call to get the column, by calling hivemd, is very expensive. This change checks to see if the requested user has been granted any column level privileges on a hive table. If so, we will go ahead and do the mapping (call hivemd). If not, then we will not include the hivemd fragment for the query. Since we are scanning the column privileges table anyway, we also see if the requested user (or their roles) has been granted any privileges. If so, we include the column privileges check in the query. Commented out get statements that we do not support at this time. --- core/sql/comexe/ComTdbExeUtil.h | 2 - core/sql/executor/ExExeUtil.h | 9 +- core/sql/executor/ExExeUtilGet.cpp | 624 ++++++++++++++++----- core/sql/generator/GenRelExeUtil.cpp | 164 +++--- core/sql/parser/sqlparser.y | 37 +- core/sql/regress/privs1/EXPECTED123 | 773 +++++++++++++++++++++++++++ core/sql/regress/privs1/EXPECTED125 | 268 +++++++++- core/sql/regress/privs1/TEST123 | 46 ++ core/sql/regress/privs1/TEST125 | 20 +- 9 files changed, 1658 insertions(+), 285 deletions(-) diff --git a/core/sql/comexe/ComTdbExeUtil.h b/core/sql/comexe/ComTdbExeUtil.h index 9024afe0ab..bb291725fe 100644 --- a/core/sql/comexe/ComTdbExeUtil.h +++ b/core/sql/comexe/ComTdbExeUtil.h @@ -2542,9 +2542,7 @@ class ComTdbExeUtilGetMetadataInfo : public ComTdbExeUtil PRIVILEGES_FOR_ROLE_, USERS_, - CURRENT_USER_, - CATALOGS_FOR_USER_, INDEXES_FOR_USER_, LIBRARIES_FOR_USER_, MVGROUPS_FOR_USER_, diff --git a/core/sql/executor/ExExeUtil.h b/core/sql/executor/ExExeUtil.h index 428ccdfb0f..3615c104c0 100644 --- a/core/sql/executor/ExExeUtil.h +++ b/core/sql/executor/ExExeUtil.h @@ -2499,9 +2499,16 @@ class ExExeUtilGetMetadataInfoTcb : public ExExeUtilTcb const char *schName, const char *objName); + Int32 colPrivsFrag( + const char *authName, + const char *catName, + const NAString &privWhereClause, + NAString &colPrivsStmt); + NAString getGrantedPrivCmd( const NAString &roleList, - const char * cat); + const char * cat, + const NAString &inColumn = NAString("object_uid")); char * getRoleList( const Int32 userID, diff --git a/core/sql/executor/ExExeUtilGet.cpp b/core/sql/executor/ExExeUtilGet.cpp index 97815efe1b..249241f57f 100644 --- a/core/sql/executor/ExExeUtilGet.cpp +++ b/core/sql/executor/ExExeUtilGet.cpp @@ -182,7 +182,7 @@ static const QueryString getRolesForUserQuery[] = {" ; "} }; -static const QueryString getPrivsForAuthsQuery[] = +static const QueryString getPrivsForAuthsQuery[] = { {" select translate(rtrim(object_name) using ucs2toutf8), "}, {" case when bitextract(privileges_bitmap,63,1) = 1 then 'S' "}, @@ -201,8 +201,31 @@ static const QueryString getPrivsForAuthsQuery[] = {" else '-' end as privs "}, {" from %s.\"%s\".%s "}, {" where grantee_id %s "}, - {" union "}, + {" (select translate(rtrim(schema_name) using ucs2toutf8), "}, + {" case when bitextract(privileges_bitmap,63,1) = 1 then 'S' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,62,1) = 1 then 'I' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,61,1) = 1 then 'D' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,60,1) = 1 then 'U' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,59,1) = 1 then 'G' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,58,1) = 1 then 'R' "}, + {" else '-' end || "}, + {" case when bitextract(privileges_bitmap,57,1) = 1 then 'E' "}, + {" else '-' end as privs "}, + {" from %s.\"%s\".%s "}, + {" where grantee_id %s ) "}, + {" %s order by 1 " }, + {" ; "} +}; + +static const QueryString getPrivsForColsQuery[] = +{ + {" union "}, // for column privileges {" (select translate(rtrim(object_name) using ucs2toutf8) || ' ' || "}, {" translate(rtrim(column_name) using ucs2toutf8), "}, {" case when bitextract(privileges_bitmap,63,1) = 1 then 'S' "}, @@ -223,7 +246,10 @@ static const QueryString getPrivsForAuthsQuery[] = {" where p.object_uid = c.object_uid "}, {" and p.column_number = c.column_number "}, {" and grantee_id %s ) "}, +}; +static const QueryString getPrivsForHiveColsQuery[] = +{ {" union "}, // for privileges on hive objects {" (select translate(rtrim(o.catalog_name) using ucs2toutf8) || '.' || "}, {" translate(rtrim(o.schema_name) using ucs2toutf8) || '.' || "}, @@ -252,27 +278,6 @@ static const QueryString getPrivsForAuthsQuery[] = {" and o.object_name = upper(c.table_name) "}, {" and p.column_number = c.column_number "}, {" and grantee_id %s ) "}, - - {" union "}, - {" (select translate(rtrim(schema_name) using ucs2toutf8), "}, - {" case when bitextract(privileges_bitmap,63,1) = 1 then 'S' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,62,1) = 1 then 'I' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,61,1) = 1 then 'D' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,60,1) = 1 then 'U' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,59,1) = 1 then 'G' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,58,1) = 1 then 'R' "}, - {" else '-' end || "}, - {" case when bitextract(privileges_bitmap,57,1) = 1 then 'E' "}, - {" else '-' end as privs "}, - {" from %s.\"%s\".%s "}, - {" where grantee_id %s ) "}, - {" order by 1 "}, - {" ; "} }; static const QueryString getComponents[] = @@ -336,7 +341,20 @@ static const QueryString getTrafIndexesOnTableQuery[] = {" and O.schema_name = '%s' "}, {" and O.object_name = '%s' "}, {" and I.base_table_uid = O.object_uid "}, - {" and I.index_uid = O2.object_uid "}, + {" and I.index_uid = O2.object_uid %s "}, + {" order by 1 "}, + {" ; "} +}; + +static const QueryString getTrafIndexesForUser[] = +{ + {" select trim(T2.catalog_name) || '.\"' || trim(T2.schema_name) || '\".' || trim(T2.object_name) "}, + {" from %s.\"%s\".%s I, "}, + {" %s.\"%s\".%s T, "}, + {" %s.\"%s\".%s T2 "}, + {" where T.catalog_name = '%s' "}, + {" and I.base_table_uid = T.object_uid "}, + {" and I.index_uid = T2.object_uid %s "}, {" order by 1 "}, {" ; "} }; @@ -356,8 +374,8 @@ static const QueryString getTrafProceduresInSchemaQuery[] = static const QueryString getTrafLibrariesInSchemaQuery[] = { - {" select object_name from "}, - {" %s.\"%s\".%s T "}, + {" select distinct object_name from "}, + {" %s.\"%s\".%s T, %s.\"%s\".%s R "}, {" where T.catalog_name = '%s' and "}, {" T.schema_name = '%s' and "}, {" T.object_type = 'LB' %s "}, @@ -365,6 +383,16 @@ static const QueryString getTrafLibrariesInSchemaQuery[] = {" ; "} }; +static const QueryString getTrafLibrariesForUser[] = +{ + {" select distinct object_name from "}, + {" %s.\"%s\".%s T, %s.\"%s\".%s R "}, + {" where T.catalog_name = '%s' and T.object_type = 'LB' and "}, + {" T.object_uid = R.library_uid %s "}, + {" order by 1 "}, + {" ; "} +}; + static const QueryString getTrafFunctionsInSchemaQuery[] = { {" select object_name from "}, @@ -393,15 +421,13 @@ static const QueryString getTrafTableFunctionsInSchemaQuery[] = static const QueryString getTrafProceduresForLibraryQuery[] = { - {" select T.schema_name || '.' || T.object_name from "}, - {" %s.\"%s\".%s T, %s.\"%s\".%s R, %s.\"%s\".%s LU "}, - {"where T.object_uid = R.udr_uid and "}, - {" T.object_uid = LU.used_udr_uid and "}, - {" LU.using_library_uid = (select object_uid from %s.\"%s\".%s T1 "}, - {" where T1.object_type = 'LB' and T1.catalog_name = '%s' and "}, - {" T1.schema_name = '%s' and T1.object_name = '%s') and "}, - {" %s "}, // fot udr_type: procedure, function, or table_mapping fn. - {" order by 1 "}, + {" select T1.schema_name || '.' || T1.object_name from "}, + {" %s.\"%s\".%s T, %s.\"%s\".%s R, %s.\"%s\".%s T1 "}, + {"where T.catalog_name = '%s' and T.schema_name = '%s' "}, + {" and T.object_name = '%s' and T.object_type = 'LB' "}, + {" and T.object_uid = R.library_uid and R.udr_uid = T1.object_uid "}, + {" and %s %s "}, + {"order by 1 "}, {" ; "} }; @@ -457,7 +483,7 @@ static const QueryString getTrafObjectsInViewQuery[] = {" (select T2.object_uid from %s.\"%s\".%s T2 "}, {" where T2.catalog_name = '%s' and "}, {" T2.schema_name = '%s' and "}, - {" T2.object_name = '%s' ) "}, + {" T2.object_name = '%s' %s ) "}, {" and VU.used_object_uid = T.object_uid "}, {" order by 1 "}, {" ; "} @@ -475,7 +501,7 @@ static const QueryString getTrafViewsOnObjectQuery[] = {" where T1.catalog_name = '%s' "}, {" and T1.schema_name = '%s' "}, {" and T1.object_name = '%s' "}, - {" %s "}, + {" %s %s "}, {" ) "}, {" ) "}, {" order by 1 "}, @@ -555,6 +581,16 @@ static const QueryString getTrafPrivsOnObject[] = {" ; "} }; +static const QueryString getTrafObjectsForUser[] = +{ + {" select trim(T.catalog_name) || '.\"' || trim(T.schema_name) || '\".' || trim(T.object_name) "}, + {" from %s.\"%s\".%s T "}, + {" where T.catalog_name = '%s' "}, + {" and T.object_type = '%s' %s "}, + {" order by 1 "}, + {" ; "} +}; + static const QueryString getHiveRegObjectsInCatalogQuery[] = { {" select trim(O.a) || " }, @@ -1283,7 +1319,6 @@ short ExExeUtilGetMetadataInfoTcb::displayHeading() break; case ComTdbExeUtilGetMetadataInfo::USERS_: - case ComTdbExeUtilGetMetadataInfo::CURRENT_USER_: { str_sprintf(headingBuf_, (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::USERS_ @@ -1292,10 +1327,6 @@ short ExExeUtilGetMetadataInfoTcb::displayHeading() } break; - case ComTdbExeUtilGetMetadataInfo::CATALOGS_FOR_USER_: - str_sprintf(headingBuf_,"Catalogs for User %s",getMItdb().getParam1()); - break; - case ComTdbExeUtilGetMetadataInfo::INDEXES_FOR_USER_: str_sprintf(headingBuf_,"Indexes for User %s",getMItdb().getParam1()); break; @@ -1441,15 +1472,17 @@ Int32 ExExeUtilGetMetadataInfoTcb::getAuthID( // ---------------------------------------------------------------------------- NAString ExExeUtilGetMetadataInfoTcb::getGrantedPrivCmd( const NAString &authList, - const char * cat) + const char * cat, + const NAString &inColumn) { char buf [authList.length()*3 + MAX_SQL_IDENTIFIER_NAME_LEN*9 + 200]; - snprintf(buf, sizeof(buf), "and object_uid in (select object_uid from %s.\"%s\".%s " + snprintf(buf, sizeof(buf), "and %s in (select object_uid from %s.\"%s\".%s " "where grantee_id in %s union " "(select object_uid from %s.\"%s\".%s " " where grantee_id in %s) union " - "(select object_uid from %s.\"%s\".%s " + "(select schema_uid from %s.\"%s\".%s " " where grantee_id in %s))", + inColumn.data(), cat, SEABASE_PRIVMGR_SCHEMA, PRIVMGR_OBJECT_PRIVILEGES, authList.data(), cat, SEABASE_PRIVMGR_SCHEMA, PRIVMGR_COLUMN_PRIVILEGES, authList.data(), cat, SEABASE_PRIVMGR_SCHEMA, PRIVMGR_SCHEMA_PRIVILEGES, authList.data()); @@ -1499,17 +1532,14 @@ char * ExExeUtilGetMetadataInfoTcb::getRoleList( NAString roleList("(-1"); char buf[30]; - NABoolean isFirst = TRUE; infoList_->position(); while (NOT infoList_->atEnd()) { OutputInfo * vi = (OutputInfo*)infoList_->getCurr(); if (vi) { - roleList += ", "; - str_sprintf(buf, "%d", *(Lng32*)vi->get(0)); + str_sprintf(buf, ", %d", *(Lng32*)vi->get(0)); roleList += buf; - isFirst = FALSE; } infoList_->advance(); } @@ -1642,6 +1672,119 @@ NABoolean ExExeUtilGetMetadataInfoTcb::checkUserPrivs( return TRUE; } +// ---------------------------------------------------------------------------- +// method: colPrivsFrag +// +// This method was added to address a performance issue. When determining if +// the user has column level privileges, we need to get the column name from +// Hive. The call to get the column name (hivemd) is very expensive. So this +// method checks to see if the requested user has been granted any column +// level privileges on a hive table. If so, we will go ahead and do the +// mapping (call hivemd). If not, then we will not include the hivemd +// fragment for the query. +// +// Since we are scanning the column privileges table anyway, we also see if +// the requested user (or their roles) has been granted any privileges. If so, +// we include the column privileges check in the query. +// +// For Sentry enabled installations, we won't store Hive privileges in +// EsgynDB metadata. By avoiding the hivemd calls, we save a lot of time +// in processing the request. +// +// returns additional union(s) for the getPrivForAuth query +// returns: +// 0 - successful +// -1 - unexpected error occurred +// ---------------------------------------------------------------------------- +Int32 ExExeUtilGetMetadataInfoTcb::colPrivsFrag( + const char *authName, + const char * cat, + const NAString &privWhereClause, + NAString &colPrivsStmt) +{ + // if no authorization, skip + if (!CmpCommon::context()->isAuthorizationEnabled()) + return 0; + + short rc = 0; + Lng32 cliRC = 0; + + // See if privileges granted on Hive object or to the user/user's roles + NAString likeClause("like 'HIVE.%'"); + sprintf(queryBuf_, "select " + "sum(case when (object_name %s and grantee_id %s) then 1 else 0 end), " + "sum(case when grantee_id %s then 1 else 0 end) " + "from %s.\"%s\".%s", + likeClause.data(), privWhereClause.data(), privWhereClause.data(), + cat, SEABASE_PRIVMGR_SCHEMA, + PRIVMGR_COLUMN_PRIVILEGES); + + if (initializeInfoList(infoList_)) return -1; + + numOutputEntries_ = 2; + cliRC = fetchAllRows(infoList_, queryBuf_, numOutputEntries_, FALSE, rc); + if (cliRC < 0) + { + cliInterface()->retrieveSQLDiagnostics(getDiagsArea()); + return -1; + } + + bool hasHive = false; + bool hasGrants = false; + infoList_->position(); + OutputInfo * vi = (OutputInfo*)infoList_->getCurr(); + if (vi && vi->get(0)) + { + if (*(Lng32*)vi->get(0) > 0) + hasHive = true; + if(*(Lng32*)vi->get(1) > 0) + hasGrants = true; + } + + Int32 len = privWhereClause.length() + 500; + char msg[len]; + snprintf(msg, len, "ExExeUtilGetMetadataUtilTcb::colPrivsFrag, user: %s, " + "grantees: %s, union col privs: %d, union hive cols: %d", + authName, + privWhereClause.data(), + hasGrants, (hasHive && hasGrants)); + QRLogger::log(CAT_SQL_EXE, LL_DEBUG, "%s", msg); + + // Attach union with column privileges clause + if (hasGrants) + { + const QueryString * grants = getPrivsForColsQuery; + Int32 sizeOfGrants = sizeof(getPrivsForColsQuery); + Int32 qryArraySize = sizeOfGrants / sizeof(QueryString); + char * gluedQuery; + Int32 gluedQuerySize; + + glueQueryFragments(qryArraySize, grants, gluedQuery, gluedQuerySize); + char buf[strlen(gluedQuery) + privWhereClause.length() + MAX_SQL_IDENTIFIER_NAME_LEN*6 + 200]; + snprintf(buf, sizeof(buf), gluedQuery, + cat, SEABASE_PRIVMGR_SCHEMA, PRIVMGR_COLUMN_PRIVILEGES, + cat, SEABASE_MD_SCHEMA, SEABASE_COLUMNS, + privWhereClause.data()); + colPrivsStmt = buf; + NADELETEBASIC(gluedQuery, getMyHeap()); + if (hasHive) + { + // attach union with hivemd columns clause + const QueryString * hive = getPrivsForHiveColsQuery; + Int32 sizeOfHive = sizeof(getPrivsForHiveColsQuery); + qryArraySize = sizeOfHive / sizeof(QueryString); + glueQueryFragments(qryArraySize, hive, gluedQuery, gluedQuerySize); + snprintf(buf, sizeof(buf), gluedQuery, + cat, SEABASE_PRIVMGR_SCHEMA, PRIVMGR_COLUMN_PRIVILEGES, + cat, SEABASE_MD_SCHEMA, SEABASE_OBJECTS, + privWhereClause.data()); + colPrivsStmt += buf; + NADELETEBASIC(gluedQuery, getMyHeap()); + } + } + return 0; +} + ////////////////////////////////////////////////////// // work() for ExExeUtilGetMetadataInfoTcb ////////////////////////////////////////////////////// @@ -1779,6 +1922,8 @@ short ExExeUtilGetMetadataInfoTcb::work() // get active roles for current user and put in a list that can be // used in a select "IN" clause. Include the current user NAString authList; + NAString colPrivsStmt; + if (CmpCommon::context()->isAuthorizationEnabled()) { // always include the current user in the list of auth IDs @@ -1823,9 +1968,9 @@ short ExExeUtilGetMetadataInfoTcb::work() { case ComTdbExeUtilGetMetadataInfo::CATALOGS_: { - qs = getCatalogsQuery; - sizeOfqs = sizeof(getCatalogsQuery); - + // any user can get list of catalogs, no priv checks required + qs = getCatalogsQuery; + sizeOfqs = sizeof(getCatalogsQuery); } break; @@ -1983,21 +2128,27 @@ short ExExeUtilGetMetadataInfoTcb::work() case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_VIEW_: case ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_VIEW_: { - qs = getTrafObjectsInViewQuery; - sizeOfqs = sizeof(getTrafObjectsInViewQuery); + qs = getTrafObjectsInViewQuery; + sizeOfqs = sizeof(getTrafObjectsInViewQuery); - param_[0] = cat; - param_[1] = sch; - param_[2] = view_usage; - param_[3] = cat; - param_[4] = sch; - param_[5] = tab; - param_[6] = cat; - param_[7] = sch; - param_[8] = tab; - param_[9] = getMItdb().cat_; - param_[10] = getMItdb().sch_; - param_[11] = getMItdb().obj_; + // If user has privs on the view, they can see referenced objects + // even if they don't have privileges on the referenced objects + if (doPrivCheck) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString("T2.object_uid")); + + param_[0] = cat; + param_[1] = sch; + param_[2] = view_usage; + param_[3] = cat; + param_[4] = sch; + param_[5] = tab; + param_[6] = cat; + param_[7] = sch; + param_[8] = tab; + param_[9] = getMItdb().cat_; + param_[10] = getMItdb().sch_; + param_[11] = getMItdb().obj_; + param_[12] = (char *)privWhereClause.data(); numOutputEntries_ = 2; } @@ -2005,23 +2156,26 @@ short ExExeUtilGetMetadataInfoTcb::work() case ComTdbExeUtilGetMetadataInfo::INDEXES_ON_TABLE_: { - qs = getTrafIndexesOnTableQuery; - sizeOfqs = sizeof(getTrafIndexesOnTableQuery); + qs = getTrafIndexesOnTableQuery; + sizeOfqs = sizeof(getTrafIndexesOnTableQuery); + if (doPrivCheck) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString("O.object_uid")); - param_[0] = catSchValue; - param_[1] = endQuote; - param_[2] = cat; - param_[3] = sch; - param_[4] = indexes; - param_[5] = cat; - param_[6] = sch; - param_[7] = tab; - param_[8] = cat; - param_[9] = sch; - param_[10] = tab; - param_[11] = getMItdb().cat_; - param_[12] = getMItdb().sch_; - param_[13] = getMItdb().obj_; + param_[0] = catSchValue; + param_[1] = endQuote; + param_[2] = cat; + param_[3] = sch; + param_[4] = indexes; + param_[5] = cat; + param_[6] = sch; + param_[7] = tab; + param_[8] = cat; + param_[9] = sch; + param_[10] = tab; + param_[11] = getMItdb().cat_; + param_[12] = getMItdb().sch_; + param_[13] = getMItdb().obj_; + param_[14] = (char *)privWhereClause.data(); } break; @@ -2029,25 +2183,31 @@ short ExExeUtilGetMetadataInfoTcb::work() case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_: case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_VIEW_: { - qs = getTrafViewsOnObjectQuery; - sizeOfqs = sizeof(getTrafViewsOnObjectQuery); + qs = getTrafViewsOnObjectQuery; + sizeOfqs = sizeof(getTrafViewsOnObjectQuery); + + // If user has privs on object, they can see referencing views + // even if they don't have privileges on the referencing views + if (doPrivCheck) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString("T1.object_uid")); + + param_[0] = cat; + param_[1] = sch; + param_[2] = tab; + param_[3] = cat; + param_[4] = sch; + param_[5] = view_usage; + param_[6] = cat; + param_[7] = sch; + param_[8] = tab; + param_[9] = getMItdb().cat_; + param_[10] = getMItdb().sch_; + param_[11] = getMItdb().obj_; + if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_) + strcpy(ausStr, " and T1.object_type = 'BT' "); + param_[12] = ausStr; + param_[13] = (char *)privWhereClause.data(); - param_[0] = cat; - param_[1] = sch; - param_[2] = tab; - param_[3] = cat; - param_[4] = sch; - param_[5] = view_usage; - param_[6] = cat; - param_[7] = sch; - param_[8] = tab; - param_[9] = getMItdb().cat_; - param_[10] = getMItdb().sch_; - param_[11] = getMItdb().obj_; - - if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_) - strcpy(ausStr, " and T1.object_type = 'BT' "); - param_[12] = ausStr; } break; @@ -2117,22 +2277,30 @@ short ExExeUtilGetMetadataInfoTcb::work() param_[8] = (char *) privWhereClause.data(); } break ; + case ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_: { qs = getTrafLibrariesInSchemaQuery; sizeOfqs = sizeof(getTrafLibrariesInSchemaQuery); if (doPrivCheck) - privWhereClause = getGrantedPrivCmd(authList, cat); + { + privWhereClause = "and T.object_uid = R.library_uid "; + privWhereClause += getGrantedPrivCmd(authList, cat, NAString("R.udr_uid")); + } - param_[0] = cat; - param_[1] = sch; - param_[2] = tab; - param_[3] = getMItdb().cat_; - param_[4] = getMItdb().sch_; - param_[5] = (char *) privWhereClause.data(); + param_[0] = cat; + param_[1] = sch; + param_[2] = tab; + param_[3] = cat; + param_[4] = sch; + param_[5] = routine; + param_[6] = getMItdb().cat_; + param_[7] = getMItdb().sch_; + param_[8] = (char *) privWhereClause.data(); } break ; + case ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_: { qs = getTrafFunctionsInSchemaQuery; @@ -2152,6 +2320,7 @@ short ExExeUtilGetMetadataInfoTcb::work() param_[8] = (char *) privWhereClause.data(); } break ; + case ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_: { qs = getTrafTableFunctionsInSchemaQuery; @@ -2178,28 +2347,29 @@ short ExExeUtilGetMetadataInfoTcb::work() qs = getTrafProceduresForLibraryQuery; sizeOfqs = sizeof(getTrafProceduresForLibraryQuery); - param_[0] = cat; - param_[1] = sch; - param_[2] = tab; + if (doPrivCheck) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString("T1.object_uid")); + + param_[0] = cat; + param_[1] = sch; + param_[2] = tab; param_[3] = cat; - param_[4] = sch; - param_[5] = routine; + param_[4] = sch; + param_[5] = routine; param_[6] = cat; - param_[7] = sch; - param_[8] = library_usage; - param_[9] = cat; - param_[10] = sch; - param_[11] = tab; - param_[12] = getMItdb().cat_; - param_[13] = getMItdb().sch_; - param_[14] = getMItdb().obj_; + param_[7] = sch; + param_[8] = tab; + param_[9] = getMItdb().cat_; + param_[10] = getMItdb().sch_; + param_[11] = getMItdb().obj_; if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_LIBRARY_) - strcpy(ausStr, " R.udr_type = 'P ' "); + strcpy(ausStr, " R.udr_type = 'P ' "); else if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::FUNCTIONS_FOR_LIBRARY_) - strcpy(ausStr, " R.udr_type = 'F ' "); - else - strcpy(ausStr, " R.udr_type = 'T ' "); - param_[15] = ausStr; + strcpy(ausStr, " R.udr_type = 'F ' "); + else + strcpy(ausStr, " R.udr_type = 'T ' "); + param_[12] = ausStr; + param_[13] = (char *) privWhereClause.data(); } break ; @@ -2354,37 +2524,40 @@ short ExExeUtilGetMetadataInfoTcb::work() } privWhereClause = buf; + // This request performs a union between 4 entities: + // 1. object_privileges table + // 2. schema_privileges table + // 3. column privileges table + // 4. hive metadata tables to retrieve column details + // The call to colPrivsFrag returns the required the union + // statement(s) for items 3 and 4. See colPrivsFrag for details + if (colPrivsFrag(getMItdb().getParam1(), cat, privWhereClause, colPrivsStmt) < 0) + { + step_ = HANDLE_ERROR_; + break; + } + // Union privileges between object, column and schema + // object privs param_[0] = cat; param_[1] = pmsch; param_[2] = objPrivs; param_[3] = (char *) privWhereClause.data(); + // schema privs param_[4] = cat; param_[5] = pmsch; - param_[6] = colPrivs; - param_[7] = cat; - param_[8] = sch; - param_[9] = col; - param_[10] = (char *) privWhereClause.data(); - - param_[11] = cat; - param_[12] = pmsch; - param_[13] = colPrivs; - param_[14] = cat; - param_[15] = sch; - param_[16] = tab; - param_[17] = (char *) privWhereClause.data(); - - param_[18] = cat; - param_[19] = pmsch; - param_[20] = schPrivs; - param_[21] = (char *) privWhereClause.data(); + param_[6] = schPrivs; + param_[7] = (char *) privWhereClause.data(); + + // column privs + param_[8] = (char *) colPrivsStmt.data(); numOutputEntries_ = 2; } break; + case ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_TABLE_: case ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_VIEW_: { @@ -2430,6 +2603,171 @@ short ExExeUtilGetMetadataInfoTcb::work() break; } + case ComTdbExeUtilGetMetadataInfo::INDEXES_FOR_USER_: + { + qs = getTrafIndexesForUser; + sizeOfqs = sizeof(getTrafIndexesForUser); + + // Getting objects for the current user + if (strcmp(getMItdb().getParam1(), currContext->getDatabaseUserName()) == 0) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString ("T.object_uid")); + + // Getting objects for a user other than the current user + else + { + if (doPrivCheck) + { + // User cannot view privileges for another user + ExRaiseSqlError(getHeap(), &diagsArea_, -1017); + step_ = HANDLE_ERROR_; + break; + } + else + { + // Get the authID associated with the requested user + Int32 authID = getAuthID(getMItdb().getParam1(), cat, sch, auths); + + // get the list of roles for this other user. + char *userRoleList = getRoleList(authID, cat, pmsch, role_usage); + if (userRoleList) + { + privWhereClause = getGrantedPrivCmd(userRoleList, cat, NAString ("T.object_uid")); + NADELETEBASIC(userRoleList, getHeap()); + } + else + { + // Unable to read metadata + ExRaiseSqlError(getHeap(), &diagsArea_, -8001); + step_ = HANDLE_ERROR_; + break; + } + } + } + param_[0] = cat; + param_[1] = sch; + param_[2] = indexes; + param_[3] = cat; + param_[4] = sch; + param_[5] = tab; + param_[6] = cat; + param_[7] = sch; + param_[8] = tab; + param_[9] = getMItdb().cat_; + param_[10] = (char *)privWhereClause.data(); + } + break; + + case ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_: + case ComTdbExeUtilGetMetadataInfo::VIEWS_FOR_USER_: + { + qs = getTrafObjectsForUser; + sizeOfqs = sizeof(getTrafObjectsForUser); + + NAString objType; + if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_) + objType = COM_BASE_TABLE_OBJECT_LIT; + else if (getMItdb().queryType_ == ComTdbExeUtilGetMetadataInfo::VIEWS_FOR_USER_) + objType = COM_VIEW_OBJECT_LIT; + else + objType = COM_INDEX_OBJECT_LIT; + + // Getting objects for the current user + if (strcmp(getMItdb().getParam1(), currContext->getDatabaseUserName()) == 0) + privWhereClause = getGrantedPrivCmd(authList, cat, NAString ("T.object_uid")); + + // Getting objects for a user other than the current user + else + { + if (doPrivCheck) + { + // User cannot view privileges for another user + ExRaiseSqlError(getHeap(), &diagsArea_, -1017); + step_ = HANDLE_ERROR_; + break; + } + else + { + // Get the authID associated with the requested user + Int32 authID = getAuthID(getMItdb().getParam1(), cat, sch, auths); + + // get the list of roles for this other user. + char *userRoleList = getRoleList(authID, cat, pmsch, role_usage); + if (userRoleList) + { + privWhereClause = getGrantedPrivCmd(userRoleList, cat, NAString ("T.object_uid")); + NADELETEBASIC(userRoleList, getHeap()); + } + else + { + // Unable to read metadata + ExRaiseSqlError(getHeap(), &diagsArea_, -8001); + step_ = HANDLE_ERROR_; + break; + } + } + } + + param_[0] = cat; + param_[1] = sch; + param_[2] = tab; + param_[3] = getMItdb().cat_; + param_[4] = (char *)objType.data(); + param_[5] = (char *)privWhereClause.data(); + } + break; + + case ComTdbExeUtilGetMetadataInfo::LIBRARIES_FOR_USER_: + { + qs = getTrafLibrariesForUser; + sizeOfqs = sizeof(getTrafLibrariesForUser); + + // Getting libraries for the current user + if (strcmp(getMItdb().getParam1(), currContext->getDatabaseUserName()) == 0) + privWhereClause += getGrantedPrivCmd(authList, cat, NAString("R.udr_uid")); + + // Getting libraries for a user other than the current user + else + { + if (doPrivCheck) + { + // User cannot view privileges for another user + ExRaiseSqlError(getHeap(), &diagsArea_, -1017); + step_ = HANDLE_ERROR_; + break; + } + else + { + // Get the authID associated with the requested user + Int32 authID = getAuthID(getMItdb().getParam1(), cat, sch, auths); + + // Get the list of roles for this other user. + char *userRoleList = getRoleList(authID, cat, pmsch, role_usage); + if (userRoleList) + { + privWhereClause = getGrantedPrivCmd(userRoleList, cat, NAString ("R.udr_uid")); + NADELETEBASIC(userRoleList, getHeap()); + } + else // return error? + { + // Unable to read metadata + ExRaiseSqlError(getHeap(), &diagsArea_, -8001); + step_ = HANDLE_ERROR_; + break; + } + } + } + + param_[0] = cat; + param_[1] = sch; + param_[2] = tab; + param_[3] = cat; + param_[4] = sch; + param_[5] = routine; + param_[6] = getMItdb().cat_; + param_[7] = (char *) privWhereClause.data(); + } + break ; + case ComTdbExeUtilGetMetadataInfo::COMPONENTS_: { qs = getComponents; diff --git a/core/sql/generator/GenRelExeUtil.cpp b/core/sql/generator/GenRelExeUtil.cpp index 5df0849c62..127186772d 100644 --- a/core/sql/generator/GenRelExeUtil.cpp +++ b/core/sql/generator/GenRelExeUtil.cpp @@ -1551,8 +1551,8 @@ short ExeUtilGetMetadataInfo::codeGen(Generator * generator) { "SYSTEM", "SCHEMAS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_ }, { "ALL", "SCHEMAS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_ }, - { "USER", "SEQUENCES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, - { "ALL", "SEQUENCES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, + { "USER", "SEQUENCES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, + { "ALL", "SEQUENCES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, { "USER", "TABLES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_ }, { "SYSTEM", "TABLES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_ }, @@ -1567,7 +1567,6 @@ short ExeUtilGetMetadataInfo::codeGen(Generator * generator) { "ALL", "ROLES", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_ }, { "USER", "USERS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::USERS_ }, - { "USER", "CURRENT_USER","", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::CURRENT_USER_ }, { "SYSTEM", "USERS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::USERS_ }, { "ALL", "USERS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::USERS_ }, @@ -1576,116 +1575,114 @@ short ExeUtilGetMetadataInfo::codeGen(Generator * generator) { "USER", "LIBRARIES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_ }, { "USER", "FUNCTIONS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_ }, { "USER", "TABLE_FUNCTIONS", "","", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_ }, - { "USER", "MVS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, - { "USER", "MVGROUPS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, { "USER", "PROCEDURES","", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_ }, - { "USER", "SYNONYMS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, { "USER", "OBJECTS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_ }, +// { "USER", "MVS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, +// { "USER", "MVGROUPS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, +// { "USER", "SYNONYMS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, { "ALL", "INDEXES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_IN_SCHEMA_ }, { "ALL", "VIEWS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_SCHEMA_ }, { "ALL", "LIBRARIES", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_ }, - { "ALL", "MVS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, - { "ALL", "MVGROUPS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, { "ALL", "PROCEDURES","", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_ }, - { "ALL", "SYNONYMS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, { "ALL", "OBJECTS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_ }, +// { "ALL", "MVS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, +// { "ALL", "MVGROUPS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, +// { "ALL", "SYNONYMS", "", "", 1, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, { "USER", "SCHEMAS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_ }, { "SYSTEM", "SCHEMAS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_ }, { "ALL", "SCHEMAS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_ }, + { "ALL", "VIEWS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_CATALOG_ }, { "USER", "VIEWS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_CATALOG_ }, - { "ALL", "INVALID_VIEWS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::INVALID_VIEWS_IN_CATALOG_ }, + { "USER", "SEQUENCES", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, { "ALL", "SEQUENCES", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_ }, + { "USER", "TABLES", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_CATALOG_ }, { "USER", "OBJECTS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_CATALOG_ }, + { "USER", "HIVE_REG_TABLES","IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HIVE_REG_TABLES_IN_CATALOG_ }, { "USER", "HIVE_REG_VIEWS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HIVE_REG_VIEWS_IN_CATALOG_ }, { "USER", "HIVE_REG_SCHEMAS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HIVE_REG_SCHEMAS_IN_CATALOG_ }, { "USER", "HIVE_REG_OBJECTS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HIVE_REG_OBJECTS_IN_CATALOG_ }, { "USER", "HIVE_EXT_TABLES","IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HIVE_EXT_TABLES_IN_CATALOG_ }, { "USER", "HBASE_REG_TABLES","IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_REG_TABLES_IN_CATALOG_ }, +// { "ALL", "INVALID_VIEWS", "IN", "CATALOG", 1, 1, 0, 0, ComTdbExeUtilGetMetadataInfo::INVALID_VIEWS_IN_CATALOG_ }, { "USER", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_ }, { "SYSTEM", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_ }, { "ALL", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_ }, { "ALL", "SEQUENCES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_SCHEMA_ }, - { "USER", "SEQUENCES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_SCHEMA_ }, + { "USER", "SEQUENCES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_SCHEMA_ }, { "USER", "OBJECTS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_ }, { "SYSTEM", "OBJECTS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_ }, { "ALL", "OBJECTS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_ }, - { "ALL", "INVALID_VIEWS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::INVALID_VIEWS_IN_SCHEMA_ }, +// { "ALL", "INVALID_VIEWS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::INVALID_VIEWS_IN_SCHEMA_ }, { "USER", "INDEXES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_IN_SCHEMA_ }, { "USER", "VIEWS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_SCHEMA_ }, - { "USER", "MVS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, - { "USER", "MVGROUPS", "IN", "SCHEMA", 0, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, { "USER", "PRIVILEGES","ON", "SCHEMA", 0, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_SCHEMA_ }, { "USER", "LIBRARIES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_ }, { "USER", "PROCEDURES","IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_ }, { "USER", "FUNCTIONS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_ }, { "USER", "TABLE_FUNCTIONS", "IN","SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_ }, - { "USER", "SYNONYMS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, +// { "USER", "MVS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, +// { "USER", "MVGROUPS", "IN", "SCHEMA", 0, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, +// { "USER", "SYNONYMS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, { "ALL", "INDEXES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_IN_SCHEMA_ }, { "ALL", "VIEWS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_SCHEMA_ }, - { "ALL", "MVS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, - { "ALL", "MVGROUPS", "IN", "SCHEMA", 0, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, { "ALL", "LIBRARIES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_ }, { "ALL", "PROCEDURES","IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_ }, - { "ALL", "FUNCTIONS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_ }, - { "ALL", "TABLE_FUNCTIONS", "IN","SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_ }, - { "ALL", "SYNONYMS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, - { "IUDLOG", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLES_IN_SCHEMA_ }, - - { "RANGELOG", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLES_IN_SCHEMA_ }, - { "TRIGTEMP", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLES_IN_SCHEMA_ }, + { "ALL", "FUNCTIONS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_ }, + { "ALL", "TABLE_FUNCTIONS", "IN","SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_ }, +// { "ALL", "MVS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_SCHEMA_ }, +// { "ALL", "MVGROUPS", "IN", "SCHEMA", 0, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_IN_SCHEMA_ }, +// { "ALL", "SYNONYMS", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_IN_SCHEMA_ }, +// { "IUDLOG", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLES_IN_SCHEMA_ }, +// { "RANGELOG", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLES_IN_SCHEMA_ }, +// { "TRIGTEMP", "TABLES", "IN", "SCHEMA", 1, 2, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLES_IN_SCHEMA_ }, { "USER", "INDEXES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_TABLE_ }, - { "USER", "INDEXES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_MV_ }, - { "USER", "MVS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_ON_TABLE_ }, - { "USER", "MVGROUPS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_ON_TABLE_ }, + { "USER", "VIEWS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_ }, { "USER", "OBJECTS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_ON_TABLE_ }, { "USER", "PRIVILEGES","ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_TABLE_ }, { "USER", "PRIVILEGES","ON", "VIEW", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_VIEW_ }, - { "USER", "PRIVILEGES","ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_MV_ }, - { "USER", "SYNONYMS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_ON_TABLE_ }, - { "USER", "VIEWS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_ }, - +// { "USER", "INDEXES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_MV_ }, +// { "USER", "MVS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_ON_TABLE_ }, +// { "USER", "MVGROUPS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_ON_TABLE_ }, +// { "USER", "PRIVILEGES","ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_MV_ }, +// { "USER", "SYNONYMS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_ON_TABLE_ }, { "ALL", "INDEXES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_TABLE_ }, - { "ALL", "INDEXES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_MV_ }, { "ALL", "VIEWS", "ON", "TABLE", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_ }, - { "ALL", "MVS", "ON", "TABLE", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_ON_TABLE_ }, - { "ALL", "MVGROUPS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_ON_TABLE_ }, - { "ALL", "SYNONYMS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_ON_TABLE_ }, { "ALL", "OBJECTS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_ON_TABLE_ }, { "ALL", "PRIVILEGES","ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_TABLE_ }, { "ALL", "PRIVILEGES","ON", "VIEW", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_VIEW_ }, - { "IUDLOG", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLE_ON_TABLE_ }, - { "RANGELOG", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLE_ON_TABLE_ }, - { "TRIGTEMP", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLE_ON_TABLE_ }, - - { "IUDLOG", "TABLES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLE_ON_MV_ }, - { "RANGELOG", "TABLES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLE_ON_MV_ }, - // { "TRIGTEMP", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLE_ON_MV_ }, - - - { "ALL", "PRIVILEGES","ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_MV_ }, - - { "USER", "MVS", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_ON_MV_ }, - { "ALL", "MVS", "ON", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_ON_MV_ }, - - - { "USER", "PARTITIONS","FOR", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_ }, - { "USER", "PARTITIONS","ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_ }, - - { "USER", "PARTITIONS","FOR", "INDEX", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_ }, - { "USER", "PARTITIONS","ON", "INDEX", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_ }, +// { "ALL", "INDEXES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_ON_MV_ }, +// { "ALL", "MVS", "ON", "TABLE", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_ON_TABLE_ }, +// { "ALL", "MVGROUPS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_ON_TABLE_ }, +// { "ALL", "SYNONYMS", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_ON_TABLE_ }, +// +// { "IUDLOG", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLE_ON_TABLE_ }, +// { "RANGELOG", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLE_ON_TABLE_ }, +// { "TRIGTEMP", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLE_ON_TABLE_ }, +// { "IUDLOG", "TABLES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::IUDLOG_TABLE_ON_MV_ }, +// { "RANGELOG", "TABLES", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::RANGELOG_TABLE_ON_MV_ }, +// { "TRIGTEMP", "TABLES", "ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGTEMP_TABLE_ON_MV_ }, +// { "ALL", "PRIVILEGES","ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_ON_MV_ }, +// { "USER", "MVS", "ON", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_ON_MV_ }, +// { "ALL", "MVS", "ON", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_ON_MV_ }, + + +// { "USER", "PARTITIONS","FOR", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_ }, +// { "USER", "PARTITIONS","ON", "TABLE", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_ }, +// { "USER", "PARTITIONS","FOR", "INDEX", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_ }, +// { "USER", "PARTITIONS","ON", "INDEX", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_ }, { "USER", "VIEWS", "ON", "VIEW", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_ON_VIEW_ }, { "ALL", "VIEWS", "ON", "VIEW", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::VIEWS_ON_VIEW_ }, @@ -1698,13 +1695,13 @@ short ExeUtilGetMetadataInfo::codeGen(Generator * generator) { "ALL", "VIEWS", "IN", "VIEW", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::VIEWS_IN_VIEW_ }, { "ALL", "OBJECTS", "IN", "VIEW", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_VIEW_ }, - { "USER", "TABLES", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_MV_ }, - { "USER", "MVS", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_MV_ }, - { "USER", "OBJECTS", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_MV_ }, +// { "USER", "TABLES", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_IN_MV_ }, +// { "USER", "MVS", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_IN_MV_ }, +// { "USER", "OBJECTS", "IN", "MV", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_MV_ }, - { "ALL", "TABLES", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::TABLES_IN_MV_ }, - { "ALL", "MVS", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_IN_MV_ }, - { "ALL", "OBJECTS", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_MV_ }, +// { "ALL", "TABLES", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::TABLES_IN_MV_ }, +// { "ALL", "MVS", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::MVS_IN_MV_ }, +// { "ALL", "OBJECTS", "IN", "MV", 0, 3, 1, 1, ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_MV_ }, { "ALL", "USERS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::USERS_FOR_ROLE_ }, { "ALL", "ROLES", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_ROLE_ }, @@ -1715,62 +1712,59 @@ short ExeUtilGetMetadataInfo::codeGen(Generator * generator) { "USER", "USERS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::USERS_FOR_ROLE_ }, { "USER", "ROLES", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_ROLE_ }, - { "ALL", "PROCEDURES","FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_LIBRARY_ }, - { "USER", "PROCEDURES","FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_LIBRARY_ }, - { "ALL", "FUNCTIONS", "FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_FOR_LIBRARY_ }, - { "ALL", "TABLE_FUNCTIONS","FOR","LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_FOR_LIBRARY_ }, + { "ALL", "PROCEDURES","FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_LIBRARY_ }, + { "USER", "PROCEDURES","FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_LIBRARY_ }, + { "ALL", "FUNCTIONS", "FOR", "LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::FUNCTIONS_FOR_LIBRARY_ }, + { "ALL", "TABLE_FUNCTIONS","FOR","LIBRARY", 0, 3, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_FOR_LIBRARY_ }, - { "ALL", "CATALOGS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::CATALOGS_FOR_USER_ }, { "ALL", "INDEXES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_FOR_USER_ }, { "ALL", "LIBRARIES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_FOR_USER_ }, - { "ALL", "MVS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_FOR_USER_ }, - { "ALL", "MVGROUPS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_FOR_USER_ }, { "ALL", "PRIVILEGES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_FOR_USER_ }, { "ALL", "PRIVILEGES","FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_FOR_ROLE_ }, { "ALL", "PROCEDURES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_USER_ }, { "ALL", "ROLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_USER_ }, { "ALL", "SCHEMAS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, { "ALL", "SCHEMAS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, - { "ALL", "SYNONYMS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_FOR_USER_ }, { "ALL", "TABLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_ }, - { "ALL", "TRIGGERS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGGERS_FOR_USER_ }, { "ALL", "VIEWS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_FOR_USER_ }, +// { "ALL", "MVS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_FOR_USER_ }, +// { "ALL", "MVGROUPS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_FOR_USER_ }, +// { "ALL", "SYNONYMS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_FOR_USER_ }, +// { "ALL", "TRIGGERS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGGERS_FOR_USER_ }, - { "SYSTEM", "CATALOGS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::CATALOGS_FOR_USER_ }, + { "SYSTEM", "ROLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_USER_ }, + { "SYSTEM", "SCHEMAS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, + { "SYSTEM", "SCHEMAS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, + { "SYSTEM", "TABLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_ }, // { "SYSTEM", "INDEXES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_FOR_USER_ }, // { "SYSTEM", "LIBRARIES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_FOR_USER_ }, // { "SYSTEM", "MVS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_FOR_USER_ }, // { "SYSTEM", "MVGROUPS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_FOR_USER_ }, // { "SYSTEM", "PRIVILEGES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_FOR_USER_ }, // { "SYSTEM", "PROCEDURES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_USER_ }, - { "SYSTEM", "ROLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_USER_ }, - { "SYSTEM", "SCHEMAS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, - { "SYSTEM", "SCHEMAS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, // { "SYSTEM", "SYNONYMS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_FOR_USER_ }, - { "SYSTEM", "TABLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_ }, // { "SYSTEM", "TRIGGERS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGGERS_FOR_USER_ }, // { "SYSTEM", "VIEWS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_FOR_USER_ }, - { "USER", "CATALOGS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::CATALOGS_FOR_USER_ }, { "USER", "INDEXES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::INDEXES_FOR_USER_ }, { "USER", "LIBRARIES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::LIBRARIES_FOR_USER_ }, - { "USER", "MVS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_FOR_USER_ }, - { "USER", "MVGROUPS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_FOR_USER_ }, { "USER", "PRIVILEGES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_FOR_USER_ }, { "USER", "PRIVILEGES","FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PRIVILEGES_FOR_ROLE_ }, { "USER", "PROCEDURES","FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::PROCEDURES_FOR_USER_ }, { "USER", "ROLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::ROLES_FOR_USER_ }, { "USER", "SCHEMAS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, { "USER", "SCHEMAS", "FOR", "ROLE", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SCHEMAS_FOR_USER_ }, - { "USER", "SYNONYMS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_FOR_USER_ }, { "USER", "TABLES", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TABLES_FOR_USER_ }, - { "USER", "TRIGGERS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGGERS_FOR_USER_ }, { "USER", "VIEWS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::VIEWS_FOR_USER_ }, - - { "USER", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, - { "ALL", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, - { "SYSTEM", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, - { "EXTERNAL", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ } +// { "USER", "MVS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVS_FOR_USER_ }, +// { "USER", "MVGROUPS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::MVGROUPS_FOR_USER_ }, +// { "USER", "SYNONYMS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::SYNONYMS_FOR_USER_ }, +// { "USER", "TRIGGERS", "FOR", "USER", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::TRIGGERS_FOR_USER_ }, + + { "USER", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, + { "ALL", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, + { "SYSTEM", "HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ }, + { "EXTERNAL","HBASE_OBJECTS", "", "", 0, 0, 0, 0, ComTdbExeUtilGetMetadataInfo::HBASE_OBJECTS_ } //================================================================================================================================== // AUSStr InfoType IOFStr ObjectType Version MaxParts GroupBy OrderBy QueryType diff --git a/core/sql/parser/sqlparser.y b/core/sql/parser/sqlparser.y index c218632f0e..cc2d733d68 100755 --- a/core/sql/parser/sqlparser.y +++ b/core/sql/parser/sqlparser.y @@ -15381,31 +15381,6 @@ exe_util_get_metadata_info : //gmi->setNoHeader(TRUE); $$ = gmi; } - | TOK_GET TOK_CURRENT_USER - optional_no_header_and_match_pattern_clause - { - NAString aus("USER"); - NAString infoType("CURRENT_USER"); - PtrPlaceHolder * pph = $3; - NAString * noHeader = (NAString *)pph->ptr1_; - CorrName cn("DUMMY"); - NAString nas(""); - ExeUtilGetMetadataInfo * gmi = new (PARSERHEAP ()) ExeUtilGetMetadataInfo - ( aus // NAString & - , infoType // NAString & - , nas // NAString & - , nas // NAString & objectType - , cn // CorrName & - , NULL // NAString * pattern - , FALSE // NABoolean returnFullyQualNames - , FALSE // NABoolean getVersion - , NULL // NAString * param1 - , PARSERHEAP() // CollHeap * oHeap - ); - if (noHeader) - gmi->setNoHeader(TRUE); - $$ = gmi; - } | TOK_GET get_info_aus_clause obj_priv_identifier TOK_FOR user_or_role authorization_identifier optional_no_header_and_match_pattern_clause @@ -15415,11 +15390,10 @@ exe_util_get_metadata_info : if (aus == "NONE") aus = "USER"; - if ((*$3 != "CATALOGS" ) && (*$3 != "INDEXES" ) && - (*$3 != "MVS" ) && (*$3 != "MVGROUPS" ) && + if ((*$3 != "SEQUENCES" ) && (*$3 != "INDEXES" ) && (*$3 != "PRIVILEGES") && (*$3 != "PROCEDURES") && - (*$3 != "SCHEMAS" ) && (*$3 != "SYNONYMS" ) && - (*$3 != "TABLES" ) && (*$3 != "TRIGGERS" ) && + (*$3 != "FUNCTIONS" ) && (*$3 != "TABLE_MAPPING FUNCTIONS") && + (*$3 != "SCHEMAS" ) && (*$3 != "TABLES" ) && (*$3 != "VIEWS" ) && (*$3 != "USERS" ) && (*$3 != "ROLES" ) && (*$3 != "LIBRARIES" )) YYERROR; @@ -15431,11 +15405,6 @@ exe_util_get_metadata_info : if ($5 == TOK_ROLE) objType = "ROLE"; - /* Currently just support GET USERS FOR ROLE and GET PRIVILEGES FOR ROLE */ - - /* if ((objType == "ROLE") && - (infoType != "USERS" && infoType != "PRIVILEGES")) YYERROR; */ - PtrPlaceHolder * pph = $7; NAString * noHeader = (NAString *)pph->ptr1_; NAString * pattern = (NAString *)pph->ptr2_; diff --git a/core/sql/regress/privs1/EXPECTED123 b/core/sql/regress/privs1/EXPECTED123 index 0251bdadec..45d5db9f52 100644 --- a/core/sql/regress/privs1/EXPECTED123 +++ b/core/sql/regress/privs1/EXPECTED123 @@ -92,6 +92,9 @@ SHOW +> game_location varchar(50) not null) +> ; +--- SQL operation complete. +>>create index games_visitor on games(visitor_team_number) no populate; + --- SQL operation complete. >> >>create table players @@ -107,6 +110,32 @@ SHOW >> >>create sequence players_sequence; +--- SQL operation complete. +>> +>>create view home_teams_games as ++> select t.team_number, g.game_number, g.game_time ++> from "TEAMS" t, ++> "GAMES" g ++> where t.team_number = g.home_team_number ++> order by 1, game_number, game_time; + +--- SQL operation complete. +>> +>>create view players_on_team as ++> select player_name, team_name ++> from teams t, players p ++> where p.player_team_number = t.team_number ++> order by t.team_name; + +--- SQL operation complete. +>> +>>create view games_by_player as ++> select player_name, game_time ++> from players_on_team p, games g, teams t ++> where p.player_name = t.team_name and ++> t.team_number = g.home_team_number ++> order by player_name, team_number; + --- SQL operation complete. >> >>grant select on games to sql_user4; @@ -332,10 +361,13 @@ Privileges for User SQL_USER5 ------E TRAFODION."_LIBMGR_".EVENT_LOG_READER ------E TRAFODION."_LIBMGR_".JDBC SIDU-R- TRAFODION.T123SCH.GAMES +S----R- TRAFODION.T123SCH.GAMES_BY_PLAYER +S----R- TRAFODION.T123SCH.HOME_TEAMS_GAMES SIDU-R- TRAFODION.T123SCH.PLAYERS S------ TRAFODION.T123SCH.PLAYERS PLAYER_NAME S------ TRAFODION.T123SCH.PLAYERS PLAYER_NUMBER S------ TRAFODION.T123SCH.PLAYERS PLAYER_TEAM_NUMBER +S----R- TRAFODION.T123SCH.PLAYERS_ON_TEAM ----G-- TRAFODION.T123SCH.PLAYERS_SEQUENCE SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAMS SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS @@ -374,7 +406,10 @@ Privileges for Role T123_OWNERROLE ================================== SIDU-R- TRAFODION.T123SCH.GAMES +S----R- TRAFODION.T123SCH.GAMES_BY_PLAYER +S----R- TRAFODION.T123SCH.HOME_TEAMS_GAMES SIDU-R- TRAFODION.T123SCH.PLAYERS +S----R- TRAFODION.T123SCH.PLAYERS_ON_TEAM ----G-- TRAFODION.T123SCH.PLAYERS_SEQUENCE SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAMS SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS @@ -395,6 +430,164 @@ S------ TRAFODION.T123SCH.PLAYERS PLAYER_TEAM_NUMBER S------ TRAFODION.T123SCH.TEAMS TEAM_NAME S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER +--- SQL operation complete. +>> +>>get tables for user sql_user1; + +Tables for User SQL_USER1 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user2; + +Tables for User SQL_USER2 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user3; + +Tables for User SQL_USER3 +========================= + +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user4; + +Tables for User SQL_USER4 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user5; + +Tables for User SQL_USER5 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".SB_HISTOGRAMS +TRAFODION."T123SCH".SB_HISTOGRAM_INTERVALS +TRAFODION."T123SCH".SB_PERSISTENT_SAMPLES +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>> +>>get indexes for user sql_user1; + +Indexes for User SQL_USER1 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user2; + +Indexes for User SQL_USER2 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user3; + +--- SQL operation complete. +>>get indexes for user sql_user4; + +Indexes for User SQL_USER4 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user5; + +Indexes for User SQL_USER5 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>> +>>get views for user sql_user1; + +--- SQL operation complete. +>>get views for user sql_user2; + +--- SQL operation complete. +>>get views for user sql_user3; + +--- SQL operation complete. +>>get views for user sql_user4; + +--- SQL operation complete. +>>get views for user sql_user5; + +Views for User SQL_USER5 +======================== + +TRAFODION."T123SCH".GAMES_BY_PLAYER +TRAFODION."T123SCH".HOME_TEAMS_GAMES +TRAFODION."T123SCH".PLAYERS_ON_TEAM + +--- SQL operation complete. +>> +>>get libraries for user sql_user1; + +Libraries for User SQL_USER1 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user2; + +Libraries for User SQL_USER2 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user3; + +Libraries for User SQL_USER3 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user4; + +Libraries for User SQL_USER4 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user5; + +Libraries for User SQL_USER5 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + --- SQL operation complete. >> >> @@ -568,6 +761,120 @@ S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER --- SQL operation complete. >> +>>get tables for user sql_user1; + +Tables for User SQL_USER1 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get indexes for user sql_user1; + +Indexes for User SQL_USER1 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get views for user sql_user1; + +--- SQL operation complete. +>>get views for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get libraries for user sql_user1; + +Libraries for User SQL_USER1 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> >> >>exit; @@ -727,6 +1034,120 @@ S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER --- SQL operation complete. >> +>>get tables for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user2; + +Tables for User SQL_USER2 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get indexes for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user2; + +Indexes for User SQL_USER2 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get views for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user2; + +--- SQL operation complete. +>>get views for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get libraries for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user2; + +Libraries for User SQL_USER2 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> >> >>exit; @@ -869,6 +1290,114 @@ S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER --- SQL operation complete. >> +>>get tables for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user3; + +Tables for User SQL_USER3 +========================= + +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get indexes for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user3; + +--- SQL operation complete. +>>get indexes for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get views for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user3; + +--- SQL operation complete. +>>get views for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get libraries for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user3; + +Libraries for User SQL_USER3 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> >> >>exit; @@ -1013,6 +1542,120 @@ S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER --- SQL operation complete. >> +>>get tables for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user4; + +Tables for User SQL_USER4 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>>get tables for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get indexes for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user4; + +Indexes for User SQL_USER4 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>>get indexes for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get views for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user4; + +--- SQL operation complete. +>>get views for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> +>>get libraries for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user4; + +Libraries for User SQL_USER4 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + +--- SQL operation complete. +>>get libraries for user sql_user5; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>> >> >>exit; @@ -1128,10 +1771,13 @@ Privileges for User SQL_USER5 ------E TRAFODION."_LIBMGR_".EVENT_LOG_READER ------E TRAFODION."_LIBMGR_".JDBC SIDU-R- TRAFODION.T123SCH.GAMES +S----R- TRAFODION.T123SCH.GAMES_BY_PLAYER +S----R- TRAFODION.T123SCH.HOME_TEAMS_GAMES SIDU-R- TRAFODION.T123SCH.PLAYERS S------ TRAFODION.T123SCH.PLAYERS PLAYER_NAME S------ TRAFODION.T123SCH.PLAYERS PLAYER_NUMBER S------ TRAFODION.T123SCH.PLAYERS PLAYER_TEAM_NUMBER +S----R- TRAFODION.T123SCH.PLAYERS_ON_TEAM ----G-- TRAFODION.T123SCH.PLAYERS_SEQUENCE SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAMS SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS @@ -1157,7 +1803,10 @@ Privileges for Role T123_OWNERROLE ================================== SIDU-R- TRAFODION.T123SCH.GAMES +S----R- TRAFODION.T123SCH.GAMES_BY_PLAYER +S----R- TRAFODION.T123SCH.HOME_TEAMS_GAMES SIDU-R- TRAFODION.T123SCH.PLAYERS +S----R- TRAFODION.T123SCH.PLAYERS_ON_TEAM ----G-- TRAFODION.T123SCH.PLAYERS_SEQUENCE SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAMS SIDU-R- TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS @@ -1178,6 +1827,130 @@ S------ TRAFODION.T123SCH.PLAYERS PLAYER_TEAM_NUMBER S------ TRAFODION.T123SCH.TEAMS TEAM_NAME S------ TRAFODION.T123SCH.TEAMS TEAM_NUMBER +--- SQL operation complete. +>> +>>get tables for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get tables for user sql_user5; + +Tables for User SQL_USER5 +========================= + +TRAFODION."T123SCH".GAMES +TRAFODION."T123SCH".PLAYERS +TRAFODION."T123SCH".SB_HISTOGRAMS +TRAFODION."T123SCH".SB_HISTOGRAM_INTERVALS +TRAFODION."T123SCH".SB_PERSISTENT_SAMPLES +TRAFODION."T123SCH".TEAMS + +--- SQL operation complete. +>> +>>get indexes for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get indexes for user sql_user5; + +Indexes for User SQL_USER5 +========================== + +TRAFODION."T123SCH".GAMES_VISITOR + +--- SQL operation complete. +>> +>>get views for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get views for user sql_user5; + +Views for User SQL_USER5 +======================== + +TRAFODION."T123SCH".GAMES_BY_PLAYER +TRAFODION."T123SCH".HOME_TEAMS_GAMES +TRAFODION."T123SCH".PLAYERS_ON_TEAM + +--- SQL operation complete. +>> +>>get libraries for user sql_user1; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user2; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user3; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user4; + +*** ERROR[1017] You are not authorized to perform this operation. + +--- SQL operation failed with errors. +>>get libraries for user sql_user5; + +Libraries for User SQL_USER5 +============================ + +DB__LIBMGRNAME +DB__LIBMGR_LIB_CPP + --- SQL operation complete. >> >> diff --git a/core/sql/regress/privs1/EXPECTED125 b/core/sql/regress/privs1/EXPECTED125 index 73f0d59ec8..8473a1c689 100644 --- a/core/sql/regress/privs1/EXPECTED125 +++ b/core/sql/regress/privs1/EXPECTED125 @@ -81,8 +81,8 @@ >> >>create view games_by_player as +> select player_name, game_time -+> from teams t, games g, players p -+> where p.player_team_number = t.team_number and ++> from players_on_team p, games g, teams t ++> where p.player_name = t.team_name and +> t.team_number = g.home_team_number +> order by player_name, team_number; @@ -213,8 +213,8 @@ >> >>create view games_by_player as +> select player_name, game_time -+> from teams t, games g, players p -+> where p.player_team_number = t.team_number and ++> from players_on_team p, games g, teams t ++> where p.player_name = t.team_name and +> t.team_number = g.home_team_number +> order by player_name, team_number; @@ -345,8 +345,8 @@ >> >>create view games_by_player as +> select player_name, game_time -+> from teams t, games g, players p -+> where p.player_team_number = t.team_number and ++> from players_on_team p, games g, teams t ++> where p.player_name = t.team_name and +> t.team_number = g.home_team_number +> order by player_name, team_number; @@ -616,7 +616,7 @@ T125SCH2.PLAYERS_SEQUENCE T125SCH3.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; Libraries in Schema TRAFODION.T125SCH1 ====================================== @@ -640,6 +640,59 @@ Procedures in Schema TRAFODION.T125SCH1 TESTHIVE +--- SQL operation complete. +>> +>>get indexes on table players; + +Indexes on Table T125SCH1.PLAYERS +================================= + +PLAYERS_TEAMS + +--- SQL operation complete. +>>get views on table players; + +Views on Table T125SCH1.PLAYERS +=============================== + +TRAFODION.T125SCH1.PLAYERS_ON_TEAM + +--- SQL operation complete. +>>get views on view players_on_team; + +Views ON View T125SCH1.PLAYERS_ON_TEAM +====================================== + +TRAFODION.T125SCH1.GAMES_BY_PLAYER + +--- SQL operation complete. +>> +>>get tables in view games_by_player; + +Tables in View T125SCH1.GAMES_BY_PLAYER +======================================= + +TRAFODION.T125SCH1.GAMES +TRAFODION.T125SCH1.TEAMS + +--- SQL operation complete. +>>get views in view games_by_player; + +Views in View T125SCH1.GAMES_BY_PLAYER +====================================== + +TRAFODION.T125SCH1.PLAYERS_ON_TEAM + +--- SQL operation complete. +>>get objects in view games_by_player; + +Objects in View T125SCH1.GAMES_BY_PLAYER +======================================== + +TRAFODION.T125SCH1.GAMES +TRAFODION.T125SCH1.PLAYERS_ON_TEAM +TRAFODION.T125SCH1.TEAMS + --- SQL operation complete. >> >>set schema t125sch2; @@ -760,7 +813,7 @@ T125SCH2.PLAYERS_SEQUENCE T125SCH3.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; Libraries in Schema TRAFODION.T125SCH3 ====================================== @@ -786,6 +839,24 @@ TESTHIVE --- SQL operation complete. >> +>>get functions for library t125_l1; + +Functions for Library T125SCH3.T125_L1 +====================================== + +T125SCH3.TRANSLATEBITMAP + +--- SQL operation complete. +>>get procedures for library t125_l2; + +Procedures for Library T125SCH3.T125_L2 +======================================= + +T125SCH3.TESTHIVE + +--- SQL operation complete. +>> +>> >> >>revoke component privilege "SHOW" on sql_operations from "PUBLIC"; @@ -833,7 +904,7 @@ Sequences in catalog TRAFODION T125SCH3.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; --- SQL operation complete. >>get functions; @@ -841,6 +912,26 @@ T125SCH3.PLAYERS_SEQUENCE --- SQL operation complete. >>get procedures; +--- SQL operation complete. +>> +>>get indexes on table players; + +--- SQL operation complete. +>>get views on table players; + +--- SQL operation complete. +>>get views on view players_on_team; + +--- SQL operation complete. +>> +>>get tables in view games_by_player; + +--- SQL operation complete. +>>get views in view games_by_player; + +--- SQL operation complete. +>>get objects in view games_by_player; + --- SQL operation complete. >> >>set schema t125sch2; @@ -905,7 +996,7 @@ Sequences in catalog TRAFODION T125SCH3.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; Libraries in Schema TRAFODION.T125SCH3 ====================================== @@ -931,6 +1022,24 @@ TESTHIVE --- SQL operation complete. >> +>>get functions for library t125_l1; + +Functions for Library T125SCH3.T125_L1 +====================================== + +T125SCH3.TRANSLATEBITMAP + +--- SQL operation complete. +>>get procedures for library t125_l2; + +Procedures for Library T125SCH3.T125_L2 +======================================= + +T125SCH3.TESTHIVE + +--- SQL operation complete. +>> +>> >>exit; End of MXCI Session @@ -979,7 +1088,7 @@ Sequences in catalog TRAFODION T125SCH2.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; --- SQL operation complete. >>get functions; @@ -987,6 +1096,26 @@ T125SCH2.PLAYERS_SEQUENCE --- SQL operation complete. >>get procedures; +--- SQL operation complete. +>> +>>get indexes on table players; + +--- SQL operation complete. +>>get views on table players; + +--- SQL operation complete. +>>get views on view players_on_team; + +--- SQL operation complete. +>> +>>get tables in view games_by_player; + +--- SQL operation complete. +>>get views in view games_by_player; + +--- SQL operation complete. +>>get objects in view games_by_player; + --- SQL operation complete. >> >>set schema t125sch2; @@ -1011,6 +1140,11 @@ PLAYERS_SEQUENCE --- SQL operation complete. >>get libraries in schema t125sch2; +Libraries in Schema TRAFODION.T125SCH2 +====================================== + +T125_L2 + --- SQL operation complete. >>get functions in schema t125sch2; @@ -1054,7 +1188,7 @@ Sequences in catalog TRAFODION T125SCH2.PLAYERS_SEQUENCE --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; --- SQL operation complete. >>get functions in schema t125sch3; @@ -1064,6 +1198,14 @@ T125SCH2.PLAYERS_SEQUENCE --- SQL operation complete. >> +>>get functions for library t125_l1; + +--- SQL operation complete. +>>get procedures for library t125_l2; + +--- SQL operation complete. +>> +>> >>exit; End of MXCI Session @@ -1118,7 +1260,7 @@ GAMES_BY_PLAYER >>get sequences, match 'T125SCH%'; --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; --- SQL operation complete. >>get functions; @@ -1126,6 +1268,44 @@ GAMES_BY_PLAYER --- SQL operation complete. >>get procedures; +--- SQL operation complete. +>> +>>get indexes on table players; + +--- SQL operation complete. +>>get views on table players; + +--- SQL operation complete. +>>get views on view players_on_team; + +--- SQL operation complete. +>> +>>get tables in view games_by_player; + +Tables in View T125SCH1.GAMES_BY_PLAYER +======================================= + +TRAFODION.T125SCH1.GAMES +TRAFODION.T125SCH1.TEAMS + +--- SQL operation complete. +>>get views in view games_by_player; + +Views in View T125SCH1.GAMES_BY_PLAYER +====================================== + +TRAFODION.T125SCH1.PLAYERS_ON_TEAM + +--- SQL operation complete. +>>get objects in view games_by_player; + +Objects in View T125SCH1.GAMES_BY_PLAYER +======================================== + +TRAFODION.T125SCH1.GAMES +TRAFODION.T125SCH1.PLAYERS_ON_TEAM +TRAFODION.T125SCH1.TEAMS + --- SQL operation complete. >> >>set schema t125sch2; @@ -1192,7 +1372,12 @@ T125SCH3.GAMES_BY_PLAYER >>get sequences in catalog trafodion, match 'T125SCH%'; --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; + +Libraries in Schema TRAFODION.T125SCH3 +====================================== + +T125_L1 --- SQL operation complete. >>get functions in schema t125sch3; @@ -1207,6 +1392,19 @@ TRANSLATEBITMAP --- SQL operation complete. >> +>>get functions for library t125_l1; + +Functions for Library T125SCH3.T125_L1 +====================================== + +T125SCH3.TRANSLATEBITMAP + +--- SQL operation complete. +>>get procedures for library t125_l2; + +--- SQL operation complete. +>> +>> >>exit; End of MXCI Session @@ -1251,7 +1449,7 @@ T125SCH3 >>get sequences, match 'T125SCH%'; --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; --- SQL operation complete. >>get functions; @@ -1259,6 +1457,26 @@ T125SCH3 --- SQL operation complete. >>get procedures; +--- SQL operation complete. +>> +>>get indexes on table players; + +--- SQL operation complete. +>>get views on table players; + +--- SQL operation complete. +>>get views on view players_on_team; + +--- SQL operation complete. +>> +>>get tables in view games_by_player; + +--- SQL operation complete. +>>get views in view games_by_player; + +--- SQL operation complete. +>>get objects in view games_by_player; + --- SQL operation complete. >> >>set schema t125sch2; @@ -1312,7 +1530,12 @@ PLAYERS >>get sequences in catalog trafodion, match 'T125SCH%'; --- SQL operation complete. ->>get libraries; +>>get libraries, match 'T125%'; + +Libraries in Schema TRAFODION.T125SCH3 +====================================== + +T125_L1 --- SQL operation complete. >>get functions in schema t125sch3; @@ -1327,6 +1550,19 @@ TRANSLATEBITMAP --- SQL operation complete. >> +>>get functions for library t125_l1; + +Functions for Library T125SCH3.T125_L1 +====================================== + +T125SCH3.TRANSLATEBITMAP + +--- SQL operation complete. +>>get procedures for library t125_l2; + +--- SQL operation complete. +>> +>> >>exit; End of MXCI Session diff --git a/core/sql/regress/privs1/TEST123 b/core/sql/regress/privs1/TEST123 index f32cf611e1..6214a55794 100644 --- a/core/sql/regress/privs1/TEST123 +++ b/core/sql/regress/privs1/TEST123 @@ -29,6 +29,7 @@ -- get roles for user -- get privileges for role -- get privileges for user +-- get [tables | indexes | libraries | views] for user -- -- Users and roles used -- t123_adminrole: granted update and delete on games/teams @@ -99,6 +100,7 @@ create table games game_time timestamp not null, game_location varchar(50) not null) ; +create index games_visitor on games(visitor_team_number) no populate; create table players (player_number int not null, @@ -111,6 +113,26 @@ create table players create sequence players_sequence; +create view home_teams_games as + select t.team_number, g.game_number, g.game_time + from "TEAMS" t, + "GAMES" g + where t.team_number = g.home_team_number + order by 1, game_number, game_time; + +create view players_on_team as + select player_name, team_name + from teams t, players p + where p.player_team_number = t.team_number + order by t.team_name; + +create view games_by_player as + select player_name, game_time + from players_on_team p, games g, teams t + where p.player_name = t.team_name and + t.team_number = g.home_team_number + order by player_name, team_number; + grant select on games to sql_user4; grant select on teams to sql_user4; grant select(team_number, team_name) on teams to "PUBLIC"; @@ -170,6 +192,30 @@ get privileges for role t123_dummyrole; get privileges for role t123_ownerrole; get privileges for role "PUBLIC"; +get tables for user sql_user1; +get tables for user sql_user2; +get tables for user sql_user3; +get tables for user sql_user4; +get tables for user sql_user5; + +get indexes for user sql_user1; +get indexes for user sql_user2; +get indexes for user sql_user3; +get indexes for user sql_user4; +get indexes for user sql_user5; + +get views for user sql_user1; +get views for user sql_user2; +get views for user sql_user3; +get views for user sql_user4; +get views for user sql_user5; + +get libraries for user sql_user1; +get libraries for user sql_user2; +get libraries for user sql_user3; +get libraries for user sql_user4; +get libraries for user sql_user5; + ?section other get privileges for user "PUBLIC"; get privileges for user unknown_user; diff --git a/core/sql/regress/privs1/TEST125 b/core/sql/regress/privs1/TEST125 index 0025c531f8..de667ea3cf 100644 --- a/core/sql/regress/privs1/TEST125 +++ b/core/sql/regress/privs1/TEST125 @@ -154,8 +154,8 @@ create view players_on_team as create view games_by_player as select player_name, game_time - from teams t, games g, players p - where p.player_team_number = t.team_number and + from players_on_team p, games g, teams t + where p.player_name = t.team_name and t.team_number = g.home_team_number order by player_name, team_number; @@ -220,10 +220,18 @@ get tables; get views; get indexes; get sequences, match 'T125SCH%'; -get libraries; +get libraries, match 'T125%'; get functions; get procedures; +get indexes on table players; +get views on table players; +get views on view players_on_team; + +get tables in view games_by_player; +get views in view games_by_player; +get objects in view games_by_player; + set schema t125sch2; get tables in schema t125sch2; get views in schema t125sch2; @@ -238,6 +246,10 @@ get tables; get views in catalog trafodion, match 'T125SCH%'; get indexes in schema t125sch3; get sequences in catalog trafodion, match 'T125SCH%'; -get libraries; +get libraries, match 'T125%'; get functions in schema t125sch3; get procedures; + +get functions for library t125_l1; +get procedures for library t125_l2; +