EMMA Coverage Report (generated Wed Jun 28 22:15:27 PDT 2006)
[all classes][org.apache.derby.database]

COVERAGE SUMMARY FOR SOURCE FILE [UserUtility.java]

nameclass, %method, %block, %line, %
UserUtility.java100% (1/1)83%  (5/6)98%  (174/177)98%  (50/51)

COVERAGE BREAKDOWN BY CLASS AND METHOD

nameclass, %method, %block, %line, %
     
class UserUtility100% (1/1)83%  (5/6)98%  (174/177)98%  (50/51)
UserUtility (): void 0%   (0/1)0%   (0/3)0%   (0/1)
add (String, String): void 100% (1/1)100% (58/58)100% (17/17)
drop (String): void 100% (1/1)100% (58/58)100% (16/16)
getPermission (String): String 100% (1/1)100% (35/35)100% (9/9)
normalizeIdParam (String, String): String 100% (1/1)100% (17/17)100% (5/5)
set (String, String): void 100% (1/1)100% (6/6)100% (3/3)

1/*
2 
3   Derby - Class org.apache.derby.database.UserUtility
4 
5   Copyright 1999, 2004 The Apache Software Foundation or its licensors, as applicable.
6 
7   Licensed under the Apache License, Version 2.0 (the "License");
8   you may not use this file except in compliance with the License.
9   You may obtain a copy of the License at
10 
11      http://www.apache.org/licenses/LICENSE-2.0
12 
13   Unless required by applicable law or agreed to in writing, software
14   distributed under the License is distributed on an "AS IS" BASIS,
15   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16   See the License for the specific language governing permissions and
17   limitations under the License.
18 
19 */
20 
21package org.apache.derby.database;
22import org.apache.derby.iapi.db.PropertyInfo;
23import org.apache.derby.iapi.store.access.TransactionController;
24import org.apache.derby.iapi.util.IdUtil;
25import org.apache.derby.iapi.error.StandardException;
26import org.apache.derby.iapi.sql.conn.LanguageConnectionContext;
27import org.apache.derby.iapi.sql.conn.ConnectionUtil;
28import org.apache.derby.iapi.reference.SQLState;
29import org.apache.derby.iapi.reference.Property;
30 
31import java.sql.SQLException;
32import org.apache.derby.iapi.error.PublicAPI;
33 
34/**
35  This utility class provides static methods for managing user authorization in a Cloudscape database.
36  
37   <p>This class can only be used within an SQL-J statement, a Java procedure or a server side Java method.
38   <p>This class can be accessed using the class alias <code> USERUTILITY </code> in SQL-J statements.
39  */
40public abstract class UserUtility
41{
42        /** Enumeration value for read access permission ("READ_ACCESS_PERMISSION"). */
43        public final static String READ_ACCESS_PERMISSION = "READ_ACCESS_PERMISSION";
44        /** Enumeration value for full access permission ("FULL_ACCESS_PERMISSION"). */
45        public final static String FULL_ACCESS_PERMISSION = "FULL_ACCESS_PERMISSION";
46 
47        /** Prevent users from creating UserUtility Objects. */
48        private UserUtility() {}
49 
50        /**
51          Add a user's authorization permission to the database.
52 
53          <P>
54           Only users with FULL_ACCESS_PERMISSION may use this.
55          
56          @param userName the user's name. A valid possibly delimited
57          SQL identifier.
58          @param permission READ_ACCESS_PERMISSION or FULL_ACCESS_PERMISSION.
59          @exception SQLException thrown if this fails.
60          */
61        public static final void add(String userName, String permission)
62                 throws SQLException
63        {
64                String pv;
65                TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
66                try {
67                normalizeIdParam("userName",userName); //Validate
68                if (permission==null)
69                        throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, "permission","null");                        
70                if (permission.equals(READ_ACCESS_PERMISSION))
71                {
72                        pv = (String)tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
73                        pv = IdUtil.appendId(userName,pv);
74                        PropertyInfo.setDatabaseProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY,pv);
75                }
76                else if (permission.equals(FULL_ACCESS_PERMISSION))
77                {
78                        pv = (String)tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
79                        pv = IdUtil.appendId(userName,pv);
80                        PropertyInfo.setDatabaseProperty(Property.FULL_ACCESS_USERS_PROPERTY,pv);
81                }
82                else
83                        throw StandardException.newException(SQLState.UU_UNKNOWN_PERMISSION, permission);
84                } catch (StandardException se) {
85                        throw PublicAPI.wrapStandardException(se);
86                }
87        }
88 
89        /**
90          Set the authorization permission for a user in the database.
91 
92          <P>
93          Only users with FULL_ACCESS_PERMISSION may use this.
94 
95          @param userName the user's name. A valid possibly delimited
96          SQL identifier.
97          @param permission READ_ACCESS_PERMISSION or FULL_ACCESS_PERMISSION.
98          @exception SQLException thrown if this fails.
99          */
100        public static final void set(String userName, String permission)
101                 throws SQLException
102        {
103                drop(userName);
104                add(userName,permission);
105        }
106 
107        /**
108          Drop a user's authorization permission from the database.
109 
110          <P>
111          Only users with FULL_ACCESS_PERMISSION may use this.
112 
113          @param userName the user's name. A valid possibly delimited
114          SQL identifier.
115 
116          @exception SQLException thrown if this fails or the user
117          being dropped does not exist.
118          */
119        public static final void drop(String userName) throws
120        SQLException
121        {
122                TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
123 
124                try {
125                String userId = normalizeIdParam("userName",userName); 
126 
127                String access = getPermission(userName);
128                if (access != null && access.equals(READ_ACCESS_PERMISSION))
129                {
130                        String pv = (String)tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
131                        String newList = IdUtil.deleteId(userId,pv);
132                        PropertyInfo.setDatabaseProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY,newList);
133                }
134                else if (access != null && access.equals(FULL_ACCESS_PERMISSION))
135                {
136                        String pv = (String)tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
137                        String newList = IdUtil.deleteId(userId,pv);
138                        PropertyInfo.setDatabaseProperty(Property.FULL_ACCESS_USERS_PROPERTY,newList);
139                }
140                else
141                {
142                        throw StandardException.newException(SQLState.UU_UNKNOWN_USER, userName);
143                }
144                } catch (StandardException se) {
145                        throw PublicAPI.wrapStandardException(se);
146                }
147        }
148 
149        /**
150          Return a user's authorization permission in a database.
151 
152          <P>
153          Users with FULL_ACCESS_PERMISSION or READ_ACCESS_PERMISSION
154          may use this.
155          
156          @param userName the user's name. A valid possibly delimited
157          SQL identifier.
158          @return FULL_ACCESS_PERMISSION if the user is in "derby.database.fullAccessUsers",
159                  READ_ACCESS_PERMISSION if the user is in "derby.database.readOnlyAccessUsers",
160                          or null if the user is not in either list.
161          @exception SQLException thrown if this fails.
162          */
163        public static final String getPermission(String userName)
164         throws SQLException
165        {
166                TransactionController tc = ConnectionUtil.getCurrentLCC().getTransactionExecute();
167 
168                try {
169 
170                String pv = (String)
171                        tc.getProperty(Property.READ_ONLY_ACCESS_USERS_PROPERTY);
172                String userId = normalizeIdParam("userName",userName); 
173                if (IdUtil.idOnList(userId,pv)) return READ_ACCESS_PERMISSION;
174                pv = (String)tc.getProperty(Property.FULL_ACCESS_USERS_PROPERTY);
175                if (IdUtil.idOnList(userId,pv)) return FULL_ACCESS_PERMISSION;
176                return null;
177                } catch (StandardException se) {
178                        throw PublicAPI.wrapStandardException(se);
179                }
180        }
181 
182        private static String normalizeIdParam(String pName, String pValue)
183                 throws StandardException
184        {
185                if (pValue==null)
186                        throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, pName,"null");
187                        
188                try {
189                        return IdUtil.parseId(pValue);
190                }
191                catch (StandardException se) {
192                        throw StandardException.newException(SQLState.UU_INVALID_PARAMETER, se, pName,pValue);
193                }
194        }
195}

[all classes][org.apache.derby.database]
EMMA 2.0.5312 (C) Vladimir Roubtsov