Package org.apache.derby.iapi.sql.conn
Interface Authorizer
-
- All Known Implementing Classes:
GenericAuthorizer
public interface Authorizer
The Authorizer verifies a connected user has the authorization to perform a requested database operation using the current connection.Today no object based authorization is supported.
-
-
Field Summary
Fields Modifier and Type Field Description static int
CREATE_ROLE_PRIV
static int
CREATE_SCHEMA_PRIV
static int
DELETE_PRIV
static int
DROP_ROLE_PRIV
static int
DROP_SCHEMA_PRIV
static int
EXECUTE_PRIV
static int
INSERT_PRIV
static int
JAR_WRITE_OP
database jar write operationstatic int
MIN_SELECT_PRIV
static int
MODIFY_SCHEMA_PRIV
static int
NULL_PRIV
static int
PRIV_TYPE_COUNT
static int
PROPERTY_WRITE_OP
database property write operationstatic java.lang.String
PUBLIC_AUTHORIZATION_ID
The public authorization ID is defined by the SQL2003 spec as implying all users.static int
REFERENCES_PRIV
static int
SELECT_PRIV
static int
SQL_ARBITARY_OP
Any other SQL operationstatic int
SQL_CALL_OP
SQL CALL/VALUE operationstatic int
SQL_DDL_OP
SQL DDL operationstatic int
SQL_SELECT_OP
SQL SELECT operationstatic int
SQL_WRITE_OP
SQL write (insert,update,delete) operationstatic java.lang.String
SYSTEM_AUTHORIZATION_ID
The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.static int
TRIGGER_PRIV
static int
UPDATE_PRIV
static int
USAGE_PRIV
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description void
authorize(int operation)
Verify the connected user is authorized to perform the requested operation.void
authorize(java.util.List<StatementPermission> requiredPermissionsList, Activation activation)
Verify the connected user possesses the indicated permissionsvoid
authorize(Activation activation, int operation)
Verify the connected user is authorized to perform the requested operation.boolean
isReadOnlyConnection()
Get the readOnly status for this authorizer's connection.void
refresh()
Refresh this authorizer to reflect a change in the database permissions.void
setReadOnlyConnection(boolean on, boolean authorize)
Set the readOnly status for this authorizer's connection.
-
-
-
Field Detail
-
SQL_WRITE_OP
static final int SQL_WRITE_OP
SQL write (insert,update,delete) operation- See Also:
- Constant Field Values
-
SQL_SELECT_OP
static final int SQL_SELECT_OP
SQL SELECT operation- See Also:
- Constant Field Values
-
SQL_ARBITARY_OP
static final int SQL_ARBITARY_OP
Any other SQL operation- See Also:
- Constant Field Values
-
SQL_CALL_OP
static final int SQL_CALL_OP
SQL CALL/VALUE operation- See Also:
- Constant Field Values
-
SQL_DDL_OP
static final int SQL_DDL_OP
SQL DDL operation- See Also:
- Constant Field Values
-
PROPERTY_WRITE_OP
static final int PROPERTY_WRITE_OP
database property write operation- See Also:
- Constant Field Values
-
JAR_WRITE_OP
static final int JAR_WRITE_OP
database jar write operation- See Also:
- Constant Field Values
-
NULL_PRIV
static final int NULL_PRIV
- See Also:
- Constant Field Values
-
SELECT_PRIV
static final int SELECT_PRIV
- See Also:
- Constant Field Values
-
UPDATE_PRIV
static final int UPDATE_PRIV
- See Also:
- Constant Field Values
-
REFERENCES_PRIV
static final int REFERENCES_PRIV
- See Also:
- Constant Field Values
-
INSERT_PRIV
static final int INSERT_PRIV
- See Also:
- Constant Field Values
-
DELETE_PRIV
static final int DELETE_PRIV
- See Also:
- Constant Field Values
-
TRIGGER_PRIV
static final int TRIGGER_PRIV
- See Also:
- Constant Field Values
-
EXECUTE_PRIV
static final int EXECUTE_PRIV
- See Also:
- Constant Field Values
-
USAGE_PRIV
static final int USAGE_PRIV
- See Also:
- Constant Field Values
-
MIN_SELECT_PRIV
static final int MIN_SELECT_PRIV
- See Also:
- Constant Field Values
-
PRIV_TYPE_COUNT
static final int PRIV_TYPE_COUNT
- See Also:
- Constant Field Values
-
CREATE_SCHEMA_PRIV
static final int CREATE_SCHEMA_PRIV
- See Also:
- Constant Field Values
-
MODIFY_SCHEMA_PRIV
static final int MODIFY_SCHEMA_PRIV
- See Also:
- Constant Field Values
-
DROP_SCHEMA_PRIV
static final int DROP_SCHEMA_PRIV
- See Also:
- Constant Field Values
-
CREATE_ROLE_PRIV
static final int CREATE_ROLE_PRIV
- See Also:
- Constant Field Values
-
DROP_ROLE_PRIV
static final int DROP_ROLE_PRIV
- See Also:
- Constant Field Values
-
SYSTEM_AUTHORIZATION_ID
static final java.lang.String SYSTEM_AUTHORIZATION_ID
The system authorization ID is defined by the SQL2003 spec as the grantor of privileges to object owners.- See Also:
- Constant Field Values
-
PUBLIC_AUTHORIZATION_ID
static final java.lang.String PUBLIC_AUTHORIZATION_ID
The public authorization ID is defined by the SQL2003 spec as implying all users.- See Also:
- Constant Field Values
-
-
Method Detail
-
authorize
void authorize(int operation) throws StandardException
Verify the connected user is authorized to perform the requested operation. This variation should only be used with operations that do not use tables or routines. If the operation involves tables or routines then use the variation of the authorize method that takes an Activation parameter. The activation holds the table, column, and routine lists.- Parameters:
operation
- the enumeration code for the requsted operation.- Throws:
StandardException
- Thrown if the operation is not allowed
-
authorize
void authorize(Activation activation, int operation) throws StandardException
Verify the connected user is authorized to perform the requested operation.- Parameters:
activation
- holds the list of tables, columns, and routines used.operation
- the enumeration code for the requsted operation.- Throws:
StandardException
- Thrown if the operation is not allowed
-
authorize
void authorize(java.util.List<StatementPermission> requiredPermissionsList, Activation activation) throws StandardException
Verify the connected user possesses the indicated permissions- Parameters:
requiredPermissionsList
- the required permissionsactivation
- holds the execution logic- Throws:
StandardException
- Thrown if the operation is not allowed
-
isReadOnlyConnection
boolean isReadOnlyConnection()
Get the readOnly status for this authorizer's connection.
-
setReadOnlyConnection
void setReadOnlyConnection(boolean on, boolean authorize) throws StandardException
Set the readOnly status for this authorizer's connection.- Parameters:
on
- true means set the connection to read only mode, false means set the connection to read wrte mode.authorize
- true means to verify the caller has authority to set the connection and false means do not check.- Throws:
StandardException
- Oops not allowed.
-
refresh
void refresh() throws StandardException
Refresh this authorizer to reflect a change in the database permissions.- Throws:
StandardException
- Oops.
-
-