deveeldb-processed-by-doxygen/html/Query_8Security_8cs_source.htm

 //

 //  Copyright 2010-2015 Deveel

 //

 //    Licensed under the Apache License, Version 2.0 (the "License");

 //    you may not use this file except in compliance with the License.

 //    You may obtain a copy of the License at

 //

 //        http://www.apache.org/licenses/LICENSE-2.0

 //

 //    Unless required by applicable law or agreed to in writing, software

 //    distributed under the License is distributed on an "AS IS" BASIS,

 //    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 //    See the License for the specific language governing permissions and

 //    limitations under the License.

 //


 using System;

 using System.Linq;


 using Deveel.Data.Routines;

 using Deveel.Data.Services;

 using Deveel.Data.Sql;

 using Deveel.Data.Sql.Expressions;

 using Deveel.Data.Sql.Query;

 using Deveel.Data.Sql.Tables;


 namespace Deveel.Data.Security {

     public static class Query {

         private static IUserManager UserManager(this IQuery query) {

             return query.Context.ResolveService<IUserManager>();

         }


         private static IPrivilegeManager PrivilegeManager(this IQuery query) {

             return query.Context.ResolveService<IPrivilegeManager>();

         }


         public static void CreateUserGroup(this IQuery query, string groupName) {

             if (!query.UserCanManageGroups())

                 throw new InvalidOperationException(String.Format("User '{0}' has not enough privileges to create a group.", query.UserName()));


             query.Direct().UserManager().CreateUserGroup(groupName);

         }


         #region User Management


         public static User GetUser(this IQuery query, string userName) {

             if (query.UserName().Equals(userName, StringComparison.OrdinalIgnoreCase))

                 return new User(userName);


             if (!query.UserCanAccessUsers())

                 throw new MissingPrivilegesException(query.UserName(), new ObjectName(userName), Privileges.Select,

                     String.Format("The user '{0}' has not enough rights to access other users information.", query.UserName()));


             if (!query.Direct().UserManager().UserExists(userName))

                 return null;


             return new User(userName);

         }


         public static void SetUserStatus(this IQuery queryContext, string username, UserStatus status) {

             if (!queryContext.UserCanManageUsers())

                 throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter,

                     String.Format("User '{0}' cannot change the status of user '{1}'", queryContext.UserName(), username));


             queryContext.Direct().UserManager().SetUserStatus(username, status);

         }


         public static UserStatus GetUserStatus(this IQuery queryContext, string userName) {

             if (!queryContext.UserName().Equals(userName) &&

                 !queryContext.UserCanAccessUsers())

                 throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(userName), Privileges.Select,

                     String.Format("The user '{0}' has not enough rights to access other users information.", queryContext.UserName()));


             return queryContext.Direct().UserManager().GetUserStatus(userName);

         }


         public static void SetUserGroups(this IQuery query, string userName, string[] groups) {

             if (!query.UserCanManageUsers())

                 throw new MissingPrivilegesException(query.UserName(), new ObjectName(userName), Privileges.Alter,

                     String.Format("The user '{0}' has not enough rights to modify other users information.", query.UserName()));


             // TODO: Check if the user exists?


             var userGroups = query.Direct().UserManager().GetUserGroups(userName);

             foreach (var userGroup in userGroups) {

                 query.Direct().UserManager().RemoveUserFromGroup(userName, userGroup);

             }


             foreach (var userGroup in groups) {

                 query.Direct().UserManager().AddUserToGroup(userName, userGroup, false);

             }

         }


         public static bool UserExists(this IQuery query, string userName) {

             return query.Direct().UserManager().UserExists(userName);

         }


         public static void CreatePublicUser(this IQuery query) {

             if (!query.User().IsSystem)

                 throw new InvalidOperationException("The @PUBLIC user can be created only by the SYSTEM");


             var userName = User.PublicName;

             var userId = UserIdentification.PlainText;

             var userInfo = new UserInfo(userName, userId);


             query.Direct().UserManager().CreateUser(userInfo, "####");

         }


         public static User CreateUser(this IQuery query, string userName, string password) {

             if (String.IsNullOrEmpty(userName))

                 throw new ArgumentNullException("userName");

             if (String.IsNullOrEmpty(password))

                 throw new ArgumentNullException("password");


             if (!query.UserCanCreateUsers())

                 throw new MissingPrivilegesException(userName, new ObjectName(userName), Privileges.Create,

                     String.Format("User '{0}' cannot create users.", query.UserName()));


             if (String.Equals(userName, User.PublicName, StringComparison.OrdinalIgnoreCase))

                 throw new ArgumentException(

                     String.Format("User name '{0}' is reserved and cannot be registered.", User.PublicName), "userName");


             if (userName.Length <= 1)

                 throw new ArgumentException("User name must be at least one character.");

             if (password.Length <= 1)

                 throw new ArgumentException("The password must be at least one character.");


             var c = userName[0];

             if (c == '#' || c == '@' || c == '$' || c == '&')

                 throw new ArgumentException(

                     String.Format("User name '{0}' is invalid: cannot start with '{1}' character.", userName, c), "userName");


             var userId = UserIdentification.PlainText;

             var userInfo = new UserInfo(userName, userId);


             query.Direct().UserManager().CreateUser(userInfo, password);


             return new User(userName);

         }


         public static void AlterUserPassword(this IQuery queryContext, string username, string password) {

             if (!queryContext.UserCanAlterUser(username))

                 throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter);


             var userId = UserIdentification.PlainText;

             var userInfo = new UserInfo(username, userId);


             queryContext.Direct().UserManager().AlterUser(userInfo, password);

         }


         public static bool DeleteUser(this IQuery query, string userName) {

             if (String.IsNullOrEmpty(userName))

                 throw new ArgumentNullException("userName");


             if (!query.UserCanDropUser(userName))

                 throw new MissingPrivilegesException(query.UserName(), new ObjectName(userName), Privileges.Drop);


             return query.Direct().UserManager().DropUser(userName);

         }


         public static User Authenticate(this IQuery queryContext, string username, string password) {

             try {

                 if (String.IsNullOrEmpty(username))

                     throw new ArgumentNullException("username");

                 if (String.IsNullOrEmpty(password))

                     throw new ArgumentNullException("password");


                 var userInfo = queryContext.Direct().UserManager().GetUser(username);


                 if (userInfo == null)

                     return null;


                 var userId = userInfo.Identification;


                 if (userId.Method != "plain")

                     throw new NotImplementedException();


                 if (!queryContext.Direct().UserManager().CheckIdentifier(username, password))

                     return null;


                 // Successfully authenticated...

                 return new User(username);

             } catch (SecurityException) {

                 throw;

             } catch (Exception ex) {

                 throw new SecurityException("Could not authenticate user.", ex);

             }

         }


         #endregion


         #region User Grants Management


         public static void AddUserToGroup(this IQuery queryContext, string username, string group, bool asAdmin = false) {

             if (String.IsNullOrEmpty(@group))

                 throw new ArgumentNullException("group");

             if (String.IsNullOrEmpty(username))

                 throw new ArgumentNullException("username");


             if (!queryContext.UserCanAddToGroup(group))

                 throw new SecurityException();


             queryContext.Direct().UserManager().AddUserToGroup(username, group, asAdmin);

         }


         public static void GrantToUserOn(this IQuery query, ObjectName objectName, string grantee, Privileges privileges, bool withOption = false) {

             var obj = query.FindObject(objectName);

             if (obj == null)

                 throw new ObjectNotFoundException(objectName);


             query.GrantToUserOn(obj.ObjectType, obj.FullName, grantee, privileges, withOption);

         }


         public static void GrantToUserOn(this IQuery query, DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool withOption = false) {

             if (String.Equals(grantee, User.SystemName))       // The @SYSTEM user does not need any other

                 return;


             if (!query.ObjectExists(objectType, objectName))

                 throw new ObjectNotFoundException(objectName);


             if (!query.UserHasGrantOption(objectType, objectName, privileges))

                 throw new MissingPrivilegesException(query.UserName(), objectName, privileges);


             var granter = query.UserName();

             var grant = new Grant(privileges, objectName, objectType, granter, withOption);

             query.Direct().PrivilegeManager().GrantToUser(grantee, grant);

         }


         public static void GrantToUserOnSchema(this IQuery query, string schemaName, string grantee, Privileges privileges, bool withOption = false) {

             query.GrantToUserOn(DbObjectType.Schema, new ObjectName(schemaName), grantee, privileges, withOption);

         }


         public static void GrantToGroupOn(this IQuery query, DbObjectType objectType, ObjectName objectName, string groupName, Privileges privileges, bool withOption = false) {

             if (SystemGroups.IsSystemGroup(groupName))

                 throw new InvalidOperationException("Cannot grant to a system group.");


             if (!query.UserCanManageGroups())

                 throw new MissingPrivilegesException(query.UserName(), new ObjectName(groupName));


             if (!query.ObjectExists(objectType, objectName))

                 throw new ObjectNotFoundException(objectName);


             var granter = query.UserName();

             var grant = new Grant(privileges, objectName, objectType, granter, withOption);

             query.Direct().PrivilegeManager().GrantToGroup(groupName, grant);

         }


         public static void GrantTo(this IQuery query, string groupOrUserName, DbObjectType objectType, ObjectName objectName, Privileges privileges, bool withOption = false) {

             if (query.Direct().UserManager().UserGroupExists(groupOrUserName)) {

                 if (withOption)

                     throw new SecurityException("User groups cannot be granted with grant option.");


                 query.GrantToGroupOn(objectType, objectName, groupOrUserName, privileges);

             } else if (query.Direct().UserManager().UserExists(groupOrUserName)) {

                 query.GrantToUserOn(objectType, objectName, groupOrUserName, privileges, withOption);

             } else {

                 throw new SecurityException(String.Format("User or group '{0}' was not found.", groupOrUserName));

             }

         }


         public static void RevokeAllGrantsOnTable(this IQuery query, ObjectName objectName) {

             RevokeAllGrantsOn(query, DbObjectType.Table, objectName);

         }


         public static void RevokeAllGrantsOnView(this IQuery query, ObjectName objectName) {

             query.RevokeAllGrantsOn(DbObjectType.View, objectName);

         }


         public static void RevokeAllGrantsOn(this IQuery query, DbObjectType objectType, ObjectName objectName) {

             var grantTable = query.GetMutableTable(SystemSchema.UserGrantsTableName);


             var objectTypeColumn = grantTable.GetResolvedColumnName(1);

             var objectNameColumn = grantTable.GetResolvedColumnName(2);

             // All that match the given object

             var t1 = grantTable.SimpleSelect(query, objectTypeColumn, SqlExpressionType.Equal,

                 SqlExpression.Constant(DataObject.Integer((int)objectType)));

             // All that match the given parameter

             t1 = t1.SimpleSelect(query, objectNameColumn, SqlExpressionType.Equal,

                 SqlExpression.Constant(DataObject.String(objectName.FullName)));


             // Remove these rows from the table

             grantTable.Delete(t1);

         }


         public static void GrantToUserOnTable(this IQuery query, ObjectName tableName, string grantee, Privileges privileges) {

             query.GrantToUserOn(DbObjectType.Table, tableName, grantee, privileges);

         }


         #endregion


         #region User Grants Query


         public static string[] GetGroupsUserBelongsTo(this IQuery queryContext, string username) {

             return queryContext.Direct().UserManager().GetUserGroups(username);

         }


         public static bool UserBelongsToGroup(this IQuery queryContext, string group) {

             return UserBelongsToGroup(queryContext, queryContext.UserName(), group);

         }


         public static bool UserBelongsToGroup(this IQuery query, string username, string groupName) {

             return query.Direct().UserManager().IsUserInGroup(username, groupName);

         }


         public static bool UserCanManageGroups(this IQuery query) {

             return query.User().IsSystem || query.UserHasSecureAccess();

         }


         public static bool UserHasSecureAccess(this IQuery query) {

             if (query.User().IsSystem)

                 return true;


             return query.UserBelongsToSecureGroup();

         }


         public static bool UserBelongsToSecureGroup(this IQuery query) {

             return query.UserBelongsToGroup(SystemGroups.SecureGroup);

         }


         public static bool UserHasGrantOption(this IQuery query, DbObjectType objectType, ObjectName objectName, Privileges privileges) {

             var user = query.User();

             if (user.IsSystem)

                 return true;


             if (query.UserBelongsToSecureGroup())

                 return true;


             var grant = query.Direct().PrivilegeManager().GetUserPrivileges(user.Name, objectType, objectName, true);

             return (grant & privileges) != 0;

         }


         public static bool UserHasPrivilege(this IQuery query, DbObjectType objectType, ObjectName objectName, Privileges privileges) {

             var user = query.User();

             if (user.IsSystem)

                 return true;


             if (query.UserBelongsToSecureGroup())

                 return true;


             var userName = user.Name;

             var grant = query.Direct().PrivilegeManager().GetUserPrivileges(userName, objectType, objectName, false);

             return (grant & privileges) != 0;

         }


         public static bool UserCanCreateUsers(this IQuery query) {

             return query.UserHasSecureAccess() ||

                 query.UserBelongsToGroup(SystemGroups.UserManagerGroup);

         }


         public static bool UserCanDropUser(this IQuery query, string userToDrop) {

             return query.UserHasSecureAccess() ||

                    query.UserBelongsToGroup(SystemGroups.UserManagerGroup) ||

                    query.UserName().Equals(userToDrop, StringComparison.OrdinalIgnoreCase);

         }


         public static bool UserCanAlterUser(this IQuery query, string userName) {

             if (query.UserName().Equals(userName))

                 return true;


             if (userName.Equals(User.PublicName, StringComparison.OrdinalIgnoreCase))

                 return false;


             return query.UserHasSecureAccess();

         }


         public static bool UserCanManageUsers(this IQuery query) {

             return query.UserHasSecureAccess() || query.UserBelongsToGroup(SystemGroups.UserManagerGroup);

         }


         public static bool UserCanAccessUsers(this IQuery query) {

             return query.UserHasSecureAccess() || query.UserBelongsToGroup(SystemGroups.UserManagerGroup);

         }


         public static bool UserHasTablePrivilege(this IQuery query, ObjectName tableName, Privileges privileges) {

             return query.UserHasPrivilege(DbObjectType.Table, tableName, privileges);

         }


         public static bool UserHasSchemaPrivilege(this IQuery query, string schemaName, Privileges privileges) {

             if (query.UserHasPrivilege(DbObjectType.Schema, new ObjectName(schemaName), privileges))

                 return true;


             return query.UserHasSecureAccess();

         }


         public static bool UserCanCreateSchema(this IQuery query) {

             return query.UserHasSecureAccess();

         }


         public static bool UserCanCreateInSchema(this IQuery query, string schemaName) {

             return query.UserHasSchemaPrivilege(schemaName, Privileges.Create);

         }


         public static bool UserCanCreateTable(this IQuery query, ObjectName tableName) {

             var schema = tableName.Parent;

             if (schema == null)

                 return query.UserHasSecureAccess();


             return query.UserCanCreateInSchema(schema.FullName);

         }


         public static bool UserCanAlterInSchema(this IQuery query, string schemaName) {

             if (query.UserHasSchemaPrivilege(schemaName, Privileges.Alter))

                 return true;


             return query.UserHasSecureAccess();

         }


         public static bool UserCanAlterTable(this IQuery query, ObjectName tableName) {

             var schema = tableName.Parent;

             if (schema == null)

                 return false;


             return query.UserCanAlterInSchema(schema.FullName);

         }


         public static bool UserCanSelectFromTable(this IQuery query, ObjectName tableName) {

             return UserCanSelectFromTable(query, tableName, new string[0]);

         }


         public static bool UserCanReferenceTable(this IQuery query, ObjectName tableName) {

             return query.UserHasTablePrivilege(tableName, Privileges.References);

         }


         public static bool UserCanSelectFromPlan(this IQuery query, IQueryPlanNode queryPlan) {

             var selectedTables = queryPlan.DiscoverTableNames();

             return selectedTables.All(query.UserCanSelectFromTable);

         }


         public static bool UserCanSelectFromTable(this IQuery query, ObjectName tableName, params string[] columnNames) {

             // TODO: Column-level select will be implemented in the future

             return query.UserHasTablePrivilege(tableName, Privileges.Select);

         }


         public static bool UserCanUpdateTable(this IQuery query, ObjectName tableName, params string[] columnNames) {

             // TODO: Column-level select will be implemented in the future

             return query.UserHasTablePrivilege(tableName, Privileges.Update);

         }


         public static bool UserCanInsertIntoTable(this IQuery query, ObjectName tableName, params string[] columnNames) {

             // TODO: Column-level select will be implemented in the future

             return query.UserHasTablePrivilege(tableName, Privileges.Insert);

         }


         public static bool UserCanExecute(this IQuery query, RoutineType routineType, Invoke invoke) {

             if (routineType == RoutineType.Function &&

                 query.IsSystemFunction(invoke)) {

                 return true;

             }


             if (query.UserHasSecureAccess())

                 return true;


             return query.UserHasPrivilege(DbObjectType.Routine, invoke.RoutineName, Privileges.Execute);

         }


         public static bool UserCanExecuteFunction(this IQuery query, Invoke invoke) {

             return query.UserCanExecute(RoutineType.Function, invoke);

         }


         public static bool UserCanExecuteProcedure(this IQuery query, Invoke invoke) {

             return query.UserCanExecute(RoutineType.Procedure, invoke);

         }


         public static bool UserCanCreateObject(this IQuery query, DbObjectType objectType, ObjectName objectName) {

             return query.UserHasPrivilege(objectType, objectName, Privileges.Create);

         }


         public static bool UserCanDropObject(this IQuery query, DbObjectType objectType, ObjectName objectName) {

             return query.UserHasPrivilege(objectType, objectName, Privileges.Drop);

         }


         public static bool UserCanAlterObject(this IQuery query, DbObjectType objectType, ObjectName objectName) {

             return query.UserHasPrivilege(objectType, objectName, Privileges.Alter);

         }


         public static bool UserCanAccessObject(this IQuery query, DbObjectType objectType, ObjectName objectName) {

             return query.UserHasPrivilege(objectType, objectName, Privileges.Select);

         }


         public static bool UserCanDeleteFromTable(this IQuery query, ObjectName tableName) {

             return query.UserHasTablePrivilege(tableName, Privileges.Delete);

         }


         public static bool UserCanAddToGroup(this IQuery query, string groupName) {

             if (query.User().IsSystem)

                 return true;


             if (query.UserBelongsToSecureGroup() ||

                 query.UserBelongsToGroup(SystemGroups.UserManagerGroup))

                 return true;


             return query.Direct().UserManager().IsUserGroupAdmin(query.UserName(), groupName);

         }


         #endregion


     }

 }

Deveel.Data.Security.Query.UserCanAccessUsers
static bool UserCanAccessUsers(this IQuery query)
Definition: Query.Security.cs:385

Deveel.Data.Security.Query.GrantToUserOnTable
static void GrantToUserOnTable(this IQuery query, ObjectName tableName, string grantee, Privileges privileges)
Definition: Query.Security.cs:300

Deveel.Data.Security.Query.UserManager
static IUserManager UserManager(this IQuery query)
Definition: Query.Security.cs:29

Deveel.Data.Security.Query.CreateUser
static User CreateUser(this IQuery query, string userName, string password)
Definition: Query.Security.cs:109

Deveel.Data.DataObject.Integer
static DataObject Integer(int value)
Definition: DataObject.cs:576

Deveel

Deveel.Data.Security.SystemGroups.IsSystemGroup
static bool IsSystemGroup(string groupName)
Definition: SystemGroups.cs:64

Deveel.Data.Security.UserStatus
UserStatus
Definition: UserStatus.cs:20

System
Definition: NonSerializedAttribute.cs:3

Deveel.Data.Security.Query.UserCanSelectFromPlan
static bool UserCanSelectFromPlan(this IQuery query, IQueryPlanNode queryPlan)
Definition: Query.Security.cs:439

Deveel.Data.Security.UserIdentification.PlainText
static UserIdentification PlainText
Definition: UserIdentification.cs:38

Deveel.Data.Security.Query.Authenticate
static User Authenticate(this IQuery queryContext, string username, string password)
Authenticates the specified user using the provided credentials.
Definition: Query.Security.cs:176

Deveel.Data.Security.Query.AddUserToGroup
static void AddUserToGroup(this IQuery queryContext, string username, string group, bool asAdmin=false)
Definition: Query.Security.cs:209

Deveel.Data.Security.Query.UserHasPrivilege
static bool UserHasPrivilege(this IQuery query, DbObjectType objectType, ObjectName objectName, Privileges privileges)
Definition: Query.Security.cs:347

Deveel.Data.ObjectNotFoundException
Definition: ObjectNotFoundException.cs:22

Deveel.Data.Security.Query.UserCanAccessObject
static bool UserCanAccessObject(this IQuery query, DbObjectType objectType, ObjectName objectName)
Definition: Query.Security.cs:491

Deveel.Data.Security.Query.UserCanDropObject
static bool UserCanDropObject(this IQuery query, DbObjectType objectType, ObjectName objectName)
Definition: Query.Security.cs:483

Deveel.Data.Security.Query.UserCanManageGroups
static bool UserCanManageGroups(this IQuery query)
Definition: Query.Security.cs:320

Deveel.Data.Security.Query.AlterUserPassword
static void AlterUserPassword(this IQuery queryContext, string username, string password)
Definition: Query.Security.cs:141

Deveel.Data.Security.User.PublicName
const string PublicName
The name of the PUBLIC special user.
Definition: User.cs:47

Deveel.Data.Security.Query.UserCanSelectFromTable
static bool UserCanSelectFromTable(this IQuery query, ObjectName tableName)
Definition: Query.Security.cs:431

Deveel.Data.Security.Query.UserCanCreateTable
static bool UserCanCreateTable(this IQuery query, ObjectName tableName)
Definition: Query.Security.cs:408

Deveel.Data.Security.Query.PrivilegeManager
static IPrivilegeManager PrivilegeManager(this IQuery query)
Definition: Query.Security.cs:33

Deveel.Data.Security.Query.GetGroupsUserBelongsTo
static string[] GetGroupsUserBelongsTo(this IQuery queryContext, string username)
Definition: Query.Security.cs:308

Deveel.Data.Security.Query.UserCanExecute
static bool UserCanExecute(this IQuery query, RoutineType routineType, Invoke invoke)
Definition: Query.Security.cs:459

Deveel.Data.Security.Query.RevokeAllGrantsOn
static void RevokeAllGrantsOn(this IQuery query, DbObjectType objectType, ObjectName objectName)
Definition: Query.Security.cs:284

Deveel.Data.Security.Query.GrantToGroupOn
static void GrantToGroupOn(this IQuery query, DbObjectType objectType, ObjectName objectName, string groupName, Privileges privileges, bool withOption=false)
Definition: Query.Security.cs:248

Deveel.Data.Security.MissingPrivilegesException
Definition: MissingPrivilegesException.cs:22

Deveel.Data.Security.Query.CreateUserGroup
static void CreateUserGroup(this IQuery query, string groupName)
Definition: Query.Security.cs:37

Deveel.Data.IQuery
Definition: IQuery.cs:20

Deveel.Data.Security.Privileges
Privileges
Definition: Privileges.cs:21

Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44

Deveel.Data.Security.Query.GrantToUserOn
static void GrantToUserOn(this IQuery query, ObjectName objectName, string grantee, Privileges privileges, bool withOption=false)
Definition: Query.Security.cs:221

Deveel.Data.Security.Query.GrantToUserOnSchema
static void GrantToUserOnSchema(this IQuery query, string schemaName, string grantee, Privileges privileges, bool withOption=false)
Definition: Query.Security.cs:244

Deveel.Data.Security.Query.UserCanCreateSchema
static bool UserCanCreateSchema(this IQuery query)
Definition: Query.Security.cs:400

Deveel.Data.Security.Query.RevokeAllGrantsOnTable
static void RevokeAllGrantsOnTable(this IQuery query, ObjectName objectName)
Definition: Query.Security.cs:276

Deveel.Data.DataObject.String
static DataObject String(string s)
Definition: DataObject.cs:592

Deveel.Data.Security.Query
Definition: Query.Security.cs:28

Deveel.Data.Sql.Expressions.SqlExpressionType
SqlExpressionType
All the possible type of SqlExpression supported
Definition: SqlExpressionType.cs:23

Deveel.Data.Security.SystemGroups
Definition: SystemGroups.cs:20

Deveel.Data.Security.Query.UserCanManageUsers
static bool UserCanManageUsers(this IQuery query)
Definition: Query.Security.cs:381

Deveel.Data.Sql.Query.IQueryPlanNode
A node element of a query plan tree. /summary>
Definition: IQueryPlanNode.cs:31

Deveel.Data.Security.Query.UserCanCreateInSchema
static bool UserCanCreateInSchema(this IQuery query, string schemaName)
Definition: Query.Security.cs:404

Deveel.Data.Routines.RoutineType
RoutineType
The type of routine program.
Definition: RoutineType.cs:23

Deveel.Data.Security.Query.UserHasGrantOption
static bool UserHasGrantOption(this IQuery query, DbObjectType objectType, ObjectName objectName, Privileges privileges)
Definition: Query.Security.cs:335

Deveel.Data.Security.Query.UserHasSecureAccess
static bool UserHasSecureAccess(this IQuery query)
Definition: Query.Security.cs:324

Deveel.Data.Security.Query.SetUserGroups
static void SetUserGroups(this IQuery query, string userName, string[] groups)
Definition: Query.Security.cs:77

Deveel.Data.Sql.Tables
Definition: BaseDataTable.cs:25

Deveel.Data.Security.Query.UserCanInsertIntoTable
static bool UserCanInsertIntoTable(this IQuery query, ObjectName tableName, params string[] columnNames)
Definition: Query.Security.cs:454

Deveel.Data.Security.SystemGroups.UserManagerGroup
const string UserManagerGroup
The name of the user manager group.
Definition: SystemGroups.cs:55

Deveel.Data.Security.IUserManager
Definition: IUserManager.cs:22

Deveel.Data.Security.Query.UserCanAlterTable
static bool UserCanAlterTable(this IQuery query, ObjectName tableName)
Definition: Query.Security.cs:423

Deveel.Data.Security.Query.UserCanDeleteFromTable
static bool UserCanDeleteFromTable(this IQuery query, ObjectName tableName)
Definition: Query.Security.cs:495

Deveel.Data.Security.Query.UserCanCreateObject
static bool UserCanCreateObject(this IQuery query, DbObjectType objectType, ObjectName objectName)
Definition: Query.Security.cs:479

Deveel.Data.Security.Query.UserCanAddToGroup
static bool UserCanAddToGroup(this IQuery query, string groupName)
Definition: Query.Security.cs:499

Deveel.Data.Security.Query.UserCanCreateUsers
static bool UserCanCreateUsers(this IQuery query)
Definition: Query.Security.cs:360

Deveel.Data.Security.Query.GrantToUserOn
static void GrantToUserOn(this IQuery query, DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool withOption=false)
Definition: Query.Security.cs:229

Deveel.Data.Security.Query.GrantTo
static void GrantTo(this IQuery query, string groupOrUserName, DbObjectType objectType, ObjectName objectName, Privileges privileges, bool withOption=false)
Definition: Query.Security.cs:263

Deveel.Data.DataObject
Represents a dynamic object that encapsulates a defined SqlType and a compatible constant ISqlObject ...
Definition: DataObject.cs:35

Deveel.Data.Security.Query.UserBelongsToSecureGroup
static bool UserBelongsToSecureGroup(this IQuery query)
Definition: Query.Security.cs:331

Deveel.Data.Routines.Invoke
The information about the invocation of a routine, including the full name and arguments (as SqlExpre...
Definition: Invoke.cs:30

Deveel.Data.Services
Definition: IRegistrationConfiguration.cs:19

Deveel.Data.Security.Query.UserCanExecuteFunction
static bool UserCanExecuteFunction(this IQuery query, Invoke invoke)
Definition: Query.Security.cs:471

Deveel.Data.SystemSchema
Provides utilities and properties for handling the SYSTEN schema of a database.
Definition: SystemSchema.cs:37

Deveel.Data.Security.Query.UserHasTablePrivilege
static bool UserHasTablePrivilege(this IQuery query, ObjectName tableName, Privileges privileges)
Definition: Query.Security.cs:389

Deveel.Data.Security.Query.GetUser
static User GetUser(this IQuery query, string userName)
Definition: Query.Security.cs:46

Deveel.Data.Sql.ObjectName.FullName
string FullName
Gets the full reference name formatted.
Definition: ObjectName.cs:114

Deveel.Data.Security.Query.UserExists
static bool UserExists(this IQuery query, string userName)
Definition: Query.Security.cs:94

Deveel.Data.Security.Query.UserCanDropUser
static bool UserCanDropUser(this IQuery query, string userToDrop)
Definition: Query.Security.cs:365

Deveel.Data.Routines
Definition: AggregateFunction.cs:24

Deveel.Data.Security.UserIdentification
Definition: UserIdentification.cs:21

Deveel.Data.Security.Query.UserCanAlterInSchema
static bool UserCanAlterInSchema(this IQuery query, string schemaName)
Definition: Query.Security.cs:416

Deveel.Data.Security.IPrivilegeManager
Definition: IPrivilegeManager.cs:22

Deveel.Data.Sql.ObjectName.Parent
ObjectName Parent
Gets the parent reference of the current one, if any or null if none.
Definition: ObjectName.cs:99

Deveel.Data
Definition: ActiveSessionList.cs:22

Deveel.Data.Security.SecurityException
Definition: SecurityException.cs:22

Deveel.Data.SystemSchema.UserGrantsTableName
static readonly ObjectName UserGrantsTableName
Definition: SystemSchema.cs:210

Deveel.Data.Sql.Query
Definition: BranchQueryPlanNode.cs:23

Deveel.Data.Routines.Invoke.RoutineName
ObjectName RoutineName
Gets the fully qualified name of the routine to invoke.
Definition: Invoke.cs:58

Deveel.Data.Security.Query.RevokeAllGrantsOnView
static void RevokeAllGrantsOnView(this IQuery query, ObjectName objectName)
Definition: Query.Security.cs:280

Deveel.Data.Security.Query.UserCanUpdateTable
static bool UserCanUpdateTable(this IQuery query, ObjectName tableName, params string[] columnNames)
Definition: Query.Security.cs:449

Deveel.Data.Security.Query.UserBelongsToGroup
static bool UserBelongsToGroup(this IQuery queryContext, string group)
Definition: Query.Security.cs:312

Deveel.Data.Security.SystemGroups.SecureGroup
const string SecureGroup
THe name of the secure access group.
Definition: SystemGroups.cs:46

Deveel.Data.Security.Query.UserCanSelectFromTable
static bool UserCanSelectFromTable(this IQuery query, ObjectName tableName, params string[] columnNames)
Definition: Query.Security.cs:444

Deveel.Data.Sql.Expressions.SqlExpression
Defines the base class for instances that represent SQL expression tree nodes.
Definition: SqlExpression.cs:35

Deveel.Data.Sql.Expressions.SqlExpression.Constant
static SqlConstantExpression Constant(object value)
Definition: SqlExpression.cs:256

Deveel.Data.Security.Query.UserBelongsToGroup
static bool UserBelongsToGroup(this IQuery query, string username, string groupName)
Definition: Query.Security.cs:316

Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27

Deveel.Data.Sql
Definition: CellId.cs:22

Deveel.Data.Sql.Expressions
Definition: AggregateChecker.cs:22

Deveel.Data.Security.Query.DeleteUser
static bool DeleteUser(this IQuery query, string userName)
Definition: Query.Security.cs:151

Deveel.Data.Security.User
Provides the information for a user in a database system
Definition: User.cs:27

Deveel.Data.Security.Query.UserCanExecuteProcedure
static bool UserCanExecuteProcedure(this IQuery query, Invoke invoke)
Definition: Query.Security.cs:475

Deveel.Data.Security.Query.UserCanReferenceTable
static bool UserCanReferenceTable(this IQuery query, ObjectName tableName)
Definition: Query.Security.cs:435

Deveel.Data.Security.Query.UserCanAlterUser
static bool UserCanAlterUser(this IQuery query, string userName)
Definition: Query.Security.cs:371

Deveel.Data.Security.Query.UserCanAlterObject
static bool UserCanAlterObject(this IQuery query, DbObjectType objectType, ObjectName objectName)
Definition: Query.Security.cs:487

Deveel.Data.Security.Query.SetUserStatus
static void SetUserStatus(this IQuery queryContext, string username, UserStatus status)
Definition: Query.Security.cs:60

Deveel.Data.Security.Query.UserHasSchemaPrivilege
static bool UserHasSchemaPrivilege(this IQuery query, string schemaName, Privileges privileges)
Definition: Query.Security.cs:393

Deveel.Data.IQuery.Context
new IQueryContext Context
Definition: IQuery.cs:21

Deveel.Data.Security.Query.GetUserStatus
static UserStatus GetUserStatus(this IQuery queryContext, string userName)
Definition: Query.Security.cs:68

Deveel.Data.Security.Grant
The entity that holds the access control granted to an user or a group to a specific object in a data...
Definition: Grant.cs:26

Deveel.Data.Security.User.SystemName
const string SystemName
The name of the SYSTEM special user.
Definition: User.cs:52

Deveel.Data.Security.Query.CreatePublicUser
static void CreatePublicUser(this IQuery query)
Definition: Query.Security.cs:98

Deveel.Data.Security.UserInfo
Definition: UserInfo.cs:22