Inheritance diagram for Deveel.Data.Security.PrivilegeManager:

Classes
class	GrantCacheKey

Public Member Functions
	PrivilegeManager (IQuery queryContext)

void	Dispose ()

void	GrantToUser (string userName, Grant grant)

Privileges	GetUserPrivileges (string userName, DbObjectType objectType, ObjectName objectName, bool withOption)

void	RevokeFromUser (string userName, Grant grant)

void	GrantToGroup (string groupName, Grant grant)

void	RevokeFromGroup (string groupName, Grant grant)

Privileges	GetGroupPrivileges (string groupName, DbObjectType objectType, ObjectName objectName)

Protected Member Functions
virtual void	Dispose (bool disposing)

Properties
IQuery	QueryContext `[get, private set]`

Private Member Functions
	~PrivilegeManager ()

void	UpdateUserGrants (DbObjectType objectType, ObjectName objectName, string granter, string grantee, Privileges privileges, bool withOption)

void	ClearUserGrantsCache (string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic)

void	ClearUserGrantsCache (string userName)

bool	TryGetPrivilegesFromCache (string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic, out Privileges privileges)

void	SetPrivilegesInCache (string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic, Privileges privileges)

void	RevokeAllGrantsFromUser (DbObjectType objectType, ObjectName objectName, string revoker, string user, bool withOption=false)

Privileges	QueryUserPrivileges (string userName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic)

Privileges	QueryGroupPrivileges (string groupName, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic)

Static Private Member Functions
static void	UpdateGrants (IQuery queryContext, IMutableTable grantTable, DbObjectType objectType, ObjectName objectName, string granter, string grantee, Privileges privileges, bool withOption)

static void	RevokeAllGrants (IQuery queryContext, IMutableTable grantTable, DbObjectType objectType, ObjectName objectName, string revoker, string user, bool withOption=false)

static Privileges	QueryPrivileges (IQuery queryContext, ITable grantTable, string grantee, DbObjectType objectType, ObjectName objectName, bool withOption, bool withPublic)

Private Attributes
Dictionary< GrantCacheKey, Privileges >	grantsCache

Dictionary< string, Privileges >	groupsPrivilegesCache

Detailed Description

Definition at line 27 of file PrivilegeManager.cs.

Constructor & Destructor Documentation

Deveel.Data.Security.PrivilegeManager.PrivilegeManager ( IQuery queryContext )

inline

Definition at line 31 of file PrivilegeManager.cs.

                                                      {
             QueryContext = queryContext;
         }

Deveel.Data.Security.PrivilegeManager.~PrivilegeManager ( )

inlineprivate

Definition at line 35 of file PrivilegeManager.cs.

                             {
             Dispose(false);
         }

Member Function Documentation

void Deveel.Data.Security.PrivilegeManager.ClearUserGrantsCache	(	string	userName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic
	)

inlineprivate

Definition at line 133 of file PrivilegeManager.cs.

                                                                                                                                              {
             if (grantsCache == null)
                 return;
 
             var key = new GrantCacheKey(userName, objectType, objectName.FullName, withOption, withPublic);
             grantsCache.Remove(key);
         }

void Deveel.Data.Security.PrivilegeManager.ClearUserGrantsCache ( string userName )

inlineprivate

Definition at line 141 of file PrivilegeManager.cs.

                                                            {
             if (grantsCache == null)
                 return;
 
             var keys = grantsCache.Keys.Where(x => x.userName.Equals(userName, StringComparison.OrdinalIgnoreCase));
             foreach (var key in keys) {
                 grantsCache.Remove(key);
             }
         }

void Deveel.Data.Security.PrivilegeManager.Dispose ( )

inline

Definition at line 41 of file PrivilegeManager.cs.

                               {
             Dispose(true);
             GC.SuppressFinalize(this);
         }

virtual void Deveel.Data.Security.PrivilegeManager.Dispose ( bool disposing )

inlineprotectedvirtual

Definition at line 54 of file PrivilegeManager.cs.

                                                        {
             QueryContext = null;
         }

Privileges Deveel.Data.Security.PrivilegeManager.GetGroupPrivileges	(	string	groupName,
		DbObjectType	objectType,
		ObjectName	objectName
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 331 of file PrivilegeManager.cs.

                                                                                                                {
             Privileges privileges;
             if (!TryGetPrivilegesFromCache(groupName, objectType, objectName, false, false, out privileges)) {
                 privileges = QueryGroupPrivileges(groupName, objectType, objectName, false, false);
                 SetPrivilegesInCache(groupName, objectType, objectName, false, false, privileges);
             }
 
             return privileges;
         }

Privileges Deveel.Data.Security.PrivilegeManager.GetUserPrivileges	(	string	userName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 302 of file PrivilegeManager.cs.

                                                                                                                               {
             Privileges privs;
             if (!TryGetPrivilegesFromCache(userName, objectType, objectName, withOption, true, out privs)) {
                 privs = QueryUserPrivileges(userName, objectType, objectName, withOption, true);
                 SetPrivilegesInCache(userName, objectType, objectName, withOption, true, privs);
             }
 
             return privs;
         }

void Deveel.Data.Security.PrivilegeManager.GrantToGroup	(	string	groupName,
		Grant	grant
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 323 of file PrivilegeManager.cs.

                                                                 {
             throw new NotImplementedException();
         }

void Deveel.Data.Security.PrivilegeManager.GrantToUser	(	string	userName,
		Grant	grant
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 151 of file PrivilegeManager.cs.

                                                               {
             if (String.IsNullOrEmpty(userName))
                 throw new ArgumentNullException("userName");
             if (grant == null)
                 throw new ArgumentNullException("grant");
 
             var objectType = grant.ObjectType;
             var objectName = grant.ObjectName;
             var privileges = grant.Privileges;
 
             Privileges oldPrivs = GetUserPrivileges(userName, objectType, objectName, grant.WithOption);
             privileges |= oldPrivs;
 
             if (!oldPrivs.Equals(privileges))
                 UpdateUserGrants(objectType, objectName, grant.GranterName, userName, privileges, grant.WithOption);
         }

Privileges Deveel.Data.Security.PrivilegeManager.QueryGroupPrivileges	(	string	groupName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic
	)

inlineprivate

Definition at line 296 of file PrivilegeManager.cs.

                                               {
             var grantTable = QueryContext.GetTable(SystemSchema.GroupGrantsTable);
             return QueryPrivileges(QueryContext, grantTable, groupName, objectType, objectName, withOption, withPublic);
         }

static Privileges Deveel.Data.Security.PrivilegeManager.QueryPrivileges	(	IQuery	queryContext,
		ITable	grantTable,
		string	grantee,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic
	)

inlinestaticprivate

Definition at line 237 of file PrivilegeManager.cs.

                                                                                               {
             var objectCol = grantTable.GetResolvedColumnName(1);
             var paramCol = grantTable.GetResolvedColumnName(2);
             var granteeCol = grantTable.GetResolvedColumnName(3);
             var grantOptionCol = grantTable.GetResolvedColumnName(4);
             var granterCol = grantTable.GetResolvedColumnName(5);
 
             ITable t1 = grantTable;
 
             // All that match the given object parameter
             // It's most likely this will reduce the search by the most so we do
             // it first.
             t1 = t1.SimpleSelect(queryContext, paramCol, SqlExpressionType.Equal, SqlExpression.Constant(DataObject.String(objectName.FullName)));
 
             // The next is a single exhaustive select through the remaining records.
             // It finds all grants that match either public or the grantee is the
             // username, and that match the object type.
 
             // Expression: ("grantee_col" = username OR "grantee_col" = 'public')
             var userCheck = SqlExpression.Equal(SqlExpression.Reference(granteeCol), SqlExpression.Constant(DataObject.String(grantee)));
             if (withPublic) {
                 userCheck = SqlExpression.Or(userCheck, SqlExpression.Equal(SqlExpression.Reference(granteeCol),
                     SqlExpression.Constant(DataObject.String(User.PublicName))));
             }
 
             // Expression: ("object_col" = object AND
             //              ("grantee_col" = username OR "grantee_col" = 'public'))
             // All that match the given username or public and given object
             var expr = SqlExpression.And(SqlExpression.Equal(SqlExpression.Reference(objectCol),
                 SqlExpression.Constant(DataObject.BigInt((int)objectType))), userCheck);
 
             // Are we only searching for grant options?
             if (withOption) {
                 var grantOptionCheck = SqlExpression.Equal(SqlExpression.Reference(grantOptionCol),
                     SqlExpression.Constant(DataObject.BooleanTrue));
                 expr = SqlExpression.And(expr, grantOptionCheck);
             }
 
             t1 = t1.ExhaustiveSelect(queryContext, expr);
 
             // For each grant, merge with the resultant priv object
             Privileges privs = Privileges.None;
 
             foreach (var row in t1) {
                 var priv = (int)row.GetValue(0).AsBigInt();
                 privs |= (Privileges)priv;
             }
 
             return privs;
         }

Privileges Deveel.Data.Security.PrivilegeManager.QueryUserPrivileges	(	string	userName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic
	)

inlineprivate

Definition at line 289 of file PrivilegeManager.cs.

                                               {
             // The system grants table.
             var grantTable = QueryContext.GetTable(SystemSchema.UserGrantsTableName);
             return QueryPrivileges(QueryContext, grantTable, userName, objectType, objectName, withOption, withPublic);
         }

static void Deveel.Data.Security.PrivilegeManager.RevokeAllGrants	(	IQuery	queryContext,
		IMutableTable	grantTable,
		DbObjectType	objectType,
		ObjectName	objectName,
		string	revoker,
		string	user,
		bool	withOption = `false`
	)

inlinestaticprivate

Definition at line 75 of file PrivilegeManager.cs.

                                                                                                                                                                                                  {
             var objectCol = grantTable.GetResolvedColumnName(1);
             var paramCol = grantTable.GetResolvedColumnName(2);
             var granteeCol = grantTable.GetResolvedColumnName(3);
             var grantOptionCol = grantTable.GetResolvedColumnName(4);
             var granterCol = grantTable.GetResolvedColumnName(5);
 
             ITable t1 = grantTable;
 
             // All that match the given object parameter
             // It's most likely this will reduce the search by the most so we do
             // it first.
             t1 = t1.SimpleSelect(queryContext, paramCol, SqlExpressionType.Equal,
                 SqlExpression.Constant(DataObject.String(objectName.FullName)));
 
             // The next is a single exhaustive select through the remaining records.
             // It finds all grants that match either public or the grantee is the
             // username, and that match the object type.
 
             // Expression: ("grantee_col" = username)
             var userCheck = SqlExpression.Equal(SqlExpression.Reference(granteeCol),
                 SqlExpression.Constant(DataObject.String(user)));
 
             // Expression: ("object_col" = object AND
             //              "grantee_col" = username)
             // All that match the given username or public and given object
             var expr =
                 SqlExpression.And(
                     SqlExpression.Equal(SqlExpression.Reference(objectCol),
                         SqlExpression.Constant(DataObject.BigInt((int)objectType))), userCheck);
 
             // Are we only searching for grant options?
             var grantOptionCheck = SqlExpression.Equal(SqlExpression.Reference(grantOptionCol),
                 SqlExpression.Constant(DataObject.Boolean(withOption)));
             expr = SqlExpression.And(expr, grantOptionCheck);
 
             // Make sure the granter matches up also
             var granterCheck = SqlExpression.Equal(SqlExpression.Reference(granterCol),
                 SqlExpression.Constant(DataObject.String(revoker)));
             expr = SqlExpression.And(expr, granterCheck);
 
             t1 = t1.ExhaustiveSelect(queryContext, expr);
 
             // Remove these rows from the table
             grantTable.Delete(t1);
         }

void Deveel.Data.Security.PrivilegeManager.RevokeAllGrantsFromUser	(	DbObjectType	objectType,
		ObjectName	objectName,
		string	revoker,
		string	user,
		bool	withOption = `false`
	)

inlineprivate

Definition at line 188 of file PrivilegeManager.cs.

                                                                                                                                                    {
             var grantTable = QueryContext.GetMutableTable(SystemSchema.UserGrantsTableName);
 
             var objectCol = grantTable.GetResolvedColumnName(1);
             var paramCol = grantTable.GetResolvedColumnName(2);
             var granteeCol = grantTable.GetResolvedColumnName(3);
             var grantOptionCol = grantTable.GetResolvedColumnName(4);
             var granterCol = grantTable.GetResolvedColumnName(5);
 
             ITable t1 = grantTable;
 
             // All that match the given object parameter
             // It's most likely this will reduce the search by the most so we do
             // it first.
             t1 = t1.SimpleSelect(QueryContext, paramCol, SqlExpressionType.Equal,
                 SqlExpression.Constant(DataObject.String(objectName.FullName)));
 
             // The next is a single exhaustive select through the remaining records.
             // It finds all grants that match either public or the grantee is the
             // username, and that match the object type.
 
             // Expression: ("grantee_col" = username)
             var userCheck = SqlExpression.Equal(SqlExpression.Reference(granteeCol),
                 SqlExpression.Constant(DataObject.String(user)));
 
             // Expression: ("object_col" = object AND
             //              "grantee_col" = username)
             // All that match the given username or public and given object
             var expr =
                 SqlExpression.And(
                     SqlExpression.Equal(SqlExpression.Reference(objectCol),
                         SqlExpression.Constant(DataObject.BigInt((int)objectType))), userCheck);
 
             // Are we only searching for grant options?
             var grantOptionCheck = SqlExpression.Equal(SqlExpression.Reference(grantOptionCol),
                 SqlExpression.Constant(DataObject.Boolean(withOption)));
             expr = SqlExpression.And(expr, grantOptionCheck);
 
             // Make sure the granter matches up also
             var granterCheck = SqlExpression.Equal(SqlExpression.Reference(granterCol),
                 SqlExpression.Constant(DataObject.String(revoker)));
             expr = SqlExpression.And(expr, granterCheck);
 
             t1 = t1.ExhaustiveSelect(QueryContext, expr);
 
             // Remove these rows from the table
             grantTable.Delete(t1);
         }

void Deveel.Data.Security.PrivilegeManager.RevokeFromGroup	(	string	groupName,
		Grant	grant
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 327 of file PrivilegeManager.cs.

                                                                    {
             throw new NotImplementedException();
         }

void Deveel.Data.Security.PrivilegeManager.RevokeFromUser	(	string	userName,
		Grant	grant
	)

inline

Implements Deveel.Data.Security.IPrivilegeManager.

Definition at line 312 of file PrivilegeManager.cs.

                                                                  {
             if (String.IsNullOrEmpty(userName))
                 throw new ArgumentNullException("userName");
 
             try {
                 RevokeAllGrantsFromUser(grant.ObjectType, grant.ObjectName, grant.GranterName, userName, grant.WithOption);
             } finally {
                 ClearUserGrantsCache(userName, grant.ObjectType, grant.ObjectName, grant.WithOption, false);
             }
         }

void Deveel.Data.Security.PrivilegeManager.SetPrivilegesInCache	(	string	userName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic,
		Privileges	privileges
	)

inlineprivate

Definition at line 179 of file PrivilegeManager.cs.

                                    {
             var key = new GrantCacheKey(userName, objectType, objectName.FullName, withOption, withPublic);
             if (grantsCache == null)
                 grantsCache = new Dictionary<GrantCacheKey, Privileges>();
 
             grantsCache[key] = privileges;
         }

bool Deveel.Data.Security.PrivilegeManager.TryGetPrivilegesFromCache	(	string	userName,
		DbObjectType	objectType,
		ObjectName	objectName,
		bool	withOption,
		bool	withPublic,
		out Privileges	privileges
	)

inlineprivate

Definition at line 168 of file PrivilegeManager.cs.

                                        {
             if (grantsCache == null) {
                 privileges = Privileges.None;
                 return false;
             }
 
             var key = new GrantCacheKey(userName, objectType, objectName.FullName, withOption, withPublic);
             return grantsCache.TryGetValue(key, out privileges);
         }

static void Deveel.Data.Security.PrivilegeManager.UpdateGrants	(	IQuery	queryContext,
		IMutableTable	grantTable,
		DbObjectType	objectType,
		ObjectName	objectName,
		string	granter,
		string	grantee,
		Privileges	privileges,
		bool	withOption
	)

inlinestaticprivate

Definition at line 58 of file PrivilegeManager.cs.

                                                                                     {
             RevokeAllGrants(queryContext, grantTable, objectType, objectName, granter, grantee, withOption);
 
             if (privileges != Privileges.None) {
                 // Add the grant to the grants table.
                 var row = grantTable.NewRow();
                 row.SetValue(0, (int)privileges);
                 row.SetValue(1, (int)objectType);
                 row.SetValue(2, objectName.FullName);
                 row.SetValue(3, grantee);
                 row.SetValue(4, withOption);
                 row.SetValue(5, granter);
                 grantTable.AddRow(row);
             }
         }

void Deveel.Data.Security.PrivilegeManager.UpdateUserGrants	(	DbObjectType	objectType,
		ObjectName	objectName,
		string	granter,
		string	grantee,
		Privileges	privileges,
		bool	withOption
	)

inlineprivate

Definition at line 123 of file PrivilegeManager.cs.

                                                                                                                                                               {
             var grantTable = QueryContext.GetMutableTable(SystemSchema.UserGrantsTableName);
 
             try {
                 UpdateGrants(QueryContext, grantTable, objectType, objectName, granter, grantee, privileges, withOption);
             } finally {
                 ClearUserGrantsCache(grantee, objectType, objectName, withOption, true);
             }
         }

Member Data Documentation

Dictionary<GrantCacheKey, Privileges> Deveel.Data.Security.PrivilegeManager.grantsCache

private

Definition at line 28 of file PrivilegeManager.cs.

Dictionary<string, Privileges> Deveel.Data.Security.PrivilegeManager.groupsPrivilegesCache

private

Definition at line 29 of file PrivilegeManager.cs.

Property Documentation

IQuery Deveel.Data.Security.PrivilegeManager.QueryContext

getprivate set

Definition at line 39 of file PrivilegeManager.cs.

The documentation for this class was generated from the following file:

/var/calculate/remote/distfiles/egit-src/deveeldb.git/src/deveeldb/Deveel.Data.Security/PrivilegeManager.cs

Classes

Public Member Functions

Protected Member Functions

Properties

Private Member Functions

Static Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

Member Function Documentation

Member Data Documentation

Property Documentation