DeveelDB  20151217
complete SQL database system, primarly developed for .NET/Mono frameworks
Static Public Member Functions | Static Private Member Functions | List of all members
Deveel.Data.Security.QueryContext Class Reference

Static Public Member Functions

static void CreateUserGroup (this IQueryContext context, string groupName)
 
static User GetUser (this IQueryContext context, string userName)
 
static void SetUserStatus (this IQueryContext queryContext, string username, UserStatus status)
 
static UserStatus GetUserStatus (this IQueryContext queryContext, string userName)
 
static void SetUserGroups (this IQueryContext context, string userName, string[] groups)
 
static bool UserExists (this IQueryContext context, string userName)
 
static void CreatePublicUser (this IQueryContext context)
 
static User CreateUser (this IQueryContext context, string userName, string password)
 
static void AlterUserPassword (this IQueryContext queryContext, string username, string password)
 
static bool DeleteUser (this IQueryContext context, string userName)
 
static void RemoveUserFromAllGroups (this IQueryContext context, string username)
 
static User Authenticate (this IQueryContext queryContext, string username, string password)
 Authenticates the specified user using the provided credentials. More...
 
static void AddUserToGroup (this IQueryContext queryContext, string username, string group, bool asAdmin=false)
 
static void GrantToUserOn (this IQueryContext context, ObjectName objectName, string grantee, Privileges privileges, bool withOption=false)
 
static void GrantToUserOn (this IQueryContext context, DbObjectType objectType, ObjectName objectName, string grantee, Privileges privileges, bool withOption=false)
 
static void GrantToUserOnSchema (this IQueryContext context, string schemaName, string grantee, Privileges privileges, bool withOption=false)
 
static void GrantToGroupOn (this IQueryContext context, DbObjectType objectType, ObjectName objectName, string groupName, Privileges privileges, bool withOption=false)
 
static void GrantTo (this IQueryContext context, string groupOrUserName, DbObjectType objectType, ObjectName objectName, Privileges privileges, bool withOption=false)
 
static void RevokeAllGrantsOnTable (this IQueryContext context, ObjectName objectName)
 
static void RevokeAllGrantsOnView (this IQueryContext context, ObjectName objectName)
 
static void RevokeAllGrantsOn (this IQueryContext context, DbObjectType objectType, ObjectName objectName)
 
static void GrantToUserOnTable (this IQueryContext context, ObjectName tableName, string grantee, Privileges privileges)
 
static string[] GetGroupsUserBelongsTo (this IQueryContext queryContext, string username)
 
static bool UserBelongsToGroup (this IQueryContext queryContext, string group)
 
static bool UserBelongsToGroup (this IQueryContext context, string username, string groupName)
 
static bool UserCanManageGroups (this IQueryContext context)
 
static bool UserHasSecureAccess (this IQueryContext context)
 
static bool UserBelongsToSecureGroup (this IQueryContext context)
 
static bool UserHasGrantOption (this IQueryContext context, DbObjectType objectType, ObjectName objectName, Privileges privileges)
 
static bool UserHasPrivilege (this IQueryContext context, DbObjectType objectType, ObjectName objectName, Privileges privileges)
 
static bool UserCanCreateUsers (this IQueryContext context)
 
static bool UserCanDropUser (this IQueryContext context, string userToDrop)
 
static bool UserCanAlterUser (this IQueryContext context, string userName)
 
static bool UserCanManageUsers (this IQueryContext context)
 
static bool UserCanAccessUsers (this IQueryContext context)
 
static bool UserHasTablePrivilege (this IQueryContext context, ObjectName tableName, Privileges privileges)
 
static bool UserHasSchemaPrivilege (this IQueryContext context, string schemaName, Privileges privileges)
 
static bool UserCanCreateSchema (this IQueryContext context)
 
static bool UserCanCreateInSchema (this IQueryContext context, string schemaName)
 
static bool UserCanCreateTable (this IQueryContext context, ObjectName tableName)
 
static bool UserCanAlterInSchema (this IQueryContext context, string schemaName)
 
static bool UserCanAlterTable (this IQueryContext context, ObjectName tableName)
 
static bool UserCanSelectFromTable (this IQueryContext context, ObjectName tableName)
 
static bool UserCanReferenceTable (this IQueryContext context, ObjectName tableName)
 
static bool UserCanSelectFromPlan (this IQueryContext context, IQueryPlanNode queryPlan)
 
static bool UserCanSelectFromTable (this IQueryContext context, ObjectName tableName, params string[] columnNames)
 
static bool UserCanUpdateTable (this IQueryContext context, ObjectName tableName, params string[] columnNames)
 
static bool UserCanInsertIntoTable (this IQueryContext context, ObjectName tableName, params string[] columnNames)
 
static bool UserCanExecute (this IQueryContext context, RoutineType routineType, Invoke invoke)
 
static bool UserCanExecuteFunction (this IQueryContext context, Invoke invoke)
 
static bool UserCanExecuteProcedure (this IQueryContext context, Invoke invoke)
 
static bool UserCanCreateObject (this IQueryContext context, DbObjectType objectType, ObjectName objectName)
 
static bool UserCanDropObject (this IQueryContext context, DbObjectType objectType, ObjectName objectName)
 
static bool UserCanAlterObject (this IQueryContext context, DbObjectType objectType, ObjectName objectName)
 
static bool UserCanAccessObject (this IQueryContext context, DbObjectType objectType, ObjectName objectName)
 
static bool UserCanDeleteFromTable (this IQueryContext context, ObjectName tableName)
 
static bool UserCanAddToGroup (this IQueryContext context, string groupName)
 

Static Private Member Functions

static IUserManager UserManager (this IQueryContext context)
 
static IPrivilegeManager PrivilegeManager (this IQueryContext context)
 

Detailed Description

Definition at line 12 of file QueryContext.Security.cs.

Member Function Documentation

static void Deveel.Data.Security.QueryContext.AddUserToGroup ( this IQueryContext  queryContext,
string  username,
string  group,
bool  asAdmin = false 
)
inlinestatic

Definition at line 204 of file QueryContext.Security.cs.

204  {
205  if (String.IsNullOrEmpty(@group))
206  throw new ArgumentNullException("group");
207  if (String.IsNullOrEmpty(username))
208  throw new ArgumentNullException("username");
209 
210  if (!queryContext.UserCanAddToGroup(group))
211  throw new SecurityException();
212 
213  queryContext.ForSystemUser().UserManager().AddUserToGroup(username, group, asAdmin);
214  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
static void Deveel.Data.Security.QueryContext.AlterUserPassword ( this IQueryContext  queryContext,
string  username,
string  password 
)
inlinestatic

Definition at line 129 of file QueryContext.Security.cs.

129  {
130  if (!queryContext.UserCanAlterUser(username))
131  throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter);
132 
133  var userId = UserIdentification.PlainText;
134  var userInfo = new UserInfo(username, userId);
135 
136  queryContext.ForSystemUser().UserManager().AlterUser(userInfo, password);
137  }
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static User Deveel.Data.Security.QueryContext.Authenticate ( this IQueryContext  queryContext,
string  username,
string  password 
)
inlinestatic

Authenticates the specified user using the provided credentials.

Parameters
queryContextThe query context.
usernameThe name of the user to authenticate.
passwordThe password used to authenticate the user.
Returns
Exceptions
System.ArgumentNullExceptionIf either username or password are null or empty.
SecurityExceptionIf the authentication was not successful for the credentials provided.
System.NotImplementedExceptionThe external authentication mechanism is not implemented yet

Definition at line 173 of file QueryContext.Security.cs.

173  {
174  try {
175  if (String.IsNullOrEmpty(username))
176  throw new ArgumentNullException("username");
177  if (String.IsNullOrEmpty(password))
178  throw new ArgumentNullException("password");
179 
180  var userInfo = queryContext.ForSystemUser().UserManager().GetUser(username);
181 
182  if (userInfo == null)
183  return null;
184 
185  var userId = userInfo.Identification;
186 
187  if (userId.Method != "plain")
188  throw new NotImplementedException();
189 
190  if (!queryContext.ForSystemUser().UserManager().CheckIdentifier(username, password))
191  return null;
192 
193  // Successfully authenticated...
194  return new User(queryContext, username);
195  } catch (SecurityException) {
196  throw;
197  } catch (Exception ex) {
198  throw new SecurityException("Could not authenticate user.", ex);
199  }
200  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
static void Deveel.Data.Security.QueryContext.CreatePublicUser ( this IQueryContext  context)
inlinestatic

Definition at line 86 of file QueryContext.Security.cs.

86  {
87  if (!context.User().IsSystem)
88  throw new InvalidOperationException("The @PUBLIC user can be created only by the SYSTEM");
89 
90  var userName = User.PublicName;
91  var userId = UserIdentification.PlainText;
92  var userInfo = new UserInfo(userName, userId);
93 
94  context.ForSystemUser().UserManager().CreateUser(userInfo, "####");
95  }
static User Deveel.Data.Security.QueryContext.CreateUser ( this IQueryContext  context,
string  userName,
string  password 
)
inlinestatic

Definition at line 97 of file QueryContext.Security.cs.

97  {
98  if (String.IsNullOrEmpty(userName))
99  throw new ArgumentNullException("userName");
100  if (String.IsNullOrEmpty(password))
101  throw new ArgumentNullException("password");
102 
103  if (!context.UserCanCreateUsers())
104  throw new MissingPrivilegesException(userName, new ObjectName(userName), Privileges.Create,
105  String.Format("User '{0}' cannot create users.", context.UserName()));
106 
107  if (String.Equals(userName, User.PublicName, StringComparison.OrdinalIgnoreCase))
108  throw new ArgumentException(
109  String.Format("User name '{0}' is reserved and cannot be registered.", User.PublicName), "userName");
110 
111  if (userName.Length <= 1)
112  throw new ArgumentException("User name must be at least one character.");
113  if (password.Length <= 1)
114  throw new ArgumentException("The password must be at least one character.");
115 
116  var c = userName[0];
117  if (c == '#' || c == '@' || c == '$' || c == '&')
118  throw new ArgumentException(
119  String.Format("User name '{0}' is invalid: cannot start with '{1}' character.", userName, c), "userName");
120 
121  var userId = UserIdentification.PlainText;
122  var userInfo = new UserInfo(userName, userId);
123 
124  context.ForSystemUser().UserManager().CreateUser(userInfo, password);
125 
126  return new User(context, userName);
127  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static void Deveel.Data.Security.QueryContext.CreateUserGroup ( this IQueryContext  context,
string  groupName 
)
inlinestatic

Definition at line 23 of file QueryContext.Security.cs.

23  {
24  if (!context.UserCanManageGroups())
25  throw new InvalidOperationException(String.Format("User '{0}' has not enough privileges to create a group.", context.UserName()));
26 
27  context.ForSystemUser().UserManager().CreateUserGroup(groupName);
28  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
static bool Deveel.Data.Security.QueryContext.DeleteUser ( this IQueryContext  context,
string  userName 
)
inlinestatic

Definition at line 139 of file QueryContext.Security.cs.

139  {
140  if (String.IsNullOrEmpty(userName))
141  throw new ArgumentNullException("userName");
142 
143  if (!context.UserCanDropUser(userName))
144  throw new MissingPrivilegesException(context.UserName(), new ObjectName(userName), Privileges.Drop);
145 
146  return context.ForSystemUser().UserManager().DropUser(userName);
147  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static string [] Deveel.Data.Security.QueryContext.GetGroupsUserBelongsTo ( this IQueryContext  queryContext,
string  username 
)
inlinestatic

Definition at line 305 of file QueryContext.Security.cs.

305  {
306  return queryContext.ForSystemUser().UserManager().GetUserGroups(username);
307  }
static User Deveel.Data.Security.QueryContext.GetUser ( this IQueryContext  context,
string  userName 
)
inlinestatic

Definition at line 34 of file QueryContext.Security.cs.

34  {
35  if (context.UserName().Equals(userName, StringComparison.OrdinalIgnoreCase))
36  return new User(context, userName);
37 
38  if (!context.UserCanAccessUsers())
39  throw new MissingPrivilegesException(context.UserName(), new ObjectName(userName), Privileges.Select,
40  String.Format("The user '{0}' has not enough rights to access other users information.", context.UserName()));
41 
42  if (!context.ForSystemUser().UserManager().UserExists(userName))
43  return null;
44 
45  return new User(context, userName);
46  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static UserStatus Deveel.Data.Security.QueryContext.GetUserStatus ( this IQueryContext  queryContext,
string  userName 
)
inlinestatic

Definition at line 56 of file QueryContext.Security.cs.

56  {
57  if (!queryContext.UserName().Equals(userName) &&
58  !queryContext.UserCanAccessUsers())
59  throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(userName), Privileges.Select,
60  String.Format("The user '{0}' has not enough rights to access other users information.", queryContext.UserName()));
61 
62  return queryContext.ForSystemUser().UserManager().GetUserStatus(userName);
63  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static void Deveel.Data.Security.QueryContext.GrantTo ( this IQueryContext  context,
string  groupOrUserName,
DbObjectType  objectType,
ObjectName  objectName,
Privileges  privileges,
bool  withOption = false 
)
inlinestatic

Definition at line 258 of file QueryContext.Security.cs.

258  {
259  if (context.ForSystemUser().UserManager().UserGroupExists(groupOrUserName)) {
260  if (withOption)
261  throw new SecurityException("User groups cannot be granted with grant option.");
262 
263  context.GrantToGroupOn(objectType, objectName, groupOrUserName, privileges);
264  } else if (context.ForSystemUser().UserManager().UserExists(groupOrUserName)) {
265  context.GrantToUserOn(objectType, objectName, groupOrUserName, privileges, withOption);
266  } else {
267  throw new SecurityException(String.Format("User or group '{0}' was not found.", groupOrUserName));
268  }
269  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
static void Deveel.Data.Security.QueryContext.GrantToGroupOn ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName,
string  groupName,
Privileges  privileges,
bool  withOption = false 
)
inlinestatic

Definition at line 243 of file QueryContext.Security.cs.

243  {
244  if (SystemGroups.IsSystemGroup(groupName))
245  throw new InvalidOperationException("Cannot grant to a system group.");
246 
247  if (!context.UserCanManageGroups())
248  throw new MissingPrivilegesException(context.UserName(), new ObjectName(groupName));
249 
250  if (!context.ObjectExists(objectType, objectName))
251  throw new ObjectNotFoundException(objectName);
252 
253  var granter = context.UserName();
254  var grant = new Grant(privileges, objectName, objectType, granter, withOption);
255  context.ForSystemUser().PrivilegeManager().GrantToGroup(groupName, grant);
256  }
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static void Deveel.Data.Security.QueryContext.GrantToUserOn ( this IQueryContext  context,
ObjectName  objectName,
string  grantee,
Privileges  privileges,
bool  withOption = false 
)
inlinestatic

Definition at line 216 of file QueryContext.Security.cs.

216  {
217  var obj = context.FindObject(objectName);
218  if (obj == null)
219  throw new ObjectNotFoundException(objectName);
220 
221  context.GrantToUserOn(obj.ObjectType, obj.FullName, grantee, privileges, withOption);
222  }
static void Deveel.Data.Security.QueryContext.GrantToUserOn ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName,
string  grantee,
Privileges  privileges,
bool  withOption = false 
)
inlinestatic

Definition at line 224 of file QueryContext.Security.cs.

224  {
225  if (String.Equals(grantee, User.SystemName)) // The @SYSTEM user does not need any other
226  return;
227 
228  if (!context.ObjectExists(objectType, objectName))
229  throw new ObjectNotFoundException(objectName);
230 
231  if (!context.UserHasGrantOption(objectType, objectName, privileges))
232  throw new MissingPrivilegesException(context.UserName(), objectName, privileges);
233 
234  var granter = context.UserName();
235  var grant = new Grant(privileges, objectName, objectType, granter, withOption);
236  context.ForSystemUser().PrivilegeManager().GrantToUser(grantee, grant);
237  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
static void Deveel.Data.Security.QueryContext.GrantToUserOnSchema ( this IQueryContext  context,
string  schemaName,
string  grantee,
Privileges  privileges,
bool  withOption = false 
)
inlinestatic

Definition at line 239 of file QueryContext.Security.cs.

239  {
240  context.GrantToUserOn(DbObjectType.Schema, new ObjectName(schemaName), grantee, privileges, withOption);
241  }
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static void Deveel.Data.Security.QueryContext.GrantToUserOnTable ( this IQueryContext  context,
ObjectName  tableName,
string  grantee,
Privileges  privileges 
)
inlinestatic

Definition at line 295 of file QueryContext.Security.cs.

295  {
296  context.GrantToUserOn(DbObjectType.Table, tableName, grantee, privileges);
297  }
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static IPrivilegeManager Deveel.Data.Security.QueryContext.PrivilegeManager ( this IQueryContext  context)
inlinestaticprivate

Definition at line 17 of file QueryContext.Security.cs.

17  {
18  return context.ResolveService<IPrivilegeManager>();
19  }
static void Deveel.Data.Security.QueryContext.RemoveUserFromAllGroups ( this IQueryContext  context,
string  username 
)
inlinestatic

Definition at line 149 of file QueryContext.Security.cs.

149  {
150  var userExpr = SqlExpression.Constant(DataObject.String(username));
151 
152  var table = context.GetMutableTable(SystemSchema.UserGroupTableName);
153  var c1 = table.GetResolvedColumnName(0);
154  var t = table.SimpleSelect(context, c1, SqlExpressionType.Equal, userExpr);
155  table.Delete(t);
156  }
Deveel.Data.Sql.Expressions.SqlExpressionType
SqlExpressionType
All the possible type of SqlExpression supported
Definition: SqlExpressionType.cs:23
Deveel.Data.Sql.Expressions.SqlExpression
Defines the base class for instances that represent SQL expression tree nodes.
Definition: SqlExpression.cs:35
Deveel.Data.Sql.Expressions.SqlExpression.Constant
static SqlConstantExpression Constant(object value)
Definition: SqlExpression.cs:256
static void Deveel.Data.Security.QueryContext.RevokeAllGrantsOn ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName 
)
inlinestatic

Definition at line 279 of file QueryContext.Security.cs.

279  {
280  var grantTable = context.GetMutableTable(SystemSchema.UserGrantsTableName);
281 
282  var objectTypeColumn = grantTable.GetResolvedColumnName(1);
283  var objectNameColumn = grantTable.GetResolvedColumnName(2);
284  // All that match the given object
285  var t1 = grantTable.SimpleSelect(context, objectTypeColumn, SqlExpressionType.Equal,
286  SqlExpression.Constant(DataObject.Integer((int)objectType)));
287  // All that match the given parameter
288  t1 = t1.SimpleSelect(context, objectNameColumn, SqlExpressionType.Equal,
289  SqlExpression.Constant(DataObject.String(objectName.FullName)));
290 
291  // Remove these rows from the table
292  grantTable.Delete(t1);
293  }
Deveel.Data.Sql.Expressions.SqlExpressionType
SqlExpressionType
All the possible type of SqlExpression supported
Definition: SqlExpressionType.cs:23
Deveel.Data.Sql.ObjectName.FullName
string FullName
Gets the full reference name formatted.
Definition: ObjectName.cs:114
Deveel.Data.Sql.Expressions.SqlExpression
Defines the base class for instances that represent SQL expression tree nodes.
Definition: SqlExpression.cs:35
Deveel.Data.Sql.Expressions.SqlExpression.Constant
static SqlConstantExpression Constant(object value)
Definition: SqlExpression.cs:256
static void Deveel.Data.Security.QueryContext.RevokeAllGrantsOnTable ( this IQueryContext  context,
ObjectName  objectName 
)
inlinestatic

Definition at line 271 of file QueryContext.Security.cs.

271  {
272  RevokeAllGrantsOn(context, DbObjectType.Table, objectName);
273  }
Deveel.Data.Security.QueryContext.RevokeAllGrantsOn
static void RevokeAllGrantsOn(this IQueryContext context, DbObjectType objectType, ObjectName objectName)
Definition: QueryContext.Security.cs:279
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static void Deveel.Data.Security.QueryContext.RevokeAllGrantsOnView ( this IQueryContext  context,
ObjectName  objectName 
)
inlinestatic

Definition at line 275 of file QueryContext.Security.cs.

275  {
276  context.RevokeAllGrantsOn(DbObjectType.View, objectName);
277  }
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static void Deveel.Data.Security.QueryContext.SetUserGroups ( this IQueryContext  context,
string  userName,
string[]  groups 
)
inlinestatic

Definition at line 65 of file QueryContext.Security.cs.

65  {
66  if (!context.UserCanManageUsers())
67  throw new MissingPrivilegesException(context.UserName(), new ObjectName(userName), Privileges.Alter,
68  String.Format("The user '{0}' has not enough rights to modify other users information.", context.UserName()));
69 
70  // TODO: Check if the user exists?
71 
72  var userGroups = context.ForSystemUser().UserManager().GetUserGroups(userName);
73  foreach (var userGroup in userGroups) {
74  context.ForSystemUser().UserManager().RemoveUserFromGroup(userName, userGroup);
75  }
76 
77  foreach (var userGroup in groups) {
78  context.ForSystemUser().UserManager().AddUserToGroup(userName, userGroup, false);
79  }
80  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static void Deveel.Data.Security.QueryContext.SetUserStatus ( this IQueryContext  queryContext,
string  username,
UserStatus  status 
)
inlinestatic

Definition at line 48 of file QueryContext.Security.cs.

48  {
49  if (!queryContext.UserCanManageUsers())
50  throw new MissingPrivilegesException(queryContext.UserName(), new ObjectName(username), Privileges.Alter,
51  String.Format("User '{0}' cannot change the status of user '{1}'", queryContext.UserName(), username));
52 
53  queryContext.ForSystemUser().UserManager().SetUserStatus(username, status);
54  }
Deveel.Data.Types.SqlTypeCode.String
A long string in the system.
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
static bool Deveel.Data.Security.QueryContext.UserBelongsToGroup ( this IQueryContext  queryContext,
string  group 
)
inlinestatic

Definition at line 309 of file QueryContext.Security.cs.

309  {
310  return UserBelongsToGroup(queryContext, queryContext.UserName(), group);
311  }
Deveel.Data.Security.QueryContext.UserBelongsToGroup
static bool UserBelongsToGroup(this IQueryContext queryContext, string group)
Definition: QueryContext.Security.cs:309
static bool Deveel.Data.Security.QueryContext.UserBelongsToGroup ( this IQueryContext  context,
string  username,
string  groupName 
)
inlinestatic

Definition at line 313 of file QueryContext.Security.cs.

313  {
314  return context.ForSystemUser().UserManager().IsUserInGroup(username, groupName);
315  }
static bool Deveel.Data.Security.QueryContext.UserBelongsToSecureGroup ( this IQueryContext  context)
inlinestatic

Definition at line 328 of file QueryContext.Security.cs.

328  {
329  return context.UserBelongsToGroup(SystemGroups.SecureGroup);
330  }
static bool Deveel.Data.Security.QueryContext.UserCanAccessObject ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName 
)
inlinestatic

Definition at line 488 of file QueryContext.Security.cs.

488  {
489  return context.UserHasPrivilege(objectType, objectName, Privileges.Select);
490  }
static bool Deveel.Data.Security.QueryContext.UserCanAccessUsers ( this IQueryContext  context)
inlinestatic

Definition at line 382 of file QueryContext.Security.cs.

382  {
383  return context.UserHasSecureAccess() || context.UserBelongsToGroup(SystemGroups.UserManagerGroup);
384  }
static bool Deveel.Data.Security.QueryContext.UserCanAddToGroup ( this IQueryContext  context,
string  groupName 
)
inlinestatic

Definition at line 496 of file QueryContext.Security.cs.

496  {
497  if (context.User().IsSystem)
498  return true;
499 
500  if (context.UserBelongsToSecureGroup() ||
501  context.UserBelongsToGroup(SystemGroups.UserManagerGroup))
502  return true;
503 
504  return context.ForSystemUser().UserManager().IsUserGroupAdmin(context.UserName(), groupName);
505  }
static bool Deveel.Data.Security.QueryContext.UserCanAlterInSchema ( this IQueryContext  context,
string  schemaName 
)
inlinestatic

Definition at line 413 of file QueryContext.Security.cs.

413  {
414  if (context.UserHasSchemaPrivilege(schemaName, Privileges.Alter))
415  return true;
416 
417  return context.UserHasSecureAccess();
418  }
static bool Deveel.Data.Security.QueryContext.UserCanAlterObject ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName 
)
inlinestatic

Definition at line 484 of file QueryContext.Security.cs.

484  {
485  return context.UserHasPrivilege(objectType, objectName, Privileges.Alter);
486  }
static bool Deveel.Data.Security.QueryContext.UserCanAlterTable ( this IQueryContext  context,
ObjectName  tableName 
)
inlinestatic

Definition at line 420 of file QueryContext.Security.cs.

420  {
421  var schema = tableName.Parent;
422  if (schema == null)
423  return false;
424 
425  return context.UserCanAlterInSchema(schema.FullName);
426  }
Deveel.Data.Sql.ObjectName.Parent
ObjectName Parent
Gets the parent reference of the current one, if any or null if none.
Definition: ObjectName.cs:99
static bool Deveel.Data.Security.QueryContext.UserCanAlterUser ( this IQueryContext  context,
string  userName 
)
inlinestatic

Definition at line 368 of file QueryContext.Security.cs.

368  {
369  if (context.UserName().Equals(userName))
370  return true;
371 
372  if (userName.Equals(User.PublicName, StringComparison.OrdinalIgnoreCase))
373  return false;
374 
375  return context.UserHasSecureAccess();
376  }
static bool Deveel.Data.Security.QueryContext.UserCanCreateInSchema ( this IQueryContext  context,
string  schemaName 
)
inlinestatic

Definition at line 401 of file QueryContext.Security.cs.

401  {
402  return context.UserHasSchemaPrivilege(schemaName, Privileges.Create);
403  }
static bool Deveel.Data.Security.QueryContext.UserCanCreateObject ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName 
)
inlinestatic

Definition at line 476 of file QueryContext.Security.cs.

476  {
477  return context.UserHasPrivilege(objectType, objectName, Privileges.Create);
478  }
static bool Deveel.Data.Security.QueryContext.UserCanCreateSchema ( this IQueryContext  context)
inlinestatic

Definition at line 397 of file QueryContext.Security.cs.

397  {
398  return context.UserHasSecureAccess();
399  }
static bool Deveel.Data.Security.QueryContext.UserCanCreateTable ( this IQueryContext  context,
ObjectName  tableName 
)
inlinestatic

Definition at line 405 of file QueryContext.Security.cs.

405  {
406  var schema = tableName.Parent;
407  if (schema == null)
408  return context.UserHasSecureAccess();
409 
410  return context.UserCanCreateInSchema(schema.FullName);
411  }
Deveel.Data.Sql.ObjectName.Parent
ObjectName Parent
Gets the parent reference of the current one, if any or null if none.
Definition: ObjectName.cs:99
static bool Deveel.Data.Security.QueryContext.UserCanCreateUsers ( this IQueryContext  context)
inlinestatic

Definition at line 357 of file QueryContext.Security.cs.

357  {
358  return context.UserHasSecureAccess() ||
359  context.UserBelongsToGroup(SystemGroups.UserManagerGroup);
360  }
static bool Deveel.Data.Security.QueryContext.UserCanDeleteFromTable ( this IQueryContext  context,
ObjectName  tableName 
)
inlinestatic

Definition at line 492 of file QueryContext.Security.cs.

492  {
493  return context.UserHasTablePrivilege(tableName, Privileges.Delete);
494  }
static bool Deveel.Data.Security.QueryContext.UserCanDropObject ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName 
)
inlinestatic

Definition at line 480 of file QueryContext.Security.cs.

480  {
481  return context.UserHasPrivilege(objectType, objectName, Privileges.Drop);
482  }
static bool Deveel.Data.Security.QueryContext.UserCanDropUser ( this IQueryContext  context,
string  userToDrop 
)
inlinestatic

Definition at line 362 of file QueryContext.Security.cs.

362  {
363  return context.UserHasSecureAccess() ||
364  context.UserBelongsToGroup(SystemGroups.UserManagerGroup) ||
365  context.UserName().Equals(userToDrop, StringComparison.OrdinalIgnoreCase);
366  }
static bool Deveel.Data.Security.QueryContext.UserCanExecute ( this IQueryContext  context,
RoutineType  routineType,
Invoke  invoke 
)
inlinestatic

Definition at line 456 of file QueryContext.Security.cs.

456  {
457  if (routineType == RoutineType.Function &&
458  context.IsSystemFunction(invoke)) {
459  return true;
460  }
461 
462  if (context.UserHasSecureAccess())
463  return true;
464 
465  return context.UserHasPrivilege(DbObjectType.Routine, invoke.RoutineName, Privileges.Execute);
466  }
Deveel.Data.Routines.RoutineType
RoutineType
The type of routine program.
Definition: RoutineType.cs:23
Deveel.Data.Routines.Invoke.RoutineName
ObjectName RoutineName
Gets the fully qualified name of the routine to invoke.
Definition: Invoke.cs:58
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static bool Deveel.Data.Security.QueryContext.UserCanExecuteFunction ( this IQueryContext  context,
Invoke  invoke 
)
inlinestatic

Definition at line 468 of file QueryContext.Security.cs.

468  {
469  return context.UserCanExecute(RoutineType.Function, invoke);
470  }
Deveel.Data.Routines.RoutineType
RoutineType
The type of routine program.
Definition: RoutineType.cs:23
static bool Deveel.Data.Security.QueryContext.UserCanExecuteProcedure ( this IQueryContext  context,
Invoke  invoke 
)
inlinestatic

Definition at line 472 of file QueryContext.Security.cs.

472  {
473  return context.UserCanExecute(RoutineType.Procedure, invoke);
474  }
Deveel.Data.Routines.RoutineType
RoutineType
The type of routine program.
Definition: RoutineType.cs:23
static bool Deveel.Data.Security.QueryContext.UserCanInsertIntoTable ( this IQueryContext  context,
ObjectName  tableName,
params string[]  columnNames 
)
inlinestatic

Definition at line 451 of file QueryContext.Security.cs.

451  {
452  // TODO: Column-level select will be implemented in the future
453  return context.UserHasTablePrivilege(tableName, Privileges.Insert);
454  }
static bool Deveel.Data.Security.QueryContext.UserCanManageGroups ( this IQueryContext  context)
inlinestatic

Definition at line 317 of file QueryContext.Security.cs.

317  {
318  return context.User().IsSystem || context.UserHasSecureAccess();
319  }
static bool Deveel.Data.Security.QueryContext.UserCanManageUsers ( this IQueryContext  context)
inlinestatic

Definition at line 378 of file QueryContext.Security.cs.

378  {
379  return context.UserHasSecureAccess() || context.UserBelongsToGroup(SystemGroups.UserManagerGroup);
380  }
static bool Deveel.Data.Security.QueryContext.UserCanReferenceTable ( this IQueryContext  context,
ObjectName  tableName 
)
inlinestatic

Definition at line 432 of file QueryContext.Security.cs.

432  {
433  return context.UserHasTablePrivilege(tableName, Privileges.References);
434  }
static bool Deveel.Data.Security.QueryContext.UserCanSelectFromPlan ( this IQueryContext  context,
IQueryPlanNode  queryPlan 
)
inlinestatic

Definition at line 436 of file QueryContext.Security.cs.

436  {
437  var selectedTables = queryPlan.DiscoverTableNames();
438  return selectedTables.All(context.UserCanSelectFromTable);
439  }
static bool Deveel.Data.Security.QueryContext.UserCanSelectFromTable ( this IQueryContext  context,
ObjectName  tableName 
)
inlinestatic

Definition at line 428 of file QueryContext.Security.cs.

428  {
429  return UserCanSelectFromTable(context, tableName, new string[0]);
430  }
Deveel.Data.Security.QueryContext.UserCanSelectFromTable
static bool UserCanSelectFromTable(this IQueryContext context, ObjectName tableName)
Definition: QueryContext.Security.cs:428
static bool Deveel.Data.Security.QueryContext.UserCanSelectFromTable ( this IQueryContext  context,
ObjectName  tableName,
params string[]  columnNames 
)
inlinestatic

Definition at line 441 of file QueryContext.Security.cs.

441  {
442  // TODO: Column-level select will be implemented in the future
443  return context.UserHasTablePrivilege(tableName, Privileges.Select);
444  }
static bool Deveel.Data.Security.QueryContext.UserCanUpdateTable ( this IQueryContext  context,
ObjectName  tableName,
params string[]  columnNames 
)
inlinestatic

Definition at line 446 of file QueryContext.Security.cs.

446  {
447  // TODO: Column-level select will be implemented in the future
448  return context.UserHasTablePrivilege(tableName, Privileges.Update);
449  }
static bool Deveel.Data.Security.QueryContext.UserExists ( this IQueryContext  context,
string  userName 
)
inlinestatic

Definition at line 82 of file QueryContext.Security.cs.

82  {
83  return context.ForSystemUser().UserManager().UserExists(userName);
84  }
static bool Deveel.Data.Security.QueryContext.UserHasGrantOption ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName,
Privileges  privileges 
)
inlinestatic

Definition at line 332 of file QueryContext.Security.cs.

332  {
333  var user = context.User();
334  if (user.IsSystem)
335  return true;
336 
337  if (context.UserBelongsToSecureGroup())
338  return true;
339 
340  var grant = context.ForSystemUser().PrivilegeManager().GetUserPrivileges(user.Name, objectType, objectName, true);
341  return (grant & privileges) != 0;
342  }
static bool Deveel.Data.Security.QueryContext.UserHasPrivilege ( this IQueryContext  context,
DbObjectType  objectType,
ObjectName  objectName,
Privileges  privileges 
)
inlinestatic

Definition at line 344 of file QueryContext.Security.cs.

344  {
345  var user = context.User();
346  if (user.IsSystem)
347  return true;
348 
349  if (context.UserBelongsToSecureGroup())
350  return true;
351 
352  var userName = user.Name;
353  var grant = context.ForSystemUser().PrivilegeManager().GetUserPrivileges(userName, objectType, objectName, false);
354  return (grant & privileges) != 0;
355  }
static bool Deveel.Data.Security.QueryContext.UserHasSchemaPrivilege ( this IQueryContext  context,
string  schemaName,
Privileges  privileges 
)
inlinestatic

Definition at line 390 of file QueryContext.Security.cs.

390  {
391  if (context.UserHasPrivilege(DbObjectType.Schema, new ObjectName(schemaName), privileges))
392  return true;
393 
394  return context.UserHasSecureAccess();
395  }
Deveel.Data.Sql.ObjectName
Describes the name of an object within a database.
Definition: ObjectName.cs:44
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static bool Deveel.Data.Security.QueryContext.UserHasSecureAccess ( this IQueryContext  context)
inlinestatic

Definition at line 321 of file QueryContext.Security.cs.

321  {
322  if (context.User().IsSystem)
323  return true;
324 
325  return context.UserBelongsToSecureGroup();
326  }
static bool Deveel.Data.Security.QueryContext.UserHasTablePrivilege ( this IQueryContext  context,
ObjectName  tableName,
Privileges  privileges 
)
inlinestatic

Definition at line 386 of file QueryContext.Security.cs.

386  {
387  return context.UserHasPrivilege(DbObjectType.Table, tableName, privileges);
388  }
Deveel.Data.Sql.DbObjectType
DbObjectType
The kind of objects that can be handled by a database system and its managers
Definition: DbObjectType.cs:27
static IUserManager Deveel.Data.Security.QueryContext.UserManager ( this IQueryContext  context)
inlinestaticprivate

Definition at line 13 of file QueryContext.Security.cs.

13  {
14  return context.ResolveService<IUserManager>();
15  }
The documentation for this class was generated from the following file:
Generated by   doxygen 1.8.10