*** /home/jsum/devel/postgres/postgresql-jdbc-9.1dev-900.src/org/postgresql/jdbc2/AbstractJdbc2DatabaseMetaData.java.orig 2011-08-23 13:04:35.000000000 +0300 --- /home/jsum/devel/postgres/postgresql-jdbc-9.1dev-900.src/org/postgresql/jdbc2/AbstractJdbc2DatabaseMetaData.java 2011-08-25 08:56:16.000000000 +0300 *************** *** 11,16 **** --- 11,17 ---- import java.sql.*; import java.util.*; + import org.postgresql.core.*; import org.postgresql.util.PSQLException; import org.postgresql.util.PSQLState; *************** *** 2635,2644 **** String sql; if (connection.haveMinimumServerVersion("7.3")) { ! sql = "SELECT n.nspname,c.relname,u.usename,c.relacl,a.attname " + ! " FROM pg_catalog.pg_namespace n, pg_catalog.pg_class c, pg_catalog.pg_user u, pg_catalog.pg_attribute a " + " WHERE c.relnamespace = n.oid " + ! " AND u.usesysid = c.relowner " + " AND c.oid = a.attrelid " + " AND c.relkind = 'r' " + " AND a.attnum > 0 AND NOT a.attisdropped "; --- 2636,2645 ---- String sql; if (connection.haveMinimumServerVersion("7.3")) { ! sql = "SELECT n.nspname,c.relname,r.rolname,a.attacl,a.attname " + ! " FROM pg_catalog.pg_namespace n, pg_catalog.pg_class c, pg_catalog.pg_roles r, pg_catalog.pg_attribute a " + " WHERE c.relnamespace = n.oid " + ! " AND c.relowner = r.oid " + " AND c.oid = a.attrelid " + " AND c.relkind = 'r' " + " AND a.attnum > 0 AND NOT a.attisdropped "; *************** *** 2670,2677 **** byte schemaName[] = rs.getBytes("nspname"); byte tableName[] = rs.getBytes("relname"); byte column[] = rs.getBytes("attname"); ! String owner = rs.getString("usename"); ! String acl = rs.getString("relacl"); Hashtable permissions = parseACL(acl, owner); String permNames[] = new String[permissions.size()]; Enumeration e = permissions.keys(); --- 2671,2678 ---- byte schemaName[] = rs.getBytes("nspname"); byte tableName[] = rs.getBytes("relname"); byte column[] = rs.getBytes("attname"); ! String owner = rs.getString("rolname"); ! String acl = rs.getString("attacl"); Hashtable permissions = parseACL(acl, owner); String permNames[] = new String[permissions.size()]; Enumeration e = permissions.keys(); *************** *** 2684,2700 **** for (i = 0; i < permNames.length; i++) { byte[] privilege = connection.encodeString(permNames[i]); ! Vector grantees = (Vector)permissions.get(permNames[i]); for (int j = 0; j < grantees.size(); j++) { ! String grantee = (String)grantees.elementAt(j); ! String grantable = owner.equals(grantee) ? "YES" : "NO"; byte[][] tuple = new byte[8][]; tuple[0] = null; tuple[1] = schemaName; tuple[2] = tableName; tuple[3] = column; ! tuple[4] = connection.encodeString(owner); tuple[5] = connection.encodeString(grantee); tuple[6] = privilege; tuple[7] = connection.encodeString(grantable); --- 2685,2710 ---- for (i = 0; i < permNames.length; i++) { byte[] privilege = connection.encodeString(permNames[i]); ! Hashtable grantees = (Hashtable)permissions.get(permNames[i]); ! String granteeUsers[] = new String[grantees.size()]; ! Enumeration g = grantees.keys(); ! int k = 0; ! while (g.hasMoreElements()){ ! granteeUsers[k++] = (String)g.nextElement(); ! } for (int j = 0; j < grantees.size(); j++) { ! Vector grantor = (Vector)grantees.get(granteeUsers[j]); ! String grantee = (String)granteeUsers[j]; ! for (int l = 0; l < grantor.size(); l++) { ! String[] grants = (String[])grantor.elementAt(l); ! String grantable = owner.equals(grantee) ? "YES" : grants[1]; byte[][] tuple = new byte[8][]; tuple[0] = null; tuple[1] = schemaName; tuple[2] = tableName; tuple[3] = column; ! tuple[4] = connection.encodeString(grants[0]); tuple[5] = connection.encodeString(grantee); tuple[6] = privilege; tuple[7] = connection.encodeString(grantable); *************** *** 2702,2707 **** --- 2712,2718 ---- } } } + } rs.close(); return (ResultSet) ((BaseStatement)createMetaDataStatement()).createDriverResultSet(f, v); *************** *** 2753,2762 **** String sql; if (connection.haveMinimumServerVersion("7.3")) { ! sql = "SELECT n.nspname,c.relname,u.usename,c.relacl " + ! " FROM pg_catalog.pg_namespace n, pg_catalog.pg_class c, pg_catalog.pg_user u " + " WHERE c.relnamespace = n.oid " + ! " AND u.usesysid = c.relowner " + " AND c.relkind = 'r' "; if (schemaPattern != null && !"".equals(schemaPattern)) { --- 2764,2773 ---- String sql; if (connection.haveMinimumServerVersion("7.3")) { ! sql = "SELECT n.nspname,c.relname,r.rolname,c.relacl " + ! " FROM pg_catalog.pg_namespace n, pg_catalog.pg_class c, pg_catalog.pg_roles r " + " WHERE c.relnamespace = n.oid " + ! " AND c.relowner = r.oid " + " AND c.relkind = 'r' "; if (schemaPattern != null && !"".equals(schemaPattern)) { *************** *** 2782,2788 **** { byte schema[] = rs.getBytes("nspname"); byte table[] = rs.getBytes("relname"); ! String owner = rs.getString("usename"); String acl = rs.getString("relacl"); Hashtable permissions = parseACL(acl, owner); String permNames[] = new String[permissions.size()]; --- 2793,2799 ---- { byte schema[] = rs.getBytes("nspname"); byte table[] = rs.getBytes("relname"); ! String owner = rs.getString("rolname"); String acl = rs.getString("relacl"); Hashtable permissions = parseACL(acl, owner); String permNames[] = new String[permissions.size()]; *************** *** 2796,2815 **** for (i = 0; i < permNames.length; i++) { byte[] privilege = connection.encodeString(permNames[i]); ! Vector grantees = (Vector)permissions.get(permNames[i]); ! for (int j = 0; j < grantees.size(); j++) ! { ! String grantee = (String)grantees.elementAt(j); ! String grantable = owner.equals(grantee) ? "YES" : "NO"; byte[][] tuple = new byte[7][]; tuple[0] = null; tuple[1] = schema; tuple[2] = table; ! tuple[3] = connection.encodeString(owner); tuple[4] = connection.encodeString(grantee); tuple[5] = privilege; tuple[6] = connection.encodeString(grantable); v.addElement(tuple); } } } --- 2807,2840 ---- for (i = 0; i < permNames.length; i++) { byte[] privilege = connection.encodeString(permNames[i]); ! Hashtable grantees = (Hashtable)permissions.get(permNames[i]); ! String granteeUsers[] = new String[grantees.size()]; ! Enumeration g = grantees.keys(); ! int k = 0; ! while (g.hasMoreElements()){ ! granteeUsers[k++] = (String)g.nextElement(); ! } ! for (int j = 0; j < granteeUsers.length; j++) ! { ! Vector grants = (Vector)grantees.get(granteeUsers[j]); ! String grantee = (String)granteeUsers[j]; ! for (int l = 0; l < grants.size(); l++) { ! String[] grantTuple = (String[])grants.elementAt(l); ! // report the owner as grantor if it's missing ! String grantor = grantTuple[0].equals(null) ? owner : grantTuple[0]; ! // owner always has grant privileges ! String grantable = owner.equals(grantee) ? "YES" : grantTuple[1]; byte[][] tuple = new byte[7][]; tuple[0] = null; tuple[1] = schema; tuple[2] = table; ! tuple[3] = connection.encodeString(grantor); tuple[4] = connection.encodeString(grantee); tuple[5] = privilege; tuple[6] = connection.encodeString(grantable); v.addElement(tuple); + + } } } } *************** *** 2883,2901 **** */ private void addACLPrivileges(String acl, Hashtable privileges) { int equalIndex = acl.lastIndexOf("="); if (equalIndex == -1) return; ! String name = acl.substring(0, equalIndex); ! if (name.length() == 0) ! { ! name = "PUBLIC"; } ! String privs = acl.substring(equalIndex + 1); for (int i = 0; i < privs.length(); i++) { char c = privs.charAt(i); String sqlpriv; switch (c) { case 'a': --- 2908,2942 ---- */ private void addACLPrivileges(String acl, Hashtable privileges) { int equalIndex = acl.lastIndexOf("="); + int slashIndex = acl.lastIndexOf("/"); if (equalIndex == -1) return; ! String user = acl.substring(0, equalIndex); ! String grantor = null; ! if (user.length() == 0) ! { ! user = "PUBLIC"; ! } ! String privs; ! if (slashIndex != -1) { ! privs = acl.substring(equalIndex + 1, slashIndex); ! grantor = acl.substring(slashIndex + 1, acl.length()); ! } else { ! privs = acl.substring(equalIndex + 1, acl.length()); } ! for (int i = 0; i < privs.length(); i++) { char c = privs.charAt(i); + if (c != '*') { String sqlpriv; + String grantable; + if ( i < privs.length()-1 && privs.charAt(i + 1) == '*') { + grantable = "YES"; + } else { + grantable = "NO"; + } switch (c) { case 'a': *************** *** 2939,2951 **** default: sqlpriv = "UNKNOWN"; } ! Vector usersWithPermission = (Vector)privileges.get(sqlpriv); ! if (usersWithPermission == null) ! { ! usersWithPermission = new Vector(); privileges.put(sqlpriv, usersWithPermission); } - usersWithPermission.addElement(name); } } --- 2980,3006 ---- default: sqlpriv = "UNKNOWN"; } ! ! Hashtable usersWithPermission = (Hashtable)privileges.get(sqlpriv); ! String[] grant = {grantor, grantable}; ! ! if (usersWithPermission == null) { ! usersWithPermission = new Hashtable(); ! Vector permissionByGrantor = new Vector(); ! permissionByGrantor.addElement(grant); ! usersWithPermission.put(user, permissionByGrantor); privileges.put(sqlpriv, usersWithPermission); + } else { + Vector permissionByGrantor = (Vector)usersWithPermission.get(user); + if (permissionByGrantor == null) { + permissionByGrantor = new Vector(); + permissionByGrantor.addElement(grant); + usersWithPermission.put(user,permissionByGrantor); + } else { + permissionByGrantor.addElement(grant); + } + } } } } *************** *** 2966,2972 **** // 8.4 Added a separate TRUNCATE permission perms = "arwdDxt"; } ! aclArray = "{" + owner + "=" + perms + "}"; } Vector acls = parseACLArray(aclArray); --- 3021,3027 ---- // 8.4 Added a separate TRUNCATE permission perms = "arwdDxt"; } ! aclArray = "{" + owner + "=" + perms + "/" + owner + "}"; } Vector acls = parseACLArray(aclArray); *************** *** 4365,4368 **** --- 4420,4449 ---- return ((AbstractJdbc2Connection)connection).createStatement(java.sql.ResultSet.TYPE_SCROLL_INSENSITIVE, java.sql.ResultSet.CONCUR_READ_ONLY); } + public void testacl(){ + + } + + public void testacl (String acl) { + System.out.println(acl); + Hashtable permissions = parseACL(acl,"jurka"); + + } + + public static void main (String[] args ){ + AbstractJdbc2Connection _a = null; + AbstractJdbc2DatabaseMetaData a = new AbstractJdbc2DatabaseMetaData(_a) { + }; + Hashtable permissions = null; + String acl = null; + a.testacl("{jurka=arwdRxt/jurka,permuser=rw*/jurka}"); + a.testacl("{jurka=a*r*w*d*R*x*t*/jurka,permuser=rw*/jurka}"); + a.testacl("{=,jurka=arwdRxt,permuser=rw}"); + a.testacl("{jurka=arwdRxt/jurka,permuser=rw*/jurka,grantuser=w/permuser}"); + a.testacl("{jurka=a*r*w*d*R*x*t*/jurka,permuser=rw*/jurka,grantuser=w/permuser}"); + a.testacl("{jurka=arwdRxt/jurka,permuser=rw*/jurka,grantuser=w/permuser,\"group permgroup=a/jurka\"}"); + a.testacl("{jurka=a*r*w*d*R*x*t*/jurka,permuser=rw*/jurka,grantuser=w/permuser,\"group permgroup=a/jurka\"}"); + + + } }