Class GrantManager


  • public class GrantManager
    extends java.lang.Object
    A class that manages the grants on a database for a given database connection and user.
    Author:
    Tobias Downer
    • Field Summary

      Fields 
      Modifier and Type Field Description
      static int CATALOG
      Represents a CATALOG object to grant privs over for this user.
      static int DOMAIN
      Represents a DOMAIN object to grant privs over for the user.
      static TObject PUBLIC_USERNAME
      The name of the 'public' username.
      static java.lang.String PUBLIC_USERNAME_STR
      The string representing the public user (privs granted to all users).
      static int SCHEMA
      Represents a SCHEMA object to grant privs over for the user.
      static int TABLE
      Represents a TABLE object to grant privs over for the user.
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void addGrant​(Privileges privs, int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)
      Adds a grant on the given database object.
      void addGrantToAllTablesInSchema​(java.lang.String schema, Privileges privs, java.lang.String grantee, boolean grant_option, java.lang.String granter)
      For all tables in the given schema, this adds the given grant for each of the tables.
      void removeGrant​(Privileges privs, int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)
      Removes a grant on the given object for the given grantee, grant option and granter.
      void revokeAllGrantsOnObject​(int object, java.lang.String param)
      Completely removes all privs granted on the given object for all users.
      void revokeAllGrantsOnObject​(int object, java.lang.String param, java.lang.String grantee, boolean grant_option, java.lang.String granter)
      Removes all privs granted on the given object for the given grantee with the given grant option.
      Privileges userGrantOptions​(int object, java.lang.String param, java.lang.String username)
      Returns all Privileges for the given object for the given grantee (user) that the user is allowed to give grant options for.
      Privileges userGrants​(int object, java.lang.String param, java.lang.String username)
      Returns all Privileges for the given object for the given grantee (user).
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • TABLE

        public static final int TABLE
        Represents a TABLE object to grant privs over for the user.
        See Also:
        Constant Field Values
      • DOMAIN

        public static final int DOMAIN
        Represents a DOMAIN object to grant privs over for the user.
        See Also:
        Constant Field Values
      • SCHEMA

        public static final int SCHEMA
        Represents a SCHEMA object to grant privs over for the user.
        See Also:
        Constant Field Values
      • CATALOG

        public static final int CATALOG
        Represents a CATALOG object to grant privs over for this user.
        See Also:
        Constant Field Values
      • PUBLIC_USERNAME_STR

        public static final java.lang.String PUBLIC_USERNAME_STR
        The string representing the public user (privs granted to all users).
        See Also:
        Constant Field Values
      • PUBLIC_USERNAME

        public static final TObject PUBLIC_USERNAME
        The name of the 'public' username. If a grant is made on 'public' then all users are given the grant.
    • Method Detail

      • addGrant

        public void addGrant​(Privileges privs,
                             int object,
                             java.lang.String param,
                             java.lang.String grantee,
                             boolean grant_option,
                             java.lang.String granter)
                      throws DatabaseException
        Adds a grant on the given database object.
        Parameters:
        privs - the privileges to grant.
        object - the object to grant (TABLE, DOMAIN, etc)
        param - the parameter of the object (eg. the table name)
        grantee - the user name to grant the privs to.
        grant_option - if true, allows the user to pass grants to other users.
        granter - the user granting.
        Throws:
        DatabaseException
      • addGrantToAllTablesInSchema

        public void addGrantToAllTablesInSchema​(java.lang.String schema,
                                                Privileges privs,
                                                java.lang.String grantee,
                                                boolean grant_option,
                                                java.lang.String granter)
                                         throws DatabaseException
        For all tables in the given schema, this adds the given grant for each of the tables.
        Throws:
        DatabaseException
      • removeGrant

        public void removeGrant​(Privileges privs,
                                int object,
                                java.lang.String param,
                                java.lang.String grantee,
                                boolean grant_option,
                                java.lang.String granter)
                         throws DatabaseException
        Removes a grant on the given object for the given grantee, grant option and granter.
        Throws:
        DatabaseException
      • revokeAllGrantsOnObject

        public void revokeAllGrantsOnObject​(int object,
                                            java.lang.String param,
                                            java.lang.String grantee,
                                            boolean grant_option,
                                            java.lang.String granter)
                                     throws DatabaseException
        Removes all privs granted on the given object for the given grantee with the given grant option.
        Throws:
        DatabaseException
      • revokeAllGrantsOnObject

        public void revokeAllGrantsOnObject​(int object,
                                            java.lang.String param)
                                     throws DatabaseException
        Completely removes all privs granted on the given object for all users. This would typically be used when the object is dropped from the database.
        Throws:
        DatabaseException
      • userGrants

        public Privileges userGrants​(int object,
                                     java.lang.String param,
                                     java.lang.String username)
                              throws DatabaseException
        Returns all Privileges for the given object for the given grantee (user). This would be used to determine the access a user has to a table.

        Note that the Privileges object includes all the grants on the object given to PUBLIC also.

        This method will concatenate multiple privs granted on the same object.

        PERFORMANCE: This method is called a lot (at least once on every query).

        Throws:
        DatabaseException
      • userGrantOptions

        public Privileges userGrantOptions​(int object,
                                           java.lang.String param,
                                           java.lang.String username)
                                    throws DatabaseException
        Returns all Privileges for the given object for the given grantee (user) that the user is allowed to give grant options for. This would be used to determine if a user has privs to give another user grants on an object.

        Note that the Privileges object includes all the grants on the object given to PUBLIC also.

        This method will concatenate multiple grant options given on the same object to the user.

        Throws:
        DatabaseException