CmpSeabaseDDLview.cpp

Clone Tools
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Security bug fixes

Corrects a number of bugs in security and SQL DDL.

1. 1439316: Internal error when creating view with sequence.

2. 1441825: User in role-owned schema is not given grant option.

3. 1447328: DB__ROOT required to revoke component privileges

by other users.

4. 1447330: DB__ROOT required to revoke object and

column privileges granted by other users.

In addition, Launchpad bugs 1350627 and 1438886 were tested and

found to no longer be a defect.

Two new component-level privileges were added, MANAGE and

MANAGE_PRIVILEGES.

Users who have the MANAGE_PRIVILEGE component-level privilege can

grant and revoke privileges at the schema, object, and column

level on behalf of other users and roles. Users who have the

MANAGE_PRIVILEGE component-level privilege can also grant

"WITH GRANT OPTION" any privilege they have.

A user granted the MANAGE privilege has all the MANAGE_* privileges,

which includes MANAGE_COMPONENTS, MANAGE_LIBRARY, MANAGE_LOAD,

MANAGE_PRIVILEGES, MANAGE_ROLES, MANAGE_STATISTICS, and MANAGE_USERS.

Change-Id: I10873de95f75114b937e1144f3af9aba76884eae

  1. … 7 more files in changeset.
Column-level privileges - part 2

Support for column-level privileges will be in multiple deliveries.

This delivery add the following portions:

1. DML operations (SELECT, INSERT, UPDATE) now recognize granted

column-level privileges.

2. CREATE VIEW now recognizes granted column-level privileges.

3. Revoke of object-level privileges now revokes the corresponding

column-level privilege.

Missing functionality:

1. Privileges can be granted to roles and revoked from roles, but

REVOKE ROLE does not consider column-level privileges when

determining

if an object depends on a role's granted privileges.

2. Column-level revoke does not enforce RESTRICT, i.e., privileges

may be revoked even if there are dependent privileges.

3. ALTER TABLE DROP COLUMN does not remove associated column-level

privileges, nor does it check for dependent objects.

Change-Id: Ieba04c77edb945dfeb1994e9949b54072289465e

  1. … 13 more files in changeset.
Turned on privilege features, reorg'd PrivMgr code

Turned on GRANTED BY, WITH GRANT OPTION, GRANT OPTION FOR clauses

For GRANTED BY -> showddl now displays the GRANTED BY clause when

--> the current user is not the object owner and

--> the current user is not DB ROOT

added object_owner and schema_owner to the SeabaseLibraryDesc

ComTdb.h

Generator.cpp

desc.h

CmpSeabaseDDLtable.cpp ->getSeabaseLibraryDesc

added object owner in calls to PrivMgrPrivileges::getPrivTextForObject

CmpDescribe.cpp

PrivMgrCommands.cpp/.h

PrivMgrPrivileges.cpp/.h

Changed object grant and revoke to store the list of privileges associated

with the object and columns in the PrivMgrPrivileges class.

--> added new methods generateObjectRowList and generateColumnRowList,

changed the destructor to remove these lists, changed code to call

these new methods, and removed extra I/Os

--> removed member trafMetadataLocation_ (it is already stored in parent)

For WITH GRANT OPTION clause at GRANT time:

--> added checks at grant time to:

--> check for potential circular grants (error 1036)

--> added new method getTreeOfGrants to get list of grantors

that have previously granted to the current grantee

For GRANT OPTION FOR clause at REVOKE time:

--> changed error messages returned to be more meaningful

--> moved and activated call checkRevokeRestrict after call to

getAffectedObjects

Added new columns to the COLUMN_PRIVILEGES and SCHEMA_PRIVILEGES tables

to include the object_name, grantor_name, and grantee_name to match

OBJECT_PRIVILEGES, ROLE_USAGES, and COMPONENT_PRIVILEGES;

Reorganized the contents of PrivMgr files:

--> PrivMgr document exists that describes the .h/.cpp structure

--> Added new files PrivMgr.h/PrivMgr.cpp that describes the parent

class for all PrivMgr requests

--> moved existing defines, classes, etc around to match the PrivMgr

document

Fixed a couple of issues:

--> Fixed a bug in initialize authorization where the WGO was not set up

correctly for UDR's

--> Fixed a bug in PrivMgrObject::selectAllWhere where an error condition

was not returned

--> Fixed a bug in seabaseGrantRevoke where the incorrect object type was

sent for views

--> Fixed a bug in update statistics privilege checking that was not

handling HBase tables correctly

Added two regression tests (skipped until catman1 test directory is split up)

--> TEST132 - tests for privilege checking on libraries, populate index,

showddl, invoke, update statistics, and showstats

--> TEST140 - tests for WITH GRANT OPTION and GRANTED by option

Fixed expected result for catman1/TEST137

Change-Id: Iaf523aef763b0bce2101fedae0ee701606c369c7

  1. … 51 more files in changeset.
various lp and other fixes, details below.

-- added support for self referencing constraints

-- limit clause can now be specified as a param

(select * from t limit ?)

-- lp 1448261. alter table add identity col is not allowed and now

returns an error

-- error is returned if a specified constraint in an alter/create statement

exists on any table

-- lp 1447343. cannot have more than one identity columns.

-- embedded compiler is now used to get priv info during invoke/showddl.

-- auth info is is not reread if already initialized

-- sequence value function is now cacheable

-- lp 1448257. inserts in volatile table with identity column now work

-- lp 1447346. inserts with identity col default now work if inserted

in a salted table.

-- only one compiler is now needed to process ddl operations with or

without authorization enabled

-- query cache in embedded compiler is now cleared if user id changes

-- pre-created default schema 'SEABASE' can no longer be dropped

-- default schema 'SCH' is automatically created if running regressions

and it doesn't exist.

-- improvements in regressions run.

-- regressions run no longer call a script from another sqlci session

to init auth, create default schema

and insert into defaults table before every regr script

-- switched the order of regression runs

-- updates from review comments.

Change-Id: Ifb96d9c45b7ef60c67aedbeefd40889fb902a131

  1. … 69 more files in changeset.
Drop view that references a sequence generator

Fixes a problem where a view that referenced a sequence generator

could not be dropped. Code handling objects referenced by views

was not prepared for sequences. Launchpad bug 1439319.

There are many other problems related to views referencing

sequences (e.g. see 1439316); this change only

corrects the problem of not being able to drop the view.

Change-Id: I8fbb8cbf565f9e6eef649152a0cec8e85d73afa4

perf enhancement for ddl operations.

DDL operations where objects (tables, views) had large number

of columns were running slow due to single row inserts into

metadata COLUMNS table. This showed up during DSM repository

creation which had 150 tables and 500 views.

Changes done:

-- added code to do rowwise rowsets

-- enhanced metadata COLUMNS inserts to use rwrs upserts

-- changed metadata calls to use upsert instead of insert

-- fixed a cleanup bug

Change-Id: I07b619598e05eab80ec965ac0194614b73ecde57

  1. … 12 more files in changeset.
Support cancel for DDL, update stats, and utils

This change propagates parent query ID to queries created

by DDL, update stats and utils. In this way, preexisting

code sets up child query IDs and the preexisting cancel

broker code in RMS cancels the entire query tree below

the indicated parent. Also added is logic to check for a

canceled parent at the time a child query ID is setup in

Statement::execute, to make the scheme more robust and

to support a common scenario where the parent is compiling

a child query at the time of cancel.

This change also makes ex_root_tcb::cancel to wait for

cancel broker message completion. This fixes a problem where

a query (e.g., CREATE INDEX or DROP INDEX) is prepared,

executed once and gets an error, then re-execed. In this

case, sqlci was not closing the statement after the error.

To improve robustness, after an error we will now wait for

message completion, if needed.

Since we do not yet have transaction protection for DDL,

it will usually be required to cleanup canceled DDL

operations by using the CLEANUP command.

Change-Id: I8940f7108906d5d8d1a8aa4574aacf2b9ffcf0b6

  1. … 27 more files in changeset.
Merge "Trafodion Metadata Cleanup command support."

  1. … 2 more files in changeset.
UDF, SHOWDDL, and DROP SCHEMA CASCADE

Support for UDFs was added early in Trafodion, but a few DDL

and security problems still existed:

o DROP FUNCTION RESTRICT does not fail when the UDF

is referenced by a view

o DROP FUNCTION CASCADE does not drop referencing views

o References to undefined UDFs resulted in 4 error messages,

one of which referenced the NEO catalog

o REVOKE and REVOKE ROLE do not check for dependent views

when revoking EXECUTE from a UDF

All of these are addresses in this delivery except for

REVOKE of the EXECUTE privilege from a UDF that is

referenced by a view.

There was also a problem with indirect references to UDFs

not checking security, but that was corrected as part of

change 1177 that this change is built upon.

In addition, a recent change to prohibit unauthorized access

to metadata resulted in all SHOWDDL commands no longer working

for non DB__ROOT users.

DROP SCHEMA CASCADE did not drop sequence generators

not associated with a table.

Change-Id: I419334f5f33625f6aa0a0bcb70214ac181ba5cdf

  1. … 13 more files in changeset.
Trafodion Metadata Cleanup command support.

Various changes to support cleanup command has been added.

A separate external spec contains the details.

Summary of syntax:

cleanup [ table t | index i | sequence s | object o] [, uid <value>]

cleanup [private | shared] schema sch

cleanup uid <value>

cleanup metadata, check, return details

In addition, a new command to get names of various hbase objects

has also been added:

get [ all | user | system | external ] hbase objects;

Change-Id: I93f1f45e7fd78091bacd7c9f166420edd7c1abee

  1. … 79 more files in changeset.
The following Launchpad bugs are fixed in this change:

Bug 1370749: Now using MAX_USERNAME_LEN instead of hardcoded value

Bug 1413760: CREATE TABLE LIKE was failing in some circumstances because

SHOWDDL was including the BY clause. Ownership rules changes in

CREATE TABLE changed when ANSI schemas was implemented, so the BY clause

is no longer needed.

Bug 1392107: Privileges granted on a view are no longer lost if the

view is replaced via CREATE OR REPLACE VIEW.

Bug 1370740: A potential memory corruption problem is now avoided

by reworking the authorization name lookup functions.

Bug 1413767: Previously DROP SCHEMA CASCADE would fail to drop a

table with an IDENTITY column.

Bug 1413758: Previously DROP TABLE CASCADE did not drop nested views.

Bug 1412891: Previously DROP TABLE CASCADE failed if a dependent object

contained a delimited name.

Changes are present for 1392086, but the work is not yet completed.

This problem is related to roles and security keys.

Code changes are also present for giving ownership of an object to

another authorization ID, but these changes are not complete. A

description of

the changes is included.

The GIVE command transfers ownership of a SQL item from one

authorization ID to another. Implemented in this delivery is

GIVE SCHEMA and GIVE ALL.

GIVE ALL transfers all SQL items owned by an authorization ID to another

authorization ID. Current or new owner can be a user or a role. The

GIVE ALL command requires the ALTER privilege.

GIVE ALL FROM authID TO authID

GIVE SCHEMA behavior depends on the type of schema and whether RESTRICT

or CASCADE is specified. For private schemas, all the objects in the

schema are given, as well as the schema itself. For shared schemas,

only the

schema is given, unless the CASCADE option is specified. In that case,

ownership

of all the objects in the shared schema is given to the new owner. Use

of

the CASCADE option requires the ALTER_SCHEMA privilege. Otherwise, GIVE

SCHEMA only requires the user to be the owner of the schema.

GIVE SCHEMA schema-name TO authID [RESTRICT|CASCADE]

NOTE: RESTRICT and CASCADE are not applicable to private schemas and are

ignored.

GIVE OBJECT is added to the syntax but is not implemented and may not

be implemented.

A more detailed blueprint will be provided prior to the final delivery

of GIVE.

Change-Id: I7449da599dc80de1c0659164e684841cda4647c8

  1. … 34 more files in changeset.
Fix memory leaks when EXPLAIN is re-executed

In cases where an EXPLAIN statement is prepared once and

executed many times, each reexecution will allocate more

memory from the Statement heap. Cleanup will only happen

when the Statement heap is deallocated. This change fixes

the problem by deallocating between executions.

Change-Id: I515bde53348384302f040bb9391a3a3530c7a1d2

  1. … 8 more files in changeset.
Fix memory leaks when EXPLAIN is re-executed

In cases where an EXPLAIN statement is prepared once and

executed many times, each reexecution will allocate more

memory from the Statement heap. Cleanup will only happen

when the Statement heap is deallocated. This change fixes

the problem by deallocating between executions.

Change-Id: I515bde53348384302f040bb9391a3a3530c7a1d2

  1. … 8 more files in changeset.
DROP SCHEMA CASCADE

DROP SCHEMA CASCADE now drops all libraries, functions, procedures, and

sequence generators ina schema. Previously only tables, views, and

indexes were dropped.

DROP TABLE CASCADE and DROP VIEW CASCADE now drop dependent views

located in schemas other than the schema containing the table or

view being dropped.

DROP LIBRARY now supports the CASCADE option, and drops any dependent

functions or SPJs (procedures).

This delivery fixes Launchpad bugs 1350540 1353757 1392081 1393888

Change-Id: I029b9579f81ce7472560dd1c490fab8410141805

  1. … 7 more files in changeset.
LP and other fixes. Details below.

-- LP 1408504: Any sql operation done when trafodion is uninitialized or

needs to be upgraded will return error. Until now, some commands

(like get schemas, invoke) were not returning an error.

-- LP 1408506: metadata upgrade was not handling repository tables

and was failing. That has been fixed.

-- index related commands (create, populate) now run in multiple phases.

Metadata update within a xn and row population without a xn.

-- common methods have been added that can be called to begin and

end transactions.

-- HYBRID_QUERY_CACHE cqd is now off by default

Change-Id: I99ef2548998b1a6830d4332db09080df5bcfc1c1

  1. … 9 more files in changeset.
Fixes for SQL security

LP bugs fixed:

1392805 – DB_ROOT incorrectly gets “NOT AUTHORIZED” messages

1398546 – revoke priv from role fails when view is present

1401233 – USAGE privilege not checked when creating procedure (and

revoking privileges)

1403995 – Update stats failures due to schema PUBLIC_ACCESS_SCHEMA

1401683 – (Partial) DDLoperations see error 8841 about transaction

started by SQL

Regressions updated:

catman1/TEST135 & EXPECTED138

catman1/EXPECTED138 (fix in common/ComUser.cpp)

Bug descriptions:

1392805:

Changed create view code to allow DB__ROOT to create views. Some

reorganization required to make sure create view sets the updatatable

and insertable privilege correctly. This also fixed the problem where

the incorrect privileges were set when created by DB__ROOT.

Sqlcomp/CmpSeabaseDDLview.cpp

Sqlcomp/PrivMgrPrivileges.h (sets default privileges)

1398546:

The check to see if the "select" privilege is still in existence needed

to be changed until after all the privilege descriptors were analyzed.

Sqlcomp/PrivMgrPrivileges.cpp (gatherViewPrivileges)

Sqlcomp/PrivMgrDesc.h

1401233:

Missing checks at create UDR and revoke USAGE privilege were added.

Sqlcomp/CmpSeabaseDDLroutine.cpp

Sqlcomp/PrivMgrMD (getUdrsThatReferenceLibraries)

Sqlcomp/PrivMgrPrivileges.cpp (dealWithUdrs)

1403995:

This is a critical case QA filed because the PUBLIC_ACCESS_SCHEMA does

not exist for temporary sample tables during Update Statistics. If the

PUBLIC_ACCESS_SCHEMA does not exist, the temporary sample table will be

created in the same schema as the source table. Also fixed an issue for

private schemas not owned by DB__ROOT to make the histogram table's

owner the current user.

ustat/hs_cli.cpp

ustat/hs_globals.cpp

1401683:

There are several 8841 issues being detected. This is a fix for one of

them related to Update Statistics where an embedded "get" statement

causes a transaction to be started in a child tdm_arkcmp process. The

fix is to not automatically start a transaction for the get request.

generator/GenRelScan.cpp

Change-Id: Ied42fdea6c6f8c43f29dab661b06b74f0f07ff99

  1. … 14 more files in changeset.
Pass object type to NATableDB:removeNATable

This change fixes a bug which can happen when indexes or

sequence generators are dropped and, due to NATable::objectUID_

not being initialize, the NATableDB:removeNATable method must

lookup the object UID from metadata. Before this change, the

code assumed anything looked up was a base table. Now the

object type is passed to NATableDB:removeNATable.

Change-Id: I4566ee68aa84367ea33c2e2bb1d3d6a346e8ce97

Closes-Bug: #1401999

  1. … 7 more files in changeset.
ANSI Schema changes

ANSI Schema

Implements the changes to support ANSI schemas. For more information

see the blueprint at:

https://blueprints.launchpad.net/trafodion/+spec/security-ansi-schemas

The syntax changes for REGISTER USER and CREATE ROLE were not

implemented in this delivery.

NOTE: This code was reviewed internally prior to merging with the

main branch.

Change-Id: I1c7937dbcd067e792dcacb65f12c43e4f84a25ad

Change-Id: I98395eeef1e8bde424d9e83f96928358f0b1991b

  1. … 75 more files in changeset.
Authorization checks for DDL & utilities

Fixed issues from code comments.

LOAD/UNLOAD authorization checks:

Code was added during code generation to make sure user has privileges,

if the user had necessary privileges, then the EXEUTIL parser flag is

turned on to avoid further privilege checks. When load/unload

completes, the parser flag is reset.

Update/showstats Statistics authorization checks:

Added a new error message

Changed hs_globals to support a new isAuthorized method and store

parser flags when class is instantiated and reset them when done

Changed hs_cli.cpp to use new IF NOT EXISTS syntax when creating

histogram tables, make owner of histogram tables DB__ROOT

(will need to adjust when schema privileges happen), and clean up

CreateHistTables method to remove old authorization mechanism

Changed hs_update.cpp which controls the update and showstats operation

to add authorization checks

Purgedata and populate index changes:

Changed CmpSeabaseDDLcommon.cpp to check privileges for purgedata

Changed CmpSeabaseDDLindex.cpp to check privileges for popindex

Additional component privileges and checks:

Added support for new component privileges in PrivMgrMD.h/.cpp

Added support for MANAGE_COMPONENTS

Added support for CREATE_INDEX and DROP_INDEX component privs

Fixes from last delivery that were postponed:

Context.cpp - fix for previous code review

CmpSeabaseDDLtable - added calls to deallocEHI

PrivMgrMD - fixed wording in a comment

Miscellaneous changes:

ComUser - added new convenience method - isRootUserID()

NATable.cpp (setupPrivInfo) to always set up privInfo_ and to call

the embedded compiler while extracting privileges

Privilege adjustments to take advantage of privInfo stored in NATable:

Added code to mark and rewind errors in diags.

Fix for LP bug 1392895

Change-Id: I6f7245ae7e66086769c0e92d901399c99e8f2af3

  1. … 33 more files in changeset.
Drop view QI fix & fix for LP 1384485

Removed sqlparser.y change - it was not intended to be delivered.

Drop view QI fix:

At drop view time, we need to send a QI message for the view being

dropped and remove base tables referenced by the view from cache.

Added a structure which describes a base table reference

Added code to create a list of base table references by calling

getListOfReferencedTables

getListOfReferencedTables gets the list for the first layer of

referenced objects (getListOfDirectlyReferencedObjects).

If the referenced object is a view, it recursively calls

getListOfReferencedTables

If the referenced object is a table, it gets added to the base

table list

Set up a QI key during drop view

Removed naTable entries for all tables referenced by the view

Updated TEST122 with drop view tests

Fix for LP 1384485:

Alter table allows adding a constraint to a _MD_ table

Reworded error message 1289

Added checks for reserved schema in missing places, mostly

constraints

Change-Id: I258983f2a28199ae522ba72b831f57fd22730a2f

  1. … 5 more files in changeset.
Various LP fixes, bugs and code cleanup.

-- removed obsolete code (label create/alter/delete, get disk/label/buffer stats,

dp2 scan)

-- metadata structs are now created as classes and initialized during

creation. LP 1394649

-- warnings are now being returned from compiler to executor after DDL operations.

-- duplicate constraint names now return error.

-- handle NOT ENFORCED constraints: give warning during creation and not enforce

during use. LP 1361784

-- drop all indexes (enabled and disabled indexes) on a table during drop table

and schema now works. LP 1384380

-- drop constraint on disabled index succeeds. LP 1384479

-- string truncation error is now returned if default value doesn't fit in

column. LP 1394780

-- fixed issue where a failure during multiple constraints creation in a create

stmt was not cleaning up metadata. LP 1389871

-- update where current of is now supported. LP 1324679

Change-Id: Iec1b0b4fc6a8161a33b7f69228c0f1e3f441f330

  1. … 54 more files in changeset.
Various changes done to upgrade metadata from v23 to v30.

-- initialize trafodion, upgrade; will upgrade metadata from v23 to v30.

-- Following columns were added/dropped/modified in metadata tables:

-- COLUMNS: added sql_data_type

-- OBJECTS: added DROPPABLE column to indicated droppable table.

added schema_owner column.

-- TABLES: added num_salt_partns, table_format, comment, key_length,

row_data_length, row_total_length.

Removed hbase_create_options and moved it to TEXT.

-- SEQ_GEN: redef_ts and upd_ts added.

-- TEXT: text_type, sub_id added.

-- TABLE_CONSTRAINTS: added IS_ENFORCED, DROPPABLE, DISABLED,

VALIDATED, LAST_VALIDATED_TIME

-- reserved flags column added to metadata tables, initialize to zero.

-- default_value in COLUMNS is now UTF8 instead of UCS2

-- new columns populated during upgrade for existing objects.

-- values that moved from one metadata table to another populated during upgrade.

-- new columns populated during create operation for new objects.

-- step added to drop/create metadata views as part of upgrade

Change-Id: I173c33cbe7ee9314c66b84d16a6ef8b2d7394335

  1. … 20 more files in changeset.
Set authorization enabled/Sequence generator privs

Code to set authorization enabled at startup

Contains changes to check authorization at process startup time and

code review comments from previous deliveries

Description of changes to check authorization at process startup time:

At process && compiler context startup time a check has been added to

see if authorization is enabled. Based on this check a new flag is set

in the compiler context.

Any operation wishing to see what the authorization status is, just need

to look at this flag.

This code has been reviewed internally by the security team.

There will be a subsequent set of changes in the PrivMgr code to return

better errors.

Details:

Arkcmp/CmpContext.h

Added a new flag containing authorization status and methods that get

and set this flag.

Sqlcomp/nadefaults.cpp

In method: NADefaults::readFromSQLTables added code that checks to see

if authorization is enabled and sets the flag in CmpContext.

It calls CmpSeabaseDDL::isPrivMgrMetadataInitialized to determine

privmgr metadata status

Sqlcomp:CmpSeabaseDDL.h/CmpSeabaseDDLcommon.cpp

Implementation of method isPrivMgrMetadataInitialized

Changed isAuthorizationEnabled to look at the CmpContext flag instead of

the flag (which was removed) in the CmpSeabaseDDL class

Changed initSeabaseAuthorization and dropSeabaseAuthorization to change

the flag in the context and kill compiler processes

Changed all calls to PrivMgrnnnn::isAuthorizationEnabled to use the

CmpSeabaseDDL::isAuthorizationEnabled or directly from CmpContext

Bin/SqlciErrors.txt & sqlcomp/CmpDDLCatErrorCodes.h to create a new

error 1234 (currently unused)

Sqlcomp/PrivMgrMD.cpp changed mapping of PrivMDStatus to match what was

done in nadefaults.cpp

Optimizer/BindRelExpr.cpp && sqlcomp/nadefaults.cpp to look in

CmpContext for authorization enabled flag

Check privileges for Sequence generator

Adds the code in compiler to check for usage privilege

for any sequence generators used in a query.

Additional privilege checks, plus

This delivery includes:

Verifying that user had correct privileges to perform all DDL

operations. This is performed through a call to

isDDDLOperationAuthorized. The signature changed to pass the object

owner instead of the object name. This eliminates an I/O and made the

method simpler. All callers were changed to use the new signature and

all DDL operations now call this method after the NATable structure has

been retrieved. A new regression test was added (TEST138).

As part of DDL privilege checking, the ALTER and DELETE component

privilege is no longer granted during initialize authorization.

Updated files to address code review checkin for change ID:

If7538eee38178c2345fe418172c6196b25a20b33.

Fixed a problem where SHOWDDL was not returning an error when user does

not have appropriate privilege.

Made the PRIVMGR_MD schema a reserved schema.

Added code to switch contexts for several PrivMgr operations. This

required a change to not grant owner privileges when creating the

OBJECT_PRIVILEGES table.

Added a KNOWN diff file for TEST133. There is an issue where rows are

not being loaded into OBJECT_PRIVILEGES during an error test.

Change-Id: I7448e7171e5f1f09feb6d1f688470b72dc1f43d4

  1. … 26 more files in changeset.
Changes to support OSS poc.

This checkin contains multiple changes that were added to support OSS poc.

These changes are enabled through a special cqd mode_special_4 and not

yet externalized for general use.

A separate spec contains details of these changes.

These changes have been contributed and pre-reviewed by Suresh, Jim C,

Ravisha, Mike H, Selva and Khaled.

All dev regressions have been run and passed.

Change-Id: I2281c1b4ce7e7e6a251bbea3bf6dc391168f3ca3

  1. … 143 more files in changeset.
Interim DBSecurity deliver for December

1) Implement REVOKE ROLE RESTRICT. Previously dependent objects were

not detected. Launchpad bug #1370739.

2) REVOKE ROLE with a list of grantees would fail for all grantees after

the first. Now works for the entire list. Launchpad bug #1375494.

3) SHOWDDL ROLE now shows the GRANTED BY clause if the grantor is not

DB__ROOT. Launchpad bug #1374586.

4) Component privilege names can now be reserved names. Launchpad bug

5) Added tests to catman1/test135 for privileges and RI constraints.

6) Added support for REVOKE RESTRICT for RI constraints.

7) Added support for USAGE privilege for sequence generator.

This code has been reviewed by the database security team but additional

input is encouraged and welcomed.

Change-Id: I88266fca6d13d6852f046e553ba3505ff878b7f8

  1. … 29 more files in changeset.
Security changes to support authorization

Added support for authorization commands:

- initialize authorization [, drop]

- create/drop roles

- register/unregister components

- create/drop component operations

- grant/revoke object privileges

- grant/revoke role privileges

- grant/revoke component privileges

- updates to GET and SHOWDDL statements

- checking of privileges for DML requests

- checking of privileges for DDL requests

- regression tests added to catman1 library

Fixed a testware problem in catman1 TEST135 and TEST139

Fixed a parser problem introduced by compGeneral/TESTTOK2 which was recently

introduced.

More details:

This delivery was part of code worked on by many people for several

months on a remote branch. This team held bi-weekly meetings

for several months to design and implement these features. These

meetings also included extensive code reviews.

The security features which include authentication (which was delivered

in June) and authorization is turned off by default. The

traf_authentication_setup script located in $MY_SQROOT/sql/scripts needs

to be run to enable both authentication and authorization. This

procedure is described on the Trafodion Twiki page and will be updated once this

delivery completed to include authorzation.

Delivery updates:

Updated traf_authentication_setup to return consistent error messages

and added a comment to ComSmallDefs.h to address a buf size issue for

metadata tables.

Change-Id: I896f1ee006590284653b2c9882901c05b5f2ba22

  1. … 100 more files in changeset.
Fix for _DTM_ schema, Launchpad 1365202

Change-Id: Id554b2fb87f75a97800cc47a2082b81ab7d07a49

  1. … 4 more files in changeset.
Fix for _DTM_ schema, Launchpad 1365202

initialize trafodion, drop will no longer drop dtm log files.

Also, one can no longer create a user table in schema "_DTM_". This

is a reserved schema name for dtm log files.

Change-Id: I50b66303d9aea20e35b9d8fc4c085aff449163d9

  1. … 6 more files in changeset.
Launchpad fixes_2

-- hbase access errors were not being returned during process bringup phase.

arkcmp/CmpContext.*, bin/SqlciErrors.txt

sqlcomp/CmpSeabaseDDLcommon.cpp, CmpSeabaseDDLtable.cpp, nadefaults.cpp

launchpad #1343061

-- showddl now shows hbase options, salted partitions.

-- hbase_options and salt info is kept in metadata.

comexe/ComTdb.h, optimizer/NATable.cpp, NATable.h

parser/sqlparser.y

sqlcat/desc.h, sqlcomp/CmpDescribe.cpp, CmpSeabaseDDLcommon.cpp

CmpSeabaseDDL.h, CmpSeabaseDDLTable.cpp

launchpad #1342465

launchpad #1342996

-- added support for update where current of cursor.

generator/GenRelScan.cpp, GenRelUpdate.cpp,

launchpad #1324679

-- check constrs in update and views

generator/GenRelUpdate.cpp, optimizer/BindRelExpr.cpp

Launchpad #1320034, #1321479

-- long column name returned assertion.

optimizer/ObjectNames.cpp

launchpad #1324689

-- purgedata does not recreate with the original salt and hbase options.

optimizer/RelExeUtil.cpp, sqlcomp/CmpSeabaseDDLcommon.cpp

launchpad #1322400

-- long keys got assertion failure:

optimizer/ValueDesc.cpp

launchpad #1332607

-- cqd hide_indexes was causing constraint creation to fail.

sqlcomp/CmpSeabaseDDLcommon.cpp

launchpad #1340385

-- current_timestamp/time functions are now non-nullable.

Change-Id: Ib3a071894d11d0e3719b98f0cfddfc5ce8624519

  1. … 26 more files in changeset.
added support for externalized Sequence numbers.

-- sql statements: create/drop/alter/get/showddl sequence for sequence objects

-- function 'seqnum' to retrieve sequence numbers.

An external spec has been created.

Launchpad #1349985

Code reviewd by Joanie C, Suresh S, Selva and Sandhya.

Full dev regressions run and passed.

Change-Id: Ie11dbab4d24ff6a1106697f7e2253ea895e6c873

  1. … 71 more files in changeset.