set<string> AccessMap::namesFromBinders(QueryResult *bindersBagResult)
{
set<string> out;
QueryBagResult *r = (QueryBagResult *)bindersBagResult;
if (!r) return out;
unsigned bagSize = r->size();
for(unsigned int i = 0; i < bagSize; i++)
{
QueryResult* br;
r->at(i, br);
if(br->type() != QueryResult::QBINDER)
return out;
else
{
string name = (((QueryBinderResult *) br)->getName());
out.insert(name);
}
}
return out;
}
void AccessMap::adjustEnvironment(QueryVirtualResult *r, bool add)
{
debug_printf(*ec, "[AccessMap::adjustEnvironment] starts");
set<string> names;
vector<QueryResult *> seeds = r->seeds;
for (vector<QueryResult *>::iterator it = seeds.begin(); it != seeds.end(); ++it)
{
QueryResult *seedResult = *it;
if (seedResult->type() == QueryResult::QBINDER)
{
QueryBinderResult *seedBind = (QueryBinderResult *)seedResult;
string name = seedBind->getName();
names.insert(name);
}
else
{
debug_printf(*ec, "[AccessMap::adjustEnvironment] error: BINDER expected!");
return;
}
}
string parentName = r->vo_name;
if (add)
{
map<string, bool> truemap;
bool visibleThroughInterface = true;
for (set<string>::iterator it = names.begin(); it != names.end(); ++it)
{
truemap[*it] = visibleThroughInterface;
}
propagateAccess(parentName, truemap);
}
else
{
removeAccess(names);
}
}
int AccessMap::resetForUser(string username, QueryExecutor *qe)
{
debug_printf(*ec, "[AccessMap::resetForUser] starts!");
reset();
m_user = username;
m_isDba = username == "root" ? true :false;
if (m_isDba) return 0;
m_userValidation = true;
//TODO - do bindNames zabrac to i stringi z QueryBuilder'a
const string privNameBind = "priv_name";
const string objectNameBind = "object_name";
const string grantOptionBind = "grant_option";
//debug_printf(*ec, "[AccessMap::resetForUser] executing..");
string query = QueryBuilder::getHandle()->query_for_user_priviliges(username);
QueryResult *res;
qe->execute_locally(query, &res);
//debug_printf(*ec, "[AccessMap::resetForUser] executed.. resType = %d", res->type());
if (res->type() != QueryResult::QSTRUCT)
{
debug_printf(*ec, "[AccessMap::resetForUser] error: QSTRUCT expected!");
m_userValidation = false;
return (ErrQExecutor | EOtherResExp);
}
QueryStructResult *currStructResult = (QueryStructResult *)res;
string privName, objectName;
bool canGive = false;
while (!(currStructResult->isEmpty()))
{
//debug_printf(*ec, "[AccessMap::resetForUser] loops..");
QueryResult *innerResult;
currStructResult->getResult(innerResult);
if (innerResult->type() != QueryResult::QBINDER)
{
debug_printf(*ec, "[AccessMap::resetForUser] error: QBINDER expected!");
m_userValidation = false;
return (ErrQExecutor | EOtherResExp);
}
QueryBinderResult *innerBinderResult = (QueryBinderResult *)innerResult;
QueryResult *item = innerBinderResult->getItem();
string name = innerBinderResult->getName();
if (name == privNameBind)
{
QueryStringResult *s = (QueryStringResult *)item;
privName = s->getValue();
}
else if (name == objectNameBind)
{
QueryStringResult *s = (QueryStringResult *)item;
objectName = s->getValue();
}
else if (name == grantOptionBind)
{
QueryIntResult *s = (QueryIntResult *)item;
canGive = (s->getValue() == 1);
}
}
int crud = getCrudFromName(privName);
debug_printf(*ec, "[AccessMap::resetForUser] Adding access %s for user %s to schema %s", privName.c_str(), username.c_str(), objectName.c_str());
if (canGive) debug_printf(*ec, "[AccessMap::resetForUser] with right to give access");
addAccess(objectName, crud, canGive, true);
if (!OuterSchemas::Instance().hasSchemaName(objectName))
{
debug_printf(*ec, "[AccessMap::resetForUser] no such schema (user rights invalid)!");
m_userValidation = false;
return (ErrQExecutor | ENoSchemaFound);
}
if (!OuterSchemas::Instance().isValid(objectName))
{
debug_printf(*ec, "[AccessMap::resetForUser] user is not allowed to access db through this schema (schema invalid)!");
m_userValidation = false;
return (ErrQExecutor | EUserHasInvalidSchema);
}
resetForSchema(objectName);
debug_printf(*ec, "[AccessMap::resetForUser] ends!");
m_userValidation = false;
return 0;
}