Class GrantManager

java.lang.Object
com.mckoi.database.GrantManager

public class GrantManager extends Object
A class that manages the grants on a database for a given database connection and user.
Author:
Tobias Downer
  • Field Details

    • TABLE

      public static final int TABLE
      Represents a TABLE object to grant privs over for the user.
      See Also:
    • DOMAIN

      public static final int DOMAIN
      Represents a DOMAIN object to grant privs over for the user.
      See Also:
    • SCHEMA

      public static final int SCHEMA
      Represents a SCHEMA object to grant privs over for the user.
      See Also:
    • CATALOG

      public static final int CATALOG
      Represents a CATALOG object to grant privs over for this user.
      See Also:
    • PUBLIC_USERNAME_STR

      public static final String PUBLIC_USERNAME_STR
      The string representing the public user (privs granted to all users).
      See Also:
    • PUBLIC_USERNAME

      public static final TObject PUBLIC_USERNAME
      The name of the 'public' username. If a grant is made on 'public' then all users are given the grant.
  • Method Details

    • addGrant

      public void addGrant(Privileges privs, int object, String param, String grantee, boolean grant_option, String granter) throws DatabaseException
      Adds a grant on the given database object.
      Parameters:
      privs - the privileges to grant.
      object - the object to grant (TABLE, DOMAIN, etc)
      param - the parameter of the object (eg. the table name)
      grantee - the user name to grant the privs to.
      grant_option - if true, allows the user to pass grants to other users.
      granter - the user granting.
      Throws:
      DatabaseException
    • addGrantToAllTablesInSchema

      public void addGrantToAllTablesInSchema(String schema, Privileges privs, String grantee, boolean grant_option, String granter) throws DatabaseException
      For all tables in the given schema, this adds the given grant for each of the tables.
      Throws:
      DatabaseException
    • removeGrant

      public void removeGrant(Privileges privs, int object, String param, String grantee, boolean grant_option, String granter) throws DatabaseException
      Removes a grant on the given object for the given grantee, grant option and granter.
      Throws:
      DatabaseException
    • revokeAllGrantsOnObject

      public void revokeAllGrantsOnObject(int object, String param, String grantee, boolean grant_option, String granter) throws DatabaseException
      Removes all privs granted on the given object for the given grantee with the given grant option.
      Throws:
      DatabaseException
    • revokeAllGrantsOnObject

      public void revokeAllGrantsOnObject(int object, String param) throws DatabaseException
      Completely removes all privs granted on the given object for all users. This would typically be used when the object is dropped from the database.
      Throws:
      DatabaseException
    • userGrants

      public Privileges userGrants(int object, String param, String username) throws DatabaseException
      Returns all Privileges for the given object for the given grantee (user). This would be used to determine the access a user has to a table.

      Note that the Privileges object includes all the grants on the object given to PUBLIC also.

      This method will concatenate multiple privs granted on the same object.

      PERFORMANCE: This method is called a lot (at least once on every query).

      Throws:
      DatabaseException
    • userGrantOptions

      public Privileges userGrantOptions(int object, String param, String username) throws DatabaseException
      Returns all Privileges for the given object for the given grantee (user) that the user is allowed to give grant options for. This would be used to determine if a user has privs to give another user grants on an object.

      Note that the Privileges object includes all the grants on the object given to PUBLIC also.

      This method will concatenate multiple grant options given on the same object to the user.

      Throws:
      DatabaseException