--- /dev/null
+/*\r
+\r
+ Derby - Class org.apache.derby.impl.sql.execute.PrivilegeInfo\r
+\r
+ Licensed to the Apache Software Foundation (ASF) under one or more\r
+ contributor license agreements. See the NOTICE file distributed with\r
+ this work for additional information regarding copyright ownership.\r
+ The ASF licenses this file to you under the Apache License, Version 2.0\r
+ (the "License"); you may not use this file except in compliance with\r
+ the License. You may obtain a copy of the License at\r
+\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
+\r
+ Unless required by applicable law or agreed to in writing, software\r
+ distributed under the License is distributed on an "AS IS" BASIS,\r
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ See the License for the specific language governing permissions and\r
+ limitations under the License.\r
+\r
+ */\r
+\r
+package org.apache.derby.impl.sql.execute;\r
+\r
+import org.apache.derby.catalog.UUID;\r
+import org.apache.derby.iapi.sql.dictionary.TupleDescriptor;\r
+import org.apache.derby.iapi.sql.dictionary.SchemaDescriptor;\r
+import org.apache.derby.iapi.sql.dictionary.DataDictionary;\r
+import org.apache.derby.iapi.services.sanity.SanityManager;\r
+import org.apache.derby.iapi.sql.Activation;\r
+import org.apache.derby.iapi.reference.SQLState;\r
+\r
+import org.apache.derby.iapi.error.StandardException;\r
+\r
+import java.util.List;\r
+\r
+public abstract class PrivilegeInfo\r
+{\r
+\r
+ /**\r
+ * This is the guts of the Execution-time logic for GRANT/REVOKE\r
+ *\r
+ * @param activation\r
+ * @param grant true if grant, false if revoke\r
+ * @param grantees a list of authorization ids (strings)\r
+ *\r
+ * @exception StandardException Thrown on failure\r
+ */\r
+ abstract public void executeGrantRevoke( Activation activation,\r
+ boolean grant,\r
+ List grantees)\r
+ throws StandardException;\r
+\r
+ /**\r
+ * Determines whether a user is the owner of an object\r
+ * (table, function, or procedure). Note that Database Owner can access\r
+ * database objects without needing to be their owner\r
+ *\r
+ * @param user authorizationId of current user\r
+ * @param objectDescriptor object being checked against\r
+ * @param sd SchemaDescriptor\r
+ * @param dd DataDictionary\r
+ *\r
+ * @exception StandardException if user does not own the object\r
+ */\r
+ protected void checkOwnership( String user,\r
+ TupleDescriptor objectDescriptor,\r
+ SchemaDescriptor sd,\r
+ DataDictionary dd)\r
+ throws StandardException\r
+ {\r
+ if (!user.equals(sd.getAuthorizationId()) &&\r
+ !user.equals(dd.getAuthorizationDatabaseOwner()))\r
+ throw StandardException.newException(SQLState.AUTH_NOT_OWNER,\r
+ user,\r
+ objectDescriptor.getDescriptorType(),\r
+ sd.getSchemaName(),\r
+ objectDescriptor.getDescriptorName());\r
+ }\r
+ \r
+ /**\r
+ * This method adds a warning if a revoke statement has not revoked \r
+ * any privileges from a grantee.\r
+ * \r
+ * @param activation\r
+ * @param grant true if grant, false if revoke\r
+ * @param privileges_revoked true, if at least one privilege has been \r
+ * revoked from a grantee, false otherwise\r
+ * @param grantee authorization id of the user\r
+ */\r
+ protected void addWarningIfPrivilegeNotRevoked( Activation activation,\r
+ boolean grant,\r
+ boolean privileges_revoked,\r
+ String grantee) \r
+ {\r
+ if(!grant && !privileges_revoked)\r
+ activation.addWarning(StandardException.newWarning\r
+ (SQLState.LANG_PRIVILEGE_NOT_REVOKED, grantee));\r
+ }\r
+}\r