public void CheckRoleList(string granteeName, OrderedHashSet <string> roleList, Grantee grantor, bool grant) { Grantee grantee = this.Get(granteeName); for (int i = 0; i < roleList.Size(); i++) { string name = roleList.Get(i); Grantee role = this.GetRole(name); if (role == null) { throw Error.GetError(0x898, name); } if (name.Equals("SYS") || name.Equals("PUBLIC")) { throw Error.GetError(0xfa2, name); } if (grant) { if (grantee.GetDirectRoles().Contains(role)) { throw Error.GetError(0x898, granteeName); } } else if (!grantee.GetDirectRoles().Contains(role)) { throw Error.GetError(0x898, name); } if (!grantor.IsAdmin()) { throw Error.GetError(0x7d0, grantor.GetNameString()); } } }
public void Revoke(OrderedHashSet <string> granteeList, ISchemaObject dbObject, Right rights, Grantee grantor, bool grantOption, bool cascade) { RoutineSchema schema = dbObject as RoutineSchema; if (schema != null) { ISchemaObject[] specificRoutines = schema.GetSpecificRoutines(); this.Revoke(granteeList, specificRoutines, rights, grantor, grantOption, cascade); } else { QNameManager.QName specificName = dbObject.GetName(); Routine routine = dbObject as Routine; if (routine != null) { specificName = routine.GetSpecificName(); } if (!grantor.IsFullyAccessibleByRole(specificName)) { throw Error.GetError(0x157d, dbObject.GetName().Name); } if (grantor.IsAdmin()) { grantor = dbObject.GetOwner(); } for (int i = 0; i < granteeList.Size(); i++) { string str = granteeList.Get(i); if (this.Get(str) == null) { throw Error.GetError(0xfa1, str); } if (IsImmutable(str)) { throw Error.GetError(0xfa2, str); } } for (int j = 0; j < granteeList.Size(); j++) { string str2 = granteeList.Get(j); Grantee role = this.Get(str2); role.Revoke(dbObject, rights, grantor, grantOption); role.UpdateAllRights(); if (role.IsRole) { this.UpdateAllRights(role); } } } }
public void UpdateAllRights() { this._fullRightsMap.Clear(); this._isAdmin = this._isAdminDirect; for (int i = 0; i < this.Roles.Size(); i++) { Grantee grantee = this.Roles.Get(i); this.AddToFullRights(grantee._fullRightsMap); this._isAdmin |= grantee.IsAdmin(); } this.AddToFullRights(this._directRightsMap); if ((!this._isRole && !this._isPublic) && !this._isSystem) { this.AddToFullRights(this.granteeManager.PublicRole._fullRightsMap); } }
public void Revoke(string granteeName, string roleName, Grantee grantor) { if (!grantor.IsAdmin()) { throw Error.GetError(0x1583); } Grantee role = this.Get(granteeName); if (role == null) { throw Error.GetError(0xfa0, granteeName); } Grantee grantee2 = this._roleMap.Get(roleName); role.Revoke(grantee2); role.UpdateAllRights(); if (role.IsRole) { this.UpdateAllRights(role); } }
public void Grant(OrderedHashSet <string> granteeList, ISchemaObject dbObject, Right right, Grantee grantor, bool withGrantOption) { RoutineSchema schema = dbObject as RoutineSchema; if (schema != null) { ISchemaObject[] specificRoutines = schema.GetSpecificRoutines(); this.Grant(granteeList, specificRoutines, right, grantor, withGrantOption); } else { QNameManager.QName specificName = dbObject.GetName(); Routine routine = dbObject as Routine; if (routine != null) { specificName = routine.GetSpecificName(); } if (!grantor.IsGrantable(dbObject, right)) { throw Error.GetError(0x7d0, grantor.GetNameString()); } if (grantor.IsAdmin()) { grantor = dbObject.GetOwner(); } this.CheckGranteeList(granteeList); for (int i = 0; i < granteeList.Size(); i++) { Grantee role = this.Get(granteeList.Get(i)); role.Grant(specificName, right, grantor, withGrantOption); if (role.IsRole) { this.UpdateAllRights(role); } } } }