コード例 #1
0
        public static DropSecurityProfile CreateDropSecurityProfile(IDatabaseContainer container, string databaseName, string tableName)
        {
            DropSecurityProfile dropSecurityProfile = new DropSecurityProfile(container);

            dropSecurityProfile.targetDatabase  = databaseName;
            dropSecurityProfile.targetTableName = tableName;
            return(dropSecurityProfile);
        }
コード例 #2
0
        public void DropSecurityProfile_TheProfileCannotDrop_NoticeInValidate()
        {
            IDatabaseContainer  databaseContainer   = ObjectConstructor.CreateDatabaseContainer();
            DropSecurityProfile dropSecurityProfile = CreateDropSecurityProfile(databaseContainer, SystemeConstants.SystemDatabaseName, SystemeConstants.ProfilesTableName);

            dropSecurityProfile.SetTargetSecurityProfile(SystemeConstants.DefaultProfile);
            Assert.IsFalse(dropSecurityProfile.ValidateParameters());
        }
コード例 #3
0
        public Boolean parseDropSecurityProfile()
        {
            Sentence sentence = Query.parse("DROP SECURITY PROFILE Employee;");

            DropSecurityProfile DropSecurityProfile = sentence as DropSecurityProfile;

            if (DropSecurityProfile.SecurityProfileName.Equals("Employee"))
            {
                return(true);
            }

            return(false);
        }
コード例 #4
0
        public void DropSecurityProfile_TheProfileDoesntExist_NoticeInValidate()
        {
            IDatabaseContainer databaseContainer = ObjectConstructor.CreateDatabaseContainer();
            Column             column            = databaseContainer.GetDatabase(SystemeConstants.SystemDatabaseName).GetTable(SystemeConstants.ProfilesTableName).GetColumn(SystemeConstants.ProfileNameColumn);
            string             profileName       = VariousFunctions.GenerateRandomString(8);

            while (column.ExistCells(profileName))
            {
                profileName = VariousFunctions.GenerateRandomString(8);
            }
            DropSecurityProfile dropSecurityProfile = CreateDropSecurityProfile(databaseContainer, SystemeConstants.SystemDatabaseName, SystemeConstants.ProfilesTableName);

            dropSecurityProfile.SetTargetSecurityProfile(profileName);
            Assert.IsFalse(dropSecurityProfile.ValidateParameters());
        }
コード例 #5
0
        public void DropSecurity_TheProfileCanDrop_DropTheProfile()
        {
            IDatabaseContainer databaseContainer = ObjectConstructor.CreateDatabaseContainer();
            ITable             table             = databaseContainer.GetDatabase(SystemeConstants.SystemDatabaseName).GetTable(SystemeConstants.ProfilesTableName);
            Column             column            = table.GetColumn(SystemeConstants.ProfileNameColumn);
            string             profileName       = VariousFunctions.GenerateRandomString(8);

            while (column.ExistCells(profileName))
            {
                profileName = VariousFunctions.GenerateRandomString(8);
            }
            Row row = table.CreateRowDefinition();

            row.GetCell(SystemeConstants.ProfileNameColumn).data = profileName;
            table.AddRow(row);
            int numberOfRow = table.GetRowCount();
            DropSecurityProfile dropSecurityProfile = CreateDropSecurityProfile(databaseContainer, SystemeConstants.SystemDatabaseName, SystemeConstants.ProfilesTableName);

            dropSecurityProfile.SetTargetSecurityProfile(profileName);
            Assert.IsTrue(dropSecurityProfile.ValidateParameters());
            dropSecurityProfile.Execute();
            Assert.AreEqual(numberOfRow - 1, table.GetRowCount());
        }
コード例 #6
0
        public static Sentence parse(String sentenc)
        {


            Sentence sentence = null;

            String patterSelect = "SELECT\\s(\\*|\\w+(?:,*\\w+)*)\\sFROM\\s(\\w+)\\sWHERE\\s(\\w+)([<|=|>])('[^',]+'|-?\\d+\\.?\\d*);";
            String patternSelectAll = "SELECT\\s(\\*|\\w+(?:,*\\w+)*)\\sFROM\\s(\\w+);";
            String patterDelete = "DELETE\\sFROM\\s(\\w+)\\sWHERE\\s(\\w+)([<|=|>])('[^',]+'|-?\\d+\\.?\\d*);";
            String patternInsert = "INSERT\\sINTO\\s(\\w+)\\sVALUES\\s\\(((?:'[^',]+'|-?\\d+\\.?\\d*)(?:,(?:'[^',]+'|-?\\d+\\.?\\d*))*)\\);";
            String patternUpdate = "UPDATE\\s(\\w+)\\sSET\\s(\\w+=(?:'[^',]+'|-?\\d+\\.?\\d*)(?:,?\\w+=(?:'[^',]+'|-?\\d+\\.?\\d*))*)\\sWHERE\\s(\\w+)([<|=|>])('[^',]+'|-?\\d+\\.?\\d*);";
            String patternCreateTable = "CREATE\\sTABLE\\s(\\w+)\\s\\((\\w+\\s[TEXT|INT|DOUBLE]+(?:,?\\w+\\s[TEXT|INT|DOUBLE]+)*)\\);";
            String patterDropTable = "DROP\\sTABLE\\s(\\w+);";

            String patternCreateSecurityProfile = "CREATE\\sSECURITY\\sPROFILE\\s(\\w+);";
            String patternDropSecurityProfile = "DROP\\sSECURITY\\sPROFILE\\s(\\w+);";
            String patternGrantPrivilege = "GRANT\\s(DELETE|INSERT|SELECT|UPDATE)\\sON\\s(\\w+)\\sTO\\s(\\w+);";
            String patternRevokePrivilege = "REVOKE\\s(DELETE|INSERT|SELECT|UPDATE)\\sON\\s(\\w+)\\sTO\\s(\\w+);";
            String patternAddUser = "******";
            String patternDeleteUser = "******";


            // For the select
            if (Regex.IsMatch(sentenc, patterSelect))
            {
                Match match = Regex.Match(sentenc, patterSelect);

                List<String> list = new List<String>();

                // List of columns
                list = stringToList(match.Groups[1].Value, ',');

                // Table name
                String table = match.Groups[2].Value;

                // Where creation

                Operator op = stringToOperator(match.Groups[4].Value);

                Where where = new Where(match.Groups[3].Value, op, match.Groups[5].Value);

                // Select creation
                sentence = new Select(table, list, where);
            }

            // For the selectAll
            else if (Regex.IsMatch(sentenc, patternSelectAll))
            {
                Match match = Regex.Match(sentenc, patternSelectAll);

                List<String> list = new List<String>();

                // List of columns
                list = stringToList(match.Groups[1].Value, ',');

                // Table name
                String table = match.Groups[2].Value;

                sentence = new SelectAll(table, list);

            }

            // For the delete
            else if (Regex.IsMatch(sentenc, patterDelete))
            {
                Match match = Regex.Match(sentenc, patterDelete);
                String table = match.Groups[1].Value;

                Operator op = stringToOperator(match.Groups[3].Value);

                Where where = new Where(match.Groups[2].Value, op, match.Groups[4].Value);

                sentence = new Delete(table, where);
            }

            // For the insert
            else if (Regex.IsMatch(sentenc, patternInsert))
            {
                Match match = Regex.Match(sentenc, patternInsert);
                String table = match.Groups[1].Value;

                List<String> list = new List<String>();
                // List of columns
                list = stringToList(match.Groups[2].Value, ',');

                sentence = new Insert(table, list);
            }

            // For the update 
            else if (Regex.IsMatch(sentenc, patternUpdate))
            {
                Match match = Regex.Match(sentenc, patternUpdate);
                String table = match.Groups[1].Value;


                List<String> list = new List<String>();

                String valuees = match.Groups[2].Value;
                // List of columns
                var tuple = listToTwoList(stringToList(valuees, ','));

                List<string> colum = tuple.Item1;
                List<string> values = tuple.Item2;


                Operator op = stringToOperator(match.Groups[4].Value);

                Where where = new Where(match.Groups[3].Value, op, match.Groups[5].Value);

                sentence = new Update(table, colum, values, where);
            }

            //For the create table
            else if (Regex.IsMatch(sentenc, patternCreateTable))
            {

                Match match = Regex.Match(sentenc, patternCreateTable);
                String table = match.Groups[1].Value;

                List<String> list = new List<String>();
                // List of columns
                list = stringToList(match.Groups[2].Value, ',');

                sentence = new CreateTable(table, list);
            }

            // For the drop table
            else if (Regex.IsMatch(sentenc, patterDropTable))
            {
                Match match = Regex.Match(sentenc, patterDropTable);
                String table = match.Groups[1].Value;

                sentence = new DropTable(table);
            }


            // For the Create security profile
            else if (Regex.IsMatch(sentenc, patternCreateSecurityProfile))
            {

                Match match = Regex.Match(sentenc, patternCreateSecurityProfile);
                String secutiryProfile = match.Groups[1].Value;


                sentence = new CreateSecurityProfile(secutiryProfile);
            }

            // For the Drop security profile
            else if (Regex.IsMatch(sentenc, patternDropSecurityProfile))
            {

                Match match = Regex.Match(sentenc, patternDropSecurityProfile);
                String secutiryProfile = match.Groups[1].Value;

                sentence = new DropSecurityProfile(secutiryProfile);
            }

            // For grant privilege
            else if (Regex.IsMatch(sentenc, patternGrantPrivilege))
            {

                Match match = Regex.Match(sentenc, patternGrantPrivilege);

                string typeString = match.Groups[1].Value;
                Privilege type = stringToType(typeString);

                string table = match.Groups[2].Value;
                string securityProfile = match.Groups[3].Value;

                sentence = new GrantPrivilege(type, table, securityProfile);
            }

            // For revoke privilege
            else if (Regex.IsMatch(sentenc, patternRevokePrivilege))
            {

                Match match = Regex.Match(sentenc, patternRevokePrivilege);

                string typeString = match.Groups[1].Value;
                Privilege type = stringToType(typeString);

                string table = match.Groups[2].Value;
                string securityProfile = match.Groups[3].Value;

                sentence = new RevokePrivilege(type, table, securityProfile);
            }

            // For Add user
            else if (Regex.IsMatch(sentenc, patternAddUser))
            {

                Match match = Regex.Match(sentenc, patternAddUser);
                string name = match.Groups[1].Value;
                string pass = match.Groups[2].Value;
                string securityProfile = match.Groups[3].Value;

                sentence = new AddUser(name, pass, securityProfile);
            }

            // For delete user
            else if (Regex.IsMatch(sentenc, patternDeleteUser))
            {
                Match match = Regex.Match(sentenc, patternDeleteUser);
                string name = match.Groups[1].Value;

                sentence = new DeleteUser(name);
            }

            return sentence;
        }
コード例 #7
0
        public string output(string input, User user)
        {
            Sentence sentence = Query.parse(input);

            string output = "";

            if (sentence is Statements)
            {
                Statements statement = sentence as Statements;

                if (statement is Select)
                {
                    Select sel = statement as Select;

                    IList <string> columnsNames = sel.listColumns;
                    string         tableName    = sel.tableName;
                    Where where = sel.sentenceWhere;
                    Operator op            = where.op;
                    string   columnName    = where.col;
                    string   dataToCompare = where.colData;

                    if (hasPrivilege(user, tableName, Privilege.SELECT))
                    {
                        output = select(columnsNames, tableName, columnName, op, dataToCompare).selectToString();
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is SelectAll)
                {
                    SelectAll sel = statement as SelectAll;

                    IList <string> columnsNames = sel.listColumns;
                    string         tableName    = sel.tableName;

                    if (hasPrivilege(user, tableName, Privilege.SELECT))
                    {
                        output = selectAll(columnsNames, tableName).selectToString();
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is Delete)
                {
                    Delete delete = statement as Delete;

                    string tabName = delete.tableName;
                    Where where = delete.sentenceWhere;
                    string   column = where.col;
                    Operator op     = where.op;
                    string   data   = where.colData;

                    if (hasPrivilege(user, tabName, Privilege.DELETE))
                    {
                        deleteData(tabName, column, op, data);
                        output = Constants.TupleDeleteSuccess;
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is Insert)
                {
                    Insert        ins          = statement as Insert;
                    string        nameTable    = ins.tableName;
                    List <string> dataToInsert = ins.row;

                    if (hasPrivilege(user, nameTable, Privilege.INSERT))
                    {
                        insert(nameTable, dataToInsert);
                        output = Constants.InsertSuccess;
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is Update)
                {
                    Update        upd         = statement as Update;
                    string        tableName   = upd.tableName;
                    List <string> columnNames = upd.column;
                    List <string> newValues   = upd.newValue;
                    Where where = upd.sentenceWhere;
                    string   columnToCompare = where.col;
                    Operator op   = where.op;
                    string   data = where.colData;

                    if (hasPrivilege(user, tableName, Privilege.UPDATE))
                    {
                        for (int i = 0; i < columnNames.Count; i++)
                        {
                            string columnName = columnNames[i];
                            string newData    = newValues[i];
                            update(tableName, columnName, newData, columnToCompare, op, data);
                        }

                        output = Constants.TupleUpdateSuccess;
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is DropTable)
                {
                    DropTable drop      = statement as DropTable;
                    string    tableName = drop.tableName;

                    if (user.Name.Equals("admin"))
                    {
                        dropTable(tableName);
                        output = Constants.TableDroppedSucess;
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }

                else if (statement is CreateTable)
                {
                    CreateTable   create    = statement as CreateTable;
                    string        tableName = create.tableName;
                    List <string> colNames  = create.ListOfColumns;

                    if (user.Name.Equals("admin"))
                    {
                        createTable(tableName, colNames);
                        output = Constants.CreateTableSuccess;
                    }
                    else
                    {
                        output = Constants.SecurityNotSufficientPrivileges;
                    }
                }
            }
            else if (sentence is SecurityQueries)
            {
                SecurityQueries securityQueries = sentence as SecurityQueries;


                if (!user.Equals(admin.Name) && !user.Password.Equals(admin.Password))
                {
                    output = Constants.SecurityNotSufficientPrivileges;
                }
                else
                {
                    if (securityQueries is AddUser)
                    {
                        AddUser addUseer = securityQueries as AddUser;

                        string name     = addUseer.User;
                        string pass     = addUseer.Password;
                        string security = addUseer.SecurityProfileName;

                        addUser(name, pass, security);
                        output = Constants.SecurityUserAdded;
                    }

                    else if (securityQueries is DeleteUser)
                    {
                        DeleteUser deleteeUser = securityQueries as DeleteUser;

                        string name = deleteeUser.User;

                        deleteUser(name);
                        output = Constants.SecurityUserDeleted;
                    }

                    else if (securityQueries is CreateSecurityProfile)
                    {
                        CreateSecurityProfile create = securityQueries as CreateSecurityProfile;

                        string security = create.SecurityProfileName;

                        createSecurityProfile(security);
                        output = Constants.SecurityProfileCreated;
                    }

                    else if (securityQueries is DropSecurityProfile)
                    {
                        DropSecurityProfile drop = securityQueries as DropSecurityProfile;

                        string name = drop.SecurityProfileName;

                        dropSecurityProfile(name);
                        output = Constants.SecurityProfileDeleted;
                    }

                    else if (securityQueries is GrantPrivilege)
                    {
                        GrantPrivilege graant = securityQueries as GrantPrivilege;

                        Privilege type     = graant.Type;
                        string    table    = graant.Table;
                        string    security = graant.SecurityProfileName;

                        grant(type, table, security);
                        output = Constants.SecurityPrivilegeGranted;
                    }

                    else if (securityQueries is RevokePrivilege)
                    {
                        RevokePrivilege revooke = securityQueries as RevokePrivilege;

                        Privilege type     = revooke.Type;
                        string    table    = revooke.Table;
                        string    security = revooke.SecurityProfileName;

                        revoke(type, table, security);
                        output = Constants.SecurityPrivilegeRevoked;
                    }
                }
            }
            else
            {
                throw new Exception(Constants.WrongSyntax);
            }


            return(output);
        }