/** * Validate query entitlements */ protected void validateEntitlements(Query obj) { // If query contains SELECT INTO, validate INTO portion Into intoObj = obj.getInto(); if ( intoObj != null ) { GroupSymbol intoGroup = intoObj.getGroup(); Collection<LanguageObject> intoElements = new LinkedList<LanguageObject>(); intoElements.add(intoGroup); try { intoElements.addAll(ResolverUtil.resolveElementsInGroup(intoGroup, getMetadata())); } catch (QueryMetadataException err) { handleException(err, intoGroup); } catch (TeiidComponentException err) { handleException(err, intoGroup); } validateEntitlements(intoElements, DataPolicy.PermissionType.CREATE, Context.INSERT); } // Validate this query's entitlements Collection<LanguageObject> entitledObjects = new ArrayList<LanguageObject>(GroupCollectorVisitor.getGroupsIgnoreInlineViews(obj, true)); entitledObjects.addAll(ElementCollectorVisitor.getElements(obj, true)); if(entitledObjects.size() == 0) { return; } validateEntitlements(entitledObjects, DataPolicy.PermissionType.READ, Context.QUERY); }
/** * Validate query entitlements */ protected void validateEntitlements(Query obj) { // If query contains SELECT INTO, validate INTO portion Into intoObj = obj.getInto(); if ( intoObj != null ) { GroupSymbol intoGroup = intoObj.getGroup(); Collection<LanguageObject> intoElements = new LinkedList<LanguageObject>(); intoElements.add(intoGroup); try { intoElements.addAll(ResolverUtil.resolveElementsInGroup(intoGroup, getMetadata())); } catch (QueryMetadataException err) { handleException(err, intoGroup); } catch (TeiidComponentException err) { handleException(err, intoGroup); } validateEntitlements(intoElements, DataPolicy.PermissionType.CREATE, Context.INSERT); } // Validate this query's entitlements Collection<LanguageObject> entitledObjects = new ArrayList<LanguageObject>(GroupCollectorVisitor.getGroupsIgnoreInlineViews(obj, true)); entitledObjects.addAll(ElementCollectorVisitor.getElements(obj, true)); if(entitledObjects.size() == 0) { return; } validateEntitlements(entitledObjects, DataPolicy.PermissionType.READ, Context.QUERY); }
intoElements.add(intoGroup); try { intoElements.addAll(ResolverUtil.resolveElementsInGroup(intoGroup, getMetadata())); } catch (QueryMetadataException err) { handleException(err, intoGroup);
public void visit(Function obj) { if (FunctionLibrary.LOOKUP.equalsIgnoreCase(obj.getName())) { try { ResolverUtil.ResolvedLookup lookup = ResolverUtil.resolveLookup(obj, this.getMetadata()); List<Symbol> symbols = new LinkedList<Symbol>(); symbols.add(lookup.getGroup()); symbols.add(lookup.getKeyElement()); symbols.add(lookup.getReturnElement()); validateEntitlements(symbols, DataPolicy.PermissionType.READ, Context.QUERY); } catch (TeiidComponentException e) { handleException(e, obj); } catch (TeiidProcessingException e) { handleException(e, obj); } } else { String schema = obj.getFunctionDescriptor().getSchema(); if (schema != null && !isSystemSchema(schema)) { Map<String, Function> map = new HashMap<String, Function>(); map.put(obj.getFunctionDescriptor().getFullName(), obj); validateEntitlements(PermissionType.EXECUTE, Context.FUNCTION, map); } } }
public void visit(Function obj) { if (FunctionLibrary.LOOKUP.equalsIgnoreCase(obj.getName())) { try { ResolverUtil.ResolvedLookup lookup = ResolverUtil.resolveLookup(obj, this.getMetadata()); List<Symbol> symbols = new LinkedList<Symbol>(); symbols.add(lookup.getGroup()); symbols.add(lookup.getKeyElement()); symbols.add(lookup.getReturnElement()); validateEntitlements(symbols, DataPolicy.PermissionType.READ, Context.QUERY); } catch (TeiidComponentException e) { handleException(e, obj); } catch (TeiidProcessingException e) { handleException(e, obj); } } else { String schema = obj.getFunctionDescriptor().getSchema(); if (schema != null && !isSystemSchema(schema)) { Map<String, Function> map = new HashMap<String, Function>(); map.put(obj.getFunctionDescriptor().getFullName(), obj); validateEntitlements(PermissionType.EXECUTE, Context.FUNCTION, map); } } }
public void visit(Function obj) { if (FunctionLibrary.LOOKUP.equalsIgnoreCase(obj.getName())) { try { ResolverUtil.ResolvedLookup lookup = ResolverUtil.resolveLookup(obj, this.getMetadata()); List<Symbol> symbols = new LinkedList<Symbol>(); symbols.add(lookup.getGroup()); symbols.add(lookup.getKeyElement()); symbols.add(lookup.getReturnElement()); validateEntitlements(symbols, DataPolicy.PermissionType.READ, Context.QUERY); } catch (TeiidComponentException e) { handleException(e, obj); } catch (TeiidProcessingException e) { handleException(e, obj); } } else { String schema = obj.getFunctionDescriptor().getSchema(); if (schema != null && !isSystemSchema(schema)) { Map<String, Function> map = new HashMap<String, Function>(); map.put(obj.getFunctionDescriptor().getFullName(), obj); validateEntitlements(PermissionType.EXECUTE, Context.FUNCTION, map); } } }
if (group.isProcedure()) { Map<String, LanguageObject> procMap = new LinkedHashMap<String, LanguageObject>(); addToNameMap(((TempMetadataID)metadataID).getOriginalMetadataID(), symbol, procMap, getMetadata()); validateEntitlements(PermissionType.EXECUTE, auditContext, procMap); } else if (group.isTempTable() && group.isImplicitTempGroupSymbol()) { addToNameMap(metadataID, symbol, nameToSymbolMap, getMetadata()); } catch(QueryMetadataException e) { handleException(e);
if (group.isProcedure()) { Map<String, LanguageObject> procMap = new LinkedHashMap<String, LanguageObject>(); addToNameMap(((TempMetadataID)metadataID).getOriginalMetadataID(), symbol, procMap, getMetadata()); validateEntitlements(PermissionType.EXECUTE, auditContext, procMap); } else if (group.isTempTable() && group.isImplicitTempGroupSymbol()) { addToNameMap(metadataID, symbol, nameToSymbolMap, getMetadata()); } catch(QueryMetadataException e) { handleException(e);
if (group.isProcedure()) { Map<String, LanguageObject> procMap = new LinkedHashMap<String, LanguageObject>(); addToNameMap(((TempMetadataID)metadataID).getOriginalMetadataID(), symbol, procMap, getMetadata()); validateEntitlements(PermissionType.EXECUTE, auditContext, procMap); } else if (group.isTempTable() && group.isImplicitTempGroupSymbol()) { addToNameMap(metadataID, symbol, nameToSymbolMap, getMetadata()); } catch(QueryMetadataException e) { handleException(e);