anonymous_namespace{Calcite.cpp} Namespace Reference

Functions
template<typename XDEBUG_OPTION , typename REMOTE_DEBUG_OPTION , typename... REMAINING_ARGS>
int	wrapped_execlp (char const *path, XDEBUG_OPTION &&x_debug, REMOTE_DEBUG_OPTION &&remote_debug, REMAINING_ARGS &&...standard_args)
void	check_db_access (const Catalog_Namespace::SessionInfo &session_info, const Catalog_Namespace::Catalog &accessed_catalog)
void	checkPermissionForTables (const Catalog_Namespace::SessionInfo &session_info, std::vector< std::vector< std::string >> tableOrViewNames, AccessPrivileges tablePrivs, AccessPrivileges viewPrivs)

Function Documentation

void anonymous_namespace{Calcite.cpp}::check_db_access	(	const Catalog_Namespace::SessionInfo &	session_info,
		const Catalog_Namespace::Catalog &	accessed_catalog
	)

Definition at line 423 of file Calcite.cpp.

References AccessPrivileges::ACCESS, DatabaseDBObjectType, Catalog_Namespace::SessionInfo::get_currentUser(), Catalog_Namespace::SysCatalog::instance(), DBObject::loadKey(), Catalog_Namespace::Catalog::name(), and DBObject::setPrivileges().

Referenced by checkPermissionForTables().

                                                                       {
  const auto db_name = accessed_catalog.name();
  DBObject db_object(db_name, DatabaseDBObjectType);
  db_object.loadKey(accessed_catalog);
  db_object.setPrivileges(AccessPrivileges::ACCESS);

  const auto& user = session_info.get_currentUser();
  if (!Catalog_Namespace::SysCatalog::instance().checkPrivileges(user, {db_object})) {
    throw std::runtime_error("Unauthorized Access: user " + user.userLoggable() +
                             " is not allowed to access database " + db_name + ".");
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

void anonymous_namespace{Calcite.cpp}::checkPermissionForTables	(	const Catalog_Namespace::SessionInfo &	session_info,
		std::vector< std::vector< std::string >>	tableOrViewNames,
		AccessPrivileges	tablePrivs,
		AccessPrivileges	viewPrivs
	)

Definition at line 437 of file Calcite.cpp.

References CHECK, check_db_access(), DBObjectKey::dbId, Catalog_Namespace::SessionInfo::get_currentUser(), Catalog_Namespace::SysCatalog::getCatalog(), AccessPrivileges::hasAny(), Catalog_Namespace::SysCatalog::instance(), TableDescriptor::isView, DBObjectKey::objectId, DBObjectKey::permissionType, TableDBObjectType, TableDescriptor::tableId, TableDescriptor::userId, Catalog_Namespace::UserMetadata::userLoggable(), and ViewDBObjectType.

Referenced by Calcite::checkAccessedObjectsPrivileges().

                                                          {
  for (auto tableOrViewName : tableOrViewNames) {
    // Calcite returns table names in the form of a {table_name, database_name} vector.
    const auto catalog =
        Catalog_Namespace::SysCatalog::instance().getCatalog(tableOrViewName[1]);
    CHECK(catalog);
    check_db_access(session_info, *catalog);

    const TableDescriptor* tableMeta =
        catalog->getMetadataForTable(tableOrViewName[0], false);

    if (!tableMeta) {
      throw std::runtime_error("unknown table of view: " + tableOrViewName[0]);
    }

    DBObjectKey key;
    key.dbId = catalog->getCurrentDB().dbId;
    key.permissionType = tableMeta->isView ? DBObjectType::ViewDBObjectType
                                           : DBObjectType::TableDBObjectType;
    key.objectId = tableMeta->tableId;
    AccessPrivileges privs = tableMeta->isView ? viewPrivs : tablePrivs;
    DBObject dbobject(key, privs, tableMeta->userId);
    std::vector<DBObject> privObjects{dbobject};

    if (!privs.hasAny()) {
      throw std::runtime_error("Operation not supported for object " +
                               tableOrViewName[0]);
    }

    if (!Catalog_Namespace::SysCatalog::instance().checkPrivileges(
            session_info.get_currentUser(), privObjects)) {
      throw std::runtime_error("Violation of access privileges: user " +
                               session_info.get_currentUser().userLoggable() +
                               " has no proper privileges for object " +
                               tableOrViewName[0]);
    }
  }
}

Here is the call graph for this function:

Here is the caller graph for this function:

template<typename XDEBUG_OPTION , typename REMOTE_DEBUG_OPTION , typename... REMAINING_ARGS>

int anonymous_namespace{Calcite.cpp}::wrapped_execlp	(	char const *	path,
		XDEBUG_OPTION &&	x_debug,
		REMOTE_DEBUG_OPTION &&	remote_debug,
		REMAINING_ARGS &&...	standard_args
	)

Definition at line 58 of file Calcite.cpp.

Referenced by start_calcite_server_as_daemon().

                                                      {
#ifdef ENABLE_JAVA_REMOTE_DEBUG
  return execlp(
      path, x_debug, remote_debug, std::forward<REMAINING_ARGS>(standard_args)...);
#else
  return execlp(path, std::forward<REMAINING_ARGS>(standard_args)...);
#endif
}

Here is the caller graph for this function: