![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to d_prot.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 42BSD / ingres / source / qrymod|
Return to d_prot.c CVS log | Up to [CSRG BSD Unix] / 42BSD / ingres / source / qrymod |
1.1 root 1: # include <ingres.h>
2: # include <aux.h>
3: # include <catalog.h>
4: # include <access.h>
5: # include <tree.h>
6: # include <symbol.h>
7: # include <lock.h>
8: # include <pv.h>
9: # include <func.h>
10: # include "qrymod.h"
11: # include <sccs.h>
12:
13: SCCSID(@(#)d_prot.c 7.2 8/15/83)
14:
15:
16:
17: /*
18: ** D_PROT -- define protection constraint
19: **
20: ** A protection constraint as partially defined by the last tree
21: ** defined by d_tree is defined.
22: **
23: ** The stuff that comes through the pipe as parameters is complex.
24: ** It comes as a sequence of strings:
25: ** # The operation set, already encoded in the parser into a
26: ** bit map. If the PRO_RETR permission is set, the PRO_TEST
27: ** and PRO_AGGR permissions will also be set.
28: ** # The relation name.
29: ** # The relation owner.
30: ** # The user name. This must be a user name as specified in
31: ** the 'users' file, or the keyword 'all', meaning all users.
32: ** # The terminal id. Must be a string of the form 'ttyx' or
33: ** the keyword 'all'.
34: ** # The starting time of day, as minutes-since-midnight.
35: ** # The ending time of day.
36: ** # The starting day-of-week, with 0 = Sunday.
37: ** # The ending dow.
38: **
39: ** The domain reference set is build automatically from the
40: ** target list of the tree. Thus, the target list must exist,
41: ** but it is not inserted into the tree. The target list must
42: ** be a flat sequence of RESDOM nodes with VAR nodes hanging
43: ** of the rhs; also, the VAR nodes must all be for Qt.qt_resvar.
44: ** If there is no target list on the tree, the set of all var-
45: ** iables is assumed.
46: **
47: ** The relstat field in the relation relation is updated to
48: ** reflect any changes.
49: **
50: ** It only makes sense for the DBA to execute this command.
51: **
52: ** If there is one of the special cases
53: ** permit all to all
54: ** permit retrieve to all
55: ** it is caught, and the effect is achieved by diddling
56: ** relstat bits instead of inserting into the protect catalog.
57: **
58: ** Parameters:
59: ** none
60: **
61: ** Returns:
62: ** none
63: **
64: ** Side Effects:
65: ** Activity in 'protect' and 'relation' catalogs.
66: **
67: ** Trace Flags:
68: ** 59
69: */
70:
71: extern struct admin Admin;
72: extern DESC Prodes;
73: extern DESC Reldes;
74:
75: extern d_prot(), null_fn();
76: extern short tTqm[80];
77:
78: struct fn_def DefProFn =
79: {
80: "DPROT",
81: d_prot,
82: null_fn,
83: null_fn,
84: NULL,
85: 0,
86: tTqm,
87: 80,
88: 'Q',
89: 0
90: };
91:
92: d_prot(pc, pv)
93: int pc;
94: PARM *pv;
95: {
96: struct protect protup;
97: struct tup_id protid;
98: struct protect prokey;
99: struct protect proxtup;
100: char buf[30];
101: char ubuf[MAXLINE + 1];
102: register int i;
103: auto int ix;
104: int treeid;
105: register QTREE *t;
106: QTREE *root;
107: register char *p;
108: struct relation reltup;
109: struct relation relkey;
110: struct tup_id reltid;
111: int relstat;
112: int all_pro;
113:
114: /*
115: ** Fill in the protection tuple with the information
116: ** from the parser, validating as we go.
117: **
118: ** Also, determine if we have a PERMIT xx to ALL
119: ** with no further qualification case. The variable
120: ** 'all_pro' is set to reflect this.
121: */
122:
123: clr_tuple(&Prodes, &protup);
124: all_pro = TRUE;
125:
126: /* read operation set */
127: if (pv->pv_type != PV_INT)
128: syserr("d_prot: opset");
129: protup.proopset = pv->pv_val.pv_int;
130: if ((protup.proopset & PRO_RETR) != 0)
131: protup.proopset |= PRO_TEST | PRO_AGGR;
132: pv++;
133:
134: /* read relation name */
135: if (pv->pv_type != PV_STR)
136: syserr("d_prot: relid");
137: pmove(pv->pv_val.pv_str, protup.prorelid, MAXNAME, ' ');
138: pv++;
139:
140: /* read relation owner */
141: if (pv->pv_type != PV_STR)
142: syserr("d_prot: relid");
143: bmove(pv->pv_val.pv_str, protup.prorelown, 2);
144: pv++;
145:
146: /* read user name */
147: if (pv->pv_type != PV_STR)
148: syserr("d_prot: user");
149: if (sequal(pv->pv_val.pv_str, "all"))
150: bmove(" ", protup.prouser, 2);
151: else
152: {
153: /* look up user in 'users' file */
154: if (getnuser(pv->pv_val.pv_str, ubuf))
155: qmerror(3591, -1, Qt.qt_resvar, pv->pv_val.pv_str, 0);
156: for (p = ubuf; *p != ':' && *p != 0; p++)
157: continue;
158: bmove(++p, protup.prouser, 2);
159: if (p[0] == ':' || p[1] == ':' || p[2] != ':')
160: syserr("d_prot: users %s", ubuf);
161: all_pro = FALSE;
162: }
163: pv++;
164:
165: /* read terminal id */
166: if (pv->pv_type != PV_STR)
167: syserr("d_prot: user");
168: if (sequal(pv->pv_val.pv_str, "all"))
169: pmove("", protup.proterm, sizeof protup.proterm, ' ');
170: else
171: {
172: pmove(pv->pv_val.pv_str, protup.proterm, sizeof protup.proterm, ' ');
173: if (!isttyname(pv->pv_val.pv_str))
174: qmerror(3590, -1, Qt.qt_resvar, pv->pv_val.pv_str, 0);
175: all_pro = FALSE;
176: }
177: pv++;
178:
179: /* read starting time of day */
180: if (pv->pv_type != PV_INT)
181: syserr("d_prot: btod");
182: protup.protodbgn = pv->pv_val.pv_int;
183: if (pv->pv_val.pv_int > 0)
184: all_pro = FALSE;
185: pv++;
186:
187: /* read ending time of day */
188: if (pv->pv_type != PV_INT)
189: syserr("d_prot: etod");
190: protup.protodend = pv->pv_val.pv_int;
191: if (pv->pv_val.pv_int < 24 * 60 - 1)
192: all_pro = FALSE;
193: pv++;
194:
195: /* read beginning day of week */
196: if (pv->pv_type != PV_STR)
197: syserr("d_prot: bdow");
198: i = cvt_dow(pv->pv_val.pv_str);
199: if (i < 0)
200: qmerror(3594, -1, Qt.qt_resvar, pv->pv_val.pv_str, 0); /* bad dow */
201: protup.prodowbgn = i;
202: if (i > 0)
203: all_pro = FALSE;
204: pv++;
205:
206: /* read ending day of week */
207: if (pv->pv_type != PV_STR)
208: syserr("d_prot: edow");
209: i = cvt_dow(pv->pv_val.pv_str);
210: if (i < 0)
211: qmerror(3594, -1, Qt.qt_resvar, pv->pv_val.pv_str, 0); /* bad dow */
212: protup.prodowend = i;
213: if (i < 6)
214: all_pro = FALSE;
215: pv++;
216:
217: /*
218: ** Check for valid tree:
219: ** There must be a tree defined, and all variables
220: ** referenced must be owned by the current user; this
221: ** is because you could otherwise get at data by
222: ** mentioning it in a permit statement; see protect.c
223: ** for a better explanation of this.
224: */
225:
226: if (pv->pv_type != PV_QTREE)
227: syserr("d_prot: tree");
228: root = (QTREE *) pv->pv_val.pv_qtree;
229: pv++;
230:
231: for (i = 0; i < MAXVAR + 1; i++)
232: {
233: if (Qt.qt_rangev[i].rngvdesc == NULL)
234: continue;
235: if (!bequal(Qt.qt_rangev[i].rngvdesc->reldum.relowner, Usercode, 2))
236: qmerror(3592, -1, i, 0);
237: }
238:
239: /* test for dba */
240: if (!bequal(Usercode, Admin.adhdr.adowner, 2))
241: qmerror(3595, -1, Qt.qt_resvar, 0);
242:
243: /* get domain reference set from target list */
244: /* (also, find the TREE node) */
245: t = root->left;
246: if (t->sym.type == TREE)
247: {
248: for (i = 0; i < 8; i++)
249: protup.prodomset[i] = -1;
250: }
251: else
252: {
253: for (i = 0; i < 8; i++)
254: protup.prodomset[i] = 0;
255: for (; t->sym.type != TREE; t = t->left)
256: {
257: if (t->right->sym.type != VAR ||
258: t->sym.type != RESDOM ||
259: t->right->sym.value.sym_var.varno != Qt.qt_resvar)
260: syserr("d_prot: garbage tree");
261: lsetbit(t->right->sym.value.sym_var.attno, protup.prodomset);
262: }
263: all_pro = FALSE;
264: }
265:
266: /* trim off the target list, since it isn't used again */
267: root->left = t;
268:
269: /*
270: ** Check out the target relation.
271: ** We first save the varno of the relation which is
272: ** getting the permit stuff. Also, we check to see
273: ** that the relation mentioned is a base relation,
274: ** and not a view, since that tuple would never do
275: ** anything anyway. Finally, we clear the Qt.qt_resvar
276: ** so that it does not get output to the tree catalog.
277: ** This would result in a 'syserr' when we tried to
278: ** read it.
279: */
280:
281: protup.proresvar = Qt.qt_resvar;
282: # ifdef xQTR3
283: if (Qt.qt_resvar < 0)
284: syserr("d_prot: Rv %d", Qt.qt_resvar);
285: # endif
286: if (bitset(S_VIEW, Qt.qt_rangev[Qt.qt_resvar].rngvdesc->reldum.relstat))
287: qmerror(3593, -1, Qt.qt_resvar, 0); /* is a view */
288:
289: /* clear the (unused) Qt.qt_qmode */
290: # ifdef xQTR3
291: if (Qt.qt_qmode != mdPROT)
292: syserr("d_prot: Qt.qt_qmode %d", Qt.qt_qmode);
293: # endif
294: Qt.qt_qmode = -1;
295:
296: /*
297: ** Check for PERMIT xx to ALL case.
298: ** The relstat bits will be adjusted as necessary
299: ** to reflect these special cases.
300: **
301: ** This is actually a little tricky, since we cannot
302: ** afford to turn off any permissions. If we already
303: ** have some form of PERMIT xx to ALL access, we must
304: ** leave it.
305: */
306:
307: relstat = Qt.qt_rangev[Qt.qt_resvar].rngvdesc->reldum.relstat;
308: if (all_pro && (protup.proopset & PRO_RETR) != 0)
309: {
310: if (protup.proopset == -1)
311: relstat &= ~S_PROTALL;
312: else
313: {
314: relstat &= ~S_PROTRET;
315: if ((protup.proopset & ~(PRO_RETR|PRO_AGGR|PRO_TEST)) != 0)
316: {
317: /* some special case: still insert prot tuple */
318: all_pro = FALSE;
319: }
320: }
321: }
322: else
323: all_pro = FALSE;
324:
325: /* see if we are adding any tuples */
326: if (!all_pro)
327: relstat |= S_PROTUPS;
328:
329: /*
330: ** Change relstat field in relation catalog if changed
331: */
332:
333: if (relstat != Qt.qt_rangev[Qt.qt_resvar].rngvdesc->reldum.relstat)
334: {
335: opencatalog("relation", 2);
336: setkey(&Reldes, &relkey, Qt.qt_rangev[Qt.qt_resvar].rngvdesc->reldum.relid, RELID);
337: setkey(&Reldes, &relkey, Qt.qt_rangev[Qt.qt_resvar].rngvdesc->reldum.relowner, RELOWNER);
338: i = getequal(&Reldes, &relkey, &reltup, &reltid);
339: if (i != 0)
340: syserr("d_prot: geteq %d", i);
341: reltup.relstat = relstat;
342: i = replace(&Reldes, &reltid, &reltup, FALSE);
343: if (i != 0)
344: syserr("d_prot: repl %d", i);
345: if (noclose(&Reldes) != 0)
346: syserr("d_prot: noclose(rel)");
347: }
348:
349: Qt.qt_resvar = -1;
350:
351: if (!all_pro)
352: {
353: /*
354: ** Output the created tuple to the protection catalog
355: ** after making other internal adjustments and deter-
356: ** mining a unique sequence number (with the protect
357: ** catalog locked).
358: */
359:
360: if (root->right->sym.type != QLEND)
361: protup.protree = puttree(root, protup.prorelid, protup.prorelown, mdPROT);
362: else
363: protup.protree = -1;
364:
365: /* compute unique permission id */
366: opencatalog("protect", 2);
367: setrll(A_SLP, Prodes.reltid.ltid, M_EXCL);
368: setkey(&Prodes, &prokey, protup.prorelid, PRORELID);
369: setkey(&Prodes, &prokey, protup.prorelown, PRORELOWN);
370: for (ix = 2; ; ix++)
371: {
372: setkey(&Prodes, &prokey, &ix, PROPERMID);
373: i = getequal(&Prodes, &prokey, &proxtup, &protid);
374: if (i < 0)
375: syserr("d_prot: geteq");
376: else if (i > 0)
377: break;
378: }
379: protup.propermid = ix;
380:
381: /* do actual insert */
382: i = insert(&Prodes, &protid, &protup, FALSE);
383: if (i < 0)
384: syserr("d_prot: insert");
385: if (noclose(&Prodes) != 0)
386: syserr("d_prot: noclose(pro)");
387:
388: /* clear the lock */
389: unlrl(Prodes.reltid.ltid);
390: }
391: }
392:
/*
393: ** CVT_DOW -- convert day of week
394: **
395: ** Converts the day of the week from string form to a number.
396: **
397: ** Parameters:
398: ** sdow -- dow in string form.
399: **
400: ** Returns:
401: ** 0 -> 6 -- the encoded day of the week.
402: ** -1 -- error.
403: **
404: ** Side Effects:
405: ** none
406: **
407: ** Defines:
408: ** Dowlist -- a mapping from day of week to number.
409: ** cvt_dow
410: **
411: ** Called By:
412: ** d_prot
413: */
414:
415: struct downame
416: {
417: char *dow_name;
418: int dow_num;
419: };
420:
421: struct downame Dowlist[] =
422: {
423: "sun", 0,
424: "sunday", 0,
425: "mon", 1,
426: "monday", 1,
427: "tue", 2,
428: "tues", 2,
429: "tuesday", 2,
430: "wed", 3,
431: "wednesday", 3,
432: "thu", 4,
433: "thurs", 4,
434: "thursday", 4,
435: "fri", 5,
436: "friday", 5,
437: "sat", 6,
438: "saturday", 6,
439: NULL
440: };
441:
442: cvt_dow(sdow)
443: char *sdow;
444: {
445: register struct downame *d;
446: register char *s;
447:
448: s = sdow;
449:
450: for (d = Dowlist; d->dow_name != NULL; d++)
451: if (sequal(d->dow_name, s))
452: return (d->dow_num);
453: return (-1);
454: }
455:
/*
456: ** ISTTYNAME -- "is a legal terminal name" predicate
457: **
458: ** Returns TRUE if the argument is a legal terminal name,
459: ** otherwise FALSE.
460: **
461: ** It may make sense to have this routine check if the given
462: ** file name really exists.
463: **
464: ** WARNING:
465: ** This routine may be installation-dependent!
466: **
467: ** Parameters:
468: ** n -- the name to check.
469: **
470: ** Returns:
471: ** TRUE -- n is a legal tty name at this installation.
472: ** FALSE -- otherwise.
473: **
474: ** Side Effects:
475: ** none
476: **
477: ** History:
478: ** 8/1/79 (eric) -- written.
479: */
480:
481:
482: isttyname(n)
483: register char *n;
484: {
485: return (sequal(n, "console") || bequal(n, "tty", 3));
486: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.