![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to protect.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSD / ingres / source / qrymod|
Return to protect.c CVS log | Up to [CSRG BSD Unix] / 43BSD / ingres / source / qrymod |
1.1 ! root 1: # include <ingres.h> ! 2: # include <aux.h> ! 3: # include <catalog.h> ! 4: # include <symbol.h> ! 5: # include <tree.h> ! 6: # include "qrymod.h" ! 7: # include <sccs.h> ! 8: # include <errors.h> ! 9: ! 10: SCCSID(@(#)protect.c 8.4 4/15/85) ! 11: ! 12: /* ! 13: ** PROTECT -- protection algorithm ! 14: ** ! 15: ** This module performs the INGRES protection algorithm, as ! 16: ** presented in Stonebraker & Rubinstein, "The INGRES Protection ! 17: ** System", with a few modifications. ! 18: ** ! 19: ** The basic algorithm is as follows: ! 20: ** ! 21: ** The algorithm is applied once to each variable used in the ! 22: ** query. Each variable has an initial check performed to ! 23: ** determine applicability -- if the current user owns the ! 24: ** relation, or if the relation is specially marked as being ! 25: ** "all access to everyone", then the algorithm is skipped, ! 26: ** thereby having effectively no restriction. ! 27: ** ! 28: ** The set of all such variables is computed in 'protect', ! 29: ** and then 'dopro' is called to process each of those. This ! 30: ** is so the protection algorithm does not get applied recursively ! 31: ** to constraints which define more than one variable. Notice ! 32: ** that this could in itself be a protection violation, if it ! 33: ** were acceptable to reference a relation you do not own in a ! 34: ** PERMIT statement. ! 35: ** ! 36: ** The effective query mode for this variable is then computed. ! 37: ** This is the same as the query mode of the whole query if ! 38: ** the variable in question is the result variable, otherwise ! 39: ** it is "retrieve" mode. ! 40: ** ! 41: ** The next step is to scan the query tree and create sets of ! 42: ** domains referenced. Four sets are created: ! 43: ** uset -- the set of domains updated (actually, ! 44: ** referenced in the target list -- on a ! 45: ** retrieve, this will be the set of domains ! 46: ** retrieved to the user). ! 47: ** rset -- the set of domains retrieved in some ! 48: ** context other than the left hand side of ! 49: ** an equal sign. ! 50: ** aset -- the set of domains aggregated. This only ! 51: ** includes domains aggregated with a simple ! 52: ** aggregate (not an aggregate function) with ! 53: ** no qualification, since it may be possible ! 54: ** to come up with too much information other- ! 55: ** wise. ! 56: ** qset -- the set of domains retrieved for use in ! 57: ** a qualification, but never stored. This ! 58: ** includes domains in a qualification of an ! 59: ** aggregate or aggregate function. ! 60: ** For more details of domains in each of these sets, look at ! 61: ** the routine 'makedset'. ! 62: ** ! 63: ** If we had a retrieve operation in the first place, we will ! 64: ** then merge 'uset' into 'rset' and clear 'uset', so that ! 65: ** now 'uset' only contains domains which are actually updated, ! 66: ** and 'rset' contains all domains which are retrieved. ! 67: ** ! 68: ** Now that we know what is referenced, we can scan the protection ! 69: ** catalog. We scan the entire catalog once for each variable ! 70: ** mentioned in the query (except as already taken care of as ! 71: ** described above). ! 72: ** ! 73: ** We must create a set of all operations on this variable which ! 74: ** are not yet resolved, that is, for which no PERMIT statements ! 75: ** which qualify have been issued. We store this set in the ! 76: ** variable "noperm". As PERMIT statements are found, bits will ! 77: ** be cleared. If the variable is not zero by the end of the ! 78: ** scan of the protection catalog, then we reject the query, ! 79: ** saying that we don't have permission -- giving us default ! 80: ** to deny. ! 81: ** ! 82: ** For each tuple in the protection catalog for this relation, ! 83: ** we call "proappl" to see if it applies to this query. This ! 84: ** routine checks the user, terminal, time of day, and so forth ! 85: ** (in fact, everything which is query-independent) and tells ! 86: ** whether this tuple might apply. ! 87: ** ! 88: ** If the tuple passes this initial check, we then do the query- ! 89: ** dependent checking. This amounts to calling "prochk" once ! 90: ** for each operation (and domain set) in the query. What we ! 91: ** get back is a set of operations which this tuple applies to. ! 92: ** If zero, the tuple doesn't apply at all; otherwise, it ! 93: ** applies to at least one operation. If it applies to some- ! 94: ** thing, we call it "interesting". ! 95: ** ! 96: ** For "interesting" tuples, we now get the corresponding ! 97: ** qualification (if one exists), and disjoin it to a set of ! 98: ** protection constraints held in "pqual". Also, we mark ! 99: ** any operations we found as having been done, by clearing ! 100: ** bits in "noperm". ! 101: ** ! 102: ** When we have completed scanning the protection catalog, ! 103: ** we check "noperm". If it is non-zero, then we have some ! 104: ** operation for which a PERMIT statement has not been issued, ! 105: ** and we issue an error message. If this variable is ok, ! 106: ** then we go on and try the next variable. ! 107: ** ! 108: ** When all variables have been accounted for, we check to ! 109: ** see if we have any qualifications collected from the ! 110: ** protection algorithm. If so, we conjoin them to the ! 111: ** query tree. ! 112: ** ! 113: ** Finally, we return the root of the modified tree. This ! 114: ** tree is guaranteed to have no authorization violations, ! 115: ** and may be run as a regular query. ! 116: ** ! 117: ** Parameters: ! 118: ** root -- the root of the tree. ! 119: ** ! 120: ** Returns: ! 121: ** The root of the modified and authorized tree. ! 122: ** ! 123: ** Side Effects: ! 124: ** A possible non-local return on access violation. ! 125: ** ! 126: ** Trace Flags: ! 127: ** 50 - 59 ! 128: */ ! 129: ! 130: int Proopmap[MAXPROQM + 1] = ! 131: { ! 132: PRO_RETR, /* 0 -- mdRETTERM */ ! 133: PRO_RETR, /* 1 -- mdRETR */ ! 134: PRO_APP, /* 2 -- mdAPP */ ! 135: PRO_REPL, /* 3 -- mdREPL */ ! 136: PRO_DEL, /* 4 -- mdDEL */ ! 137: }; ! 138: ! 139: extern QTREE Prodes; ! 140: extern char Terminal[]; ! 141: extern QTREE *gettree(); ! 142: ! 143: ! 144: QTREE * ! 145: protect(root) ! 146: QTREE *root; ! 147: { ! 148: register QTREE *r; ! 149: register int i; ! 150: register int vn; ! 151: register DESC *d; ! 152: int qmode; ! 153: int varset; ! 154: ! 155: r = root; ! 156: ! 157: # ifdef xQTR1 ! 158: tTfp(50, -1, "\n->PROTECT\n\n"); ! 159: # endif ! 160: ! 161: varset = 0; ! 162: ! 163: /* ! 164: ** Scan the range table and create a set of all variables ! 165: ** which are 'interesting', that is, on which the protectin ! 166: ** algorithm should be performed. ! 167: */ ! 168: ! 169: for (vn = 0; vn < MAXVAR + 1; vn++) ! 170: { ! 171: if (!Qt.qt_rangev[vn].rngvmark) ! 172: continue; ! 173: d = Qt.qt_rangev[vn].rngvdesc; ! 174: if (d == NULL) ! 175: syserr("null desc vn=%d", vn); ! 176: ! 177: /* if owner, accept any query */ ! 178: if (bequal(d->reldum.relowner, Usercode, UCODE_SZ)) ! 179: continue; ! 180: ! 181: /* check for "no restriction" bit asserted (= clear) */ ! 182: if (!bitset(S_PROTALL, d->reldum.relstat)) ! 183: continue; ! 184: if (!bitset(S_PROTRET, d->reldum.relstat) && ! 185: (Qt.qt_qmode == mdRETR || Qt.qt_qmode == mdRET_UNI)) ! 186: continue; ! 187: ! 188: varset |= 1 << vn; ! 189: } ! 190: ! 191: /* ! 192: ** For each variable specified in varset (that is, for each ! 193: ** variable in the initial query), do the real algorithm. ! 194: */ ! 195: ! 196: for (vn = 0; vn < MAXVAR + 1; vn++) ! 197: { ! 198: if ((varset & (1 << vn)) == 0) ! 199: continue; ! 200: d = Qt.qt_rangev[vn].rngvdesc; ! 201: ! 202: # ifdef xQTR1 ! 203: if (tTf(50, 1)) ! 204: printf("\nvn=%d: %.12s\n", vn, d->reldum.relid); ! 205: # endif ! 206: ! 207: /* ! 208: ** Determine the query mode for this variable. This ! 209: ** is not the query mode of the original query, ! 210: ** unless the variable is the result variable. ! 211: */ ! 212: ! 213: qmode = Qt.qt_qmode; ! 214: if (vn != Qt.qt_resvar || qmode == mdRET_UNI) ! 215: qmode = mdRETTERM; ! 216: ! 217: # ifdef xQTR3 ! 218: if (qmode == 1 || qmode > 4 || qmode < 0) ! 219: syserr("protect: bad qmode %d", qmode); ! 220: # endif ! 221: ! 222: /* do the interesting part of the algorithm */ ! 223: dopro(vn, r, qmode, NULL); ! 224: } ! 225: ! 226: /* return the (authorized) tree */ ! 227: # ifdef xQTR1 ! 228: if (tTf(50, 15)) ! 229: treepr(r, "PROTECT->"); ! 230: # endif ! 231: return (r); ! 232: } ! 233: /* ! 234: ** DOPRO -- actually do the protection algorithm ! 235: ** ! 236: ** This is the guts of it, broken off because it must be called ! 237: ** recursively on aggregates. The algorithm is as discussed ! 238: ** in the module header. ! 239: ** ! 240: ** Parameters: ! 241: ** varno -- the variable number of interest. ! 242: ** root -- the root of the tree to modify. ! 243: ** qmode -- the effective query mode for this relation. ! 244: ** byset -- if non-NULL, a set of domains passed back ! 245: ** which gets bound out of the aggregate func, ! 246: ** in other words, the by list. ! 247: ** ! 248: ** Returns: ! 249: ** none ! 250: ** ! 251: ** Side Effects: ! 252: ** The tree pointed at by 'root' gets modified. ! 253: ** Quite possibly 'Qt.qt_rangev' and 'Qt.qt_remap' get clobbered. ! 254: ** ! 255: ** Called By: ! 256: ** protect ! 257: ** makedset -- on aggregates and aggregate functions. ! 258: ** ! 259: ** Trace Flags: ! 260: ** 51 ! 261: */ ! 262: ! 263: dopro(varno, root, qmode, byset) ! 264: int varno; ! 265: QTREE *root; ! 266: int qmode; ! 267: int byset[8]; ! 268: { ! 269: int qset[8]; ! 270: int uset[8]; ! 271: int aset[8]; ! 272: int rset[8]; ! 273: int zeros[8]; ! 274: QTREE *p; ! 275: QTREE *pqual; ! 276: register int i; ! 277: register int vn; ! 278: register QTREE *t; ! 279: int noperm; ! 280: int noqual; ! 281: struct protect prokey, protup; ! 282: struct tup_id lotid, hitid; ! 283: struct qvect ! 284: { ! 285: QTREE *q_qual; ! 286: int q_mode; ! 287: }; ! 288: struct qvect quals[4]; ! 289: int j; ! 290: extern QTREE *norml(); ! 291: extern QTREE *tree(); ! 292: extern QTREE *trimqlend(); ! 293: ! 294: ! 295: t = root; ! 296: vn = varno; ! 297: ! 298: /* create domain usage sets */ ! 299: for (i = 0; i < 8; i++) ! 300: { ! 301: zeros[i] = uset[i] = rset[i] = qset[i] = aset[i] = 0; ! 302: if (byset != NULL) ! 303: byset[i] = 0; ! 304: } ! 305: ! 306: /* ! 307: ** Create domain usage set for target list side. There are ! 308: ** two general cases: this is the root of the tree, or this ! 309: ** is the head of an aggregate. ! 310: */ ! 311: ! 312: switch (t->sym.type) ! 313: { ! 314: case AGHEAD: ! 315: /* ! 316: ** An aggregate head falls into two classes: simple ! 317: ** aggregate and aggregate function. In an aggregate ! 318: ** function, care must be taken to bind the variables ! 319: ** in the by-list outside of the aggregate. We use ! 320: ** 'rset' as a temporary here. ! 321: */ ! 322: ! 323: if (t->left->sym.type == BYHEAD) ! 324: { ! 325: /* make by-list set */ ! 326: makedset(vn, t->left->left, NULL, rset, aset, qset); ! 327: ! 328: /* merge by-list set into qualification set */ ! 329: for (i = 0; i < 8; i++) ! 330: { ! 331: if (byset != NULL) ! 332: byset[i] |= rset[i]; ! 333: qset[i] |= rset[i]; ! 334: rset[i] = 0; ! 335: } ! 336: ! 337: /* make aggregate list set */ ! 338: makedset(vn, t->left->right->right, NULL, rset, aset, qset); ! 339: } ! 340: else ! 341: { ! 342: /* simple aggregate */ ! 343: # ifdef xQTR3 ! 344: if (t->left->sym.type != AOP) ! 345: syserr("dopro: AGHEAD->left %d", t->left->sym.type); ! 346: # endif ! 347: ! 348: /* check for qualification */ ! 349: if (t->right->sym.type == QLEND) ! 350: { ! 351: /* simple, unqualified aggregate */ ! 352: makedset(vn, t->left->right, NULL, aset, aset, qset); ! 353: } ! 354: else ! 355: { ! 356: # ifdef xQTR3 ! 357: if (t->right->sym.type != AND) ! 358: syserr("dopro: AND=%d", t->right->sym.type); ! 359: # endif ! 360: makedset(vn, t->left->right, NULL, rset, aset, qset); ! 361: } ! 362: } ! 363: break; ! 364: ! 365: case ROOT: ! 366: makedset(vn, t->left, uset, rset, aset, qset); ! 367: break; ! 368: } ! 369: ! 370: /* scan qualification */ ! 371: makedset(vn, t->right, NULL, qset, aset, qset); ! 372: ! 373: /* if retrieval, drop the 'update' set */ ! 374: /* if delete or append, force an apparent update */ ! 375: switch (qmode) ! 376: { ! 377: case mdRETTERM: ! 378: for (i = 0; i < 8; i++) ! 379: uset[i] = 0; ! 380: break; ! 381: ! 382: case mdDEL: ! 383: case mdAPP: ! 384: for (i = 0; i < 8; i++) ! 385: uset[i] = -1; ! 386: break; ! 387: } ! 388: ! 389: # ifdef xQTR1 ! 390: if (tTf(51, 2)) ! 391: { ! 392: printf("qmode %d\n", qmode); ! 393: pr_set(uset, "uset"); ! 394: pr_set(rset, "rset"); ! 395: pr_set(aset, "aset"); ! 396: pr_set(qset, "qset"); ! 397: } ! 398: # endif ! 399: ! 400: /* create a bit map of all referenced operations */ ! 401: noperm = 0; ! 402: if (!bequal(uset, zeros, sizeof zeros)) ! 403: noperm |= Proopmap[qmode]; ! 404: if (!bequal(rset, zeros, sizeof zeros)) ! 405: noperm |= PRO_RETR; ! 406: if (!bequal(aset, zeros, sizeof zeros)) ! 407: noperm |= PRO_AGGR; ! 408: if (!bequal(qset, zeros, sizeof zeros)) ! 409: noperm |= PRO_TEST; ! 410: ! 411: /* if no operation, something is wrong */ ! 412: /* not nessasarily, consider a var that only occurs in an aggregate */ ! 413: /* if (noperm == 0) ! 414: syserr("protect: no oper"); */ ! 415: ! 416: /* initialize qualification portion */ ! 417: for (i = 0; i < 4; ) ! 418: quals[i++].q_qual = NULL; ! 419: noqual = FALSE; ! 420: ! 421: /* check the protection catalog */ ! 422: opencatalog("protect", OR_READ); ! 423: setkey(&Prodes, &prokey, Qt.qt_rangev[vn].rngvdesc->reldum.relid, PRORELID); ! 424: setkey(&Prodes, &prokey, Qt.qt_rangev[vn].rngvdesc->reldum.relowner, PRORELOWN); ! 425: find(&Prodes, EXACTKEY, &lotid, &hitid, &prokey); ! 426: ! 427: while ((i = get(&Prodes, &lotid, &hitid, &protup, TRUE)) == 0) ! 428: { ! 429: if (kcompare(&Prodes, &prokey, &protup) != 0) ! 430: continue; ! 431: ! 432: # ifdef xQTR2 ! 433: if (tTf(51, 4)) ! 434: { ! 435: printf("PROTECT: "); ! 436: printup(&Prodes, &protup); ! 437: } ! 438: # endif ! 439: ! 440: /* check if this is the correct user, terminal, etc */ ! 441: if (!proappl(&protup)) ! 442: continue; ! 443: ! 444: /* alright, let's check the operation */ ! 445: i = 0; ! 446: if (qmode != mdRETTERM) ! 447: i = quals[0].q_mode = prochk(Proopmap[qmode], uset, &protup); ! 448: i |= quals[1].q_mode = prochk(PRO_RETR, rset, &protup); ! 449: i |= quals[2].q_mode = prochk(PRO_AGGR, aset, &protup); ! 450: i |= quals[3].q_mode = prochk(PRO_TEST, qset, &protup); ! 451: ! 452: # ifdef xQTR2 ! 453: if (tTf(51, 5)) ! 454: printf("Satisfies operations %o\n", i); ! 455: # endif ! 456: ! 457: /* see if this tuple is "interesting" */ ! 458: if (i == 0) ! 459: continue; ! 460: ! 461: /* it is! get the qualification (if any) */ ! 462: if (protup.protree >= 0) ! 463: { ! 464: p = gettree(Qt.qt_rangev[vn].rngvdesc->reldum.relid, ! 465: Qt.qt_rangev[vn].rngvdesc->reldum.relowner, ! 466: mdPROT, protup.protree, FALSE); ! 467: # ifdef xQTR2 ! 468: if (tTf(51, 6)) ! 469: treepr(p, "Protection Clause"); ! 470: # endif ! 471: p = trimqlend(p->right); ! 472: # ifdef xQTR3 ! 473: /* check for a non-null qualification */ ! 474: if (p == NULL) ! 475: syserr("protect: null tree"); ! 476: # endif ! 477: ! 478: /* translate to the interesting variable */ ! 479: j = protup.proresvar; ! 480: if (Qt.qt_remap[j] >= 0) ! 481: j = Qt.qt_remap[j]; ! 482: mergevar(j, varno, p); ! 483: ! 484: /* disjoin the protection qual to real qual */ ! 485: for (j = 0; j < 4; j++) ! 486: { ! 487: if (quals[j].q_mode == 0) ! 488: continue; ! 489: if (quals[j].q_qual == NULL) ! 490: quals[j].q_qual = p; ! 491: else ! 492: quals[j].q_qual = tree(quals[j].q_qual, p, OR, 0); ! 493: } ! 494: } ! 495: else ! 496: noqual = TRUE; ! 497: ! 498: /* mark this operation as having been handled */ ! 499: noperm &= ~i; ! 500: } ! 501: ! 502: /* test 'get' return code */ ! 503: if (i < 0) ! 504: syserr("protect: get"); ! 505: ! 506: # ifdef xQTR1 ! 507: if (tTf(51, 12)) ! 508: printf("No perm on %o\n", noperm); ! 509: # endif ! 510: ! 511: /* see if no tuples applied for some operation */ ! 512: if (noperm != 0) ! 513: qmerror(PVIOL, Qt.qt_qmode, vn, 0); ! 514: ! 515: /* see if we want to modify the query at all */ ! 516: if (!noqual) ! 517: { ! 518: /* conjoin the qualification */ ! 519: pqual = NULL; ! 520: for (i = 0; i < 4; i++) ! 521: if (quals[i].q_qual != NULL) ! 522: if (pqual == NULL) ! 523: pqual = quals[i].q_qual; ! 524: else ! 525: pqual = tree(pqual, quals[i].q_qual, AND, 0); ! 526: pqual = tree(pqual, tree(NULL, NULL, QLEND, 0), AND, 0); ! 527: appqual(pqual, t); ! 528: ! 529: /* normalize the tree */ ! 530: t->right = norml(trimqlend(t->right)); ! 531: } ! 532: } ! 533: /* ! 534: ** MAKEDSET -- make domain reference sets ! 535: ** ! 536: ** This routine creates some sets which reflect the usage of ! 537: ** domains for a particular variable. ! 538: ** ! 539: ** The interesting nodes are 'case' labels in the large ! 540: ** switch statement which comprises most of the code. To ! 541: ** describe briefly: ! 542: ** ! 543: ** VAR nodes are easy: if they are for the current variable, ! 544: ** set the bit corresponding to the domain in the ! 545: ** 'retrieval' set. They can have no descendents, ! 546: ** so just return. ! 547: ** RESDOM nodes are also easy: they can be handled the same, ! 548: ** but the bit is set in the 'update' set instead. ! 549: ** AGHEAD nodes signal the beginning of an aggregate or ! 550: ** aggregate function. In this case, we scan the ! 551: ** qualification first (noting that RESDOM and VAR ! 552: ** nodes are processed as 'qualification' sets ! 553: ** instead of 'retrieval' or 'update' sets). Then, ! 554: ** if the aggregate has a WHERE clause or a BY list, ! 555: ** we treat it as a retrieve; otherwise, we call our- ! 556: ** selves recursively treating VAR nodes as 'aggregate' ! 557: ** types rather than 'retrieve' types. ! 558: ** BYHEAD nodes signal the beginning of a BY list. The left ! 559: ** subtree (the actual BY-list) is processed with ! 560: ** RESDOM nodes ignored (since they are pseudo-domains ! 561: ** anyhow) and VAR nodes mapped into the 'qualification' ! 562: ** set. Then we check the right subtree (which better ! 563: ** begin with an AOP node!) and continue processing. ! 564: ** AOP nodes must have a null left subtree, so we just drop ! 565: ** to the right subtree and iterate. Notice that we ! 566: ** do NOT map VAR nodes into the 'aggregate' set for ! 567: ** this node, since this has already been done by the ! 568: ** AGHEAD node; also, this aggregate might be counted ! 569: ** as a retrieve operation instead of an aggregate ! 570: ** operation (as far as the protection system is con- ! 571: ** cerned) -- this has been handled by the AGHEAD ! 572: ** node. ! 573: ** All other nodes are processed recursively along both edges. ! 574: ** ! 575: ** Parameters: ! 576: ** vn -- the variable number that we are currently ! 577: ** interested in. ! 578: ** tree -- the root of the tree to scan. Notice that this ! 579: ** will in general be only one half of the tree -- ! 580: ** makedset will be called once for the target ! 581: ** list and once for the qualification, with ! 582: ** different sets for the following parameters. ! 583: ** uset -- adjusted to be the set of all domains ! 584: ** updated. ! 585: ** rset -- adjusted to be the set of all domains ! 586: ** retrieved implicitly, that is, on the right- ! 587: ** hand-side of an assignment operator. ! 588: ** aset -- adjusted to be the set of all domains ! 589: ** aggregated. Notice that this set is not ! 590: ** adjusted explicitly, but rather is passed ! 591: ** to recursive incarnations of this routine ! 592: ** as 'rset'. ! 593: ** qset -- adjusted to be the set of domains retrieved ! 594: ** implicitly in a qualification. Like 'aset', ! 595: ** this is passed as 'rset' to recursive ! 596: ** incarnations. ! 597: ** ! 598: ** Returns: ! 599: ** none ! 600: ** ! 601: ** Side Effects: ! 602: ** none ! 603: ** ! 604: ** Called By: ! 605: ** protect() -- in two places. ! 606: ** ! 607: ** Trace Flags: ! 608: ** 53 ! 609: ** ! 610: */ ! 611: ! 612: makedset(vn, tree, uset, rset, aset, qset) ! 613: int vn; ! 614: QTREE *tree; ! 615: int uset[8]; ! 616: int rset[8]; ! 617: int aset[8]; ! 618: int qset[8]; ! 619: { ! 620: register QTREE *t; ! 621: register int i; ! 622: int byset[8]; ! 623: ! 624: t = tree; ! 625: ! 626: # ifdef xQTR1 ! 627: if (tTf(53, 0)) ! 628: { ! 629: printf("->makedset\n"); ! 630: pr_set(uset, "uset"); ! 631: pr_set(rset, "rset"); ! 632: pr_set(aset, "aset"); ! 633: pr_set(qset, "qset"); ! 634: } ! 635: # endif ! 636: ! 637: while (t != NULL) ! 638: { ! 639: switch (t->sym.type) ! 640: { ! 641: case VAR: ! 642: if (t->sym.value.sym_var.varno == vn) ! 643: lsetbit(t->sym.value.sym_var.attno, rset); ! 644: break; ! 645: ! 646: case AGHEAD: ! 647: /* do protection on qualification */ ! 648: dopro(vn, t, -1, byset); ! 649: ! 650: /* merge by-list set into qualification set */ ! 651: for (i = 0; i < 8; i++) ! 652: qset[i] |= byset[i]; ! 653: ! 654: break; ! 655: ! 656: case BYHEAD: ! 657: case AOP: ! 658: syserr("makedset: node %d", t->sym.type); ! 659: ! 660: case RESDOM: ! 661: if (t->sym.value.sym_resdom.resno == 0) ! 662: { ! 663: /* tid -- ignore right subtree (and this node) */ ! 664: t = t->left; ! 665: continue; ! 666: } ! 667: if (uset != NULL) ! 668: lsetbit(t->sym.value.sym_resdom.resno, uset); ! 669: /* explicit fall-through to "default" case */ ! 670: ! 671: default: ! 672: /* handle left subtree (recursively) */ ! 673: makedset(vn, t->left, uset, rset, aset, qset); ! 674: ! 675: /* handle right subtree (iteratively) */ ! 676: t = t->right; ! 677: continue; ! 678: } ! 679: break; ! 680: } ! 681: ! 682: # ifdef xQTR1 ! 683: if (tTf(53, 15)) ! 684: { ! 685: printf("makedset->\n"); ! 686: pr_set(uset, "uset"); ! 687: pr_set(rset, "rset"); ! 688: pr_set(aset, "aset"); ! 689: pr_set(qset, "qset"); ! 690: } ! 691: # endif ! 692: ! 693: return; ! 694: } ! 695: /* ! 696: ** PROAPPL -- check for protection tuple applicable ! 697: ** ! 698: ** A given protection catalog tuple is checked in a query- ! 699: ** independent way for applicability. ! 700: ** ! 701: ** This routine checks such environmental constraints as the ! 702: ** user, the terminal, and the time of day. The code is ! 703: ** fairly straightforward, just take a look. ! 704: ** ! 705: ** One note: the user and terminal codes contained in the ! 706: ** protection catalog are blank to mean 'any value' of the ! 707: ** corresponding field. ! 708: ** ! 709: ** Parameters: ! 710: ** protup -- the protection tuple to compare against. ! 711: ** ! 712: ** Returns: ! 713: ** TRUE -- this tuple applies to the current environment. ! 714: ** FALSE -- this tuple does not apply. ! 715: ** ! 716: ** Side Effects: ! 717: ** none (unless you include trashing the static vector ! 718: ** returned by localtime). ! 719: ** ! 720: ** Called By: ! 721: ** protect() ! 722: ** ! 723: ** Trace Flags: ! 724: ** 54 ! 725: */ ! 726: ! 727: proappl(protup) ! 728: struct protect *protup; ! 729: { ! 730: register struct protect *p; ! 731: int tvect[2]; ! 732: register int *tt; ! 733: extern int *localtime(); ! 734: register int mtime; ! 735: ! 736: p = protup; ! 737: ! 738: /* check for correct user [insert clique code here] */ ! 739: if (!bequal(" ", p->prouser, 2)) ! 740: { ! 741: if (!bequal(p->prouser, Usercode, UCODE_SZ)) ! 742: { ! 743: # ifdef xQTR2 ! 744: if (tTf(54, 0)) ! 745: printf(" ~user\n"); ! 746: # endif ! 747: return (FALSE); ! 748: } ! 749: } ! 750: ! 751: /* check for correct terminal */ ! 752: if (p->proterm[0] != ' ') ! 753: { ! 754: if (!sequal(p->proterm, Terminal)) ! 755: { ! 756: # ifdef xQTR2 ! 757: if (tTf(54, 0)) ! 758: printf(" ~term\n"); ! 759: # endif ! 760: return (FALSE); ! 761: } ! 762: } ! 763: ! 764: /* check for correct time of day & week */ ! 765: time(tvect); ! 766: tt = localtime(tvect); ! 767: mtime = tt[2] * 60 + tt[1]; ! 768: ! 769: if (p->protodbgn > mtime || p->protodend < mtime) ! 770: { ! 771: # ifdef xQTR2 ! 772: if (tTf(54, 0)) ! 773: printf(" ~tod\n"); ! 774: # endif ! 775: return (FALSE); ! 776: } ! 777: if (p->prodowbgn > tt[6] || p->prodowend < tt[6]) ! 778: { ! 779: # ifdef xQTR2 ! 780: if (tTf(54, 0)) ! 781: printf(" ~dow\n"); ! 782: # endif ! 783: return (FALSE); ! 784: } ! 785: ! 786: /* hasn't failed yet -- I guess it's ok */ ! 787: return (TRUE); ! 788: } ! 789: /* ! 790: ** PROCHK -- query-dependent protection tuple check ! 791: ** ! 792: ** This routine does the query-dependent part of checking ! 793: ** the validity of a protection tuple. Unlike proappl, ! 794: ** which looked at aspects of the environment but not the ! 795: ** query being run, this routine assumes that the environ- ! 796: ** ment is ok, and checks that if it applies to this tuple. ! 797: ** ! 798: ** Two things are checked. The first is if this tuple applies ! 799: ** to the operation in question (passed as 'inbit'). The ! 800: ** second is if the set of domains in the tuple contains the ! 801: ** set of domains in the query. If either of these fail, ! 802: ** the return is zero. Otherwise the return is the operation ! 803: ** bit. In otherwise, the return is the operation to which ! 804: ** this tuple applies (if any). ! 805: ** ! 806: ** As a special check, the domain set is checked for all ! 807: ** zero. If so, no domains have been referenced for this ! 808: ** operation at all, and we return zero. In other words, this ! 809: ** tuple might apply to this operation, but since we don't ! 810: ** use the operation anyhow we will ignore it. It is important ! 811: ** to handle things in this way so that the qualification for ! 812: ** this tuple doesn't get appended if the variable is not ! 813: ** used in a particular context. ! 814: ** ! 815: ** Parameters: ! 816: ** inbit -- the bit describing the operation to be ! 817: ** checked. Note that only one bit should ! 818: ** be set in this word, although this is ! 819: ** not checked. ! 820: ** domset -- the set of domains actually referenced ! 821: ** in this query for the operation described ! 822: ** by 'inbit'. ! 823: ** protup -- the tuple in question. ! 824: ** ! 825: ** Returns: ! 826: ** The operation (if any) to which this tuple applies. ! 827: ** ! 828: ** Side Effects: ! 829: ** none ! 830: ** ! 831: ** Called By: ! 832: ** protect() -- in four places. ! 833: ** ! 834: ** Trace Flags: ! 835: ** 55 ! 836: */ ! 837: ! 838: prochk(inbit, domset, protup) ! 839: int inbit; ! 840: int domset[8]; ! 841: struct protect *protup; ! 842: { ! 843: register struct protect *p; ! 844: register int *d; ! 845: register int i; ! 846: ! 847: p = protup; ! 848: d = domset; ! 849: ! 850: # ifdef xQTR1 ! 851: if (tTf(55, 0)) ! 852: { ! 853: printf("->prochk, inbit=%o, proopset=%o\n", inbit, p->proopset); ! 854: pr_set(d, "domset"); ! 855: pr_set(p->prodomset, "prodomset"); ! 856: } ! 857: # endif ! 858: ! 859: /* check for null domain set, if so return zero */ ! 860: for (i = 0; i < 8; i++) ! 861: if (d[i] != 0) ! 862: break; ! 863: if (i >= 8) ! 864: { ! 865: # ifdef xQTR2 ! 866: tTfp(55, 15, "prochk-> null set\n"); ! 867: # endif ! 868: return (0); ! 869: } ! 870: ! 871: /* see if this tuple applies to this operation */ ! 872: if ((inbit & p->proopset) == 0) ! 873: { ! 874: # ifdef xQTR2 ! 875: tTfp(55, 15, "prochk-> no op\n"); ! 876: # endif ! 877: return (0); ! 878: } ! 879: ! 880: /* check if domains are a subset */ ! 881: for (i = 0; i < 8; i++) ! 882: { ! 883: if ((d[i] & ~p->prodomset[i]) != 0) ! 884: { ! 885: /* failure */ ! 886: # ifdef xQTR2 ! 887: tTfp(55, 15, "prochk-> not subset\n"); ! 888: # endif ! 889: return (0); ! 890: } ! 891: } ! 892: ! 893: /* this is hereby an "interesting" tuple */ ! 894: # ifdef xQTR2 ! 895: if (tTf(55, 15)) ! 896: printf("prochk-> %d\n", inbit); ! 897: # endif ! 898: return (inbit); ! 899: } ! 900: ! 901: # ifdef xQTR1 ! 902: ! 903: /* ! 904: ** PR_SET -- print set for debugging ! 905: ** ! 906: ** This routine prints a 128-bit set for debugging. ! 907: ** ! 908: ** Parameters: ! 909: ** xset -- the set to convert. ! 910: ** labl -- a label to print before the set. ! 911: ** ! 912: ** Returns: ! 913: ** a pointer to the converted string. ! 914: ** ! 915: ** Side Effects: ! 916: ** none ! 917: */ ! 918: ! 919: pr_set(xset, labl) ! 920: short xset[8]; ! 921: char *labl; ! 922: { ! 923: register short *x; ! 924: register int i; ! 925: register long *y; ! 926: ! 927: printf("\t%s: ", labl); ! 928: x = xset; ! 929: y = (long *) x; ! 930: if (x == NULL) ! 931: { ! 932: printf("<NULL>\n"); ! 933: return; ! 934: } ! 935: for (i = 7; i >= 0; i--) ! 936: printf("%x/", x[i]); ! 937: printf(" <> "); ! 938: for (i = 0; i < 4; i++) ! 939: printf("/%ld", y[i]); ! 940: printf("\n"); ! 941: } ! 942: ! 943: # endif
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.