Changeset: ea9ad9ea3210 for MonetDB
URL: http://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=ea9ad9ea3210
Modified Files:
monetdb5/mal/mal_authorize.c
sql/server/rel_updates.c
sql/server/sql_privileges.c
sql/test/leaks/Tests/check0.stable.out
sql/test/leaks/Tests/check0.stable.out.int128
sql/test/leaks/Tests/check1.stable.out
sql/test/leaks/Tests/check1.stable.out.int128
sql/test/leaks/Tests/check2.stable.out
sql/test/leaks/Tests/check2.stable.out.int128
sql/test/leaks/Tests/check3.stable.out
sql/test/leaks/Tests/check3.stable.out.int128
sql/test/leaks/Tests/check4.stable.out
sql/test/leaks/Tests/check4.stable.out.int128
sql/test/leaks/Tests/check5.stable.out
sql/test/leaks/Tests/check5.stable.out.int128
sql/test/leaks/Tests/drop3.stable.out
sql/test/leaks/Tests/drop3.stable.out.int128
sql/test/leaks/Tests/select1.stable.out.int128
sql/test/leaks/Tests/select2.stable.out.int128
sql/test/leaks/Tests/temp1.stable.out
sql/test/leaks/Tests/temp1.stable.out.int128
sql/test/leaks/Tests/temp2.stable.out
sql/test/leaks/Tests/temp2.stable.out.int128
sql/test/leaks/Tests/temp3.stable.out
sql/test/leaks/Tests/temp3.stable.out.int128
Branch: default
Log Message:
merged with jul2015
diffs (truncated from 1008 to 300 lines):
diff --git a/monetdb5/mal/mal_authorize.c b/monetdb5/mal/mal_authorize.c
--- a/monetdb5/mal/mal_authorize.c
+++ b/monetdb5/mal/mal_authorize.c
@@ -34,6 +34,23 @@ static str AUTHverifyPassword(int *ret,
static BAT *user = NULL;
static BAT *pass = NULL;
+static BAT *duser = NULL;
+
+static BUN
+AUTHfindUser(str username)
+{
+ BATiter cni = bat_iterator(user);
+ BUN p;
+
+ if (user->T->hash || BAThash(user, 0) == GDK_SUCCEED) {
+ HASHloop_str(cni, cni.b->T->hash, p, username) {
+ oid pos = p;
+ if (BUNfnd(duser, &pos) == BUN_NONE)
+ return p;
+ }
+ }
+ return BUN_NONE;
+}
/**
* Requires the current client to be the admin user thread. If not the case,
@@ -87,7 +104,7 @@ AUTHrequireAdminOrUser(Client *c, str *u
static void
AUTHcommit(void)
{
- bat blist[3];
+ bat blist[4];
blist[0] = 0;
@@ -95,7 +112,9 @@ AUTHcommit(void)
blist[1] = abs(user->batCacheid);
assert(pass);
blist[2] = abs(pass->batCacheid);
- TMsubcommit_list(blist, 3);
+ assert(duser);
+ blist[3] = abs(duser->batCacheid);
+ TMsubcommit_list(blist, 4);
}
/*
@@ -110,7 +129,6 @@ AUTHcommit(void)
str
AUTHinitTables(str *passwd) {
bat bid;
- BAT *b;
int isNew = 1;
str msg = MAL_SUCCEED;
@@ -125,37 +143,53 @@ AUTHinitTables(str *passwd) {
/* load/create users BAT */
bid = BBPindex("M5system_auth_user");
if (!bid) {
- b = BATnew(TYPE_void, TYPE_str, 256, PERSISTENT);
- if (b == NULL)
+ user = BATnew(TYPE_void, TYPE_str, 256, PERSISTENT);
+ if (user == NULL)
throw(MAL, "initTables.user", MAL_MALLOC_FAIL " user
table");
- BATseqbase(b,0);
+ BATseqbase(user,0);
- BATkey(BATmirror(b), TRUE);
- BBPrename(BBPcacheid(b), "M5system_auth_user");
- BATmode(b, PERSISTENT);
+ BATkey(BATmirror(user), TRUE);
+ BBPrename(BBPcacheid(user), "M5system_auth_user");
+ BATmode(user, PERSISTENT);
} else {
- b = BATdescriptor(bid);
+ user = BATdescriptor(bid);
isNew = 0;
}
- assert(b);
- user = b;
+ assert(user);
/* load/create password BAT */
bid = BBPindex("M5system_auth_passwd_v2");
if (!bid) {
- b = BATnew(TYPE_void, TYPE_str, 256, PERSISTENT);
- if (b == NULL)
+ pass = BATnew(TYPE_void, TYPE_str, 256, PERSISTENT);
+ if (pass == NULL)
throw(MAL, "initTables.passwd", MAL_MALLOC_FAIL "
password table");
- BATseqbase(b,0);
+ BATseqbase(pass,0);
- BBPrename(BBPcacheid(b), "M5system_auth_passwd_v2");
- BATmode(b, PERSISTENT);
+ BBPrename(BBPcacheid(pass), "M5system_auth_passwd_v2");
+ BATmode(pass, PERSISTENT);
} else {
- b = BATdescriptor(bid);
+ pass = BATdescriptor(bid);
isNew = 0;
}
- assert(b);
- pass = b;
+ assert(pass);
+
+ /* load/create password BAT */
+ bid = BBPindex("M5system_auth_deleted");
+ if (!bid) {
+ duser = BATnew(TYPE_void, TYPE_oid, 256, PERSISTENT);
+ if (duser == NULL)
+ throw(MAL, "initTables.duser", MAL_MALLOC_FAIL "
deleted user table");
+ BATseqbase(duser,0);
+
+ BBPrename(BBPcacheid(duser), "M5system_auth_deleted");
+ BATmode(duser, PERSISTENT);
+ if (!isNew)
+ AUTHcommit();
+ } else {
+ duser = BATdescriptor(bid);
+ isNew = 0;
+ }
+ assert(duser);
if (isNew == 1) {
/* insert the monetdb/monetdb administrator account on a
@@ -196,9 +230,8 @@ AUTHcheckCredentials(
str tmp;
str pwd = NULL;
str hash = NULL;
- BUN p, q;
- oid *id;
- BATiter useri, passi;
+ BUN p;
+ BATiter passi;
rethrow("checkCredentials", tmp, AUTHrequireAdminOrUser(c, username));
assert(user);
@@ -207,13 +240,11 @@ AUTHcheckCredentials(
if (*username == NULL || strNil(*username))
throw(INVCRED, "checkCredentials", "invalid credentials for
unknown user");
- p = BUNfnd(user, *username);
+ p = AUTHfindUser(*username);
if (p == BUN_NONE) {
/* DO NOT reveal that the user doesn't exist here! */
throw(INVCRED, "checkCredentials", INVCRED_INVALID_USER "
'%s'", *username);
}
- useri = bat_iterator(user);
- id = (oid*)(BUNhead(useri, p));
/* a NULL password is impossible (since we should be dealing with
* hashes here) so we can bail out immediately
@@ -224,10 +255,8 @@ AUTHcheckCredentials(
}
/* find the corresponding password to the user */
- q = BUNfnd(BATmirror(pass), id);
- assert (q != BUN_NONE);
passi = bat_iterator(pass);
- tmp = (str)BUNtail(passi, q);
+ tmp = (str)BUNtail(passi, p);
assert (tmp != NULL);
/* decypher the password (we lose the original tmp here) */
rethrow("checkCredentials", tmp, AUTHdecypherValue(&pwd, &tmp));
@@ -242,7 +271,7 @@ AUTHcheckCredentials(
}
free(hash);
- *uid = *id;
+ *uid = p;
return(MAL_SUCCEED);
}
@@ -251,12 +280,11 @@ AUTHcheckCredentials(
* return value of this function is the user id of the added user.
*/
str
-AUTHaddUser(oid *uid, Client *c, str *username, str *passwd) {
+AUTHaddUser(oid *uid, Client *c, str *username, str *passwd)
+{
BUN p;
- oid *id;
str tmp;
str hash = NULL;
- BATiter useri;
rethrow("addUser", tmp, AUTHrequireAdmin(c));
assert(user);
@@ -270,7 +298,7 @@ AUTHaddUser(oid *uid, Client *c, str *us
rethrow("addUser", tmp, AUTHverifyPassword(NULL, passwd));
/* ensure that the username is not already there */
- p = BUNfnd(user, *username);
+ p = AUTHfindUser(*username);
if (p != BUN_NONE)
throw(MAL, "addUser", "user '%s' already exists", *username);
@@ -278,18 +306,15 @@ AUTHaddUser(oid *uid, Client *c, str *us
rethrow("addUser", tmp, AUTHcypherValue(&hash, passwd));
/* needs force, as SQL makes a view over user */
BUNappend(user, *username, TRUE);
- BUNappend(pass, hash, FALSE);
+ BUNappend(pass, hash, TRUE);
GDKfree(hash);
/* retrieve the oid of the just inserted user */
- p = BUNfnd(user, *username);
- assert (p != BUN_NONE);
- useri = bat_iterator(user);
- id = (oid*)(BUNhead(useri, p));
+ p = AUTHfindUser(*username);
/* make the stuff persistent */
AUTHcommit();
- *uid = *id;
+ *uid = p;
return(MAL_SUCCEED);
}
@@ -297,12 +322,11 @@ AUTHaddUser(oid *uid, Client *c, str *us
* Removes the given user from the administration.
*/
str
-AUTHremoveUser(Client *c, str *username) {
+AUTHremoveUser(Client *c, str *username)
+{
BUN p;
- BAT *b;
oid id;
str tmp;
- BATiter useri;
rethrow("removeUser", tmp, AUTHrequireAdmin(c));
assert(user);
@@ -313,27 +337,20 @@ AUTHremoveUser(Client *c, str *username)
throw(ILLARG, "removeUser", "username should not be nil");
/* ensure that the username exists */
- p = BUNfnd(user, *username);
+ p = AUTHfindUser(*username);
if (p == BUN_NONE)
throw(MAL, "removeUser", "no such user: '%s'", *username);
- useri = bat_iterator(user);
- id = *(oid*)(BUNhead(useri, p));
+ id = p;
/* find the name of the administrator and see if it equals username */
if (id == (*c)->user)
throw(MAL, "removeUser", "cannot remove yourself");
/* now, we got the oid, start removing the related tuples */
- b = BATmirror(BATselect(BATmirror(user), &id, &id));
- assert(BATcount(b) != 0);
- BATdel(user, b, TRUE);
- b = BATmirror(BATselect(BATmirror(pass), &id, &id));
- assert(BATcount(b) != 0);
- BATdel(pass, b, FALSE);
+ BUNappend(duser, &id, TRUE);
/* make the stuff persistent */
AUTHcommit();
-
return(MAL_SUCCEED);
}
@@ -347,7 +364,6 @@ AUTHchangeUsername(Client *c, str *oldus
{
BUN p, q;
str tmp;
- BATiter useri;
oid id;
rethrow("addUser", tmp, AUTHrequireAdminOrUser(c, olduser));
@@ -359,20 +375,19 @@ AUTHchangeUsername(Client *c, str *oldus
throw(ILLARG, "changeUsername", "new username should not be
nil");
/* see if the olduser is valid */
- p = BUNfnd(user, *olduser);
+ p = AUTHfindUser(*olduser);
if (p == BUN_NONE)
throw(MAL, "changeUsername", "user '%s' does not exist",
*olduser);
/* ... and if the newuser is not there yet */
- q = BUNfnd(user, *newuser);
+ q = AUTHfindUser(*newuser);
if (q != BUN_NONE)
throw(MAL, "changeUsername", "user '%s' already exists",
*newuser);
/* ok, just do it! (with force, because sql makes view over it) */
- useri = bat_iterator(user);
- id = *(oid*)BUNhead(useri, p);
+ id = p;
+ assert(id == p);
BUNinplace(user, p, &id, *newuser, TRUE);
AUTHcommit();
-
return(MAL_SUCCEED);
}
@@ -382,7 +397,8 @@ AUTHchangeUsername(Client *c, str *oldus
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
