Changeset: 9900f9f53591 for MonetDB URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=9900f9f53591 Modified Files: sql/server/rel_psm.c sql/server/rel_schema.c sql/server/rel_schema.h sql/server/sql_parser.y sql/server/sql_semantic.c sql/server/sql_semantic.h Branch: remote_auth Log Message:
Handle credentials for the remote table in the parser The new syntax is: CREATE REMOTE TABLE table_name (column_specification) ON 'mapi:monetdb://host/database/[schema]/[table]' [WITH [USER 'username'] [ENCRYPTED] PASSWORD 'password]'; The implementation is still incomplete, see the TODOs in the comments. diffs (230 lines): diff --git a/sql/server/rel_psm.c b/sql/server/rel_psm.c --- a/sql/server/rel_psm.c +++ b/sql/server/rel_psm.c @@ -214,7 +214,7 @@ rel_psm_declare_table(mvc *sql, dnode *n assert(n->next->next->next->type == type_int); - rel = rel_create_table(sql, cur_schema(sql), SQL_DECLARED_TABLE, NULL, name, n->next->next->data.sym, n->next->next->next->data.i_val, NULL, 0); + rel = rel_create_table(sql, cur_schema(sql), SQL_DECLARED_TABLE, NULL, name, n->next->next->data.sym, n->next->next->next->data.i_val, NULL, NULL, NULL, 0); if (!rel || rel->op != op_ddl || rel->flag != DDL_CREATE_TABLE) return NULL; diff --git a/sql/server/rel_schema.c b/sql/server/rel_schema.c --- a/sql/server/rel_schema.c +++ b/sql/server/rel_schema.c @@ -896,7 +896,7 @@ table_element(mvc *sql, symbol *s, sql_s } sql_rel * -rel_create_table(mvc *sql, sql_schema *ss, int temp, const char *sname, const char *name, symbol *table_elements_or_subquery, int commit_action, const char *loc, int if_not_exists) +rel_create_table(mvc *sql, sql_schema *ss, int temp, const char *sname, const char *name, symbol *table_elements_or_subquery, int commit_action, const char *loc, const char *username, const char *password, int if_not_exists) { sql_schema *s = NULL; @@ -909,6 +909,8 @@ rel_create_table(mvc *sql, sql_schema *s (temp == SQL_REPLICA_TABLE)?tt_replica_table:tt_table; (void)create; + (void)username; + (void)password; if (sname && !(s = mvc_bind_schema(sql, sname))) return sql_error(sql, 02, SQLSTATE(3F000) "CREATE TABLE: no such schema '%s'", sname); @@ -2288,13 +2290,27 @@ rel_schemas(mvc *sql, symbol *s) char *sname = qname_schema(qname); char *name = qname_table(qname); int temp = l->h->data.i_val; + dlist *credentials = l->h->next->next->next->next->next->data.lval; + char *username = credentials_username(credentials); + char *password = credentials_password(credentials); + if (username == NULL) { + // No username specified, get the current username + username = stack_get_string(sql, "current_user"); + } + if (password == NULL) { + // No username specified, get the current user's password from the vault. + // TODO + password = NULL; + } assert(l->h->type == type_int); assert(l->h->next->next->next->type == type_int); - ret = rel_create_table(sql, cur_schema(sql), temp, sname, name, l->h->next->next->data.sym, - l->h->next->next->next->data.i_val, - l->h->next->next->next->next->data.sval, - l->h->next->next->next->next->next->data.i_val); /* if not exists */ + ret = rel_create_table(sql, cur_schema(sql), temp, sname, name, + l->h->next->next->data.sym, /* elements or subquery */ + l->h->next->next->next->data.i_val, /* commit action */ + l->h->next->next->next->next->data.sval, /* location */ + username, password, + l->h->next->next->next->next->next->data.i_val); /* if not exists */ } break; case SQL_CREATE_VIEW: { diff --git a/sql/server/rel_schema.h b/sql/server/rel_schema.h --- a/sql/server/rel_schema.h +++ b/sql/server/rel_schema.h @@ -14,7 +14,12 @@ extern sql_rel *rel_schemas(mvc *sql, symbol *sym); -extern sql_rel *rel_create_table(mvc *sql, sql_schema *ss, int temp, const char *sname, const char *name, symbol *table_elements_or_subquery, int commit_action, const char *loc, int if_not_exists); +extern sql_rel *rel_create_table(mvc *sql, sql_schema *ss, int temp, + const char *sname, const char *name, + symbol *table_elements_or_subquery, + int commit_action, const char *loc, + const char *username, const char *passwd, + int if_not_exists); extern sql_rel *rel_list(sql_allocator *sa, sql_rel *l, sql_rel *r); extern sql_table * mvc_create_table_as_subquery( mvc *sql, sql_rel *sq, sql_schema *s, const char *tname, dlist *column_spec, int temp, int commit_action ); diff --git a/sql/server/sql_parser.y b/sql/server/sql_parser.y --- a/sql/server/sql_parser.y +++ b/sql/server/sql_parser.y @@ -378,6 +378,7 @@ int yydebug=1; column_def_opt_list opt_column_def_opt_list table_exp + with_opt_credentials table_ref_commalist table_element_list table_opt_storage @@ -1351,6 +1352,7 @@ table_def: append_symbol(l, $4); append_int(l, commit_action); append_string(l, NULL); + append_list(l, NULL); append_int(l, $2); append_list(l, $5); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } @@ -1370,6 +1372,7 @@ table_def: append_symbol(l, $5); append_int(l, commit_action); append_string(l, NULL); + append_list(l, NULL); append_int(l, $3); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } | MERGE TABLE if_not_exists qname table_content_source @@ -1381,6 +1384,7 @@ table_def: append_symbol(l, $5); append_int(l, commit_action); append_string(l, NULL); + append_list(l, NULL); append_int(l, $3); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } | REPLICA TABLE if_not_exists qname table_content_source @@ -1392,12 +1396,13 @@ table_def: append_symbol(l, $5); append_int(l, commit_action); append_string(l, NULL); + append_list(l, NULL); append_int(l, $3); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } /* mapi:monetdb://host:port/database[/schema[/table]] This also allows access via monetdbd. We assume the monetdb user with default password */ - | REMOTE TABLE if_not_exists qname table_content_source ON STRING + | REMOTE TABLE if_not_exists qname table_content_source ON STRING with_opt_credentials { int commit_action = CA_COMMIT, tpe = SQL_REMOTE; dlist *l = L(); @@ -1406,6 +1411,7 @@ table_def: append_symbol(l, $5); append_int(l, commit_action); append_string(l, $7); + append_list(l, $8); append_int(l, $3); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } | opt_temp TABLE if_not_exists qname table_content_source opt_on_commit @@ -1419,10 +1425,32 @@ table_def: commit_action = $6; append_int(l, commit_action); append_string(l, NULL); + append_list(l, NULL); append_int(l, $3); $$ = _symbol_create_list( SQL_CREATE_TABLE, l ); } ; +with_opt_credentials: + /* empty */ + { + $$ = append_string(L(), NULL); + append_int($$, SQL_PW_UNENCRYPTED); + append_string($$, NULL); + } + | WITH USER string opt_encrypted PASSWORD string + { + $$ = append_string(L(), $3); + append_int($$, $4); + append_string($$, $6); + } + | WITH opt_encrypted PASSWORD string + { + $$ = append_string(L(), NULL); + append_int($$, $2); + append_string($$, $4); + } + ; + opt_temp: TEMPORARY { $$ = SQL_LOCAL_TEMP; } | TEMP { $$ = SQL_LOCAL_TEMP; } diff --git a/sql/server/sql_semantic.c b/sql/server/sql_semantic.c --- a/sql/server/sql_semantic.c +++ b/sql/server/sql_semantic.c @@ -194,6 +194,41 @@ qname_catalog(dlist *qname) return NULL; } +char * +credentials_username(dlist *credentials) +{ + if (credentials == NULL) { + return NULL; + } + assert(credentials->h); + + if (credentials->h->data.sval != NULL) { + return credentials->h->data.sval; + } + + // No username specified. + return NULL; +} + +char * +credentials_password(dlist *credentials) { + if (credentials == NULL) { + return NULL; + } + assert(credentials->h); + + if (credentials->h->next->data.i_val == SQL_PW_ENCRYPTED) { + return credentials->h->next->next->data.sval; + } + else if (credentials->h->next->next->data.sval != NULL) { + // We have an unencrypted password. Encrypt and return + // TODO + return NULL; + } + + return NULL; +} + int set_type_param(mvc *sql, sql_subtype *type, int nr) { diff --git a/sql/server/sql_semantic.h b/sql/server/sql_semantic.h --- a/sql/server/sql_semantic.h +++ b/sql/server/sql_semantic.h @@ -24,6 +24,8 @@ extern sql_schema *tmp_schema(mvc *sql); extern char *qname_schema(dlist *qname); extern char *qname_table(dlist *qname); extern char *qname_catalog(dlist *qname); +extern char *credentials_username(dlist *credentials); +extern char *credentials_password(dlist *credentials); #define qname_module(qname) qname_schema(qname) #define qname_fname(qname) qname_table(qname) _______________________________________________ checkin-list mailing list checkin-list@monetdb.org https://www.monetdb.org/mailman/listinfo/checkin-list