from:"rmarton"

[1/2] trafodion git commit: Fixed regression test issue for privs1/TEST120

2018-10-26 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 8e38189d4 -> 06b648612


Fixed regression test issue for privs1/TEST120


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/480e07ef
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/480e07ef
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/480e07ef

Branch: refs/heads/master
Commit: 480e07ef2f3798007144baae0d011240790d6b1f
Parents: 8e38189
Author: Roberta Marton 
Authored: Fri Oct 26 18:51:32 2018 +
Committer: Roberta Marton 
Committed: Fri Oct 26 18:51:32 2018 +

--
 core/sql/regress/privs1/EXPECTED120 | 13 -
 core/sql/regress/privs1/TEST120 | 11 +--
 2 files changed, 13 insertions(+), 11 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/480e07ef/core/sql/regress/privs1/EXPECTED120
--
diff --git a/core/sql/regress/privs1/EXPECTED120 
b/core/sql/regress/privs1/EXPECTED120
index 45713b9..08379f8 100644
--- a/core/sql/regress/privs1/EXPECTED120
+++ b/core/sql/regress/privs1/EXPECTED120
@@ -583,16 +583,12 @@ End of MXCI Session
 >>--   AR - role involved, check query plans that rely on roles during revoke
 >>log;
 Query_Invalidation_Keys explain output for select_games, select_teams, 
insert_teams, update_teams, select_players, select_standings: 
-Query_Invalidation_Keys{,,CS}{,,
-UR}{,,CS}{,
-,UR}
+Query_Invalidation_Keys{,,CS}{,,UR}{,,CS}{,,UR}
 Query_Invalidation_Keys{,,OS}
 Query_Invalidation_Keys{,,OI}{,,UR}
-Query_Invalidation_Keys{,,OS}{,,
-CU}{,,UR}
+Query_Invalidation_Keys{,,OS}{,,CU}{,,UR}
 Query_Invalidation_Keys{,,OS}
-Query_Invalidation_Keys{,,OS}{,,
-OG}{,,UR}
+Query_Invalidation_Keys{,,OS}{,,OG}{,,UR}
 >>
 >>-- Verify that sql_user9 can select from games
 >>sh sqlci -i "TEST120(select_queries)" -u sql_user9;
@@ -1280,8 +1276,7 @@ End of MXCI Session
 --- SQL command prepared.
 >>log;
 Query_Invalidation_Keys explain output for select_stats: 
-Query_Invalidation_Keys{,,CS}{,,
-UR}{,,UZ}
+Query_Invalidation_Keys{,,CS}{,,UR}{,,UZ}
 >>shecho"Query_Invalidation_Keysexplainoutputforselect_stats:">>LOG;
 >>
 >>execute select_stats;

http://git-wip-us.apache.org/repos/asf/trafodion/blob/480e07ef/core/sql/regress/privs1/TEST120
--
diff --git a/core/sql/regress/privs1/TEST120 b/core/sql/regress/privs1/TEST120
index 632202c..f451dc8 100755
--- a/core/sql/regress/privs1/TEST120
+++ b/core/sql/regress/privs1/TEST120
@@ -235,7 +235,14 @@ explain select_standings;
 
 log;
 sh echo "Query_Invalidation_Keys explain output for select_games, 
select_teams, insert_teams, update_teams, select_players, select_standings: "   
>> LOG120;
-sh sed '/Query_Invalidation_Keys/,/ObjectUIDs/!d;/ObjectUIDs/d' EXPLAIN120 | 
sed -e 's/[0-9 \t]*//g' >> LOG120;
+-- Explanation of next command:
+--  Extract rows between Query_Invalidation_Keys and ObjectUIDs from explain 
plan
+---> sed '/Query_Invalidation_Keys/,/ObjectUIDs/!d;/ObjectUIDs/d'
+--  Remove numeric invalidation key hashes
+---> sed -e 's/[0-9 \t]*//g'
+--  Join rows for each invalidation key set
+---> awk '/Query_Invalidation_Keys/{if (NR!=1)print ""}{printf 
$0}END{print "";}'
+sh sed '/Query_Invalidation_Keys/,/ObjectUIDs/!d;/ObjectUIDs/d' EXPLAIN120 | 
sed -e 's/[0-9 \t]*//g' | awk '/Query_Invalidation_Keys/{if (NR!=1)print 
""}{printf $0}END{print "";}' >> LOG120;
 log;
 log LOG120;
 
@@ -297,7 +304,7 @@ log;
 log EXPLAIN120 clear;
 explain select_stats;
 sh echo "Query_Invalidation_Keys explain output for select_stats: "   >> 
LOG120;
-sh sed '/Query_Invalidation_Keys/,/ObjectUIDs/!d;/ObjectUIDs/d' EXPLAIN120 | 
sed -e 's/[0-9 \t]*//g' >> LOG120;
+sh sed '/Query_Invalidation_Keys/,/ObjectUIDs/!d;/ObjectUIDs/d' EXPLAIN120 | 
sed -e 's/[0-9 \t]*//g' | awk '/Query_Invalidation_Keys/{if (NR!=1)print 
""}{printf $0}END{print "";}' >> LOG120;
 log;
 log LOG120;

[2/2] trafodion git commit: PR 1732 Fixed regression testware issue

2018-10-26 Thread rmarton

PR 1732 Fixed regression testware issue


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/06b64861
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/06b64861
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/06b64861

Branch: refs/heads/master
Commit: 06b6486126da788376758900f9b19ac6065b3881
Parents: 8e38189 480e07e
Author: Roberta Marton 
Authored: Fri Oct 26 23:59:34 2018 +
Committer: Roberta Marton 
Committed: Fri Oct 26 23:59:34 2018 +

--
 core/sql/regress/privs1/EXPECTED120 | 13 -
 core/sql/regress/privs1/TEST120 | 11 +--
 2 files changed, 13 insertions(+), 11 deletions(-)
--

[2/3] trafodion git commit: TRAFODION - 3218 User still has privilege after user's role has been revoked ...

2018-10-24 Thread rmarton

TRAFODION - 3218 User still has privilege after user's role has been revoked ...

Partial support for column level privileges with QI support for:

  column select
  column insert
  column references
  column update

Also, as part of this, updated privilege code in a couple of areas:

Changed object caching code in NATable and NARoutine to store all privileges
assigned to the object when the object is cached (privDescs_).  During the load
operation, the code creates bitmaps (privInfo_) for the current user.  Privilege
checks are performed against the user bitmaps (privInfo_).  This is in
anticipation for some performance updates when connecting to Trafodion (mxosrvr)
with different users.

Change getRoleList to include the roleID and the granteeID that granted the
privilege. The grantee can be a user or a role.

When a privilege is revoked from a role, send QI keys for every user that has
been granted to role.


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/adf2b8f2
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/adf2b8f2
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/adf2b8f2

Branch: refs/heads/master
Commit: adf2b8f23d87bd3bdcccf64523b730a4c9b57843
Parents: c52b07c
Author: Roberta Marton 
Authored: Wed Oct 3 17:54:39 2018 +
Committer: Roberta Marton 
Committed: Wed Oct 3 17:54:39 2018 +

--
 core/sql/cli/Cli.cpp|   7 +-
 core/sql/cli/Cli.h  |   7 +-
 core/sql/cli/CliExtern.cpp  |  10 +-
 core/sql/cli/Context.cpp|  63 --
 core/sql/cli/Context.h  |   8 +-
 core/sql/cli/SQLCLIdev.h|   5 +-
 core/sql/comexe/ComTdb.h|   2 +-
 core/sql/common/ComDistribution.cpp |   4 +
 core/sql/common/ComSecurityKey.cpp  | 125 +++
 core/sql/common/ComSecurityKey.h|  16 +-
 core/sql/common/ComSmallDefs.h  |   9 +
 core/sql/common/ComUser.cpp |  62 -
 core/sql/common/ComUser.h   |   5 +-
 core/sql/executor/ExExeUtilGet.cpp  |   7 +-
 core/sql/generator/Generator.cpp|  15 +-
 core/sql/optimizer/BindRelExpr.cpp  | 144 
 core/sql/optimizer/NARoutine.cpp|  96 
 core/sql/optimizer/NARoutine.h  |  11 +-
 core/sql/optimizer/NATable.cpp  | 104 ++---
 core/sql/optimizer/NATable.h|  21 +-
 core/sql/optimizer/RelMisc.h|   3 +-
 core/sql/regress/privs1/EXPECTED120 |  15 +-
 core/sql/regress/privs1/TEST120 |   2 +-
 core/sql/regress/privs2/EXPECTED129 | 218 +-
 core/sql/regress/privs2/TEST129 |  32 ++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp  |  40 +++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|   3 +-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  15 +-
 core/sql/sqlcomp/PrivMgr.cpp|  37 +++
 core/sql/sqlcomp/PrivMgr.h  |   5 +
 core/sql/sqlcomp/PrivMgrCommands.cpp| 124 +-
 core/sql/sqlcomp/PrivMgrCommands.h  |  15 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |  12 +-
 core/sql/sqlcomp/PrivMgrDesc.cpp|   1 +
 core/sql/sqlcomp/PrivMgrDesc.h  |  30 +++
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  | 224 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.h|  21 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  92 
 core/sql/sqlcomp/PrivMgrRoles.h |  18 +-
 core/sql/sqlcomp/PrivMgrUserPrivs.cpp   | 174 --
 core/sql/sqlcomp/PrivMgrUserPrivs.h |  15 +-
 41 files changed, 1128 insertions(+), 689 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/adf2b8f2/core/sql/cli/Cli.cpp
--
diff --git a/core/sql/cli/Cli.cpp b/core/sql/cli/Cli.cpp
index 3d5f033..9318fa5 100644
--- a/core/sql/cli/Cli.cpp
+++ b/core/sql/cli/Cli.cpp
@@ -6240,8 +6240,9 @@ Int32 SQLCLI_GetAuthState (
 
 Lng32 SQLCLI_GetRoleList(
CliGlobals * cliGlobals,
-   Int32 ,
-   Int32 *)
+   Int32 ,
+   Int32 *& roleIDs,
+   Int32 *& granteeIDs)
 
 {
Lng32 retcode = 0;
@@ -6254,7 +6255,7 @@ Lng32 SQLCLI_GetRoleList(
ContextCli  = *(cliGlobals->currContext());
ComDiagsArea  = currContext.diags();
 
-   retcode = currContext.getRoleList(numRoles,roleIDs);
+   retcode = currContext.getRoleList(numEntries,roleIDs,granteeIDs);
 
return CliEpilogue(cliGlobals, NULL, retcode);

[1/3] trafodion git commit: TRAFODION - 3218 User still has privilege after user's role has been revoked ...

2018-10-24 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 659f59a13 -> 8e38189d4


http://git-wip-us.apache.org/repos/asf/trafodion/blob/adf2b8f2/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
--
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp 
b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
index a620624..cd785f6 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
@@ -12540,23 +12540,20 @@ ComTdbVirtTablePrivInfo * 
CmpSeabaseDDL::getSeabasePrivInfo(
 
   // Summarize privileges for object
   PrivStatus privStatus = STATUS_GOOD;
-  std::vector privDescs;
+  ComTdbVirtTablePrivInfo *privInfo = new (heap_) ComTdbVirtTablePrivInfo();
+  privInfo->privmgr_desc_list = new (STMTHEAP) PrivMgrDescList(STMTHEAP);
+
+  // Summarize privileges for object
   PrivMgrCommands command(std::string(MDLoc.data()),
   std::string(privMgrMDLoc.data()),
   CmpCommon::diags());
-  if (command.getPrivileges(objUID, objType, privDescs) != STATUS_GOOD)
+  if (command.getPrivileges(objUID, objType,
+*privInfo->privmgr_desc_list) != STATUS_GOOD)
 {
   *CmpCommon::diags() << DgSqlCode(-CAT_UNABLE_TO_RETRIEVE_PRIVS);
   return NULL;
 }
 
-  ComTdbVirtTablePrivInfo *privInfo = new (STMTHEAP) ComTdbVirtTablePrivInfo();
-
-  // PrivMgrDesc operator= is a deep copy
-  privInfo->privmgr_desc_list = new (STMTHEAP) NAList(STMTHEAP);
-  for (size_t i = 0; i < privDescs.size(); i++)
-privInfo->privmgr_desc_list->insert(privDescs[i]);
-
   return privInfo;
 }
 

http://git-wip-us.apache.org/repos/asf/trafodion/blob/adf2b8f2/core/sql/sqlcomp/PrivMgr.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgr.cpp b/core/sql/sqlcomp/PrivMgr.cpp
index 0a5f265..2429b9d 100644
--- a/core/sql/sqlcomp/PrivMgr.cpp
+++ b/core/sql/sqlcomp/PrivMgr.cpp
@@ -36,6 +36,7 @@
 #include "PrivMgrComponentOperations.h"
 #include "PrivMgrComponentPrivileges.h"
 #include "PrivMgrPrivileges.h"
+#include "PrivMgrRoles.h"
 
 // Trafodion includes
 #include "ComDistribution.h"
@@ -154,6 +155,42 @@ PrivMgr::~PrivMgr()
   resetFlags();
 }
 
+// 
*
+// * Method: getGranteeIDsForRoleIDs  
+// *   
+// *Returns the grantees assigned to the passed in roles
+// *role list
+// *   
+// *  Parameters:
+// *   
+// *  list of roles to check
+// *   passed back the list (potentially empty) of users granted 
to 
+// *   the roleIDs
+// * 
+// * Returns: PrivStatus   
+// *  
+// * STATUS_GOOD: Role list returned
+// *   *: Unable to fetch granted roles, see diags. 
+// *   
+// 
*
+PrivStatus PrivMgr::getGranteeIDsForRoleIDs(
+  const std::vector  & roleIDs,
+  std::vector & granteeIDs,
+  bool includeSysGrantor)
+{
+  std::vector granteeIDsForRoleIDs;
+  PrivMgrRoles roles(" ",metadataLocation_,pDiags_);
+  if (roles.fetchGranteesForRoles(roleIDs, granteeIDsForRoleIDs, 
includeSysGrantor) == STATUS_ERROR)
+return STATUS_ERROR;
+  for (size_t i = 0; i < granteeIDsForRoleIDs.size(); i++)
+  {
+ int32_t authID = granteeIDsForRoleIDs[i];
+ if (std::find(granteeIDs.begin(), granteeIDs.end(), authID) == 
granteeIDs.end())
+   granteeIDs.insert( std::upper_bound( granteeIDs.begin(), 
granteeIDs.end(), authID ), authID);
+  }
+  return STATUS_GOOD;
+}
+
 // 
 // method:  authorizationEnabled
 //

http://git-wip-us.apache.org/repos/asf/trafodion/blob/adf2b8f2/core/sql/sqlcomp/PrivMgr.h
--
diff --git a/core/sql/sqlcomp/PrivMgr.h b/core/sql/sqlcomp/PrivMgr.h
index fd6b8bd..0cd52ce 100644
--- a/core/sql/sqlcomp/PrivMgr.h
+++ b/core/sql/sqlcomp/PrivMgr.h
@@ -168,6 +168,11 @@ class PrivMgr
 // ---
 // Accessors and destructors:
 // ---
+PrivStatus getGranteeIDsForRoleIDs(
+  const std::vector & roleIDs,
+  std::vector & userIDs,
+  bool includeSysGrantor = true);
+
 inline std::string getMetadataLocation (void) {return metadataLocation_;}
 inline const std::string & getMetadataLocation (void) const {return

[3/3] trafodion git commit: Merge [TRAFODION-3218] pr 1723 user still has privilege after user's role revoked

2018-10-24 Thread rmarton

Merge [TRAFODION-3218] pr 1723 user still has privilege after user's role 
revoked


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/8e38189d
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/8e38189d
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/8e38189d

Branch: refs/heads/master
Commit: 8e38189d43d6abe57f6a2c992ebaeaf79ce92408
Parents: 659f59a adf2b8f
Author: Roberta Marton 
Authored: Wed Oct 24 16:19:42 2018 +
Committer: Roberta Marton 
Committed: Wed Oct 24 16:19:42 2018 +

--
 core/sql/cli/Cli.cpp|   7 +-
 core/sql/cli/Cli.h  |   7 +-
 core/sql/cli/CliExtern.cpp  |  10 +-
 core/sql/cli/Context.cpp|  63 --
 core/sql/cli/Context.h  |   8 +-
 core/sql/cli/SQLCLIdev.h|   5 +-
 core/sql/comexe/ComTdb.h|   2 +-
 core/sql/common/ComDistribution.cpp |   4 +
 core/sql/common/ComSecurityKey.cpp  | 125 +++
 core/sql/common/ComSecurityKey.h|  16 +-
 core/sql/common/ComSmallDefs.h  |   9 +
 core/sql/common/ComUser.cpp |  62 -
 core/sql/common/ComUser.h   |   5 +-
 core/sql/executor/ExExeUtilGet.cpp  |   7 +-
 core/sql/generator/Generator.cpp|  15 +-
 core/sql/optimizer/BindRelExpr.cpp  | 144 
 core/sql/optimizer/NARoutine.cpp|  96 
 core/sql/optimizer/NARoutine.h  |  11 +-
 core/sql/optimizer/NATable.cpp  | 104 ++---
 core/sql/optimizer/NATable.h|  21 +-
 core/sql/optimizer/RelMisc.h|   3 +-
 core/sql/regress/privs1/EXPECTED120 |  15 +-
 core/sql/regress/privs1/TEST120 |   2 +-
 core/sql/regress/privs2/EXPECTED129 | 218 +-
 core/sql/regress/privs2/TEST129 |  32 ++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp  |  40 +++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|   3 +-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  15 +-
 core/sql/sqlcomp/PrivMgr.cpp|  37 +++
 core/sql/sqlcomp/PrivMgr.h  |   5 +
 core/sql/sqlcomp/PrivMgrCommands.cpp| 124 +-
 core/sql/sqlcomp/PrivMgrCommands.h  |  15 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |  12 +-
 core/sql/sqlcomp/PrivMgrDesc.cpp|   1 +
 core/sql/sqlcomp/PrivMgrDesc.h  |  30 +++
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  | 224 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.h|  21 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  92 
 core/sql/sqlcomp/PrivMgrRoles.h |  18 +-
 core/sql/sqlcomp/PrivMgrUserPrivs.cpp   | 174 --
 core/sql/sqlcomp/PrivMgrUserPrivs.h |  15 +-
 41 files changed, 1128 insertions(+), 689 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/8e38189d/core/sql/cli/Cli.cpp
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/8e38189d/core/sql/optimizer/RelMisc.h
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/8e38189d/core/sql/sqlcomp/PrivMgr.cpp
--

[2/2] trafodion git commit: Merge TRAFODION-3194 pr 1720 fix update

2018-09-29 Thread rmarton

Merge TRAFODION-3194 pr 1720 fix update


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/9536c5e3
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/9536c5e3
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/9536c5e3

Branch: refs/heads/master
Commit: 9536c5e38d78e633dcedda6fccd8c91fceada188
Parents: 8b19ee7 66b854f
Author: Roberta Marton 
Authored: Sat Sep 29 18:54:56 2018 +
Committer: Roberta Marton 
Committed: Sat Sep 29 18:54:56 2018 +

--
 core/sql/regress/privs2/EXPECTED135|  4 +++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp | 29 +
 core/sql/sqlcomp/PrivMgrPrivileges.h   |  1 -
 3 files changed, 20 insertions(+), 14 deletions(-)
--

[1/2] trafodion git commit: TRAFODION-3194 update

2018-09-29 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 8b19ee7b6 -> 9536c5e38


TRAFODION-3194 update

Fixed issue where revoke all on object did not actually revoke the privilege.
Also fixed an issue where setting up default privileges did not set the
correct default bits for object type.


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/66b854f7
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/66b854f7
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/66b854f7

Branch: refs/heads/master
Commit: 66b854f765d06a1ee49bce75450021daf22198ea
Parents: 8b19ee7
Author: Roberta Marton 
Authored: Fri Sep 28 19:05:29 2018 +
Committer: Roberta Marton 
Committed: Fri Sep 28 19:05:29 2018 +

--
 core/sql/regress/privs2/EXPECTED135|  4 +++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp | 29 +
 core/sql/sqlcomp/PrivMgrPrivileges.h   |  1 -
 3 files changed, 20 insertions(+), 14 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/66b854f7/core/sql/regress/privs2/EXPECTED135
--
diff --git a/core/sql/regress/privs2/EXPECTED135 
b/core/sql/regress/privs2/EXPECTED135
index 055e89a..744b645 100644
--- a/core/sql/regress/privs2/EXPECTED135
+++ b/core/sql/regress/privs2/EXPECTED135
@@ -568,7 +568,9 @@ End of MXCI Session
 --- SQL operation failed with errors.
 >>revoke all on t135_t1 from sql_user3;
 
 SQL operation complete.
+*** ERROR[1025] Request failed.  Dependent object 
TRAFODION.T135SCH_USER3.T135_V1_USER3 exists.
+
+--- SQL operation failed with errors.
 >>
 >>sh sqlci -i "TEST135(user3_drops)" -u sql_user3;
 >>drop table t135_t3 cascade;

http://git-wip-us.apache.org/repos/asf/trafodion/blob/66b854f7/core/sql/sqlcomp/PrivMgrPrivileges.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrPrivileges.cpp 
b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
index 451b32a..fe2c8d1 100644
--- a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
@@ -1741,7 +1741,6 @@ PrivStatus PrivMgrPrivileges::initGrantRevoke(
   // Generate the list of privilege descriptors that were requested 
   PrivStatus retcode = convertPrivsToDesc(objectType,
isAllSpecified,
-   isGrant,
(isGrant) ? isGOSpecified : true, // WGO
(isGrant) ? false : isGOSpecified, // GOF
privList,
@@ -4973,7 +4972,6 @@ bool PrivMgrPrivileges::isAuthIDGrantedPrivs(
 PrivStatus PrivMgrPrivileges::convertPrivsToDesc( 
   const ComObjectType objectType,
   const bool isAllSpecified,
-  const bool isGrant,
   const bool isWgoSpecified,
   const bool isGofSpecified,
   const std::vector privsList,
@@ -5014,7 +5012,14 @@ PrivStatus PrivMgrPrivileges::convertPrivsToDesc(
   // If all is specified, set bits appropriate for the object type and return
   if (isAllSpecified)
   {
-privsToProcess.setAllObjectPrivileges(objectType, isGrant, isWgoSpecified);
+// For grant:
+//WGO is set if WITH GRANT OPTION specified in syntax
+//GOF is false, so always turn on the priv bits
+// For revoke:
+//WGO is always true, so always remove the WGO bits
+//GOF is set if GRANT OPTION FOR specified in syntax, so don't set 
privs
+//   bit if only removing the grant option (JIRA 3194)
+privsToProcess.setAllObjectPrivileges(objectType, !isGofSpecified, 
isWgoSpecified);
 return STATUS_GOOD;
   }
 
@@ -6249,18 +6254,18 @@ PrivStatus ObjectPrivsMDTable::insertSelect(
   }
 
   // Create bitmaps for all supported object types;
-  PrivMgrCoreDesc privCoreDesc;
-  privCoreDesc.setAllTableGrantPrivileges(true, true);
-  int64_t tableBits = privCoreDesc.getPrivBitmap().to_ulong();
+  PrivMgrDesc privDesc;
+  privDesc.setAllTableGrantPrivileges(true, true);
+  int64_t tableBits = privDesc.getTablePrivs().getPrivBitmap().to_ulong();
  
-  privCoreDesc.setAllLibraryGrantPrivileges(true, true);
-  int64_t libraryBits = privCoreDesc.getPrivBitmap().to_ulong();
+  privDesc.setAllLibraryGrantPrivileges(true, true);
+  int64_t libraryBits = privDesc.getTablePrivs().getPrivBitmap().to_ulong();
 
-  privCoreDesc.setAllUdrGrantPrivileges(true, true);
-  int64_t udrBits = privCoreDesc.getPrivBitmap().to_ulong();
+  privDesc.setAllUdrGrantPrivileges(true, true);
+  int64_t udrBits = privDesc.getTablePrivs().getPrivBitmap().to_ulong();
 
-  privCoreDesc.setAllSequenceGrantPrivileges(true, true);
-  int64_t sequenceBits = privCoreDesc.getPrivBitmap().to_ulong();
+  privDesc.setAllSequenceGrantPrivileges(true, true);
+  int64_t sequenceBits =

[4/4] trafodion git commit: Merge [TRAFODION-3194] [TRAFODION-3195] pr 1717 privilege fixes

2018-09-26 Thread rmarton

Merge [TRAFODION-3194] [TRAFODION-3195] pr 1717 privilege fixes


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/1fd06515
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/1fd06515
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/1fd06515

Branch: refs/heads/master
Commit: 1fd06515194937a12c1a22ff17adc930dce92089
Parents: fb269de afff993
Author: Roberta Marton 
Authored: Wed Sep 26 18:19:57 2018 +
Committer: Roberta Marton 
Committed: Wed Sep 26 18:19:57 2018 +

--
 core/sql/bin/SqlciErrors.txt   |2 +-
 core/sql/executor/ExExeUtilGet.cpp | 1026 ++-
 core/sql/regress/privs1/EXPECTED123|  815 ++---
 core/sql/regress/privs1/EXPECTED125|  251 ++-
 core/sql/regress/privs1/EXPECTED141|  143 +++-
 core/sql/regress/privs1/TEST123|   24 +-
 core/sql/regress/privs1/TEST125|9 +-
 core/sql/regress/privs1/TEST141|   22 +-
 core/sql/regress/privs2/EXPECTED135|4 +-
 core/sql/regress/privs2/EXPECTED144|  858 +-
 core/sql/regress/privs2/EXPECTED146|   16 +-
 core/sql/regress/privs2/LOG144 |  Bin 17980 -> 140175 bytes
 core/sql/regress/privs2/TEST144|  120 +++-
 core/sql/sqlcomp/PrivMgrCommands.cpp   |2 +-
 core/sql/sqlcomp/PrivMgrDesc.cpp   |  122 +---
 core/sql/sqlcomp/PrivMgrDesc.h |   97 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp |   39 +-
 core/sql/sqlcomp/PrivMgrPrivileges.h   |1 +
 18 files changed, 2515 insertions(+), 1036 deletions(-)
--

[3/4] trafodion git commit: Fixes for TRAFODION-3194 && TRAFODION-3195

2018-09-26 Thread rmarton

Fixes for TRAFODION-3194 && TRAFODION-3195

TRAFODION-3194 Revoke grant option on objects revokes more that grant option
  changed Privilege Manager to set bitmaps correctly
  removed unused methods from PrivMgrDesc

TRAFODION-3195: Fixes for get commands:

get schemas for user :
  returns schemas owned by the specified user
  if current user does not have elevated privilege,
   returns error if current user does not match .

get schemas for role :
  returns schemas owned by the role,
  if current user does not have elevated privilege,
returns error if current user has not been granted 

get [tables | views | indexes | libraries ] for user :
get [functions | table_mapping_functions | procedures] for user :
get [privileges | roles] for user :
  returns objects where  has at least one privilege
  if current user does not have eleveted privilege
returns error if current user does not match .

get [tables | views | indexes | libraries ] for role :
get [functions | table_mapping_functions | procedures] for role :
get [privileges | users] for :
  returns objects where  has at least one privilege
  if current user does not have eleveted privilege
returns error if current user has not been granted 


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/afff9935
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/afff9935
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/afff9935

Branch: refs/heads/master
Commit: afff9935ecd40b0beef8156c773110b40025721f
Parents: 1bc3d1a
Author: Roberta Marton 
Authored: Fri Sep 21 22:29:01 2018 +
Committer: Roberta Marton 
Committed: Fri Sep 21 22:29:01 2018 +

--
 core/sql/bin/SqlciErrors.txt   |2 +-
 core/sql/executor/ExExeUtilGet.cpp | 1026 ++-
 core/sql/regress/privs1/EXPECTED123|  815 ++---
 core/sql/regress/privs1/EXPECTED125|  251 ++-
 core/sql/regress/privs1/EXPECTED141|  143 +++-
 core/sql/regress/privs1/TEST123|   24 +-
 core/sql/regress/privs1/TEST125|9 +-
 core/sql/regress/privs1/TEST141|   22 +-
 core/sql/regress/privs2/EXPECTED135|4 +-
 core/sql/regress/privs2/EXPECTED144|  858 +-
 core/sql/regress/privs2/EXPECTED146|   16 +-
 core/sql/regress/privs2/LOG144 |  Bin 17980 -> 140175 bytes
 core/sql/regress/privs2/TEST144|  120 +++-
 core/sql/sqlcomp/PrivMgrCommands.cpp   |2 +-
 core/sql/sqlcomp/PrivMgrDesc.cpp   |  122 +---
 core/sql/sqlcomp/PrivMgrDesc.h |   97 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp |   39 +-
 core/sql/sqlcomp/PrivMgrPrivileges.h   |1 +
 18 files changed, 2515 insertions(+), 1036 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/afff9935/core/sql/bin/SqlciErrors.txt
--
diff --git a/core/sql/bin/SqlciErrors.txt b/core/sql/bin/SqlciErrors.txt
index 7032bf7..0de8a4e 100644
--- a/core/sql/bin/SqlciErrors.txt
+++ b/core/sql/bin/SqlciErrors.txt
@@ -334,7 +334,7 @@
 1336 Z 9 ADVANCED MAJOR DBADMIN INITIALIZE SQL must specify a 
$0~String0 statement for the $1~String1.  INITIALIZE SQL fails.
 1337 Z 9 BEGINNER MINOR DBADMIN $0~String0 is a reserved authorization 
identifier.
 1338 Z 9 ADVANCED MAJOR DBADMIN Role $0~string0 is not defined in the 
database.
-1339 Z 9 BEGINNER MINOR DBADMIN $0~string0 is not a grantable role.
+1339 Z 9 BEGINNER MINOR DBADMIN $0~string0 is not a role.
 1340 Z 9 BEGINNER MINOR DBADMIN $0~string0 is not a user.
 1341 Z 9 BEGINNER MINOR DBADMIN --- unused ---
 1342 Z 9 BEGINNER MINOR DBADMIN --- unused ---

http://git-wip-us.apache.org/repos/asf/trafodion/blob/afff9935/core/sql/executor/ExExeUtilGet.cpp
--
diff --git a/core/sql/executor/ExExeUtilGet.cpp 
b/core/sql/executor/ExExeUtilGet.cpp
index b9d4c68..590b068 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -177,7 +177,7 @@ static const QueryString getRolesForUserQuery[] =
   {" select translate(rtrim(RU.role_name) using ucs2toutf8) "},
   {"   from %s.\"%s\".%s RU "},
   {" where (RU.grantor_ID != -2) and "},
-  {"   (RU.grantee_name='%s') %s "},
+  {"   (RU.grantee_name='%s') "},
   {" union select * from (values ('PUBLIC')) "},
   {" order by 1 "},
   {" ; "}
@@ -348,7 +348,7 @@ static const QueryString getTrafIndexesOnTableQuery[] =
   {" ; "}
 };
 
-static const QueryString getTrafIndexesForUser[] =
+static const QueryString getTrafIndexesForAuth[] =
 {
   {" select trim(T2.catalog_name) || '.\"' || trim(T2.schema_name) || '\".' || 
trim(T2.object_name) "},
   {" from %s.\"%s\".%s I, "},

[2/4] trafodion git commit: Fixes for TRAFODION-3194 && TRAFODION-3195

2018-09-26 Thread rmarton

http://git-wip-us.apache.org/repos/asf/trafodion/blob/afff9935/core/sql/regress/privs1/EXPECTED123
--
diff --git a/core/sql/regress/privs1/EXPECTED123 
b/core/sql/regress/privs1/EXPECTED123
index dd8211b..ffc42d4 100644
--- a/core/sql/regress/privs1/EXPECTED123
+++ b/core/sql/regress/privs1/EXPECTED123
@@ -324,6 +324,9 @@ SQL_USER5
  1 row(s) returned
 
 --- SQL operation complete.
+>>get users for role "PUBLIC";
+
+--- SQL operation complete.
 >>
 >>get privileges for user sql_user1;
 
@@ -565,6 +568,34 @@ TRAFODION."T123SCH".TEAMS
  6 row(s) returned
 
 --- SQL operation complete.
+>>get tables for role t123_adminrole;
+
+Tables for Role T123_ADMINROLE
+==
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".TEAMS
+
+===
+ 2 row(s) returned
+
+--- SQL operation complete.
+>>get tables for role t123_ownerrole;
+
+Tables for Role T123_OWNERROLE
+==
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".SB_HISTOGRAMS
+TRAFODION."T123SCH".SB_HISTOGRAM_INTERVALS
+TRAFODION."T123SCH".SB_PERSISTENT_SAMPLES
+TRAFODION."T123SCH".TEAMS
+
+===
+ 6 row(s) returned
+
+--- SQL operation complete.
 >>
 >>get indexes for user sql_user1;
 
@@ -613,6 +644,28 @@ TRAFODION."T123SCH".GAMES_VISITOR
  1 row(s) returned
 
 --- SQL operation complete.
+>>get indexes for role t123_adminrole;
+
+Indexes for Role T123_ADMINROLE
+===
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+===
+ 1 row(s) returned
+
+--- SQL operation complete.
+>>get indexes for role t123_ownerrole;
+
+Indexes for Role T123_OWNERROLE
+===
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+===
+ 1 row(s) returned
+
+--- SQL operation complete.
 >>
 >>get views for user sql_user1;
 
@@ -639,65 +692,20 @@ TRAFODION."T123SCH".PLAYERS_ON_TEAM
  3 row(s) returned
 
 --- SQL operation complete.
->>
->>get libraries for user sql_user1;
-
-Libraries for User SQL_USER1
-
-
-DB__LIBMGRNAME
-DB__LIBMGR_LIB_CPP
-
-===
- 2 row(s) returned
-
 SQL operation complete.
->>get libraries for user sql_user2;
-
-Libraries for User SQL_USER2
-
-
-DB__LIBMGRNAME
-DB__LIBMGR_LIB_CPP
-
-===
- 2 row(s) returned
-
 SQL operation complete.
->>get libraries for user sql_user3;
-
-Libraries for User SQL_USER3
-
-
-DB__LIBMGRNAME
-DB__LIBMGR_LIB_CPP
-
-===
- 2 row(s) returned
-
 SQL operation complete.
->>get libraries for user sql_user4;
-
-Libraries for User SQL_USER4
-
-
-DB__LIBMGRNAME
-DB__LIBMGR_LIB_CPP
-
-===
- 2 row(s) returned
+>>get views for role t123_adminrole;
 
 --- SQL operation complete.
->>get libraries for user sql_user5;
+>>get views for role t123_ownerrole;
 
-Libraries for User SQL_USER5
-
+Views for Role T123_OWNERROLE
+=
 
-DB__LIBMGRNAME
-DB__LIBMGR_LIB_CPP
+TRAFODION."T123SCH".GAMES_BY_PLAYER
+TRAFODION."T123SCH".HOME_TEAMS_GAMES
+TRAFODION."T123SCH".PLAYERS_ON_TEAM
 
 ===
- 2 row(s) returned
+ 3 row(s) returned
 
 --- SQL operation complete.
 >>
@@ -754,48 +762,24 @@ T123_PLANNERROLE
 --- SQL operation complete.
 >>get roles for user sql_user2;
 
-Roles for User SQL_USER2
-
-
-PUBLIC
-
-===
- 1 row(s) returned
+*** ERROR[1017] You are not authorized to perform this operation.
 
 SQL operation complete.
+--- SQL operation failed with errors.
 >>get roles for user sql_user3;
 
-Roles for User SQL_USER3
-
-
-PUBLIC
-
-===
- 1 row(s) returned
+*** ERROR[1017] You are not authorized to perform this operation.
 
 SQL operation complete.
+--- SQL operation failed with errors.
 >>get roles for user sql_user4;
 
-Roles for User SQL_USER4
-
-
-PUBLIC
-
-===
- 1 row(s) returned
+*** ERROR[1017] You are not authorized to perform this operation.
 
 SQL operation complete.
+--- SQL operation failed with errors.
 >>get roles for user sql_user5;
 
-Roles for User SQL_USER5
-
-
-PUBLIC
-
-===
- 1 row(s) returned
+*** ERROR[1017] You are not authorized to perform this operation.
 
 SQL operation complete.
+--- SQL operation failed with errors.
 >>
 >>get users for role t123_adminrole;
 
@@ -821,9 +805,16 @@ SQL_USER1
 --- SQL operation complete.
 >>get users for role t123_dummyrole;
 
 SQL operation complete.
+*** ERROR[1017] You are not authorized to perform this operation.
+
+--- SQL operation failed with errors.
 >>get users for role t123_ownerrole;
 
+*** ERROR[1017] You are not authorized to perform this operation.
+
+--- SQL operation failed with

[1/4] trafodion git commit: Fixes for TRAFODION-3194 && TRAFODION-3195

2018-09-26 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master fb269de14 -> 1fd065151


http://git-wip-us.apache.org/repos/asf/trafodion/blob/afff9935/core/sql/regress/privs2/EXPECTED144
--
diff --git a/core/sql/regress/privs2/EXPECTED144 
b/core/sql/regress/privs2/EXPECTED144
index f3127e0..2c225b4 100644
--- a/core/sql/regress/privs2/EXPECTED144
+++ b/core/sql/regress/privs2/EXPECTED144
@@ -130,6 +130,13 @@ CREATE TABLE TRAFODION.T144USER1.CUSTOMERS
 
 --- SQL operation complete.
 >>
+>>grant update, usage on library t144_l1 to sql_user2;
+
+--- SQL operation complete.
+>>grant usage on library t144_l2 to t144role1;
+
+--- SQL operation complete.
+>>
 >>revoke component privilege "SHOW" on sql_operations from "PUBLIC";
 
 --- SQL operation complete.
@@ -146,16 +153,13 @@ CREATE_SCHEMA
 --- SQL operation complete.
 >>
 >>obey TEST144(set_up);
->>set schema "_PRIVMGR_MD_";
-
 SQL operation complete.
 >>prepare get_privs from
 +>select distinct
 +>   trim(substring (o.object_name,1,15)) as object_name,
 +>   grantor_id, grantee_id,
 +>   t144user1.t144_translatePrivsBitmap(privileges_bitmap) as granted_privs,
 +>   t144user1.t144_translatePrivsBitmap(grantable_bitmap) as grantable_privs
-+>from object_privileges p, "_MD_".objects o 
++>from "_PRIVMGR_MD_".object_privileges p, "_MD_".objects o 
 +>where p.object_uid in 
 +>  (select object_uid
 +>   from "_MD_".objects
@@ -185,12 +189,14 @@ GEN_PHONE
 GEN_RANDOM 
 -2 4  --E   --E 
 GEN_TIME   
 -2 4  --E   --E 
 T144_L1
 -2 4  ---UG--   ---UG-- 
+T144_L1  
4 5  ---UG--   NONE
 T144_L2
 -2 4  ---UG--   ---UG-- 
+T144_L2  
4   102  G--   NONE
 T144_TRANSLATEP
 -2 4  --E   --E 
 T144_TRANSLATEP  
4-1  --E   NONE
 _TRAFODION_T144
 -2 4  G--   G-- 
 
 10 row(s) selected.
+--- 12 row(s) selected.
 >>get privileges on function gen_phone;
 
 Privileges on Routine T144USER1.GEN_PHONE
@@ -276,7 +282,67 @@ Privileges on Routine _LIBMGR_.EVENT_LOG_READER
  1 row(s) returned
 
 --- SQL operation complete.
->>sh sqlci -i "TEST144(cmds)" -u sql_user1;
+>>
+>>get functions for user sql_user1;
+
+Functions for User SQL_USER1
+
+
+TRAFODION."T144USER1".GEN_PHONE
+TRAFODION."T144USER1".GEN_RANDOM
+TRAFODION."T144USER1".GEN_TIME
+TRAFODION."T144USER1".T144_TRANSLATEPRIVSBITMAP
+
+===
+ 4 row(s) returned
+
+--- SQL operation complete.
+>>get table_mapping functions for user sql_user1;
+
+Table mapping functions for User SQL_USER1
+==
+
+TRAFODION."_LIBMGR_".EVENT_LOG_READER
+TRAFODION."_LIBMGR_".JDBC
+
+===
+ 2 row(s) returned
+
+--- SQL operation complete.
+>>get procedures for user sql_user1;
+
+--- SQL operation complete.
+>>
+>>get libraries for user sql_user2;
+
+Libraries for User SQL_USER2
+
+
+TRAFODION."T144USER1".T144_L1
+
+===
+ 1 row(s) returned
+
+--- SQL operation complete.
+>>get libraries for user sql_user3;
+
+--- SQL operation complete.
+>>get libraries for user sql_user4;
+
+--- SQL operation complete.
+>>get libraries for role t144role1;
+
+Libraries for Role T144ROLE1
+
+
+TRAFODION."T144USER1".T144_L2
+
+===
+ 1 row(s) returned
+
+--- SQL operation complete.
+>>
+>>sh sqlci -i "TEST144(cmds_user1)" -u sql_user1;
 >>values (user);
 
 (EXPR)
@@ -288,6 +354,44 @@ SQL_USER1
 >>set schema t144user1;
 
 --- SQL operation complete.
+>>get functions for user sql_user1;
+
+Functions for User SQL_USER1
+
+
+TRAFODION."T144USER1".GEN_PHONE
+TRAFODION."T144USER1".GEN_RANDOM
+TRAFODION."T144USER1".GEN_TIME
+TRAFODION."T144USER1".T144_TRANSLATEPRIVSBITMAP
+
+===
+ 4 row(s) returned
+
+--- SQL operation complete.
+>>get table_mapping functions for user sql_user1;
+
+Table mapping functions for User SQL_USER1

[1/4] trafodion git commit: Only expose supported component operations

2018-08-28 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 1650c784e -> 8697d9262


http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp 
b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
index bcbfa6b..280710a 100644
--- a/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
+++ b/core/sql/sqlcomp/PrivMgrComponentOperations.cpp
@@ -58,6 +58,7 @@ namespace ComponentOperations
 class MyRow : public PrivMgrMDRow
 {
 public:
+
 // ---
 // Constructors and destructors:
 // ---
@@ -71,7 +72,7 @@ public:
   componentUID_ = other.componentUID_;  
   operationCode_ = other.operationCode_;
   operationName_ = other.operationName_;
-  isSystem_ = other.isSystem_;
+  operationType_ = other.operationType_;
   operationDescription_ = other.operationDescription_;
};
virtual ~MyRow() {};
@@ -82,14 +83,14 @@ public:
   const int64_t componentUID,
   const std::string & operationCode,
   std::string & operationName,
-  bool & isSystem,
+  PrivMgrComponentOperations::OperationType & operationType,
   std::string & operationDescription); 

bool lookupByName(
   const int64_t componentUID,
   const std::string & operationName,
   std::string & operationCode,
-  bool & isSystem,
+  PrivMgrComponentOperations::OperationType & operationType,
   std::string & operationDescription);
 
 // ---
@@ -100,7 +101,7 @@ public:
 int64_tcomponentUID_;
 std::stringoperationCode_;
 std::stringoperationName_;
-boolisSystem_;
+PrivMgrComponentOperations::OperationType  operationType_;
 std::stringoperationDescription_;
 
 private: 
@@ -155,6 +156,10 @@ public:
   const std::string & whereClause,  
   std::vector );
 
+   PrivStatus update(
+  const std::string ,
+  const std::string );
+
 private:   
MyTable();
void setRow(OutputInfo *pCliRow, MyRow );
@@ -284,7 +289,7 @@ PrivStatus privStatus = 
myTable.fetchByCode(componentUID,operationCode,row);
 // *is a 2 character code associated with the operation unique to the  
*
 // *component. 
*
 // *   
*
-// *   boolIn   
*
+// *boolIn   
*
 // *is true if the operation is a system operation.
*
 // *   
*
 // *const std::string & In   
*
@@ -305,14 +310,12 @@ PrivStatus PrivMgrComponentOperations::createOperation(
const std::string & componentName,
const std::string & operationName,
const std::string & operationCode,
-   bool isSystemOperation,
+   bool isSystem,
const std::string & operationDescription,
const bool existsErrorOK) 
   
 {
 
-//TODO: Related, could check for setting isSystem, could be separate
-// privilege, or restricted to DB__ROOT.
 PrivMgrComponentPrivileges componentPrivileges(metadataLocation_, pDiags_);
 
if (!ComUser::isRootUserID()&&
@@ -379,7 +382,7 @@ std::string tempStr;
 
 // An operation can only be a system operation if its component is a 
 // system component.   
-   if (isSystemOperation && !isSystemComponent)
+   if (isSystem && !isSystemComponent)
{
   *pDiags_ << DgSqlCode(-CAT_COMPONENT_NOT_SYSTEM);
   return STATUS_ERROR;
@@ -391,7 +394,7 @@ MyRow row(fullTableName_);
row.componentUID_ = componentUID;
row.operationCode_ = operationCode;
row.operationName_ = operationName;
-   row.isSystem_ = isSystemOperation;
+   row.operationType_ = (isSystem ? OP_TYPE_SYSTEM : OP_TYPE_USER);
row.operationDescription_ = operationDescription;

 MyTable  = static_cast(myTable_);
@@ -434,8 +437,8 @@ PrivMgrComponentPrivileges 
componentPrivilege(metadataLocation_,pDiags_);
 // *is a 2 character code associated with the operation unique to the  
*
 // *component. 
*
 // *   
*
-// *   const bool  In   
*
-// *is true if the operation is a system operation.
*
+// * const bool  In   
*
+// *type of component, user, system, or unused.
*
 // *

[2/4] trafodion git commit: Only expose supported component operations

2018-08-28 Thread rmarton

Only expose supported component operations

There is a set of component operations and many are about features that we do
not support such as CREATE_TRIGGER.  This checkin no longer returns these
privileges through
   get privileges on component sql_operations
   showddl component sql_operations

The is_system metadata column in the component_operations table now supports
three values:

   Y - it is a system operation
   N - it is a user operation
   U - it is an unsupported (unused) operation (new)

An "initialize authorization" or fresh installation is required to make these
changes available.
  Installating this code version calls initialize authorization
  Running regrinit.sql also calls initialize authorization

Some performance enhancements were made to make "initialize authorization" run
faster.


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/88ed0582
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/88ed0582
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/88ed0582

Branch: refs/heads/master
Commit: 88ed0582c7e09c51acc924735031806210968675
Parents: c8ffae3
Author: Roberta Marton 
Authored: Fri Aug 24 22:29:06 2018 +
Committer: Roberta Marton 
Committed: Fri Aug 24 22:29:06 2018 +

--
 core/sql/executor/ExExeUtilGet.cpp  |  29 +-
 core/sql/regress/privs1/EXPECTED132 |  26 +-
 core/sql/regress/privs1/EXPECTED137 | 468 ---
 core/sql/regress/privs1/TEST132 |   6 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   1 +
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|   1 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|  49 +-
 core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp   |   2 +-
 core/sql/sqlcomp/PrivMgr.cpp|  58 +++
 core/sql/sqlcomp/PrivMgr.h  |   5 +-
 core/sql/sqlcomp/PrivMgrComponentDefs.h | 182 +++-
 core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 277 ---
 core/sql/sqlcomp/PrivMgrComponentOperations.h   |  38 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 181 +++
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |  12 +-
 core/sql/sqlcomp/PrivMgrDefs.h  |  88 +---
 core/sql/sqlcomp/PrivMgrMD.cpp  | 256 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  19 +-
 18 files changed, 786 insertions(+), 912 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/88ed0582/core/sql/executor/ExExeUtilGet.cpp
--
diff --git a/core/sql/executor/ExExeUtilGet.cpp 
b/core/sql/executor/ExExeUtilGet.cpp
index b54674e..b9d4c68 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -298,6 +298,7 @@ static const QueryString getComponentPrivileges[] =
   {" where (c.component_uid=o.component_uid) "},
   {"   and (o.component_uid=p.component_uid) "},
   {"   and (o.operation_code=p.operation_code) "},
+  {"   and (o.is_system <> 'U') "},
   {"   and (c.component_name='%s') %s "},
   {" order by 1 "},
   {" ; "}
@@ -1716,34 +1717,6 @@ NABoolean ExExeUtilGetMetadataInfoTcb::checkUserPrivs(
   break;
 }
 
-   // if user has DML_SELECT, can perform object operations
-   case ComTdbExeUtilGetMetadataInfo::CATALOGS_:
-   case ComTdbExeUtilGetMetadataInfo::SCHEMAS_IN_CATALOG_:
-   case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_CATALOG_:
-   case ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_CATALOG_:
-   case ComTdbExeUtilGetMetadataInfo::TABLES_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::INDEXES_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::LIBRARIES_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::PROCEDURES_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::SEQUENCES_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::FUNCTIONS_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::TABLE_FUNCTIONS_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_SCHEMA_:
-   case ComTdbExeUtilGetMetadataInfo::INDEXES_ON_TABLE_:
-   case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_TABLE_:
-   case ComTdbExeUtilGetMetadataInfo::VIEWS_ON_VIEW_:
-   case ComTdbExeUtilGetMetadataInfo::OBJECTS_ON_TABLE_:
-   case ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_TABLE_:
-   case ComTdbExeUtilGetMetadataInfo::PARTITIONS_FOR_INDEX_:
-   case ComTdbExeUtilGetMetadataInfo::TABLES_IN_VIEW_:
-   case ComTdbExeUtilGetMetadataInfo::VIEWS_IN_VIEW_:
-   case ComTdbExeUtilGetMetadataInfo::OBJECTS_IN_VIEW_:
-{
-  if 
(componentPrivileges.hasSQLPriv(ComUser::getCurrentUser(),SQLOperation::DML_SELECT,true))
-return FALSE;
-  break;
-}
default:
  break;
   }

[4/4] trafodion git commit: merge pr 1703 Only expose supported component operations

2018-08-28 Thread rmarton

merge pr 1703 Only expose supported component operations


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/8697d926
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/8697d926
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/8697d926

Branch: refs/heads/master
Commit: 8697d926249c621160fb5cea45dc8bf6208f4df9
Parents: 1650c78 dfddd00
Author: Roberta Marton 
Authored: Tue Aug 28 16:50:06 2018 +
Committer: Roberta Marton 
Committed: Tue Aug 28 16:50:06 2018 +

--
 core/sql/executor/ExExeUtilGet.cpp  |  29 +-
 core/sql/regress/compGeneral/EXPECTED042|  48 +-
 core/sql/regress/privs1/EXPECTED132 |  26 +-
 core/sql/regress/privs1/EXPECTED137 | 468 ---
 core/sql/regress/privs1/TEST132 |   6 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   1 +
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|   1 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|  49 +-
 core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp   |   2 +-
 core/sql/sqlcomp/PrivMgr.cpp|  58 +++
 core/sql/sqlcomp/PrivMgr.h  |   5 +-
 core/sql/sqlcomp/PrivMgrComponentDefs.h | 182 +++-
 core/sql/sqlcomp/PrivMgrComponentOperations.cpp | 277 ---
 core/sql/sqlcomp/PrivMgrComponentOperations.h   |  38 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 181 +++
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |  12 +-
 core/sql/sqlcomp/PrivMgrDefs.h  |  88 +---
 core/sql/sqlcomp/PrivMgrMD.cpp  | 256 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  19 +-
 19 files changed, 810 insertions(+), 936 deletions(-)
--

[2/4] trafodion git commit: Fix for TRAFODION-3112

2018-08-03 Thread rmarton

Fix for TRAFODION-3112

Internal error: get ... for user/role
Heading incorrect for libraries
Parser error: get procedures/table_mapping functions/functions for user/role


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/3d013bc2
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/3d013bc2
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/3d013bc2

Branch: refs/heads/master
Commit: 3d013bc2adb46d139ee027a6c878e8ec2c4d5f5a
Parents: ce62bc5
Author: Roberta Marton 
Authored: Mon Jul 30 22:51:13 2018 +
Committer: Roberta Marton 
Committed: Mon Jul 30 22:51:13 2018 +

--
 core/sql/bin/SqlciErrors.txt  |2 +-
 core/sql/comexe/ComTdbExeUtil.h   |  110 +--
 core/sql/executor/ExExeUtilGet.cpp| 1024 ++--
 core/sql/generator/GenRelExeUtil.cpp  |   31 +-
 core/sql/parser/ParKeyWords.cpp   |2 +-
 core/sql/parser/sqlparser.y   |   51 +-
 core/sql/parser/ulexer.cpp|   18 +
 core/sql/regress/compGeneral/EXPECTEDTOK  |5 +-
 core/sql/regress/compGeneral/EXPECTEDTOK2 |5 +-
 core/sql/regress/privs1/EXPECTED125   |  325 +++-
 core/sql/regress/privs1/TEST125   |9 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h|1 +
 12 files changed, 863 insertions(+), 720 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/3d013bc2/core/sql/bin/SqlciErrors.txt
--
diff --git a/core/sql/bin/SqlciErrors.txt b/core/sql/bin/SqlciErrors.txt
index 3437cef..75abfab 100644
--- a/core/sql/bin/SqlciErrors.txt
+++ b/core/sql/bin/SqlciErrors.txt
@@ -85,7 +85,7 @@
 1083 Z 9 BEGINNER MAJOR DBADMIN Validation for constraint 
$0~ConstraintName failed; incompatible data exists in table.
 1084 Z 9 BEGINNER MINOR DBADMIN An invalid default value was specified 
for column $0~ColumnName.
 1085 Z 9 BEGINNER MAJOR DBADMIN --- unused ---
-1086 Z 9  U UUU --- unused ---
+1086 Z 9 BEGINNER MAJOR DBADMIN $0~string0 is not a $1~string1.
 1087 Z 9 BEGINNER MAJOR DBADMIN --- unused ---
 1088 Z 9 BEGINNER MINOR DBADMIN --- unused ---
 1089 Z 9 BEGINNER MINOR DBADMIN The system generated column SYSKEY 
must be specified last or not specified at all in the index column list.

http://git-wip-us.apache.org/repos/asf/trafodion/blob/3d013bc2/core/sql/comexe/ComTdbExeUtil.h
--
diff --git a/core/sql/comexe/ComTdbExeUtil.h b/core/sql/comexe/ComTdbExeUtil.h
index 39cd249..afb29fb 100644
--- a/core/sql/comexe/ComTdbExeUtil.h
+++ b/core/sql/comexe/ComTdbExeUtil.h
@@ -2381,90 +2381,106 @@ public:
 HIVE_EXT_TABLES_IN_CATALOG_,
 HBASE_REG_TABLES_IN_CATALOG_,
 
-TABLES_IN_SCHEMA_,
+FUNCTIONS_IN_SCHEMA_,
 INDEXES_IN_SCHEMA_,
-VIEWS_IN_SCHEMA_,
+INVALID_VIEWS_IN_SCHEMA_,
 LIBRARIES_IN_SCHEMA_,
-MVS_IN_SCHEMA_,
-MVGROUPS_IN_SCHEMA_,
-PRIVILEGES_ON_SCHEMA_,
+OBJECTS_IN_SCHEMA_,
 PROCEDURES_IN_SCHEMA_,
 SEQUENCES_IN_SCHEMA_,
-SYNONYMS_IN_SCHEMA_,
-FUNCTIONS_IN_SCHEMA_,
 TABLE_FUNCTIONS_IN_SCHEMA_,
-
-OBJECTS_IN_SCHEMA_,
-INVALID_VIEWS_IN_SCHEMA_,
+TABLES_IN_SCHEMA_,
+VIEWS_IN_SCHEMA_,
 
 INDEXES_ON_TABLE_,
-INDEXES_ON_MV_,
+OBJECTS_ON_TABLE_,
 VIEWS_ON_TABLE_,
 VIEWS_ON_VIEW_,
-MVS_ON_TABLE_,
-MVS_ON_VIEW_,
-MVS_ON_MV_,
-MVGROUPS_ON_TABLE_,
-PRIVILEGES_ON_TABLE_,
-PRIVILEGES_ON_MV_,
-PRIVILEGES_ON_VIEW_,
-PRIVILEGES_ON_SEQUENCE_,
-SYNONYMS_ON_TABLE_,
 
-OBJECTS_ON_TABLE_,
-PARTITIONS_FOR_TABLE_,
+FUNCTIONS_FOR_LIBRARY_,
 PARTITIONS_FOR_INDEX_,
+PARTITIONS_FOR_TABLE_,
+PROCEDURES_FOR_LIBRARY_,
+TABLE_FUNCTIONS_FOR_LIBRARY_,
 
+OBJECTS_IN_VIEW_,
 TABLES_IN_VIEW_,
 VIEWS_IN_VIEW_,
-OBJECTS_IN_VIEW_,
-TABLES_IN_MV_,
-MVS_IN_MV_,
-OBJECTS_IN_MV_,
 
 ROLES_,
-
 ROLES_FOR_ROLE_,
+ROLES_FOR_USER_,
+USERS_,
 USERS_FOR_ROLE_,
-PRIVILEGES_FOR_ROLE_,
 
-USERS_,
+FUNCTIONS_FOR_ROLE_,
+INDEXES_FOR_ROLE_,
+LIBRARIES_FOR_ROLE_,
+PRIVILEGES_FOR_ROLE_,
+PROCEDURES_FOR_ROLE_,
+SCHEMAS_FOR_ROLE_,
+TABLES_FOR_ROLE_,
+TABLE_FUNCTIONS_FOR_ROLE_,
+VIEWS_FOR_ROLE_,
 
+FUNCTIONS_FOR_USER_,
 INDEXES_FOR_USER_,
 LIBRARIES_FOR_USER_,
-MVGROUPS_FOR_USER_,
-MVS_FOR_USER_,
 PRIVILEGES_FOR_USER_,
 PROCEDURES_FOR_USER_,
-ROLES_FOR_USER_,
 SCHEMAS_FOR_USER_,
-SYNONYMS_FOR_USER_,
 TABLES_FOR_USER_,
-TRIGGERS_FOR_USER_,
+TABLE_FUNCTIONS_FOR_USER_,
 VIEWS_FOR_USER_, 
-
-PROCEDURES_FOR_LIBRARY_,
-FUNCTIONS_FOR_LIBRARY_,
-

[1/4] trafodion git commit: Fix for TRAFODION-3112

2018-08-03 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master f4a072170 -> 4ec0da84b


http://git-wip-us.apache.org/repos/asf/trafodion/blob/3d013bc2/core/sql/regress/privs1/EXPECTED125
--
diff --git a/core/sql/regress/privs1/EXPECTED125 
b/core/sql/regress/privs1/EXPECTED125
index 47a5921..49b5283 100644
--- a/core/sql/regress/privs1/EXPECTED125
+++ b/core/sql/regress/privs1/EXPECTED125
@@ -673,8 +673,8 @@ S--SQL_USER2
 --- SQL operation complete.
 >>get privileges on library t125_l1;
 
-Privileges on Sequence T125SCH1.T125_L1
-===
+Privileges on Library T125SCH1.T125_L1
+==
 
 ---UG--DB__ROOT
 G--T125_ROLE1
@@ -688,8 +688,8 @@ Privileges on Sequence T125SCH1.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user2;
 
-Privileges on Sequence T125SCH1.T125_L1
-===
+Privileges on Library T125SCH1.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -699,8 +699,8 @@ Privileges on Sequence T125SCH1.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user7;
 
-Privileges on Sequence T125SCH1.T125_L1
-===
+Privileges on Library T125SCH1.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -713,8 +713,8 @@ Privileges on Sequence T125SCH1.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for t125_role1;
 
-Privileges on Sequence T125SCH1.T125_L1
-===
+Privileges on Library T125SCH1.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -855,8 +855,8 @@ S--SQL_USER2
 --- SQL operation complete.
 >>get privileges on library t125_l1;
 
-Privileges on Sequence T125SCH2.T125_L1
-===
+Privileges on Library T125SCH2.T125_L1
+==
 
 ---UG--DB__ROOT
 G--T125_ROLE1
@@ -870,8 +870,8 @@ Privileges on Sequence T125SCH2.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user2;
 
-Privileges on Sequence T125SCH2.T125_L1
-===
+Privileges on Library T125SCH2.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -881,8 +881,8 @@ Privileges on Sequence T125SCH2.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user7;
 
-Privileges on Sequence T125SCH2.T125_L1
-===
+Privileges on Library T125SCH2.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -895,8 +895,8 @@ Privileges on Sequence T125SCH2.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for t125_role1;
 
-Privileges on Sequence T125SCH2.T125_L1
-===
+Privileges on Library T125SCH2.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -1078,8 +1078,8 @@ SR-T125_ADMINROLE
 --- SQL operation complete.
 >>get privileges on library t125_l1;
 
-Privileges on Sequence T125SCH3.T125_L1
-===
+Privileges on Library T125SCH3.T125_L1
+==
 
 ---UG--T125_ADMINROLE
 G--T125_ROLE1
@@ -1093,8 +1093,8 @@ Privileges on Sequence T125SCH3.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user2;
 
-Privileges on Sequence T125SCH3.T125_L1
-===
+Privileges on Library T125SCH3.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -1104,8 +1104,8 @@ Privileges on Sequence T125SCH3.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user7;
 
-Privileges on Sequence T125SCH3.T125_L1
-===
+Privileges on Library T125SCH3.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -1115,8 +1115,8 @@ Privileges on Sequence T125SCH3.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for sql_user8;
 
-Privileges on Sequence T125SCH3.T125_L1
-===
+Privileges on Library T125SCH3.T125_L1
+==
 
 ---UG--T125_ADMINROLE
 
@@ -1126,8 +1126,8 @@ Privileges on Sequence T125SCH3.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for t125_role1;
 
-Privileges on Sequence T125SCH3.T125_L1
-===
+Privileges on Library T125SCH3.T125_L1
+==
 
 G--T125_ROLE1
 
@@ -1137,8 +1137,8 @@ Privileges on Sequence T125SCH3.T125_L1
 --- SQL operation complete.
 >>get privileges on library t125_l1 for t125_adminrole;
 
-Privileges on Sequence T125SCH3.T125_L1
-===

[4/4] trafodion git commit: Merge [TRAFODION-3112] pr 1669 get command updates

2018-08-03 Thread rmarton

Merge [TRAFODION-3112] pr 1669 get command updates


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/4ec0da84
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/4ec0da84
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/4ec0da84

Branch: refs/heads/master
Commit: 4ec0da84bc9341622bfcbbf5be98bcf5417574a5
Parents: f4a0721 a666773
Author: Roberta Marton 
Authored: Fri Aug 3 23:03:05 2018 +
Committer: Roberta Marton 
Committed: Fri Aug 3 23:03:05 2018 +

--
 core/sql/bin/SqlciErrors.txt|2 +-
 core/sql/comexe/ComTdbExeUtil.h |  110 +-
 core/sql/executor/ExExeUtilGet.cpp  | 1024 --
 core/sql/generator/GenRelExeUtil.cpp|   31 +-
 core/sql/parser/ParKeyWords.cpp |2 +-
 core/sql/parser/sqlparser.y |   51 +-
 core/sql/parser/ulexer.cpp  |   18 +
 core/sql/regress/compGeneral/EXPECTEDTOK|5 +-
 core/sql/regress/compGeneral/EXPECTEDTOK2   |5 +-
 core/sql/regress/privs1/EXPECTED125 |  325 +-
 core/sql/regress/privs1/TEST125 |9 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |1 +
 .../src/asciidoc/_chapters/ddl_msgs.adoc|   20 +
 13 files changed, 883 insertions(+), 720 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/4ec0da84/core/sql/bin/SqlciErrors.txt
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/4ec0da84/core/sql/parser/ParKeyWords.cpp
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/4ec0da84/core/sql/parser/sqlparser.y
--

[3/4] trafodion git commit: Updated messages manual

2018-08-03 Thread rmarton

Updated messages manual


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/a666773f
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/a666773f
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/a666773f

Branch: refs/heads/master
Commit: a666773f92cfdc5d6ece66c288d78ec61fc362da
Parents: 3d013bc
Author: Roberta Marton 
Authored: Fri Aug 3 18:58:48 2018 +
Committer: Roberta Marton 
Committed: Fri Aug 3 18:58:48 2018 +

--
 .../src/asciidoc/_chapters/ddl_msgs.adoc| 20 
 1 file changed, 20 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/a666773f/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
--
diff --git a/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc 
b/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
index 6c8d5d8..f6cb4db 100644
--- a/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
+++ b/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
@@ -1075,6 +1075,26 @@ for .
 *Recovery:* Specify a valid default value for the column and resubmit.
 
 <<<
+[[SQL-1086]]
+== SQL 1086
+
+```
+ is not a .
+```
+
+Where  is the name of a user or role.
+
+Where

[2/3] trafodion git commit: TRAFODION-1573: Additional GET commands for privileges TRAFODION-3074: Failed to register/unregister user when security disabled

2018-05-21 Thread rmarton

TRAFODION-1573: Additional GET commands for privileges
TRAFODION-3074: Failed to register/unregister user when security disabled

TRAFODION-1573 changes:

- Added support for the following commands:

  get privileges on 
  : [LIBRARY | PROCEDURE | FUNCTION | TABLE_MAPPING FUNCTION | SEQUENCE]

- Added support for the FOR CLAUSE on all supported objects
  Removed the need to specify keyword 'USER" before username. If USER is
  included, then it is ignored.

  get privileges on  FOR [USER] 
  : [TABLES, VIEWS, LIBRARIES, PROCEDURES, FUNCTIONS,
  TABLE_MAPPING FUNCTIONS, SEQUENCES]

- The following get command can only be run by DB__ROOT or a user that has been
  granted the DB__ROOTROLE or DB__HIVEROLE role

  get  in schema hive.xx.xx;
  : [TABLES, OBJECTS, VIEWS]

- The following get command can only be run by DB__ROOT or a user that has been
  granted the DB__ROOTROLE or DB__HBASEROLE role

  get external hbase objects;

- The following get commands retrieve privilege details from Trafodion metadata;
  users can only see objects where they have been granted at least one privilege

  get hive registered tables in catalog trafodion;
  get hbase registered tables in catalog trafodion;

- get privileges commands now return owner's privileges in output
- Cleaned up code in the parser.

TRAFODION-3074 changes

- register user - fixed query to find next available authID
- unregister user - added checks to not read privilege metadata if authorization
  is not enabled


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/88e2a742
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/88e2a742
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/88e2a742

Branch: refs/heads/master
Commit: 88e2a742b019dd8d22c22c79d1b64048395cfdb1
Parents: 609d7a4
Author: Roberta Marton 
Authored: Fri May 18 16:45:06 2018 +
Committer: Roberta Marton 
Committed: Fri May 18 16:45:06 2018 +

--
 core/sql/comexe/ComTdbExeUtil.h   |   4 +
 core/sql/executor/ExExeUtilGet.cpp| 244 ++---
 core/sql/generator/GenRelExeUtil.cpp  |  14 +-
 core/sql/parser/ParKeyWords.cpp   |   2 -
 core/sql/parser/sqlparser.y   | 353 +++-
 core/sql/regress/compGeneral/EXPECTEDTOK  |   3 +-
 core/sql/regress/compGeneral/EXPECTEDTOK2 |   3 +-
 core/sql/regress/core/EXPECTED116 | 197 +--
 core/sql/regress/privs1/EXPECTED125   | 729 +
 core/sql/regress/privs1/TEST125   |  51 ++
 core/sql/regress/privs2/EXPECTED144   | 301 +-
 core/sql/regress/privs2/EXPECTED146   | 125 -
 core/sql/regress/privs2/TEST144   |  39 +-
 core/sql/regress/privs2/TEST146   |   7 +
 core/sql/sqlci/sqlci_lex.ll   |   2 -
 core/sql/sqlci/sqlci_yacc.y   |  11 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp|  69 ++-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp   |   2 +
 18 files changed, 1708 insertions(+), 448 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/88e2a742/core/sql/comexe/ComTdbExeUtil.h
--
diff --git a/core/sql/comexe/ComTdbExeUtil.h b/core/sql/comexe/ComTdbExeUtil.h
index 4716460..ef48954 100644
--- a/core/sql/comexe/ComTdbExeUtil.h
+++ b/core/sql/comexe/ComTdbExeUtil.h
@@ -2522,6 +2522,7 @@ public:
 PRIVILEGES_ON_TABLE_,
 PRIVILEGES_ON_MV_,
 PRIVILEGES_ON_VIEW_,
+PRIVILEGES_ON_SEQUENCE_,
 SYNONYMS_ON_TABLE_,
 
 OBJECTS_ON_TABLE_,
@@ -2559,6 +2560,9 @@ public:
 PROCEDURES_FOR_LIBRARY_,
 FUNCTIONS_FOR_LIBRARY_,
 TABLE_FUNCTIONS_FOR_LIBRARY_,
+PRIVILEGES_ON_LIBRARY_,
+PRIVILEGES_ON_PROCEDURE_,
+PRIVILEGES_ON_ROUTINE_,
 
 COMPONENTS_,
 COMPONENT_OPERATIONS_,

http://git-wip-us.apache.org/repos/asf/trafodion/blob/88e2a742/core/sql/executor/ExExeUtilGet.cpp
--
diff --git a/core/sql/executor/ExExeUtilGet.cpp 
b/core/sql/executor/ExExeUtilGet.cpp
index 33865fa..163b190 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -558,8 +558,7 @@ static const QueryString getTrafPrivsOnObject[] =
   {"   case when bitextract(privileges_bitmap,58,1) = 1 then 'R' else '-' end 
|| "},
   {"   case when bitextract(privileges_bitmap,57,1) = 1 then 'E' else '-' end 
as privs "},
   {" from %s.\"%s\".%s "},
-  {" where grantor_id <> -2 "},
-  {"  and object_uid = "},
+  {" where object_uid = "},
   {"  (select object_uid from %s.\"%s\".%s "},
   {"   where catalog_name = '%s' and schema_name = '%s' and object_name = '%s' 
"},
   {" and object_type = '%s') %s "},
@@ -573,11 +572,11 @@ static const QueryString

[1/3] trafodion git commit: TRAFODION-1573: Additional GET commands for privileges TRAFODION-3074: Failed to register/unregister user when security disabled

2018-05-21 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 2c5f48018 -> 1b9cb1b85


http://git-wip-us.apache.org/repos/asf/trafodion/blob/88e2a742/core/sql/regress/privs1/EXPECTED125
--
diff --git a/core/sql/regress/privs1/EXPECTED125 
b/core/sql/regress/privs1/EXPECTED125
index 8473a1c..d464042 100644
--- a/core/sql/regress/privs1/EXPECTED125
+++ b/core/sql/regress/privs1/EXPECTED125
@@ -98,6 +98,9 @@
 >>create library t125_l1 file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL$$ $$QUOTE$$ ;
 
 --- SQL operation complete.
+>>grant usage on library t125_l1 to t125_role1;
+
+--- SQL operation complete.
 >>create function translateBitmap(bitmap largeint) returns (bitmap_string char 
 >>(20))
 +>language c parameter style sql external name 'translateBitmap'
 +>library t125_l1
@@ -127,6 +130,9 @@
 +>   file $$QUOTE$$ $$REGRRUNDIR$$/$$JARF$$ $$QUOTE$$;
 
 --- SQL operation complete.
+>>grant all on library t125_l2 to sql_user8;
+
+--- SQL operation complete.
 >>
 >>create procedure TestHive(
 +>  IN operation char(20),
@@ -230,6 +236,9 @@
 >>create library t125_l1 file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL$$ $$QUOTE$$ ;
 
 --- SQL operation complete.
+>>grant usage on library t125_l1 to t125_role1;
+
+--- SQL operation complete.
 >>create function translateBitmap(bitmap largeint) returns (bitmap_string char 
 >>(20))
 +>language c parameter style sql external name 'translateBitmap'
 +>library t125_l1
@@ -259,6 +268,9 @@
 +>   file $$QUOTE$$ $$REGRRUNDIR$$/$$JARF$$ $$QUOTE$$;
 
 --- SQL operation complete.
+>>grant all on library t125_l2 to sql_user8;
+
+--- SQL operation complete.
 >>
 >>create procedure TestHive(
 +>  IN operation char(20),
@@ -362,6 +374,9 @@
 >>create library t125_l1 file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL$$ $$QUOTE$$ ;
 
 --- SQL operation complete.
+>>grant usage on library t125_l1 to t125_role1;
+
+--- SQL operation complete.
 >>create function translateBitmap(bitmap largeint) returns (bitmap_string char 
 >>(20))
 +>language c parameter style sql external name 'translateBitmap'
 +>library t125_l1
@@ -391,6 +406,9 @@
 +>   file $$QUOTE$$ $$REGRRUNDIR$$/$$JARF$$ $$QUOTE$$;
 
 --- SQL operation complete.
+>>grant all on library t125_l2 to sql_user8;
+
+--- SQL operation complete.
 >>
 >>create procedure TestHive(
 +>  IN operation char(20),
@@ -471,9 +489,12 @@
 Privileges for Role T125_ROLE1
 ==
 
+G--TRAFODION.T125SCH1.T125_L1
 S--TRAFODION.T125SCH2.GAMES  GAME_NUMBER
+G--TRAFODION.T125SCH2.T125_L1
 S--TRAFODION.T125SCH2.TEAMS  TEAM_NUMBER
 SIDU-R-TRAFODION.T125SCH3.PLAYERS
+G--TRAFODION.T125SCH3.T125_L1
 --ETRAFODION.T125SCH3.TRANSLATEBITMAP
 
 --- SQL operation complete.
@@ -500,13 +521,16 @@ Privileges for User SQL_USER2
 --ETRAFODION."_LIBMGR_".JDBC
 SIDU-R-TRAFODION.T125SCH1.GAMES
 S--TRAFODION.T125SCH1.GAMES_BY_PLAYER
+G--TRAFODION.T125SCH1.T125_L1
 SIDU-R-TRAFODION.T125SCH2.GAMES
 S--TRAFODION.T125SCH2.GAMES  GAME_NUMBER
 S--TRAFODION.T125SCH2.GAMES_BY_PLAYER
+G--TRAFODION.T125SCH2.T125_L1
 S--TRAFODION.T125SCH2.TEAMS  TEAM_NUMBER
 SIDU-R-TRAFODION.T125SCH3.GAMES
 S--TRAFODION.T125SCH3.GAMES_BY_PLAYER
 SIDU-R-TRAFODION.T125SCH3.PLAYERS
+G--TRAFODION.T125SCH3.T125_L1
 --ETRAFODION.T125SCH3.TRANSLATEBITMAP
 
 --- SQL operation complete.
@@ -517,9 +541,12 @@ Privileges for User SQL_USER7
 
 --ETRAFODION."_LIBMGR_".EVENT_LOG_READER
 --ETRAFODION."_LIBMGR_".JDBC
+G--TRAFODION.T125SCH1.T125_L1
 S--TRAFODION.T125SCH2.GAMES  GAME_NUMBER
+G--TRAFODION.T125SCH2.T125_L1
 S--TRAFODION.T125SCH2.TEAMS  TEAM_NUMBER
 SIDU-R-TRAFODION.T125SCH3.PLAYERS
+G--TRAFODION.T125SCH3.T125_L1
 --ETRAFODION.T125SCH3.TRANSLATEBITMAP
 
 --- SQL operation complete.
@@ -530,6 +557,8 @@ Privileges for User SQL_USER8
 
 --ETRAFODION."_LIBMGR_".EVENT_LOG_READER
 --ETRAFODION."_LIBMGR_".JDBC
+---UG--TRAFODION.T125SCH1.T125_L2
+---UG--TRAFODION.T125SCH2.T125_L2
 SIDU-R-TRAFODION.T125SCH3.GAMES
 SR-TRAFODION.T125SCH3.GAMES_BY_PLAYER
 SR-TRAFODION.T125SCH3.HOME_TEAMS_GAMES
@@ -547,6 +576,488 @@ SIDU-R-TRAFODION.T125SCH3.TEAMS
 
 --- SQL operation complete.
 >>
+>>set schema t125sch1;
+
+--- SQL operation complete.
+>>obey TEST125(get_privs);
+>>get privileges on table games;
+
+Privileges on Table T125SCH1.GAMES
+==
+
+SIDU-R-DB__ROOT
+SIDU-R-SQL_USER2
+
+--- SQL operation complete.
+>>get privileges on table games for sql_user1;
+
+--- SQL operation complete.
+>>get privileges on table games for sql_user2;
+
+Privileges on Table T125SCH1.GAMES
+==
+
+SIDU-R-SQL_USER2
+
+--- SQL operation complete.
+>>get privileges on table games for sql_user7;
+
+--- SQL operation complete.
+>>get privileges on table games for

[3/3] trafodion git commit: merge [TRAFODION-1573] [TRAFODION-3075] pr 1568 get command updates and [un]register user fixes

2018-05-21 Thread rmarton

merge [TRAFODION-1573] [TRAFODION-3075] pr 1568 get command updates and 
[un]register user fixes


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/1b9cb1b8
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/1b9cb1b8
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/1b9cb1b8

Branch: refs/heads/master
Commit: 1b9cb1b859502fbed5fbf8c6ed4ad25e060605a1
Parents: 2c5f480 88e2a74
Author: Roberta Marton 
Authored: Mon May 21 15:57:36 2018 +
Committer: Roberta Marton 
Committed: Mon May 21 15:57:36 2018 +

--
 core/sql/comexe/ComTdbExeUtil.h   |   4 +
 core/sql/executor/ExExeUtilGet.cpp| 244 ++---
 core/sql/generator/GenRelExeUtil.cpp  |  14 +-
 core/sql/parser/ParKeyWords.cpp   |   2 -
 core/sql/parser/sqlparser.y   | 353 +++-
 core/sql/regress/compGeneral/EXPECTEDTOK  |   3 +-
 core/sql/regress/compGeneral/EXPECTEDTOK2 |   3 +-
 core/sql/regress/core/EXPECTED116 | 197 +--
 core/sql/regress/privs1/EXPECTED125   | 729 +
 core/sql/regress/privs1/TEST125   |  51 ++
 core/sql/regress/privs2/EXPECTED144   | 301 +-
 core/sql/regress/privs2/EXPECTED146   | 125 -
 core/sql/regress/privs2/TEST144   |  39 +-
 core/sql/regress/privs2/TEST146   |   7 +
 core/sql/sqlci/sqlci_lex.ll   |   2 -
 core/sql/sqlci/sqlci_yacc.y   |  11 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp|  69 ++-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp   |   2 +
 18 files changed, 1708 insertions(+), 448 deletions(-)
--

[2/4] trafodion git commit: TRAFODION-3046: Privilege support for native HBase tables

2018-05-11 Thread rmarton

TRAFODION-3046: Privilege support for native HBase tables

-- Grants and revokes against native HBase tables are enforced similar to hive
-- Privilege checking added when creating and dropping native HBase tables
-- Removing dependent Trafodion metadata when native HBase tables are dropped
-- Added regression test (privs2/TEST146)
-- Reorg - split PrivMgrComponents into 2 files:
  PrivMgrComponents and PrivMgrUserPrivs

An hbase table can be referenced using one of the following types:
  "_CELL_" - references cell data
  "_ROW_"  - references row data
  "_MAP_"  - references data defined by the mapped (external) table

Privileges are granted against each of these types, so if you:
  select * from hbase."_CELL_".hbase1;
You must have the select privileges on this table
For example:  "grant select on hbase."_CELL_".hbase1 to user1"

Likewise for other hbase types, grants are required to gain accessibility
  grant select on hbase."_MAP_".hbase1 to user1
  grant select on hbase."_ROW_".hbase1 to role1


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/b178915d
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/b178915d
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/b178915d

Branch: refs/heads/master
Commit: b178915d214d6bbdd5f7de49900f61a26abf652b
Parents: dd051ea
Author: Roberta Marton 
Authored: Thu May 10 15:15:50 2018 +
Committer: Roberta Marton 
Committed: Thu May 10 15:15:50 2018 +

--
 core/sql/nskgmake/sqlcomp/Makefile  |1 +
 core/sql/optimizer/NATable.cpp  |   15 +-
 core/sql/regress/privs1/EXPECTED137 |7 -
 core/sql/regress/privs1/TEST137 |3 -
 core/sql/regress/privs2/EXPECTED146 | 1656 ++
 core/sql/regress/privs2/FILTER146   |   38 +
 core/sql/regress/privs2/TEST146 |  248 +++
 core/sql/regress/seabase/EXPECTED022|  124 +-
 core/sql/regress/seabase/EXPECTED026|   25 +-
 core/sql/regress/seabase/TEST022|   10 +
 core/sql/regress/seabase/TEST026|3 +-
 core/sql/regress/seabase/TEST026_drop_hbase |   26 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |2 +-
 core/sql/sqlcomp/CmpDescribe.cpp|   26 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   10 +-
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|4 +-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  132 +-
 core/sql/sqlcomp/PrivMgr.cpp|9 +
 core/sql/sqlcomp/PrivMgr.h  |4 +
 core/sql/sqlcomp/PrivMgrCommands.cpp|  160 +-
 core/sql/sqlcomp/PrivMgrCommands.h  |  360 +---
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |6 +
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |4 +-
 core/sql/sqlcomp/PrivMgrUserPrivs.cpp   |  208 +++
 core/sql/sqlcomp/PrivMgrUserPrivs.h |  400 +
 core/sql/ustat/hs_globals.cpp   |5 +-
 26 files changed, 2876 insertions(+), 610 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/b178915d/core/sql/nskgmake/sqlcomp/Makefile
--
diff --git a/core/sql/nskgmake/sqlcomp/Makefile 
b/core/sql/nskgmake/sqlcomp/Makefile
index c579ea6..0205ebd 100755
--- a/core/sql/nskgmake/sqlcomp/Makefile
+++ b/core/sql/nskgmake/sqlcomp/Makefile
@@ -35,6 +35,7 @@ CPPSRC := CmpDescribe.cpp \
CmpSeabaseDDLview.cpp \
CmpSeabaseDDLcommentOn.cpp \
PrivMgr.cpp \
+PrivMgrUserPrivs.cpp \
 PrivMgrCommands.cpp \
 PrivMgrDesc.cpp \
 PrivMgrComponents.cpp \

http://git-wip-us.apache.org/repos/asf/trafodion/blob/b178915d/core/sql/optimizer/NATable.cpp
--
diff --git a/core/sql/optimizer/NATable.cpp b/core/sql/optimizer/NATable.cpp
index 6a959ec..327fcd7 100644
--- a/core/sql/optimizer/NATable.cpp
+++ b/core/sql/optimizer/NATable.cpp
@@ -5081,7 +5081,6 @@ NABoolean NATable::fetchObjectUIDForNativeTable(const 
CorrName& corrName,
setHbaseDataFormatString(TRUE);
break;
  }
-
if (table_desc->tableDesc()->isInMemoryObject())
  {
setInMemoryObjectDefn( TRUE );
@@ -6771,10 +6770,11 @@ void NATable::getPrivileges(TrafDesc * priv_desc)
 
   // If current user is root, object owner, or this is a volatile table
   // automatically have owner default privileges.
- if ((!isSeabaseTable() && !isHiveTable()) ||
-   !CmpCommon::context()->isAuthorizationEnabled() ||
-   isVolatileTable() ||
-   (ComUser::isRootUserID() && !isHiveTable()) )
+ if

[4/4] trafodion git commit: merge [TRAFODION-3046] pr 1561 Privilege support for native HBase tables

2018-05-11 Thread rmarton

merge [TRAFODION-3046] pr 1561 Privilege support for native HBase tables


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/a5b67c9e
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/a5b67c9e
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/a5b67c9e

Branch: refs/heads/master
Commit: a5b67c9e918b8eab1ce818587b25a01199f3b856
Parents: 5fa28f3 66dec0a
Author: Roberta Marton 
Authored: Fri May 11 18:32:33 2018 +
Committer: Roberta Marton 
Committed: Fri May 11 18:32:33 2018 +

--
 core/sql/nskgmake/sqlcomp/Makefile  |1 +
 core/sql/optimizer/NATable.cpp  |   15 +-
 core/sql/regress/privs1/EXPECTED137 |7 -
 core/sql/regress/privs1/TEST137 |3 -
 core/sql/regress/privs2/EXPECTED146 | 1656 ++
 core/sql/regress/privs2/FILTER146   |   38 +
 core/sql/regress/privs2/TEST146 |  248 +++
 core/sql/regress/seabase/EXPECTED022|  126 +-
 core/sql/regress/seabase/EXPECTED026|   25 +-
 core/sql/regress/seabase/TEST022|   11 +
 core/sql/regress/seabase/TEST026|3 +-
 core/sql/regress/seabase/TEST026_drop_hbase |   26 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |2 +-
 core/sql/sqlcomp/CmpDescribe.cpp|   26 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   10 +-
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|4 +-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  132 +-
 core/sql/sqlcomp/PrivMgr.cpp|9 +
 core/sql/sqlcomp/PrivMgr.h  |4 +
 core/sql/sqlcomp/PrivMgrCommands.cpp|  160 +-
 core/sql/sqlcomp/PrivMgrCommands.h  |  360 +---
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |6 +
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |4 +-
 core/sql/sqlcomp/PrivMgrUserPrivs.cpp   |  208 +++
 core/sql/sqlcomp/PrivMgrUserPrivs.h |  400 +
 core/sql/ustat/hs_globals.cpp   |5 +-
 26 files changed, 2879 insertions(+), 610 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/a5b67c9e/core/sql/optimizer/NATable.cpp
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/a5b67c9e/core/sql/ustat/hs_globals.cpp
--

[3/4] trafodion git commit: Fixed regression test

2018-05-11 Thread rmarton

Fixed regression test


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/66dec0ad
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/66dec0ad
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/66dec0ad

Branch: refs/heads/master
Commit: 66dec0adefa820b8660a93393463a3384c01838c
Parents: b178915
Author: Roberta Marton 
Authored: Thu May 10 21:33:21 2018 +
Committer: Roberta Marton 
Committed: Thu May 10 21:33:21 2018 +

--
 core/sql/regress/seabase/EXPECTED022 | 94 ---
 core/sql/regress/seabase/TEST022 |  1 +
 2 files changed, 49 insertions(+), 46 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/66dec0ad/core/sql/regress/seabase/EXPECTED022
--
diff --git a/core/sql/regress/seabase/EXPECTED022 
b/core/sql/regress/seabase/EXPECTED022
index bbdb252..f7f10d4 100644
--- a/core/sql/regress/seabase/EXPECTED022
+++ b/core/sql/regress/seabase/EXPECTED022
@@ -430,7 +430,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_CELL_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_CELL_".T022HBT2
--- Definition current  Wed May  9 21:08:44 2018
+-- Definition current  Thu May 10 20:58:57 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -449,7 +449,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_ROW_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_ROW_".T022HBT2
--- Definition current  Wed May  9 21:08:44 2018
+-- Definition current  Thu May 10 20:58:58 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -469,7 +469,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_CELL_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_CELL_".T022HBT2
--- Definition current  Wed May  9 21:08:45 2018
+-- Definition current  Thu May 10 20:58:58 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -488,7 +488,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_ROW_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_ROW_".T022HBT2
--- Definition current  Wed May  9 21:08:45 2018
+-- Definition current  Thu May 10 20:58:59 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -609,7 +609,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:09:03 2018
+-- Definition current  Thu May 10 20:59:13 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -625,7 +625,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:09:04 2018
+-- Definition current  Thu May 10 20:59:14 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -642,7 +642,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion table TRAFODION.SCH.T022HBM1
--- Definition current  Wed May  9 21:09:09 2018
+-- Definition current  Thu May 10 20:59:20 2018
 
   (
 SYSKEY   LARGEINT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -673,7 +673,7 @@ LC   RC   OP   OPERATOR  OPT   DESCRIPTION  
 CARD
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:09:18 2018
+-- Definition current  Thu May 10 20:59:30 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -733,7 +733,7 @@ a2  ?
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:09:27 2018
+-- Definition current  Thu May 10 20:59:39 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -756,7 +756,7 @@ a2  ?
 >>invoke t022hbm1_like;
 
 -- Definition of Trafodion table TRAFODION.SCH.T022HBM1_LIKE
--- Definition current  Wed May  9 21:09:36 2018
+-- Definition current  Thu May 10 20:59:49 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -818,7 +818,7 @@ a2?   ?
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:10:05 2018
+-- Definition current  Thu May 10 21:00:16 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -835,7 +835,7 @@ a2?   ?
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Wed May  9 21:10:14 2018
+-- Definition current  Thu May 10 21:00:24 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET

[1/4] trafodion git commit: TRAFODION-3046: Privilege support for native HBase tables

2018-05-11 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 5fa28f37b -> a5b67c9e9


http://git-wip-us.apache.org/repos/asf/trafodion/blob/b178915d/core/sql/regress/seabase/EXPECTED022
--
diff --git a/core/sql/regress/seabase/EXPECTED022 
b/core/sql/regress/seabase/EXPECTED022
index b1efc0f..bbdb252 100644
--- a/core/sql/regress/seabase/EXPECTED022
+++ b/core/sql/regress/seabase/EXPECTED022
@@ -8,6 +8,8 @@
 >>
 >>drop hbase table T022HBT1;
 
+*** WARNING[1004] Object T022HBT1 does not exist or object type is invalid for 
the current operation.
+
 --- SQL operation complete.
 >>create hbase table T022HBT1 (column family 'cf');
 
@@ -15,6 +17,8 @@
 >>
 >>drop hbase table T022HBT2;
 
+*** WARNING[1004] Object T022HBT2 does not exist or object type is invalid for 
the current operation.
+
 --- SQL operation complete.
 >>create hbase table T022HBT2 (column family 'cf');
 
@@ -406,7 +410,7 @@ ROW_ID  (EXPR)
 
 >>insert into hbase."_ROW_".t022hbt1 values ('2', column_create(':b', '201'));
 
-*** ERROR[1426] An invalid HBase column name :b was specified. A valid name 
must be of the format:   :
+*** ERROR[1426] An invalid HBase column name :b was specified. A valid name 
must be of the format: :
 
 --- 0 row(s) inserted.
 >>insert into hbase."_ROW_".t022hbt1 values ('2', '100');
@@ -426,7 +430,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_CELL_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_CELL_".T022HBT2
--- Definition current  Mon May 15 01:28:23 2017
+-- Definition current  Wed May  9 21:08:44 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -445,7 +449,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_ROW_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_ROW_".T022HBT2
--- Definition current  Mon May 15 01:28:24 2017
+-- Definition current  Wed May  9 21:08:44 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -465,7 +469,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_CELL_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_CELL_".T022HBT2
--- Definition current  Mon May 15 01:28:24 2017
+-- Definition current  Wed May  9 21:08:45 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -484,7 +488,7 @@ ROW_ID  (EXPR)
 >>invoke hbase."_ROW_".t022hbt2;
 
 -- Definition of Trafodion table HBASE."_ROW_".T022HBT2
--- Definition current  Mon May 15 01:28:25 2017
+-- Definition current  Wed May  9 21:08:45 2018
 
   (
 ROW_ID   VARCHAR(100) CHARACTER SET ISO88591
@@ -576,6 +580,8 @@ ROW_ID  (EXPR)
 >>
 >>drop hbase table t022hbm1;
 
+*** WARNING[1004] Object T022HBM1 does not exist or object type is invalid for 
the current operation.
+
 --- SQL operation complete.
 >>create hbase table t022hbm1 (column family 'cf');
 
@@ -603,7 +609,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Mon May 15 01:28:41 2017
+-- Definition current  Wed May  9 21:09:03 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -619,7 +625,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Mon May 15 01:28:41 2017
+-- Definition current  Wed May  9 21:09:04 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -636,7 +642,7 @@ ROW_ID  (EXPR)
 >>invoke t022hbm1;
 
 -- Definition of Trafodion table TRAFODION.SCH.T022HBM1
--- Definition current  Mon May 15 01:28:44 2017
+-- Definition current  Wed May  9 21:09:09 2018
 
   (
 SYSKEY   LARGEINT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -667,7 +673,7 @@ LC   RC   OP   OPERATOR  OPT   DESCRIPTION  
 CARD
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Mon May 15 01:28:50 2017
+-- Definition current  Wed May  9 21:09:18 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -727,7 +733,7 @@ a2  ?
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Mon May 15 01:28:55 2017
+-- Definition current  Wed May  9 21:09:27 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -750,7 +756,7 @@ a2  ?
 >>invoke t022hbm1_like;
 
 -- Definition of Trafodion table TRAFODION.SCH.T022HBM1_LIKE
--- Definition current  Mon May 15 01:29:01 2017
+-- Definition current  Wed May  9 21:09:36 2018
 
   (
 "cf".A   VARCHAR(4) CHARACTER SET ISO88591 COLLATE
@@ -812,7 +818,7 @@ a2?   ?
 >>invoke t022hbm1;
 
 -- Definition of Trafodion HBase mapped table T022HBM1
--- Definition current  Mon May 15 01:29:22 2017
+-- Definition current  Wed May  9 21:10:05 2018
 
   (
 "cf".A

[3/3] trafodion git commit: Merge [TRAFODION-2542] pr 1536 Grantor is not correct when granting privileges

2018-04-25 Thread rmarton

Merge [TRAFODION-2542] pr 1536 Grantor is not correct when granting privileges


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/dd051ea6
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/dd051ea6
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/dd051ea6

Branch: refs/heads/master
Commit: dd051ea60bd2881627f7d324dc5ed84236688626
Parents: 9a90338 c04fc45
Author: Roberta Marton 
Authored: Wed Apr 25 15:25:16 2018 +
Committer: Roberta Marton 
Committed: Wed Apr 25 15:25:16 2018 +

--
 core/sql/bin/SqlciErrors.txt|   4 +-
 core/sql/regress/core/EXPECTED131   |   8 +-
 core/sql/regress/core/TEST131   |   4 +-
 core/sql/regress/privs1/EXPECTED120 |  47 +++--
 core/sql/regress/privs1/EXPECTED137 |  30 +--
 core/sql/regress/privs1/TEST120 |  23 +--
 core/sql/regress/privs1/TEST137 |  22 ++-
 core/sql/regress/privs2/EXPECTED140 |  16 +-
 core/sql/regress/privs2/EXPECTED143 |  16 +-
 core/sql/regress/privs2/EXPECTED144 |   4 +-
 core/sql/regress/privs2/TEST143 |   3 +
 core/sql/regress/privs2/TEST144 |   2 +-
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |   1 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp| 184 ---
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  33 
 core/sql/sqlcomp/DefaultConstants.h |   3 +
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |   7 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  | 140 --
 core/sql/sqlcomp/PrivMgrPrivileges.h|   7 +
 core/sql/sqlcomp/nadefaults.cpp |   3 +
 .../src/asciidoc/_chapters/ddl_msgs.adoc|  38 +++-
 21 files changed, 376 insertions(+), 219 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/dd051ea6/core/sql/regress/privs1/EXPECTED137
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/dd051ea6/core/sql/regress/privs1/TEST137
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/dd051ea6/core/sql/sqlcomp/DefaultConstants.h
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/dd051ea6/core/sql/sqlcomp/nadefaults.cpp
--

[1/3] trafodion git commit: [TRAFODION-2542] Grantor is not correct when granting privileges for a role

2018-04-25 Thread rmarton

ers;
@@ -342,7 +343,7 @@ cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 cqd AUTO_QUERY_RETRY_WARNINGS 'ON';
 set schema t120sch;
 
-revoke insert, delete on teams from t120role2;
+revoke insert, delete on teams from t120role2 by t120role1;
 
 ?section grant_t120role2p
 log LOG120;
@@ -351,7 +352,7 @@ cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 cqd AUTO_QUERY_RETRY_WARNINGS 'ON';
 set schema t120sch;
 
-grant insert, delete on teams to t120role2;
+grant insert, delete on teams to t120role2 by t120role1;
 
 ?section revoke_t120role2
 log LOG120;
@@ -396,7 +397,7 @@ cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 cqd AUTO_QUERY_RETRY_WARNINGS 'ON';
 set schema t120sch;
 
-revoke select (team_number, num_players) on stats from "PUBLIC";
+revoke select (team_number, num_players) on stats from "PUBLIC" by t120role1;
 showddl stats;
 select team_number, num_players from stats;
 

http://git-wip-us.apache.org/repos/asf/trafodion/blob/03a96998/core/sql/regress/privs1/TEST137
--
diff --git a/core/sql/regress/privs1/TEST137 b/core/sql/regress/privs1/TEST137
index 9654fe4..77dae01 100755
--- a/core/sql/regress/privs1/TEST137
+++ b/core/sql/regress/privs1/TEST137
@@ -44,6 +44,8 @@ control query default SKIP_METADATA_VIEWS 'ON';
 
 obey TEST137(clean_up);
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
+cqd ALLOW_WGO_FOR_ROLES 'on';
+grant component privilege "SHOW" on sql_operations to "PUBLIC";
 log LOG137 clear;
 obey TEST137(set_up);
 obey TEST137(create_db);
@@ -108,6 +110,8 @@ revoke role library_ckout_clerks from sql_user3, sql_user4, 
sql_user5;
 drop role library_ckout_clerks;
 
 revoke component privilege lib_view_checkouts on library_books from 
lib_role_test;
+revoke component privilege "SHOW" on sql_operations from "PUBLIC";
+
 revoke role lib_role_test from sql_user5;
 revoke role db__rootrole from sql_user5;
 drop role lib_role_test;
@@ -158,7 +162,7 @@ where c.component_uid = p.component_uid
   and p.operation_code = d.operation_code
   and p.component_uid = d.component_uid
   and c.component_name like 'LIBRARY%'
-order by 1, 2, d.grantor_ID, d.grantee_name, grant_depth
+order by 1, 2, d.grantee_name, grant_depth
 for read uncommitted access;
 
 ?section create_db
@@ -222,7 +226,6 @@ execute get_components;
 
 -- fails with a syntax error
 register component user;
-register component "delimited not supported";
 register component abi**def;
 
 -- fails with component already registered
@@ -465,8 +468,6 @@ cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 values (user);
 -- These tests should succeed
--- returns 2 rows
-showddl role db__rootrole;
 execute get_component_operations;
 grant component privilege lib_view_checkouts on library_books to sql_user4 
with grant option;
@@ -508,6 +509,7 @@ log;
 
 -- below is the setup and testing for various scenarios for revoke component 
privileges
 ?section revoke_comp_privs_setup
+cqd ALLOW_WGO_FOR_ROLES 'on';
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 create role library_admin;
@@ -548,6 +550,7 @@ grant component privilege lib_view_repository
 log;
 
 ?section revoke_comp_privs_setup_user1
+cqd ALLOW_WGO_FOR_ROLES 'on';
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 grant component privilege lib_view_repository
@@ -555,6 +558,7 @@ on library_books to sql_user2 with grant option;
 log;
 
 ?section revoke_comp_privs_setup_user2
+cqd ALLOW_WGO_FOR_ROLES 'on';
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 grant component privilege lib_view_repository
@@ -568,6 +572,7 @@ on library_books to sql_user5;
 log;
 
 ?section revoke_comp_privs_setup_user3
+cqd ALLOW_WGO_FOR_ROLES 'on';
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 grant component privilege lib_view_repository
@@ -581,6 +586,7 @@ on library_books to sql_user4 with grant option;
 log;
 
 ?section revoke_comp_privs_setup_user4
+cqd ALLOW_WGO_FOR_ROLES 'on';
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
 log LOG137;
 grant component privilege lib_view_repository
@@ -650,4 +656,14 @@ log LOG137;
 --create schema t137sch;
 log;
 
+?section metadata_cmds
+cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
+log LOG137;
 
+select auth_id from "_MD_".auths where auth_db_name = 'DB__ROOT';
+select role_id from "_PRIVMGR_MD_".role_usage where role_name = 'DB__ROOTROLE';
+select count(*) from "_REPOS_".metric_query_table where component_id < 0;
+set param ?cmd 'ls';
+-- always fails, EXECUTE privilege is require not DML_SELECT_METADATA
+call "_LIBMGR_".HELP(?cmd);
+log;

http://git-wip-us.apache.org/repos/asf/trafodion/blob/03a96998/core/sql/regress/privs2/EXPECTED140
------
diff --git a/core/sql/regress/privs2/EXPECTED140 
b/core/sql/regress/privs2/EXPECTED140
index 62e0b5b..81c3fbc 100644
--- a/core/sql/regress/privs2/EXPECTED140
+++ b/core

[2/3] trafodion git commit: Added new/changed errors to messages guide. Fixed issue generating error text for error 1012.

2018-04-25 Thread rmarton

Added new/changed errors to messages guide.
Fixed issue generating error text for error 1012.


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/c04fc453
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/c04fc453
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/c04fc453

Branch: refs/heads/master
Commit: c04fc45373802fd40a4a05f2bfa2caeda3c4450d
Parents: 03a9699
Author: Roberta Marton 
Authored: Tue Apr 24 22:15:08 2018 +
Committer: Roberta Marton 
Committed: Tue Apr 24 22:15:08 2018 +

--
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  2 +-
 .../src/asciidoc/_chapters/ddl_msgs.adoc| 38 
 2 files changed, 32 insertions(+), 8 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/c04fc453/core/sql/sqlcomp/PrivMgrPrivileges.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrPrivileges.cpp 
b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
index 46ec01c..513a2bd 100644
--- a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
@@ -4531,7 +4531,7 @@ PrivStatus PrivMgrPrivileges::getRolesToCheck(
 {
   // just return what getAuthNameFromAuthID returns
   ComUser::getAuthNameFromAuthID(roleIDs[r],roleName, 
sizeof(roleName),length);
-  if (r > 0)
+  if (rolesWithPrivs.size() > 0)
 rolesWithPrivs += ", ";
   rolesWithPrivs += roleName;
 }

http://git-wip-us.apache.org/repos/asf/trafodion/blob/c04fc453/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
--
diff --git a/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc 
b/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
index 5d2b6b3..6c8d5d8 100644
--- a/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
+++ b/docs/messages_guide/src/asciidoc/_chapters/ddl_msgs.adoc
@@ -195,9 +195,14 @@ This is currently not supported.
 == SQL 1012
 
 ```
-No privileges were granted. You lack grant option on the specified privileges.
+No privileges were granted.   lacks grant option on the specified 
privileges. .
 ```
 
+Where  is a {project-name} user name.
+
+Where  suggests roles you can specify in order for the grant to 
succeed.
+If  has not been granted any relevant roles,  is omitted.
+
 *Cause:* You attempted to grant privileges for which you do not have
 grant options.
 
@@ -1889,6 +1894,26 @@ overlap in meaning. {project-name} requires the former 
construct to match the la
 
 *Recovery:* Either remove the  clause (as it is redundant) or 
change it to match the primary key. Then resubmit.
 
+[[SQL-1194]]
+== SQL 1194
+
+```
+Component operation  does not exist for component .
+```
+
+Where  is the operation assigned to a component.
+
+Where  is the name of a valid component.
+
+*Cause:* Components are assigned a set of operations that can be granted 
privileges.  The requested 
+is not assigned to component .
+
+*Effect:* The operation fails.
+
+*Recovery:* Perform "get privileges on component " to get the 
list of valid operations (privileges) for the 
+component and retry the request.
+
+<<<
 [[SQL-1195]]
 == SQL 1195
 
@@ -1904,7 +1929,6 @@ Where  is the name of a column specified in 
a SALT clause.
 
 *Recovery:* Correct the column name then resubmit.
 
-<<<
 [[SQL-1196]]
 == SQL 1196
 
@@ -1923,6 +1947,7 @@ Where  is the largest allowable number of 
salt partitions supported
 
 *Recovery:* Correct the SALT clause then resubmit.
 
+<<<
 [[SQL-1197]]
 == SQL 1197
 
@@ -1941,7 +1966,6 @@ Where  is the name of an internal 
stored procedure.
 *Recovery:* None. Report this error and the associated SQL
 operation to the {project-name} User Distribution List.
 
-<<<
 [[SQL-1199]]
 == SQL 1199
 
@@ -1955,6 +1979,7 @@ The PARTITION BY clause is not allowed for a Trafodion 
table.
 
 *Recovery:* Remove the PARTITION BY clause from the DDL statement and resubmit.
 
+<<<
 [[SQL-1200]]
 == SQL 1200
 
@@ -1973,7 +1998,6 @@ A failure occurred at the HDFS or Hive level. The 
diagnostics contain more infor
 
 *Recovery:* Address the indicated issue at the HDFS or Hive level, then 
resubmit.
 
-<<<
 [[SQL-1201]]
 == SQL 1201
 
@@ -1990,6 +2014,7 @@ SALT LIKE TABLE is not allowed for unique indexes.
 
 *Recovery:* Remove either the UNIQUE keyword or the SALT LIKE TABLE clause and 
resubmit.
 
+<<<
 [[SQL-1202]]
 == SQL 1202
 
@@ -2008,7 +2033,6 @@ a table that is not salted.
 
 *Recovery:* Remove the SALT LIKE TABLE clause and resubmit.
 
-<<<
 [[SQL-1203]]
 == SQL 1203
 
@@ -2025,6 +2049,7 @@ characters of HBase options, exceeding the length limit 
that {project-name} supp
 
 *Recovery:* Shorten the set of options specified in

[1/2] trafodion git commit: [TRAFODION-2600] Unable to create view ... but user has SELECT privilege

2018-04-17 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master aade2cffa -> 8c6eebffa


[TRAFODION-2600] Unable to create view ... but user has SELECT privilege

Query invalidation is not resetting the role list when a user is granted a role.
For DML operations, we always retry the request once, and between retries, the
role list is reset.  So DML works on a retry.
However, DDL operations are not retried, so the role list is not reset and the
create view fails.

An analogous issue exists when the role is revoked from a user and the role
list is not reset.  In this case, the user can still create views even though
they no longer have the privilege.

Changes:
- Grant role: sends a new query invalidation key
- Revoke role: forces a query invalidation check even if the key is not present
- Displays query invalidation keys when debug option DBUSER_DEBUG is set, e.g:
   set envvar DBUSER_DEBUG 1;


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/f9820b26
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/f9820b26
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/f9820b26

Branch: refs/heads/master
Commit: f9820b26144a45b7c7cbdedaeefc832f150f5d45
Parents: ad1c676
Author: Roberta Marton 
Authored: Mon Apr 16 22:26:07 2018 +
Committer: Roberta Marton 
Committed: Mon Apr 16 22:26:07 2018 +

--
 core/sql/common/ComDistribution.cpp |   1 +
 core/sql/common/ComSecurityKey.cpp  | 114 ++-
 core/sql/common/ComSecurityKey.h|   5 +-
 core/sql/common/ComSmallDefs.h  |   3 +-
 core/sql/executor/ExExeUtilGet.cpp  |   4 +-
 core/sql/regress/privs1/EXPECTED120 |  33 -
 core/sql/regress/privs1/TEST120 |   5 +-
 core/sql/regress/privs2/EXPECTED144 |  26 ++-
 core/sql/regress/privs2/TEST144 |   1 +
 core/sql/runtimestats/sscpipc.cpp   |   8 +++
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  34 +
 core/sql/sqlcomp/QCache.cpp |  17 +
 12 files changed, 235 insertions(+), 16 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/f9820b26/core/sql/common/ComDistribution.cpp
--
diff --git a/core/sql/common/ComDistribution.cpp 
b/core/sql/common/ComDistribution.cpp
index 1fec747..14bb378 100644
--- a/core/sql/common/ComDistribution.cpp
+++ b/core/sql/common/ComDistribution.cpp
@@ -298,6 +298,7 @@ Int32 literalToEnum (const literalAndEnumStruct * 
conversionTable,
 const literalAndEnumStruct qiTypeConversionTable [] =
 {
   {COM_QI_INVALID_ACTIONTYPE, COM_QI_INVALID_ACTIONTYPE_LIT},
+  {COM_QI_GRANT_ROLE, COM_QI_GRANT_ROLE_LIT},
   {COM_QI_USER_GRANT_ROLE, COM_QI_USER_GRANT_ROLE_LIT},
   {COM_QI_ROLE_GRANT_ROLE, COM_QI_ROLE_GRANT_ROLE_LIT},
   {COM_QI_OBJECT_SELECT, COM_QI_OBJECT_SELECT_LIT},

http://git-wip-us.apache.org/repos/asf/trafodion/blob/f9820b26/core/sql/common/ComSecurityKey.cpp
--
diff --git a/core/sql/common/ComSecurityKey.cpp 
b/core/sql/common/ComSecurityKey.cpp
index 76b88e7..567d9ee 100644
--- a/core/sql/common/ComSecurityKey.cpp
+++ b/core/sql/common/ComSecurityKey.cpp
@@ -165,11 +165,26 @@ bool buildSecurityKeys( const int32_t userID,
   if (privs.isNull())
 return true;
 
+  NABoolean doDebug = (getenv("DBUSER_DEBUG") ? TRUE : FALSE);
+  std::string  msg ("Method: buildSecurityKeys: ");
+  if (doDebug)
+  {
+printf("[DBUSER:%d] %s\n", (int) getpid(), msg.c_str());
+fflush(stdout);
+  }
+
   // If public is the grantee, generate special security key
   // A user cannot be revoked from public
   if (ComUser::isPublicUserID(granteeID))
   {
 ComSecurityKey key(granteeID, ComSecurityKey::OBJECT_IS_SPECIAL_ROLE);
+if (doDebug)
+{
+  NAString msg (key.print(granteeID, objectUID));
+  printf("[DBUSER:%d]  (public) %s\n", (int) getpid(), msg.data());
+  fflush(stdout);
+}
+
 if (key.isValid())
   secKeySet.insert(key);
 else
@@ -181,6 +196,14 @@ bool buildSecurityKeys( const int32_t userID,
   if (PrivMgr::isRoleID(granteeID))
   {
 ComSecurityKey key (userID, granteeID, ComSecurityKey::SUBJECT_IS_USER);
+if (doDebug)
+{
+  NAString msg = key.print(userID, granteeID);
+  printf("[DBUSER:%d]   (role) %s\n",
+ (int) getpid(), msg.data());
+  fflush(stdout);
+}
+
 if (key.isValid())
  secKeySet.insert(key);
 else
@@ -195,6 +218,14 @@ bool buildSecurityKeys( const int32_t userID,
 {
   ComSecurityKey key (granteeID, objectUID, PrivType(i), 
   ComSecurityKey::OBJECT_IS_OBJECT);
+  if (doDebug)
+  {
+NAString msg = key.print(granteeID, objectUID);
+printf("[DBUSER:%d]

[2/2] trafodion git commit: merge [TRAFODION-2600] pr - 1520 Unable to create view ... but user has SELECT privilege

2018-04-17 Thread rmarton

merge [TRAFODION-2600] pr - 1520 Unable to create view ... but user has SELECT 
privilege


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/8c6eebff
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/8c6eebff
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/8c6eebff

Branch: refs/heads/master
Commit: 8c6eebffa235cc912843d10d440926cdadcd0d33
Parents: aade2cf f9820b2
Author: Roberta Marton 
Authored: Tue Apr 17 23:35:01 2018 +
Committer: Roberta Marton 
Committed: Tue Apr 17 23:35:01 2018 +

--
 core/sql/common/ComDistribution.cpp |   1 +
 core/sql/common/ComSecurityKey.cpp  | 114 ++-
 core/sql/common/ComSecurityKey.h|   5 +-
 core/sql/common/ComSmallDefs.h  |   3 +-
 core/sql/executor/ExExeUtilGet.cpp  |   4 +-
 core/sql/regress/privs1/EXPECTED120 |  33 -
 core/sql/regress/privs1/TEST120 |   5 +-
 core/sql/regress/privs2/EXPECTED144 |  26 ++-
 core/sql/regress/privs2/TEST144 |   1 +
 core/sql/runtimestats/sscpipc.cpp   |   8 +++
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  34 +
 core/sql/sqlcomp/QCache.cpp |  17 +
 12 files changed, 235 insertions(+), 16 deletions(-)
--

[2/2] trafodion git commit: Merge [TRAFODION-2249] pr 1517 Cannot use library management SPJs after an upgrade

2018-04-16 Thread rmarton

Merge [TRAFODION-2249] pr 1517 Cannot use library management SPJs after an 
upgrade


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/c826bceb
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/c826bceb
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/c826bceb

Branch: refs/heads/master
Commit: c826bceb5912ccd9d4aab6128f6470f72f65d214
Parents: 9247656 e3b01d4
Author: Roberta Marton 
Authored: Mon Apr 16 21:57:06 2018 +
Committer: Roberta Marton 
Committed: Mon Apr 16 21:57:06 2018 +

--
 core/sql/sqlcomp/CmpSeabaseDDLroutine.cpp  | 65 +
 core/sql/sqlcomp/CmpSeabaseDDLroutine.h|  3 +
 install/python-installer/scripts/traf_start.py |  8 +++
 3 files changed, 76 insertions(+)
--

[1/2] trafodion git commit: [TRAFODION-2205] invalid char at create schema when authorization name is long

2018-04-12 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master 82710576e -> 3dd0eca44


[TRAFODION-2205] invalid char at create schema when authorization name is long

There is code that converts the user ID to its username.  The buffer size
requested was not big enough to hold the return value.  In addition, the buffer
size check was returning an error but did not add an error to the ComDiags area;
therefore the returned error was ignored.
- Changed max len in calls to getAuthNameFromAuthID to the correct size.
- Set up the Diags area when buffer size is too small so the error is reported
  correctly, returns error 20235:

"Error returned while converting auth ID to auth name, status: xx ID: xx."

Also removed redundant methods:
-  getDBUserNameFromID - calls getAuthNameFromID instead
-  getDBUserIDFromName - calls GetAuthIDFromName instead


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/affe1f60
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/affe1f60
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/affe1f60

Branch: refs/heads/master
Commit: affe1f60ff02610d40a9d58702b12d9c9473de34
Parents: ee2cff9
Author: Roberta Marton 
Authored: Thu Apr 12 16:07:02 2018 +
Committer: Roberta Marton 
Committed: Thu Apr 12 16:07:02 2018 +

--
 core/sql/cli/Cli.cpp |  12 +--
 core/sql/cli/Context.cpp | 125 +-
 core/sql/cli/Context.h   |   6 --
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp |   6 +-
 core/sql/sqlcomp/CmpSeabaseDDLschema.cpp |   2 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp   |   2 +-
 6 files changed, 14 insertions(+), 139 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/affe1f60/core/sql/cli/Cli.cpp
--
diff --git a/core/sql/cli/Cli.cpp b/core/sql/cli/Cli.cpp
index 4a83a14..a06aadb 100644
--- a/core/sql/cli/Cli.cpp
+++ b/core/sql/cli/Cli.cpp
@@ -6182,10 +6182,10 @@ Lng32 SQLCLI_GetDatabaseUserName (
   ContextCli  = *(cliGlobals->currContext());
   ComDiagsArea  = currContext.diags();
 
-  retcode = currContext.getDBUserNameFromID(user_id,
-string_value,
-max_string_len,
-len_of_item);
+  retcode = currContext.getAuthNameFromID(user_id,
+  string_value,
+  max_string_len,
+ *len_of_item);
 
   return CliEpilogue(cliGlobals, NULL, retcode);
 }
@@ -6206,8 +6206,8 @@ Lng32 SQLCLI_GetDatabaseUserID (
   ContextCli  = *(cliGlobals->currContext());
   ComDiagsArea  = currContext.diags();
 
-  retcode = currContext.getDBUserIDFromName(string_value,
-numeric_value);
+  retcode = currContext.getAuthIDFromName(string_value,
+  *numeric_value);
 
   return CliEpilogue(cliGlobals, NULL, retcode);
 }

http://git-wip-us.apache.org/repos/asf/trafodion/blob/affe1f60/core/sql/cli/Context.cpp
--
diff --git a/core/sql/cli/Context.cpp b/core/sql/cli/Context.cpp
index 09f1783..c4dd6c7 100644
--- a/core/sql/cli/Context.cpp
+++ b/core/sql/cli/Context.cpp
@@ -4359,128 +4359,6 @@ RETCODE ContextCli::getAuthNameFromID(
 //*** End of ContextCli::getAuthNameFromID 
*
 
 
-
-
-
-
-// Public method to map an integer user ID to a user name
-RETCODE ContextCli::getDBUserNameFromID(Int32 userID, // IN
-char *userNameBuffer, // OUT
-Int32 maxBufLen,  // IN
-Int32 *requiredLen)   // OUT optional
-{
-  RETCODE result = SUCCESS;
-  char usersNameFromUsersTable[MAX_USERNAME_LEN + 1];
-  Int32 userIDFromUsersTable;
-  std::vector roleIDs;
-  if (requiredLen)
-*requiredLen = 0;
-  
-  // Cases to consider
-  // * userID is the current user ID
-  // * SYSTEM_USER and PUBLIC_USER have special integer user IDs and
-  //   are not registered in the USERS table
-  // * other users
-
-  NABoolean isCurrentUser =
-(userID == (Int32) databaseUserID_ ? TRUE : FALSE);
-
-  const char *currentUserName = NULL;
-  if (isCurrentUser)
-  {
-currentUserName = databaseUserName_;
-  }
-  else
-  {
-// See if the USERS row exists
-result = authQuery(USERS_QUERY_BY_USER_ID,
-   NULL,// IN user name (ignored)
-   userID,  // IN user ID
-

[2/2] trafodion git commit: [TRAFODION-2205] PR 1516 invalid char at create schema when authorization name is long

2018-04-12 Thread rmarton

[TRAFODION-2205] PR 1516 invalid char at create schema when authorization name 
is long


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/3dd0eca4
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/3dd0eca4
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/3dd0eca4

Branch: refs/heads/master
Commit: 3dd0eca447ebcfbadf81c78730f64a2709652b03
Parents: 8271057 affe1f6
Author: Roberta Marton 
Authored: Thu Apr 12 22:52:07 2018 +
Committer: Roberta Marton 
Committed: Thu Apr 12 22:52:07 2018 +

--
 core/sql/cli/Cli.cpp |  12 +--
 core/sql/cli/Context.cpp | 125 +-
 core/sql/cli/Context.h   |   6 --
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp |   6 +-
 core/sql/sqlcomp/CmpSeabaseDDLschema.cpp |   2 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp   |   2 +-
 6 files changed, 14 insertions(+), 139 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/3dd0eca4/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
--

[1/3] trafodion git commit: Get statement enhancements

2018-04-12 Thread rmarton

Repository: trafodion
Updated Branches:
  refs/heads/master d6e29337a -> ad1c67618


http://git-wip-us.apache.org/repos/asf/trafodion/blob/021faec6/core/sql/regress/privs1/EXPECTED123
--
diff --git a/core/sql/regress/privs1/EXPECTED123 
b/core/sql/regress/privs1/EXPECTED123
index 0251bda..45d5db9 100644
--- a/core/sql/regress/privs1/EXPECTED123
+++ b/core/sql/regress/privs1/EXPECTED123
@@ -93,6 +93,9 @@ SHOW
 +>  ;
 
 --- SQL operation complete.
+>>create index games_visitor on games(visitor_team_number) no populate;
+
+--- SQL operation complete.
 >>
 >>create table players
 +>  (player_number int not null,
@@ -109,6 +112,32 @@ SHOW
 
 --- SQL operation complete.
 >>
+>>create view home_teams_games as
++>  select t.team_number, g.game_number, g.game_time
++>  from "TEAMS" t,
++>   "GAMES" g
++>  where t.team_number = g.home_team_number
++>  order by 1, game_number, game_time;
+
+--- SQL operation complete.
+>>
+>>create view players_on_team as
++>  select player_name, team_name
++>  from teams t, players p
++>  where p.player_team_number = t.team_number
++>  order by t.team_name;
+
+--- SQL operation complete.
+>>
+>>create view games_by_player as
++>  select player_name, game_time
++>  from players_on_team p, games g, teams t
++>  where p.player_name = t.team_name and
++>t.team_number = g.home_team_number
++>  order by player_name, team_number;
+
+--- SQL operation complete.
+>>
 >>grant select on games to sql_user4;
 
 --- SQL operation complete.
@@ -332,10 +361,13 @@ Privileges for User SQL_USER5
 --ETRAFODION."_LIBMGR_".EVENT_LOG_READER
 --ETRAFODION."_LIBMGR_".JDBC
 SIDU-R-TRAFODION.T123SCH.GAMES
+SR-TRAFODION.T123SCH.GAMES_BY_PLAYER
+SR-TRAFODION.T123SCH.HOME_TEAMS_GAMES
 SIDU-R-TRAFODION.T123SCH.PLAYERS
 S--TRAFODION.T123SCH.PLAYERS  PLAYER_NAME
 S--TRAFODION.T123SCH.PLAYERS  PLAYER_NUMBER
 S--TRAFODION.T123SCH.PLAYERS  PLAYER_TEAM_NUMBER
+SR-TRAFODION.T123SCH.PLAYERS_ON_TEAM
 G--TRAFODION.T123SCH.PLAYERS_SEQUENCE
 SIDU-R-TRAFODION.T123SCH.SB_HISTOGRAMS
 SIDU-R-TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS
@@ -374,7 +406,10 @@ Privileges for Role T123_OWNERROLE
 ==
 
 SIDU-R-TRAFODION.T123SCH.GAMES
+SR-TRAFODION.T123SCH.GAMES_BY_PLAYER
+SR-TRAFODION.T123SCH.HOME_TEAMS_GAMES
 SIDU-R-TRAFODION.T123SCH.PLAYERS
+SR-TRAFODION.T123SCH.PLAYERS_ON_TEAM
 G--TRAFODION.T123SCH.PLAYERS_SEQUENCE
 SIDU-R-TRAFODION.T123SCH.SB_HISTOGRAMS
 SIDU-R-TRAFODION.T123SCH.SB_HISTOGRAM_INTERVALS
@@ -397,6 +432,164 @@ S--TRAFODION.T123SCH.TEAMS  TEAM_NUMBER
 
 --- SQL operation complete.
 >>
+>>get tables for user sql_user1;
+
+Tables for User SQL_USER1
+=
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".TEAMS
+
+--- SQL operation complete.
+>>get tables for user sql_user2;
+
+Tables for User SQL_USER2
+=
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".TEAMS
+
+--- SQL operation complete.
+>>get tables for user sql_user3;
+
+Tables for User SQL_USER3
+=
+
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".TEAMS
+
+--- SQL operation complete.
+>>get tables for user sql_user4;
+
+Tables for User SQL_USER4
+=
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".TEAMS
+
+--- SQL operation complete.
+>>get tables for user sql_user5;
+
+Tables for User SQL_USER5
+=
+
+TRAFODION."T123SCH".GAMES
+TRAFODION."T123SCH".PLAYERS
+TRAFODION."T123SCH".SB_HISTOGRAMS
+TRAFODION."T123SCH".SB_HISTOGRAM_INTERVALS
+TRAFODION."T123SCH".SB_PERSISTENT_SAMPLES
+TRAFODION."T123SCH".TEAMS
+
+--- SQL operation complete.
+>>
+>>get indexes for user sql_user1;
+
+Indexes for User SQL_USER1
+==
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+--- SQL operation complete.
+>>get indexes for user sql_user2;
+
+Indexes for User SQL_USER2
+==
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+--- SQL operation complete.
+>>get indexes for user sql_user3;
+
+--- SQL operation complete.
+>>get indexes for user sql_user4;
+
+Indexes for User SQL_USER4
+==
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+--- SQL operation complete.
+>>get indexes for user sql_user5;
+
+Indexes for User SQL_USER5
+==
+
+TRAFODION."T123SCH".GAMES_VISITOR
+
+--- SQL operation complete.
+>>
+>>get views for user sql_user1;
+
+--- SQL operation complete.
+>>get views for user sql_user2;
+
+--- SQL operation complete.
+>>get views for user sql_user3;
+
+--- SQL operation complete.
+>>get views for user sql_user4;
+
+--- SQL operation complete.
+>>get views for user sql_user5;
+
+Views for User SQL_USER5
+
+
+TRAFODION."T123SCH".GAMES_BY_PLAYER

[2/3] trafodion git commit: Get statement enhancements

2018-04-12 Thread rmarton

Get statement enhancements

Added support and privilege checks for the following commands:

  get functions for library
  get procedures for library
  get table_mapping functions for library

  get indexes on table
  get objects on table
  get views on table
  get views on view

  get libraries in schema
  get objects in view
  get tables in view
  get views in view

  get indexes for user
  get tables for user
  get libraries for user
  get views for user

Changed "get libraries for schema" to include libraries where the current user
has execute privilege on one of the libraries routines (functions, procedures,
or table_mapping functions).

Addressed a performance issue when determining if the user has column level
privileges. If the user has granted privileges against native Hive tables
through EsgynDB, we need to get the column name from Hive. The call to get the
column, by calling hivemd, is very expensive. This change checks to see if the
requested user has been granted any column level privileges on a hive table.
If so, we will go ahead and do the mapping (call hivemd). If not, then we will
not include the hivemd fragment for the query.  Since we are scanning the column
privileges table anyway, we also see if the requested user (or their roles) has
been granted any privileges. If so, we include the column privileges check in
the query.

Commented out get statements that we do not support at this time.


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/021faec6
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/021faec6
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/021faec6

Branch: refs/heads/master
Commit: 021faec6a18336cfefd11b30d100a8fe4e3da1ee
Parents: ee2cff9
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Apr 10 18:35:39 2018 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Apr 10 18:35:39 2018 +

--
 core/sql/comexe/ComTdbExeUtil.h  |   2 -
 core/sql/executor/ExExeUtil.h|   9 +-
 core/sql/executor/ExExeUtilGet.cpp   | 624 ++--
 core/sql/generator/GenRelExeUtil.cpp | 164 +++
 core/sql/parser/sqlparser.y  |  37 +-
 core/sql/regress/privs1/EXPECTED123  | 773 ++
 core/sql/regress/privs1/EXPECTED125  | 268 ++-
 core/sql/regress/privs1/TEST123  |  46 ++
 core/sql/regress/privs1/TEST125  |  20 +-
 9 files changed, 1658 insertions(+), 285 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/021faec6/core/sql/comexe/ComTdbExeUtil.h
--
diff --git a/core/sql/comexe/ComTdbExeUtil.h b/core/sql/comexe/ComTdbExeUtil.h
index 9024afe..bb29172 100644
--- a/core/sql/comexe/ComTdbExeUtil.h
+++ b/core/sql/comexe/ComTdbExeUtil.h
@@ -2542,9 +2542,7 @@ public:
 PRIVILEGES_FOR_ROLE_,
 
 USERS_,
-CURRENT_USER_,
 
-CATALOGS_FOR_USER_,
 INDEXES_FOR_USER_,
 LIBRARIES_FOR_USER_,
 MVGROUPS_FOR_USER_,

http://git-wip-us.apache.org/repos/asf/trafodion/blob/021faec6/core/sql/executor/ExExeUtil.h
--
diff --git a/core/sql/executor/ExExeUtil.h b/core/sql/executor/ExExeUtil.h
index 428ccdf..3615c10 100644
--- a/core/sql/executor/ExExeUtil.h
+++ b/core/sql/executor/ExExeUtil.h
@@ -2499,9 +2499,16 @@ private:
 const char *schName,
 const char *objName);
 
+  Int32 colPrivsFrag(
+const char *authName,
+const char *catName,
+const NAString ,
+NAString );
+
   NAString getGrantedPrivCmd(
 const NAString ,
-const char * cat);
+const char * cat,
+const NAString  = NAString("object_uid"));
 
   char * getRoleList(
 const Int32 userID,

http://git-wip-us.apache.org/repos/asf/trafodion/blob/021faec6/core/sql/executor/ExExeUtilGet.cpp
--
diff --git a/core/sql/executor/ExExeUtilGet.cpp 
b/core/sql/executor/ExExeUtilGet.cpp
index 97815ef..249241f 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -182,7 +182,7 @@ static const QueryString getRolesForUserQuery[] =
   {" ; "}
 };
 
-static const QueryString getPrivsForAuthsQuery[] = 
+static const QueryString getPrivsForAuthsQuery[] =
 {
   {" select translate(rtrim(object_name) using ucs2toutf8), "},
   {"case when bitextract(privileges_bitmap,63,1) = 1 then 'S' "},
@@ -201,8 +201,31 @@ static const QueryString getPrivsForAuthsQuery[] =
   {"  else '-' end as privs "},
   {" from %s.\"%s\".%s "},
   {" where grantee_id %s "},
-
   {" union "},
+  {"  (select

[3/3] trafodion git commit: Merge [TRAFODION-2175] PR 1512 Get statement enhancements

2018-04-12 Thread rmarton

Merge [TRAFODION-2175] PR 1512 Get statement enhancements


Project: http://git-wip-us.apache.org/repos/asf/trafodion/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafodion/commit/ad1c6761
Tree: http://git-wip-us.apache.org/repos/asf/trafodion/tree/ad1c6761
Diff: http://git-wip-us.apache.org/repos/asf/trafodion/diff/ad1c6761

Branch: refs/heads/master
Commit: ad1c67618de5cab9c63980f9096cd470a78559e4
Parents: d6e2933 021faec
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Apr 11 22:03:24 2018 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Apr 11 22:03:24 2018 +

--
 core/sql/comexe/ComTdbExeUtil.h  |   2 -
 core/sql/executor/ExExeUtil.h|   9 +-
 core/sql/executor/ExExeUtilGet.cpp   | 624 ++--
 core/sql/generator/GenRelExeUtil.cpp | 164 +++
 core/sql/parser/sqlparser.y  |  37 +-
 core/sql/regress/privs1/EXPECTED123  | 773 ++
 core/sql/regress/privs1/EXPECTED125  | 268 ++-
 core/sql/regress/privs1/TEST123  |  46 ++
 core/sql/regress/privs1/TEST125  |  20 +-
 9 files changed, 1658 insertions(+), 285 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/trafodion/blob/ad1c6761/core/sql/comexe/ComTdbExeUtil.h
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/ad1c6761/core/sql/executor/ExExeUtilGet.cpp
--

http://git-wip-us.apache.org/repos/asf/trafodion/blob/ad1c6761/core/sql/parser/sqlparser.y
--

[1/4] incubator-trafodion git commit: add regression test for COMMENT-ON statement

2017-12-13 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 625cd8a32 -> 7acdca64d


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/59e2f051/core/sql/regress/compGeneral/FILTER072
--
diff --git a/core/sql/regress/compGeneral/FILTER072 
b/core/sql/regress/compGeneral/FILTER072
new file mode 100755
index 000..66c521d
--- /dev/null
+++ b/core/sql/regress/compGeneral/FILTER072
@@ -0,0 +1,17 @@
+#! /bin/sh
+
+# Specialized filter for  project to filter out
+# 1. Syskey values
+# 2. "Funny names" for index columns appearing multiple times
+#(done twice, since it may appear multiple times)
+# 3. refreshed elapsed time
+
+fil=$1
+if [ "$fil" = "" ]; then
+  echo "Usage: $0 filename"
+  exit 1
+fi
+
+sed "
+s/FILE '.*rundir\(.*\)'/FILE '\$rundir\1'/g
+" $fil

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/59e2f051/core/sql/regress/compGeneral/TEST072
--
diff --git a/core/sql/regress/compGeneral/TEST072 
b/core/sql/regress/compGeneral/TEST072
new file mode 100644
index 000..67342a8
--- /dev/null
+++ b/core/sql/regress/compGeneral/TEST072
@@ -0,0 +1,261 @@
+-- Test: TEST072 (CompGeneral)
+-- @@@ START COPYRIGHT @@@
+--
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+--
+-- @@@ END COPYRIGHT @@@
+--
+-- Functionality: COMMENT-ON statement
+-- Expected file: EXPECTED072
+-- Filter file: FILTER072
+-- Tables created: t072t1
+-- Limitations: 
+-- Revision history:
+-- (12/5/17) - Created for new syntax COMMENT-ON
+
+
+set pattern $$QUOTE$$ ;  -- Needed for metadata insert of DLL path
+
+log LOG072 clear;
+
+obey TEST072(clnup);
+obey TEST072(compile_libs);
+obey TEST072(ddl);
+
+obey TEST072(comment01);
+obey TEST072(showcomment);
+obey TEST072(showddl1);
+
+obey TEST072(comment02);
+obey TEST072(showcomment);
+obey TEST072(showddl1);
+
+obey TEST072(comment03);
+obey TEST072(showcomment);
+obey TEST072(showddl2);
+
+obey TEST072(comment04);
+obey TEST072(showcomment);
+obey TEST072(showddl2);
+
+obey TEST072(comment05);
+obey TEST072(showcomment);
+obey TEST072(showddl2);
+
+obey TEST072(clnup);
+obey TEST072(showcomment);
+
+exit;
+
+
+?section compile_libs
+--
+log;
+
+--DLL
+sh rm -f ./TEST072.dll;
+sh sh $$scriptsdir$$/tools/dll-compile.ksh TEST072.cpp
+  2>&1 | tee -a LOG072-SECONDARY;
+set pattern $$DLL$$ TEST072.dll;
+
+--SPJ jar
+sh sh $$scriptsdir$$/tools/java-compile.ksh TEST072.java 2>> LOG072-SECONDARY 
| tee -a LOG072;
+sh sh $$scriptsdir$$/tools/java-archive.ksh TEST072.jar TEST072.class 2>> 
LOG072-SECONDARY | tee -a LOG072;
+set pattern $$SPJJAR$$ TEST072.jar;
+
+log LOG072;
+
+
+?section ddl
+--
+
+create schema t072sch_comment;
+
+create table t072sch_comment.t072t1 ( col1 int not null, col2 DECIMAL(10, 4) 
not null, col3 VARCHAR(50) not null, primary key (col1) );
+
+create index t072idx1 on t072sch_comment.t072t1 (col1, col3);
+
+create view  t072sch_comment.t072view1 as select * from t072sch_comment.t072t1;
+
+create library t072sch_comment.t072ddl file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL$$ 
$$QUOTE$$;
+
+create library t072sch_comment.t072jar file $$QUOTE$$ 
$$REGRRUNDIR$$/$$SPJJAR$$ $$QUOTE$$;
+
+
+create function t072sch_comment.t072func(int,int) returns (add2 int)
+external name 'add2' library t072sch_comment.t072ddl
+deterministic no sql no transaction required
+;
+
+create procedure t072sch_comment.t072spj()
+external name 'TEST072.testMoreResultSet'
+library t072sch_comment.t072jar
+language  java 
+DYNAMIC RESULT SETS 5
+READS SQL DATA
+; 
+
+CREATE SEQUENCE   t072sch_comment.t072seq
+START WITH1
+INCREMENT BY  1
+MAXVALUE  1
+NO CYCLE
+CACHE 20
+--UNSIGNED INTEGER
+;
+
+
+?section comment01
+--
+
+--CREATE COMMENTS
+comment on schema t072sch_comment   is 'This is a 
new comment of

[2/4] incubator-trafodion git commit: add regression test for COMMENT-ON statement

2017-12-13 Thread rmarton

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/59e2f051/core/sql/regress/compGeneral/EXPECTED072
--
diff --git a/core/sql/regress/compGeneral/EXPECTED072 
b/core/sql/regress/compGeneral/EXPECTED072
new file mode 100644
index 000..14a4357
--- /dev/null
+++ b/core/sql/regress/compGeneral/EXPECTED072
@@ -0,0 +1,1154 @@
+>>
+>>obey TEST072(clnup);
+>>--
+>>
+>>-- CLEANUP database
+>>drop schema IF EXISTS t072sch_comment cascade;
+
+--- SQL operation complete.
+>>
+>>obey TEST072(compile_libs);
+>>--
+>>log;
+--
+-- Compiling Java source files: TEST072.java
+-- Executing: $javac -d $REGRRUNDIR $REGRTSTDIR/TEST072.java
+-- $javac returned 0
+--
+--
+-- Archiving Java class files:
+--TEST072.class
+-- Archive will be written to: TEST072.jar
+-- Executing: $jar cMf TEST072.jar TEST072.class
+-- $jar returned 0
+--
+>>
+>>
+>>obey TEST072(ddl);
+>>--
+>>
+>>create schema t072sch_comment;
+
+--- SQL operation complete.
+>>
+>>create table t072sch_comment.t072t1 ( col1 int not null, col2 DECIMAL(10, 4) 
not null, col3 VARCHAR(50) not null, primary key (col1) );
+
+--- SQL operation complete.
+>>
+>>create index t072idx1 on t072sch_comment.t072t1 (col1, col3);
+
+--- SQL operation complete.
+>>
+>>create view  t072sch_comment.t072view1 as select * from 
t072sch_comment.t072t1;
+
+--- SQL operation complete.
+>>
+>>create library t072sch_comment.t072ddl file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL$$ 
$$QUOTE$$;
+
+--- SQL operation complete.
+>>
+>>create library t072sch_comment.t072jar file $$QUOTE$$ 
$$REGRRUNDIR$$/$$SPJJAR$$ $$QUOTE$$;
+
+--- SQL operation complete.
+>>
+>>
+>>create function t072sch_comment.t072func(int,int) returns (add2 int)
++>external name 'add2' library t072sch_comment.t072ddl
++>deterministic no sql no transaction required
++>;
+
+--- SQL operation complete.
+>>
+>>create procedure t072sch_comment.t072spj()
++>external name 'TEST072.testMoreResultSet'
++>library t072sch_comment.t072jar
++>language  java 
++>DYNAMIC RESULT SETS 5
++>READS SQL DATA
++>;
+
+--- SQL operation complete.
+>>
+>>CREATE SEQUENCE   t072sch_comment.t072seq
++>START WITH1
++>INCREMENT BY  1
++>MAXVALUE  1
++>NO CYCLE
++>CACHE 20
++>--UNSIGNED INTEGER
++>;
+
+--- SQL operation complete.
+>>
+>>
+>>
+>>obey TEST072(comment01);
+>>--
+>>
+>>--CREATE COMMENTS
+>>comment on schema t072sch_comment   is 'This is 
a new comment of SCHEMA.è¿æ¯ä¸ä¸ªschemaçæ³¨éã' ;
+
+--- SQL operation complete.
+>>comment on table  t072sch_comment.t072t1is 'This is 
a new comment of 
TABLE.è¿ä¸ªæ¯ä¸ä¸ªä¸æçtableçæ³¨éããããâ¦â¦' ;
+
+--- SQL operation complete.
+>>comment on index  TRAFODION.t072sch_comment.t072idx1is 'This is 
a new comment of INDEX.' ;
+
+--- SQL operation complete.
+>>comment on view   TRAFODION.t072sch_comment.t072view1   is 'This is 
a new comment of VIEW.' ;
+
+--- SQL operation complete.
+>>comment on libraryTRAFODION.t072sch_comment.t072ddl is 'This is 
a new comment of C UDF library.' ;
+
+--- SQL operation complete.
+>>comment on libraryt072sch_comment.t072jar   is 'This is 
a new comment of Java SPJ library.' ;
+
+--- SQL operation complete.
+>>comment on function   t072sch_comment.t072func  is 'This is 
a new comment of SCALAR UDF.' ;
+
+--- SQL operation complete.
+>>comment on procedure  t072sch_comment.t072spj   is 'This is 
a new comment of SPJ.' ;
+
+--- SQL operation complete.
+>>comment on sequence   t072sch_comment.t072seq   is 'This is 
a new comment of SEQUENCE.' ;
+
+--- SQL operation complete.
+>>
+>>comment on column t072sch_comment.t072t1.col1   is 'This is 
a T01 column new comment of table.' ;
+
+--- SQL operation complete.
+>>comment on column t072sch_comment.t072t1.col2   is 'This is 
a T02 column new comment of table.' ;
+
+--- SQL operation complete.
+>>comment on column t072sch_comment.t072t1.col3   is 'This is 
a T03 column new comment of table.' ;
+
+--- SQL operation complete.
+>>comment on column t072sch_comment.t072view1.col1is 'This is 
a V01 column new comment of view.' ;
+
+--- SQL operation complete.

[4/4] incubator-trafodion git commit: Merge [2803] Add regression test for COMMENT ON pr# 1327

2017-12-13 Thread rmarton

Merge [2803] Add regression test for COMMENT ON pr# 1327


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/7acdca64
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/7acdca64
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/7acdca64

Branch: refs/heads/master
Commit: 7acdca64dfc707a8de4247eada2543c1aaea22d0
Parents: 625cd8a 59e2f05
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Dec 14 01:07:48 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Dec 14 01:07:48 2017 +

--
 core/sql/regress/compGeneral/EXPECTED072   | 1154 +++
 core/sql/regress/compGeneral/FILTER072 |   17 +
 core/sql/regress/compGeneral/TEST072   |  261 +
 core/sql/regress/compGeneral/TEST072.cpp   |   20 +
 core/sql/regress/compGeneral/TEST072.java  |   32 +
 core/sql/regress/tools/runregr_compGeneral.ksh |5 +-
 6 files changed, 1488 insertions(+), 1 deletion(-)
--

[3/4] incubator-trafodion git commit: add regression test for COMMENT-ON statement

2017-12-13 Thread rmarton

add regression test for COMMENT-ON statement


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/59e2f051
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/59e2f051
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/59e2f051

Branch: refs/heads/master
Commit: 59e2f051a061435c16b19e5c11556d4ce5ce08b2
Parents: 7495377
Author: EEDY 
Authored: Wed Dec 6 14:43:25 2017 +0800
Committer: EEDY 
Committed: Wed Dec 13 09:46:41 2017 +0800

--
 core/sql/regress/compGeneral/EXPECTED072   | 1154 +++
 core/sql/regress/compGeneral/FILTER072 |   17 +
 core/sql/regress/compGeneral/TEST072   |  261 +
 core/sql/regress/compGeneral/TEST072.cpp   |   20 +
 core/sql/regress/compGeneral/TEST072.java  |   32 +
 core/sql/regress/tools/runregr_compGeneral.ksh |5 +-
 6 files changed, 1488 insertions(+), 1 deletion(-)
--

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2705] pr 1282 User with SHOW privilege cannot do showddl user

2017-10-31 Thread rmarton

Merge [TRAFODION-2705] pr 1282 User with SHOW privilege cannot do showddl user


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/f42450f7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/f42450f7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/f42450f7

Branch: refs/heads/master
Commit: f42450f75073d26f5f90468b82662b17d206b39c
Parents: 4ff25d9 8f8b0e8
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Oct 31 15:22:48 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Oct 31 15:22:48 2017 +

--
 core/sql/regress/privs1/EXPECTED141   | Bin 102260 -> 38586 bytes
 core/sql/regress/privs1/TEST141   | 158 +-
 core/sql/regress/tools/runregr_privs1.ksh |   2 +-
 core/sql/sqlcomp/CmpDescribe.cpp  |  10 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp| 280 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.h  |   4 +-
 6 files changed, 240 insertions(+), 214 deletions(-)
--

[3/3] incubator-trafodion git commit: Merge pr 1274 miscellaneous authorization changes

2017-10-26 Thread rmarton

Merge pr 1274 miscellaneous authorization changes


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/9e5f36cd
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/9e5f36cd
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/9e5f36cd

Branch: refs/heads/master
Commit: 9e5f36cd36c0b77ca2b9a3f46afbd56761fa7929
Parents: 6b07d62 079ea00
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Oct 26 17:23:17 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Oct 26 17:23:17 2017 +

--
 core/sql/bin/SqlciErrors.txt|   2 +-
 core/sql/common/ComUser.cpp |   6 +-
 core/sql/common/NAUserId.h  |  73 +-
 core/sql/regress/privs1/EXPECTED132 | 941 ++-
 core/sql/regress/privs1/TEST132 | 145 +--
 core/sql/sqlci/SqlCmd.cpp   |   1 +
 core/sql/sqlci/SqlciCmd.h   |   9 +-
 core/sql/sqlci/SqlciEnv.cpp |  49 +-
 core/sql/sqlci/sqlci_lex.ll |   1 +
 core/sql/sqlci/sqlci_yacc.y |  11 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |   2 +-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp  | 351 ---
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|  18 +-
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|  15 +-
 core/sql/sqlcomp/PrivMgrComponentDefs.h | 284 ++
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 240 -
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |   2 +
 core/sql/sqlcomp/PrivMgrMD.cpp  |  14 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |   2 +-
 19 files changed, 1238 insertions(+), 928 deletions(-)
--

[2/3] incubator-trafodion git commit: Miscellaneous authorization changes:

2017-10-26 Thread rmarton

Miscellaneous authorization changes:

- Unregister user does not remove component privileges
- Reuse unused entries from the authID ranges
- Add "changeuser" command to update user credentials in place instead of
  requiring a new sqlci session to be started.  Changed privs1/TEST132 to use
  this change and cut about 5 minutes off the test time.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/079ea00a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/079ea00a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/079ea00a

Branch: refs/heads/master
Commit: 079ea00a1710c9ca8474db06a44309e21c5a0361
Parents: 5071a20
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Oct 23 16:13:00 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Oct 23 16:13:00 2017 +

--
 core/sql/bin/SqlciErrors.txt|   2 +-
 core/sql/common/ComUser.cpp |   6 +-
 core/sql/common/NAUserId.h  |  73 +-
 core/sql/regress/privs1/EXPECTED132 | 941 ++-
 core/sql/regress/privs1/TEST132 | 145 +--
 core/sql/sqlci/SqlCmd.cpp   |   1 +
 core/sql/sqlci/SqlciCmd.h   |   9 +-
 core/sql/sqlci/SqlciEnv.cpp |  49 +-
 core/sql/sqlci/sqlci_lex.ll |   1 +
 core/sql/sqlci/sqlci_yacc.y |  11 +
 core/sql/sqlcomp/CmpDDLCatErrorCodes.h  |   2 +-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp  | 351 ---
 core/sql/sqlcomp/CmpSeabaseDDLauth.h|  18 +-
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|  15 +-
 core/sql/sqlcomp/PrivMgrComponentDefs.h | 284 ++
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp | 240 -
 core/sql/sqlcomp/PrivMgrComponentPrivileges.h   |   2 +
 core/sql/sqlcomp/PrivMgrMD.cpp  |  14 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |   2 +-
 19 files changed, 1238 insertions(+), 928 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/079ea00a/core/sql/bin/SqlciErrors.txt
--
diff --git a/core/sql/bin/SqlciErrors.txt b/core/sql/bin/SqlciErrors.txt
index d70f23d..8fdd3dc 100644
--- a/core/sql/bin/SqlciErrors.txt
+++ b/core/sql/bin/SqlciErrors.txt
@@ -5,7 +5,7 @@
 1003 Z 9 BEGINNER MINOR DBADMIN Schema $0~SchemaName does not exist.
 1004 Z 9 BEGINNER MINOR DBADMIN Object $0~TableName does not exist or 
object type is invalid for the current operation.
 1005 Z 9 BEGINNER MINOR DBADMIN Constraint $0~ConstraintName does not 
exist.
-1006 Z 9 BEGINNER MINOR DBADMIN --- unused ---
+1006 Z 9 BEGINNER MINOR DBADMIN Skipping authorization ID $0~Int0.
 1007 Z 9 ADVANCED MAJOR DBADMIN The WITH GRANT OPTION is not supported.
 1008 Z 9 BEGINNER MINOR DBADMIN Authorization identifier $0~String0 
does not exist.
 1009 Z 9 BEGINNER MINOR DBADMIN Column $0~ColumnName does not exist in 
the specified table.

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/079ea00a/core/sql/common/ComUser.cpp
--
diff --git a/core/sql/common/ComUser.cpp b/core/sql/common/ComUser.cpp
index b8261f4..796d94b 100644
--- a/core/sql/common/ComUser.cpp
+++ b/core/sql/common/ComUser.cpp
@@ -408,7 +408,7 @@ Int32 ComUser::getRoleList (char * roleList,
 const char separator,
 const bool includeSpecialAuths)
 {
-  Int32 numberRoles = sizeof(systemRoles)/sizeof(SystemRolesStruct);
+  Int32 numberRoles = sizeof(systemRoles)/sizeof(SystemAuthsStruct);
   Int32 roleListLen = (MAX_AUTHNAME_LEN*numberRoles)+(numberRoles * 4); // 4 = 
2 del + 2 sep
   char generatedRoleList[roleListLen];
   char *pRoles = generatedRoleList;
@@ -416,13 +416,13 @@ Int32 ComUser::getRoleList (char * roleList,
   char currentSeparator = ' ';
   for (Int32 i = 0; i < numberRoles; i++)
   {
-const SystemRolesStruct  = systemRoles[i];
+const SystemAuthsStruct  = systemRoles[i];
 if (!includeSpecialAuths && roleDefinition.isSpecialAuth)
   continue;
 
 // str_sprintf does not support the %c format
 sprintf(roleName, "%c%c%s%c",
-currentSeparator, delimiter, roleDefinition.roleName, 
delimiter);
+currentSeparator, delimiter, roleDefinition.authName, 
delimiter);
 str_cpy_all(pRoles, roleName, sizeof(roleName)-1); // don't copy null 
terminator 
 currentSeparator = separator;
 pRoles = pRoles + strlen(roleName);

http://git-wip-us.apache.org/repos

[1/3] incubator-trafodion git commit: Miscellaneous authorization changes:

2017-10-26 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 6b07d620e -> 9e5f36cd3


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/079ea00a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
--
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp 
b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
index 70d37d1..cc1e4a5 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
@@ -7167,15 +7167,12 @@ short CmpSeabaseDDL::updateSeabaseAuths(
 
   Int64 initTime = NA_JulianTimestamp();
 
-  str_sprintf(buf, "insert into %s.\"%s\".%s values (%d, 'DB__ROOT', 
'TRAFODION', 'U', %d, 'Y', %ld,%ld, 0) ",
-  sysCat, SEABASE_MD_SCHEMA, SEABASE_AUTHS,
-  SUPER_USER, SUPER_USER, initTime, initTime);
-  cliRC = cliInterface->executeImmediate(buf);
-  if (cliRC < 0)
-{
-  cliInterface->retrieveSQLDiagnostics(CmpCommon::diags());
-  return -1;
-}
+  NAString mdLocation;
+  CONCAT_CATSCH(mdLocation, getSystemCatalog(), SEABASE_MD_SCHEMA);
+  CmpSeabaseDDLuser authOperation(sysCat, mdLocation.data());
+  authOperation.registerStandardUser(DB__ROOT, ROOT_USER_ID);
+  if (CmpCommon::diags()->getNumber(DgSqlCode::ERROR_))
+return -1;
 
   return 0;
 }

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/079ea00a/core/sql/sqlcomp/PrivMgrComponentDefs.h
--
diff --git a/core/sql/sqlcomp/PrivMgrComponentDefs.h 
b/core/sql/sqlcomp/PrivMgrComponentDefs.h
new file mode 100644
index 000..8986dd9
--- /dev/null
+++ b/core/sql/sqlcomp/PrivMgrComponentDefs.h
@@ -0,0 +1,284 @@
+//*
+// @@@ START COPYRIGHT @@@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+ @@@ END COPYRIGHT @@@
+//*
+
+#ifndef PRIVMGR_COMPONENTS_DEFS_H
+#define PRIVMGR_COMPONENTS_DEFS_H
+
+// 
*
+// *
+// * Component definition section
+// *
+// * Several system components are created and managed by the database.  
+// * They are managed by two main structures:
+// * ComponentListStruct - the list of components
+// * ComponentOpStruct   - the list of operations for each component
+// *
+// * To add a new component (assume xxx is component name):
+// *Assign a UID(in enum ComponentOp add xxx_COMPONENT_UID)
+// *Generate a component name   (add new define called xxx_NAME)
+// *Define component operations (add enum xxxOperation) 
+// *Define operation attributes (add ComponentOpStruct xxxOpStruct)
+// *Add component to list   (add component to componentList)
+// *
+// * To add a new operation to an existing component, see comments associated
+// * with the component.
+// *
+// 
*
+
+// The ComponentOpStruct describes a component
+//   operationID   - a number from xxxOperation representing the operation 
+//   operationCode - unique 2 charater value that represents the operation
+//   operationName - unique name for the operation
+//   isRootRoleOp  - grant DB__ROOTROLE this operation
+//   isAdminOp - grant DB__ADMIN/DB__ADMINROLE this operation
+//   isDMLOp   - this is a DML operation
+//   isPublicOp- grant PUBLIC this operation
+struct ComponentOpStruct
+{
+  int32_t  operationID;
+  const char * operationCode;
+  const char * operationName;
+  const bool   isRootRoleOp;
+  const bool   isAdminOp;
+  const bool   isDMLOp;
+  const bool   isPublicOp;
+};
+
+// The ComponentListStruct describes the relationship between a component UID,
+// its name, the number of operations for the component, and a pointer to the
+// list of operations.
+//   componentUID  - the UID for the component
+//   componentName - the component name
+//   numOps- the number of operations in the component
+//   componentOps  - pointer the ComponentOpStruct describing the operations
+struct ComponentListStruct
+{
+

[2/2] incubator-trafodion git commit: Merge regress fix pr-1153

2017-06-28 Thread rmarton

Merge regress fix pr-1153


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/2118d25a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/2118d25a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/2118d25a

Branch: refs/heads/master
Commit: 2118d25a289b8437edac4610e552b40348cf8e70
Parents: 20c459c ca026b9
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Jun 29 01:07:24 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Jun 29 01:07:24 2017 +

--
 core/sql/regress/privs1/EXPECTED125 | 10 +++---
 1 file changed, 3 insertions(+), 7 deletions(-)
--

[1/2] incubator-trafodion git commit: Add java files needed for TEST125

2017-06-27 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 665ea9330 -> c401633eb


Add java files needed for TEST125


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/e67e90f8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/e67e90f8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/e67e90f8

Branch: refs/heads/master
Commit: e67e90f8bd94f8022d98904d7105f2c782f57080
Parents: 012d654
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Jun 27 15:32:39 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Jun 27 15:32:39 2017 +

--
 core/sql/regress/privs1/TEST125   |   4 +-
 core/sql/regress/privs1/TestHive.java |  91 ++
 core/sql/regress/privs1/Utils.java| 279 +
 3 files changed, 371 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/e67e90f8/core/sql/regress/privs1/TEST125
--
diff --git a/core/sql/regress/privs1/TEST125 b/core/sql/regress/privs1/TEST125
index 09e0d2d..0025c53 100644
--- a/core/sql/regress/privs1/TEST125
+++ b/core/sql/regress/privs1/TEST125
@@ -160,9 +160,6 @@ create view games_by_player as
   order by player_name, team_number;
 
 -- create function to display bitmaps as a bitmap rather than longs
--- set envvar REGRRUNDIR 
'/mnt/rmarton/gitws/incubator-trafodion/core/sql/regress/rundir/privs1';
--- set envvar REGRTSTDIR 
'/mnt/rmarton/gitws/incubator-trafodion/core/sql/regress/privs1';
--- set envvar scriptsdir 
'/mnt/rmarton/gitws/incubator-trafodion/core/sql/regress';
 sh rm -f ./etest141.dll;
 sh sh $$scriptsdir$$/tools/dll-compile.ksh etest141.cpp
   2>&1 | tee LOG125-SECONDARY;
@@ -175,6 +172,7 @@ language c parameter style sql external name 
'translateBitmap'
 library t125_l1
 deterministic no sql final call allow any parallelism state area size 1024 ;
 
+-- create procedure that accesses hive tables
 sh sh $$scriptsdir$$/tools/java-compile.ksh Utils.java TestHive.java 2> 
LOG125-SECONDARY | tee -a LOG125;
 sh sh $$scriptsdir$$/tools/java-archive.ksh TEST125_procs.jar TestHive.class 
Utils.class 2>> LOG125-SECONDARY | tee -a LOG125;
 set pattern $$JARF$$ TEST125_procs.jar;

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/e67e90f8/core/sql/regress/privs1/TestHive.java
--
diff --git a/core/sql/regress/privs1/TestHive.java 
b/core/sql/regress/privs1/TestHive.java
new file mode 100644
index 000..352f226
--- /dev/null
+++ b/core/sql/regress/privs1/TestHive.java
@@ -0,0 +1,91 @@
+import java.io.*;
+import java.sql.*;
+import java.util.*;
+
+// ===
+// Class: testHive
+//
+// ===
+public class TestHive
+{
+  // --
+  // Main code for credentials procedure
+  // --
+  public static void accessHive (
+String operationIn,
+String[] results)
+
+  throws SQLException
+  {
+// Initialize the Utils structure
+// Utils provides connection, user, current time, and logging information
+Utils util = null;
+
+try
+{
+   util = new Utils();
+}
+catch(Exception e)
+{
+  String theError = "ERROR: unable to create the Util object";
+  throw e;
+}
+
+util.log ("");
+util.log ("* Starting credentials request *");
+
+// Set up the connection
+Connection conn = null;
+String sessionUser = null;
+String currentUser = null;
+String currentTime = null;
+try
+{
+   conn = util.myConnection();
+}
+catch(Exception e)
+{
+  String theError = "ERROR: unable to get a connection";
+  throw e;
+}
+
+sessionUser = util.getSessionUser(conn);
+currentUser = util.getCurrentUser(conn);
+currentTime = util.getCurrentTime(conn);
+
+results[0] = "External user: " + sessionUser + '\n';
+results[0] += "Current user: " + currentUser + '\n';
+results[0] += "Current time: " + currentTime + '\n';
+
+util.log("Session user: " + sessionUser);
+util.log("Current user: " + currentUser);
+util.log("Current time: " + currentTime);
+
+try
+{
+  int numRows;
+  String selectQuery = "select count(*) from hive.hive.";
+  selectQuery += operationIn;
+  Statement stmt = co

[2/2] incubator-trafodion git commit: merge pr-1148 Add java files needed for TEST125

2017-06-27 Thread rmarton

merge pr-1148 Add java files needed for TEST125


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/c401633e
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/c401633e
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/c401633e

Branch: refs/heads/master
Commit: c401633eb9ee93100b7cf942d058902e91731aaf
Parents: 665ea93 e67e90f
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Jun 27 18:47:31 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Jun 27 18:47:31 2017 +

--
 core/sql/regress/privs1/TEST125   |   4 +-
 core/sql/regress/privs1/TestHive.java |  91 ++
 core/sql/regress/privs1/Utils.java| 279 +
 3 files changed, 371 insertions(+), 3 deletions(-)
--

[1/3] incubator-trafodion git commit: TRAFODION [2641] User who has MANAGE_STATISTICS privilege can't do update statistics on HIVE tables

2017-06-26 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master a5ab3d3a1 -> 498b89f74


TRAFODION [2641] User who has MANAGE_STATISTICS privilege can't do update
   statistics on HIVE tables

TRAFODION [2175] a user should only see specific schemas/tables that he has
   privileges to
Updated the following get commands:
  get schemas (in catalog)
  get tables, indexes (in schema)
  get sequences, views (in schema, in catalog)
  get libraries, procedures, functions, table mapping functions

TRAFODION [1573] Additional GET commands for privileges
  get privileges on table
  get privileges on view
New regression test privs1/TEST125

Fixed bug:  user granted MANAGE privilege does not have MANAGE sub-privs
Changed REGISTER_HIVE_OBJECT to be treated as a sub-priv under CREATE
Changed UNREGISTER_HIVE_OBJECT to be treaed as a sub-priv under DROP


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/012d6540
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/012d6540
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/012d6540

Branch: refs/heads/master
Commit: 012d65405984358044853529184967b407c55457
Parents: 5ea4af2
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Jun 22 18:23:55 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Jun 22 18:23:55 2017 +

--
 core/sql/executor/ExExeUtil.h   |5 +
 core/sql/executor/ExExeUtilGet.cpp  |  186 ++-
 core/sql/regress/privs1/EXPECTED125 | 1335 ++
 core/sql/regress/privs1/TEST125 |  245 
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |   25 +-
 core/sql/sqlcomp/PrivMgr.cpp|6 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |7 +
 7 files changed, 1773 insertions(+), 36 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/012d6540/core/sql/executor/ExExeUtil.h
--
diff --git a/core/sql/executor/ExExeUtil.h b/core/sql/executor/ExExeUtil.h
index 6a86996..1567d35 100755
--- a/core/sql/executor/ExExeUtil.h
+++ b/core/sql/executor/ExExeUtil.h
@@ -2497,6 +2497,11 @@ private:
 const char *catName,
 const char *schName,
 const char *objName);
+
+  NAString getGrantedPrivCmd(
+const NAString ,
+const char * cat);
+
   char * getRoleList(
 const Int32 userID,
 const char *catName,

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/012d6540/core/sql/executor/ExExeUtilGet.cpp
--
diff --git a/core/sql/executor/ExExeUtilGet.cpp 
b/core/sql/executor/ExExeUtilGet.cpp
index 524b413..b32a35a 100644
--- a/core/sql/executor/ExExeUtilGet.cpp
+++ b/core/sql/executor/ExExeUtilGet.cpp
@@ -310,7 +310,7 @@ static const QueryString getTrafTablesInSchemaQuery[] =
   {"   %s.\"%s\".%s "},
   {"  where catalog_name = '%s' and "},
   {"schema_name = '%s'  and "},
-  {"object_type = 'BT'  "},
+  {"object_type = 'BT' %s "},
   {"  order by 1 "},
   {"  ; "}
 };
@@ -321,7 +321,7 @@ static const QueryString getTrafIndexesInSchemaQuery[] =
   {"   %s.\"%s\".%s "},
   {"  where catalog_name = '%s' and "},
   {"schema_name = '%s'  and "},
-  {"object_type = 'IX'  "},
+  {"object_type = 'IX' %s "},
   {"  order by 1 "},
   {"  ; "}
 };
@@ -349,7 +349,7 @@ static const QueryString getTrafProceduresInSchemaQuery[] =
   {"T.schema_name = '%s'  and "},
   {"T.object_type = 'UR'  and "},
   {"T.object_uid = R.udr_uid  and "},
-  {"R.udr_type = 'P ' "},
+  {"R.udr_type = 'P ' %s "},
   {"  order by 1 "},
   {"  ; "}
 };
@@ -360,7 +360,7 @@ static const QueryString getTrafLibrariesInSchemaQuery[] =
   {"   %s.\"%s\".%s T "},
   {"  where T.catalog_name = '%s' and "},
   {"T.schema_name = '%s'  and "},
-  {"T.object_type = 'LB' "},
+  {"T.object_type = 'LB' %s "},
   {"  order by 1 "},
   {"  ; "}
 };
@@ -373,7 +373,7 @@ static const QueryString getTrafFunctionsInSchemaQuery[] =
   {"T.schema_name = '%s'  and "},
   {"T.object_type = 'UR'  and "},
   {"T.object_uid = R.udr_uid  and "},
-  {"R.udr_type = 'F ' "},
+  {"R.udr_type = 'F ' %s "},
   {"  order by 1 &

[2/3] incubator-trafodion git commit: Merge [TRAFODION-2641] pr-1139 user who has MANAGE_STATISTICS privilege can't do update stats

2017-06-26 Thread rmarton

Merge [TRAFODION-2641] pr-1139 user who has MANAGE_STATISTICS privilege can't 
do update stats


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/885acb72
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/885acb72
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/885acb72

Branch: refs/heads/master
Commit: 885acb72fb84714c72d455379388efe841e64739
Parents: 5c0abc9 012d654
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Jun 26 14:47:48 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Jun 26 14:47:48 2017 +

--
 core/conn/odb/src/odb.c |   42 +-
 core/sqf/monitor/test/sqconfig.monitor.cluster  |2 +-
 core/sqf/sqenvcom.sh|5 +-
 core/sqf/sql/scripts/bats/runseabedbats.virtual |2 +-
 core/sqf/sql/scripts/genms  |2 +-
 core/sqf/sql/scripts/gensq.pl   |   52 +
 core/sqf/sql/scripts/krb5check  |2 +-
 core/sqf/sql/scripts/krb5functions  |2 +-
 core/sqf/sql/scripts/krb5service|2 +-
 core/sqf/sql/scripts/sqconfig   |   20 +
 core/sqf/sql/scripts/sqconfig.sample|   20 +
 core/sqf/sql/scripts/sqnodeipcrm|4 +-
 core/sqf/tools/sqdiag_core_mask |2 +-
 core/sqf/tools/sqtools.sh   |   16 +-
 core/sql/comexe/ComTdbExeUtil.h |1 +
 core/sql/common/NAMemory.h  |8 +
 core/sql/executor/ExExeUtil.h   |5 +
 core/sql/executor/ExExeUtilGet.cpp  |  224 ++-
 core/sql/executor/ExSMTrace.cpp |8 +-
 core/sql/executor/HBaseClient_JNI.cpp   |   10 +
 core/sql/generator/GenPreCode.cpp   |   10 +-
 core/sql/generator/GenRelExeUtil.cpp|   10 +-
 core/sql/generator/GenRelMisc.cpp   |2 +
 core/sql/generator/GenRelScan.cpp   |7 +-
 core/sql/generator/GenUdr.cpp   |1 +
 core/sql/generator/Generator.cpp|   73 +-
 core/sql/generator/Generator.h  |   20 +-
 core/sql/optimizer/ControlDB.cpp|7 +-
 core/sql/optimizer/HDFSHook.cpp |3 +
 core/sql/optimizer/NATable.cpp  |  112 +-
 core/sql/optimizer/ObjectNames.h|3 +-
 core/sql/optimizer/RelExeUtil.cpp   |   29 +-
 core/sql/optimizer/RelExeUtil.h |  258 ++--
 core/sql/optimizer/RelScan.h|3 +-
 core/sql/optimizer/SynthType.cpp|   11 +-
 core/sql/optimizer/ValueDesc.cpp|5 +-
 core/sql/parser/BindStmtDDL.cpp |   10 +
 core/sql/parser/sqlparser.y |  237 ++--
 core/sql/regress/hive/EXPECTED007   |   68 +
 core/sql/regress/hive/TEST007   |   16 +
 core/sql/regress/privs1/EXPECTED125 | 1335 ++
 core/sql/regress/privs1/TEST125 |  245 
 core/sql/sqlcat/TrafDDLdesc.cpp |4 +-
 core/sql/sqlcat/TrafDDLdesc.h   |   34 +-
 core/sql/sqlcat/readRealArk.cpp |2 +-
 core/sql/sqlcomp/CmpDescribe.cpp|   40 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|6 +-
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp|6 +-
 core/sql/sqlcomp/CmpSeabaseDDLindex.cpp |8 -
 core/sql/sqlcomp/CmpSeabaseDDLschema.cpp|   61 +-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |   63 +-
 core/sql/sqlcomp/PrivMgr.cpp|6 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |7 +
 core/sql/sqlcomp/parser.cpp |3 +-
 .../main/java/org/trafodion/sql/HiveClient.java |9 +-
 core/sql/ustat/USAS.sh  |2 +-
 core/sql/ustat/stats_profile|4 +-
 .../src/asciidoc/_chapters/introduction.adoc|2 +-
 .../src/asciidoc/_chapters/prepare.adoc |2 +-
 .../src/asciidoc/_chapters/script_install.adoc  |4 +-
 docs/shared/revisions.txt   |3 +-
 .../2.1/package/scripts/trafodionnode.py|2 +-
 .../configs/db_config_default.ini   |2 +-
 install/python-installer/configs/prompt.json|2 +-
 install/python-installer/scripts/traf_setup.py  |   12 +-
 install/python-installer/scripts/traf_user.py   |1 +
 66 files changed, 2694 insertions(+), 485 deletions(-)
--

[2/3] incubator-trafodion git commit: Update statistics auth check update from code review

2017-06-06 Thread rmarton

Update statistics auth check update from code review


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/d87f71d2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/d87f71d2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/d87f71d2

Branch: refs/heads/master
Commit: d87f71d2db0e59883a218489af3129b28eac0e02
Parents: 63b275d
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Jun 6 16:02:25 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Jun 6 16:02:25 2017 +

--
 core/sql/ustat/hs_globals.cpp | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/d87f71d2/core/sql/ustat/hs_globals.cpp
--
diff --git a/core/sql/ustat/hs_globals.cpp b/core/sql/ustat/hs_globals.cpp
index 827304c..d78f5fc 100644
--- a/core/sql/ustat/hs_globals.cpp
+++ b/core/sql/ustat/hs_globals.cpp
@@ -3776,11 +3776,11 @@ NABoolean HSGlobalsClass::isAuthorized(NABoolean 
isShowStats)
if (privs == NULL)
  {
*CmpCommon::diags() << DgSqlCode(-1034);
-return FALSE;
+authorized = FALSE;
  }
 
// Requester must have at least select privilege
-   if ( privs->hasSelectPriv() )
+   else if ( privs->hasSelectPriv() )
  authorized = TRUE;
else
  {
@@ -3788,7 +3788,7 @@ NABoolean HSGlobalsClass::isAuthorized(NABoolean 
isShowStats)
 << DgSqlCode( -4481 )
 << DgString0( "SELECT or MANAGE_STATISTICS" )
 << DgString1( 
objDef->getNATable()->getTableName().getQualifiedNameAsAnsiString() );
-return FALSE;
+authorized = FALSE;
   }
}

[1/3] incubator-trafodion git commit: TRAFODION - 2632 Performing update statistics on metadata tables causes issues

2017-06-06 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master e57890a9b -> 5c0abc96e


TRAFODION - 2632 Performing update statistics on metadata tables causes issues

Added code to return error and cleanup code a bit:
*** ERROR[9205] UPDATE STATISTICS is not supported for object 

Also fixed a problem where privileges on Hive tables that included external
table gave false "no priv" error for the SHOWDDL  command.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/63b275d4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/63b275d4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/63b275d4

Branch: refs/heads/master
Commit: 63b275d406e29bcaba1ab42e57a656bb8dd8ce31
Parents: 7643e58
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Fri Jun 2 23:04:08 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Fri Jun 2 23:04:08 2017 +

--
 core/sql/sqlcomp/CmpDescribe.cpp | 82 ++-
 core/sql/sqlcomp/CmpSeabaseDDL.h |  8 ++--
 core/sql/ustat/hs_globals.cpp|  4 +-
 core/sql/ustat/hs_globals.h  | 12 ++---
 core/sql/ustat/hs_parser.cpp | 77 +++-
 core/sql/ustat/hs_util.cpp   | 10 ++---
 6 files changed, 64 insertions(+), 129 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/63b275d4/core/sql/sqlcomp/CmpDescribe.cpp
--
diff --git a/core/sql/sqlcomp/CmpDescribe.cpp b/core/sql/sqlcomp/CmpDescribe.cpp
index d3bd49a..5116df9 100644
--- a/core/sql/sqlcomp/CmpDescribe.cpp
+++ b/core/sql/sqlcomp/CmpDescribe.cpp
@@ -2982,53 +2982,57 @@ short CmpDescribeSeabaseTable (
   // Verify that user can perform the describe command
   // No need to check privileges for create like operations (type 3)
   // since the create code performs authorization checks
-  if (type != 3)
-{
-  PrivMgrUserPrivs privs; 
-  PrivMgrUserPrivs *pPrivInfo = NULL;
+  // Nor for hiveExternal tables - already checked
+  if (!isExternalHiveTable)
+  {
+if (type != 3)
+  {
+PrivMgrUserPrivs privs; 
+PrivMgrUserPrivs *pPrivInfo = NULL;
 
-  // metadata tables do not cache privilege information, go get it now
-  if (CmpCommon::context()->isAuthorizationEnabled() &&
-  naTable->getPrivInfo() == NULL)
-{
-  std::string 
privMDLoc(ActiveSchemaDB()->getDefaults().getValue(SEABASE_CATALOG));
-  privMDLoc += std::string(".\"") +
- std::string(SEABASE_PRIVMGR_SCHEMA) +
- std::string("\"");
-  PrivMgrCommands privInterface(privMDLoc, CmpCommon::diags(), 
-PrivMgr::PRIV_INITIALIZED);
-
-
-  // we should switch to another CI only if we are in an embedded CI
-  if (cmpSBD.switchCompiler())
+// metadata tables do not cache privilege information, go get it now
+if (CmpCommon::context()->isAuthorizationEnabled() &&
+naTable->getPrivInfo() == NULL)
   {
- *CmpCommon::diags() << DgSqlCode(-CAT_UNABLE_TO_RETRIEVE_PRIVS);
- return -1;
-  }
- 
-  PrivStatus retcode = 
privInterface.getPrivileges((int64_t)naTable->objectUid().get_value(),
-   
naTable->getObjectType(),
-   
ComUser::getCurrentUser(),
-   privs);
+std::string 
privMDLoc(ActiveSchemaDB()->getDefaults().getValue(SEABASE_CATALOG));
+privMDLoc += std::string(".\"") +
+   std::string(SEABASE_PRIVMGR_SCHEMA) +
+   std::string("\"");
+PrivMgrCommands privInterface(privMDLoc, CmpCommon::diags(), 
+  PrivMgr::PRIV_INITIALIZED);
 
-  // switch back the original commpiler, ignore error for now
-  cmpSBD.switchBackCompiler();
 
-  if (retcode == STATUS_ERROR)
+// we should switch to another CI only if we are in an embedded CI
+if (cmpSBD.switchCompiler())
 {
-  *CmpCommon::diags() << DgSqlCode(-CAT_UNABLE_TO_RETRIEVE_PRIVS);
-  return -1;
+   *CmpCommon::diags() << DgSqlCode(-CAT_UNABLE_TO_RETRIEVE_PRIVS);
+   return -1;
 }
-  pPrivInfo = 
-}
-  else
-pPrivInfo = naTable->getPrivInfo();
+ 
+PrivStatus retcode = 
privInterf

[3/3] incubator-trafodion git commit: Merge [TRAFODION 2632] pr #1106 update stats fix

2017-06-06 Thread rmarton

Merge [TRAFODION 2632] pr #1106 update stats fix


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/5c0abc96
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/5c0abc96
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/5c0abc96

Branch: refs/heads/master
Commit: 5c0abc96e7db040ce089e8c7f44d1401ca3731e8
Parents: e57890a d87f71d
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Jun 7 00:08:48 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Jun 7 00:08:48 2017 +

--
 core/sql/sqlcomp/CmpDescribe.cpp | 82 ++-
 core/sql/sqlcomp/CmpSeabaseDDL.h |  8 ++--
 core/sql/ustat/hs_globals.cpp|  2 +-
 core/sql/ustat/hs_globals.h  | 12 ++---
 core/sql/ustat/hs_parser.cpp | 77 +++-
 core/sql/ustat/hs_util.cpp   | 10 ++---
 6 files changed, 63 insertions(+), 128 deletions(-)
--

[1/2] incubator-trafodion git commit: Change testware to always register users for priv tests

2017-04-14 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master d14bfb5ad -> b53136f13


Change testware to always register users for priv tests


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/b93168a1
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/b93168a1
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/b93168a1

Branch: refs/heads/master
Commit: b93168a1ecabb721c2c16107214ac4fa6a5c786e
Parents: 0d75af1
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Fri Apr 7 15:42:50 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Fri Apr 7 15:42:50 2017 +

--
 core/sql/regress/tools/runregr_privs1.ksh | 10 --
 core/sql/regress/tools/runregr_privs2.ksh | 10 --
 2 files changed, 20 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/b93168a1/core/sql/regress/tools/runregr_privs1.ksh
--
diff --git a/core/sql/regress/tools/runregr_privs1.ksh 
b/core/sql/regress/tools/runregr_privs1.ksh
index 0d301ca..05fd90c 100755
--- a/core/sql/regress/tools/runregr_privs1.ksh
+++ b/core/sql/regress/tools/runregr_privs1.ksh
@@ -286,18 +286,8 @@ for ix in $testfiles; do
 efile=$REGRTSTDIR/$exp
   fi
 
-sqlci > $ix.tmp 2>&1 << eof
-env;
-eof
-authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
-if [ "$authDisabled" = "" ]; then
-  echo "Authorization is enabled"
-else
-  echo "Authorization is not initialized, to initialize it"
   sqlci -i $scriptsdir/tools/reg_users.sql;
   echo "Authorization has been enabled"
-fi
-rm -f $ix.tmp 2>$NULL
 
   #--
   # Run test if the -diff option not specified --

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/b93168a1/core/sql/regress/tools/runregr_privs2.ksh
--
diff --git a/core/sql/regress/tools/runregr_privs2.ksh 
b/core/sql/regress/tools/runregr_privs2.ksh
index 3e1e76b..364decd 100755
--- a/core/sql/regress/tools/runregr_privs2.ksh
+++ b/core/sql/regress/tools/runregr_privs2.ksh
@@ -286,18 +286,8 @@ for ix in $testfiles; do
 efile=$REGRTSTDIR/$exp
   fi
 
-sqlci > $ix.tmp 2>&1 << eof
-env;
-eof
-authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
-if [ "$authDisabled" = "" ]; then
-  echo "Authorization is enabled"
-else
-  echo "Authorization is not initialized, to initialize it"
   sqlci -i $scriptsdir/tools/reg_users.sql;
   echo "Authorization has been enabled"
-fi
-rm -f $ix.tmp 2>$NULL
 
   #--
   # Run test if the -diff option not specified --

[1/2] incubator-trafodion git commit: TRAFODION-2538 Revoking privileges from role not invoking query invalidation

2017-03-16 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 6155ff1ba -> 1b724a845


TRAFODION-2538 Revoking privileges from role not invoking query invalidation

Fixed a issue where query invalidation keys were not being sent correctly when
a privilege was revoked from a role.

When a table is cached, a list of all the query invalidation keys for the user
are stored.  Later, when a query is run, the compiler picks the relevant keys
and places them in the plan.  When a revoke occurs, a key is sent to RMS and
the executor processes check for keys at the next execution. If the key affects
any caches, the cache entries are refreshed and plans recompiled.

Incorrect keys were being created when privileges were revoked from roles, so
queries continued to work even though the user had no more privileges.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/a78064b8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/a78064b8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/a78064b8

Branch: refs/heads/master
Commit: a78064b89afce13e12cc70024ca110b17b68c792
Parents: 2aac3f7
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Mar 14 23:14:28 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Mar 14 23:14:28 2017 +

--
 core/sql/common/ComSecurityKey.cpp  | 118 +++-
 core/sql/common/ComSecurityKey.h|  18 ++--
 core/sql/common/ComUser.cpp |  11 +++
 core/sql/common/ComUser.h   |   1 +
 core/sql/optimizer/BindRelExpr.cpp  |  31 ++-
 core/sql/regress/privs1/EXPECTED120 | 129 ---
 core/sql/regress/privs1/TEST120 |  33 ++-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |   3 +
 core/sql/sqlcomp/PrivMgrCommands.cpp|   8 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  33 ---
 core/sql/sqlcomp/PrivMgrPrivileges.h|   1 -
 11 files changed, 303 insertions(+), 83 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/a78064b8/core/sql/common/ComSecurityKey.cpp
--
diff --git a/core/sql/common/ComSecurityKey.cpp 
b/core/sql/common/ComSecurityKey.cpp
index f3f52e1..76b88e7 100644
--- a/core/sql/common/ComSecurityKey.cpp
+++ b/core/sql/common/ComSecurityKey.cpp
@@ -37,6 +37,25 @@
 #include "PrivMgrDefs.h"
 
 // 
+// function: qiSubjectMatchesRole
+//
+// This function compares the subjectKey with the list of roles the current
+// user has been granted.  If it matches one of the roles, return TRUE, 
+// otherwise it returns FALSE.
+// 
+NABoolean qiSubjectMatchesRole(uint32_t subjectKey)
+{
+  NAList  roleIDs(NULL);
+  ComUser::getCurrentUserRoles(roleIDs);
+  for (int i = 0; i < roleIDs.entries(); i++)
+  {
+if (subjectKey = ComSecurityKey::generateHash(roleIDs[i]))
+  return TRUE;
+  }
+  return FALSE;
+}
+
+// 
 // function: qiCheckForInvalidObject
 //
 // This function compares the list of query invalidate keys that changed to
@@ -83,6 +102,21 @@ NABoolean qiCheckForInvalidObject (const Int32 
numInvalidationKeys,
   case COM_QI_OBJECT_USAGE:
   case COM_QI_OBJECT_REFERENCES: 
   case COM_QI_OBJECT_EXECUTE:
+for (Int32 j = 0; j < numObjectKeys && !found; j++ )
+{
+  ComSecurityKey keyValue = objectKeys[j];
+  if ( ( invalidationKeys[i].revokeKey.object ==
+ keyValue.getObjectHashValue() )  &&
+   ( invalidationKeyType ==
+ keyValue.getSecurityKeyType() ) )
+  {
+if ( invalidationKeys[i].revokeKey.subject ==
+   keyValue.getSubjectHashValue() ||
+ qiSubjectMatchesRole(invalidationKeys[i].revokeKey.subject) )
+  found = TRUE;
+  }
+}
+break;
   case COM_QI_USER_GRANT_SPECIAL_ROLE:
   case COM_QI_USER_GRANT_ROLE:
   {
@@ -120,48 +154,51 @@ NABoolean qiCheckForInvalidObject (const Int32 
numInvalidationKeys,
 //   SUBJECT_IS_USER - support for granting roles to user
 //   SUBJECT_IS_ROLE - not supported until we grant roles to roles
 //
+// returns false is unable to build keys
 // 
-bool buildSecurityKeys( const int32_t granteeID,
-const int32_t roleID,
+bool buildSecurityKeys( const int32_t userID,
+const int32_t gr

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2538] PR-1010 Revoking privileges from role not invoking query invalidation

2017-03-16 Thread rmarton

Merge [TRAFODION-2538] PR-1010 Revoking privileges from role not invoking query 
invalidation


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/1b724a84
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/1b724a84
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/1b724a84

Branch: refs/heads/master
Commit: 1b724a84538b80d3e79b4bb3201812c50db945e8
Parents: 6155ff1 a78064b
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Mar 16 20:43:51 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Mar 16 20:43:51 2017 +

--
 core/sql/common/ComSecurityKey.cpp  | 118 +++-
 core/sql/common/ComSecurityKey.h|  18 ++--
 core/sql/common/ComUser.cpp |  11 +++
 core/sql/common/ComUser.h   |   1 +
 core/sql/optimizer/BindRelExpr.cpp  |  31 ++-
 core/sql/regress/privs1/EXPECTED120 | 129 ---
 core/sql/regress/privs1/TEST120 |  33 ++-
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |   3 +
 core/sql/sqlcomp/PrivMgrCommands.cpp|   8 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  33 ---
 core/sql/sqlcomp/PrivMgrPrivileges.h|   1 -
 11 files changed, 303 insertions(+), 83 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/1b724a84/core/sql/optimizer/BindRelExpr.cpp
--

[1/2] incubator-trafodion git commit: Fix regression failures for privs1 and privs2

2017-03-08 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/release2.1 4348ce699 -> b347946df


Fix regression failures for privs1 and privs2


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/ba33ebb2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/ba33ebb2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/ba33ebb2

Branch: refs/heads/release2.1
Commit: ba33ebb2fda6076d6eeb8510322eb135a4cbf253
Parents: 3eddda4
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Mar 8 01:01:28 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Mar 8 01:01:28 2017 +

--
 core/sql/regress/tools/runregr_privs1.ksh | 10 --
 core/sql/regress/tools/runregr_privs2.ksh | 10 --
 2 files changed, 20 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/ba33ebb2/core/sql/regress/tools/runregr_privs1.ksh
--
diff --git a/core/sql/regress/tools/runregr_privs1.ksh 
b/core/sql/regress/tools/runregr_privs1.ksh
index 0f3e4a0..b9bdebf 100755
--- a/core/sql/regress/tools/runregr_privs1.ksh
+++ b/core/sql/regress/tools/runregr_privs1.ksh
@@ -283,18 +283,8 @@ for ix in $testfiles; do
 efile=$REGRTSTDIR/$exp
   fi
 
-sqlci > $ix.tmp 2>&1 << eof
-env;
-eof
-authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
-if [ "$authDisabled" = "" ]; then
-  echo "Authorization is enabled"
-else
-  echo "Authorization is not initialized, to initialize it"
   sqlci -i $scriptsdir/tools/reg_users.sql;
   echo "Authorization has been enabled"
-fi
-rm -f $ix.tmp 2>$NULL
 
   #--
   # Run test if the -diff option not specified --

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/ba33ebb2/core/sql/regress/tools/runregr_privs2.ksh
--
diff --git a/core/sql/regress/tools/runregr_privs2.ksh 
b/core/sql/regress/tools/runregr_privs2.ksh
index 320295b..36a9253 100755
--- a/core/sql/regress/tools/runregr_privs2.ksh
+++ b/core/sql/regress/tools/runregr_privs2.ksh
@@ -283,18 +283,8 @@ for ix in $testfiles; do
 efile=$REGRTSTDIR/$exp
   fi
 
-sqlci > $ix.tmp 2>&1 << eof
-env;
-eof
-authDisabled=`cat $ix.tmp | grep AUTHORIZATION | grep disabled`
-if [ "$authDisabled" = "" ]; then
-  echo "Authorization is enabled"
-else
-  echo "Authorization is not initialized, to initialize it"
   sqlci -i $scriptsdir/tools/reg_users.sql;
   echo "Authorization has been enabled"
-fi
-rm -f $ix.tmp 2>$NULL
 
   #--
   # Run test if the -diff option not specified --

[2/2] incubator-trafodion git commit: Merge privs1 and privs2 regress fix pr 997

2017-03-08 Thread rmarton

Merge privs1 and privs2 regress fix pr 997


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/b347946d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/b347946d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/b347946d

Branch: refs/heads/release2.1
Commit: b347946df9603a2e91b78d1a08678a3873299247
Parents: 4348ce6 ba33ebb
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Mar 8 21:05:27 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Mar 8 21:05:27 2017 +

--
 core/sql/regress/tools/runregr_privs1.ksh | 10 --
 core/sql/regress/tools/runregr_privs2.ksh | 10 --
 2 files changed, 20 deletions(-)
--

[1/2] incubator-trafodion git commit: Added FILTER144 to privs2 regression

2017-02-16 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 59025ccd9 -> a7a295e9b


Added FILTER144 to privs2 regression


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/57729e14
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/57729e14
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/57729e14

Branch: refs/heads/master
Commit: 57729e14ae92dbcb69058820d8a25f78672f6045
Parents: cc13c6c
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Feb 16 16:26:22 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Feb 16 16:26:22 2017 +

--
 core/sql/regress/privs2/FILTER144 | 31 +++
 1 file changed, 31 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/57729e14/core/sql/regress/privs2/FILTER144
--
diff --git a/core/sql/regress/privs2/FILTER144 
b/core/sql/regress/privs2/FILTER144
new file mode 100755
index 000..91fb2b3
--- /dev/null
+++ b/core/sql/regress/privs2/FILTER144
@@ -0,0 +1,31 @@
+#!/bin/sh
+# @@@ START COPYRIGHT @@@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# @@@ END COPYRIGHT @@@
+
+fil=$1
+if [ "$fil" = "" ]; then
+  echo "Usage: $0 filename"
+  exit 1
+fi
+
+sed "
+s/Role T144ROLE1 has been granted privileges on [a-zA-Z0-9_.]*/Role T144ROLE1 
has been granted privileges on %dependency%/g
+" $fil

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2441] and others pr-957 various fixes for native Hive tables and privileges

2017-02-15 Thread rmarton

Merge [TRAFODION-2441] and others pr-957 various fixes for native Hive tables 
and privileges


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/cc13c6cc
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/cc13c6cc
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/cc13c6cc

Branch: refs/heads/master
Commit: cc13c6cc56d1f0725fdf90803808b2aeb1f4f5f2
Parents: f6f4402 db14e39
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Feb 15 15:49:14 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Feb 15 15:49:14 2017 +

--
 core/sql/bin/SqlciErrors.txt  |   4 +-
 core/sql/common/ComUser.cpp   |  27 +++
 core/sql/common/ComUser.h |   2 +
 core/sql/optimizer/BindRelExpr.cpp|  12 +--
 core/sql/optimizer/NATable.cpp|  20 +++--
 core/sql/optimizer/RelExeUtil.cpp |  30 +++
 core/sql/regress/privs1/EXPECTED141   | Bin 100853 -> 102260 bytes
 core/sql/regress/privs1/TEST123   |   2 +-
 core/sql/regress/privs1/TEST141   |  10 ++-
 core/sql/regress/privs2/EXPECTED144   | Bin 59409 -> 59453 bytes
 core/sql/sqlcomp/CmpDescribe.cpp  |   9 ++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp| 103 ++--
 core/sql/sqlcomp/CmpSeabaseDDLauth.h  |   1 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp  |  55 -
 core/sql/sqlcomp/CmpSeabaseDDLroutine.cpp |  18 +
 core/sql/sqlcomp/CmpSeabaseDDLschema.cpp  |  33 +---
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp   |  74 +
 core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp |   7 ++
 core/sql/sqlcomp/PrivMgr.cpp  |  10 +--
 core/sql/sqlcomp/PrivMgr.h|   5 +-
 core/sql/sqlcomp/PrivMgrCommands.cpp  |  65 +--
 core/sql/sqlcomp/PrivMgrCommands.h|   6 ++
 core/sql/sqlcomp/PrivMgrPrivileges.cpp|  26 --
 core/sql/sqlcomp/PrivMgrPrivileges.h  |   4 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp | 106 +
 core/sql/ustat/hs_globals.cpp |   2 +-
 26 files changed, 517 insertions(+), 114 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/cc13c6cc/core/sql/optimizer/BindRelExpr.cpp
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/cc13c6cc/core/sql/optimizer/NATable.cpp
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/cc13c6cc/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
--

[1/2] incubator-trafodion git commit: TRAFODION-2441 user has only select privilege on a table can do ... TRAFODION-2409 support privilege control(column privileges) for hive tables TRAFODION-2423 any

2017-02-15 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master f6f4402b5 -> cc13c6cc5


TRAFODION-2441 user has only select privilege on a table can do ...
TRAFODION-2409 support privilege control(column privileges) for hive tables
TRAFODION-2423 any user can perform 'initialize trafodion, drop'
TRAFODION-2435 Any user can perform TRUNCATE on native Hive tables.
TRAFODION-2463 Hive: Any user can do update statistics for hive tables

Fixed issues found while testing privileges with native Hive.

TRAFODION-2441:
  changed code that initializes owner privileges for views.

TRAFODION-2409:
  returning error message 1328 during attempt to grant unsupported column level
  privilege on hive table.

TRAFODION 2423:
  added privilege checks for all initialize commands, error 1017 is returned if
  not DB__ROOT

TRAFODION-2435:
  Returning error 1051 if TRUNCATE is attempted on a hive table where the
  current user has no privilege

TRAFODION-2463:
  Privilege checks added for Hive table during update statistics


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/db14e392
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/db14e392
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/db14e392

Branch: refs/heads/master
Commit: db14e3922cb2d0722d0885f5c248cac2af2b904d
Parents: 60c0c42
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Feb 13 23:20:54 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Feb 13 23:20:54 2017 +

--
 core/sql/bin/SqlciErrors.txt  |   4 +-
 core/sql/common/ComUser.cpp   |  27 +++
 core/sql/common/ComUser.h |   2 +
 core/sql/optimizer/BindRelExpr.cpp|  12 +--
 core/sql/optimizer/NATable.cpp|  20 +++--
 core/sql/optimizer/RelExeUtil.cpp |  30 +++
 core/sql/regress/privs1/EXPECTED141   | Bin 100853 -> 102260 bytes
 core/sql/regress/privs1/TEST123   |   2 +-
 core/sql/regress/privs1/TEST141   |  10 ++-
 core/sql/regress/privs2/EXPECTED144   | Bin 59409 -> 59453 bytes
 core/sql/sqlcomp/CmpDescribe.cpp  |   9 ++-
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp| 103 ++--
 core/sql/sqlcomp/CmpSeabaseDDLauth.h  |   1 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp  |  55 -
 core/sql/sqlcomp/CmpSeabaseDDLroutine.cpp |  18 +
 core/sql/sqlcomp/CmpSeabaseDDLschema.cpp  |  33 +---
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp   |  74 +
 core/sql/sqlcomp/CmpSeabaseDDLupgrade.cpp |   7 ++
 core/sql/sqlcomp/PrivMgr.cpp  |  10 +--
 core/sql/sqlcomp/PrivMgr.h|   5 +-
 core/sql/sqlcomp/PrivMgrCommands.cpp  |  65 +--
 core/sql/sqlcomp/PrivMgrCommands.h|   6 ++
 core/sql/sqlcomp/PrivMgrPrivileges.cpp|  26 --
 core/sql/sqlcomp/PrivMgrPrivileges.h  |   4 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp | 106 +
 core/sql/ustat/hs_globals.cpp |   2 +-
 26 files changed, 517 insertions(+), 114 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/db14e392/core/sql/bin/SqlciErrors.txt
--
diff --git a/core/sql/bin/SqlciErrors.txt b/core/sql/bin/SqlciErrors.txt
index 8afa052..fe99787 100644
--- a/core/sql/bin/SqlciErrors.txt
+++ b/core/sql/bin/SqlciErrors.txt
@@ -222,8 +222,8 @@
 1224 Z 9 BEGINNER MAJOR DBADMIN An invalid data type was specified for 
routine parameter $0~String0.
 1225 Z 9 BEGINNER MAJOR DBADMIN Mixing EXECUTE privilege with other 
privileges is not allowed.
 1226 Z 9 BEGINNER MAJOR DBADMIN No valid combination of privileges was 
specified.
-1227 Z 9 BEGINNER MAJOR DBADMIN Cannot unregister user.  User has been 
granted privileges.
-1228 Z 9 BEGINNER MAJOR DBADMIN Cannot drop role.  Role has been 
granted privileges.
+1227 Z 9 BEGINNER MAJOR DBADMIN Cannot unregister user.  User 
$0~String0 has been granted privileges on $1~String1.
+1228 Z 9 BEGINNER MAJOR DBADMIN Cannot drop role.  Role $0~String0 has 
been granted privileges on $1~String1.
 1229 Z 9 BEGINNER MAJOR DBADMIN The $0~string0 option is not supported.
 1230 Z 9 BEGINNER MAJOR DBADMIN Object owner must be the schema owner 
in private schemas.
 1231 Z 9 BEGINNER MAJOR DBADMIN User-defined routine $0~String0 could 
not be created.

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/db14e392/core/sql/common/ComUser.cpp
--
diff --git a/core/sql/common/ComUser.cpp b/core/sql/common/ComUser.cpp
index 7e

[1/4] incubator-trafodion git commit: Trafodion-2175

2017-01-31 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 3d215a475 -> 60c0c42c3


Trafodion-2175

Added new regression test privs1/TEST123


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/3209431d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/3209431d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/3209431d

Branch: refs/heads/master
Commit: 3209431da836b29c61229c9f4afb8810830056e7
Parents: b674558
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Jan 30 16:26:34 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Jan 30 16:26:34 2017 +

--
 core/sql/regress/privs1/EXPECTED123 | 1187 ++
 core/sql/regress/privs1/TEST123 |  178 +
 2 files changed, 1365 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3209431d/core/sql/regress/privs1/EXPECTED123
--
diff --git a/core/sql/regress/privs1/EXPECTED123 
b/core/sql/regress/privs1/EXPECTED123
new file mode 100644
index 000..bf848b4
--- /dev/null
+++ b/core/sql/regress/privs1/EXPECTED123
@@ -0,0 +1,1187 @@
+>>
+>>obey TEST123(set_up);
+>>get users;
+
+Users
+=
+
+DB__ROOT
+SQL_USER1
+SQL_USER10
+SQL_USER2
+SQL_USER3
+SQL_USER4
+SQL_USER5
+SQL_USER6
+SQL_USER7
+SQL_USER8
+SQL_USER9
+
+--- SQL operation complete.
+>>get roles;
+
+Roles
+=
+
+DB__HBASEROLE
+DB__HIVEROLE
+DB__LIBMGRROLE
+DB__ROOTROLE
+PUBLIC
+
+--- SQL operation complete.
+>>
+>>get privileges on component sql_operations for "PUBLIC";
+
+Privilege information on Component SQL_OPERATIONS for PUBLIC
+
+
+CREATE_SCHEMA
+SHOW
+
+--- SQL operation complete.
+>>
+>>create role t123_adminrole;
+
+--- SQL operation complete.
+>>create role t123_plannerrole;
+
+--- SQL operation complete.
+>>create role t123_dummyrole;
+
+--- SQL operation complete.
+>>create role t123_ownerrole;
+
+--- SQL operation complete.
+>>
+>>grant role t123_adminrole to sql_user1;
+
+--- SQL operation complete.
+>>grant role t123_plannerrole to sql_user1;
+
+--- SQL operation complete.
+>>grant role t123_plannerrole to sql_user2;
+
+--- SQL operation complete.
+>>grant role t123_ownerrole to sql_user5;
+
+--- SQL operation complete.
+>>
+>>create schema t123sch authorization t123_ownerrole;
+
+--- SQL operation complete.
+>>set schema t123sch;
+
+--- SQL operation complete.
+>>
+>>create table teams
++>  (team_number int not null primary key,
++>   team_name char(20) not null,
++>   team_contact varchar(50) not null,
++>   team_contact_number char (10) not null
++>   )
++>  ;
+
+--- SQL operation complete.
+>>
+>>create table games
++>   ( home_team_number int not null,
++> visitor_team_number int not null,
++> game_number int not null primary key,
++> game_time timestamp not null,
++> game_location varchar(50) not null)
++>  ;
+
+--- SQL operation complete.
+>>
+>>create table players
++>  (player_number int not null,
++>   player_name varchar (50) not null,
++>   player_team_number int not null,
++>   player_phone_number char (10) not null,
++>   player_details varchar(50),
++>   primary key (player_number, player_team_number))
++>  no partition;
+
+--- SQL operation complete.
+>>
+>>create sequence players_sequence;
+
+--- SQL operation complete.
+>>
+>>grant select on games to sql_user4;
+
+--- SQL operation complete.
+>>grant select on teams to sql_user4;
+
+--- SQL operation complete.
+>>grant select(team_number, team_name) on teams to "PUBLIC";
+
+--- SQL operation complete.
+>>grant select(player_name, player_number, player_team_number) on players
++>   to "PUBLIC";
+
+--- SQL operation complete.
+>>grant update, delete on games to t123_adminrole;
+
+--- SQL operation complete.
+>>grant update, delete on teams to t123_adminrole;
+
+--- SQL operation complete.
+>>grant insert on games to t123_plannerrole;
+
+--- SQL operation complete.
+>>grant insert on teams to t123_plannerrole;
+
+--- SQL operation complete.
+>>grant all on players to sql_user1;
+
+--- SQL operation complete.
+>>
+>>grant usage on sequence players_sequence to t123_plannerrole;
+
+--- SQL operation complete.
+>>grant usage on sequence players_sequence to sql_user1;
+
+--- SQL operation complete.
+>>
+>>revoke component privilege "SHOW" on s

[3/4] incubator-trafodion git commit: TRAFODION-2175 a user should only see specific schemas/tables that he has privs

2017-01-31 Thread rmarton

TRAFODION-2175 a user should only see specific schemas/tables that he has privs

Fixed a problem with regression test Hive/TEST009.

The failed test is showing an additional table being stored in NATable cache.
If authorization is enabled, then "get tables" retrieves the list of roles
assigned the current user.  This causes an additional table to be cached.
However, if authorization is off, the role check is not made so the number of
entries in cache is less.  This causes a regressions failure depending on the
environment.

Since this is a test for caching, removed the get table commands from the test 
to
avoid the mismatch.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/9e925842
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/9e925842
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/9e925842

Branch: refs/heads/master
Commit: 9e925842cc3d8956d2b513c4fecd5a3ac303a125
Parents: 598dc5e
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Jan 31 21:40:52 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Jan 31 21:40:52 2017 +

--
 core/sql/regress/hive/EXPECTED009 | 64 +++---
 core/sql/regress/hive/TEST009 |  4 +--
 2 files changed, 22 insertions(+), 46 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/9e925842/core/sql/regress/hive/EXPECTED009
--
diff --git a/core/sql/regress/hive/EXPECTED009 
b/core/sql/regress/hive/EXPECTED009
index 5591aaa..900ff3b 100644
--- a/core/sql/regress/hive/EXPECTED009
+++ b/core/sql/regress/hive/EXPECTED009
@@ -197,16 +197,6 @@ ABC
 *** ERROR[1118] Creating object TRAFODION."_HV_HIVE_".NEWTABLE3 is not allowed 
in a reserved system schema.
 
 --- SQL operation failed with errors.
->>get tables;
-
-Tables in Schema TRAFODION._HV_HIVE_
-
-
-CUSTOMER
-ITEM
-PROMOTION
-
 SQL operation complete.
 >>
 >>-- test creates with a different default schema
 >>create schema hive_t009;
@@ -257,17 +247,6 @@ PROMOTION
 
 --- 10 row(s) inserted.
 >>
->>get tables;
-
-Tables in Schema TRAFODION.HIVE_T009
-
-
-SB_HISTOGRAMS
-SB_HISTOGRAM_INTERVALS
-SB_PERSISTENT_SAMPLES
-T009T1
-
 SQL operation complete.
 >>drop table t009t1;
 
 --- SQL operation complete.
@@ -335,20 +314,11 @@ HIVE
 TRAFODION  





   _HV_HIVE_





  
PROMOTION   






 TRAFODION

[2/4] incubator-trafodion git commit: Merge branch 'master' into mrg-932

2017-01-31 Thread rmarton

Merge branch 'master' into mrg-932


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/598dc5ed
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/598dc5ed
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/598dc5ed

Branch: refs/heads/master
Commit: 598dc5ed0aa01ece1bd09de039febaf866fec017
Parents: 3209431 c47d84f
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Jan 31 17:02:54 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Jan 31 17:02:54 2017 +

--
 core/sql/ustat/hs_cli.cpp   |  21 +++-
 core/sql/ustat/hs_parser.cpp|  13 +++
 install/.gitignore  |   3 +-
 install/ambari-installer/Makefile   |  26 +++--
 install/ambari-installer/meta.template  |  34 ++
 .../mpack-install/am_install.sh |  17 ++-
 install/ambari-installer/mpack.json |  46 
 install/ambari-installer/repo.template  |   2 +-
 .../2.1/package/scripts/trafodiondcs.py |   2 +-
 .../2.1/package/scripts/trafodionnode.py|   8 +-
 .../custom-services/TRAFODION/2.1/metainfo.xml  |  34 --
 install/ambari-installer/traf-mpack/mpack.json  |  46 
 install/ambari-installer/traf_ambari.spec   |  14 ++-
 install/python-installer/db_uninstall.py| 114 +++
 install/python-installer/scripts/hadoop_mods.py |   4 +
 15 files changed, 275 insertions(+), 109 deletions(-)
--

[4/4] incubator-trafodion git commit: merge [TRAFODION-2175] pr 937 a user should only see specific schema/tables ...

2017-01-31 Thread rmarton

merge [TRAFODION-2175] pr 937 a user should only see specific schema/tables ...


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/60c0c42c
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/60c0c42c
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/60c0c42c

Branch: refs/heads/master
Commit: 60c0c42c35267022f1907cbe5fe0f2b0a604d2eb
Parents: 3d215a4 9e92584
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Feb 1 01:00:07 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Feb 1 01:00:07 2017 +

--
 core/sql/regress/hive/EXPECTED009   |   64 +-
 core/sql/regress/hive/TEST009   |4 +-
 core/sql/regress/privs1/EXPECTED123 | 1187 ++
 core/sql/regress/privs1/TEST123 |  178 +
 4 files changed, 1387 insertions(+), 46 deletions(-)
--

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2175] PR-932 a user should only see specific tables and schemas ...

2017-01-30 Thread rmarton

Merge [TRAFODION-2175] PR-932 a user should only see specific tables and 
schemas ...


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/b6745583
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/b6745583
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/b6745583

Branch: refs/heads/master
Commit: b67455830d50cf5e031c5d4ffe4eb162712b5cda
Parents: 91c3375 60cdb45
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Jan 30 16:24:47 2017 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Jan 30 16:24:47 2017 +

--
 core/sql/comexe/ComTdbExeUtil.h  |   1 +
 core/sql/executor/ExExeUtil.h|  15 +-
 core/sql/executor/ExExeUtilGet.cpp   | 892 --
 core/sql/generator/GenRelExeUtil.cpp |   2 +
 core/sql/regress/hive/EXPECTED009|  26 +-
 5 files changed, 496 insertions(+), 440 deletions(-)
--

[3/5] incubator-trafodion git commit: TRAFODION-2357 log4c++ build error - fixed typo

2016-11-29 Thread rmarton

TRAFODION-2357 log4c++ build error - fixed typo


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/7656dd06
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/7656dd06
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/7656dd06

Branch: refs/heads/master
Commit: 7656dd06f6ef3684c16d2586a69fc6bf27003efb
Parents: 2ff86e8
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 18:13:17 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 18:13:17 2016 +

--
 core/sqf/build-scripts/build.id | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/7656dd06/core/sqf/build-scripts/build.id
--
diff --git a/core/sqf/build-scripts/build.id b/core/sqf/build-scripts/build.id
index 046f049..f4a0522 100755
--- a/core/sqf/build-scripts/build.id
+++ b/core/sqf/build-scripts/build.id
@@ -39,6 +39,6 @@ if [[ "$USE_GIT" == "1" ]];then
   id=`git rev-parse --verify --short HEAD`
   echo $id
 else
-  id=id=`date +"%Y%m%d"`
+  id=`date +"%Y%m%d"`
   echo $id
 fi

[5/5] incubator-trafodion git commit: Merge [TRAFODION-2357] pr-855 log4cxx build error

2016-11-29 Thread rmarton

Merge [TRAFODION-2357] pr-855 log4cxx build error


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/acedc3c2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/acedc3c2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/acedc3c2

Branch: refs/heads/master
Commit: acedc3c204550e21b212d769679f6e3b88598e25
Parents: 0bbd910 d474c67
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Nov 29 16:56:45 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Nov 29 16:56:45 2016 +

--
 core/conn/odbc/src/odbc/nsksrvrcore/Makefile | 2 +-
 core/dbsecurity/auth/Makefile| 1 +
 core/sqf/build-scripts/build.branch  | 8 +++-
 core/sqf/build-scripts/build.id  | 2 +-
 4 files changed, 6 insertions(+), 7 deletions(-)
--

[2/5] incubator-trafodion git commit: Merge branch 'master' into traf-2357

2016-11-29 Thread rmarton

Merge branch 'master' into traf-2357


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/2ff86e80
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/2ff86e80
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/2ff86e80

Branch: refs/heads/master
Commit: 2ff86e80bf6b705016338e72e8084cb937ebb9dd
Parents: e93d518 4e7e478
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 17:01:42 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 17:01:42 2016 +

--
 core/conn/jdbcT4/pom.xml|  79 +-
 core/sqf/.gitignore |   1 +
 core/sqf/Makefile   |   4 +-
 core/sqf/build-scripts/genverhdr.ksh|  15 +-
 core/sql/bin/SqlciErrors.txt|   2 +
 core/sql/comexe/ComTdbExeUtil.cpp   |  26 +-
 core/sql/comexe/ComTdbExeUtil.h | 112 ++-
 core/sql/common/ComSmallDefs.h  |   8 +
 core/sql/common/NAType.cpp  | 201 +
 core/sql/common/NAType.h|   2 +
 core/sql/common/OperTypeEnum.h  |   8 +-
 core/sql/executor/ExExeUtil.h   |   8 +-
 core/sql/executor/ExExeUtilGet.cpp  | 365 -
 core/sql/executor/ExExeUtilLoad.cpp |  46 +-
 core/sql/executor/ExHbaseAccess.cpp |  30 +
 core/sql/executor/ExHbaseAccess.h   |   1 +
 core/sql/executor/HBaseClient_JNI.cpp   | 795 +++
 core/sql/executor/HBaseClient_JNI.h |  12 +
 core/sql/executor/JavaObjectInterface.cpp   |  14 +
 core/sql/executor/JavaObjectInterface.h |   4 +-
 core/sql/executor/SequenceFileReader.cpp| 127 ---
 core/sql/executor/SequenceFileReader.h  |  12 -
 core/sql/executor/hiveHook.cpp  | 168 +++-
 core/sql/exp/ExpHbaseDefs.h |   6 +
 core/sql/exp/ExpHbaseInterface.cpp  |  45 ++
 core/sql/exp/ExpHbaseInterface.h|  12 +-
 core/sql/exp/ExpLOBaccess.cpp   |   2 -
 core/sql/exp/ExpPackDefs.cpp|  10 +
 core/sql/exp/exp_clause.cpp |  35 +-
 core/sql/exp/exp_clause.h   |   4 +-
 core/sql/exp/exp_clause_derived.h   | 169 
 core/sql/exp/exp_function.cpp   | 204 -
 core/sql/exp/exp_function.h |  35 +-
 core/sql/exp/exp_like.cpp   |  80 ++
 core/sql/generator/GenItemFunc.cpp  |  42 +-
 core/sql/generator/GenRelExeUtil.cpp|  77 +-
 core/sql/optimizer/BindItemExpr.cpp |  21 +-
 core/sql/optimizer/BindRelExpr.cpp  |   8 +
 core/sql/optimizer/ImplRule.cpp |   2 +-
 core/sql/optimizer/ItemCache.cpp|   4 +-
 core/sql/optimizer/ItemExpr.cpp |  41 +-
 core/sql/optimizer/ItemFunc.h   | 104 ++-
 core/sql/optimizer/NATable.cpp  | 186 +
 core/sql/optimizer/NormItemExpr.cpp |   2 +-
 core/sql/optimizer/RelRoutine.cpp   |   9 +-
 core/sql/optimizer/RelRoutine.h |  14 +-
 core/sql/optimizer/SynthType.cpp|  67 +-
 core/sql/optimizer/hiveHook.h   | 116 +--
 core/sql/parser/ParKeyWords.cpp |   2 +
 core/sql/parser/sqlparser.y |  72 +-
 core/sql/regress/compGeneral/EXPECTED006.SB | 150 
 core/sql/regress/compGeneral/TEST006|  40 +
 core/sql/regress/executor/EXPECTED002.SB|  99 ++-
 core/sql/regress/executor/TEST002   |  29 +-
 core/sql/regress/seabase/EXPECTED002| 266 +--
 core/sql/regress/seabase/EXPECTED012|  52 +-
 core/sql/regress/seabase/TEST002|  28 +
 core/sql/regress/seabase/TEST012|  11 +
 core/sql/sqlcomp/CmpSeabaseDDLrepos.cpp |  19 +-
 .../java/org/trafodion/sql/HBaseClient.java |  40 +
 .../java/org/trafodion/sql/HBulkLoadClient.java |   2 -
 .../org/trafodion/sql/SequenceFileWriter.java   |  70 +-
 core/sql/ustat/hs_globals.cpp   |  14 +
 core/sql/ustat/hs_util.h|   3 +-
 64 files changed, 2798 insertions(+), 1434 deletions(-)
--

[4/5] incubator-trafodion git commit: Merge branch 'master' into traf-2357

2016-11-29 Thread rmarton

Merge branch 'master' into traf-2357


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/d474c678
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/d474c678
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/d474c678

Branch: refs/heads/master
Commit: d474c6785f438c854b243e283dcc2f74c8b9322a
Parents: 7656dd0 3b31663
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 19:00:33 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 19:00:33 2016 +

--
 core/sql/parser/sqlparser.y | 51 +
 .../src/asciidoc/_chapters/sql_statements.adoc  | 60 
 2 files changed, 88 insertions(+), 23 deletions(-)
--

[4/4] incubator-trafodion git commit: Merge [TRAFODION-2156] pr-845 update reference manual for column level privileges

2016-11-28 Thread rmarton

Merge [TRAFODION-2156] pr-845 update reference manual for column level 
privileges


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/3b316630
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/3b316630
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/3b316630

Branch: refs/heads/master
Commit: 3b316630869a92709f7f84f930ba2a3985510560
Parents: bfa51f1 ebfdd3d
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 17:12:50 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 17:12:50 2016 +

--
 .../_chapters/sql_language_elements.adoc|   3 +-
 .../src/asciidoc/_chapters/sql_statements.adoc  | 223 ++-
 2 files changed, 124 insertions(+), 102 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3b316630/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
--

[2/4] incubator-trafodion git commit: TRAFODION-2156 Update SQL reference manual for column level privileges

2016-11-28 Thread rmarton

TRAFODION-2156 Update SQL reference manual for column level privileges

Clarified some sections.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6787ff0d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6787ff0d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6787ff0d

Branch: refs/heads/master
Commit: 6787ff0db6f9af23318da229fe2e26329849b848
Parents: 466048a
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Nov 22 16:23:21 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Nov 22 16:23:21 2016 +

--
 .../src/asciidoc/_chapters/sql_statements.adoc  | 40 ++--
 1 file changed, 20 insertions(+), 20 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6787ff0d/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
--
diff --git a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc 
b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
index 91ac2a2..359291e 100644
--- a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
+++ b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
@@ -135,7 +135,7 @@ Use these statements to register users, create roles, and 
grant and revoke privi
 | <<alter_user_statement,ALTER USER Statement>>
 | Changes attributes associated with a user who is registered in the database.
 | <<create_role_statement,CREATE ROLE Statement>>  
 | Creates an SQL role.
 | <<drop_role_statement,DROP ROLE Statement>>  
 | Deletes an SQL role.
-| <<grant_statement,GRANT Statement>>  
 | Grants access privileges on an SQL object or an SQL objects' columns to 
specified users or roles.
+| <<grant_statement,GRANT Statement>>  
 | Grants access privileges on an SQL object or an SQL object's columns to 
specified users or roles.
 | <<grant_component_privilege_statement,GRANT COMPONENT PRIVILEGE Statement>>  
 | Grants one or more component privileges to a user or role.
 | <<grant_role_statement,GRANT ROLE Statement>>
 | Grants one or more roles to a user.
 | <<register_user_statement,REGISTER USER Statement>>  
 | Registers a user in the SQL database, associating the user's login name with 
a database user name.
@@ -4831,9 +4831,8 @@ Specifies the privileges to grant. You can specify these 
privileges for an objec
 | REFERENCES [column-list] | Can create constraints that reference the object.
 | SELECT [column-list] | Can use the select statement.
 | UPDATE [column-list] | Can use the update statement on table objects.
-| USAGE| For libraries, can access a library using the 
create procedure or create 
-function statement. This privilege provides you with read access to the 
libraryâs underlying library 
-file. For sequences, can use the sequence in a SQL statement.
+| USAGE| For libraries, can create procedures and 
functions on library objects.
+For sequence generators, can use the sequence in a SQL statement.
 | ALL  | All the applicable privileges. When you specify 
all for a table or view, 
 this includes the select, delete, insert, references, and update privileges. 
When the object is a 
 stored procedure or user-defined function (UDF), only the execute privilege is 
applied. When the 
@@ -4843,24 +4842,24 @@ generator, only the usage privilege is applied.
 
 * `ON [_object-type_] [_schema_.]_object_`
 +
-Specifies an object on which to grant privileges. _object-type_ can be:
+Specifies an object on which to grant privileges. If none is specified, it 
defaults to TABLE.  See <<database_object_names,"Database Object Names>> for 
more details. _object-type_ can be:
 
-** `[FUNCTION] [_schema_.]_function-name_`, where _function-name_ is the name 
of a user-defined function (UDF) in the database.
-** `[LIBRARY] [_schema_.]_library-name_`, where _library-name_ is the name of 
a library object in the database.
-** `[PROCEDURE] [_schema_.]_procedure-name_`, where _procedure-name_ is the 
name of a stored procedure in java (SPJ) 
+** `FUNCTION [_schema_.]_function-name_`, where _function-name_ is the name of 
a user-defined function (UDF) in the database.
+** `LIBRARY [_schema_.]_library-name_`, where _library-name_ is the name of a 
library object in the database.
+** `PROCEDURE [_schema_.]_procedure

[1/4] incubator-trafodion git commit: TRAFODION-2156 Update SQL reference manual for column level privileges

2016-11-28 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master bfa51f1cc -> 3b3166308


TRAFODION-2156 Update SQL reference manual for column level privileges


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/466048a8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/466048a8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/466048a8

Branch: refs/heads/master
Commit: 466048a8d52cb1cdc4c7f3546cf2fed448e4ec00
Parents: bbbd26e
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 21 20:12:34 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 21 20:12:34 2016 +

--
 .../_chapters/sql_language_elements.adoc|   3 +-
 .../src/asciidoc/_chapters/sql_statements.adoc  | 217 ++-
 2 files changed, 121 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/466048a8/docs/sql_reference/src/asciidoc/_chapters/sql_language_elements.adoc
--
diff --git 
a/docs/sql_reference/src/asciidoc/_chapters/sql_language_elements.adoc 
b/docs/sql_reference/src/asciidoc/_chapters/sql_language_elements.adoc
index 4bd94e8..535286f 100644
--- a/docs/sql_reference/src/asciidoc/_chapters/sql_language_elements.adoc
+++ b/docs/sql_reference/src/asciidoc/_chapters/sql_language_elements.adoc
@@ -3678,7 +3678,8 @@ privilege granted to the remaining role.
 the role. The only way to revoke any such privilege is to revoke the
 role from the user. For more information, see
 <<roles,Roles>> .
-
+* Privileges granted on an object can be for all the columns of the object or 
just a subset of the columns. 
+Only the following subset of privileges is applicable at the column-level: 
INSERT, REFERENCES, SELECT, and UPDATE.  
 
 You can manage privileges by using the GRANT and REVOKE statements.
 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/466048a8/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
--
diff --git a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc 
b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
index 2bc2a6d..91ac2a2 100644
--- a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
+++ b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
@@ -135,7 +135,7 @@ Use these statements to register users, create roles, and 
grant and revoke privi
 | <<alter_user_statement,ALTER USER Statement>>
 | Changes attributes associated with a user who is registered in the database.
 | <<create_role_statement,CREATE ROLE Statement>>  
 | Creates an SQL role.
 | <<drop_role_statement,DROP ROLE Statement>>  
 | Deletes an SQL role.
-| <<grant_statement,GRANT Statement>>  
 | Grants access privileges on an SQL object to specified users or roles.
+| <<grant_statement,GRANT Statement>>  
 | Grants access privileges on an SQL object or an SQL objects' columns to 
specified users or roles.
 | <<grant_component_privilege_statement,GRANT COMPONENT PRIVILEGE Statement>>  
 | Grants one or more component privileges to a user or role.
 | <<grant_role_statement,GRANT ROLE Statement>>
 | Grants one or more roles to a user.
 | <<register_user_statement,REGISTER USER Statement>>  
 | Registers a user in the SQL database, associating the user's login name with 
a database user name.
@@ -4775,7 +4775,8 @@ System Version 0.9.1. Expected Version 1.0.0.
 [[grant_statement]]
 == GRANT Statement
 
-The GRANT statement grants access privileges on an SQL object to specified 
users or roles.
+The GRANT statement grants access privileges on an SQL object and its columns 
to specified users or roles.
+Privileges can be granted on the object, on one or more columns, or both.
 
 IMPORTANT: This statement works only when authentication and
 authorization are enabled in {project-name}. For more information, see
@@ -4784,30 +4785,34 @@ authorization are enabled in {project-name}. For more 
information, see
 ```
 GRANT {privilege [,privilege]... |ALL [PRIVILEGES]} 
   ON [object-type] [schema.]object
-  TO {grantee [,grantee ]...} 
-[WITH GRANT OPTION]
-[[granted] by grantor]
+  TO {grantee} 
+  [WITH GRANT OPTION]
+  [[GRANTED] BY grantor]
 
 privilege is: 
-select
-  | delete
-  | insert
-  | references
-  | upda

[3/4] incubator-trafodion git commit: TRAFODION-2156 Update SQL reference manual for column level privileges

2016-11-28 Thread rmarton

TRAFODION-2156 Update SQL reference manual for column level privileges

Fixed spelling


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/ebfdd3d7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/ebfdd3d7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/ebfdd3d7

Branch: refs/heads/master
Commit: ebfdd3d752a5602bef30d15be3ecdcc8f3829620
Parents: 6787ff0
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Nov 22 17:11:07 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Nov 22 17:11:07 2016 +

--
 docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/ebfdd3d7/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
--
diff --git a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc 
b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
index 359291e..cbdc2a3 100644
--- a/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
+++ b/docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc
@@ -4859,7 +4859,7 @@ Specifies the  _auth-name_ to which you grant privileges.
 +
 Specifies the name of an authorization id to which you grant privileges. See 
<<authorization_ids,authorization ids>>. 
 The authorization id must be a registered database username, an existing role 
name, or public. the name is a regular 
-or delimited case-insensitive identifier. Dee 
<<case_insensitive_delimited_identifiers,case-insensitive delimited 
identifiers>>.
+or delimited case-insensitive identifier. See 
<<case_insensitive_delimited_identifiers,case-insensitive delimited 
identifiers>>.
 If you grant a privilege to public, the privilege remains available to all 
users, unless it is later revoked from public.
 
 * `WITH GRANT OPTION`

[5/5] incubator-trafodion git commit: Merge remote branch 'apache/master' into mrg-851

2016-11-28 Thread rmarton

Merge remote branch 'apache/master' into mrg-851


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/4e7e478f
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/4e7e478f
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/4e7e478f

Branch: refs/heads/master
Commit: 4e7e478fea9108b61d05907b7054189d4b420994
Parents: f4e83a3 664a2bb
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 16:58:57 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 16:58:57 2016 +

--
 core/sql/common/OperTypeEnum.h  |  5 +-
 core/sql/exp/exp_clause.cpp |  5 +-
 core/sql/exp/exp_function.cpp   | 82 
 core/sql/exp/exp_function.h |  6 +-
 core/sql/generator/GenItemFunc.cpp  | 25 +++-
 core/sql/optimizer/BindItemExpr.cpp |  5 +-
 core/sql/optimizer/SynthType.cpp| 41 +++-
 core/sql/parser/sqlparser.y | 43 +++--
 core/sql/regress/compGeneral/EXPECTED006.SB | 52 ++-
 core/sql/regress/compGeneral/TEST006|  6 ++
 10 files changed, 242 insertions(+), 28 deletions(-)
--

[2/5] incubator-trafodion git commit: cleanup

2016-11-28 Thread rmarton

cleanup


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6723aeab
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6723aeab
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6723aeab

Branch: refs/heads/master
Commit: 6723aeab384b92e0752dfd8425c88d9d3ae80c69
Parents: c0892c3
Author: Anuradha Hegde 
Authored: Wed Nov 23 06:35:52 2016 +
Committer: Anuradha Hegde 
Committed: Wed Nov 23 06:35:52 2016 +

--
 core/conn/jdbcT4/pom.xml | 6 --
 1 file changed, 6 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6723aeab/core/conn/jdbcT4/pom.xml
--
diff --git a/core/conn/jdbcT4/pom.xml b/core/conn/jdbcT4/pom.xml
index 1efa92c..b5e1bbb 100644
--- a/core/conn/jdbcT4/pom.xml
+++ b/core/conn/jdbcT4/pom.xml
@@ -113,12 +113,6 @@
 **/Vproc.java
  
   
-   
- ${basedir}
- 
-buildId
- 
-

[1/5] incubator-trafodion git commit: Eliminating use of git command in pom.xml

2016-11-28 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 664a2bb3e -> 4e7e478fe


Eliminating use of git command in pom.xml


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/c0892c32
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/c0892c32
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/c0892c32

Branch: refs/heads/master
Commit: c0892c320c7153566a9262d97a0d556506613ff0
Parents: 22f577d
Author: Anuradha Hegde 
Authored: Wed Nov 23 06:25:06 2016 +
Committer: Anuradha Hegde 
Committed: Wed Nov 23 06:25:06 2016 +

--
 core/conn/jdbcT4/pom.xml | 85 ++-
 core/sqf/Makefile|  4 +-
 core/sqf/build-scripts/genverhdr.ksh | 15 +-
 3 files changed, 65 insertions(+), 39 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/c0892c32/core/conn/jdbcT4/pom.xml
--
diff --git a/core/conn/jdbcT4/pom.xml b/core/conn/jdbcT4/pom.xml
index a1b5f89..1efa92c 100644
--- a/core/conn/jdbcT4/pom.xml
+++ b/core/conn/jdbcT4/pom.xml
@@ -29,7 +29,7 @@
   4.0.0
   org.trafodion.jdbc.t4
   jdbcT4
-  ${TRAFODION_VER} 
+  ${env.TRAFODION_VER} 
   Trafodion JDBC Type4 Driver
   http://wiki.trafodion.org
 
@@ -41,10 +41,10 @@
   test
 

-   org.slf4j
-   slf4j-simple
-   1.7.21
-   test
+org.slf4j
+   slf4j-simple
+   1.7.21
+   test

   
 
@@ -62,6 +62,7 @@
 
 
  maven-antrun-plugin
+ 1.8
  
   
 generate-sources
@@ -69,7 +70,7 @@
   
 
 
 
   
@@ -77,29 +78,49 @@
 
   run
 
-  
+   
  
 
+
+
+  org.codehaus.mojo
+  properties-maven-plugin
+  1.0.0
+  
+
+   initialize
+   
+  read-project-properties
+   
+   
+ 
+${basedir}/../../sqf/export/include/SCMBuildMan.mf
+${basedir}/../../sqf/export/include/buildId
+ 
+
+ 
+   
+
+
 
-   com.github.koraktor
-   mavanagaiata
-   0.7.2
+   maven-clean-plugin
+   2.4.1

- false
- false
- ${project.base.dir}/../../../../.git
- ddMMM
-   
- 
-  
- git-commit
- validate
- 
-   commit
-   branch
- 
-   
- 
+ 
+   
+ src/main/java/org/trafodion/jdbc/t4
+ 
+**/Vproc.java
+ 
+  
+   
+ ${basedir}
+ 
+buildId
+ 
+  
+ 
+
 
 
 
@@ -115,10 +136,10 @@
 
 Version 
${project.version} 
 ${TRAFODION_VER_PROD} Release 
${project.version}
-Build release 
-[${user.name}]
-branch 
${mvngit.commit.abbrev}-${mvngit.branch}
-date 
${maven.build.timestamp}
+
${Implementation-Version-3}
+
${Implementation-Version-4}
+
${Implementation-Version-5}
+
${Implementation-Version-6}
 ${project.name}
 
   
@@ -165,10 +186,4 @@

   
 
-  
- ddMMMyy
- ${maven.build.timestamp}
- UTF-8
-  
-
 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/c0892c32/core/sqf/Makefile
--
diff --git a/core/sqf/Makefile b/core/sqf/Makefile
index 21e6e8f..9ab8925 100644
--- a/core/sqf/Makefile
+++ b/core/sqf/Makefile
@@ -110,7 +110,7 @@ clean: setupdir_clean
-cd sqevlog; $(MAKE) clean
-cd hbase_utilities; $(MAKE) clean
# from genverhdr.ksh
-   rm -f export/include/SCMBuildStr.h export/include/SCMBuildStr.java
+   rm -f export/include/SCMBuildStr.h export/include/SCMBuildStr.java 
export/include/buildId
# from makemsg.ksh
rm -f sql/scripts/SqlciErrors.[gm] export/bin*/mxcierrors.cat
 
@@ -125,7 +125,7 @@ cleanall: setupdir_clean
-cd sqevlog; $(MAKE) cleanall
-cd hbase_utilities; $(MAKE) clean
# from genverhdr.ksh
-   rm -f export/include/SCMBuildStr.h export/include/SCMBuildStr.java
+   rm -f export/include/SCMBuildStr.h export/include/SCMBuildStr.java 
export/include/buildId
# from makemsg.ksh
rm -f sql/scripts/SqlciErrors.[gm] export/bin*/mxcierrors.cat

[4/5] incubator-trafodion git commit: Merge [TRAFODION-2357] pr 851 log4cxx build error

2016-11-28 Thread rmarton

Merge [TRAFODION-2357] pr 851 log4cxx build error


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/f4e83a3a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/f4e83a3a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/f4e83a3a

Branch: refs/heads/master
Commit: f4e83a3a920186011f6debe2064fc5e5f8d598ae
Parents: f1238e0 19676c3
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Nov 28 16:47:41 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Nov 28 16:47:41 2016 +

--
 core/conn/jdbcT4/pom.xml | 79 +--
 core/sqf/.gitignore  |  1 +
 core/sqf/Makefile|  4 +-
 core/sqf/build-scripts/genverhdr.ksh | 15 +-
 4 files changed, 60 insertions(+), 39 deletions(-)
--

[1/2] incubator-trafodion git commit: TRAFODION-2330 Using trafci, a select from a table succeeds even if the user does not have the priv

2016-11-01 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 59cbda3f8 -> 9c712a4aa


TRAFODION-2330 Using trafci, a select from a table succeeds even if the user
   does not have the priv

There is a problem when the session user changes in a mxosrvr process.  The
existing compiler caches are not getting cleared so the new user will be
accessing the previous users' caches.  This could lead to allowing someone
that does not have privileges to gain access to an object.

The change is to clear all caches during a session user change operation.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6cd6be85
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6cd6be85
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6cd6be85

Branch: refs/heads/master
Commit: 6cd6be853fb1508e7b33d8e12c0fea0a0a8ef044
Parents: 1c8f25b
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Nov 1 05:22:44 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Nov 1 05:22:44 2016 +

--
 core/sql/arkcmp/CmpContext.cpp | 12 
 core/sql/arkcmp/CmpContext.h   |  2 ++
 core/sql/cli/Context.cpp   | 14 ++
 3 files changed, 28 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/arkcmp/CmpContext.cpp
--
diff --git a/core/sql/arkcmp/CmpContext.cpp b/core/sql/arkcmp/CmpContext.cpp
index a256db0..c0ab3a4 100644
--- a/core/sql/arkcmp/CmpContext.cpp
+++ b/core/sql/arkcmp/CmpContext.cpp
@@ -1157,4 +1157,16 @@ void CmpContext::resetLogmxEventSqlText()
delete sqlTextBuf_ ;
sqlTextBuf_ = NULL ;
 }
+
+void CmpContext::clearAllCaches()
+{
+   qcache_->makeEmpty();
+   schemaDB_->getNATableDB()->setCachingOFF();
+   schemaDB_->getNATableDB()->setCachingON();
+   schemaDB_->getNARoutineDB()->setCachingOFF();
+   schemaDB_->getNARoutineDB()->setCachingON();
+   if(histogramCache_)
+  histogramCache_->invalidateCache();
+}
+
 #endif // NA_CMPDLL

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/arkcmp/CmpContext.h
--
diff --git a/core/sql/arkcmp/CmpContext.h b/core/sql/arkcmp/CmpContext.h
index 37d2df7..8268639 100644
--- a/core/sql/arkcmp/CmpContext.h
+++ b/core/sql/arkcmp/CmpContext.h
@@ -479,6 +479,8 @@ public :
 
   NAList& ddlObjsList() { return ddlObjs_; }
 
+  void clearAllCaches();
+
 // MV
 private:
 // Adding support for multi threaded requestor (multi transactions) handling

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/cli/Context.cpp
--
diff --git a/core/sql/cli/Context.cpp b/core/sql/cli/Context.cpp
index b454a3a..33b935c 100644
--- a/core/sql/cli/Context.cpp
+++ b/core/sql/cli/Context.cpp
@@ -2864,7 +2864,21 @@ void ContextCli::completeSetAuthID(
 // Recreate MXCMP if previously connected and currently connected user id's 
 // are different.
if ( recreateMXCMP )
+   {
+  // reset rolelist in anticipation of the new user
+  resetRoleList();
+
+  // create all the caches
+  CmpContextInfo *cmpCntxtInfo;
+  for (int i = 0; i < cmpContextInfo_.entries(); i++)
+  {
+ cmpCntxtInfo = cmpContextInfo_[i];
+ cmpCntxtInfo->getCmpContext()->clearAllCaches();
+  }
+
+  // clear caches in secondary arkcmps
   killAndRecreateMxcmp();
+   }
  
if (eraseCQDs)
{

[2/2] incubator-trafodion git commit: Merge TRAFODION-2327 pull 803 Reduce I/O's when loading objects into caches

2016-10-31 Thread rmarton

Merge TRAFODION-2327 pull 803 Reduce I/O's when loading objects into caches


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6ce6a8ea
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6ce6a8ea
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6ce6a8ea

Branch: refs/heads/master
Commit: 6ce6a8ea93d186b599fc3811d6be73b1ce34d485
Parents: 48f20cc 1c8f25b
Author: Roberta Marton 
Authored: Tue Nov 1 00:18:24 2016 +
Committer: Roberta Marton 
Committed: Tue Nov 1 00:18:24 2016 +

--
 core/sql/cli/Cli.cpp   |  44 ++-
 core/sql/cli/Cli.h |   9 +-
 core/sql/cli/CliExtern.cpp |  81 +++-
 core/sql/cli/Context.cpp   | 194 
 core/sql/cli/Context.h |  31 +++--
 core/sql/cli/SQLCLIdev.h   |   7 +
 core/sql/common/ComSecurityKey.cpp |  82 
 core/sql/common/ComSecurityKey.h   |   5 +
 core/sql/optimizer/BindRelExpr.cpp |   6 +-
 core/sql/optimizer/NARoutine.cpp   |  26 ++--
 core/sql/optimizer/NATable.cpp |  67 +-
 core/sql/optimizer/NATable.h   |   2 +-
 core/sql/regress/privs1/TEST120|   4 +
 core/sql/sqlcomp/CmpMain.cpp   |  39 --
 core/sql/sqlcomp/CmpMain.h |   1 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp |  18 +++
 core/sql/sqlcomp/CmpSeabaseDDLauth.h   |   6 +-
 17 files changed, 497 insertions(+), 125 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6ce6a8ea/core/sql/optimizer/BindRelExpr.cpp
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6ce6a8ea/core/sql/optimizer/NATable.cpp
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6ce6a8ea/core/sql/sqlcomp/CmpMain.cpp
--

[1/2] incubator-trafodion git commit: TRAFODION-2327 Reduce I/O when loading objects into caches

2016-10-31 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 48f20cc52 -> 6ce6a8ea9


TRAFODION-2327 Reduce I/O when loading objects into caches

For each authorization ID (user, role, or PUBLIC), a bitmap containing the
accumulated privileges (across all grantors) is stored with the object desc.
When the object desc is loaded into cache, the privilege bitmaps associated
with the current user, PUBLIC, and the current users' roles are extracted and
unioned together to calculate the final set of privileges.  This unioned list
is used during privilege checking.

Today, an I/O is performed to retrieve the list of roles granted to the current
user for each object loaded into NATable and NARoutine cache.  Since this list
does not change unless the current user changes (a new session with a different
user) or a grant/revoke role for the current user is performed, these extra
I/O's are not needed.

To remove the extra I/O's for each object, the list of roles will be stored in
the ContextCli.  Therefore, this in-memory role list can be used instead of
rereading metadata.

This checkin creates two new CLI requests:
- GetRoleList - returns the list of roles associated with the user
If the list exists in ContextCli, it returns the stored values
If the list does not exist, it retrieves them from Metadata, stores
  them and returns the values
- ResetRoleList - removes the list of roles from ContextCli

The first time GetRoleList is called in a session, the users' roles are
stored in ContextCli.  They remain in memory until the session ends and
restarts as a different user, or another process grants or revokes a role
from the current user.

If another process revokes a role from the current user, a query invalidation
key is created.  When the revoke role query invalidation key for the current
user is detected, ResetRoleList is called.  The next time GetRoleList is called
an updated role list is retrieved from metadata and stored in ContextCli.

If another process grants a role to the current user, there could be two
outcomes.  If the current user already has the privilege from another source
then nothing happens.  If the current user does not have the privilege, then
one recompilation is attempted.  Prior to performing the retry, code was
added to ResetRoleList.  The recompilation then gets the latest role list and
either succeeds or fails depending on the granted privileges.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/1c8f25b6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/1c8f25b6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/1c8f25b6

Branch: refs/heads/master
Commit: 1c8f25b6e61c47383f43633a4ffa7d0bda766cd9
Parents: 2c3c7c5
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Oct 31 14:28:54 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Oct 31 14:28:54 2016 +

--
 core/sql/cli/Cli.cpp   |  44 ++-
 core/sql/cli/Cli.h |   9 +-
 core/sql/cli/CliExtern.cpp |  81 +++-
 core/sql/cli/Context.cpp   | 194 
 core/sql/cli/Context.h |  31 +++--
 core/sql/cli/SQLCLIdev.h   |   7 +
 core/sql/common/ComSecurityKey.cpp |  82 
 core/sql/common/ComSecurityKey.h   |   5 +
 core/sql/optimizer/BindRelExpr.cpp |   6 +-
 core/sql/optimizer/NARoutine.cpp   |  26 ++--
 core/sql/optimizer/NATable.cpp |  67 +-
 core/sql/optimizer/NATable.h   |   2 +-
 core/sql/regress/privs1/TEST120|   4 +
 core/sql/sqlcomp/CmpMain.cpp   |  39 --
 core/sql/sqlcomp/CmpMain.h |   1 -
 core/sql/sqlcomp/CmpSeabaseDDLauth.cpp |  18 +++
 core/sql/sqlcomp/CmpSeabaseDDLauth.h   |   6 +-
 17 files changed, 497 insertions(+), 125 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/1c8f25b6/core/sql/cli/Cli.cpp
--
diff --git a/core/sql/cli/Cli.cpp b/core/sql/cli/Cli.cpp
index 9d79d90..e953c75 100644
--- a/core/sql/cli/Cli.cpp
+++ b/core/sql/cli/Cli.cpp
@@ -6616,7 +6616,6 @@ ComDiagsArea  = currContext.diags();
 
 }
 
-
 Lng32 SQLCLI_GetAuthName (
 /*IN*/CliGlobals *cliGlobals,
 /*IN*/Lng32   auth_id,
@@ -6716,6 +6715,49 @@ Int32 SQLCLI_GetAuthState (
   return CliEpilogue(cliGlobals, NULL, retcode);
 }
 
+Lng32 SQLCLI_GetRoleList(
+   CliGlobals * cliGlobals,
+   Int32 ,
+   Int32 *)
+
+{
+   Lng32 retcode = 0;
+
+   // create initial context, if first call, and add module, if any.
+   retcode = CliPrologue(cliGlobals, NULL);
+   if (isERROR(retcode))
+

[1/2] incubator-trafodion git commit: Fixed daily build failure related to privs2/TEST144

2016-10-27 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 6afbeb74a -> 2c3c7c5cc


Fixed daily build failure related to privs2/TEST144


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/23841d09
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/23841d09
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/23841d09

Branch: refs/heads/master
Commit: 23841d090bd27e588a4a8ca10fb63925884de816
Parents: 94d7864
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Thu Oct 27 17:36:16 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Thu Oct 27 17:36:16 2016 +

--
 core/sql/regress/privs2/EXPECTED144 | Bin 59186 -> 59408 bytes
 core/sql/regress/privs2/TEST144 |   7 ---
 2 files changed, 4 insertions(+), 3 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/23841d09/core/sql/regress/privs2/EXPECTED144
--
diff --git a/core/sql/regress/privs2/EXPECTED144 
b/core/sql/regress/privs2/EXPECTED144
index 8b62d4a..63d458b 100644
Binary files a/core/sql/regress/privs2/EXPECTED144 and 
b/core/sql/regress/privs2/EXPECTED144 differ

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/23841d09/core/sql/regress/privs2/TEST144
--
diff --git a/core/sql/regress/privs2/TEST144 b/core/sql/regress/privs2/TEST144
index 42e6238..df53a42 100755
--- a/core/sql/regress/privs2/TEST144
+++ b/core/sql/regress/privs2/TEST144
@@ -46,7 +46,7 @@ drop role t144role1;
 
 revoke execute on procedure "_LIBMGR_".help from sql_user5 by sql_user3;
 revoke execute on procedure "_LIBMGR_".help from sql_user3 by sql_user2;
-revoke execute on procedure "_LIBMGR_".help from sql_user2 with grant option;
+revoke execute on procedure "_LIBMGR_".help from sql_user2;
 
 ?section create_db
 create schema t144user1 authorization sql_user1;
@@ -89,7 +89,8 @@ library t144_l2
 deterministic no sql final call allow any parallelism state area size 1024 ;
 
 drop function if exists gen_time;
-create function gen_time(customer_number int) returns (timestamp_value 
largeint)
+create function gen_time(seedValue largeint, numberDays int, startTime 
largeint) 
+returns (timestamp_value largeint)
 language c parameter style sql external name 'genTimestamp'
 library t144_l2
 deterministic no sql final call allow any parallelism state area size 1024 ;
@@ -229,7 +230,7 @@ select customer_id,
'NUMBER: ' || gen_random(customer_id, 10) as tenant_id
 from customers;
 select customer_name, 
-   'TIME: ' || cast (gen_time(customer_id) as char(30)) as 
customer_time_updated
+   'TIME: ' || cast (gen_time(customer_id, 5, 212342970132970472) as 
char(30)) as customer_time_updated
 from customers;
 select customer_id,
'NUMBER: ' || gen_random(customer_id, 10) as tenant_id,

[1/2] incubator-trafodion git commit: Added regression test privs2/TEST144

2016-10-26 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 9c0e5ab94 -> 8d8adf141


Added regression test privs2/TEST144

Added regression test privs2/TEST144 and its helpers that contains grant and
revoke tests for functions and procedures.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/94d78648
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/94d78648
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/94d78648

Branch: refs/heads/master
Commit: 94d786486b8a4560e3c91ec48e8142f1944f573a
Parents: de82dfb
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Oct 25 16:59:19 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Oct 25 16:59:19 2016 +

--
 core/sql/regress/privs2/EXPECTED144 | Bin 0 -> 59186 bytes
 core/sql/regress/privs2/LOG144  | Bin 0 -> 17980 bytes
 core/sql/regress/privs2/TEST144 | 241 +++
 core/sql/regress/privs2/udfs.cpp| 174 ++
 4 files changed, 415 insertions(+)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/94d78648/core/sql/regress/privs2/EXPECTED144
--
diff --git a/core/sql/regress/privs2/EXPECTED144 
b/core/sql/regress/privs2/EXPECTED144
new file mode 100644
index 000..8b62d4a
Binary files /dev/null and b/core/sql/regress/privs2/EXPECTED144 differ

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/94d78648/core/sql/regress/privs2/LOG144
--
diff --git a/core/sql/regress/privs2/LOG144 b/core/sql/regress/privs2/LOG144
new file mode 100644
index 000..5738ebc
Binary files /dev/null and b/core/sql/regress/privs2/LOG144 differ

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/94d78648/core/sql/regress/privs2/TEST144
--
diff --git a/core/sql/regress/privs2/TEST144 b/core/sql/regress/privs2/TEST144
new file mode 100755
index 000..42e6238
--- /dev/null
+++ b/core/sql/regress/privs2/TEST144
@@ -0,0 +1,241 @@
+-- 
+-- TEST144 - tests grant and revoke privileges for RI constraints
+--
+-- @@@ START COPYRIGHT @@@
+--
+-- Licensed to the Apache Software Foundation (ASF) under one
+-- or more contributor license agreements.  See the NOTICE file
+-- distributed with this work for additional information
+-- regarding copyright ownership.  The ASF licenses this file
+-- to you under the Apache License, Version 2.0 (the
+-- "License"); you may not use this file except in compliance
+-- with the License.  You may obtain a copy of the License at
+--
+--   http://www.apache.org/licenses/LICENSE-2.0
+--
+-- Unless required by applicable law or agreed to in writing,
+-- software distributed under the License is distributed on an
+-- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+-- KIND, either express or implied.  See the License for the
+-- specific language governing permissions and limitations
+-- under the License.
+--
+-- @@@ END COPYRIGHT @@@
+--
+--  Tests grant and revoke for functions
+-- 
+
+cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';
+obey TEST144(clean_up);
+log LOG144 clear;
+obey TEST144(create_db);
+obey TEST144(set_up);
+obey TEST144(test_grants);
+obey TEST144(test_revokes);
+log;
+obey TEST144(clean_up);
+exit;
+
+?section clean_up
+-- drop database
+drop schema if exists t144user1 cascade;
+
+revoke execute on procedure "_LIBMGR_".help from t144role1;
+revoke role t144role1 from sql_user4;
+drop role t144role1;
+
+revoke execute on procedure "_LIBMGR_".help from sql_user5 by sql_user3;
+revoke execute on procedure "_LIBMGR_".help from sql_user3 by sql_user2;
+revoke execute on procedure "_LIBMGR_".help from sql_user2 with grant option;
+
+?section create_db
+create schema t144user1 authorization sql_user1;
+set schema t144user1;
+
+-- compile cpp programs
+set pattern $$QUOTE$$ ;
+
+sh rm -f ./etest140.dll;
+sh sh $$scriptsdir$$/tools/dll-compile.ksh etest140.cpp
+  2>&1 | tee LOG144_MD_OUTPUT;
+set pattern $$DLL_MD$$ etest140.dll;
+
+sh rm -f ./udfs.dll;
+sh sh $$scriptsdir$$/tools/dll-compile.ksh udfs.cpp
+  2>&1 | tee LOG144_UDF_OUTPUT;
+set pattern $$DLL_UDF$$ udfs.dll;
+
+-- create the library for metadata udf
+create library t144_l1 file $$QUOTE$$ $$REGRRUNDIR$$/$$DLL_MD$$ $$QUOTE$$ ;
+create function t144_translatePrivsBitmap(bitmap largeint) returns 
(bitmap_str

[2/2] incubator-trafodion git commit: Merge new regression test, PR 781

2016-10-26 Thread rmarton

Merge new regression test, PR 781


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/8d8adf14
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/8d8adf14
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/8d8adf14

Branch: refs/heads/master
Commit: 8d8adf141db22c3405ec6e6f544c684eaa09a623
Parents: 9c0e5ab 94d7864
Author: Roberta Marton 
Authored: Wed Oct 26 14:46:12 2016 +
Committer: Roberta Marton 
Committed: Wed Oct 26 14:46:12 2016 +

--
 core/sql/regress/privs2/EXPECTED144 | Bin 0 -> 59186 bytes
 core/sql/regress/privs2/LOG144  | Bin 0 -> 17980 bytes
 core/sql/regress/privs2/TEST144 | 241 +++
 core/sql/regress/privs2/udfs.cpp| 174 ++
 4 files changed, 415 insertions(+)
--

[1/2] incubator-trafodion git commit: [TRAFODION-2301]: Hadoop crash with logs TMUDF

2016-10-24 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master e0f18ae8c -> c1be76352


[TRAFODION-2301]: Hadoop crash with logs TMUDF

Today the UDF event_log_reader scans all logs, loads events into memory and
then discards the rows that are not needed.  Waiting until the end to discard
rows takes too much memory and causes system issues.

The immediate solution is to use predicate pushdown; that is, specify predicates
on the query using the event_log_reader UDF to limit the scope of the data flow.
These predicates will be pushed into the UDF so the UDF only returns the
required rows instead of all the rows.  Initially only comparison predicates are
pushed down to the event_log_reader UDF.

In addition to predicate pushdown, a new option has been added to the
event_log_reader UDF - the 's' (statistics) option.  This option reports how
many log files were accessed, how many records were read, and how many records
were returned.  By specifying timestamp ranges, severity types, sql_codes, and
the like, the number of returned rows can be reduced.

Example output:

Prior to change:

select count(*) from udf(event_log_reader('s'))
  where severity = 'INFO' and
log_ts between '2016-10-18 00:00:00' and '2016-10-18 22:22:22';

(16497) EVENT_LOG_READER results:
  number log files opened: 113, number log files read: 113,
  number rows read: 2820, number rows returned: 2736

After change:

select count(*) from udf(event_log_reader('s'))
  where severity = 'INFO' and
  log_ts between '2016-10-18 00:00:00' and '2016-10-18 22:22:22';

(17046) EVENT_LOG_READER results:
  number log files opened: 115, number log files read: 115,
  number rows read: 2823, number rows returned: 109


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/913d2337
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/913d2337
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/913d2337

Branch: refs/heads/master
Commit: 913d2337e029a0f904539a1d9d6ea064f90aa6ab
Parents: 1c93857
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Fri Oct 21 01:37:33 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Fri Oct 21 01:37:33 2016 +

--
 core/sql/regress/udr/TEST103  |   2 +-
 core/sql/sqludr/SqlUdrPredefLogReader.cpp | 482 +
 2 files changed, 420 insertions(+), 64 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/913d2337/core/sql/regress/udr/TEST103
--
diff --git a/core/sql/regress/udr/TEST103 b/core/sql/regress/udr/TEST103
index 8043cc2..4feb957 100644
--- a/core/sql/regress/udr/TEST103
+++ b/core/sql/regress/udr/TEST103
@@ -19,7 +19,7 @@
 --
 -- @@@ END COPYRIGHT @@@
 --
--- This script tests DDL operations associted with libraries
+-- This script tests DDL operations associated with libraries
 -- functions, and procedures
 --
 cqd SHOWDDL_DISPLAY_PRIVILEGE_GRANTS 'ON';

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/913d2337/core/sql/sqludr/SqlUdrPredefLogReader.cpp
--
diff --git a/core/sql/sqludr/SqlUdrPredefLogReader.cpp 
b/core/sql/sqludr/SqlUdrPredefLogReader.cpp
index 47d0e51..ab70018 100644
--- a/core/sql/sqludr/SqlUdrPredefLogReader.cpp
+++ b/core/sql/sqludr/SqlUdrPredefLogReader.cpp
@@ -27,6 +27,7 @@
 #include 
 #include 
 #include 
+#include 
 #include "sqludr.h"
 
 using namespace tmudr;
@@ -216,9 +217,14 @@ bool validateCharsAndCopy(char *outBuf, int outBufLen,
 // The optional [options] argument is a character constant. The
 // following options are supported:
 //  f: add file name output columns (see below)
-//  t: turn on tracing
 //  p: force parallel execution on workstation environment with
 // virtual nodes (debug build only)
+//  s: displays statistics about the request including:
+//   number of event files opened
+//   number of event files read
+//   number of events read
+//   number of events returned 
+//  t: turn on tracing
 //
 // Returned columns:
 //
@@ -244,10 +250,10 @@ bool validateCharsAndCopy(char *outBuf, int outBufLen,
 // for each result row. parse_status indicates whether there were
 // any errors reading the information:
 // '  ' (two blanks): no errors
+// 'C'  (as first or second character): character conversion error
 // 'E'  (as first or second character): parse error
 // 'T'  (as first or second character): truncation or over/underflow
 //  occurred
-// 'C'  (as first or second character): c

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2301] pr 773 Hadoop crashes with logs TMUDF

2016-10-24 Thread rmarton

Merge [TRAFODION-2301] pr 773 Hadoop crashes with logs TMUDF


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/c1be7635
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/c1be7635
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/c1be7635

Branch: refs/heads/master
Commit: c1be76352105db922c7f9d36915282effe26a344
Parents: e0f18ae 913d233
Author: Roberta Marton 
Authored: Mon Oct 24 14:42:56 2016 +
Committer: Roberta Marton 
Committed: Mon Oct 24 14:42:56 2016 +

--
 core/sql/regress/udr/TEST103  |   2 +-
 core/sql/sqludr/SqlUdrPredefLogReader.cpp | 482 +
 2 files changed, 420 insertions(+), 64 deletions(-)
--

[1/2] incubator-trafodion git commit: [TRAFODION-1758]: A user has dbroot role can't grant component privilege

2016-10-18 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 437108f4f -> 8805eb26c


[TRAFODION-1758]: A user has dbroot role can't grant component privilege

Privilege checks were not handling role checks correctly.
PrivMgrComponentPrivileges::hasWGO is now checking privileges against roles.
privs1/TEST137 was updated to test role privileges
priv1/TEST120  was added to test query invalidation with roles
   (forgot to add it for a previous check in)


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/1c938575
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/1c938575
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/1c938575

Branch: refs/heads/master
Commit: 1c93857502acd9ef9e14154df6a6e397284acc81
Parents: b12b45e
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Mon Oct 17 20:30:59 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Mon Oct 17 20:30:59 2016 +

--
 core/sql/parser/sqlparser.y |   11 -
 core/sql/regress/privs1/EXPECTED120 | 1222 ++
 core/sql/regress/privs1/EXPECTED137 |  216 +++-
 core/sql/regress/privs1/TEST120 |  379 ++
 core/sql/regress/privs1/TEST137 |   53 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |   76 +-
 6 files changed, 1910 insertions(+), 47 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/1c938575/core/sql/parser/sqlparser.y
--
diff --git a/core/sql/parser/sqlparser.y b/core/sql/parser/sqlparser.y
index b498108..8bd9a0b 100755
--- a/core/sql/parser/sqlparser.y
+++ b/core/sql/parser/sqlparser.y
@@ -27691,13 +27691,6 @@ revoke_role_statement : TOK_REVOKE 
optional_with_admin_option
optional_drop_behavior
optional_granted_by
 {
-  // revoke_role_statement ::= TOK_REVOKE 
optional_with_admin_option TOK_ROLE authorization_identifier_list TOK_FROM 
grantee_list optional_granted_by
-
-  //if ($2 /* optional_with_admin_option */ == TRUE)
-  //{
-  //  YYERROR;
-  //}
-
   $$ = new (PARSERHEAP())
 StmtDDLRoleGrant(
 $4 , /* authorization_identifier_list - role 
list */
@@ -27855,10 +27848,6 @@ grant_role_statement : TOK_GRANT TOK_ROLE 
authorization_identifier_list TOK_TO g
  optional_with_admin_option
  optional_granted_by
{
-  //if($6 /* optional_with_admin_option */ == TRUE) // 
"with admin option" specified
- //{
-  //YYERROR;
-  //}
   $$ = new (PARSERHEAP())
   StmtDDLRoleGrant(
 $3 , /*role list*/ 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/1c938575/core/sql/regress/privs1/EXPECTED120
--
diff --git a/core/sql/regress/privs1/EXPECTED120 
b/core/sql/regress/privs1/EXPECTED120
new file mode 100644
index 000..d60f4f5
--- /dev/null
+++ b/core/sql/regress/privs1/EXPECTED120
@@ -0,0 +1,1222 @@
+>>obey TEST120(tests);
+>>-- =
+>>-- Design:
+>>--t120role1 - owns schema t120sch 
+>>--t120role2 - contains grants against teams and games
+>>--t120role3 - contains grants against teams, games, and standings
+>>--t120role4 - control, has no privs granted, make sure revoking
+>>--role does not cause recompilations
+>>--
+>>--sql_user3 - is schema administrator for schema t120sch
+>>--sql_user6 - is granted and revoked privileges directly and
+>>--through t120role2 and t120role3
+>>--sql_user9 - control, makes sure revokes from roles does not
+>>--affect sql_user9's compiled queries
+>>--
+>>--games - multiple roles giving same privileges
+>>--teams - multiple privileges through different roles
+>>--players   - control, not roles involved in privileges
+>>--standings - used to test sequence privileges and revoke role
+>>--stats - tests revoke PUBLIC authorization ID
+>>-- ==

[2/2] incubator-trafodion git commit: merge [TRAFODION-1758] PR 765 A user has dbroot role can't grant component privilege

2016-10-18 Thread rmarton

merge [TRAFODION-1758] PR 765 A user has dbroot role can't grant component 
privilege


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/8805eb26
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/8805eb26
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/8805eb26

Branch: refs/heads/master
Commit: 8805eb26ce2a9cda273a6f1d19a0e48ed6b2bb6e
Parents: 437108f 1c93857
Author: Roberta Marton 
Authored: Tue Oct 18 15:20:07 2016 +
Committer: Roberta Marton 
Committed: Tue Oct 18 15:20:07 2016 +

--
 core/sql/parser/sqlparser.y |   11 -
 core/sql/regress/privs1/EXPECTED120 | 1222 ++
 core/sql/regress/privs1/EXPECTED137 |  216 +++-
 core/sql/regress/privs1/TEST120 |  379 ++
 core/sql/regress/privs1/TEST137 |   53 +-
 core/sql/sqlcomp/PrivMgrComponentPrivileges.cpp |   76 +-
 6 files changed, 1910 insertions(+), 47 deletions(-)
--

[1/5] incubator-trafodion git commit: [TRAFODION-2167]: Invalid query invalidation keys not working properly

2016-10-14 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master ca00ea231 -> b12b45eca


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3b437720/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
--
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp 
b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
index 4ef16c5..d9b1423 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp
@@ -10356,6 +10356,27 @@ std::string commandString;
   SEABASEDDL_INTERNAL_ERROR(commandString.c_str());
}

+   // update the redef timestamp for the role in auths table
+   char buf[(roleIDs.size()*12) + 500];
+   Int64 redefTime = NA_JulianTimestamp();
+   std::string roleList;
+   for (size_t i = 0; i < roleIDs.size(); i++)
+   {
+ if (i > 0)
+   roleList += ", ";
+ roleList += to_string((long long int)roleIDs[i]);
+   }
+
+   str_sprintf(buf, "update %s.\"%s\".%s set auth_redef_time = %Ld "
+"where auth_id in (%s)",
+  systemCatalog.c_str(), SEABASE_MD_SCHEMA, SEABASE_AUTHS,
+  redefTime, roleList.c_str());
+ 
+   ExeCliInterface cliInterface(STMTHEAP);
+   Int32 cliRC = cliInterface.executeImmediate(buf);
+   if (cliRC < 0)
+  cliInterface.retrieveSQLDiagnostics(CmpCommon::diags());
+
 }
 //** End of grantRevokeSeabaseRole 
*
 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3b437720/core/sql/sqlcomp/PrivMgrCommands.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrCommands.cpp 
b/core/sql/sqlcomp/PrivMgrCommands.cpp
index 550ac64..6faf70b 100644
--- a/core/sql/sqlcomp/PrivMgrCommands.cpp
+++ b/core/sql/sqlcomp/PrivMgrCommands.cpp
@@ -67,96 +67,138 @@ PrivMgrObjectInfo::PrivMgrObjectInfo(
 // 
 // Class: PrivMgrUserPrivs
 // 
-PrivMgrUserPrivs::PrivMgrUserPrivs(
+bool PrivMgrUserPrivs::initUserPrivs(
+  const std::vector & roleIDs,
   const TrafDesc *priv_desc,
-  const int32_t userID)
+  const int32_t userID,
+  const int64_t objectUID,
+  ComSecurityKeySet & secKeySet)
 {
-  assert (priv_desc);
+  hasPublicPriv_ = false;
 
   // generate PrivMgrUserPrivs from the priv_desc structure
   TrafDesc *priv_grantees_desc = priv_desc->privDesc()->privGrantees;
-  TrafDesc *priv_grantee_desc = NULL;
-  TrafDesc *priv_public_desc = NULL;
+  NAList descList;
 
-  // Find relevant desc for the user
+  // Find relevant descs for the user
   while (priv_grantees_desc)
   {
 Int32 grantee = priv_grantees_desc->privGranteeDesc()->grantee;
+bool addDesc = false;
 if (grantee == userID)
-  priv_grantee_desc = priv_grantees_desc->privGranteeDesc();
+  addDesc = true;
+
+if (PrivMgr::isRoleID(grantee))
+{
+  if ((std::find(roleIDs.begin(), roleIDs.end(), grantee)) != 
roleIDs.end())
+addDesc = true;
+}
 
 if (ComUser::isPublicUserID(grantee))
-  priv_public_desc = priv_grantees_desc->privGranteeDesc();
+{
+  addDesc = true;
+  hasPublicPriv_ = true;
+}
 
-priv_grantees_desc = priv_grantees_desc->next;
-  }
+// Create a list of PrivMgrDesc contain privileges for user, user's roles,
+// and public
+if (addDesc)
+{
+  TrafDesc *objectPrivs = 
priv_grantees_desc->privGranteeDesc()->objectBitmap;
 
-  // If the user has a privilege in the priv_grantees_desc list, use it to
-  // create the PrivMgrUserPrivs class.
-  if (priv_grantee_desc)
-  {
+  PrivMgrCoreDesc objectDesc(objectPrivs->privBitmapDesc()->privBitmap,
+ objectPrivs->privBitmapDesc()->privWGOBitmap);
+  
+  TrafDesc *priv_grantee_desc = priv_grantees_desc->privGranteeDesc();
+  TrafDesc *columnPrivs = 
priv_grantee_desc->privGranteeDesc()->columnBitmaps;
+  NAList columnDescs;
+  while (columnPrivs)
+  {
+PrivMgrCoreDesc columnDesc(columnPrivs->privBitmapDesc()->privBitmap,
+   
columnPrivs->privBitmapDesc()->privWGOBitmap,
+   
columnPrivs->privBitmapDesc()->columnOrdinal);
+columnDescs.insert(columnDesc);
+columnPrivs = columnPrivs->next;
+  }
 
-// Set up object level privileges
-TrafDesc *objectPrivs = priv_grantee_desc->privGranteeDesc()->objectBitmap;
-objectBitmap_ = objectPrivs->privBitmapDesc()->privBitmap;
-grantableBitmap_ = objectPrivs->privBitmapDesc()->privWGOBitmap;
+  PrivMgrDesc privs(priv_grantees_desc->privGranteeDesc()->grantee);
+  privs.setTablePrivs(objectDesc);
+  privs.setColumnPrivs(columnDescs);
+  privs.setHasPublicPriv(hasPublicPriv_);
 
-// Set up column level privileges
-// The PrivColList is a key <=> value pair

[4/5] incubator-trafodion git commit: Merge branch 'master' into trafodion-2189

2016-10-14 Thread rmarton

Merge branch 'master' into trafodion-2189

Conflicts:
core/sql/optimizer/NATable.cpp
core/sql/sqlcomp/PrivMgrDesc.h


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/b10bc1b0
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/b10bc1b0
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/b10bc1b0

Branch: refs/heads/master
Commit: b10bc1b0b03e3c13354fadcfb6fea56a6aab1f3f
Parents: 3b43772 66bc826
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Wed Oct 12 23:18:05 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Wed Oct 12 23:18:05 2016 +

--
 .../SqlCompilerDebugger/ItemExpressionView.cpp  |   4 +-
 core/sql/arkcmp/CmpContext.cpp  |   7 +-
 core/sql/arkcmp/CmpStatement.cpp|   2 +
 core/sql/arkcmp/CmpStoredProc.cpp   |   2 +-
 core/sql/arkcmp/cmpargs.cpp |   2 +-
 core/sql/bin/SqlciErrors.txt|   2 +-
 core/sql/cli/CliExtern.cpp  |  16 +-
 core/sql/cli/Context.cpp|  21 +-
 core/sql/cli/Globals.cpp|  17 +-
 core/sql/comexe/ComTdbSort.h|  10 +-
 core/sql/common/BloomFilter.cpp |   2 +-
 core/sql/common/ColIndList.h|   4 +-
 core/sql/common/Collections.cpp |   1 -
 core/sql/common/Collections.h   |  47 ++-
 core/sql/common/ComExeTrace.cpp |   1 +
 core/sql/common/Ipc.h   |   4 +-
 core/sql/common/NAMemory.cpp|   2 +-
 core/sql/common/NATestpoint.cpp |   3 +-
 core/sql/common/NATraceList.h   |   2 +-
 core/sql/executor/ExHbaseAccess.cpp |   1 +
 core/sql/executor/ExHbaseDDL.cpp|   2 +-
 core/sql/executor/ex_sort.cpp   |  16 +-
 core/sql/exp/ExpLOB.h   |   4 +-
 core/sql/exp/ExpPCodeOptimizations.cpp  |   2 +-
 core/sql/exp/ExpPCodeOptsBulk.cpp   |   4 +-
 core/sql/exp/ExpPCodeOptsNativeExpr.cpp |   2 +-
 core/sql/exp/exp_tuple_desc.cpp |  17 +-
 core/sql/export/ComDiags.cpp|   4 +-
 core/sql/generator/GenExplain.cpp   |   2 +-
 core/sql/generator/GenKey.cpp   |   2 +-
 core/sql/generator/GenRelGrby.cpp   |   2 +-
 core/sql/generator/GenRelJoin.cpp   |   2 +-
 core/sql/generator/GenRelMisc.cpp   |   3 +-
 core/sql/generator/GenRelScan.cpp   |   2 +-
 core/sql/generator/GenRelUpdate.cpp |  12 +-
 core/sql/generator/GenResources.cpp |   2 +-
 core/sql/generator/Generator.cpp|  16 +-
 core/sql/langman/LmRoutineJava.cpp  |   3 +-
 core/sql/langman/LmUtility.cpp  |   2 +-
 core/sql/nskgmake/sort/Makefile |   3 +-
 core/sql/optimizer/Analyzer.cpp |  15 +-
 core/sql/optimizer/Analyzer.h   |   5 +
 core/sql/optimizer/BindItemExpr.cpp |   6 +-
 core/sql/optimizer/BindRI.cpp   |   2 +-
 core/sql/optimizer/BindRelExpr.cpp  |  11 +-
 core/sql/optimizer/BindWA.cpp   |   1 +
 core/sql/optimizer/BindWA.h |   2 +-
 core/sql/optimizer/CacheWA.cpp  |   3 +
 core/sql/optimizer/ColStatDesc.cpp  |  20 +-
 core/sql/optimizer/ControlDB.cpp|   8 +-
 core/sql/optimizer/EncodedValue.cpp |   3 +-
 core/sql/optimizer/HDFSHook.cpp |   2 +-
 core/sql/optimizer/HbaseSearchSpec.h|  52 +--
 core/sql/optimizer/ItemFuncUDF.h|  11 +-
 core/sql/optimizer/ItemOther.h  |   2 +-
 core/sql/optimizer/LargeScopeRules.cpp  |   4 +-
 core/sql/optimizer/MJVIndexBuilder.cpp  |  12 +-
 core/sql/optimizer/MVCandidates.cpp |  10 +-
 core/sql/optimizer/MVInfo.cpp   |  13 +-
 core/sql/optimizer/MVJoinGraph.cpp  |   5 +-
 core/sql/optimizer/MjvBuilder.cpp   |   2 +-
 core/sql/optimizer/MultiJoin.cpp|   2 +-
 core/sql/optimizer/MvRefreshBuilder.cpp |   4 +-
 core/sql/optimizer/NAClusterInfo.cpp|   2 +-
 core/sql/optimizer/NATable.cpp  | 215 ++---
 core/sql/optimizer/NATable.h|   9 +-
 core/sql/optimizer/NodeMap.cpp  |   2 +-
 core/sql/optimizer/NormRelExpr.cpp  |   8 +-
 core/sql/optimizer/NormWA.cpp   |   4 +-
 core/sql/optimizer/NormWA.h |   8 +
 core/sql/optimizer/OptItemExpr.cpp  |   2 +-
 core/sql/optimizer/OptLogRelExpr.cpp|

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2281] pr 761 Unable to install Kerberos

2016-10-13 Thread rmarton

Merge [TRAFODION-2281] pr 761 Unable to install Kerberos


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/ea16d381
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/ea16d381
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/ea16d381

Branch: refs/heads/master
Commit: ea16d38184579de530808589df0b3e664d6c6622
Parents: 36fe30e 2eec584
Author: Roberta Marton 
Authored: Thu Oct 13 21:26:14 2016 +
Committer: Roberta Marton 
Committed: Thu Oct 13 21:26:14 2016 +

--
 core/sqf/sql/scripts/traf_authentication_setup |  2 +-
 install/installer/traf_config_setup|  5 -
 install/installer/traf_secure_setup| 25 -
 install/installer/trafodion_install| 13 +++
 4 files changed, 28 insertions(+), 17 deletions(-)
--

[1/3] incubator-trafodion git commit: TRAFODION-2203 - a user can grant privileges that he doesn’t have ...

2016-09-28 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 71b1f8cb8 -> addb9b18d


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/877a8e8a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrPrivileges.cpp 
b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
index 7b96792..0dbb45b 100644
--- a/core/sql/sqlcomp/PrivMgrPrivileges.cpp
+++ b/core/sql/sqlcomp/PrivMgrPrivileges.cpp
@@ -44,13 +44,11 @@
 #include "ComQueue.h"
 #include "CmpCommon.h"
 #include "CmpContext.h"
-#include "CmpDDLCatErrorCodes.h"
 #include "ComSecurityKey.h"
 #include "NAUserId.h"
 #include "ComUser.h"
 #include "CmpSeabaseDDLutil.h"
 #include "logmxevent_traf.h"
-class ColPrivEntry;
 class ColPrivGrant;
 class ColumnPrivsMDTable;
  
@@ -239,7 +237,7 @@ public:
void clearVisited() 
{ 
  visited_.setColumnOrdinal(columnOrdinal_);
- visited_.getPrivDesc().setAllPrivAndWgo(false);
+ visited_.setAllPrivAndWgo(false);
}
 
 // sets the current entry to match the original privileges
@@ -248,14 +246,14 @@ public:
{ 
  current_.setColumnOrdinal(columnOrdinal_);
  current_.setPrivBitmap(privsBitmap_);
- current_.setGrantableBitmap(grantableBitmap_);
+ current_.setWgoBitmap(grantableBitmap_);
}
  
 // compares the current privileges with the visited grant tree to
 // see if there are any broken branches
NABoolean anyNotVisited() 
{return current_.getPrivBitmap() != visited_.getPrivBitmap() || 
-   current_.getGrantableBitmap() != visited_.getGrantableBitmap();}
+   current_.getWgoBitmap() != visited_.getWgoBitmap();}
 
 
 // ---
@@ -272,8 +270,8 @@ public:
PrivColumnBitmap   privsBitmap_;
PrivColumnBitmap   grantableBitmap_;

-   ColPrivEntry   visited_;
-   ColPrivEntry   current_;
+   PrivMgrCoreDescvisited_;
+   PrivMgrCoreDesccurrent_;
 
 };
 
@@ -354,8 +352,8 @@ void static closeColumnList(std::string & columnList);
 
 static void deleteRowList(std::vector & rowList);
 
-static ColPrivEntry * findColumnEntry(
-   std::vector & colPrivsToGrant,
+static PrivMgrCoreDesc * findColumnEntry(
+   NAList & colPrivsToGrant,
const int32_t columnsOrdinal);

 static PrivStatus getColRowsForGrantee(
@@ -369,41 +367,14 @@ static void getColRowsForGranteeGrantor(
const std::vector  & columnRowList,
const int32_t granteeID,
const int32_t grantorID,
-   std::vector );
+   NAList );

 static bool hasAllDMLPrivs(
ComObjectType objectType,
PrivObjectBitmap privBitmap);   

-static bool hasGrantedColumnPriv(
-   const std::vector  & columnRowList,
-   int32_t grantorID,
-   int32_t granteeID,
-   const std::vector & colPrivsArray,
-   PrivStatus & privStatus,
-   std::string & privilege,
-   std::vector & grantedColPrivs);   
-  
 static bool isDelimited( const std::string );
 
-// 
*
-//ColPrivEntry constructors
-// 
*
-ColPrivEntry::ColPrivEntry ( const PrivMgrMDRow  )
-{
-  PrivMgrMDRow theRow = row;
-  ColumnPrivsMDRow  = static_cast (theRow);
-  privDesc_.setColumnOrdinal(columnRow.columnOrdinal_);
-  privDesc_.setPrivBitmap(columnRow.privsBitmap_);
-  privDesc_.setWgoBitmap(columnRow.grantableBitmap_);
-  isUpdate_ = false;
-}
-  
-ColPrivEntry::ColPrivEntry ( const ColPrivEntry )
-{
-   privDesc_ = other.privDesc_;
-   isUpdate_ = other.isUpdate_;
-}
 
 // 
*
 //PrivMgrPrivileges methods
@@ -591,9 +562,8 @@ PrivStatus PrivMgrPrivileges::getPrivsOnObject (
   if (generateColumnRowList() == STATUS_ERROR)
 return STATUS_ERROR;
   
-  // Gets all the grantees from the object and column lists
-  // This list is affected userIDs.  The public auth ID is also included if any
-  // privs were granted. 
+  // Gets all the grantees (userIDs) from the object and column lists
+  // The public auth ID is also included in this list
   std::vector userIDs;
   if (getDistinctUserIDs(objectRowList_, columnRowList_, userIDs) == 
STATUS_ERROR)
 return STATUS_ERROR;
@@ -613,26 +583,13 @@ PrivStatus PrivMgrPrivileges::getPrivsOnObject (
 return STATUS_ERROR;
 }
 
+// getUserPrivs returns object and column privileges summarized across
+// all grantors. 
 if (getUserPrivs(objectType, userID, roleIDs, privsOfTheUser,
  hasManagePrivileges, NULL ) != STATUS_GOOD)
   return STATUS_ERROR;
-
-PrivColList colPrivsList;
-PrivColList colGrantableList;
-if (getColPrivsForUser(userID,roleIDs,colPrivsList,colGrantableList,NULL) 
!= STATUS_GOOD)
-  return STATUS_ERROR;
-
-// the returned list are in column ordinal order, if no privileges have
-// been granted on the column,

[2/3] incubator-trafodion git commit: TRAFODION-2203 - a user can grant privileges that he doesn’t have ...

2016-09-28 Thread rmarton

SQL_USER4 to SQL_USER3 not found, revoke 
request ignored.
 
 SQL operation failed with errors.
+--- SQL operation complete.
 >>revoke select (b) on t3 from sql_user3;
 
 --- SQL operation complete.
 >>
 >>revoke grant option for select (c) on t3 from sql_user3;
 
-*** ERROR[1018] Grant of role or privilege SELECT on TRAFODION.US4.T3 from 
SQL_USER4 to SQL_USER3 not found, revoke request ignored.
+*** WARNING[1018] Grant of role or privilege SELECT WITH GRANT OPTION (columm 
number 2) on TRAFODION.US4.T3 from SQL_USER4 to SQL_USER3 not found, revoke 
request ignored.
 
 SQL operation failed with errors.
+--- SQL operation complete.
 >>
 >>revoke grant option for select (d) on t3 from sql_user3;
 
@@ -834,14 +834,14 @@ CREATE TABLE TRAFODION.US4.T4
 >>
 >>revoke grant option for select (b) on t3 from sql_user3;
 
-*** ERROR[1018] Grant of role or privilege SELECT on TRAFODION.US4.T3 from 
SQL_USER4 to SQL_USER3 not found, revoke request ignored.
+*** WARNING[1018] Grant of role or privilege SELECT WITH GRANT OPTION (columm 
number 1) on TRAFODION.US4.T3 from SQL_USER4 to SQL_USER3 not found, revoke 
request ignored.
 
 SQL operation failed with errors.
+--- SQL operation complete.
 >>revoke grant option for select (b) on t3 from sql_user3 cascade;
 
-*** ERROR[1018] Grant of role or privilege SELECT on TRAFODION.US4.T3 from 
SQL_USER4 to SQL_USER3 not found, revoke request ignored.
+*** WARNING[1018] Grant of role or privilege SELECT WITH GRANT OPTION (columm 
number 1) on TRAFODION.US4.T3 from SQL_USER4 to SQL_USER3 not found, revoke 
request ignored.
 
 SQL operation failed with errors.
+--- SQL operation complete.
 >>showddl t3;
 
 CREATE TABLE TRAFODION.US4.T3

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/877a8e8a/core/sql/regress/privs2/EXPECTED135
--
diff --git a/core/sql/regress/privs2/EXPECTED135 
b/core/sql/regress/privs2/EXPECTED135
index 7aa3fc9..f07ad76 100644
--- a/core/sql/regress/privs2/EXPECTED135
+++ b/core/sql/regress/privs2/EXPECTED135
@@ -400,10 +400,10 @@ CREATE TABLE TRAFODION.T135SCH.T135_T1
 ;
 
 -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON 
TRAFODION.T135SCH.T135_T1 TO DB__ROOT WITH GRANT OPTION;
-  GRANT SELECT, INSERT, DELETE, UPDATE, USAGE, REFERENCES ON
-  TRAFODION.T135SCH.T135_T1 TO SQL_USER1;
-GRANT SELECT, INSERT, DELETE, UPDATE,
-  USAGE, REFERENCES ON TRAFODION.T135SCH.T135_T1 TO SQL_USER2;
+  GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T1
+  TO SQL_USER1;
+GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON
+  TRAFODION.T135SCH.T135_T1 TO SQL_USER2;
 
 --- SQL operation complete.
 >>showddl t135_t2;
@@ -417,8 +417,8 @@ CREATE TABLE TRAFODION.T135SCH.T135_T2
 ;
 
 -- GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON 
TRAFODION.T135SCH.T135_T2 TO DB__ROOT WITH GRANT OPTION;
-  GRANT SELECT, INSERT, DELETE, UPDATE, USAGE, REFERENCES ON
-  TRAFODION.T135SCH.T135_T2 TO SQL_USER2;
+  GRANT SELECT, INSERT, DELETE, UPDATE, REFERENCES ON TRAFODION.T135SCH.T135_T2
+  TO SQL_USER2;
 
 --- SQL operation complete.
 >>-- user can create view but just have select and references, it is

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/877a8e8a/core/sql/regress/privs2/EXPECTED140
--
diff --git a/core/sql/regress/privs2/EXPECTED140 
b/core/sql/regress/privs2/EXPECTED140
index b31683f..72d899e 100644
--- a/core/sql/regress/privs2/EXPECTED140
+++ b/core/sql/regress/privs2/EXPECTED140
@@ -9,7 +9,7 @@ LIST_COUNT 4294967295
 LOG FILE   LOG140
 MESSAGEFILE/mnt/rmarton/gitws/incubator-trafodion/core/sqf/export/ ...
 MESSAGEFILE LANG   US English
-MESSAGEFILE VRSN   {2016-02-08 16:33 LINUX:EDEV05/rmarton} 
+MESSAGEFILE VRSN   {2016-09-23 23:03 LINUX:EDEV05/rmarton} 
 SQL CATALOGTRAFODION
 SQL SCHEMA T140_SHARED_VIEWS
 SQL USER CONNECTED user not connected
@@ -616,6 +616,8 @@ Tom White 
Socks
 >>-- user3 can propagate select but no insert on table teams
 >>grant select, insert on teams to sql_user4;
 
+*** WARNING[1013] Not all privileges were granted.  You lack grant option for 
the INSERT privilege.
+
 --- SQL operation complete.
 >>
 >>-- user3 can propagate insert on table players

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/877a8e8a/core/sql/sqlcomp/PrivMgrDesc.cpp
--
diff --git a/core/sql/sqlcomp/PrivMgrDesc.cpp b/core/sql/sqlcomp/PrivMgrDesc.cpp
index 8065f8a..0bd4679 100644
--- a/core/sql/sqlcomp/PrivMgrDesc.cpp
+++ b/core/sql/sqlcomp/PrivMgrDesc.cpp
@@ -61,10 +61,14 @@ void PrivMgrCoreDesc::setPriv(const PrivType which,
   priv_.set(SELECT_PRIV, value);
   priv_.set(INSERT_PRIV, value);

[3/3] incubator-trafodion git commit: Merge [TRAFODION-2203] PR 729 A user can grant a privilege he doesn't have to other users/roles successfully

2016-09-28 Thread rmarton

Merge [TRAFODION-2203] PR 729 A user can grant a privilege he doesn't have to 
other users/roles successfully


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/addb9b18
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/addb9b18
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/addb9b18

Branch: refs/heads/master
Commit: addb9b18d5e274d460110ea2076bdfd69c76e103
Parents: 71b1f8c 877a8e8
Author: Roberta Marton 
Authored: Wed Sep 28 14:50:24 2016 +
Committer: Roberta Marton 
Committed: Wed Sep 28 14:50:24 2016 +

--
 core/sql/bin/SqlciErrors.txt   |4 +-
 core/sql/regress/privs2/EXPECTED129|   16 +-
 core/sql/regress/privs2/EXPECTED135|   12 +-
 core/sql/regress/privs2/EXPECTED140|4 +-
 core/sql/sqlcomp/PrivMgrDesc.cpp   |   36 +-
 core/sql/sqlcomp/PrivMgrDesc.h |   22 +-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp | 1349 ---
 core/sql/sqlcomp/PrivMgrPrivileges.h   |   78 +-
 8 files changed, 668 insertions(+), 853 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/addb9b18/core/sql/bin/SqlciErrors.txt
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/addb9b18/core/sql/regress/privs2/EXPECTED129
--

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/addb9b18/core/sql/regress/privs2/EXPECTED135
--

[5/6] incubator-trafodion git commit: [TRAFODION-1794]: Log authentication Information

2016-09-21 Thread rmarton

[TRAFODION-1794]: Log authentication Information

Made changes suggested by previous delivery


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/3e05c90d
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/3e05c90d
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/3e05c90d

Branch: refs/heads/master
Commit: 3e05c90de214174e5735aadcb0ea1232355ababf
Parents: 77c6949
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Sep 20 00:04:40 2016 +
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Sep 20 00:04:40 2016 +

--
 core/conn/odbc/src/odbc/nsksrvrcore/Makefile |   2 +-
 core/dbsecurity/auth/Makefile|   2 -
 core/dbsecurity/auth/inc/auth.h  |  11 -
 core/dbsecurity/auth/inc/authEvents.h|  28 +-
 core/dbsecurity/auth/inc/dbUserAuth.h|   2 +
 core/dbsecurity/auth/inc/ldapconfignode.h|  46 +++-
 core/dbsecurity/auth/src/authEvents.cpp  |  52 +++-
 core/dbsecurity/auth/src/dbUserAuth.cpp  | 100 +++
 core/dbsecurity/auth/src/ldapcheck.cpp   | 301 +++---
 core/dbsecurity/auth/src/ldapconfignode.cpp  | 260 ---
 10 files changed, 457 insertions(+), 347 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3e05c90d/core/conn/odbc/src/odbc/nsksrvrcore/Makefile
--
diff --git a/core/conn/odbc/src/odbc/nsksrvrcore/Makefile 
b/core/conn/odbc/src/odbc/nsksrvrcore/Makefile
index 5490cbe..53cb1fb 100644
--- a/core/conn/odbc/src/odbc/nsksrvrcore/Makefile
+++ b/core/conn/odbc/src/odbc/nsksrvrcore/Makefile
@@ -64,7 +64,7 @@ OBJS  = $(OUTDIR)/CommonDiags.o \
 $(OUTDIR)/srvrothers.o \
 $(OUTDIR)/libmxocore_version.o
 
-INCLUDES = -I. -I../Common -I../EventMsgs -I../SrvrMsg 
-I../dependencies/include -I../dependencies/linux -I../Krypton/generated_incs  
-I$(SQ_HOME)/export/include/sql -I$(SQ_HOME)/inc/tmf_tipapi  -I$(SQ_HOME)/inc  
-I$(SQ_HOME)/export/include -I$(SQ_HOME)/sql/nq_w/common -I../OssCfgCl/src 
-I../CmdCfgDll -I$(PROTOBUFS_INC) -I$(SQ_HOME)/../sql/cli 
-I$(SQ_HOME)/../dbsecurity/cert/inc -I$(SQ_HOME)/../dbsecurity/auth/inc 
-I$(SQ_HOME)/../mpi/src/include/intern
+INCLUDES = -I. -I../Common -I../EventMsgs -I../SrvrMsg 
-I../dependencies/include -I../dependencies/linux -I../Krypton/generated_incs  
-I$(SQ_HOME)/export/include/sql -I$(SQ_HOME)/inc/tmf_tipapi  -I$(SQ_HOME)/inc  
-I$(SQ_HOME)/export/include -I$(SQ_HOME)/sql/nq_w/common -I../OssCfgCl/src 
-I../CmdCfgDll -I$(PROTOBUFS_INC) -I$(SQ_HOME)/../sql/cli 
-I$(SQ_HOME)/commonLogger -I$(SQ_HOME)/../dbsecurity/cert/inc 
-I$(SQ_HOME)/../dbsecurity/auth/inc -I$(SQ_HOME)/../mpi/src/include/intern
 
 DEFINES =  -DNA_LINUX -DSIZEOF_LONG_INT=4 -DUSE_NEW_PHANDLE -DSQ_GUARDIAN_CALL 
-D_M_DG -DINC_QPID_EVENT -w
 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3e05c90d/core/dbsecurity/auth/Makefile
--
diff --git a/core/dbsecurity/auth/Makefile b/core/dbsecurity/auth/Makefile
index acb26f6..9bd67e6 100644
--- a/core/dbsecurity/auth/Makefile
+++ b/core/dbsecurity/auth/Makefile
@@ -74,8 +74,6 @@ INCLUDES  = -I. -I./inc -I ../shared/inc \
 LINK_OPTIONS   = -L$(LIBEXPDIR) -lldap -lssl -llber -llog4cxx
 LINK_OPTIONS   += $(LNK_FLGS) 
 
-COMMON_LIBS =  -ltdm_sqlcli -larkcmp_dll  
-
 $(LIBEXPDIR)/libsqauth.so: $(OBJS)
$(CXX) -fPIC $(DBG_FLAGS) -shared $(GCCMODEXX) -o $@ $(INCLUDES) 
$(LINK_OPTIONS) $(OBJS)
 

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3e05c90d/core/dbsecurity/auth/inc/auth.h
--
diff --git a/core/dbsecurity/auth/inc/auth.h b/core/dbsecurity/auth/inc/auth.h
index 68d9b42..2b51371 100644
--- a/core/dbsecurity/auth/inc/auth.h
+++ b/core/dbsecurity/auth/inc/auth.h
@@ -49,17 +49,6 @@ enum UA_Status{
UA_STATUS_PARAM5 = 5
 };
 
-enum AUTH_OUTCOME{
-  AUTH_OK = 0,
-  AUTH_NOT_REGISTERED = 1,
-  AUTH_MD_NOT_AVAILABLE = 2,
-  AUTH_USER_INVALID = 3,
-  AUTH_TYPE_INCORRECT = 4,
-  AUTH_NO_PASSWORD = 5,
-  AUTH_REJECTED = 6,
-  AUTH_FAILED = 7
-};
-
 // Define a struct to populate the fields needed by authentication audit
 
 typedef struct client_info

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/3e05c90d/core/dbsecurity/auth/inc/authEvents.h
--
diff --git a/core/dbsecurity/auth/inc/authEvents.h 
b/core/dbsecurity/auth/inc/authEvents.h
index 8c4cefa..cd53ea5 100644
--- a/core/dbsecurity/auth/inc/authEvents.h
+++ b/core/dbsecurity/auth/inc/authEvents.h
@@ -31,10 +31,28 @@
 // For DBSe

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2177, TRAFODION-2188, TRAFODION-2197] pr 685 Various JIRA fixes related to security

2016-09-01 Thread rmarton

Merge [TRAFODION-2177, TRAFODION-2188, TRAFODION-2197] pr 685 Various JIRA 
fixes related to security


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/c581a16a
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/c581a16a
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/c581a16a

Branch: refs/heads/master
Commit: c581a16ae27f3da570b93e68bbea5b13812eaabf
Parents: 1b51c43 58e0061
Author: Roberta Marton 
Authored: Thu Sep 1 22:52:57 2016 +
Committer: Roberta Marton 
Committed: Thu Sep 1 22:52:57 2016 +

--
 core/sql/regress/privs1/EXPECTED132  | 177 +++---
 core/sql/regress/privs1/TEST132  |  39 ++
 core/sql/regress/privs2/EXPECTED139  | 155 ++
 core/sql/regress/privs2/TEST139  |  34 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp |  74 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp   |   8 +-
 core/sql/ustat/hs_globals.cpp|  57 +
 7 files changed, 433 insertions(+), 111 deletions(-)
--

[1/2] incubator-trafodion git commit: Various JIRA fixes related to security

2016-09-01 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 1b51c43f5 -> c581a16ae


Various JIRA fixes related to security

TRAFODION-2177: Revoke combined column privileges from role failed
TRAFODION-2188: Insufficient privileges on sample table
TRAFODION-2197: column privilege -- mxosrvr crashed

2177: Privilege list for object generated twice causing restrict check to fail
2188: Updated to allow user without create privilege to create sample table
2197: List index was incorrectly specified

In addition, relaxed rules on who can run update statistics to include anyone
that has SELECT privileges on the target table.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/58e00611
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/58e00611
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/58e00611

Branch: refs/heads/master
Commit: 58e006111d3a457cf61efad743f327d9d4822d8a
Parents: 5d06605
Author: Roberta Marton 
Authored: Thu Sep 1 17:28:20 2016 +
Committer: Roberta Marton 
Committed: Thu Sep 1 17:28:20 2016 +

--
 core/sql/regress/privs1/EXPECTED132  | 177 +++---
 core/sql/regress/privs1/TEST132  |  39 ++
 core/sql/regress/privs2/EXPECTED139  | 155 ++
 core/sql/regress/privs2/TEST139  |  34 +
 core/sql/sqlcomp/CmpSeabaseDDLcommon.cpp |  74 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.cpp   |   8 +-
 core/sql/ustat/hs_globals.cpp|  57 +
 7 files changed, 433 insertions(+), 111 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/58e00611/core/sql/regress/privs1/EXPECTED132
--
diff --git a/core/sql/regress/privs1/EXPECTED132 
b/core/sql/regress/privs1/EXPECTED132
index d84aee8..6df38e5 100644
--- a/core/sql/regress/privs1/EXPECTED132
+++ b/core/sql/regress/privs1/EXPECTED132
@@ -866,7 +866,7 @@ CREATE SEQUENCE TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_games;
 
 -- Definition of Trafodion table TRAFODION.T132SCH.T132_GAMES
--- Definition current  Thu Feb 25 11:15:40 2016
+-- Definition current  Thu Sep  1 16:41:51 2016
 
   (
 HOME_TEAM_NUMBER INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -883,7 +883,7 @@ CREATE SEQUENCE TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_teams;
 
 -- Definition of Trafodion table TRAFODION.T132SCH.T132_TEAMS
--- Definition current  Thu Feb 25 11:15:42 2016
+-- Definition current  Thu Sep  1 16:41:54 2016
 
   (
 TEAM_NUMBER  INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -900,7 +900,7 @@ CREATE SEQUENCE TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_giants_games;
 
 -- Definition of Trafodion view TRAFODION.T132SCH.T132_GIANTS_GAMES
--- Definition current  Thu Feb 25 11:15:43 2016
+-- Definition current  Thu Sep  1 16:41:57 2016
 
   (
 GAME_NUMBER  INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -914,7 +914,7 @@ CREATE SEQUENCE TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_home_teams_games;
 
 -- Definition of Trafodion view TRAFODION.T132SCH.T132_HOME_TEAMS_GAMES
--- Definition current  Thu Feb 25 11:15:45 2016
+-- Definition current  Thu Sep  1 16:41:59 2016
 
   (
 TEAM_NUMBER  INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -984,7 +984,7 @@ ALTER TABLE TRAFODION.T132SCH.T132_GAMES ADD CONSTRAINT
 >>invoke t132_games;
 
 -- Definition of Trafodion table TRAFODION.T132SCH.T132_GAMES
--- Definition current  Thu Feb 25 11:16:00 2016
+-- Definition current  Thu Sep  1 16:42:20 2016
 
   (
 HOME_TEAM_NUMBER INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -1179,7 +1179,7 @@ CREATE SEQUENCE 
TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_games;
 
 -- Definition of Trafodion table TRAFODION.T132SCH.T132_GAMES
--- Definition current  Thu Feb 25 11:16:33 2016
+-- Definition current  Thu Sep  1 16:42:56 2016
 
   (
 HOME_TEAM_NUMBER INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -1196,7 +1196,7 @@ CREATE SEQUENCE 
TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_teams;
 
 -- Definition of Trafodion table TRAFODION.T132SCH.T132_TEAMS
--- Definition current  Thu Feb 25 11:16:33 2016
+-- Definition current  Thu Sep  1 16:42:56 2016
 
   (
 TEAM_NUMBER  INT NO DEFAULT NOT NULL NOT DROPPABLE
@@ -1213,7 +1213,7 @@ CREATE SEQUENCE 
TRAFODION.T132SCH.T132_TEAM_NUMBER_SEQUENCE
 >>invoke t132_giants_games;
 
 -- Definition of Trafodion view TRAFODION.T132SCH.T132_GIANTS_GAMES
--- Definition current  Thu Feb 25 11:16:33 2016
+-- Definition current  Thu Sep  1 16:42:56 2016
 
   (

[3/3] incubator-trafodion git commit: Merge TRAFODION-2137 pr 660 Improve metadata access time during query compilation

2016-08-19 Thread rmarton

Merge TRAFODION-2137 pr 660 Improve metadata access time during query 
compilation


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/47d924b9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/47d924b9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/47d924b9

Branch: refs/heads/master
Commit: 47d924b9b7fcdc67f11a64ef368a3f03ab74bbff
Parents: d9e8233 77532ef
Author: Roberta Marton 
Authored: Fri Aug 19 17:42:39 2016 +
Committer: Roberta Marton 
Committed: Fri Aug 19 17:42:39 2016 +

--
 core/sql/comexe/ComTdb.h|  28 
 core/sql/common/ComSecurityKey.cpp  |  54 +++
 core/sql/common/ComSecurityKey.h|   8 ++
 core/sql/generator/Generator.cpp|  94 +++-
 core/sql/generator/Generator.h  |   7 +-
 core/sql/optimizer/NARoutine.cpp|  66 +++--
 core/sql/optimizer/NARoutine.h  |   2 +-
 core/sql/optimizer/NATable.cpp  |  93 
 core/sql/optimizer/NATable.h|   5 +-
 core/sql/regress/privs2/EXPECTED143 | Bin 59506 -> 60014 bytes
 core/sql/regress/privs2/TEST129 |   2 +
 core/sql/regress/privs2/TEST143 |   6 +
 core/sql/sqlcat/TrafDDLdesc.cpp |  50 +++
 core/sql/sqlcat/TrafDDLdesc.h   | 142 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   4 +
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  71 -
 core/sql/sqlcomp/PrivMgrCommands.cpp| 127 
 core/sql/sqlcomp/PrivMgrCommands.h  |  14 +-
 core/sql/sqlcomp/PrivMgrDesc.h  |  52 +--
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  | 207 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.h|  15 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  59 
 core/sql/sqlcomp/PrivMgrRoles.h |   4 +
 23 files changed, 1009 insertions(+), 101 deletions(-)
--

[1/3] incubator-trafodion git commit: TRAFODION [2137] Improve metadata access time during query compilation

2016-08-19 Thread rmarton

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master d9e8233c8 -> 47d924b9b


TRAFODION [2137] Improve metadata access time during query compilation

A change was made to return privilege information in the descriptor structure
instead of getting it when the NATable or NARoutine object is instantiated.
For tables, storing privileges in the descriptor structure allows privileges
to be saved with other table attributes in the metadata.  This improves metadata
access time during initial query compilations.

Changes:

--> At create time or when the object's DDL changes (redeftime), the compiler
gets the list of privs for all users. If stored descriptors is enabled,
this list is stored as part of the object definition in the TEXT table.
-->PrivMgr returns a list of bitmaps for all users granted any priv
-->the list of privs is transformed into a VirtTable
-->the VirtTable is transformed into TrafDesc
-->a packed form of the TrafDesc is stored in the TEXT table
--> When an NATable or NARoutine is instantiated, the current user's credentials
are extracted from the TrafDesc and stored in the class thereby eliminating
the need to perform I/O to get privs for the user.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/c23ad355
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/c23ad355
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/c23ad355

Branch: refs/heads/master
Commit: c23ad3559622b9aed0f817db817b5caf7622911d
Parents: 0a31bbb
Author: Roberta Marton 
Authored: Wed Aug 17 17:52:01 2016 +
Committer: Roberta Marton 
Committed: Wed Aug 17 17:52:01 2016 +

--
 core/sql/comexe/ComTdb.h|  29 
 core/sql/common/ComSecurityKey.cpp  |  54 +++
 core/sql/common/ComSecurityKey.h|   8 ++
 core/sql/generator/Generator.cpp|  95 +++-
 core/sql/generator/Generator.h  |   7 +-
 core/sql/optimizer/NARoutine.cpp|  66 +++--
 core/sql/optimizer/NARoutine.h  |   2 +-
 core/sql/optimizer/NATable.cpp  |  93 
 core/sql/optimizer/NATable.h|   5 +-
 core/sql/regress/privs2/EXPECTED143 | Bin 59506 -> 60014 bytes
 core/sql/regress/privs2/TEST129 |   2 +
 core/sql/regress/privs2/TEST143 |   6 +
 core/sql/sqlcat/TrafDDLdesc.cpp |  50 +++
 core/sql/sqlcat/TrafDDLdesc.h   | 142 +-
 core/sql/sqlcomp/CmpSeabaseDDL.h|   4 +
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  71 -
 core/sql/sqlcomp/PrivMgrCommands.cpp| 127 
 core/sql/sqlcomp/PrivMgrCommands.h  |  14 +-
 core/sql/sqlcomp/PrivMgrDesc.h  |  49 +--
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  | 207 ++-
 core/sql/sqlcomp/PrivMgrPrivileges.h|  15 +-
 core/sql/sqlcomp/PrivMgrRoles.cpp   |  59 
 core/sql/sqlcomp/PrivMgrRoles.h |   4 +
 23 files changed, 1010 insertions(+), 99 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/c23ad355/core/sql/comexe/ComTdb.h
--
diff --git a/core/sql/comexe/ComTdb.h b/core/sql/comexe/ComTdb.h
index 03a2f4b..19819f2 100644
--- a/core/sql/comexe/ComTdb.h
+++ b/core/sql/comexe/ComTdb.h
@@ -44,6 +44,8 @@
 #include "exp_expr.h"   // subclasses of TDB contain expressions
 #include "sqlcli.h"
 #include "ComSmallDefs.h"
+#include// list of privilege descriptors
+#include "PrivMgrDesc.h"// Privilege descriptors
 
 // ---
 // Classes defined in this file
@@ -1143,6 +1145,33 @@ class ComTdbVirtTableSequenceInfo : public 
ComTdbVirtTableBase
   Int64  redefTime;
 };
 
+
+// This class describes object and column privileges and if they are grantable 
+// (WGO) for an object. Privileges are stored as a vector of PrivMgrDesc's, one
+// per distinct grantee.  
+//
+//PrivMgrDesc:
+//  grantee - Int32
+//  objectPrivs - PrivMgrCoreDesc 
+//  columnPrivs - list of PrivMgrCoreDesc 
+//PrivMgrCoreDesc:
+//  bitmap of granted privileges
+//  bitmap of associated WGO (with grant option)
+//  column ordinal (number) set to -1 for object privs
+class ComTdbVirtTablePrivInfo : public ComTdbVirtTableBase
+{
+ public:
+  ComTdbVirtTablePrivInfo()
+: ComTdbVirtTableBase()
+{
+  init();
+}
+
+  virtual Int32 size() { return sizeof(ComTdbVirtTablePrivInfo);}
+
+  std::vector *privmgr_desc_list; 
+};
+
 class ComTdbVirtTableLibraryInfo : public ComTdbVirtTableBase
 {
  public:

[2/3] incubator-trafodion git commit: Fixed review comments for TRAFODION [2137] Improve metadata access changes

2016-08-19 Thread rmarton

Fixed review comments for TRAFODION [2137] Improve metadata access changes


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/77532ef9
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/77532ef9
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/77532ef9

Branch: refs/heads/master
Commit: 77532ef95b9083b9ca578ba923d97b9f6c07a8c2
Parents: c23ad35
Author: Roberta Marton 
Authored: Thu Aug 18 22:51:07 2016 +
Committer: Roberta Marton 
Committed: Thu Aug 18 22:51:07 2016 +

--
 core/sql/comexe/ComTdb.h|  3 +--
 core/sql/generator/Generator.cpp| 11 +--
 core/sql/sqlcomp/CmpSeabaseDDLtable.cpp |  4 ++--
 core/sql/sqlcomp/PrivMgrDesc.h  |  7 +++
 core/sql/sqlcomp/PrivMgrPrivileges.cpp  |  8 
 5 files changed, 15 insertions(+), 18 deletions(-)
--


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/77532ef9/core/sql/comexe/ComTdb.h
--
diff --git a/core/sql/comexe/ComTdb.h b/core/sql/comexe/ComTdb.h
index 19819f2..6e803d5 100644
--- a/core/sql/comexe/ComTdb.h
+++ b/core/sql/comexe/ComTdb.h
@@ -44,7 +44,6 @@
 #include "exp_expr.h"   // subclasses of TDB contain expressions
 #include "sqlcli.h"
 #include "ComSmallDefs.h"
-#include// list of privilege descriptors
 #include "PrivMgrDesc.h"// Privilege descriptors
 
 // ---
@@ -1169,7 +1168,7 @@ class ComTdbVirtTablePrivInfo : public ComTdbVirtTableBase
 
   virtual Int32 size() { return sizeof(ComTdbVirtTablePrivInfo);}
 
-  std::vector *privmgr_desc_list; 
+  NAList *privmgr_desc_list; 
 };
 
 class ComTdbVirtTableLibraryInfo : public ComTdbVirtTableBase

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/77532ef9/core/sql/generator/Generator.cpp
--
diff --git a/core/sql/generator/Generator.cpp b/core/sql/generator/Generator.cpp
index f419c1f..77ac6d0 100644
--- a/core/sql/generator/Generator.cpp
+++ b/core/sql/generator/Generator.cpp
@@ -1749,7 +1749,7 @@ TrafDesc * Generator::createPrivDescs( const 
ComTdbVirtTablePrivInfo * privInfo,
 {
   // When authorization is enabled, each object must have at least one grantee
   // - the system grant to the object owner
-  std::vector *privGrantees = privInfo[0].privmgr_desc_list;
+  NAList *privGrantees = privInfo[0].privmgr_desc_list;
   DCMPASSERT (privGrantees.size() > 0);
  
   TrafDesc * priv_desc = TrafAllocateDDLdesc(DESC_PRIV_TYPE, space);
@@ -1758,9 +1758,9 @@ TrafDesc * Generator::createPrivDescs( const 
ComTdbVirtTablePrivInfo * privInfo,
 
   // generate a TrafPrivGranteeDesc for each grantee and
   // attach to the privileges descriptor (priv_desc)
-  for (int i = 0; i < privGrantees->size(); i++)
+  for (int i = 0; i < privGrantees->entries(); i++)
 {
-  PrivMgrDesc granteeDesc = (*privGrantees)[i];
+  PrivMgrDesc  = (*privGrantees)[i];
   TrafDesc * curr_grantee_desc = 
TrafAllocateDDLdesc(DESC_PRIV_GRANTEE_TYPE, space);
   if (! first_grantee_desc)
 first_grantee_desc = curr_grantee_desc;
@@ -1778,15 +1778,14 @@ TrafDesc * Generator::createPrivDescs( const 
ComTdbVirtTablePrivInfo * privInfo,
 
   // generate a list of TrafPrivBitmapDesc, one for each column and
   // attach it to the TrafPrivGranteeDesc
-  std::vector colDescList = granteeDesc.getColumnPrivs();
-  size_t numCols = colDescList.size();
+  size_t numCols = granteeDesc.getColumnPrivs().entries();
   if (numCols > 0)
 {
   TrafDesc * first_col_desc = NULL;
   TrafDesc * prev_col_desc = NULL;
   for (int j = 0; j < numCols; j++)
 {
-  const PrivMgrCoreDesc colBitmap = colDescList[j];
+  const PrivMgrCoreDesc colBitmap = 
granteeDesc.getColumnPrivs()[j];
   TrafDesc * curr_col_desc = 
TrafAllocateDDLdesc(DESC_PRIV_BITMAP_TYPE, space);
   if (! first_col_desc)
 first_col_desc = curr_col_desc;

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/77532ef9/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
--
diff --git a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp 
b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
index 59a4817..a4122ec 100644
--- a/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
+++ b/core/sql/sqlcomp/CmpSeabaseDDLtable.cpp
@@ -10367,9 +10367,9 @@ ComTdbVirtTablePrivInfo * 
CmpSeabaseDDL::getSeabasePrivInfo(
   ComTdbVirtTablePrivInfo *privInfo = new (STMTHEAP)

[2/2] incubator-trafodion git commit: Merge [TRAFODION-2160] pr 656 Metadata upgrade failed with internal error

2016-08-12 Thread rmarton

Merge [TRAFODION-2160] pr 656 Metadata upgrade failed with internal error


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/a0a63630
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/a0a63630
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/a0a63630

Branch: refs/heads/master
Commit: a0a6363025d3ee7e68561401d4e0b90f95c94517
Parents: 216088d 5f1ca38
Author: Roberta Marton 
Authored: Fri Aug 12 23:40:04 2016 +
Committer: Roberta Marton 
Committed: Fri Aug 12 23:40:04 2016 +

--
 core/sql/regress/privs2/EXPECTED143 | Bin 59462 -> 59506 bytes
 core/sql/sqlcomp/PrivMgrMD.cpp  |   4 ++--
 2 files changed, 2 insertions(+), 2 deletions(-)
--

1 2 >

1 - 100 of 183 matches

Mail list logo