[1/2] incubator-trafodion git commit: TRAFODION-2330 Using trafci, a select from a table succeeds even if the user does not have the priv

[rmarton]

Repository: incubator-trafodion
Updated Branches:
  refs/heads/master 59cbda3f8 -> 9c712a4aa


TRAFODION-2330 Using trafci, a select from a table succeeds even if the user
               does not have the priv

There is a problem when the session user changes in a mxosrvr process.  The
existing compiler caches are not getting cleared so the new user will be
accessing the previous users' caches.  This could lead to allowing someone
that does not have privileges to gain access to an object.

The change is to clear all caches during a session user change operation.


Project: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/repo
Commit: 
http://git-wip-us.apache.org/repos/asf/incubator-trafodion/commit/6cd6be85
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/tree/6cd6be85
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafodion/diff/6cd6be85

Branch: refs/heads/master
Commit: 6cd6be853fb1508e7b33d8e12c0fea0a0a8ef044
Parents: 1c8f25b
Author: Roberta Marton <rmarton@edev07.esgyn.local>
Authored: Tue Nov 1 05:22:44 2016 +0000
Committer: Roberta Marton <rmarton@edev07.esgyn.local>
Committed: Tue Nov 1 05:22:44 2016 +0000

----------------------------------------------------------------------
 core/sql/arkcmp/CmpContext.cpp | 12 ++++++++++++
 core/sql/arkcmp/CmpContext.h   |  2 ++
 core/sql/cli/Context.cpp       | 14 ++++++++++++++
 3 files changed, 28 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/arkcmp/CmpContext.cpp
----------------------------------------------------------------------
diff --git a/core/sql/arkcmp/CmpContext.cpp b/core/sql/arkcmp/CmpContext.cpp
index a256db0..c0ab3a4 100644
--- a/core/sql/arkcmp/CmpContext.cpp
+++ b/core/sql/arkcmp/CmpContext.cpp
@@ -1157,4 +1157,16 @@ void CmpContext::resetLogmxEventSqlText()
    delete sqlTextBuf_ ;
    sqlTextBuf_ = NULL ;
 }
+
+void CmpContext::clearAllCaches()
+{
+   qcache_->makeEmpty();
+   schemaDB_->getNATableDB()->setCachingOFF();
+   schemaDB_->getNATableDB()->setCachingON();
+   schemaDB_->getNARoutineDB()->setCachingOFF();
+   schemaDB_->getNARoutineDB()->setCachingON();
+   if(histogramCache_)
+      histogramCache_->invalidateCache();
+}
+
 #endif // NA_CMPDLL

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/arkcmp/CmpContext.h
----------------------------------------------------------------------
diff --git a/core/sql/arkcmp/CmpContext.h b/core/sql/arkcmp/CmpContext.h
index 37d2df7..8268639 100644
--- a/core/sql/arkcmp/CmpContext.h
+++ b/core/sql/arkcmp/CmpContext.h
@@ -479,6 +479,8 @@ public :
 
   NAList<DDLObjInfo>& ddlObjsList() { return ddlObjs_; }
 
+  void clearAllCaches();
+
 // MV
 private:
 // Adding support for multi threaded requestor (multi transactions) handling

http://git-wip-us.apache.org/repos/asf/incubator-trafodion/blob/6cd6be85/core/sql/cli/Context.cpp
----------------------------------------------------------------------
diff --git a/core/sql/cli/Context.cpp b/core/sql/cli/Context.cpp
index b454a3a..33b935c 100644
--- a/core/sql/cli/Context.cpp
+++ b/core/sql/cli/Context.cpp
@@ -2864,7 +2864,21 @@ void ContextCli::completeSetAuthID(
 // Recreate MXCMP if previously connected and currently connected user id's 
 // are different.
    if ( recreateMXCMP )
+   {
+      // reset rolelist in anticipation of the new user
+      resetRoleList();
+
+      // create all the caches
+      CmpContextInfo *cmpCntxtInfo;
+      for (int i = 0; i < cmpContextInfo_.entries(); i++)
+      {
+         cmpCntxtInfo = cmpContextInfo_[i];
+         cmpCntxtInfo->getCmpContext()->clearAllCaches();
+      }
+
+      // clear caches in secondary arkcmps
       killAndRecreateMxcmp();
+   }
  
    if (eraseCQDs)
    {