1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_connectivity.hxx"
26 #include "mysql/YUser.hxx"
27 #include <com/sun/star/sdbc/XRow.hpp>
28 #include <com/sun/star/sdbc/XResultSet.hpp>
29 #include "connectivity/dbtools.hxx"
30 #include "connectivity/dbexception.hxx"
31 #include <com/sun/star/sdbcx/Privilege.hpp>
32 #include <com/sun/star/sdbcx/PrivilegeObject.hpp>
33 #include "TConnection.hxx"
34 #include "resource/common_res.hrc"
35 
36 using namespace connectivity;
37 using namespace connectivity::mysql;
38 using namespace ::com::sun::star::uno;
39 using namespace ::com::sun::star::beans;
40 using namespace ::com::sun::star::sdbcx;
41 using namespace ::com::sun::star::sdbc;
42 using namespace ::com::sun::star::container;
43 using namespace ::com::sun::star::lang;
44 // -------------------------------------------------------------------------
OMySQLUser(const::com::sun::star::uno::Reference<::com::sun::star::sdbc::XConnection> & _xConnection)45 OMySQLUser::OMySQLUser(	const ::com::sun::star::uno::Reference< ::com::sun::star::sdbc::XConnection >& _xConnection) : connectivity::sdbcx::OUser(sal_True)
46 				,m_xConnection(_xConnection)
47 {
48 	construct();
49 }
50 // -------------------------------------------------------------------------
OMySQLUser(const::com::sun::star::uno::Reference<::com::sun::star::sdbc::XConnection> & _xConnection,const::rtl::OUString & _Name)51 OMySQLUser::OMySQLUser(   const ::com::sun::star::uno::Reference< ::com::sun::star::sdbc::XConnection >& _xConnection,
52 				const ::rtl::OUString& _Name
53 			) : connectivity::sdbcx::OUser(_Name,sal_True)
54 				,m_xConnection(_xConnection)
55 {
56 	construct();
57 }
58 // -------------------------------------------------------------------------
refreshGroups()59 void OMySQLUser::refreshGroups()
60 {
61 }
62 // -------------------------------------------------------------------------
OUserExtend(const::com::sun::star::uno::Reference<::com::sun::star::sdbc::XConnection> & _xConnection)63 OUserExtend::OUserExtend(	const ::com::sun::star::uno::Reference< ::com::sun::star::sdbc::XConnection >& _xConnection) : OMySQLUser(_xConnection)
64 {
65 	construct();
66 }
67 // -------------------------------------------------------------------------
68 typedef connectivity::sdbcx::OUser	OUser_TYPEDEF;
construct()69 void OUserExtend::construct()
70 {
71 	registerProperty(OMetaConnection::getPropMap().getNameByIndex(PROPERTY_ID_PASSWORD),	PROPERTY_ID_PASSWORD,0,&m_Password,::getCppuType(reinterpret_cast< ::rtl::OUString*>(NULL)));
72 }
73 // -----------------------------------------------------------------------------
createArrayHelper() const74 cppu::IPropertyArrayHelper* OUserExtend::createArrayHelper() const
75 {
76 	Sequence< Property > aProps;
77 	describeProperties(aProps);
78 	return new cppu::OPropertyArrayHelper(aProps);
79 }
80 // -------------------------------------------------------------------------
getInfoHelper()81 cppu::IPropertyArrayHelper & OUserExtend::getInfoHelper()
82 {
83 	return *OUserExtend_PROP::getArrayHelper();
84 }
85 typedef connectivity::sdbcx::OUser_BASE OUser_BASE_RBHELPER;
86 // -----------------------------------------------------------------------------
getPrivileges(const::rtl::OUString & objName,sal_Int32 objType)87 sal_Int32 SAL_CALL OMySQLUser::getPrivileges( const ::rtl::OUString& objName, sal_Int32 objType ) throw(SQLException, RuntimeException)
88 {
89 	::osl::MutexGuard aGuard(m_aMutex);
90 	checkDisposed(OUser_BASE_RBHELPER::rBHelper.bDisposed);
91 
92 	sal_Int32 nRights,nRightsWithGrant;
93 	findPrivilegesAndGrantPrivileges(objName,objType,nRights,nRightsWithGrant);
94 	return nRights;
95 }
96 // -----------------------------------------------------------------------------
findPrivilegesAndGrantPrivileges(const::rtl::OUString & objName,sal_Int32 objType,sal_Int32 & nRights,sal_Int32 & nRightsWithGrant)97 void OMySQLUser::findPrivilegesAndGrantPrivileges(const ::rtl::OUString& objName, sal_Int32 objType,sal_Int32& nRights,sal_Int32& nRightsWithGrant) throw(SQLException, RuntimeException)
98 {
99 	nRightsWithGrant = nRights = 0;
100 	// first we need to create the sql stmt to select the privs
101 	Reference<XDatabaseMetaData> xMeta = m_xConnection->getMetaData();
102 	::rtl::OUString sCatalog,sSchema,sTable;
103 	::dbtools::qualifiedNameComponents(xMeta,objName,sCatalog,sSchema,sTable,::dbtools::eInDataManipulation);
104 	Reference<XResultSet> xRes;
105 	switch(objType)
106 	{
107 		case PrivilegeObject::TABLE:
108 		case PrivilegeObject::VIEW:
109 			{
110 				Any aCatalog;
111 				if ( sCatalog.getLength() )
112 					aCatalog <<= sCatalog;
113 				xRes = xMeta->getTablePrivileges(aCatalog,sSchema,sTable);
114 			}
115 			break;
116 
117 		case PrivilegeObject::COLUMN:
118 			{
119 				Any aCatalog;
120 				if ( sCatalog.getLength() )
121 					aCatalog <<= sCatalog;
122 				xRes = xMeta->getColumnPrivileges(aCatalog,sSchema,sTable,::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("%")));
123 			}
124 			break;
125 	}
126 
127 	if ( xRes.is() )
128 	{
129 		static const ::rtl::OUString sSELECT	= ::rtl::OUString::createFromAscii("SELECT");
130 		static const ::rtl::OUString sINSERT	= ::rtl::OUString::createFromAscii("INSERT");
131 		static const ::rtl::OUString sUPDATE	= ::rtl::OUString::createFromAscii("UPDATE");
132 		static const ::rtl::OUString sDELETE	= ::rtl::OUString::createFromAscii("DELETE");
133 		static const ::rtl::OUString sREAD		= ::rtl::OUString::createFromAscii("READ");
134 		static const ::rtl::OUString sCREATE	= ::rtl::OUString::createFromAscii("CREATE");
135 		static const ::rtl::OUString sALTER		= ::rtl::OUString::createFromAscii("ALTER");
136 		static const ::rtl::OUString sREFERENCE = ::rtl::OUString::createFromAscii("REFERENCE");
137 		static const ::rtl::OUString sDROP		= ::rtl::OUString::createFromAscii("DROP");
138 		static const ::rtl::OUString sYes		= ::rtl::OUString::createFromAscii("YES");
139 
140 		nRightsWithGrant = nRights = 0;
141 
142 		Reference<XRow> xCurrentRow(xRes,UNO_QUERY);
143 		while( xCurrentRow.is() && xRes->next() )
144 		{
145 			::rtl::OUString sGrantee	= xCurrentRow->getString(5);
146 			::rtl::OUString sPrivilege	= xCurrentRow->getString(6);
147 			::rtl::OUString sGrantable	= xCurrentRow->getString(7);
148 
149 			if (!m_Name.equalsIgnoreAsciiCase(sGrantee))
150 				continue;
151 
152 			if (sPrivilege.equalsIgnoreAsciiCase(sSELECT))
153 			{
154 				nRights |= Privilege::SELECT;
155 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
156 					nRightsWithGrant |= Privilege::SELECT;
157 			}
158 			else if (sPrivilege.equalsIgnoreAsciiCase(sINSERT))
159 			{
160 				nRights |= Privilege::INSERT;
161 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
162 					nRightsWithGrant |= Privilege::INSERT;
163 			}
164 			else if (sPrivilege.equalsIgnoreAsciiCase(sUPDATE))
165 			{
166 				nRights |= Privilege::UPDATE;
167 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
168 					nRightsWithGrant |= Privilege::UPDATE;
169 			}
170 			else if (sPrivilege.equalsIgnoreAsciiCase(sDELETE))
171 			{
172 				nRights |= Privilege::DELETE;
173 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
174 					nRightsWithGrant |= Privilege::DELETE;
175 			}
176 			else if (sPrivilege.equalsIgnoreAsciiCase(sREAD))
177 			{
178 				nRights |= Privilege::READ;
179 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
180 					nRightsWithGrant |= Privilege::READ;
181 			}
182 			else if (sPrivilege.equalsIgnoreAsciiCase(sCREATE))
183 			{
184 				nRights |= Privilege::CREATE;
185 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
186 					nRightsWithGrant |= Privilege::CREATE;
187 			}
188 			else if (sPrivilege.equalsIgnoreAsciiCase(sALTER))
189 			{
190 				nRights |= Privilege::ALTER;
191 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
192 					nRightsWithGrant |= Privilege::ALTER;
193 			}
194 			else if (sPrivilege.equalsIgnoreAsciiCase(sREFERENCE))
195 			{
196 				nRights |= Privilege::REFERENCE;
197 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
198 					nRightsWithGrant |= Privilege::REFERENCE;
199 			}
200 			else if (sPrivilege.equalsIgnoreAsciiCase(sDROP))
201 			{
202 				nRights |= Privilege::DROP;
203 				if ( sGrantable.equalsIgnoreAsciiCase(sYes) )
204 					nRightsWithGrant |= Privilege::DROP;
205 			}
206 		}
207 		::comphelper::disposeComponent(xRes);
208 	}
209 }
210 // -------------------------------------------------------------------------
getGrantablePrivileges(const::rtl::OUString & objName,sal_Int32 objType)211 sal_Int32 SAL_CALL OMySQLUser::getGrantablePrivileges( const ::rtl::OUString& objName, sal_Int32 objType ) throw(SQLException, RuntimeException)
212 {
213 	::osl::MutexGuard aGuard(m_aMutex);
214 	checkDisposed(OUser_BASE_RBHELPER::rBHelper.bDisposed);
215 
216 	sal_Int32 nRights,nRightsWithGrant;
217 	findPrivilegesAndGrantPrivileges(objName,objType,nRights,nRightsWithGrant);
218 	return nRightsWithGrant;
219 }
220 // -------------------------------------------------------------------------
grantPrivileges(const::rtl::OUString & objName,sal_Int32 objType,sal_Int32 objPrivileges)221 void SAL_CALL OMySQLUser::grantPrivileges( const ::rtl::OUString& objName, sal_Int32 objType, sal_Int32 objPrivileges ) throw(SQLException, RuntimeException)
222 {
223     if ( objType != PrivilegeObject::TABLE )
224     {
225         ::connectivity::SharedResources aResources;
226         const ::rtl::OUString sError( aResources.getResourceString(STR_PRIVILEGE_NOT_GRANTED));
227         ::dbtools::throwGenericSQLException(sError,*this);
228     } // if ( objType != PrivilegeObject::TABLE )
229 
230 	::osl::MutexGuard aGuard(m_aMutex);
231 
232 	::rtl::OUString sPrivs = getPrivilegeString(objPrivileges);
233 	if(sPrivs.getLength())
234 	{
235 		::rtl::OUString sGrant;
236 		sGrant += ::rtl::OUString::createFromAscii("GRANT ");
237 		sGrant += sPrivs;
238 		sGrant += ::rtl::OUString::createFromAscii(" ON ");
239 		Reference<XDatabaseMetaData> xMeta = m_xConnection->getMetaData();
240 		sGrant += ::dbtools::quoteTableName(xMeta,objName,::dbtools::eInDataManipulation);
241 		sGrant += ::rtl::OUString::createFromAscii(" TO ");
242 		sGrant += m_Name;
243 
244 		Reference<XStatement> xStmt = m_xConnection->createStatement();
245 		if(xStmt.is())
246 			xStmt->execute(sGrant);
247 		::comphelper::disposeComponent(xStmt);
248 	}
249 }
250 // -------------------------------------------------------------------------
revokePrivileges(const::rtl::OUString & objName,sal_Int32 objType,sal_Int32 objPrivileges)251 void SAL_CALL OMySQLUser::revokePrivileges( const ::rtl::OUString& objName, sal_Int32 objType, sal_Int32 objPrivileges ) throw(SQLException, RuntimeException)
252 {
253     if ( objType != PrivilegeObject::TABLE )
254     {
255         ::connectivity::SharedResources aResources;
256         const ::rtl::OUString sError( aResources.getResourceString(STR_PRIVILEGE_NOT_REVOKED));
257         ::dbtools::throwGenericSQLException(sError,*this);
258     }
259 
260 	::osl::MutexGuard aGuard(m_aMutex);
261 	checkDisposed(OUser_BASE_RBHELPER::rBHelper.bDisposed);
262     ::rtl::OUString sPrivs = getPrivilegeString(objPrivileges);
263 	if(sPrivs.getLength())
264 	{
265 		::rtl::OUString sGrant;
266 		sGrant += ::rtl::OUString::createFromAscii("REVOKE ");
267 		sGrant += sPrivs;
268 		sGrant += ::rtl::OUString::createFromAscii(" ON ");
269 		Reference<XDatabaseMetaData> xMeta = m_xConnection->getMetaData();
270 		sGrant += ::dbtools::quoteTableName(xMeta,objName,::dbtools::eInDataManipulation);
271 		sGrant += ::rtl::OUString::createFromAscii(" FROM ");
272 		sGrant += m_Name;
273 
274 		Reference<XStatement> xStmt = m_xConnection->createStatement();
275 		if(xStmt.is())
276 			xStmt->execute(sGrant);
277 		::comphelper::disposeComponent(xStmt);
278 	}
279 }
280 // -----------------------------------------------------------------------------
281 // XUser
changePassword(const::rtl::OUString &,const::rtl::OUString & newPassword)282 void SAL_CALL OMySQLUser::changePassword( const ::rtl::OUString& /*oldPassword*/, const ::rtl::OUString& newPassword ) throw(SQLException, RuntimeException)
283 {
284 	::osl::MutexGuard aGuard(m_aMutex);
285 	checkDisposed(OUser_BASE_RBHELPER::rBHelper.bDisposed);
286 	::rtl::OUString sAlterPwd;
287 	sAlterPwd = ::rtl::OUString::createFromAscii("SET PASSWORD FOR ");
288 	sAlterPwd += m_Name;
289 	sAlterPwd += ::rtl::OUString::createFromAscii("@\"%\" = PASSWORD('") ;
290 	sAlterPwd += newPassword;
291 	sAlterPwd += ::rtl::OUString::createFromAscii("')") ;
292 
293 
294 	Reference<XStatement> xStmt = m_xConnection->createStatement();
295 	if ( xStmt.is() )
296 	{
297 		xStmt->execute(sAlterPwd);
298 		::comphelper::disposeComponent(xStmt);
299 	}
300 }
301 // -----------------------------------------------------------------------------
getPrivilegeString(sal_Int32 nRights) const302 ::rtl::OUString OMySQLUser::getPrivilegeString(sal_Int32 nRights) const
303 {
304 	::rtl::OUString sPrivs;
305 	if((nRights & Privilege::INSERT) == Privilege::INSERT)
306 		sPrivs += ::rtl::OUString::createFromAscii("INSERT");
307 
308 	if((nRights & Privilege::DELETE) == Privilege::DELETE)
309 	{
310 		if(sPrivs.getLength())
311 			sPrivs += ::rtl::OUString::createFromAscii(",");
312 		sPrivs += ::rtl::OUString::createFromAscii("DELETE");
313 	}
314 
315 	if((nRights & Privilege::UPDATE) == Privilege::UPDATE)
316 	{
317 		if(sPrivs.getLength())
318 			sPrivs += ::rtl::OUString::createFromAscii(",");
319 		sPrivs += ::rtl::OUString::createFromAscii("UPDATE");
320 	}
321 
322 	if((nRights & Privilege::ALTER) == Privilege::ALTER)
323 	{
324 		if(sPrivs.getLength())
325 			sPrivs += ::rtl::OUString::createFromAscii(",");
326 		sPrivs += ::rtl::OUString::createFromAscii("ALTER");
327 	}
328 
329 	if((nRights & Privilege::SELECT) == Privilege::SELECT)
330 	{
331 		if(sPrivs.getLength())
332 			sPrivs += ::rtl::OUString::createFromAscii(",");
333 		sPrivs += ::rtl::OUString::createFromAscii("SELECT");
334 	}
335 
336 	if((nRights & Privilege::REFERENCE) == Privilege::REFERENCE)
337 	{
338 		if(sPrivs.getLength())
339 			sPrivs += ::rtl::OUString::createFromAscii(",");
340 		sPrivs += ::rtl::OUString::createFromAscii("REFERENCES");
341 	}
342 
343 	return sPrivs;
344 }
345 // -----------------------------------------------------------------------------
346 
347