Source code: org/hsqldb/User.java
1 /* Copyrights and Licenses
2 *
3 * This product includes Hypersonic SQL.
4 * Originally developed by Thomas Mueller and the Hypersonic SQL Group.
5 *
6 * Copyright (c) 1995-2000 by the Hypersonic SQL Group. All rights reserved.
7 * Redistribution and use in source and binary forms, with or without modification, are permitted
8 * provided that the following conditions are met:
9 * - Redistributions of source code must retain the above copyright notice, this list of conditions
10 * and the following disclaimer.
11 * - Redistributions in binary form must reproduce the above copyright notice, this list of
12 * conditions and the following disclaimer in the documentation and/or other materials
13 * provided with the distribution.
14 * - All advertising materials mentioning features or use of this software must display the
15 * following acknowledgment: "This product includes Hypersonic SQL."
16 * - Products derived from this software may not be called "Hypersonic SQL" nor may
17 * "Hypersonic SQL" appear in their names without prior written permission of the
18 * Hypersonic SQL Group.
19 * - Redistributions of any form whatsoever must retain the following acknowledgment: "This
20 * product includes Hypersonic SQL."
21 * This software is provided "as is" and any expressed or implied warranties, including, but
22 * not limited to, the implied warranties of merchantability and fitness for a particular purpose are
23 * disclaimed. In no event shall the Hypersonic SQL Group or its contributors be liable for any
24 * direct, indirect, incidental, special, exemplary, or consequential damages (including, but
25 * not limited to, procurement of substitute goods or services; loss of use, data, or profits;
26 * or business interruption). However caused any on any theory of liability, whether in contract,
27 * strict liability, or tort (including negligence or otherwise) arising in any way out of the use of this
28 * software, even if advised of the possibility of such damage.
29 * This software consists of voluntary contributions made by many individuals on behalf of the
30 * Hypersonic SQL Group.
31 *
32 *
33 * For work added by the HSQL Development Group:
34 *
35 * Copyright (c) 2001-2002, The HSQL Development Group
36 * All rights reserved.
37 *
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions are met:
40 *
41 * Redistributions of source code must retain the above copyright notice, this
42 * list of conditions and the following disclaimer, including earlier
43 * license statements (above) and comply with all above license conditions.
44 *
45 * Redistributions in binary form must reproduce the above copyright notice,
46 * this list of conditions and the following disclaimer in the documentation
47 * and/or other materials provided with the distribution, including earlier
48 * license statements (above) and comply with all above license conditions.
49 *
50 * Neither the name of the HSQL Development Group nor the names of its
51 * contributors may be used to endorse or promote products derived from this
52 * software without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
55 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
56 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
57 * ARE DISCLAIMED. IN NO EVENT SHALL HSQL DEVELOPMENT GROUP, HSQLDB.ORG,
58 * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
61 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
62 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65 */
66
67
68 package org.hsqldb;
69
70 import java.sql.SQLException;
71 import java.util.Hashtable;
72
73 /**
74 * Class declaration
75 *
76 *
77 * @version 1.7.0
78 */
79 class User {
80
81 private boolean bAdministrator;
82 private Hashtable hRight;
83 private String sName, sPassword;
84 private User uPublic;
85
86 /**
87 * Constructor declaration
88 *
89 *
90 * @param name
91 * @param password
92 * @param admin
93 * @param pub
94 */
95 User(String name, String password, boolean admin, User pub) {
96
97 hRight = new Hashtable();
98 sName = name;
99
100 setPassword(password);
101
102 bAdministrator = admin;
103 uPublic = pub;
104 }
105
106 /**
107 * Method declaration
108 *
109 *
110 * @return
111 */
112 String getName() {
113 return sName;
114 }
115
116 /**
117 * Method declaration
118 *
119 *
120 * @return
121 */
122 String getPassword() {
123
124 // necessary to create the script
125 return sPassword;
126 }
127
128 /**
129 * Method declaration
130 *
131 *
132 * @return
133 */
134 Hashtable getRights() {
135
136 // necessary to create the script
137 return hRight;
138 }
139
140 /**
141 * Method declaration
142 *
143 *
144 * @param password
145 */
146 void setPassword(String password) {
147 sPassword = password;
148 }
149
150 /**
151 * Method declaration
152 *
153 *
154 * @param test
155 *
156 * @throws SQLException
157 */
158 void checkPassword(String test) throws SQLException {
159
160 Trace.check(test.equals(sPassword), Trace.ACCESS_IS_DENIED);
161
162 // this is a safer (but slower) version:
163 // if the password is not over 64 characters then this
164 // algorithm needs always about the same amount of time
165 /*
166 * int maxtest=test.length();
167 * int maxpass=sPassword.length();
168 * int max=64;
169 * if(maxtest>max) {
170 * max=maxtest;
171 * }
172 * if(maxpass>max) {
173 * max=maxpass;
174 * }
175 * boolean correct=true,dummy=true;
176 * for(int i=0;i<max;i++) {
177 * char a= (i>=maxtest) ? 0 : test.charAt(i);
178 * char b= (i>=maxpass) ? 0 : sPassword.charAt(i);
179 * if(a!=b) {
180 * correct=false;
181 * } else {
182 * dummy=true;
183 * }
184 * }
185 * Trace.check(correct,Trace.ACCESS_IS_DENIED);
186 */
187 }
188
189 /**
190 * Method declaration
191 *
192 *
193 * @param object
194 * @param right
195 */
196 void grant(String object, int right) {
197
198 Integer n = (Integer) hRight.get(object);
199
200 if (n == null) {
201 n = new Integer(right);
202 } else {
203 n = new Integer(n.intValue() | right);
204 }
205
206 hRight.put(object, n);
207 }
208
209 /**
210 * Method declaration
211 *
212 *
213 * @param object
214 * @param right
215 */
216 void revoke(String object, int right) {
217
218 Integer n = (Integer) hRight.get(object);
219
220 if (n == null) {
221 n = new Integer(right);
222 } else {
223 n = new Integer(n.intValue() & (UserManager.ALL - right));
224 }
225
226 hRight.put(object, n);
227 }
228
229 /**
230 * Method declaration
231 *
232 */
233 void revokeAll() {
234 hRight = null;
235 bAdministrator = false;
236 }
237
238 /**
239 * Method declaration
240 *
241 *
242 * @param object
243 * @param right
244 *
245 * @throws SQLException
246 */
247 void check(String object, int right) throws SQLException {
248
249 if (bAdministrator) {
250 return;
251 }
252
253 Integer n;
254
255 n = (Integer) hRight.get(object);
256
257 if ((n != null) && (n.intValue() & right) != 0) {
258 return;
259 }
260
261 if (uPublic != null) {
262 n = (Integer) (uPublic.hRight).get(object);
263
264 if ((n != null) && (n.intValue() & right) != 0) {
265 return;
266 }
267 }
268
269 throw Trace.error(Trace.ACCESS_IS_DENIED);
270 }
271
272 /**
273 * Method declaration
274 *
275 *
276 * @throws SQLException
277 */
278 void checkAdmin() throws SQLException {
279 Trace.check(isAdmin(), Trace.ACCESS_IS_DENIED);
280 }
281
282 /**
283 * Method declaration
284 *
285 *
286 * @return
287 */
288 boolean isAdmin() {
289 return bAdministrator;
290 }
291 }