Bug 34343 - revokePermission in PostgresRDBMSAdapter.java doesn't work
Summary: revokePermission in PostgresRDBMSAdapter.java doesn't work
Status: CLOSED FIXED
Alias: None
Product: Slide
Classification: Unclassified
Component: Stores (show other bugs)
Version: Nightly
Hardware: All All
: P2 normal (vote)
Target Milestone: ---
Assignee: Slide Developer List
URL:
Keywords: PatchAvailable
Depends on:
Blocks:
 
Reported: 2005-04-07 08:47 UTC by Tomasz Majchrzak
Modified: 2005-06-17 07:47 UTC (History)
0 users



Attachments
Patch to fix SQL-statements as suggested. (3.41 KB, patch)
2005-04-07 10:02 UTC, Martin Kal
Details | Diff
Patch to fix revokePermission for revisionNumber==null (2.88 KB, patch)
2005-06-02 19:59 UTC, Martin Kal
Details | Diff
Prepare statement before use (912 bytes, patch)
2005-06-06 12:34 UTC, Martin Kal
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Tomasz Majchrzak 2005-04-07 08:47:30 UTC
File: PostgresRDBMSAdapter.java
Method: public void revokePermission(Connection connection, Uri uri,
NodePermission permission) throws ServiceAccessException

This method doesn't work. Query is wrong and is crashing on PostgreSQL 8.0.
I changed query to:

      try {
                        NodeRevisionNumber revisionNumber =
permission.getRevisionNumber();
                        if (revisionNumber == null)
                                statement = connection.prepareStatement(
                                        "delete from PERMISSIONS where
(OBJECT_ID, SUBJECT_ID, ACTION_ID) IN ( SELECT ou.URI_ID, su.URI_ID, au.URI_ID
FROM URI ou, URI su, URI au WHERE ou.URI_STRING = ? and su.URI_STRING = ? and
au.URI_STRING = ?) and VERSION_NO IS NULL");
                        else
                                statement = connection.prepareStatement(
                                        "delete from PERMISSIONS where
(OBJECT_ID, SUBJECT_ID, ACTION_ID) IN ( SELECT ou.URI_ID, su.URI_ID, au.URI_ID
FROM URI ou, URI su, URI au WHERE ou.URI_STRING = ? and su.URI_STRING = ? and
au.URI_STRING = ?) and VERSION_NO = ?");

                        statement.setString(1, permission.getObjectUri());
                        statement.setString(2, permission.getSubjectUri());
                        statement.setString(3, permission.getActionUri());
                        if (revisionNumber != null)
                                statement.setString(4, revisionNumber.toString());
                        statement.executeUpdate();

Then it seems to work fine.
Comment 1 Martin Kal 2005-04-07 10:02:36 UTC
Created attachment 14636 [details]
Patch to fix SQL-statements as suggested.

Patch to fix SQL-statements as suggested. Changed the two different statements
into a single reusable PreparedStatement and standard JDBC setNull(), instead
of hardcoded "IS NULL" in SQL.
Comment 2 Unico Hommes 2005-05-18 19:36:45 UTC
Patch applied. Please cross-check and close.
Comment 3 Martin Kal 2005-06-02 16:26:49 UTC
The patch was incorrect for the case when revisionNumber==null. Previously I
only had a chance to verify this on Oracle and thought that PostgreSQL would
behave differently on the .setNull call. However, this is not the case and the
delete statement will not be able to remove permissions if revisionNumber==null.
Attaching new patch, unified with the latest CommonRDBMSAdapter.
Comment 4 Martin Kal 2005-06-02 19:59:17 UTC
Created attachment 15270 [details]
Patch to fix revokePermission for revisionNumber==null

Patch to fix revokePermission for revisionNumber==null. Unified with
CommonRDBMSAdapter rev 1.13. Created against CVS HEAD as of 2nd June 2005 17:00
CET.
Comment 5 Unico Hommes 2005-06-04 15:32:51 UTC
applied to both branches. please cross check and close.
Comment 6 Martin Kal 2005-06-06 12:32:27 UTC
Logic is now correct (verified with PG v8.0.1), however the statement is never 
prepared -- probably a messup by me. Attaching a new trivial patch to prepare 
the statement before setting parameters and executing.
Comment 7 Martin Kal 2005-06-06 12:34:24 UTC
Created attachment 15311 [details]
Prepare statement before use

Trivial unified patch to prepare statement before use. Created against CVS HEAD
but should apply to 2.1 branch as well.
Comment 8 Unico Hommes 2005-06-13 14:40:37 UTC
Fixed now.
Comment 9 Martin Kal 2005-06-17 15:47:22 UTC
Verified with PG 8.0.1 on Windows.