Skip to content

Commit

Permalink
Revert "fix: correct the check of read security in new query engine"
Browse files Browse the repository at this point in the history
This reverts commit 4ce98c7.
  • Loading branch information
tglman committed Aug 31, 2023
1 parent 7df5ffa commit 5438119
Show file tree
Hide file tree
Showing 3 changed files with 3 additions and 21 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -6,14 +6,11 @@
import com.orientechnologies.orient.core.db.ODatabaseDocumentInternal;
import com.orientechnologies.orient.core.exception.OCommandExecutionException;
import com.orientechnologies.orient.core.metadata.schema.OClass;
import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.ORule;
import com.orientechnologies.orient.core.sql.executor.resultset.OLimitedResultSet;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Optional;
import java.util.Set;
Expand Down Expand Up @@ -137,11 +134,6 @@ private void sortClusers(int[] clusterIds) {
@Override
public OResultSet syncPull(OCommandContext ctx, int nRecords) throws OTimeoutException {
getPrev().ifPresent(x -> x.syncPull(ctx, nRecords));
ctx.getDatabase()
.checkSecurity(
ORule.ResourceGeneric.CLASS,
ORole.PERMISSION_READ,
className.toLowerCase(Locale.ENGLISH));
return new OLimitedResultSet(
new OResultSet() {

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,38 +5,29 @@
import com.orientechnologies.orient.core.command.OCommandContext;
import com.orientechnologies.orient.core.exception.OCommandExecutionException;
import com.orientechnologies.orient.core.metadata.schema.OClass;
import com.orientechnologies.orient.core.metadata.security.ORole;
import com.orientechnologies.orient.core.metadata.security.ORule;
import com.orientechnologies.orient.core.sql.executor.resultset.OFilterResultSet;
import com.orientechnologies.orient.core.sql.executor.resultset.OLimitedResultSet;
import com.orientechnologies.orient.core.sql.parser.OIdentifier;
import java.util.Locale;
import java.util.Optional;

/** Created by luigidellaquila on 01/03/17. */
public class FilterByClassStep extends AbstractExecutionStep {

private OIdentifier identifier;
private String className;
private OResultSet prevResult = null;
private long cost;

public FilterByClassStep(OIdentifier identifier, OCommandContext ctx, boolean profilingEnabled) {
super(ctx, profilingEnabled);
this.identifier = identifier;
className = identifier.getStringValue();
}

@Override
public OResultSet syncPull(OCommandContext ctx, int nRecords) throws OTimeoutException {
if (!prev.isPresent()) {
throw new IllegalStateException("filter step requires a previous step");
}
ctx.getDatabase()
.checkSecurity(
ORule.ResourceGeneric.CLASS,
ORole.PERMISSION_READ,
className.toLowerCase(Locale.ENGLISH));

return new OLimitedResultSet(
new OFilterResultSet(() -> fetchNext(ctx, nRecords), this::filterMap), nRecords);
}
Expand All @@ -46,7 +37,7 @@ private OResult filterMap(OResult result) {
try {
if (result.isElement()) {
Optional<OClass> clazz = result.getElement().get().getSchemaType();
if (clazz.isPresent() && clazz.get().isSubClassOf(className)) {
if (clazz.isPresent() && clazz.get().isSubClassOf(identifier.getStringValue())) {
return result;
}
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@
import com.orientechnologies.orient.core.db.ODatabaseSession;
import com.orientechnologies.orient.core.db.OrientDB;
import com.orientechnologies.orient.core.db.OrientDBConfig;
import com.orientechnologies.orient.core.exception.OSecurityException;
import com.orientechnologies.orient.core.record.OElement;
import com.orientechnologies.orient.core.sql.executor.OResultSet;
import org.junit.After;
Expand Down Expand Up @@ -59,7 +58,7 @@ public void after() {
this.db = null;
}

@Test(expected = OSecurityException.class)
@Test
public void testReadWithClassPermissions() {
db.createClass("Person");
ORole reader = db.getMetadata().getSecurity().getRole("reader");
Expand Down

0 comments on commit 5438119

Please sign in to comment.