1 | /* |
2 | * Copyright 2004-2014 H2 Group. Multiple-Licensed under the MPL 2.0, |
3 | * and the EPL 1.0 (http://h2database.com/html/license.html). |
4 | * Initial Developer: H2 Group |
5 | */ |
6 | package org.h2.command.ddl; |
7 | |
8 | import org.h2.api.ErrorCode; |
9 | import org.h2.command.CommandInterface; |
10 | import org.h2.engine.Database; |
11 | import org.h2.engine.Session; |
12 | import org.h2.engine.User; |
13 | import org.h2.expression.Expression; |
14 | import org.h2.message.DbException; |
15 | import org.h2.security.SHA256; |
16 | import org.h2.util.StringUtils; |
17 | |
18 | /** |
19 | * This class represents the statements |
20 | * ALTER USER ADMIN, |
21 | * ALTER USER RENAME, |
22 | * ALTER USER SET PASSWORD |
23 | */ |
24 | public class AlterUser extends DefineCommand { |
25 | |
26 | private int type; |
27 | private User user; |
28 | private String newName; |
29 | private Expression password; |
30 | private Expression salt; |
31 | private Expression hash; |
32 | private boolean admin; |
33 | |
34 | public AlterUser(Session session) { |
35 | super(session); |
36 | } |
37 | |
38 | public void setType(int type) { |
39 | this.type = type; |
40 | } |
41 | |
42 | public void setNewName(String newName) { |
43 | this.newName = newName; |
44 | } |
45 | |
46 | public void setUser(User user) { |
47 | this.user = user; |
48 | } |
49 | |
50 | public void setAdmin(boolean admin) { |
51 | this.admin = admin; |
52 | } |
53 | |
54 | public void setSalt(Expression e) { |
55 | salt = e; |
56 | } |
57 | |
58 | public void setHash(Expression e) { |
59 | hash = e; |
60 | } |
61 | |
62 | public void setPassword(Expression password) { |
63 | this.password = password; |
64 | } |
65 | |
66 | private char[] getCharArray(Expression e) { |
67 | return e.optimize(session).getValue(session).getString().toCharArray(); |
68 | } |
69 | |
70 | private byte[] getByteArray(Expression e) { |
71 | return StringUtils.convertHexToBytes( |
72 | e.optimize(session).getValue(session).getString()); |
73 | } |
74 | |
75 | @Override |
76 | public int update() { |
77 | session.commit(true); |
78 | Database db = session.getDatabase(); |
79 | switch (type) { |
80 | case CommandInterface.ALTER_USER_SET_PASSWORD: |
81 | if (user != session.getUser()) { |
82 | session.getUser().checkAdmin(); |
83 | } |
84 | if (hash != null && salt != null) { |
85 | user.setSaltAndHash(getByteArray(salt), getByteArray(hash)); |
86 | } else { |
87 | String name = newName == null ? user.getName() : newName; |
88 | char[] passwordChars = getCharArray(password); |
89 | byte[] userPasswordHash = SHA256.getKeyPasswordHash(name, passwordChars); |
90 | user.setUserPasswordHash(userPasswordHash); |
91 | } |
92 | break; |
93 | case CommandInterface.ALTER_USER_RENAME: |
94 | session.getUser().checkAdmin(); |
95 | if (db.findUser(newName) != null || newName.equals(user.getName())) { |
96 | throw DbException.get(ErrorCode.USER_ALREADY_EXISTS_1, newName); |
97 | } |
98 | db.renameDatabaseObject(session, user, newName); |
99 | break; |
100 | case CommandInterface.ALTER_USER_ADMIN: |
101 | session.getUser().checkAdmin(); |
102 | if (!admin) { |
103 | user.checkOwnsNoSchemas(); |
104 | } |
105 | user.setAdmin(admin); |
106 | break; |
107 | default: |
108 | DbException.throwInternalError("type=" + type); |
109 | } |
110 | db.updateMeta(session, user); |
111 | return 0; |
112 | } |
113 | |
114 | @Override |
115 | public int getType() { |
116 | return type; |
117 | } |
118 | |
119 | } |