Sql.Database.Logical.Authorizing

Unit
Source
Symbols

Symbol	Description
EAuthorizingSqlDatabase
TAuthorizingSqlDatabase	Adds authorization capabilities to a `TSqlDatabase`.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
///////////////////////////////////////////////////////////////////////////
//                                                                       //
//  Copyright (c) 2015 by Charta Software B.V.                           //
//  All rights reserved                                                  //
//                                                                       //
//  Version:  1.7.0.83525                                                //
//  Web site: https://pascal.chartasoftware.com/                         //
//                                                                       //
//  This code and information are provided "as is" without warranty of   //
//  any kind. Dissemination of this information or reproduction of       //
//  this material is strictly forbidden unless prior written permission  //
//  is obtained from Charta Software B.V..                               //
//                                                                       //
///////////////////////////////////////////////////////////////////////////

unit Sql.Database.Logical.Authorizing;

// TODO:
//   * Should we check restricted table types for SubqueryViews?

interface

uses
  Authorization.Authorizer,
  Exception,
  Sql.Database,
  Sql.Database.Logical,
  Sql.Result,
  Sql.Statement;

type
  EAuthorizingSqlDatabase = class(EException);
  
  TAuthorizingSqlDatabase = class(TLogicalSqlDatabase)
  protected
    Authorizer: TAuthorizer;

    function    HandleDecoratedStatement(Statement: TSqlStatement; ResultMethod: TSqlQueryResultMethod): TSqlResult;

  public
    constructor Create(Database: TSqlDatabase; Authorizer: TAuthorizer); reintroduce; virtual;

    function    Query(Statement: TSqlStatement; ResultMethod: TSqlQueryResultMethod = sqrmStoreResult): TSqlResult; override;
  end;

implementation

uses
  Sql.Database.Logical.Authorizing.RewriteRule,
  Sql.Rewriter,
  Sql.Rewriter.Rule,
  Sql.Statement.DataManipulation,
  Sql.Statement.ResultSet;

{ TAuthorizingSqlDatabase }

constructor TAuthorizingSqlDatabase.Create(Database: TSqlDatabase; Authorizer: TAuthorizer);
begin
  inherited Create(Database);

  Self.Authorizer := Authorizer;
end;

function TAuthorizingSqlDatabase.HandleDecoratedStatement(Statement: TSqlStatement; ResultMethod: TSqlQueryResultMethod): TSqlResult;
var
  WorkingCopy:  TSqlStatement;
  Rewriter:     TSqlRewriter;
  RewriteRule:  TSqlRewriteRule;
begin
  Statement.AddReference();

  WorkingCopy := Statement.CopyStatement();
  WorkingCopy.AddReference();

  RewriteRule := TAuthorizingSqlRewriteRule.Create(Authorizer);

  Rewriter := TSqlRewriter.Create(RewriteRule);
  Rewriter.DecorateStatement(WorkingCopy);

  Result := Database.Query(WorkingCopy, ResultMethod);

  Rewriter.Free();
  RewriteRule.Free();

  Statement.ReleaseReference();
  WorkingCopy.ReleaseReference();
end;

function TAuthorizingSqlDatabase.Query(Statement: TSqlStatement; ResultMethod: TSqlQueryResultMethod): TSqlResult;
begin
  if (Statement is TSqlResultSetStatement) or (Statement is TSqlUpdate) or (Statement is TSqlDelete) then
    Result := HandleDecoratedStatement(Statement, ResultMethod)
  else
    Result := Database.Query(Statement, ResultMethod);
end;

end.