{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 We Are One 的问题《What privileges are needed to run this query?》','https://www.manongdao.com/q-1089182.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I use InterSystem's cache JDBC driver to query the "database dictionary" in order to retrieve source code from classes.
I have this SQL query:
final String query = "select id, super"
+ " from %Dictionary.ClassDefinition"
+ " where System = '0'"
+ " and name not like '\\%%' escape '\\'"
+ " and deployed != 2";
Right now, the user performing this query has %All as a role, which is of course not a good thing. I try and reduce the privileges of this user to the strict minimum necessary.
I am connected to namespace SAMPLES; I have created a role, say FOO to which I have given these privileges:
%Service_SQL(U);%DB_SAMPLES(R);selectprivilege on table%Dictionary.ClassDefinitionin namespace%SYS.
I have tried and given my user only this role; but it fails at execution (-99 error translated: "privilege violation"):
Exception in thread "main" java.sql.SQLException: [SQLCODE: <-99>:<Violación de privilegio >]
[Location: <Prepare>]
[%msg: <User sonar is not privileged for the operation>]
at com.intersys.jdbc.CacheConnection.getServerError(CacheConnection.java:1312)
at com.intersys.jdbc.CacheConnection.processError(CacheConnection.java:1552)
at com.intersys.jdbc.InStream.readHeader(InStream.java:164)
at com.intersys.jdbc.CachePreparedStatement.prepareInternal(CachePreparedStatement.java:633)
at com.intersys.jdbc.CachePreparedStatement.prepare(CachePreparedStatement.java:594)
at com.intersys.jdbc.CachePreparedStatement.<init>(CachePreparedStatement.java:141)
at com.intersys.jdbc.CacheConnection.prepareStatement(CacheConnection.java:1860)
at com.intersys.jdbc.CacheConnection.prepareStatement(CacheConnection.java:484)
at es.litesolutions.cacheqc.dbread.CacheDbReader.listClasses(CacheDbReader.java:47)
at es.litesolutions.cacheqc.dbread.CacheDbReader.main(CacheDbReader.java:69)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:140)
What privileges are missing so that I can use PreparedStatements?
(Yes, I know the query above has no bind variables but other queries will have bind variables.)
And you should add access for concrete table. It is possibble to do for role or for user, in tab SQL tables. Just add table %Dictiinary.Classdefinition
To find errors in settings of permissions, you can also use Audit
You should add access for table
%Dictionary.ClassDefinitionfrom namespace SAMPLES. It is important to choose correct namespace, because you connect toSAMPLES.