// anyPrivilege implements the DescriptorAccessor interface.
func (p *planner) anyPrivilege(descriptor sqlbase.DescriptorProto) error {
if userCanSeeDescriptor(descriptor, p.session.User) {
return nil
}
return fmt.Errorf("user %s has no privileges on %s %s",
p.session.User, descriptor.TypeName(), descriptor.GetName())
}
// createDescriptor implements the DescriptorAccessor interface.
func (p *planner) createDescriptor(
plainKey sqlbase.DescriptorKey, descriptor sqlbase.DescriptorProto, ifNotExists bool,
) (bool, error) {
idKey := plainKey.Key()
if exists, err := p.descExists(idKey); err == nil && exists {
if ifNotExists {
// Noop.
return false, nil
}
// Key exists, but we don't want it to: error out.
switch descriptor.TypeName() {
case "database":
return false, sqlbase.NewDatabaseAlreadyExistsError(plainKey.Name())
case "table", "view":
return false, sqlbase.NewRelationAlreadyExistsError(plainKey.Name())
default:
return false, descriptorAlreadyExistsErr{descriptor, plainKey.Name()}
}
} else if err != nil {
return false, err
}
id, err := GenerateUniqueDescID(p.txn)
if err != nil {
return false, err
}
return true, p.createDescriptorWithID(idKey, id, descriptor)
}
// checkPrivilege implements the DescriptorAccessor interface.
func (p *planner) checkPrivilege(
descriptor sqlbase.DescriptorProto, privilege privilege.Kind,
) error {
if descriptor.GetPrivileges().CheckPrivilege(p.session.User, privilege) {
return nil
}
return fmt.Errorf("user %s does not have %s privilege on %s %s",
p.session.User, privilege, descriptor.TypeName(), descriptor.GetName())
}