/****************************************************************************
** (c) Copyright IBM Corp. 2007 All rights reserved.
**
** The following sample of source code ("Sample") is owned by International
** Business Machines Corporation or one of its subsidiaries ("IBM") and is
** copyrighted and licensed, not sold. You may use, copy, modify, and
** distribute the Sample in any form without payment to IBM, for the purpose of
** assisting you in the development of your applications.
**
** The Sample code is provided to you on an "AS IS" basis, without warranty of
** any kind. IBM HEREBY EXPRESSLY DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR
** IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
** MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do
** not allow for the exclusion or limitation of implied warranties, so the above
** limitations or exclusions may not apply to you. IBM shall not be liable for
** any damages you suffer as a result of using, copying, modifying or
** distributing the Sample, even if IBM has been advised of the possibility of
** such damages.
******************************************************************************
**
** SOURCE FILE NAME: DbAuth.cs
**
** SAMPLE: How to Grant, display and revoke privileges on database
** with the DB2 .NET Data Provider
**
** SQL Statements USED:
** COMMIT
** GRANT
** REVOKE
** SELECT
**
** DB2 .NET Data Provider Classes USED:
** DB2Connection
** DB2Command
** DB2Transaction
**
**
*****************************************************************************
**
** Building and Running the sample program
**
** 1. Compile the DbAuth.cs file with bldapp.bat by entering the following
** at the command prompt:
**
** bldapp DbAuth
**
** or compile DbAuth.cs with the makefile by entering the following at
** the command prompt:
**
** nmake DbAuth
**
** 2. Run the DbAuth program by entering the program name at the command
** prompt:
**
** DbAuth
**
*****************************************************************************
**
** For more information on the sample programs, see the README file.
**
** For information on developing applications, see the Application
** Development Guide.
**
** For information on using SQL statements, see the SQL Reference.
**
** For the latest information on programming, compiling, and running DB2
** applications, visit the DB2 Information Center at
** http://publib.boulder.ibm.com/infocenter/db2luw/v9r7/index.jsp
**
****************************************************************************/
using System;
using System.Data;
using System.IO;
using IBM.Data.DB2;
class DbAuth
{
public static void Main(String[] args)
{
DB2Connection conn = null;
DB2Transaction trans = null;
try
{
Console.Write("\n THIS SAMPLE SHOWS HOW TO GRANT/DISPLAY/REVOKE ");
Console.WriteLine(" AUTHORITIES ON DATABASE.");
// Connect to a database
Console.WriteLine("\n Connecting to a database ...");
conn = ConnectDb(args);
Console.WriteLine();
// Grant user authorities on a database
trans = conn.BeginTransaction();
Grant(conn,trans);
// Display user authorities on a database
Display(conn);
// Revoke user authorities on a database
trans = conn.BeginTransaction();
Revoke(conn,trans);
// Disconnect from the database
Console.WriteLine("\n Disconnect from the database.");
conn.Close();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
conn.Close();
}
} // Main
// Helper method: This method establishes a connection to a database
public static DB2Connection ConnectDb(String[] argv)
{
String server = "";
String alias = "";
String userId = "";
String password = "";
Int32 portNumber = -1;
String connectString;
if( argv.Length > 5 ||
( argv.Length == 1 &&
( String.Compare(argv[0],"?") == 0 ||
String.Compare(argv[0],"-?") == 0 ||
String.Compare(argv[0],"/?") == 0 ||
String.Compare(argv[0],"-h",true) == 0 ||
String.Compare(argv[0],"/h",true) == 0 ||
String.Compare(argv[0],"-help",true) == 0 ||
String.Compare(argv[0],"/help",true) == 0 ) ) )
{
throw new Exception(
"Usage: prog_name [dbAlias] [userId passwd] \n" +
" prog_name [dbAlias] server portNum userId passwd");
}
switch (argv.Length)
{
case 0: // Use all defaults
alias = "sample";
userId = "";
password = "";
break;
case 1: // dbAlias specified
alias = argv[0];
userId = "";
password = "";
break;
case 2: // userId & passwd specified
alias = "sample";
userId = argv[0];
password = argv[1];
break;
case 3: // dbAlias, userId & passwd specified
alias = argv[0];
userId = argv[1];
password = argv[2];
break;
case 4: // use default dbAlias
alias = "sample";
server = argv[0];
portNumber = Convert.ToInt32(argv[1]);
userId = argv[2];
password = argv[3];
break;
case 5: // everything specified
alias = argv[0];
server = argv[1];
portNumber = Convert.ToInt32(argv[2]);
userId = argv[3];
password = argv[4];
break;
}
if(portNumber==-1)
{
connectString = "Database=" + alias;
}
else
{
connectString = "Server=" + server + ":" + portNumber +
";Database=" + alias;
}
if(userId != "")
{
connectString += ";UID=" + userId + ";PWD=" + password;
}
DB2Connection conn = new DB2Connection(connectString);
conn.Open();
Console.WriteLine(" Connected to the " + alias + " database");
return conn;
} // ConnectDb
// This method shows how to grant user authorities on a database
public static void Grant(DB2Connection conn, DB2Transaction trans)
{
Console.WriteLine(
" ----------------------------------------------------------\n" +
" USE THE SQL STATEMENTS:\n" +
" GRANT (Database Authorities)\n" +
" COMMIT\n" +
" TO GRANT AUTHORITIES AT DATABASE LEVEL.\n");
try
{
Console.WriteLine(
" GRANT CONNECT, CREATETAB, BINDADD\n" +
" ON DATABASE\n" +
" TO USER user1");
// Grant authorities to 'user1'
DB2Command cmd = conn.CreateCommand();
cmd.CommandText = "GRANT CONNECT, CREATETAB, BINDADD " +
" ON DATABASE" +
" TO USER user1";
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
// Commit the transaction
Console.WriteLine();
Console.WriteLine(" COMMIT");
trans.Commit();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
trans.Rollback();
}
} // Grant
// This method displays the authorities for a user on a database
public static void Display(DB2Connection conn)
{
Console.WriteLine();
Console.WriteLine(
" ----------------------------------------------------------\n" +
" USE THE SQL STATEMENT:\n" +
" SELECT\n" +
" TO DISPLAY AUTHORITIES FOR ANY USER AT DATABASE LEVEL.\n");
Console.WriteLine(
" SELECT granteetype, dbadmauth, createtabauth,\n" +
" bindaddauth, connectauth, nofenceauth,\n" +
" implschemaauth, loadauth\n" +
" FROM syscat.dbauth\n" +
" WHERE grantee = 'USER1'\n");
// Retrieve and display the results from the SELECT statement
try
{
DB2Command cmd = conn.CreateCommand();
cmd.CommandText =
"SELECT granteetype, dbadmauth, createtabauth, "+
" bindaddauth, connectauth, nofenceauth, "+
" implschemaauth, loadauth "+
" FROM syscat.dbauth " +
" WHERE grantee = 'USER1'";
DB2DataReader reader = cmd.ExecuteReader();
reader.Read();
// Retrieve the authorities from the DB2DataReader
String granteetype = reader.GetString(0);
String dbadmauth = reader.GetString(1);
String createtabauth = reader.GetString(2);
String bindaddauth = reader.GetString(3);
String connectauth = reader.GetString(4);
String nofenceauth = reader.GetString(5);
String implschemaauth = reader.GetString(6);
String loadauth = reader.GetString(7);
reader.Close();
// Display the authorities
Console.WriteLine(
" Grantee Type = " + granteetype + "\n" +
" DBADM auth. = " + dbadmauth + "\n" +
" CREATETAB auth. = " + createtabauth + "\n" +
" BINDADD auth. = " + bindaddauth + "\n" +
" CONNECT auth. = " + connectauth + "\n" +
" NO_FENCE auth. = " + nofenceauth + "\n" +
" IMPL_SCHEMA auth. = " + implschemaauth + "\n" +
" LOAD auth. = " + loadauth);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
}
} // Display
// This method shows how to revoke user authorities on a database
public static void Revoke(DB2Connection conn, DB2Transaction trans)
{
Console.WriteLine();
Console.WriteLine(
" ----------------------------------------------------------\n" +
" USE THE SQL STATEMENTS:\n" +
" REVOKE (Database Authorities)\n" +
" COMMIT\n" +
" TO REVOKE AUTHORITIES AT DATABASE LEVEL.");
try
{
// Revoke authorities of 'user1'
Console.WriteLine();
Console.WriteLine(
" REVOKE CONNECT, CREATETAB, BINDADD\n" +
" ON DATABASE\n" +
" FROM USER user1");
DB2Command cmd = conn.CreateCommand();
cmd.CommandText = "REVOKE CONNECT, CREATETAB, BINDADD " +
" ON DATABASE " +
" FROM USER user1";
cmd.Transaction = trans;
cmd.ExecuteNonQuery();
// Commit the transaction
Console.WriteLine();
Console.WriteLine(" COMMIT");
trans.Commit();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
trans.Rollback();
}
} // Revoke
} // DbAuth