Re: [gnome-db] read-only connections

[Vivien Malerba <malerba gnome-db org>]

On Fri, Jan 10, 2003 at 02:36:19AM +0100, Rodrigo Moya wrote:
> Hi
> 
> There is a feature that we need to have, which is the ability to open
> read-only connections. This is needed for things such as the
> Gnumeric/Abiword plugins, which could be a big security hole.
> 
> So, I've added the needed stuff to the library to allow this, and the
> only thing missing is the implementation of this in the providers. This
> just involves the *_transaction methods and execute_command. For the
> xaction methods, it's as easy as:
> 
> 	if (gda_connection_get_options (cnc) &
> GDA_CONNECTION_OPTIONS_READ_ONLY) {
> 		gda_connection_add_error_string (cnc, _("Transactions are not
> supported in read-only mode"));
> 		return FALSE;
> 	}
> 
> before any other code.
> 
> For the execute_command, things are more complicated, since you'll have
> to check which command it is and determine if it can be executed or not.
> For MySQL, I've done an ugly implementation (in
> gda-mysql-provider.c|process_sql_commands):
> 
> 	/* if the connection is in read-only mode, just allow SELECT,
> 	   SHOW commands */
> 	if (options & GDA_CONNECTION_OPTIONS_READ_ONLY) {
> 		gchar *s;
> 		/* FIXME: maybe there's a better way of doing this? */
> 		s = g_strstrip (g_strdup (arr[n]));
> 		if (g_ascii_strncasecmp (s, "select", strlen ("select")) &&
> 		    g_ascii_strncasecmp (s, "show", strlen ("show"))) {
> 			gda_connection_add_error_string (
> 				cnc, "Command '%s' cannot be executed in read-only mode", arr[n]);
> 			break;
> 		}
> 
> 		g_free (s);
> 	}
> 
> it's ugly but works.
> 
> So, please, could people working on providers come up to some solution
> for their providers for this? It would be really nice to have it in all
> providers for the next release (0.10).

I'll do it for the Postgres provider ASAP.

Vivien