Fixed bug which threw an error when a pool is created with SYSDBA pri…

…vilege (Issue #1657)

README.md

@@ -1,12 +1,10 @@
-# node-oracledb version 6.5.1-dev
-
-**This release is under development and information may be incomplete**
+# node-oracledb version 6.5.1
 
 The node-oracledb add-on for Node.js powers high performance Oracle Database
 applications.  Applications can be written in TypeScript, or directly in
 JavaScript.
 
-Use node-oracledb 6.5.1-dev to connect Node.js 14.6, or later, to Oracle
+Use node-oracledb 6.5.1 to connect Node.js 14.6, or later, to Oracle
 Database.  Older versions of node-oracledb may work with older versions of
 Node.js.
 

doc/src/release_notes.rst

@@ -10,6 +10,11 @@ For deprecated and desupported features, see :ref:`Deprecations and desupported
 node-oracledb `v6.5.1 <https://github.com/oracle/node-oracledb/compare/v6.5.0...v6.5.1>`__ (TBD)
 -------------------------------------------------------------------------------------------------------
 
+Common Changes
+++++++++++++++
+
+#)  Test and documentation updates.
+
 Thin Mode Changes
 +++++++++++++++++
 #) Fixed issue which throws the `ORA-00932` error, when the same SELECT SQL
@@ -19,6 +24,18 @@ Thin Mode Changes
 #) Fixed exponent check condition for out-of-bounds number.
    See `Issue #1659 <https://github.com/oracle/node-oracledb/issues/1659>`__.
 
+#)  Fixed bug which threw an ``ORA-28009`` error when a pool is created with
+    SYSDBA privilege.
+    See `Issue #1657 <https://github.com/oracle/node-oracledb/issues/1657>`__.
+
+#)  Added internal code change to improve network packet handling.
+
+Thick Mode Changes
++++++++++++++++++++
+
+#)  Fixed bug that ignored the ``privilege`` parameter, when it was passed in
+    the ``pool.getConnection()`` call.
+
 node-oracledb `v6.5.0 <https://github.com/oracle/node-oracledb/compare/v6.4.0...v6.5.0>`__ (2 May 2024)
 -------------------------------------------------------------------------------------------------------
 
@@ -628,7 +645,6 @@ Thin Mode Changes
 
     - Improved network packet handling.
 
-
 node-oracledb `v6.0.0 <https://github.com/oracle/node-oracledb/compare/v5.5.0...v6.0.0>`__ (24 May 2023)
 --------------------------------------------------------------------------------------------------------
 
@@ -705,7 +721,6 @@ node-oracledb `v6.0.0 <https://github.com/oracle/node-oracledb/compare/v5.5.0...
 
 #)  Test and documentation improvements.
 
-
 node-oracledb `v5.5.0 <https://github.com/oracle/node-oracledb/compare/v5.4.0...v5.5.0>`__ (7 Sep 2022)
 -------------------------------------------------------------------------------------------------------
 

lib/oracledb.js

@@ -118,33 +118,6 @@ function _initializeThinDriver() {
   require('./thin');
 }
 
-//---------------------------------------------------------------------------
-// _isPrivilege()
-//
-// Returns a boolean indicating if the supplied value is a valid privilege.
-//---------------------------------------------------------------------------
-function _isPrivilege(value) {
-  // Privileges are mutually exclusive and cannot be specified together
-  // except SYSPRELIM, which cannot be specified alone, it is specified in a
-  // combo with SYSOPER or SYSDBA.  SYSPRELIM is used only for
-  // startup/shutdown
-
-  // If SYSPRELIM specified, clear the bit
-  if (value & constants.SYSPRELIM) {
-    value = value ^ constants.SYSPRELIM;
-  }
-
-  return (
-    value === constants.SYSASM ||
-    value === constants.SYSBACKUP ||
-    value === constants.SYSDBA ||
-    value === constants.SYSDG ||
-    value === constants.SYSKM ||
-    value === constants.SYSOPER ||
-    value === constants.SYSRAC
-  );
-}
-
 //-----------------------------------------------------------------------------
 // _verifyOptions()
 //
@@ -331,6 +304,13 @@ async function _verifyOptions(options, inCreatePool) {
     outOptions.connectionIdPrefix = options.connectionIdPrefix;
   }
 
+  // privilege must be one of a set of named constants
+  if (options.privilege !== undefined) {
+    errors.assertParamPropValue(nodbUtil.isPrivilege(options.privilege), 1,
+      "privilege");
+    outOptions.privilege = options.privilege;
+  }
+
   // check pool specific options
   if (inCreatePool) {
 
@@ -444,13 +424,6 @@ async function _verifyOptions(options, inCreatePool) {
       outOptions.newPassword = options.newPassword;
     }
 
-    // privilege must be one of a set of named constants
-    if (options.privilege !== undefined) {
-      errors.assertParamPropValue(_isPrivilege(options.privilege), 1,
-        "privilege");
-      outOptions.privilege = options.privilege;
-    }
-
     // shardingKey must be an array of values
     if (options.shardingKey !== undefined) {
       const value = options.shardingKey;

lib/pool.js

@@ -238,6 +238,13 @@ class Pool extends EventEmitter {
       outOptions.superShardingKey = options.superShardingKey;
     }
 
+    // privilege must be one of a set of named constants
+    if (options.privilege !== undefined) {
+      errors.assertParamPropValue(nodbUtil.isPrivilege(options.privilege), 1,
+        "privilege");
+      outOptions.privilege = options.privilege;
+    }
+
     return outOptions;
   }
 

lib/util.js

@@ -31,6 +31,7 @@ const errors = require('./errors.js');
 const process = require('process');
 const util = require('util');
 const types = require('./types.js');
+const constants = require('./constants.js');
 
 // node-oracledb version number
 let packageJSON;
@@ -224,6 +225,32 @@ function isObjectOrArray(value) {
   return (value !== null && typeof value === 'object') || Array.isArray(value);
 }
 
+//---------------------------------------------------------------------------
+// isPrivilege()
+//
+// Returns a boolean indicating if the supplied value is a valid privilege.
+//---------------------------------------------------------------------------
+function isPrivilege(value) {
+  // Privileges are mutually exclusive and cannot be specified together
+  // except SYSPRELIM, which cannot be specified alone, it is specified in a
+  // combo with SYSOPER or SYSDBA.  SYSPRELIM is used only for
+  // startup/shutdown
+
+  // If SYSPRELIM specified, clear the bit
+  if (value & constants.SYSPRELIM) {
+    value = value ^ constants.SYSPRELIM;
+  }
+  return (
+    value === constants.SYSASM ||
+    value === constants.SYSBACKUP ||
+    value === constants.SYSDBA ||
+    value === constants.SYSDG ||
+    value === constants.SYSKM ||
+    value === constants.SYSOPER ||
+    value === constants.SYSRAC
+  );
+}
+
 function isShardingKey(value) {
   if (!Array.isArray(value))
     return false;
@@ -369,6 +396,7 @@ module.exports = {
   isArrayOfStrings,
   isObject,
   isObjectOrArray,
+  isPrivilege,
   isShardingKey,
   isSodaDocument,
   isTokenExpired,

lib/version.js

@@ -32,5 +32,5 @@ module.exports = {
   VERSION_MAJOR: 6,
   VERSION_MINOR: 5,
   VERSION_PATCH: 1,
-  VERSION_SUFFIX: '-dev'
+  VERSION_SUFFIX: ''
 };

package.json

@@ -1,6 +1,6 @@
 {
   "name": "oracledb",
-  "version": "6.5.1-dev",
+  "version": "6.5.1",
   "description": "A Node.js module for Oracle Database access from JavaScript and TypeScript",
   "license": "(Apache-2.0 OR UPL-1.0)",
   "homepage": "http://oracle.github.io/node-oracledb/",

src/njsPool.c

@@ -352,6 +352,9 @@ NJS_NAPI_METHOD_IMPL_ASYNC(njsPool_getConnection, 1, NULL)
     if (!njsUtils_getNamedPropertyString(env, args[0], "connectionClass",
             &baton->connectionClass, &baton->connectionClassLength))
         return false;
+    if (!njsUtils_getNamedPropertyUnsignedInt(env, args[0], "privilege",
+            &baton->privilege))
+        return false;
     if (!njsUtils_getNamedPropertyString(env, args[0], "user", &baton->user,
             &baton->userLength))
         return false;
@@ -389,6 +392,8 @@ static bool njsPool_getConnectionAsync(njsBaton *baton)
     // populate connection creation parameters
     if (dpiContext_initConnCreateParams(baton->globals->context, &params) < 0)
         return njsBaton_setErrorDPI(baton);
+    if (baton->privilege)
+        params.authMode = (dpiAuthMode) baton->privilege;
     params.matchAnyTag = baton->matchAnyTag;
     params.connectionClass = baton->connectionClass;
     params.connectionClassLength = (uint32_t) baton->connectionClassLength;

test/connection.js

@@ -353,13 +353,12 @@ describe('1. connection.js', function() {
       );
     });
 
-    it('1.7.5 gets ignored when acquiring a connection from Pool', async function() {
+    it('1.7.5 Negative - throws error, when invalid privilege is provided for creating a Pool', async function() {
       const credential = {...dbConfig, privilege: null, poolMin: 1};
-
-      const pool = await oracledb.createPool(credential);
-      const conn = await pool.getConnection();
-      await conn.release();
-      await pool.close(0);
+      await assert.rejects(
+        async () => await oracledb.createPool(credential),
+        /NJS-007:/
+      );
     });
 
     it('1.7.6 negative test case SYSPRELIM & SYSASM', async function() {

test/list.txt

@@ -23,7 +23,7 @@ Overview of node-oracledb functional tests
         1.7.2 Negative - invalid type, a String
         1.7.3 Negative value - random constants
         1.7.4 Negative value - NaN
-        1.7.5 gets ignored when acquiring a connection from Pool
+        1.7.5 Negative - throws error, when invalid privilege is provided for creating a Pool
         1.7.6 negative test case SYSPRELIM & SYSASM
     1.8 Ping method
         1.8.1 ping() checks the connection is usable
@@ -110,6 +110,13 @@ Overview of node-oracledb functional tests
         2.16.5 events override to false
         2.16.6 externalAuth override to false
         2.16.7 externalAuth override to true
+    2.17 Check execute same/different query with new/released session from pool
+        2.17.1 same query execution from new and released session
+        2.17.2 different query execution from new and released session
+    2.18 pool stats
+        2.18.1 driver mode in pool stats
+    2.19 DBA and Non-DBA user login with SYSDBA privilege
+        2.19.1 DBA user with SYSDBA privilege
 
   3. examples.js
     3.1 connect.js

test/pool.js

@@ -1126,4 +1126,69 @@ describe('2. pool.js', function() {
     }); // 2.18.1
 
   }); // 2.18
+
+  describe('2.19 DBA and Non-DBA user login with SYSDBA privilege', function() {
+    it('2.19.1 DBA user with SYSDBA privilege', async function() {
+      if (!dbConfig.test.DBA_PRIVILEGE) this.skip();
+
+      // Connection pool configuration with non dba username and password
+      const nondbaConfig = {
+        user: dbConfig.user,
+        password: dbConfig.password,
+        connectString: dbConfig.connectString,
+        privilege: oracledb.SYSDBA,
+        poolMin: 2,      // Minimum number of connections in the pool
+        poolMax: 10,     // Maximum number of connections in the pool
+        poolIncrement: 2 // Number of connections to add when needed
+      };
+
+      // Create connection pool non-dba user and password
+      const poolNormal = await oracledb.createPool(nondbaConfig);
+      assert.strictEqual(poolNormal.connectionsInUse, 0);
+      await poolNormal.close(0);
+
+      // Connection pool configuration with DBA user and password
+      let username = "", password = "", poolMin, poolIncr;
+      let priv, connConfig = {};
+      if (oracledb.thin) {
+        username = dbConfig.test.DBA_user;
+        password = dbConfig.test.DBA_password;
+        poolMin = 2;
+        poolIncr = 2;
+        priv = oracledb.SYSDBA;
+      }
+      const dbaConfig = {
+        user: username,
+        password: password,
+        connectString: dbConfig.connectString,
+        privilege: priv,
+        poolMin: poolMin,        // Minimum number of connections in the pool
+        poolMax: 10,             // Maximum number of connections in the pool
+        poolIncrement: poolIncr  // Number of connections to add when needed
+      };
+      if (!oracledb.thin) {
+        dbaConfig.homogeneous = false;
+        connConfig = {
+          privilege: oracledb.SYSDBA,
+          user: dbConfig.test.DBA_user,
+          password: dbConfig.test.DBA_password
+        };
+      }
+      const pool = await oracledb.createPool(dbaConfig);
+
+      // Get a connection from the pool
+      const connection = await pool.getConnection(connConfig);
+      assert.strictEqual(pool.connectionsInUse, 1);
+
+      connConfig.privilege = 100; // invalid value.
+      await assert.rejects(
+        async () => await pool.getConnection(connConfig),
+        /NJS-007: invalid value for "privilege" in parameter 1/
+      );
+
+      // Release the connection back to the pool
+      await connection.close();
+      await pool.close(0);
+    }); // 2.19.1
+  }); // 2.19
 });