24#ifndef ACL_TABLE_USER_INCLUDED
25#define ACL_TABLE_USER_INCLUDED
94 Auth_id &auth_id, ulong global_privs);
209 std::pair<Table_op_error_code, struct timeval>;
244 bool revoke_grant,
bool can_create_user,
297 bool read_row(
bool &is_old_db_layout,
bool &super_users_with_empty_plugin);
308 bool &is_old_db_layout);
Definition: sql_auth_cache.h:246
Storage container for default auth ids.
Definition: auth_common.h:1065
DB Restrictions representation in memory.
Definition: partial_revokes.h:82
An interface to access information about Multi factor authentication methods.
Definition: sql_mfa.h:45
Represents a JSON container value of type "object" (ECMA), type J_OBJECT here.
Definition: json_dom.h:373
Container of all restrictions for a given user.
Definition: partial_revokes.h:155
A context for reading through a single table using a chosen access method: index read,...
Definition: row_iterator.h:82
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:34
Definition: auth_common.h:374
mysql.user table reader.
Definition: acl_table_user.h:291
void read_password_last_changed(ACL_USER &user)
Get password change time.
Definition: acl_table_user.cc:1772
Restrictions * m_restrictions
Definition: acl_table_user.h:323
void read_password_reuse_time_fields(ACL_USER &user)
Get password reuse time restriction.
Definition: acl_table_user.cc:1839
void read_user_resources(ACL_USER &user)
Read user resource restrictions.
Definition: acl_table_user.cc:1588
void add_row_to_acl_users(ACL_USER &user)
Add a recently read row in acl_users.
Definition: acl_table_user.cc:1956
bool setup_table(bool &is_old_db_layout)
Make table ready to read.
Definition: acl_table_user.cc:1381
bool read_row(bool &is_old_db_layout, bool &super_users_with_empty_plugin)
Read a row from mysql.user table and add it to in-memory structure.
Definition: acl_table_user.cc:2009
bool read_plugin_info(ACL_USER &user, bool &super_users_with_empty_plugin, bool &is_old_db_layout)
Read plugin information.
Definition: acl_table_user.cc:1628
void read_privileges(ACL_USER &user)
Get global privilege information.
Definition: acl_table_user.cc:1481
void read_password_require_current(ACL_USER &user)
Get information about requiring current password while changing password.
Definition: acl_table_user.cc:1859
bool driver()
Driver function for mysql.user reader.
Definition: acl_table_user.cc:2050
void read_password_locked(ACL_USER &user)
Determine if user account is locked.
Definition: acl_table_user.cc:1756
bool read_user_attributes(ACL_USER &user)
Read user attributes.
Definition: acl_table_user.cc:1883
MEM_ROOT m_mem_root
Definition: acl_table_user.h:322
void reset_acl_user(ACL_USER &user)
Scrub ACL_USER.
Definition: acl_table_user.cc:1407
void read_ssl_fields(ACL_USER &user)
Read SSL restrictions.
Definition: acl_table_user.cc:1558
bool read_password_expiry(ACL_USER &user, bool &password_expired)
Read password expiry field.
Definition: acl_table_user.cc:1731
User_table_schema * m_table_schema
Definition: acl_table_user.h:320
bool read_authentication_string(ACL_USER &user)
Read authentication string for the account.
Definition: acl_table_user.cc:1456
Acl_table_user_reader(THD *thd, TABLE *table)
mysql.user table reader constructor.
Definition: acl_table_user.cc:1344
void read_account_name(ACL_USER &user)
Get user and host information for the account.
Definition: acl_table_user.cc:1432
Acl_table_op_status finish_operation(Table_op_error_code &error) override
Finish mysql.user table read operation.
Definition: acl_table_user.cc:1363
~Acl_table_user_reader() override
Free resources before we destroy.
Definition: acl_table_user.cc:1351
Json_object * m_user_application_user_metadata_json
Definition: acl_table_user.h:324
void read_password_lifetime(ACL_USER &user)
Get password expiry policy infomration.
Definition: acl_table_user.cc:1800
void read_password_history_fields(ACL_USER &user)
Get password history restriction.
Definition: acl_table_user.cc:1818
unique_ptr_destroy_only< RowIterator > m_iterator
Definition: acl_table_user.h:321
mysql.user table writer.
Definition: acl_table_user.h:215
std::string second_cred
Definition: acl_table_user.h:235
Restrictions restrictions
Definition: acl_table_user.h:236
ulong updated_rights
Definition: acl_table_user.h:232
my_timeval password_change_timestamp
Definition: acl_table_user.h:234
Password_lock password_lock
Definition: acl_table_user.h:237
Acl_table_user_writer_status(bool skip, ulong rights, Table_op_error_code err, my_timeval pwd_timestamp, std::string cred, Password_lock &password_lock, I_multi_factor_auth *multi_factor)
Definition: acl_table_user.h:218
Table_op_error_code error
Definition: acl_table_user.h:233
I_multi_factor_auth * multi_factor
Definition: acl_table_user.h:238
Acl_table_user_writer_status()
Definition: acl_table_user.cc:437
bool skip_cache_update
Definition: acl_table_user.h:231
Definition: acl_table_user.h:241
std::function< bool(TABLE *table)> m_user_application_user_metadata
Definition: acl_table_user.h:283
bool update_password_reuse()
Password reuse time updates.
Definition: acl_table_user.cc:1115
bool write_user_attributes_column(const Acl_user_attributes &user_attributes)
Helper function to write updated user_attributes in the column.
Definition: acl_table_user.cc:1280
bool update_privileges(Acl_table_user_writer_status &return_value)
Update global privileges for user.
Definition: acl_table_user.cc:855
Acl_table_user_writer(THD *thd, TABLE *table, LEX_USER *combo, ulong rights, bool revoke_grant, bool can_create_user, Pod_user_what_to_update what_to_update, Restrictions *restrictions, I_multi_factor_auth *mfa)
mysql.user table writer constructor
Definition: acl_table_user.cc:463
I_multi_factor_auth * m_mfa
Definition: acl_table_user.h:282
bool update_user_attributes(std::string ¤t_password, Acl_table_user_writer_status &return_value)
User_attributes updates.
Definition: acl_table_user.cc:1184
LEX_USER * m_combo
Definition: acl_table_user.h:275
bool update_password_expiry()
Update password expiration info.
Definition: acl_table_user.cc:1011
Acl_table_op_status finish_operation(Table_op_error_code &error) override
Finish the operation.
Definition: acl_table_user.cc:725
bool m_revoke_grant
Definition: acl_table_user.h:277
User_table_schema * m_table_schema
Definition: acl_table_user.h:280
bool update_password_history()
Password history updates.
Definition: acl_table_user.cc:1084
bool update_ssl_properties()
Update SSL properties.
Definition: acl_table_user.cc:902
Pod_user_what_to_update m_what_to_update
Definition: acl_table_user.h:279
~Acl_table_user_writer() override
Cleanup.
Definition: acl_table_user.cc:484
bool update_authentication_info(Acl_table_user_writer_status &return_value)
Update user's authentication information.
Definition: acl_table_user.cc:791
bool update_password_require_current()
Whether current password is required to update existing one.
Definition: acl_table_user.cc:1144
Acl_table_user_writer_status driver()
Perform add/update to mysql.user table.
Definition: acl_table_user.cc:494
bool update_user_application_user_metadata()
Helper function for updating the user metadata JSON.
Definition: acl_table_user.cc:1272
std::string get_current_credentials()
Get current password from mysql.user.authentication_string.
Definition: acl_table_user.cc:1329
bool m_can_create_user
Definition: acl_table_user.h:278
ulong m_rights
Definition: acl_table_user.h:276
ulong get_user_privileges()
Helper function to get global privileges from mysql.user table.
Definition: acl_table_user.cc:1303
bool update_account_locking()
Update account locking info.
Definition: acl_table_user.cc:1052
void replace_user_application_user_metadata(std::function< bool(TABLE *table)> const &update)
Send the function for updating the user metadata JSON code to the table processor.
Definition: acl_table_user.cc:1263
bool m_has_user_application_user_metadata
Definition: acl_table_user.h:274
Restrictions * m_restrictions
Definition: acl_table_user.h:281
bool setup_table(int &error, bool &builtin_password)
Position user table.
Definition: acl_table_user.cc:579
bool update_user_resources()
Update user resource restrictions.
Definition: acl_table_user.cc:979
Base class to handle ACL table manipulation.
Definition: acl_table_base.h:44
Class to handle information stored in mysql.user.user_attributes.
Definition: acl_table_user.h:88
bool deserialize_password_lock(const Json_object &json_object)
Definition: acl_table_user.cc:239
bool deserialize(const Json_object &json_object)
Obtain info from JSON representation of user attributes.
Definition: acl_table_user.cc:285
bool serialize(Json_object &json_object) const
Create JSON object from user attributes.
Definition: acl_table_user.cc:320
Password_lock m_password_lock
password locking
Definition: acl_table_user.h:200
void update_restrictions(const Restrictions &restricitions)
Definition: acl_table_user.cc:399
void set_mfa(I_multi_factor_auth *mfa)
Definition: acl_table_user.h:169
Auth_id m_auth_id
Auth ID.
Definition: acl_table_user.h:192
bool consume_user_attributes_json(Json_dom_ptr json)
Take over ownership of the json pointer.
Definition: acl_table_user.cc:159
bool update_additional_password(std::string &credential)
Update second password for user.
Definition: acl_table_user.cc:378
I_multi_factor_auth * m_mfa
multi factor auth info
Definition: acl_table_user.h:202
Json_dom_ptr m_user_attributes_json
Save the original json object.
Definition: acl_table_user.h:204
void set_password_lock(Password_lock password_lock)
Definition: acl_table_user.h:164
void report_and_remove_invalid_db_restrictions(DB_restrictions &db_restrictions, ulong mask, enum loglevel level, ulonglong errcode)
Definition: acl_table_user.cc:178
ulong m_global_privs
Global static privileges.
Definition: acl_table_user.h:198
MEM_ROOT * m_mem_root
Mem root.
Definition: acl_table_user.h:188
auto get_failed_login_attempts() const
Definition: acl_table_user.h:157
Restrictions m_restrictions
Restrictions_list on certain databases for user.
Definition: acl_table_user.h:196
Restrictions get_restrictions() const
Get the restriction list for the user.
Definition: acl_table_user.cc:395
const std::string get_additional_password() const
Get second password.
Definition: acl_table_user.cc:391
auto get_password_lock_time_days() const
Definition: acl_table_user.h:160
~Acl_user_attributes()
Definition: acl_table_user.cc:157
bool m_read_restrictions
Operation for restrictions.
Definition: acl_table_user.h:190
Acl_user_attributes(MEM_ROOT *mem_root, bool read_restrictions, Auth_id &auth_id, ulong global_privs)
Default constructor.
Definition: acl_table_user.cc:134
auto get_password_lock() const
Definition: acl_table_user.h:163
std::string m_additional_password
Second password for user.
Definition: acl_table_user.h:194
bool deserialize_multi_factor(const Json_object &json_object)
Definition: acl_table_user.cc:216
void discard_additional_password()
Discard second password.
Definition: acl_table_user.cc:387
I_multi_factor_auth * get_mfa()
Definition: acl_table_user.h:168
Definition: user_table.h:47
static MEM_ROOT mem_root
Definition: client_plugin.cc:110
std::unique_ptr< Json_dom > Json_dom_ptr
Definition: json_dom.h:65
static mi_bit_type mask[]
Definition: mi_packrec.cc:141
This file follows Google coding style, except for the name MEM_ROOT (which is kept for historical rea...
std::unique_ptr< T, Destroy_only< T > > unique_ptr_destroy_only
std::unique_ptr, but only destroying.
Definition: my_alloc.h:489
unsigned long long int ulonglong
Definition: my_inttypes.h:56
loglevel
Definition: my_loglevel.h:41
static uint update
Definition: myisamlog.cc:91
char * user
Definition: mysqladmin.cc:60
Definition: acl_table_base.h:33
int Table_op_error_code
Definition: acl_table_base.h:35
Acl_table_op_status
Definition: acl_table_base.h:37
User_attribute_type
Definition: acl_table_user.h:54
@ MULTI_FACTOR_AUTHENTICATION_DATA
std::pair< Table_op_error_code, struct timeval > acl_table_user_writer_status
Definition: acl_table_user.h:209
static Value err()
Create a Value object that represents an error condition.
Definition: json_binary.cc:910
static size_t skip(size_t pos_start, size_t match_len)
Definition: uri.cc:82
constexpr const size_t ACL_ALLOC_BLOCK_SIZE
Definition: sql_const.h:148
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:83
Definition: acl_table_user.h:63
int password_lock_time_days
read from the user config.
Definition: acl_table_user.h:67
Password_lock()
Definition: acl_table_user.cc:2074
Password_lock & operator=(const Password_lock &other)
Definition: acl_table_user.cc:2077
uint failed_login_attempts
read from the user config.
Definition: acl_table_user.h:72
Replacement of system's struct timeval to ensure we can carry 64 bit values even on a platform which ...
Definition: my_time_t.h:45
Include file for Sun RPC to compile out of the box.
unsigned int uint
Definition: uca9-dump.cc:75
#define PSI_NOT_INSTRUMENTED
Definition: validate_password_imp.cc:42