MySQL 8.0.39
Source Code Documentation
|
#include "sql/auth/acl_table_user.h"
#include <stdlib.h>
#include <string.h>
#include <algorithm>
#include <map>
#include "field_types.h"
#include "lex_string.h"
#include "m_ctype.h"
#include "m_string.h"
#include "my_base.h"
#include "my_dbug.h"
#include "my_inttypes.h"
#include "my_loglevel.h"
#include "my_sqlcommand.h"
#include "my_sys.h"
#include "mysql/components/services/bits/psi_bits.h"
#include "mysql/components/services/log_builtins.h"
#include "mysql/plugin.h"
#include "mysql/plugin_auth.h"
#include "mysql_time.h"
#include "mysqld_error.h"
#include "prealloced_array.h"
#include "sql/auth/auth_acls.h"
#include "sql/auth/auth_common.h"
#include "sql/auth/auth_internal.h"
#include "sql/auth/partial_revokes.h"
#include "sql/auth/sql_auth_cache.h"
#include "sql/auth/sql_authentication.h"
#include "sql/auth/sql_user_table.h"
#include "sql/auth/user_table.h"
#include "sql/field.h"
#include "sql/handler.h"
#include "sql/item_func.h"
#include "sql/iterators/row_iterator.h"
#include "sql/key.h"
#include "sql/mysqld.h"
#include "sql/sql_class.h"
#include "sql/sql_const.h"
#include "sql/sql_executor.h"
#include "sql/sql_lex.h"
#include "sql/sql_plugin.h"
#include "sql/sql_plugin_ref.h"
#include "sql/sql_time.h"
#include "sql/sql_update.h"
#include "sql/system_variables.h"
#include "sql/table.h"
#include "sql/tztime.h"
#include "sql_string.h"
#include "template_utils.h"
#include "typelib.h"
#include "violite.h"
Namespaces | |
namespace | consts |
namespace | acl_table |
namespace | acl_table::anonymous_namespace{acl_table_user.cc} |
Macros | |
#define | INVALID_DATE "0000-00-00 00:00:00" |
Functions | |
const std::string | consts::empty_string ("") |
Empty string. More... | |
const std::string | consts::additional_password ("additional_password") |
For secondary password. More... | |
const std::string | consts::Restrictions ("Restrictions") |
For partial revokes. More... | |
const std::string | consts::Password_locking ("Password_locking") |
for password locking More... | |
const std::string | consts::failed_login_attempts ("failed_login_attempts") |
underkeys of password locking More... | |
const std::string | consts::password_lock_time_days ("password_lock_time_days") |
underkeys of password locking More... | |
const std::string | consts::json_metadata_tag ("metadata") |
metadata tag More... | |
const std::string | consts::json_comment_tag ("comment") |
comment tag More... | |
const std::string | consts::json_multi_factor_authentication ("multi_factor_authentication") |
multi factor authentication methods More... | |
static bool | replace_user_metadata (const std::string &json_blob, bool expect_text, TABLE *user_table) |
Replace or merge the user attributes of a given user. More... | |
bool | acl_table::anonymous_namespace{acl_table_user.cc}::parse_user_attributes (TABLE *table, User_table_schema *table_schema, Acl_user_attributes &user_attributes) |
Helper function to parse mysql.user.user_attributes column. More... | |
int | replace_user_table (THD *thd, TABLE *table, LEX_USER *combo, Access_bitmask rights, bool revoke_grant, bool can_create_user, acl_table::Pod_user_what_to_update &what_to_update, Restrictions *restrictions, I_multi_factor_auth *mfa) |
Search and create/update a record for the user requested. More... | |
bool | read_user_table (THD *thd, TABLE *table) |
Read data from user table and fill in-memory caches. More... | |
void | double_the_backslash (String *str) |
Helper function which heals with how JSON quoting rules change depending on the NO_BACKSLAH_ESCAPES sql mode. More... | |
bool | read_user_application_user_metadata_from_table (const LEX_CSTRING user, const LEX_CSTRING host, String *metadata_str, TABLE *table, bool mode_no_backslash_escapes) |
Helper function for recreating the CREATE USER statement when an SHOW CREATE USER statement is issued. More... | |
Variables | |
const my_timeval | consts::BEGIN_TIMESTAMP = {0, 0} |
Initial timestamp. More... | |
const int | consts::CRITICAL_ERROR = -1 |
Error indicating table operation error. More... | |
static std::map< const User_attribute_type, const std::string > | acl_table::attribute_type_to_str |
Keys used in mysql.user.user_attributes. More... | |
#define INVALID_DATE "0000-00-00 00:00:00" |
void double_the_backslash | ( | String * | str | ) |
Helper function which heals with how JSON quoting rules change depending on the NO_BACKSLAH_ESCAPES sql mode.
str | The string which needs quoting |
bool read_user_application_user_metadata_from_table | ( | const LEX_CSTRING | user, |
const LEX_CSTRING | host, | ||
String * | metadata_str, | ||
TABLE * | table, | ||
bool | mode_no_backslash_escapes | ||
) |
Helper function for recreating the CREATE USER statement when an SHOW CREATE USER statement is issued.
user | The user name from which to read the metadata | |
host | The host name part of the user from which to read the metadata | |
[out] | metadata_str | A buffer of text which will contain the CREATE USER .. ATTRIBUTE data. If the JSON object is null the metadata_str will be empty. |
table | An open TABLE handle to the mysql.user table. | |
mode_no_backslash_escapes | The SQL_MODE determines how JSON is quoted |
false | Success |
true | An error occurred and DA was set. |
Read data from user table and fill in-memory caches.
[in] | thd | THD handle |
[in] | table | mysql.user table handle |
true | Error reading data. Don't trust it. |
false | All well. |
|
static |
Replace or merge the user attributes of a given user.
This function is called from Acl_table_user_writer::driver() but initialized in replace_user_table through a lambda expression. It's assumed that the user table has been opened and the matching row for the target user is in record[0]
json_blob | Either a plain text comment or a JSON object depending on |
expect_text | if expect_text is true then json_blob is plain text |
user_table | A cursor to the open mysql.user table. |
false | success |
true | failure |
int replace_user_table | ( | THD * | thd, |
TABLE * | table, | ||
LEX_USER * | combo, | ||
Access_bitmask | rights, | ||
bool | revoke_grant, | ||
bool | can_create_user, | ||
acl_table::Pod_user_what_to_update & | what_to_update, | ||
Restrictions * | restrictions, | ||
I_multi_factor_auth * | mfa | ||
) |
Search and create/update a record for the user requested.
[in] | thd | The current thread. |
[in] | table | Pointer to a TABLE object of mysql.user table |
[in] | combo | User information |
[in] | rights | Rights requested |
[in] | revoke_grant | Set to true if a REVOKE command is executed |
[in] | can_create_user | Set true if it's allowed to create user |
[in] | what_to_update | Bitmap indicating which attributes need to be updated. |
[in] | restrictions | Restrictions handle if there is any |
[in] | mfa | Interface pointer to Multi factor authentication methods |
0 | OK. |
< | 0 System error or storage engine error happen |
> | 0 Error in handling current user entry but still can continue processing subsequent user specified in the ACL statement. |