MySQL 8.0.39
Source Code Documentation
|
#include <partial_revokes.h>
Protected Member Functions | |
DB_restrictions_aggregator_global_revoke (const Auth_id &grantor, const Auth_id grantee, const Access_bitmask grantor_global_access, const Access_bitmask grantee_global_access, const DB_restrictions &grantor_restrictions, const DB_restrictions &grantee_restrictions, const Access_bitmask requested_access, const Security_context *sctx) | |
DB_restrictions_aggregator_global_revoke constructor. More... | |
Status | validate_if_grantee_rl_not_empty () |
If grantee restrictions_list is not empty then check the following. More... | |
Protected Member Functions inherited from DB_restrictions_aggregator | |
DB_restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const Access_bitmask grantor_global_access, const Access_bitmask grantee_global_access, const DB_restrictions &grantor_restrictions, const DB_restrictions &grantee_restrictions, const Access_bitmask requested_access, const Security_context *sctx) | |
Constructor for database level restrictions aggregator. More... | |
bool | find_if_require_next_level_operation (Access_bitmask &rights) const override |
Get list of privileges that are not restricted through restriction list. More... | |
bool | check_db_access_and_restrictions_collision (const Access_bitmask grantee_db_access, const Access_bitmask grantee_restrictions, const std::string &db_name) noexcept |
Check possible descrepancy between DB access being granted and existing restrictions. More... | |
void | set_if_db_level_operation (const Access_bitmask requested_access, const Access_bitmask restrictions_mask) noexcept |
Set privileges that needs to be processed further. More... | |
void | aggregate_restrictions (SQL_OP sql_op, const Db_access_map *m_db_map, DB_restrictions &restrictions) |
A helper method that aggregates the restrictions for global_grant and set_role operations since both are similar in nature. More... | |
Access_bitmask | get_grantee_db_access (const std::string &db_name) const |
Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More... | |
void | get_grantee_db_access (const std::string &db_name, Access_bitmask &access) const |
Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More... | |
Protected Member Functions inherited from Restrictions_aggregator | |
Restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const Access_bitmask grantor_global_access, const Access_bitmask grantee_global_access, const Access_bitmask requested_access) | |
Constructor. More... | |
Restrictions_aggregator (const Restrictions_aggregator &)=delete | |
Restrictions_aggregator & | operator= (const Restrictions_aggregator &)=delete |
Restrictions_aggregator (const Restrictions_aggregator &&)=delete | |
Restrictions_aggregator & | operator= (const Restrictions_aggregator &&)=delete |
Private Member Functions | |
Status | validate () override |
Evaluates the restrictions list of grantor and grantee, as well as requested privilege. More... | |
void | aggregate (DB_restrictions &restrictions) override |
Friends | |
class | Restrictions_aggregator_factory |
Additional Inherited Members | |
Public Member Functions inherited from DB_restrictions_aggregator | |
bool | generate (Abstract_restrictions &restrictions) override |
Driver function to aggregate restriction lists. More... | |
Public Member Functions inherited from Restrictions_aggregator | |
virtual | ~Restrictions_aggregator () |
Destructor. More... | |
Protected Types inherited from DB_restrictions_aggregator | |
enum class | SQL_OP { SET_ROLE , GLOBAL_GRANT } |
using | Status = Restrictions_aggregator::Status |
Protected Types inherited from Restrictions_aggregator | |
enum class | Status { Error , Warning , Validated , Aggregated , No_op } |
Protected Attributes inherited from DB_restrictions_aggregator | |
Access_bitmask | m_privs_not_processed = 0 |
Privileges that needs to be checked further through DB grants. More... | |
DB_restrictions | m_grantor_rl |
Database restrictions for grantor. More... | |
DB_restrictions | m_grantee_rl |
Database restrictions for grantee. More... | |
const Security_context * | m_sctx |
Security context of the current user. More... | |
Protected Attributes inherited from Restrictions_aggregator | |
const Auth_id | m_grantor |
Grantor information. More... | |
const Auth_id | m_grantee |
Grantee information. More... | |
const Access_bitmask | m_grantor_global_access |
Global static privileges of grantor. More... | |
const Access_bitmask | m_grantee_global_access |
Global static privileges of grantee. More... | |
const Access_bitmask | m_requested_access |
Privileges that are being granted or revoked. More... | |
Status | m_status |
Internal status of aggregation process. More... | |
|
protected |
DB_restrictions_aggregator_global_revoke constructor.
[in] | grantor | Grantor's user name and host info |
[in] | grantee | Grantee's user name and host info |
[in] | grantor_global_access | Current privileges mask of grantor |
[in] | grantee_global_access | Current privileges mask of grantee |
[in] | grantor_db_restrictions | DB_restrictions of grantor |
[in] | grantee_db_restrictions | DB_restrictions of grantee |
[in] | requested_access | Requested privileges mask in the SQL statement |
[in] | sctx | Security_context of current user. Default value is nullptr |
|
overrideprivatevirtual |
[out] | restrictions | Fills the parater with the aggregated DB_restrictions |
Implements DB_restrictions_aggregator.
Reimplemented in DB_restrictions_aggregator_global_revoke_all.
|
overrideprivatevirtual |
Evaluates the restrictions list of grantor and grantee, as well as requested privilege.
Implements DB_restrictions_aggregator.
Reimplemented in DB_restrictions_aggregator_global_revoke_all.
|
protected |
If grantee restrictions_list is not empty then check the following.
|
friend |