MySQL 8.0.39
Source Code Documentation
mysql_security_context_imp Class Reference

An implementation of security_context service methods. More...

#include <security_context_imp.h>

Static Public Member Functions

static mysql_service_status_t get (void *_thd, Security_context_handle *out_ctx) noexcept
 Gets the security context for the thread. More...
 
static mysql_service_status_t set (void *_thd, Security_context_handle in_ctx) noexcept
 Sets a new security context for the thread. More...
 
static mysql_service_status_t create (Security_context_handle *out_ctx) noexcept
 Creates a new security context and initializes it with the defaults (no access, no user etc). More...
 
static mysql_service_status_t destroy (Security_context_handle ctx) noexcept
 Deallocates a security context. More...
 
static mysql_service_status_t copy (Security_context_handle in_ctx, Security_context_handle *out_ctx) noexcept
 Duplicates a security context. More...
 
static mysql_service_status_t lookup (Security_context_handle ctx, const char *user, const char *host, const char *ip, const char *db) noexcept
 Looks up in the defined user accounts. More...
 
static mysql_service_status_t get (Security_context_handle ctx, const char *name, void *inout_pvalue) noexcept
 Reads a named security context attribute and returns its value. More...
 
static mysql_service_status_t set (Security_context_handle ctx, const char *name, void *pvalue) noexcept
 Sets a value for a named security context attribute. More...
 

Detailed Description

An implementation of security_context service methods.

Member Function Documentation

◆ copy()

mysql_service_status_t mysql_security_context_imp::copy ( Security_context_handle  in_ctx,
Security_context_handle out_ctx 
)
staticnoexcept

Duplicates a security context.

See also
mysql_security_context_factory::copy()
Parameters
[in]in_ctxThe handle of the security context to copy
[out]out_ctxplaceholder for the handle of the copied security context
Return values
truefailure
falsesuccess

◆ create()

mysql_service_status_t mysql_security_context_imp::create ( Security_context_handle out_ctx)
staticnoexcept

Creates a new security context and initializes it with the defaults (no access, no user etc).

See also
mysql_security_context_factory::create()
Parameters
[out]out_ctxplaceholder for the newly created security context handle
Return values
truefailure
falsesuccess

◆ destroy()

mysql_service_status_t mysql_security_context_imp::destroy ( Security_context_handle  ctx)
staticnoexcept

Deallocates a security context.

See also
mysql_security_context_factory::destroy()
Parameters
[in]ctxThe handle of the security context to destroy
Return values
truefailure
falsesuccess

◆ get() [1/2]

mysql_service_status_t mysql_security_context_imp::get ( Security_context_handle  ctx_h,
const char *  name,
void *  inout_pvalue 
)
staticnoexcept

Reads a named security context attribute and returns its value.

See also
mysql_security_context_options::get()

Currently defined names are:

  • user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
  • host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
  • ip MYSQL_LEX_CSTRING * login client ip
  • host_or_ip MYSQL_LEX_CSTRING * host, if present, ip if not.
  • priv_user MYSQL_LEX_CSTRING * authenticated user (a.k.a. the user's part of CURRENT_USER())
  • priv_host MYSQL_LEX_CSTRING * authenticated host (a.k.a. the host's part of CURRENT_USER())
  • proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
  • privilege_super DECLARE_BOOL_METHOD * 1 if the user account has supper privilege, 0 otherwise
  • privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has execute privilege, 0 otherwise
Parameters
[in]ctx_hThe handle of the security context to read from
[in]nameThe option name to read
[out]inout_pvalueThe value of the option. Type depends on the name.
Return values
truefailure
falsesuccess

◆ get() [2/2]

mysql_service_status_t mysql_security_context_imp::get ( void *  _thd,
Security_context_handle out_ctx 
)
staticnoexcept

Gets the security context for the thread.

See also
mysql_thd_security_context::get()
Parameters
[in]_thdThe thread to get the context from
[out]out_ctxplaceholder for the security context handle
Return values
truefailure
falsesuccess

◆ lookup()

mysql_service_status_t mysql_security_context_imp::lookup ( Security_context_handle  ctx,
const char *  user,
const char *  host,
const char *  ip,
const char *  db 
)
staticnoexcept

Looks up in the defined user accounts.

Looks up in the defined user accounts an account based on the user@host[ip] combo supplied and checks if the user has access to the database requested.

See also
mysql_account_database_security_context_lookup::lookup()

The lookup is done in exactly the same way as at login time. The new security context need to checkout additional privileges using the checkout_acl method.

Parameters
[in]ctxThe handle of the security context to update
[in]userThe user name to look up, the name has to be in utf8 charset
[in]hostThe host name to look up, the name has to be in utf8 charset
[in]ipThe ip of the incoming connection
[in]dbThe database to check access to
Return values
truefailure
falsesuccess

◆ set() [1/2]

mysql_service_status_t mysql_security_context_imp::set ( Security_context_handle  ctx_h,
const char *  name,
void *  pvalue 
)
staticnoexcept

Sets a value for a named security context attribute.

Sets a value for a named security context attribute Currently defined names are:

See also
mysql_security_context_options::set()
  • user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
  • host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
  • ip MYSQL_LEX_CSTRING * login client ip
  • priv_user MYSQL_LEX_CSTRING * authenticated user (a.k.a. the user's part of CURRENT_USER())
  • priv_host MYSQL_LEX_CSTRING * authenticated host (a.k.a. the host's part of CURRENT_USER())
  • proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
  • privilege_super DECLARE_BOOL_METHOD * 1 if the user account has supper privilege, 0 otherwise
  • privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has execute privilege, 0 otherwise
Parameters
[in]ctx_hThe handle of the security context to set into
[in]nameThe option name to set
[in]pvalueThe value of the option. Type depends on the name.
Return values
truefailure
falsesuccess

◆ set() [2/2]

mysql_service_status_t mysql_security_context_imp::set ( void *  _thd,
Security_context_handle  in_ctx 
)
staticnoexcept

Sets a new security context for the thread.

See also
mysql_thd_security_context::set()
Parameters
[in]_thdThe thread to set the context to
[in]in_ctxThe handle of the new security context
Return values
truefailure
falsesuccess

The documentation for this class was generated from the following files: