24#ifndef ACL_TABLE_USER_INCLUDED
25#define ACL_TABLE_USER_INCLUDED
209 std::pair<Table_op_error_code, struct timeval>;
246 bool can_create_user,
299 bool read_row(
bool &is_old_db_layout,
bool &super_users_with_empty_plugin);
310 bool &is_old_db_layout);
uint32_t Access_bitmask
Definition: auth_acls.h:34
Definition: sql_auth_cache.h:247
Storage container for default auth ids.
Definition: auth_common.h:1073
DB Restrictions representation in memory.
Definition: partial_revokes.h:82
An interface to access information about Multi factor authentication methods.
Definition: sql_mfa.h:45
Represents a JSON container value of type "object" (ECMA), type J_OBJECT here.
Definition: json_dom.h:373
Container of all restrictions for a given user.
Definition: partial_revokes.h:155
A context for reading through a single table using a chosen access method: index read,...
Definition: row_iterator.h:82
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:34
Definition: auth_common.h:376
mysql.user table reader.
Definition: acl_table_user.h:293
void read_password_last_changed(ACL_USER &user)
Get password change time.
Definition: acl_table_user.cc:1774
Restrictions * m_restrictions
Definition: acl_table_user.h:325
void read_password_reuse_time_fields(ACL_USER &user)
Get password reuse time restriction.
Definition: acl_table_user.cc:1841
void read_user_resources(ACL_USER &user)
Read user resource restrictions.
Definition: acl_table_user.cc:1590
void add_row_to_acl_users(ACL_USER &user)
Add a recently read row in acl_users.
Definition: acl_table_user.cc:1958
bool setup_table(bool &is_old_db_layout)
Make table ready to read.
Definition: acl_table_user.cc:1383
bool read_row(bool &is_old_db_layout, bool &super_users_with_empty_plugin)
Read a row from mysql.user table and add it to in-memory structure.
Definition: acl_table_user.cc:2011
bool read_plugin_info(ACL_USER &user, bool &super_users_with_empty_plugin, bool &is_old_db_layout)
Read plugin information.
Definition: acl_table_user.cc:1630
void read_privileges(ACL_USER &user)
Get global privilege information.
Definition: acl_table_user.cc:1483
void read_password_require_current(ACL_USER &user)
Get information about requiring current password while changing password.
Definition: acl_table_user.cc:1861
bool driver()
Driver function for mysql.user reader.
Definition: acl_table_user.cc:2052
void read_password_locked(ACL_USER &user)
Determine if user account is locked.
Definition: acl_table_user.cc:1758
bool read_user_attributes(ACL_USER &user)
Read user attributes.
Definition: acl_table_user.cc:1885
MEM_ROOT m_mem_root
Definition: acl_table_user.h:324
void reset_acl_user(ACL_USER &user)
Scrub ACL_USER.
Definition: acl_table_user.cc:1409
void read_ssl_fields(ACL_USER &user)
Read SSL restrictions.
Definition: acl_table_user.cc:1560
bool read_password_expiry(ACL_USER &user, bool &password_expired)
Read password expiry field.
Definition: acl_table_user.cc:1733
User_table_schema * m_table_schema
Definition: acl_table_user.h:322
bool read_authentication_string(ACL_USER &user)
Read authentication string for the account.
Definition: acl_table_user.cc:1458
Acl_table_user_reader(THD *thd, TABLE *table)
mysql.user table reader constructor.
Definition: acl_table_user.cc:1346
void read_account_name(ACL_USER &user)
Get user and host information for the account.
Definition: acl_table_user.cc:1434
Acl_table_op_status finish_operation(Table_op_error_code &error) override
Finish mysql.user table read operation.
Definition: acl_table_user.cc:1365
~Acl_table_user_reader() override
Free resources before we destroy.
Definition: acl_table_user.cc:1353
Json_object * m_user_application_user_metadata_json
Definition: acl_table_user.h:326
void read_password_lifetime(ACL_USER &user)
Get password expiry policy infomration.
Definition: acl_table_user.cc:1802
void read_password_history_fields(ACL_USER &user)
Get password history restriction.
Definition: acl_table_user.cc:1820
unique_ptr_destroy_only< RowIterator > m_iterator
Definition: acl_table_user.h:323
mysql.user table writer.
Definition: acl_table_user.h:215
std::string second_cred
Definition: acl_table_user.h:236
Restrictions restrictions
Definition: acl_table_user.h:237
Access_bitmask updated_rights
Definition: acl_table_user.h:233
my_timeval password_change_timestamp
Definition: acl_table_user.h:235
Acl_table_user_writer_status(bool skip, Access_bitmask rights, Table_op_error_code err, my_timeval pwd_timestamp, std::string cred, Password_lock &password_lock, I_multi_factor_auth *multi_factor)
Definition: acl_table_user.h:218
Password_lock password_lock
Definition: acl_table_user.h:238
Table_op_error_code error
Definition: acl_table_user.h:234
I_multi_factor_auth * multi_factor
Definition: acl_table_user.h:239
Acl_table_user_writer_status()
Definition: acl_table_user.cc:438
bool skip_cache_update
Definition: acl_table_user.h:232
Definition: acl_table_user.h:242
std::function< bool(TABLE *table)> m_user_application_user_metadata
Definition: acl_table_user.h:285
bool update_password_reuse()
Password reuse time updates.
Definition: acl_table_user.cc:1117
bool write_user_attributes_column(const Acl_user_attributes &user_attributes)
Helper function to write updated user_attributes in the column.
Definition: acl_table_user.cc:1282
bool update_privileges(Acl_table_user_writer_status &return_value)
Update global privileges for user.
Definition: acl_table_user.cc:857
Acl_table_user_writer(THD *thd, TABLE *table, LEX_USER *combo, Access_bitmask rights, bool revoke_grant, bool can_create_user, Pod_user_what_to_update what_to_update, Restrictions *restrictions, I_multi_factor_auth *mfa)
mysql.user table writer constructor
Definition: acl_table_user.cc:464
I_multi_factor_auth * m_mfa
Definition: acl_table_user.h:284
bool update_user_attributes(std::string ¤t_password, Acl_table_user_writer_status &return_value)
User_attributes updates.
Definition: acl_table_user.cc:1186
Access_bitmask get_user_privileges()
Helper function to get global privileges from mysql.user table.
Definition: acl_table_user.cc:1305
LEX_USER * m_combo
Definition: acl_table_user.h:277
bool update_password_expiry()
Update password expiration info.
Definition: acl_table_user.cc:1013
Acl_table_op_status finish_operation(Table_op_error_code &error) override
Finish the operation.
Definition: acl_table_user.cc:727
bool m_revoke_grant
Definition: acl_table_user.h:279
User_table_schema * m_table_schema
Definition: acl_table_user.h:282
bool update_password_history()
Password history updates.
Definition: acl_table_user.cc:1086
bool update_ssl_properties()
Update SSL properties.
Definition: acl_table_user.cc:904
Pod_user_what_to_update m_what_to_update
Definition: acl_table_user.h:281
~Acl_table_user_writer() override
Cleanup.
Definition: acl_table_user.cc:486
bool update_authentication_info(Acl_table_user_writer_status &return_value)
Update user's authentication information.
Definition: acl_table_user.cc:793
bool update_password_require_current()
Whether current password is required to update existing one.
Definition: acl_table_user.cc:1146
Acl_table_user_writer_status driver()
Perform add/update to mysql.user table.
Definition: acl_table_user.cc:496
Access_bitmask m_rights
Definition: acl_table_user.h:278
bool update_user_application_user_metadata()
Helper function for updating the user metadata JSON.
Definition: acl_table_user.cc:1274
std::string get_current_credentials()
Get current password from mysql.user.authentication_string.
Definition: acl_table_user.cc:1331
bool m_can_create_user
Definition: acl_table_user.h:280
bool update_account_locking()
Update account locking info.
Definition: acl_table_user.cc:1054
void replace_user_application_user_metadata(std::function< bool(TABLE *table)> const &update)
Send the function for updating the user metadata JSON code to the table processor.
Definition: acl_table_user.cc:1265
bool m_has_user_application_user_metadata
Definition: acl_table_user.h:276
Restrictions * m_restrictions
Definition: acl_table_user.h:283
bool setup_table(int &error, bool &builtin_password)
Position user table.
Definition: acl_table_user.cc:581
bool update_user_resources()
Update user resource restrictions.
Definition: acl_table_user.cc:981
Base class to handle ACL table manipulation.
Definition: acl_table_base.h:44
Class to handle information stored in mysql.user.user_attributes.
Definition: acl_table_user.h:88
bool deserialize_password_lock(const Json_object &json_object)
Definition: acl_table_user.cc:240
bool deserialize(const Json_object &json_object)
Obtain info from JSON representation of user attributes.
Definition: acl_table_user.cc:286
bool serialize(Json_object &json_object) const
Create JSON object from user attributes.
Definition: acl_table_user.cc:321
Password_lock m_password_lock
password locking
Definition: acl_table_user.h:200
void update_restrictions(const Restrictions &restricitions)
Definition: acl_table_user.cc:400
void set_mfa(I_multi_factor_auth *mfa)
Definition: acl_table_user.h:169
Auth_id m_auth_id
Auth ID.
Definition: acl_table_user.h:192
bool consume_user_attributes_json(Json_dom_ptr json)
Take over ownership of the json pointer.
Definition: acl_table_user.cc:160
void report_and_remove_invalid_db_restrictions(DB_restrictions &db_restrictions, Access_bitmask mask, enum loglevel level, ulonglong errcode)
Definition: acl_table_user.cc:179
bool update_additional_password(std::string &credential)
Update second password for user.
Definition: acl_table_user.cc:379
Acl_user_attributes(MEM_ROOT *mem_root, bool read_restrictions, Auth_id &auth_id, Access_bitmask global_privs)
Default constructor.
Definition: acl_table_user.cc:134
I_multi_factor_auth * m_mfa
multi factor auth info
Definition: acl_table_user.h:202
Json_dom_ptr m_user_attributes_json
Save the original json object.
Definition: acl_table_user.h:204
void set_password_lock(Password_lock password_lock)
Definition: acl_table_user.h:164
MEM_ROOT * m_mem_root
Mem root.
Definition: acl_table_user.h:188
auto get_failed_login_attempts() const
Definition: acl_table_user.h:157
Restrictions m_restrictions
Restrictions_list on certain databases for user.
Definition: acl_table_user.h:196
Restrictions get_restrictions() const
Get the restriction list for the user.
Definition: acl_table_user.cc:396
Access_bitmask m_global_privs
Global static privileges.
Definition: acl_table_user.h:198
const std::string get_additional_password() const
Get second password.
Definition: acl_table_user.cc:392
auto get_password_lock_time_days() const
Definition: acl_table_user.h:160
~Acl_user_attributes()
Definition: acl_table_user.cc:158
bool m_read_restrictions
Operation for restrictions.
Definition: acl_table_user.h:190
auto get_password_lock() const
Definition: acl_table_user.h:163
std::string m_additional_password
Second password for user.
Definition: acl_table_user.h:194
bool deserialize_multi_factor(const Json_object &json_object)
Definition: acl_table_user.cc:217
void discard_additional_password()
Discard second password.
Definition: acl_table_user.cc:388
I_multi_factor_auth * get_mfa()
Definition: acl_table_user.h:168
Definition: user_table.h:47
static MEM_ROOT mem_root
Definition: client_plugin.cc:110
std::unique_ptr< Json_dom > Json_dom_ptr
Definition: json_dom.h:65
static mi_bit_type mask[]
Definition: mi_packrec.cc:141
This file follows Google coding style, except for the name MEM_ROOT (which is kept for historical rea...
std::unique_ptr< T, Destroy_only< T > > unique_ptr_destroy_only
std::unique_ptr, but only destroying.
Definition: my_alloc.h:489
unsigned long long int ulonglong
Definition: my_inttypes.h:56
loglevel
Definition: my_loglevel.h:41
static uint update
Definition: myisamlog.cc:91
char * user
Definition: mysqladmin.cc:60
Definition: acl_table_base.h:33
int Table_op_error_code
Definition: acl_table_base.h:35
Acl_table_op_status
Definition: acl_table_base.h:37
User_attribute_type
Definition: acl_table_user.h:54
@ MULTI_FACTOR_AUTHENTICATION_DATA
std::pair< Table_op_error_code, struct timeval > acl_table_user_writer_status
Definition: acl_table_user.h:209
static Value err()
Create a Value object that represents an error condition.
Definition: json_binary.cc:910
static size_t skip(size_t pos_start, size_t match_len)
Definition: uri.cc:82
constexpr const size_t ACL_ALLOC_BLOCK_SIZE
Definition: sql_const.h:147
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:83
Definition: acl_table_user.h:63
int password_lock_time_days
read from the user config.
Definition: acl_table_user.h:67
Password_lock()
Definition: acl_table_user.cc:2076
Password_lock & operator=(const Password_lock &other)
Definition: acl_table_user.cc:2079
uint failed_login_attempts
read from the user config.
Definition: acl_table_user.h:72
Replacement of system's struct timeval to ensure we can carry 64 bit values even on a platform which ...
Definition: my_time_t.h:45
Include file for Sun RPC to compile out of the box.
unsigned int uint
Definition: uca9-dump.cc:75
#define PSI_NOT_INSTRUMENTED
Definition: validate_password_imp.cc:42