MySQL 8.0.40
Source Code Documentation
acl_table::Acl_table_user_writer Class Reference

#include <acl_table_user.h>

Inheritance diagram for acl_table::Acl_table_user_writer:
[legend]

Public Member Functions

 Acl_table_user_writer (THD *thd, TABLE *table, LEX_USER *combo, Access_bitmask rights, bool revoke_grant, bool can_create_user, Pod_user_what_to_update what_to_update, Restrictions *restrictions, I_multi_factor_auth *mfa)
 mysql.user table writer constructor More...
 
 ~Acl_table_user_writer () override
 Cleanup. More...
 
Acl_table_op_status finish_operation (Table_op_error_code &error) override
 Finish the operation. More...
 
Acl_table_user_writer_status driver ()
 Perform add/update to mysql.user table. More...
 
bool setup_table (int &error, bool &builtin_password)
 Position user table. More...
 
bool update_authentication_info (Acl_table_user_writer_status &return_value)
 Update user's authentication information. More...
 
bool update_privileges (Acl_table_user_writer_status &return_value)
 Update global privileges for user. More...
 
bool update_ssl_properties ()
 Update SSL properties. More...
 
bool update_user_resources ()
 Update user resource restrictions. More...
 
bool update_password_expiry ()
 Update password expiration info. More...
 
bool update_account_locking ()
 Update account locking info. More...
 
bool update_password_history ()
 Password history updates. More...
 
bool update_password_reuse ()
 Password reuse time updates. More...
 
bool update_password_require_current ()
 Whether current password is required to update existing one. More...
 
bool update_user_attributes (std::string &current_password, Acl_table_user_writer_status &return_value)
 User_attributes updates. More...
 
void replace_user_application_user_metadata (std::function< bool(TABLE *table)> const &update)
 Send the function for updating the user metadata JSON code to the table processor. More...
 
Access_bitmask get_user_privileges ()
 Helper function to get global privileges from mysql.user table. More...
 
std::string get_current_credentials ()
 Get current password from mysql.user.authentication_string. More...
 
- Public Member Functions inherited from acl_table::Acl_table
 Acl_table (THD *thd, TABLE *table, Acl_table_operation operation)
 
virtual ~Acl_table ()=default
 
 Acl_table (const Acl_table &)=delete
 
const Acl_tableoperator= (const Acl_table &)=delete
 
 Acl_table (const Acl_table &&)=delete
 
const Acl_tableoperator= (const Acl_table &&)=delete
 
Acl_table_operation get_operation_mode ()
 

Private Member Functions

bool update_user_application_user_metadata ()
 Helper function for updating the user metadata JSON. More...
 
bool write_user_attributes_column (const Acl_user_attributes &user_attributes)
 Helper function to write updated user_attributes in the column. More...
 

Private Attributes

bool m_has_user_application_user_metadata
 
LEX_USERm_combo
 
Access_bitmask m_rights
 
bool m_revoke_grant
 
bool m_can_create_user
 
Pod_user_what_to_update m_what_to_update
 
User_table_schemam_table_schema
 
Restrictionsm_restrictions
 
I_multi_factor_authm_mfa
 
std::function< bool(TABLE *table)> m_user_application_user_metadata
 

Additional Inherited Members

- Protected Member Functions inherited from acl_table::Acl_table
Acl_table_op_status convert_table_op_error_code ()
 
- Protected Attributes inherited from acl_table::Acl_table
THDm_thd
 
TABLEm_table
 
Acl_table_operation m_operation
 
Table_op_error_code m_error
 

Constructor & Destructor Documentation

◆ Acl_table_user_writer()

acl_table::Acl_table_user_writer::Acl_table_user_writer ( THD thd,
TABLE table,
LEX_USER combo,
Access_bitmask  rights,
bool  revoke_grant,
bool  can_create_user,
Pod_user_what_to_update  what_to_update,
Restrictions restrictions = nullptr,
I_multi_factor_auth mfa = nullptr 
)

mysql.user table writer constructor

Note: Table handle must be non-null.

Parameters
[in]thdThread handle
[in]tableHandle to mysql.user table
[in]comboUser information
[in]rightsUpdated global privileges
[in]revoke_grantIf its REVOKE statement
[in]can_create_userWhether user has ability to create new user
[in]what_to_updateThings to be updated
[in]restrictionsRestrictions of the user, if there is any
[in]mfaInterface pointer to Multi factor authentication methods

◆ ~Acl_table_user_writer()

acl_table::Acl_table_user_writer::~Acl_table_user_writer ( )
override

Cleanup.

Member Function Documentation

◆ driver()

Acl_table_user_writer_status acl_table::Acl_table_user_writer::driver ( )

Perform add/update to mysql.user table.

Returns
status of add/update operation. In case of success it contains information that's useful for cache update.

◆ finish_operation()

Acl_table_op_status acl_table::Acl_table_user_writer::finish_operation ( Table_op_error_code out_error)
overridevirtual

Finish the operation.

Depending on type of operation (INSERT/UPDATE), either insert a new row in mysql.user table or update an existing row using SE APIs.

Parameters
[out]out_errorTable operation error, if any
Returns
status of write operation

Implements acl_table::Acl_table.

◆ get_current_credentials()

std::string acl_table::Acl_table_user_writer::get_current_credentials ( )

Get current password from mysql.user.authentication_string.

Returns
value from mysql.user.authentication_string

◆ get_user_privileges()

Access_bitmask acl_table::Acl_table_user_writer::get_user_privileges ( )

Helper function to get global privileges from mysql.user table.

Returns
Bitmask representing global privileges granted to given account

◆ replace_user_application_user_metadata()

void acl_table::Acl_table_user_writer::replace_user_application_user_metadata ( std::function< bool(TABLE *table)> const &  update)

Send the function for updating the user metadata JSON code to the table processor.

Parameters
updateThe function expression used for updating the JSON

◆ setup_table()

bool acl_table::Acl_table_user_writer::setup_table ( int &  error,
bool &  builtin_plugin 
)

Position user table.

Try to find a row matching with given account information. If one is found, set record pointer to it and set operation type as UPDATE. If no record is found, then set record pointer to empty record.

Raises error in DA in various cases where sanity of table and intention of operation is checked.

Parameters
[out]errorTable operation error
[out]builtin_pluginFor existing record, if authentication plugin is one of the builtins or not.
Returns
Operation status
Return values
falseTable is positioned. In case of insert, it means no record is found for given (user,host). In case of update, table is set to point to existing record.
trueError positioning table.

◆ update_account_locking()

bool acl_table::Acl_table_user_writer::update_account_locking ( )

Update account locking info.

Raises error in DA if mysql.user table does not have account_locked column.

Returns
status of the operation
Return values
falseSuccess
trueTable is not in expected format

◆ update_authentication_info()

bool acl_table::Acl_table_user_writer::update_authentication_info ( Acl_table_user_writer_status return_value)

Update user's authentication information.

Raises error in DA if mysql.user table does not have following columns:

  • plugin
  • password_last_changed
  • password_expired
Parameters
[out]return_valueTo update password change timestamp
Returns
update operation status
Return values
falseSuccess
trueError storing authentication info or table is not in expected format

◆ update_password_expiry()

bool acl_table::Acl_table_user_writer::update_password_expiry ( )

Update password expiration info.

Raises error in DA if mysql.user table does not have password_expired column.

Returns
status of operation
Return values
falseSuccess
trueTable is not in expected format

◆ update_password_history()

bool acl_table::Acl_table_user_writer::update_password_history ( )

Password history updates.

Raises error in DA if mysql.user table does not have password_reuse_history column.

Returns
status of the operation
Return values
falseSuccess
trueTable is not in expected format

◆ update_password_require_current()

bool acl_table::Acl_table_user_writer::update_password_require_current ( )

Whether current password is required to update existing one.

Raises error in DA if mysql.user table does not have password_require_current column.

Returns
status of the operation
Return values
falseSuccess
trueTable is not in expected format

◆ update_password_reuse()

bool acl_table::Acl_table_user_writer::update_password_reuse ( )

Password reuse time updates.

Raises error in DA if mysql.user table does not have password_reuse_time column.

Returns
status of the operation
Return values
falseSuccess
trueTable is not in expected format

◆ update_privileges()

bool acl_table::Acl_table_user_writer::update_privileges ( Acl_table_user_writer_status return_value)

Update global privileges for user.

Parameters
[out]return_valueTo store updated global privileges
Returns
Update status for global privileges

◆ update_ssl_properties()

bool acl_table::Acl_table_user_writer::update_ssl_properties ( )

Update SSL properties.

Returns
Update status
Return values
falseSuccess
trueTable is not in expected format

◆ update_user_application_user_metadata()

bool acl_table::Acl_table_user_writer::update_user_application_user_metadata ( )
private

Helper function for updating the user metadata JSON.

◆ update_user_attributes()

bool acl_table::Acl_table_user_writer::update_user_attributes ( std::string &  current_password,
Acl_table_user_writer_status return_value 
)

User_attributes updates.

Raises error in DA if mysql.user table does not have user_attributes column.

Returns
status of the operation
Return values
falseSuccess
trueTable/Column is not in expected format

◆ update_user_resources()

bool acl_table::Acl_table_user_writer::update_user_resources ( )

Update user resource restrictions.

Returns
status of the operation

◆ write_user_attributes_column()

bool acl_table::Acl_table_user_writer::write_user_attributes_column ( const Acl_user_attributes user_attributes)
private

Helper function to write updated user_attributes in the column.

Member Data Documentation

◆ m_can_create_user

bool acl_table::Acl_table_user_writer::m_can_create_user
private

◆ m_combo

LEX_USER* acl_table::Acl_table_user_writer::m_combo
private

◆ m_has_user_application_user_metadata

bool acl_table::Acl_table_user_writer::m_has_user_application_user_metadata
private

◆ m_mfa

I_multi_factor_auth* acl_table::Acl_table_user_writer::m_mfa
private

◆ m_restrictions

Restrictions* acl_table::Acl_table_user_writer::m_restrictions
private

◆ m_revoke_grant

bool acl_table::Acl_table_user_writer::m_revoke_grant
private

◆ m_rights

Access_bitmask acl_table::Acl_table_user_writer::m_rights
private

◆ m_table_schema

User_table_schema* acl_table::Acl_table_user_writer::m_table_schema
private

◆ m_user_application_user_metadata

std::function<bool(TABLE *table)> acl_table::Acl_table_user_writer::m_user_application_user_metadata
private

◆ m_what_to_update

Pod_user_what_to_update acl_table::Acl_table_user_writer::m_what_to_update
private

The documentation for this class was generated from the following files: