An implementation of security_context service methods.
More...
#include <security_context_imp.h>
|
| static mysql_service_status_t | get (void *_thd, Security_context_handle *out_ctx) noexcept |
| | Gets the security context for the thread. More...
|
| |
| static mysql_service_status_t | set (void *_thd, Security_context_handle in_ctx) noexcept |
| | Sets a new security context for the thread. More...
|
| |
| static mysql_service_status_t | create (Security_context_handle *out_ctx) noexcept |
| | Creates a new security context and initializes it with the defaults (no access, no user etc). More...
|
| |
| static mysql_service_status_t | destroy (Security_context_handle ctx) noexcept |
| | Deallocates a security context. More...
|
| |
| static mysql_service_status_t | copy (Security_context_handle in_ctx, Security_context_handle *out_ctx) noexcept |
| | Duplicates a security context. More...
|
| |
| static mysql_service_status_t | lookup (Security_context_handle ctx, const char *user, const char *host, const char *ip, const char *db) noexcept |
| | Looks up in the defined user accounts. More...
|
| |
| static mysql_service_status_t | get (Security_context_handle ctx, const char *name, void *inout_pvalue) noexcept |
| | Reads a named security context attribute and returns its value. More...
|
| |
| static mysql_service_status_t | set (Security_context_handle ctx, const char *name, void *pvalue) noexcept |
| | Sets a value for a named security context attribute. More...
|
| |
An implementation of security_context service methods.
◆ copy()
Duplicates a security context.
- See also
- mysql_security_context_factory::copy()
- Parameters
-
| [in] | in_ctx | The handle of the security context to copy |
| [out] | out_ctx | placeholder for the handle of the copied security context |
- Return values
-
◆ create()
Creates a new security context and initializes it with the defaults (no access, no user etc).
- See also
- mysql_security_context_factory::create()
- Parameters
-
| [out] | out_ctx | placeholder for the newly created security context handle |
- Return values
-
◆ destroy()
Deallocates a security context.
- See also
- mysql_security_context_factory::destroy()
- Parameters
-
| [in] | ctx | The handle of the security context to destroy |
- Return values
-
◆ get() [1/2]
Reads a named security context attribute and returns its value.
- See also
- mysql_security_context_options::get()
Currently defined names are:
- user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
- host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
- ip MYSQL_LEX_CSTRING * login client ip
- host_or_ip MYSQL_LEX_CSTRING * host, if present, ip if not.
- priv_user MYSQL_LEX_CSTRING * authenticated user (a.k.a. the user's part of CURRENT_USER())
- priv_host MYSQL_LEX_CSTRING * authenticated host (a.k.a. the host's part of CURRENT_USER())
- proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
- privilege_super DECLARE_BOOL_METHOD * 1 if the user account has supper privilege, 0 otherwise
- privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has execute privilege, 0 otherwise
- Parameters
-
| [in] | ctx_h | The handle of the security context to read from |
| [in] | name | The option name to read |
| [out] | inout_pvalue | The value of the option. Type depends on the name. |
- Return values
-
◆ get() [2/2]
Gets the security context for the thread.
- See also
- mysql_thd_security_context::get()
- Parameters
-
| [in] | _thd | The thread to get the context from |
| [out] | out_ctx | placeholder for the security context handle |
- Return values
-
◆ lookup()
Looks up in the defined user accounts.
Looks up in the defined user accounts an account based on the user@host[ip] combo supplied and checks if the user has access to the database requested.
- See also
- mysql_account_database_security_context_lookup::lookup()
The lookup is done in exactly the same way as at login time. The new security context need to checkout additional privileges using the checkout_acl method.
- Parameters
-
| [in] | ctx | The handle of the security context to update |
| [in] | user | The user name to look up, the name has to be in utf8 charset |
| [in] | host | The host name to look up, the name has to be in utf8 charset |
| [in] | ip | The ip of the incoming connection |
| [in] | db | The database to check access to |
- Return values
-
◆ set() [1/2]
Sets a value for a named security context attribute.
Sets a value for a named security context attribute Currently defined names are:
- See also
- mysql_security_context_options::set()
- user MYSQL_LEX_CSTRING * login user (a.k.a. the user's part of USER())
- host MYSQL_LEX_CSTRING * login host (a.k.a. the host's part of USER())
- ip MYSQL_LEX_CSTRING * login client ip
- priv_user MYSQL_LEX_CSTRING * authenticated user (a.k.a. the user's part of CURRENT_USER())
- priv_host MYSQL_LEX_CSTRING * authenticated host (a.k.a. the host's part of CURRENT_USER())
- proxy_user MYSQL_LEX_CSTRING * the proxy user used in authenticating
- privilege_super DECLARE_BOOL_METHOD * 1 if the user account has supper privilege, 0 otherwise
- privilege_execute DECLARE_BOOL_METHOD * 1 if the user account has execute privilege, 0 otherwise
- Parameters
-
| [in] | ctx_h | The handle of the security context to set into |
| [in] | name | The option name to set |
| [in] | pvalue | The value of the option. Type depends on the name. |
- Return values
-
◆ set() [2/2]
Sets a new security context for the thread.
- See also
- mysql_thd_security_context::set()
- Parameters
-
| [in] | _thd | The thread to set the context to |
| [in] | in_ctx | The handle of the new security context |
- Return values
-
The documentation for this class was generated from the following files:
1.9.2