|
bool | generate (Abstract_restrictions &restrictions) override |
| Driver function to aggregate restriction lists. More...
|
|
virtual | ~Restrictions_aggregator () |
| Destructor. More...
|
|
enum class | SQL_OP { SET_ROLE
, GLOBAL_GRANT
} |
|
using | Status = Restrictions_aggregator::Status |
|
enum class | Status {
Error
, Warning
, Validated
, Aggregated
,
No_op
} |
|
| DB_restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const ulong grantor_global_access, const ulong grantee_global_access, const DB_restrictions &grantor_restrictions, const DB_restrictions &grantee_restrictions, const ulong requested_access, const Security_context *sctx) |
| Constructor for database level restrictions aggregator. More...
|
|
bool | find_if_require_next_level_operation (ulong &rights) const override |
| Get list of privileges that are not restricted through restriction list. More...
|
|
bool | check_db_access_and_restrictions_collision (const ulong grantee_db_access, const ulong grantee_restrictions, const std::string &db_name) noexcept |
| Check possible descrepancy between DB access being granted and existing restrictions. More...
|
|
void | set_if_db_level_operation (const ulong requested_access, const ulong restrictions_mask) noexcept |
| Set privileges that needs to be processed further. More...
|
|
void | aggregate_restrictions (SQL_OP sql_op, const Db_access_map *m_db_map, DB_restrictions &restrictions) |
| A helper method that aggregates the restrictions for global_grant and set_role operations since both are similar in nature. More...
|
|
ulong | get_grantee_db_access (const std::string &db_name) const |
| Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More...
|
|
void | get_grantee_db_access (const std::string &db_name, ulong &access) const |
| Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More...
|
|
| Restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const ulong grantor_global_access, const ulong grantee_global_access, const ulong requested_access) |
| Constructor. More...
|
|
| Restrictions_aggregator (const Restrictions_aggregator &)=delete |
|
Restrictions_aggregator & | operator= (const Restrictions_aggregator &)=delete |
|
| Restrictions_aggregator (const Restrictions_aggregator &&)=delete |
|
Restrictions_aggregator & | operator= (const Restrictions_aggregator &&)=delete |
|
ulong | m_privs_not_processed = 0 |
| Privileges that needs to be checked further through DB grants. More...
|
|
DB_restrictions | m_grantor_rl |
| Database restrictions for grantor. More...
|
|
DB_restrictions | m_grantee_rl |
| Database restrictions for grantee. More...
|
|
const Security_context * | m_sctx |
| Security context of the current user. More...
|
|
const Auth_id | m_grantor |
| Grantor information. More...
|
|
const Auth_id | m_grantee |
| Grantee information. More...
|
|
const ulong | m_grantor_global_access |
| Global static privileges of grantor. More...
|
|
const ulong | m_grantee_global_access |
| Global static privileges of grantee. More...
|
|
const ulong | m_requested_access |
| Privileges that are being granted or revoked. More...
|
|
Status | m_status |
| Internal status of aggregation process. More...
|
|
Database restriction aggregator for SET ROLE statement.