24#ifndef AUTH_COMMON_INCLUDED
25#define AUTH_COMMON_INCLUDED
47#include <openssl/rsa.h>
74extern const std::string
mysql;
132 bool any_combination_will_do)
const = 0;
168 bool any_combination_will_do)
const = 0;
201 bool any_combination_will_do)
const override;
694 : implicit_cast<User_table_schema *>(
713 const char *db,
THD *thd,
724#define DEFAULT_AUTH_ATTR (1L << 0)
725#define PLUGIN_ATTR (1L << 1)
727#define SSL_ATTR (1L << 2)
728#define RESOURCE_ATTR (1L << 3)
729#define PASSWORD_EXPIRE_ATTR (1L << 4)
730#define ACCESS_RIGHTS_ATTR (1L << 5)
731#define ACCOUNT_LOCK_ATTR (1L << 6)
732#define DIFFERENT_PLUGIN_ATTR \
734#define USER_ATTRIBUTES (1L << 8)
739 bool retain_current_password);
741 const char *current_password,
742 bool retain_current_password);
755 const char *wildstr,
size_t wildstr_len);
757bool acl_init(
bool dont_read_acl_tables);
765 const char *
user,
const char *db,
bool db_is_pattern);
768 const char *
host,
const char *ip,
const char *db);
785 bool grant_all_current_privileges,
LEX_GRANT_AS *grant_as);
788 bool revoke,
bool write_to_binlog,
789 bool all_current_privileges);
792 bool revoke,
bool all_current_privileges);
794 bool any_combination_will_do, uint number,
bool no_errors);
804 bool is_proc,
bool no_error);
806 const bool check_table_grant =
false);
814 const char *field_name);
824 const char *db,
const char *
table);
838 bool *fake_lock_tables_acl);
849 char *
name,
bool is_proc,
bool no_errors);
852 const char *definer_user,
853 const char *definer_host);
855 const char *routine_name,
bool is_proc);
859 bool dont_check_global_grants,
bool no_errors);
862 bool any_combination_of_privileges_will_do, uint number,
909 const char **ssl_ca,
const char **ssl_key,
910 const char **ssl_cert);
912#define DEFAULT_SSL_CA_CERT "ca.pem"
913#define DEFAULT_SSL_CA_KEY "ca-key.pem"
914#define DEFAULT_SSL_SERVER_CERT "server-cert.pem"
915#define DEFAULT_SSL_SERVER_KEY "server-key.pem"
935template <
class Derived>
939 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
941 if (op ==
Execute &&
static_cast<Derived *
>(
this)->
create(sctx))
947template <
class Derived>
951 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
953 if (op ==
Execute &&
static_cast<Derived *
>(
this)->grant_privileges(sctx))
1025 std::vector<std::string> privs);
1063 bool check_for_main_security_ctx =
false);
1073 Auth_id(
const char *
user,
size_t user_len,
const char *
host,
size_t host_len);
1085 void auth_str(std::string *out)
const;
1087 const std::string &
user()
const;
1088 const std::string &
host()
const;
1133 const std::string &json_blob,
bool expect_text);
1138#if OPENSSL_VERSION_NUMBER >= 0x30000000L
1140 unsigned char *plain_text,
size_t plain_text_len,
1141 EVP_PKEY *private_key);
1144 unsigned char *plain_text,
size_t plain_text_len,
uint32_t Access_bitmask
Definition: auth_acls.h:34
mysql_dynamic_priv_table_field
Definition: auth_common.h:362
@ MYSQL_DYNAMIC_PRIV_FIELD_PRIV
Definition: auth_common.h:365
@ MYSQL_DYNAMIC_PRIV_FIELD_HOST
Definition: auth_common.h:364
@ MYSQL_DYNAMIC_PRIV_FIELD_USER
Definition: auth_common.h:363
@ MYSQL_DYNAMIC_PRIV_FIELD_COUNT
Definition: auth_common.h:367
@ MYSQL_DYNAMIC_PRIV_FIELD_WITH_GRANT_OPTION
Definition: auth_common.h:366
mysql_columns_priv_table_field
Definition: auth_common.h:314
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_NAME
Definition: auth_common.h:319
@ MYSQL_COLUMNS_PRIV_FIELD_HOST
Definition: auth_common.h:315
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:321
@ MYSQL_COLUMNS_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:318
@ MYSQL_COLUMNS_PRIV_FIELD_COUNT
Definition: auth_common.h:322
@ MYSQL_COLUMNS_PRIV_FIELD_DB
Definition: auth_common.h:316
@ MYSQL_COLUMNS_PRIV_FIELD_USER
Definition: auth_common.h:317
@ MYSQL_COLUMNS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:320
void roles_graphml(THD *thd, String *)
Definition: sql_authorization.cc:4904
bool check_fk_parent_table_access(THD *thd, HA_CREATE_INFO *create_info, Alter_info *alter_info)
Checks foreign key's parent table access.
Definition: sql_authorization.cc:5939
bool check_grant(THD *thd, Access_bitmask want_access, Table_ref *tables, bool any_combination_will_do, uint number, bool no_errors)
Check table level grants.
Definition: sql_authorization.cc:3779
mysql_procs_priv_table_field
Definition: auth_common.h:302
@ MYSQL_PROCS_PRIV_FIELD_PROC_PRIV
Definition: auth_common.h:309
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_NAME
Definition: auth_common.h:306
@ MYSQL_PROCS_PRIV_FIELD_COUNT
Definition: auth_common.h:311
@ MYSQL_PROCS_PRIV_FIELD_HOST
Definition: auth_common.h:303
@ MYSQL_PROCS_PRIV_FIELD_DB
Definition: auth_common.h:304
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_TYPE
Definition: auth_common.h:307
@ MYSQL_PROCS_PRIV_FIELD_GRANTOR
Definition: auth_common.h:308
@ MYSQL_PROCS_PRIV_FIELD_USER
Definition: auth_common.h:305
@ MYSQL_PROCS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:310
bool acl_check_host(THD *thd, const char *host, const char *ip)
Definition: sql_authentication.cc:2156
void get_privilege_desc(char *to, uint max_length, Access_bitmask access)
Definition: sql_authorization.cc:4530
bool lock_tables_precheck(THD *thd, Table_ref *tables)
Check privileges for LOCK TABLES statement.
Definition: sql_authorization.cc:1718
bool skip_grant_tables()
Definition: sql_auth_cache.cc:163
bool acl_check_proxy_grant_access(THD *thd, const char *host, const char *user, bool with_grant)
Definition: sql_authorization.cc:5559
bool check_global_access(THD *thd, Access_bitmask want_access)
check for global access and give descriptive error message if it fails.
Definition: sql_authorization.cc:5914
int mysql_table_grant(THD *thd, Table_ref *table, List< LEX_USER > &user_list, List< LEX_COLUMN > &column_list, Access_bitmask rights, bool revoke, bool all_current_privileges)
Definition: sql_authorization.cc:2634
void func_current_role(const THD *thd, String *active_role)
Helper function for Item_func_current_role.
Definition: sql_authorization.cc:6275
uint32 global_password_history
Global sysvar: the number of old passwords to check in the history.
Definition: sql_auth_cache.cc:3647
bool mysql_alter_or_clear_default_roles(THD *thd, role_enum role_type, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Set the default roles to NONE, ALL or list of authorization IDs as roles, depending upon the role_typ...
Definition: sql_authorization.cc:6416
int fill_schema_table_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5761
void append_auth_id_string(const THD *thd, const char *user, size_t user_len, const char *host, size_t host_len, String *str)
Append the user@host to the str.
Definition: sql_auth_cache.cc:714
std::pair< LEX_CSTRING, LEX_CSTRING > Auth_id_ref
user, host tuple which reference either acl_cache or g_default_roles
Definition: auth_common.h:80
std::unique_ptr< T, std::function< void(T *)> > Sctx_ptr
Definition: auth_common.h:960
mysql_role_edges_table_field
Definition: auth_common.h:337
@ MYSQL_ROLE_EDGES_FIELD_TO_USER
Definition: auth_common.h:341
@ MYSQL_ROLE_EDGES_FIELD_WITH_ADMIN_OPTION
Definition: auth_common.h:342
@ MYSQL_ROLE_EDGES_FIELD_FROM_USER
Definition: auth_common.h:339
@ MYSQL_ROLE_EDGES_FIELD_TO_HOST
Definition: auth_common.h:340
@ MYSQL_ROLE_EDGES_FIELD_FROM_HOST
Definition: auth_common.h:338
@ MYSQL_ROLE_EDGES_FIELD_COUNT
Definition: auth_common.h:343
void acl_log_connect(const char *user, const char *host, const char *auth_as, const char *db, THD *thd, enum enum_server_command command)
Logging connection for the general query log, extracted from acl_authenticate() as it's reused at dif...
Definition: sql_authentication.cc:3824
bool reload_acl_caches(THD *thd, bool mdl_locked)
Reload all ACL caches.
Definition: sql_auth_cache.cc:3665
bool is_acl_table_name(const char *name)
Check if given table name is a ACL table name.
Definition: sql_user_table.cc:2626
int fill_schema_schema_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5699
std::function< bool(Security_context *, Security_context_policy::Operation)> Security_context_functor
Definition: auth_common.h:933
bool validate_user_plugins
controls the extra checks on plugin availability for mysql.user records
Definition: sql_auth_cache.cc:167
bool mysql_user_table_is_in_short_password_format
void acl_free(bool end=false)
Definition: sql_auth_cache.cc:1985
bool mysql_revoke_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:3091
bool check_acl_tables_intact(THD *thd, bool mdl_locked)
Opens the ACL tables and checks their sanity.
Definition: sql_auth_cache.cc:2109
bool mysql_show_grants(THD *, LEX_USER *, const List_of_auth_id_refs &, bool, bool)
SHOW GRANTS FOR user USING [ALL | role [,role ...]].
Definition: sql_authorization.cc:4798
void init_acl_memory()
Allocates the memory in the the global_acl_memory MEM_ROOT.
Definition: sql_auth_cache.cc:189
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name, bool is_proc)
Grant EXECUTE,ALTER privilege for a stored procedure.
Definition: sql_authorization.cc:5401
mysql_db_table_field
Definition: auth_common.h:210
@ MYSQL_DB_FIELD_GRANT_PRIV
Definition: auth_common.h:220
@ MYSQL_DB_FIELD_DELETE_PRIV
Definition: auth_common.h:217
@ MYSQL_DB_FIELD_INDEX_PRIV
Definition: auth_common.h:222
@ MYSQL_DB_FIELD_UPDATE_PRIV
Definition: auth_common.h:216
@ MYSQL_DB_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:226
@ MYSQL_DB_FIELD_ALTER_PRIV
Definition: auth_common.h:223
@ MYSQL_DB_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:225
@ MYSQL_DB_FIELD_COUNT
Definition: auth_common.h:233
@ MYSQL_DB_FIELD_TRIGGER_PRIV
Definition: auth_common.h:232
@ MYSQL_DB_FIELD_CREATE_PRIV
Definition: auth_common.h:218
@ MYSQL_DB_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:228
@ MYSQL_DB_FIELD_SELECT_PRIV
Definition: auth_common.h:214
@ MYSQL_DB_FIELD_EXECUTE_PRIV
Definition: auth_common.h:230
@ MYSQL_DB_FIELD_INSERT_PRIV
Definition: auth_common.h:215
@ MYSQL_DB_FIELD_EVENT_PRIV
Definition: auth_common.h:231
@ MYSQL_DB_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:229
@ MYSQL_DB_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:224
@ MYSQL_DB_FIELD_USER
Definition: auth_common.h:213
@ MYSQL_DB_FIELD_HOST
Definition: auth_common.h:211
@ MYSQL_DB_FIELD_DROP_PRIV
Definition: auth_common.h:219
@ MYSQL_DB_FIELD_DB
Definition: auth_common.h:212
@ MYSQL_DB_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:227
@ MYSQL_DB_FIELD_REFERENCES_PRIV
Definition: auth_common.h:221
bool is_mandatory_role(LEX_CSTRING role, LEX_CSTRING role_host, bool *is_mandatory)
Determine if a role@role_host authid is a mandatory role.
Definition: sql_authorization.cc:6816
int acl_authenticate(THD *thd, enum_server_command command)
Perform the handshake, authorize the client and update thd sctx variables.
Definition: sql_authentication.cc:3960
const std::vector< std::string > global_acls_vector
Consts for static privileges.
Definition: auth_acls.cc:62
bool lock_and_get_mandatory_roles(std::vector< Role_id > *mandatory_roles)
Copy a list of mandatory role authorization IDs.
Definition: sql_authorization.cc:6328
Auth_id_ref create_authid_from(const LEX_USER *user)
Definition: sql_authorization.cc:6654
bool mysql_grant_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles, bool with_admin_opt)
Grants a list of roles to a list of users.
Definition: sql_authorization.cc:3320
bool check_change_password(THD *thd, const char *host, const char *user, bool retain_current_password)
Definition: sql_user.cc:157
int wild_case_compare(CHARSET_INFO *cs, const char *str, const char *wildstr)
Definition: sql_auth_cache.cc:799
bool mysql_alter_user_comment(THD *thd, const List< LEX_USER > *users, const std::string &json_blob, bool expect_text)
void get_mqh(THD *thd, const char *user, const char *host, USER_CONN *uc)
Definition: sql_auth_cache.cc:3112
bool is_acl_table(const TABLE *table)
Check if given TABLE* is a ACL table name.
Definition: sql_user_table.cc:2644
bool mysql_show_create_user(THD *thd, LEX_USER *user, bool are_both_users_same)
Auxiliary function for constructing CREATE USER sql for a given user.
Definition: sql_user.cc:260
bool is_granted_table_access(THD *thd, Access_bitmask required_acl, Table_ref *table)
Given a Table_ref object this function checks against.
Definition: sql_authorization.cc:2449
bool do_auto_cert_generation(ssl_artifacts_status auto_detection_status, const char **ssl_ca, const char **ssl_key, const char **ssl_cert)
Check auto_generate_certs option and generate SSL certificates if required.
Definition: sql_authentication.cc:5718
const char * any_db
Definition: sql_authorization.cc:524
bool check_lock_view_underlying_table_access(THD *thd, Table_ref *tbl, bool *fake_lock_tables_acl)
For LOCK TABLES on a view checks if user in which context view is executed or user that has initiated...
Definition: sql_authorization.cc:6003
void set_connection_admin_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the connection_admin flag in the THD.
Definition: auth_common.cc:189
bool mysql_rename_user(THD *thd, List< LEX_USER > &list)
Definition: sql_user.cc:3207
bool grant_init(bool skip_grant_tables)
Initialize structures responsible for table/column-level privilege checking and load information for ...
Definition: sql_auth_cache.cc:2353
uint32 global_password_reuse_interval
Definition: auth_common.h:921
void commit_and_close_mysql_tables(THD *thd)
A helper function to commit statement transaction and close ACL tables after reading some data from t...
Definition: sql_user_table.cc:509
bool check_column_grant_in_table_ref(THD *thd, Table_ref *table_ref, const char *name, size_t length, Access_bitmask want_privilege)
Check the privileges for a column depending on the type of table.
Definition: sql_authorization.cc:4044
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:81
void set_system_user_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the system_user flag in the THD.
Definition: auth_common.cc:166
bool acl_getroot(THD *thd, Security_context *sctx, const char *user, const char *host, const char *ip, const char *db)
Definition: sql_auth_cache.cc:1506
Access_bitmask get_table_grant(THD *thd, Table_ref *table)
Definition: sql_authorization.cc:4435
ulong get_global_acl_cache_size()
Definition: sql_auth_cache.cc:110
bool create_table_precheck(THD *thd, Table_ref *tables, Table_ref *create_table)
CREATE TABLE query pre-check.
Definition: sql_authorization.cc:1746
bool mysql_set_active_role_none(THD *thd)
Reset active roles.
Definition: sql_authorization.cc:6718
Access_bitmask acl_get(THD *thd, const char *host, const char *ip, const char *user, const char *db, bool db_is_pattern)
Get privilege for a host, user, and db combination.
Definition: sql_auth_cache.cc:1351
bool check_readonly(THD *thd, bool err_if_readonly)
Performs standardized check whether to prohibit (true) or allow (false) operations based on read_only...
Definition: sql_authorization.cc:1848
bool acl_init(bool dont_read_acl_tables)
Definition: sql_auth_cache.cc:1750
bool acl_can_access_user(THD *thd, LEX_USER *user)
Auxiliary function for the CAN_ACCESS_USER internal function used to check if a row from mysql....
Definition: sql_user.cc:209
bool mysql_routine_grant(THD *thd, Table_ref *table, bool is_proc, List< LEX_USER > &user_list, Access_bitmask rights, bool revoke, bool write_to_binlog, bool all_current_privileges)
Store routine level grants in the privilege tables.
Definition: sql_authorization.cc:2925
bool check_routine_access(THD *thd, Access_bitmask want_access, const char *db, char *name, bool is_proc, bool no_errors)
Definition: sql_authorization.cc:1979
bool change_password(THD *thd, LEX_USER *user, const char *password, const char *current_password, bool retain_current_password)
Change a password hash for a user.
Definition: sql_user.cc:2038
std::list< random_password_info > Userhostpassword_list
Definition: auth_common.h:1128
const ACL_internal_schema_access * get_cached_schema_access(GRANT_INTERNAL_INFO *grant_internal_info, const char *schema_name)
Get a cached internal schema access.
Definition: sql_authorization.cc:1652
bool send_password_result_set(THD *thd, const Userhostpassword_list &generated_passwords)
Sends the result set of generated passwords to the client.
Definition: sql_user.cc:979
bool operator<(const Auth_id_ref &a, const Auth_id_ref &b)
Definition: sql_authorization.cc:7487
std::string create_authid_str_from(const LEX_USER *user)
Helper used for producing a key to a key-value-map.
Definition: sql_authorization.cc:6646
bool check_grant_all_columns(THD *thd, Access_bitmask want_access, Field_iterator_table_ref *fields)
check if a query can access a set of columns
Definition: sql_authorization.cc:4122
bool mysql_set_active_role_all(THD *thd, const List< LEX_USER > *except_users)
Activates all granted role in the current security context.
Definition: sql_authorization.cc:6762
bool mysql_revoke_all(THD *thd, List< LEX_USER > &list)
Definition: sql_authorization.cc:5143
ACL_internal_access_result
Definition: auth_common.h:85
@ ACL_INTERNAL_ACCESS_GRANTED
Access granted for all the requested privileges, do not use the grant tables.
Definition: auth_common.h:92
@ ACL_INTERNAL_ACCESS_CHECK_GRANT
No decision yet, use the grant tables.
Definition: auth_common.h:96
@ ACL_INTERNAL_ACCESS_DENIED
Access denied, do not use the grant tables.
Definition: auth_common.h:94
bool turn_off_sandbox_mode(THD *thd, LEX_USER *user)
Helper method to turn off sandbox mode once registration step is complete.
Definition: sql_user.cc:1023
mysql_password_history_table_field
Definition: auth_common.h:354
@ MYSQL_PASSWORD_HISTORY_FIELD_COUNT
Definition: auth_common.h:359
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD_TIMESTAMP
Definition: auth_common.h:357
@ MYSQL_PASSWORD_HISTORY_FIELD_HOST
Definition: auth_common.h:355
@ MYSQL_PASSWORD_HISTORY_FIELD_USER
Definition: auth_common.h:356
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD
Definition: auth_common.h:358
bool mysql_create_user(THD *thd, List< LEX_USER > &list, bool if_not_exists, bool is_role)
Definition: sql_user.cc:2769
bool check_table_access(THD *thd, Access_bitmask requirements, Table_ref *tables, bool any_combination_of_privileges_will_do, uint number, bool no_errors)
Check if the requested privileges exists in either User-, DB- or, tables- tables.
Definition: sql_authorization.cc:2344
void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, const char *db, const char *table)
Definition: sql_authorization.cc:5491
bool operator==(const LEX_CSTRING &a, const LEX_CSTRING &b)
Definition: sql_authorization.cc:7504
void get_default_roles(const Auth_id_ref &user, List_of_auth_id_refs &list)
Shallow copy a list of default role authorization IDs from an Role_id storage.
Definition: sql_authorization.cc:6306
int fill_schema_column_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5826
bool check_table_encryption_admin_access(THD *thd)
Check if a current user has the privilege TABLE_ENCRYPTION_ADMIN required to create encrypted table.
Definition: sql_authorization.cc:2415
bool is_role_id(LEX_USER *authid)
Definition: sql_authorization.cc:806
bool is_granted_role(LEX_CSTRING user, LEX_CSTRING host, LEX_CSTRING role, LEX_CSTRING role_host)
This function works just like check_if_granted_role, but also guarantees that the proper lock is take...
Definition: sql_authorization.cc:6795
mysql_default_roles_table_field
Definition: auth_common.h:346
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_USER
Definition: auth_common.h:350
@ MYSQL_DEFAULT_ROLES_FIELD_COUNT
Definition: auth_common.h:351
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_HOST
Definition: auth_common.h:349
@ MYSQL_DEFAULT_ROLES_FIELD_HOST
Definition: auth_common.h:347
@ MYSQL_DEFAULT_ROLES_FIELD_USER
Definition: auth_common.h:348
void append_identifier(String *packet, const char *name, size_t length)
Convert and quote the given identifier if needed and append it to the target string.
Definition: sql_show.cc:1462
bool is_acl_user(THD *thd, const char *host, const char *user)
Definition: sql_auth_cache.cc:1219
void update_mandatory_roles(void)
Definition: sql_authorization.cc:7338
bool has_full_view_routine_access(THD *thd, const char *db, const char *definer_user, const char *definer_host)
Check if user has full access to view routine's properties (i.e including stored routine code).
Definition: sql_authorization.cc:2061
void notify_flush_event(THD *thd)
Audit notification for flush.
Definition: sql_auth_cache.cc:1692
bool is_secure_transport(int vio_type)
Definition: sql_authentication.cc:4395
bool disconnect_on_expired_password
Definition: sql_authentication.cc:1279
bool wildcard_db_grant_exists()
mysql_tables_priv_table_field
Definition: auth_common.h:325
@ MYSQL_TABLES_PRIV_FIELD_HOST
Definition: auth_common.h:326
@ MYSQL_TABLES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:330
@ MYSQL_TABLES_PRIV_FIELD_COUNT
Definition: auth_common.h:334
@ MYSQL_TABLES_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:333
@ MYSQL_TABLES_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:329
@ MYSQL_TABLES_PRIV_FIELD_TABLE_PRIV
Definition: auth_common.h:332
@ MYSQL_TABLES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:331
@ MYSQL_TABLES_PRIV_FIELD_USER
Definition: auth_common.h:328
@ MYSQL_TABLES_PRIV_FIELD_DB
Definition: auth_common.h:327
void shutdown_acl_cache()
Shutdown the global Acl_cache system which was only initialized if the rwlocks were initialized.
Definition: sql_auth_cache.cc:3456
void log_user(THD *thd, String *str, LEX_USER *user, bool comma)
Auxiliary function for constructing a user list string.
Definition: sql_user.cc:125
bool check_grant_routine(THD *thd, Access_bitmask want_access, Table_ref *procs, bool is_proc, bool no_error)
Definition: sql_authorization.cc:4333
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name, bool is_proc)
Revoke privileges for all users on a stored procedure.
Definition: sql_authorization.cc:5312
mysql_proxies_priv_table_feild
Definition: auth_common.h:291
@ MYSQL_PROXIES_PRIV_FIELD_HOST
Definition: auth_common.h:292
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_USER
Definition: auth_common.h:295
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_HOST
Definition: auth_common.h:294
@ MYSQL_PROXIES_PRIV_FIELD_COUNT
Definition: auth_common.h:299
@ MYSQL_PROXIES_PRIV_FIELD_WITH_GRANT
Definition: auth_common.h:296
@ MYSQL_PROXIES_PRIV_FIELD_USER
Definition: auth_common.h:293
@ MYSQL_PROXIES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:297
@ MYSQL_PROXIES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:298
void err_readonly(THD *thd)
Generates appropriate error messages for read-only state depending on whether user has SUPER privileg...
Definition: sql_authorization.cc:1884
void grant_free(void)
Definition: sql_auth_cache.cc:2333
bool check_some_access(THD *thd, Access_bitmask want_access, Table_ref *table)
Check if the given table has any of the asked privileges.
Definition: sql_authorization.cc:2031
bool check_grant_db(THD *thd, const char *db, const bool check_table_grant=false)
Check if a user has the right to access a database.
Definition: sql_authorization.cc:4271
bool check_single_table_access(THD *thd, Access_bitmask privilege, Table_ref *tables, bool no_errors)
Check grants for commands which work only with one table.
Definition: sql_authorization.cc:1945
void generate_random_password(std::string *password, uint32_t)
Generates a random password of the length decided by the system variable generated_random_password_le...
Definition: sql_user.cc:959
bool decrypt_RSA_private_key(uchar *pkt, int cipher_length, unsigned char *plain_text, size_t plain_text_len, RSA *private_key)
Decrypt pkt data using RSA private key.
Definition: auth_common.cc:229
bool is_acl_inited()
Definition: sql_auth_cache.cc:3896
std::pair< std::string, std::string > get_authid_from_quoted_string(std::string str)
Return the unquoted authorization id as a user,host-tuple.
Definition: sql_authorization.cc:4604
ssl_artifacts_status
Definition: auth_common.h:899
@ SSL_ARTIFACTS_VIA_OPTIONS
Definition: auth_common.h:901
@ SSL_ARTIFACTS_AUTO_DETECTED
Definition: auth_common.h:903
@ SSL_ARTIFACT_TRACES_FOUND
Definition: auth_common.h:902
@ SSL_ARTIFACTS_NOT_FOUND
Definition: auth_common.h:900
Access_bitmask get_column_grant(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *field_name)
Definition: sql_authorization.cc:4472
bool mysql_drop_user(THD *thd, List< LEX_USER > &list, bool if_exists, bool drop_role)
Drop a list of users and all their privileges.
Definition: sql_user.cc:3055
bool is_partial_revoke_exists(THD *thd)
Method to check if there exists at least one partial revokes in the cache.
Definition: sql_auth_cache.cc:3880
bool mysql_set_active_role(THD *thd, const List< LEX_USER > *role_list)
Definition: sql_authorization.cc:6772
bool mysql_alter_user(THD *thd, List< LEX_USER > &list, bool if_exists)
Definition: sql_user.cc:3402
int fill_schema_user_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5623
bool mysql_grant(THD *thd, const char *db, List< LEX_USER > &list, Access_bitmask rights, bool revoke_grant, bool is_proxy, const List< LEX_CSTRING > &dynamic_privilege, bool grant_all_current_privileges, LEX_GRANT_AS *grant_as)
Definition: sql_authorization.cc:3443
mysql_user_table_field
Definition: auth_common.h:236
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV
Definition: auth_common.h:267
@ MYSQL_USER_FIELD_SUPER_PRIV
Definition: auth_common.h:254
@ MYSQL_USER_FIELD_DROP_PRIV
Definition: auth_common.h:244
@ MYSQL_USER_FIELD_ACCOUNT_LOCKED
Definition: auth_common.h:281
@ MYSQL_USER_FIELD_SSL_TYPE
Definition: auth_common.h:268
@ MYSQL_USER_FIELD_SSL_CIPHER
Definition: auth_common.h:269
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV
Definition: auth_common.h:259
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS
Definition: auth_common.h:275
@ MYSQL_USER_FIELD_COUNT
Definition: auth_common.h:288
@ MYSQL_USER_FIELD_PROCESS_PRIV
Definition: auth_common.h:247
@ MYSQL_USER_FIELD_SELECT_PRIV
Definition: auth_common.h:239
@ MYSQL_USER_FIELD_USER
Definition: auth_common.h:238
@ MYSQL_USER_FIELD_MAX_CONNECTIONS
Definition: auth_common.h:274
@ MYSQL_USER_FIELD_REFERENCES_PRIV
Definition: auth_common.h:250
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED
Definition: auth_common.h:278
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:262
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:263
@ MYSQL_USER_FIELD_PLUGIN
Definition: auth_common.h:276
@ MYSQL_USER_FIELD_MAX_UPDATES
Definition: auth_common.h:273
@ MYSQL_USER_FIELD_EVENT_PRIV
Definition: auth_common.h:265
@ MYSQL_USER_FIELD_RELOAD_PRIV
Definition: auth_common.h:245
@ MYSQL_USER_FIELD_UPDATE_PRIV
Definition: auth_common.h:241
@ MYSQL_USER_FIELD_TRIGGER_PRIV
Definition: auth_common.h:266
@ MYSQL_USER_FIELD_X509_ISSUER
Definition: auth_common.h:270
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:256
@ MYSQL_USER_FIELD_CREATE_ROLE_PRIV
Definition: auth_common.h:282
@ MYSQL_USER_FIELD_PASSWORD_LAST_CHANGED
Definition: auth_common.h:279
@ MYSQL_USER_FIELD_INSERT_PRIV
Definition: auth_common.h:240
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV
Definition: auth_common.h:258
@ MYSQL_USER_FIELD_FILE_PRIV
Definition: auth_common.h:248
@ MYSQL_USER_FIELD_DROP_ROLE_PRIV
Definition: auth_common.h:283
@ MYSQL_USER_FIELD_INDEX_PRIV
Definition: auth_common.h:251
@ MYSQL_USER_FIELD_HOST
Definition: auth_common.h:237
@ MYSQL_USER_FIELD_PASSWORD_LIFETIME
Definition: auth_common.h:280
@ MYSQL_USER_FIELD_X509_SUBJECT
Definition: auth_common.h:271
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING
Definition: auth_common.h:277
@ MYSQL_USER_FIELD_SHOW_DB_PRIV
Definition: auth_common.h:253
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:261
@ MYSQL_USER_FIELD_CREATE_USER_PRIV
Definition: auth_common.h:264
@ MYSQL_USER_FIELD_EXECUTE_PRIV
Definition: auth_common.h:257
@ MYSQL_USER_FIELD_MAX_QUESTIONS
Definition: auth_common.h:272
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:260
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV
Definition: auth_common.h:246
@ MYSQL_USER_FIELD_CREATE_PRIV
Definition: auth_common.h:243
@ MYSQL_USER_FIELD_ALTER_PRIV
Definition: auth_common.h:252
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:255
@ MYSQL_USER_FIELD_GRANT_PRIV
Definition: auth_common.h:249
@ MYSQL_USER_FIELD_PASSWORD_REQUIRE_CURRENT
Definition: auth_common.h:286
@ MYSQL_USER_FIELD_PASSWORD_REUSE_TIME
Definition: auth_common.h:285
@ MYSQL_USER_FIELD_USER_ATTRIBUTES
Definition: auth_common.h:287
@ MYSQL_USER_FIELD_DELETE_PRIV
Definition: auth_common.h:242
@ MYSQL_USER_FIELD_PASSWORD_REUSE_HISTORY
Definition: auth_common.h:284
bool hostname_requires_resolving(const char *hostname)
Check if the given host name needs to be resolved or not.
Definition: sql_auth_cache.cc:878
bool has_grant_role_privilege(THD *thd, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:2521
bool mysql_set_role_default(THD *thd)
Activates all the default roles in the current security context.
Definition: sql_authorization.cc:6739
bool check_authorization_id_string(THD *thd, LEX_STRING &mandatory_roles)
Definition: sql_authorization.cc:7250
bool check_engine_type_for_acl_table(THD *thd, bool mdl_locked)
Definition: sql_auth_cache.cc:2013
bool check_access(THD *thd, Access_bitmask want_access, const char *db, Access_bitmask *save_priv, GRANT_INTERNAL_INFO *grant_internal_info, bool dont_check_global_grants, bool no_errors)
Compare requested privileges with the privileges acquired from the User- and Db-tables.
Definition: sql_authorization.cc:2141
bool has_partial_view_routine_access(THD *thd, const char *db, const char *routine_name, bool is_proc)
Check if user has partial access to view routine's properties (i.e.
Definition: sql_authorization.cc:2089
bool check_one_table_access(THD *thd, Access_bitmask privilege, Table_ref *tables)
Check grants for commands which work only with one table and all other tables belonging to subselects...
Definition: sql_authorization.cc:1905
bool check_grant_column(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *name, size_t length, Security_context *sctx, Access_bitmask want_privilege)
Definition: sql_authorization.cc:3964
static constexpr int USER_HOST_BUFF_SIZE
Length of string buffer, that is enough to contain username and hostname parts of the user identifier...
Definition: auth_common.h:1117
bool opt_auto_generate_certs
Definition: sql_authentication.cc:1295
bool drop_role(THD *thd, TABLE *edge_table, TABLE *defaults_table, const Auth_id_ref &authid_user)
Definition: sql_authorization.cc:634
Definition: sql_auth_cache.h:246
Per internal schema ACL access rules.
Definition: auth_common.h:145
virtual const ACL_internal_table_access * lookup(const char *name) const =0
Search for per table ACL access rules by table name.
virtual ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const =0
Check access to an internal schema.
virtual ~ACL_internal_schema_access()=default
ACL_internal_schema_access()=default
A registry for per internal schema ACL.
Definition: auth_common.h:183
static const ACL_internal_schema_access * lookup(const char *name)
Search per internal schema ACL by name.
Definition: sql_auth_cache.cc:213
static void register_schema(const LEX_CSTRING &name, const ACL_internal_schema_access *access)
Add an internal schema to the registry.
Definition: sql_auth_cache.cc:198
Per internal table ACL access rules.
Definition: auth_common.h:107
virtual ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const =0
Check access to an internal table.
virtual ~ACL_internal_table_access()=default
ACL_internal_table_access()=default
Data describing the table being created by CREATE TABLE or altered by ALTER TABLE.
Definition: sql_alter.h:205
Storage container for default auth ids.
Definition: auth_common.h:1070
const std::string & host() const
Definition: auth_common.cc:125
std::string m_user
User part.
Definition: auth_common.h:1093
Auth_id & operator=(const Auth_id &)=default
void create_key()
Definition: auth_common.cc:57
const std::string & user() const
Definition: auth_common.cc:124
bool operator<(const Auth_id &id) const
Definition: auth_common.cc:101
std::string auth_str() const
Definition: auth_common.cc:116
std::string m_key
Key: Internal representation mainly to facilitate use of Auth_id class in standard container.
Definition: auth_common.h:1101
std::string m_host
Host part.
Definition: auth_common.h:1095
Definition: auth_common.h:936
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:938
Definition: auth_common.h:1007
const THD * m_thd
Definition: auth_common.h:1014
bool create(Security_context *sctx)
Create a local authid without modifying any tables.
Definition: sql_authorization.cc:7364
Default_local_authid(const THD *thd)
Definition: sql_authorization.cc:7344
bool precheck(Security_context *sctx)
Check if the security context can be created as a local authid.
Definition: sql_authorization.cc:7353
Definition: auth_common.h:1034
Drop_temporary_dynamic_privileges(std::vector< std::string > privs)
Definition: auth_common.h:1036
void operator()(Security_context *sctx)
Definition: sql_authorization.cc:7390
std::vector< std::string > m_privs
Definition: auth_common.h:1041
Generic iterator over the fields of an arbitrary table reference.
Definition: table.h:4143
Definition: auth_common.h:948
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:950
Grant the privilege temporarily to the in-memory global privileges map.
Definition: auth_common.h:1022
const std::vector< std::string > m_privs
Definition: auth_common.h:1031
Grant_temporary_dynamic_privileges(const THD *thd, std::vector< std::string > privs)
Definition: sql_authorization.cc:7368
bool grant_privileges(Security_context *sctx)
Grant dynamic privileges to an in-memory global authid.
Definition: sql_authorization.cc:7384
const THD * m_thd
Definition: auth_common.h:1030
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7372
Definition: auth_common.h:1045
bool grant_privileges(Security_context *sctx)
Definition: sql_authorization.cc:7404
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7399
Grant_temporary_static_privileges(const THD *thd, const Access_bitmask privs)
Definition: sql_authorization.cc:7395
const THD * m_thd
THD handle.
Definition: auth_common.h:1053
const Access_bitmask m_privs
Privileges.
Definition: auth_common.h:1056
Extension of ACL_internal_schema_access for Information Schema.
Definition: auth_common.h:193
~IS_internal_schema_access() override=default
IS_internal_schema_access()=default
const ACL_internal_table_access * lookup(const char *name) const override
Search for per table ACL access rules by table name.
Definition: sql_authorization.cc:1702
ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const override
Check access to an internal schema.
Definition: sql_authorization.cc:1685
Base class that is used to represent any kind of expression in a relational query.
Definition: item.h:936
Definition: sql_lex.h:3727
Definition: sql_lex.h:3739
Definition: sql_list.h:467
Factory for creating any Security_context given a pre-constructed policy.
Definition: auth_common.h:965
Security_context_functor m_static_privileges
Definition: auth_common.h:1003
Security_context_functor m_privileges
Definition: auth_common.h:1002
Security_context_factory(THD *thd, std::string user, std::string host, Security_context_functor extend_user_profile, Security_context_functor priv, Security_context_functor static_priv, std::function< void(Security_context *)> drop_policy)
Default Security_context factory implementation.
Definition: auth_common.h:980
std::string m_user
Definition: auth_common.h:999
Sctx_ptr< Security_context > create()
Definition: sql_authorization.cc:7440
std::string m_host
Definition: auth_common.h:1000
bool apply_pre_constructed_policies(Security_context *sctx)
Definition: sql_authorization.cc:7410
Security_context_functor m_user_profile
Definition: auth_common.h:1001
THD * m_thd
Definition: auth_common.h:998
const std::function< void(Security_context *)> m_drop_policy
Definition: auth_common.h:1004
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:54
Using this class is fraught with peril, and you need to be very careful when doing so.
Definition: sql_string.h:167
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:36
Definition: auth_common.h:439
uint repl_client_priv_idx() override
Definition: auth_common.h:480
uint max_user_connections_idx() override
Definition: auth_common.h:510
uint plugin_idx() override
Definition: auth_common.h:513
uint create_tablespace_priv_idx() override
Definition: auth_common.h:498
uint account_locked_idx() override
Definition: auth_common.h:526
uint create_priv_idx() override
Definition: auth_common.h:452
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:470
uint password_idx() override
Definition: auth_common.h:444
uint trigger_priv_idx() override
Definition: auth_common.h:497
uint max_questions_idx() override
Definition: auth_common.h:505
uint create_view_priv_idx() override
Definition: auth_common.h:483
uint index_priv_idx() override
Definition: auth_common.h:462
uint insert_priv_idx() override
Definition: auth_common.h:449
uint user_idx() override
Definition: auth_common.h:442
uint alter_routine_priv_idx() override
Definition: auth_common.h:490
uint create_user_priv_idx() override
Definition: auth_common.h:493
uint password_reuse_time_idx() override
Definition: auth_common.h:530
uint password_expired_idx() override
Definition: auth_common.h:517
uint password_require_current_idx() override
Definition: auth_common.h:533
uint shutdown_priv_idx() override
Definition: auth_common.h:455
uint drop_priv_idx() override
Definition: auth_common.h:453
uint host_idx() override
Definition: auth_common.h:441
uint file_priv_idx() override
Definition: auth_common.h:457
uint authentication_string_idx() override
Definition: auth_common.h:514
uint drop_role_priv_idx() override
Definition: auth_common.h:469
uint repl_slave_priv_idx() override
Definition: auth_common.h:477
uint x509_subject_idx() override
Definition: auth_common.h:504
uint references_priv_idx() override
Definition: auth_common.h:459
uint password_lifetime_idx() override
Definition: auth_common.h:523
uint event_priv_idx() override
Definition: auth_common.h:496
uint process_priv_idx() override
Definition: auth_common.h:456
uint max_connections_idx() override
Definition: auth_common.h:507
uint password_reuse_history_idx() override
Definition: auth_common.h:527
uint create_routine_priv_idx() override
Definition: auth_common.h:487
uint ssl_cipher_idx() override
Definition: auth_common.h:502
uint super_priv_idx() override
Definition: auth_common.h:465
uint update_priv_idx() override
Definition: auth_common.h:450
uint reload_priv_idx() override
Definition: auth_common.h:454
uint create_role_priv_idx() override
Definition: auth_common.h:466
uint password_last_changed_idx() override
Definition: auth_common.h:520
uint lock_tables_priv_idx() override
Definition: auth_common.h:473
uint show_db_priv_idx() override
Definition: auth_common.h:464
uint user_attributes_idx() override
Definition: auth_common.h:536
uint x509_issuer_idx() override
Definition: auth_common.h:503
uint grant_priv_idx() override
Definition: auth_common.h:458
uint ssl_type_idx() override
Definition: auth_common.h:501
uint alter_priv_idx() override
Definition: auth_common.h:463
uint max_updates_idx() override
Definition: auth_common.h:506
uint execute_priv_idx() override
Definition: auth_common.h:476
uint select_priv_idx() override
Definition: auth_common.h:448
uint show_view_priv_idx() override
Definition: auth_common.h:486
uint delete_priv_idx() override
Definition: auth_common.h:451
Definition: auth_common.h:544
uint file_priv_idx() override
Definition: auth_common.h:607
uint user_idx() override
Definition: auth_common.h:594
uint insert_priv_idx() override
Definition: auth_common.h:597
uint shutdown_priv_idx() override
Definition: auth_common.h:603
uint account_locked_idx() override
Definition: auth_common.h:676
uint x509_issuer_idx() override
Definition: auth_common.h:651
uint password_reuse_time_idx() override
Definition: auth_common.h:682
uint host_idx() override
Definition: auth_common.h:593
uint x509_subject_idx() override
Definition: auth_common.h:652
uint index_priv_idx() override
Definition: auth_common.h:612
mysql_user_table_field_56
Definition: auth_common.h:546
@ MYSQL_USER_FIELD_SUPER_PRIV_56
Definition: auth_common.h:565
@ MYSQL_USER_FIELD_SELECT_PRIV_56
Definition: auth_common.h:550
@ MYSQL_USER_FIELD_REFERENCES_PRIV_56
Definition: auth_common.h:561
@ MYSQL_USER_FIELD_SHOW_DB_PRIV_56
Definition: auth_common.h:564
@ MYSQL_USER_FIELD_UPDATE_PRIV_56
Definition: auth_common.h:552
@ MYSQL_USER_FIELD_DROP_PRIV_56
Definition: auth_common.h:555
@ MYSQL_USER_FIELD_PLUGIN_56
Definition: auth_common.h:587
@ MYSQL_USER_FIELD_FILE_PRIV_56
Definition: auth_common.h:559
@ MYSQL_USER_FIELD_X509_SUBJECT_56
Definition: auth_common.h:582
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV_56
Definition: auth_common.h:570
@ MYSQL_USER_FIELD_PASSWORD_56
Definition: auth_common.h:549
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS_56
Definition: auth_common.h:586
@ MYSQL_USER_FIELD_X509_ISSUER_56
Definition: auth_common.h:581
@ MYSQL_USER_FIELD_PROCESS_PRIV_56
Definition: auth_common.h:558
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV_56
Definition: auth_common.h:574
@ MYSQL_USER_FIELD_COUNT_56
Definition: auth_common.h:590
@ MYSQL_USER_FIELD_EVENT_PRIV_56
Definition: auth_common.h:576
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV_56
Definition: auth_common.h:557
@ MYSQL_USER_FIELD_SSL_TYPE_56
Definition: auth_common.h:579
@ MYSQL_USER_FIELD_SSL_CIPHER_56
Definition: auth_common.h:580
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV_56
Definition: auth_common.h:571
@ MYSQL_USER_FIELD_DELETE_PRIV_56
Definition: auth_common.h:553
@ MYSQL_USER_FIELD_MAX_CONNECTIONS_56
Definition: auth_common.h:585
@ MYSQL_USER_FIELD_CREATE_USER_PRIV_56
Definition: auth_common.h:575
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV_56
Definition: auth_common.h:573
@ MYSQL_USER_FIELD_CREATE_PRIV_56
Definition: auth_common.h:554
@ MYSQL_USER_FIELD_EXECUTE_PRIV_56
Definition: auth_common.h:568
@ MYSQL_USER_FIELD_MAX_QUESTIONS_56
Definition: auth_common.h:583
@ MYSQL_USER_FIELD_HOST_56
Definition: auth_common.h:547
@ MYSQL_USER_FIELD_GRANT_PRIV_56
Definition: auth_common.h:560
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING_56
Definition: auth_common.h:588
@ MYSQL_USER_FIELD_RELOAD_PRIV_56
Definition: auth_common.h:556
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV_56
Definition: auth_common.h:572
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV_56
Definition: auth_common.h:567
@ MYSQL_USER_FIELD_TRIGGER_PRIV_56
Definition: auth_common.h:577
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED_56
Definition: auth_common.h:589
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV_56
Definition: auth_common.h:566
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV_56
Definition: auth_common.h:578
@ MYSQL_USER_FIELD_USER_56
Definition: auth_common.h:548
@ MYSQL_USER_FIELD_INSERT_PRIV_56
Definition: auth_common.h:551
@ MYSQL_USER_FIELD_INDEX_PRIV_56
Definition: auth_common.h:562
@ MYSQL_USER_FIELD_ALTER_PRIV_56
Definition: auth_common.h:563
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV_56
Definition: auth_common.h:569
@ MYSQL_USER_FIELD_MAX_UPDATES_56
Definition: auth_common.h:584
uint drop_role_priv_idx() override
Definition: auth_common.h:678
uint user_attributes_idx() override
Definition: auth_common.h:686
uint lock_tables_priv_idx() override
Definition: auth_common.h:619
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:616
uint password_lifetime_idx() override
Definition: auth_common.h:675
uint process_priv_idx() override
Definition: auth_common.h:606
uint create_view_priv_idx() override
Definition: auth_common.h:629
uint plugin_idx() override
Definition: auth_common.h:663
uint max_user_connections_idx() override
Definition: auth_common.h:660
uint select_priv_idx() override
Definition: auth_common.h:596
uint references_priv_idx() override
Definition: auth_common.h:609
uint grant_priv_idx() override
Definition: auth_common.h:608
uint repl_slave_priv_idx() override
Definition: auth_common.h:623
uint max_updates_idx() override
Definition: auth_common.h:656
uint delete_priv_idx() override
Definition: auth_common.h:599
uint create_user_priv_idx() override
Definition: auth_common.h:641
uint repl_client_priv_idx() override
Definition: auth_common.h:626
uint show_view_priv_idx() override
Definition: auth_common.h:632
uint password_reuse_history_idx() override
Definition: auth_common.h:679
uint update_priv_idx() override
Definition: auth_common.h:598
uint create_priv_idx() override
Definition: auth_common.h:600
uint max_questions_idx() override
Definition: auth_common.h:653
uint drop_priv_idx() override
Definition: auth_common.h:601
uint alter_priv_idx() override
Definition: auth_common.h:613
uint execute_priv_idx() override
Definition: auth_common.h:622
uint password_idx() override
Definition: auth_common.h:595
uint password_expired_idx() override
Definition: auth_common.h:667
uint password_last_changed_idx() override
Definition: auth_common.h:672
uint authentication_string_idx() override
Definition: auth_common.h:664
uint show_db_priv_idx() override
Definition: auth_common.h:614
uint create_tablespace_priv_idx() override
Definition: auth_common.h:646
uint password_require_current_idx() override
Definition: auth_common.h:683
uint ssl_type_idx() override
Definition: auth_common.h:649
uint max_connections_idx() override
Definition: auth_common.h:657
uint reload_priv_idx() override
Definition: auth_common.h:602
uint create_role_priv_idx() override
Definition: auth_common.h:677
uint alter_routine_priv_idx() override
Definition: auth_common.h:638
uint create_routine_priv_idx() override
Definition: auth_common.h:635
uint super_priv_idx() override
Definition: auth_common.h:615
uint ssl_cipher_idx() override
Definition: auth_common.h:650
uint trigger_priv_idx() override
Definition: auth_common.h:645
uint event_priv_idx() override
Definition: auth_common.h:644
Definition: auth_common.h:689
virtual ~User_table_schema_factory()=default
virtual User_table_schema * get_user_table_schema(TABLE *table)
Definition: auth_common.h:691
virtual bool is_old_user_table_schema(TABLE *table)
Definition: auth_common.cc:48
Definition: auth_common.h:376
virtual uint user_attributes_idx()=0
virtual uint event_priv_idx()=0
virtual uint update_priv_idx()=0
virtual uint max_connections_idx()=0
virtual uint user_idx()=0
virtual uint select_priv_idx()=0
virtual uint repl_client_priv_idx()=0
virtual uint x509_issuer_idx()=0
virtual uint references_priv_idx()=0
virtual uint alter_priv_idx()=0
virtual uint password_last_changed_idx()=0
virtual uint host_idx()=0
virtual uint trigger_priv_idx()=0
virtual uint show_view_priv_idx()=0
virtual uint process_priv_idx()=0
virtual uint create_tablespace_priv_idx()=0
virtual uint reload_priv_idx()=0
virtual uint drop_priv_idx()=0
virtual uint password_expired_idx()=0
virtual uint max_user_connections_idx()=0
virtual uint max_updates_idx()=0
virtual uint password_reuse_time_idx()=0
virtual uint create_view_priv_idx()=0
virtual uint create_tmp_table_priv_idx()=0
virtual uint ssl_type_idx()=0
virtual uint password_lifetime_idx()=0
virtual uint show_db_priv_idx()=0
virtual uint password_reuse_history_idx()=0
virtual uint create_role_priv_idx()=0
virtual uint create_priv_idx()=0
virtual uint account_locked_idx()=0
virtual uint x509_subject_idx()=0
virtual uint alter_routine_priv_idx()=0
virtual uint super_priv_idx()=0
virtual uint password_require_current_idx()=0
virtual uint repl_slave_priv_idx()=0
virtual uint shutdown_priv_idx()=0
virtual uint lock_tables_priv_idx()=0
virtual uint authentication_string_idx()=0
virtual uint drop_role_priv_idx()=0
virtual uint ssl_cipher_idx()=0
virtual uint create_user_priv_idx()=0
virtual uint password_idx()=0
virtual uint grant_priv_idx()=0
virtual uint plugin_idx()=0
virtual uint index_priv_idx()=0
virtual uint max_questions_idx()=0
virtual uint create_routine_priv_idx()=0
virtual uint execute_priv_idx()=0
virtual uint delete_priv_idx()=0
virtual uint file_priv_idx()=0
virtual uint insert_priv_idx()=0
virtual ~User_table_schema()=default
Definition: sp_head.h:123
enum_server_command
A list of all MySQL protocol commands.
Definition: my_command.h:48
Common definition used by mysys, performance schema and server & client.
static constexpr int HOSTNAME_LENGTH
Definition: my_hostname.h:43
Some integer typedefs for easier portability.
unsigned char uchar
Definition: my_inttypes.h:52
uint32_t uint32
Definition: my_inttypes.h:67
Common definition between mysql server & client.
#define USERNAME_LENGTH
Definition: mysql_com.h:69
static char * password
Definition: mysql_secure_installation.cc:58
char * user
Definition: mysqladmin.cc:66
const char * host
Definition: mysqladmin.cc:65
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1081
static PFS_engine_table_share_proxy table
Definition: pfs.cc:61
Definition: acl_table_user.cc:80
const std::string system_user
const std::string connection_admin
Definition: commit_order_queue.h:34
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:76
static mysql_service_status_t create(const char *service_names[], reference_caching_channel *out_channel) noexcept
Definition: component.cc:45
const char * table_name
Definition: rules_table_service.cc:56
Cursor end()
A past-the-end Cursor.
Definition: rules_table_service.cc:192
const char * db_name
Definition: rules_table_service.cc:55
Definition: gcs_xcom_synode.h:64
std::conditional_t< !std::is_array< T >::value, std::unique_ptr< T, detail::Deleter< T > >, std::conditional_t< detail::is_unbounded_array_v< T >, std::unique_ptr< T, detail::Array_deleter< std::remove_extent_t< T > > >, void > > unique_ptr
The following is a common type that is returned by all the ut::make_unique (non-aligned) specializati...
Definition: ut0new.h:2438
std::list< T, ut::allocator< T > > list
Specialization of list which uses ut_allocator.
Definition: ut0new.h:2878
role_enum
Definition: sql_admin.h:255
struct rsa_st RSA
Definition: sql_authentication.h:103
Consumer_type
Target types where the rewritten query will be added.
Definition: sql_rewrite.h:38
case opt name
Definition: sslopt-case.h:29
Definition: m_ctype.h:423
The current state of the privilege checking process for the current user, SQL statement and SQL objec...
Definition: table.h:369
State information for internal tables grants.
Definition: table.h:346
Struct to hold information about the table that should be created.
Definition: handler.h:3202
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:83
Definition: mysql_lex_string.h:40
Definition: mysql_lex_string.h:35
Definition: auth_common.h:923
virtual bool operator()(Security_context *, Operation)=0
Security_context_policy(const Security_context_policy &)=default
Operation
Definition: auth_common.h:924
@ Precheck
Definition: auth_common.h:924
@ Execute
Definition: auth_common.h:924
Security_context_policy()=default
virtual ~Security_context_policy()=default
Definition: auth_common.h:1120
std::string host
Definition: auth_common.h:1122
std::string user
Definition: auth_common.h:1121
unsigned int authentication_factor
Definition: auth_common.h:1124
std::string password
Definition: auth_common.h:1123
Definition: sql_connect.h:70
command
Definition: version_token.cc:280
enum enum_vio_type vio_type(const MYSQL_VIO vio)