MySQL 8.4.2
Source Code Documentation
Grant_validator Class Reference

Class to handle sanity checks for GRANT ... AS ... statement. More...

Public Member Functions

 Grant_validator (THD *thd, const char *db, const List< LEX_USER > &user_list, Access_bitmask rights, bool revoke, const List< LEX_CSTRING > &dynamic_privilege, bool grant_all, LEX_GRANT_AS *grant_as, TABLE *dynamic_priv_table)
 
 ~Grant_validator ()
 
bool validate ()
 Umbrella method to perform validation. More...
 

Private Member Functions

bool mask_and_return_error ()
 Helper function to mask specific error with generic one. More...
 
bool validate_system_user_privileges ()
 Validate that if grantee has SYSTEM_USER privileges, current user has it too. More...
 
bool validate_dynamic_privileges ()
 Permission and sanity checks for dynamic privileges. More...
 
bool validate_and_process_grant_as ()
 Perform sanity checks for GRANT ... AS ... More...
 

Private Attributes

THDm_thd
 
const char * m_db
 
const List< LEX_USER > & m_user_list
 
Access_bitmask m_rights
 
bool m_revoke
 
const List< LEX_CSTRING > & m_dynamic_privilege
 
bool m_grant_all
 
LEX_GRANT_ASm_grant_as
 
TABLEm_dynamic_priv_table
 
bool m_restore
 
Security_contextm_backup
 
Security_context m_security_context
 

Detailed Description

Class to handle sanity checks for GRANT ... AS ... statement.

Constructor & Destructor Documentation

◆ Grant_validator()

Grant_validator::Grant_validator ( THD thd,
const char *  db,
const List< LEX_USER > &  user_list,
Access_bitmask  rights,
bool  revoke,
const List< LEX_CSTRING > &  dynamic_privilege,
bool  grant_all,
LEX_GRANT_AS grant_as,
TABLE dynamic_priv_table 
)
inlineexplicit

◆ ~Grant_validator()

Grant_validator::~Grant_validator ( )

Member Function Documentation

◆ mask_and_return_error()

bool Grant_validator::mask_and_return_error ( )
private

Helper function to mask specific error with generic one.

Returns
true always.

◆ validate()

bool Grant_validator::validate ( )

Umbrella method to perform validation.

A possible side effect of this method is that active security context of the session may have been changed. This is true if GRANT ... AS ... is used.

Returns
status of checks
Return values
falseSuccess
trueError found during validation

◆ validate_and_process_grant_as()

bool Grant_validator::validate_and_process_grant_as ( )
private

Perform sanity checks for GRANT ... AS ...

Returns
status of checks
Return values
falseSuccess. Security context may have been changed
trueFailure. Error has been raised.

◆ validate_dynamic_privileges()

bool Grant_validator::validate_dynamic_privileges ( )
private

Permission and sanity checks for dynamic privileges.

We check:

  1. Current user's ability to grant dynamic privilege
  2. SYSTEM_USER is not granted to mandatory roles
Returns
status of checks
Return values
falseSuccess
trueError validating dynamic privileges

◆ validate_system_user_privileges()

bool Grant_validator::validate_system_user_privileges ( )
private

Validate that if grantee has SYSTEM_USER privileges, current user has it too.

Returns
status of the check
Return values
falseSuccess
trueCurrent user lacks SYSTEM_USER privilege

Member Data Documentation

◆ m_backup

Security_context* Grant_validator::m_backup
private

◆ m_db

const char* Grant_validator::m_db
private

◆ m_dynamic_priv_table

TABLE* Grant_validator::m_dynamic_priv_table
private

◆ m_dynamic_privilege

const List<LEX_CSTRING>& Grant_validator::m_dynamic_privilege
private

◆ m_grant_all

bool Grant_validator::m_grant_all
private

◆ m_grant_as

LEX_GRANT_AS* Grant_validator::m_grant_as
private

◆ m_restore

bool Grant_validator::m_restore
private

◆ m_revoke

bool Grant_validator::m_revoke
private

◆ m_rights

Access_bitmask Grant_validator::m_rights
private

◆ m_security_context

Security_context Grant_validator::m_security_context
private

◆ m_thd

THD* Grant_validator::m_thd
private

◆ m_user_list

const List<LEX_USER>& Grant_validator::m_user_list
private

The documentation for this class was generated from the following file: