#include <sql_auth_cache.h>
◆ Acl_cache()
◆ ~Acl_cache()
| Acl_cache::~Acl_cache |
( |
| ) |
|
◆ checkout_acl_map()
Returns a pointer to an acl map to the caller and increase the reference count on the object, iff the object version is the same as the global graph version.
If no acl map exists which correspond to the current authorization id of the security context, a new acl map is calculated, inserted into the cache and returned to the user. A new object will also be created if the role graph version counter is different than the acl map object's version.
- Parameters
-
| sctx | The target Security_context |
| uid | The target authid |
| active_roles | A list of active roles |
- Returns
- A pointer to an Acl_map
- Return values
-
| !NULL | Success |
| NULL | A fatal OOM error happened. |
◆ clear_acl_cache()
| void Acl_cache::clear_acl_cache |
( |
| ) |
|
Removes all acl map objects when shutdown_acl_cache is called.
This method is called from the shutdown_acl_cache() to remove the remaining entries, if any present, from the Acl_cache irrespective of the reference count or the map version.
◆ create_acl_map()
Creates a new acl map for the authorization id of the security context.
- Parameters
-
| version | The version of the new map |
| sctx | The associated security context |
◆ flush_cache()
| void Acl_cache::flush_cache |
( |
| ) |
|
Removes all acl map objects with a references count of zero.
◆ increase_version()
| void Acl_cache::increase_version |
( |
| ) |
|
When ever the role graph is modified we must flatten the privileges again.
This is done by increasing the role graph version counter. Next time a security context is created for an authorization id (aid) a request is also sent to the acl_cache to checkout a flattened acl_map for this particular aid. If a previous acl_map exists the version of this map is compared to the role graph version. If they don't match a new acl_map is calculated and inserted into the cache.
We increase the m_role_graph_version twice here i.e., once before the flush_cache() and once after to indicate that flush has started and stopped. With this, the LF Hash will now contains the records with: a. version equal to the global version => current records b. version+1 equal to global version => almost old (could be still in use) c. version+2 less or equal to global version => old records (safe to delete) We check the reference count along with the map version in cache_flusher() to match the old records that can be deleted and we delete only those objects from the hash.
◆ return_acl_map()
| void Acl_cache::return_acl_map |
( |
Acl_map * |
map | ) |
|
When the security context is done with the acl map it calls the cache to decrease the reference count on that object.
- Parameters
-
◆ size()
| int32 Acl_cache::size |
( |
| ) |
|
Return a snapshot of the number of items in the cache.
◆ version()
Return a lower boundary to the current version count.
◆ m_cache
◆ m_cache_flush_mutex
◆ m_role_graph_version
| std::atomic<uint64> Acl_cache::m_role_graph_version |
|
private |
Role graph version counter.
The documentation for this class was generated from the following files:
1.9.2 
