MySQL 9.0.1
Source Code Documentation
DB_restrictions Class Referencefinal

DB Restrictions representation in memory. More...

#include <partial_revokes.h>

Inheritance diagram for DB_restrictions:
[legend]

Public Member Functions

 DB_restrictions ()
 DB Restrictions constructor. More...
 
 ~DB_restrictions () override
 Destructor. More...
 
db_revocationsoperator() (void)
 
 DB_restrictions (const DB_restrictions &restrictions)
 Copy constructor for DB Restrictions. More...
 
 DB_restrictions (DB_restrictions &&restrictions)=delete
 
DB_restrictionsoperator= (const DB_restrictions &restrictions)
 Assignment operator. More...
 
DB_restrictionsoperator= (DB_restrictions &&restrictions)
 Assignment operator. More...
 
bool operator== (const DB_restrictions &restrictions) const
 Compare the two restrictions. More...
 
void add (const std::string &db_name, const Access_bitmask revoke_privs)
 Add given privileges as restricted for the database. More...
 
void add (const DB_restrictions &restrictions)
 Add restriction information from source DB_restrictions. More...
 
bool add (const Json_object &json_object)
 Deserializer. More...
 
void remove (const std::string &db_name, const Access_bitmask revoke_privs)
 Remove given set of privilegs for a database from restriction list. More...
 
void remove (const Access_bitmask revoke_privs)
 Remove given set of privs from restricted list for all databases. More...
 
bool find (const std::string &db_name, Access_bitmask &access) const
 Get restricted access information for given database. More...
 
bool is_empty () const override
 Status function to check if restriction list is empty. More...
 
size_t size () const override
 Status function to get number of entries in restriction list. More...
 
void clear () override
 Clear restriction list. More...
 
void get_as_json (Json_array &restrictions_array) const
 Serializer. More...
 
const db_revocationsget () const
 
bool has_more_restrictions (const DB_restrictions &, Access_bitmask) const
 Compare is two restriction list for given privileges. More...
 
- Public Member Functions inherited from Abstract_restrictions
 Abstract_restrictions ()
 Abstract restriction constructor. More...
 
virtual ~Abstract_restrictions ()
 Abstract restriction destructor. More...
 

Private Member Functions

db_revocationsdb_restrictions ()
 
void remove (const Access_bitmask remove_restrictions, Access_bitmask &restrictions_mask) const noexcept
 Private function: Remove given set of privs from restricted list. More...
 
db_revocationscreate_restrictions_if_needed ()
 
void copy_restrictions (const DB_restrictions &other)
 

Private Attributes

db_revocationsm_restrictions = nullptr
 Database restrictions. More...
 

Detailed Description

DB Restrictions representation in memory.

Note that an instance of this class is owned by the security context. Many of the usage pattern of the security context has complex life cycle, it may be using memory allocated through MEM_ROOT. That may lead to an unwarranted memory growth in some circumstances. Therefore, we wish to own the life cycle of the non POD type members in this class. Please allocate them dynamically otherwise you may cause some difficult to find memory leaks.

@note : non POD members are allocated when needed but not in constructor to avoid unnecessary memory allocations since it is frequently accessed code path. Onus is on the user to call the APIs safely that is to make sure that if the accessed member in the API is allocated if it was supposed to be.

DB_restrictions also provides functions to:

  • Manage DB restrictions
  • Status functions
  • Transformation of in memory db restrictions

Constructor & Destructor Documentation

◆ DB_restrictions() [1/3]

DB_restrictions::DB_restrictions ( )

DB Restrictions constructor.

◆ ~DB_restrictions()

DB_restrictions::~DB_restrictions ( )
override

Destructor.

◆ DB_restrictions() [2/3]

DB_restrictions::DB_restrictions ( const DB_restrictions other)

Copy constructor for DB Restrictions.

Parameters
[in]otherSource DB restrictions

◆ DB_restrictions() [3/3]

DB_restrictions::DB_restrictions ( DB_restrictions &&  restrictions)
delete

Member Function Documentation

◆ add() [1/3]

void DB_restrictions::add ( const DB_restrictions restrictions)

Add restriction information from source DB_restrictions.

Parameters
[in]restrictionsList of <database, privileges>

◆ add() [2/3]

bool DB_restrictions::add ( const Json_object json_object)

Deserializer.

Converts a JSON object to <database, privileges> list.

Parameters
[in]json_objectRestrictions represented by JSON
Returns
Status of transformation.
Return values
trueError in deserializing the data.
falseAll good.

◆ add() [3/3]

void DB_restrictions::add ( const std::string &  db_name,
const Access_bitmask  revoke_privs 
)

Add given privileges as restricted for the database.

Parameters
[in]db_nameDatabase information
[in]revoke_privsPrivileges to be restricted

◆ clear()

void DB_restrictions::clear ( )
overridevirtual

Clear restriction list.

Implements Abstract_restrictions.

◆ copy_restrictions()

void DB_restrictions::copy_restrictions ( const DB_restrictions other)
inlineprivate

◆ create_restrictions_if_needed()

db_revocations * DB_restrictions::create_restrictions_if_needed ( )
inlineprivate

◆ db_restrictions()

db_revocations & DB_restrictions::db_restrictions ( )
inlineprivate

◆ find()

bool DB_restrictions::find ( const std::string &  db_name,
Access_bitmask access 
) const

Get restricted access information for given database.

Parameters
[in]db_nameDatabase information
[out]accessRestricted access
Returns
Status of search
Return values
trueEntry found.
falseEntry not found. Do not rely on access.

◆ get()

const db_revocations & DB_restrictions::get ( ) const
inline

◆ get_as_json()

void DB_restrictions::get_as_json ( Json_array restrictions_array) const

Serializer.

Converts restriction list to JSON format.

This is used while storing restriction list in ACL table.

◆ has_more_restrictions()

bool DB_restrictions::has_more_restrictions ( const DB_restrictions other,
Access_bitmask  access 
) const

Compare is two restriction list for given privileges.

Parameters
[in]otherDB_restrictions to compare against
[in]accessPrivilege filter
Returns
Comparison result of two restriction lists
Return values
falseOther restriction list has less or equal restrictions
trueOtherwise

◆ is_empty()

bool DB_restrictions::is_empty ( ) const
overridevirtual

Status function to check if restriction list is empty.

m_restrictions may not be initialized yet, that also indicates that the restrictions are empty.

Implements Abstract_restrictions.

◆ operator()()

db_revocations & DB_restrictions::operator() ( void  )
inline

◆ operator=() [1/2]

DB_restrictions & DB_restrictions::operator= ( const DB_restrictions other)

Assignment operator.

Parameters
[in]otherSource DB restrictions

◆ operator=() [2/2]

DB_restrictions & DB_restrictions::operator= ( DB_restrictions &&  restrictions)

Assignment operator.

Parameters
[in]restrictionsSource DB restrictions

◆ operator==()

bool DB_restrictions::operator== ( const DB_restrictions restrictions) const

Compare the two restrictions.

Parameters
[in]restrictionsDB_restrictions object to be compared with this
Return values
trueIf both DB_restrictions are same
falseOtherwise

◆ remove() [1/3]

void DB_restrictions::remove ( const Access_bitmask  remove_restrictions,
Access_bitmask restriction_mask 
) const
privatenoexcept

Private function: Remove given set of privs from restricted list.

Parameters
[in]remove_restrictionsRestriction to be removed
[out]restriction_maskResultant value to be returned

◆ remove() [2/3]

void DB_restrictions::remove ( const Access_bitmask  revoke_privs)

Remove given set of privs from restricted list for all databases.

If it turns out to be no restrictions on a DB after removal of the restrictions, then remove the db_name entry from the internal container as well.

Parameters
[in]revoke_privsPrivileges to be removed

◆ remove() [3/3]

void DB_restrictions::remove ( const std::string &  db_name,
const Access_bitmask  revoke_privs 
)

Remove given set of privilegs for a database from restriction list.

Parameters
[in]db_nameDatabase information
[in]revoke_privsList of privileges to remove

◆ size()

size_t DB_restrictions::size ( ) const
overridevirtual

Status function to get number of entries in restriction list.

Implements Abstract_restrictions.

Member Data Documentation

◆ m_restrictions

db_revocations* DB_restrictions::m_restrictions = nullptr
private

Database restrictions.

Dynamically allocating the memory everytime in constructor would be expensive because this is frequently accessed code path. Therefore, we shall allocate the memory when needed later on.


The documentation for this class was generated from the following files: