MySQL 8.3.0
Source Code Documentation
acl_table_user.cc File Reference
#include "sql/auth/acl_table_user.h"
#include <stdlib.h>
#include <string.h>
#include <algorithm>
#include <map>
#include "field_types.h"
#include "lex_string.h"
#include "my_base.h"
#include "my_dbug.h"
#include "my_inttypes.h"
#include "my_sqlcommand.h"
#include "my_sys.h"
#include "mysql/components/services/bits/psi_bits.h"
#include "mysql/components/services/log_builtins.h"
#include "mysql/my_loglevel.h"
#include "mysql/plugin.h"
#include "mysql/plugin_auth.h"
#include "mysql/strings/m_ctype.h"
#include "mysql_time.h"
#include "mysqld_error.h"
#include "prealloced_array.h"
#include "sql/auth/auth_acls.h"
#include "sql/auth/auth_common.h"
#include "sql/auth/auth_internal.h"
#include "sql/auth/partial_revokes.h"
#include "sql/auth/sql_auth_cache.h"
#include "sql/auth/sql_authentication.h"
#include "sql/auth/sql_user_table.h"
#include "sql/auth/user_table.h"
#include "sql/field.h"
#include "sql/handler.h"
#include "sql/item_func.h"
#include "sql/iterators/row_iterator.h"
#include "sql/key.h"
#include "sql/mysqld.h"
#include "sql/sql_class.h"
#include "sql/sql_const.h"
#include "sql/sql_executor.h"
#include "sql/sql_lex.h"
#include "sql/sql_plugin.h"
#include "sql/sql_plugin_ref.h"
#include "sql/sql_time.h"
#include "sql/sql_update.h"
#include "sql/system_variables.h"
#include "sql/table.h"
#include "sql/tztime.h"
#include "sql_string.h"
#include "string_with_len.h"
#include "template_utils.h"
#include "typelib.h"
#include "violite.h"

Namespaces

namespace  consts
 
namespace  acl_table
 
namespace  acl_table::anonymous_namespace{acl_table_user.cc}
 

Macros

#define INVALID_DATE   "0000-00-00 00:00:00"
 

Functions

const std::string consts::empty_string ("")
 Empty string. More...
 
const std::string consts::additional_password ("additional_password")
 For secondary password. More...
 
const std::string consts::Restrictions ("Restrictions")
 For partial revokes. More...
 
const std::string consts::Password_locking ("Password_locking")
 for password locking More...
 
const std::string consts::failed_login_attempts ("failed_login_attempts")
 underkeys of password locking More...
 
const std::string consts::password_lock_time_days ("password_lock_time_days")
 underkeys of password locking More...
 
const std::string consts::json_metadata_tag ("metadata")
 metadata tag More...
 
const std::string consts::json_comment_tag ("comment")
 comment tag More...
 
const std::string consts::json_multi_factor_authentication ("multi_factor_authentication")
 multi factor authentication methods More...
 
static bool replace_user_metadata (const std::string &json_blob, bool expect_text, TABLE *user_table)
 Replace or merge the user attributes of a given user. More...
 
bool acl_table::anonymous_namespace{acl_table_user.cc}::parse_user_attributes (TABLE *table, User_table_schema *table_schema, Acl_user_attributes &user_attributes)
 Helper function to parse mysql.user.user_attributes column. More...
 
int replace_user_table (THD *thd, TABLE *table, LEX_USER *combo, ulong rights, bool revoke_grant, bool can_create_user, acl_table::Pod_user_what_to_update &what_to_update, Restrictions *restrictions, I_multi_factor_auth *mfa)
 Search and create/update a record for the user requested. More...
 
bool read_user_table (THD *thd, TABLE *table)
 Read data from user table and fill in-memory caches. More...
 
void double_the_backslash (String *str)
 Helper function which heals with how JSON quoting rules change depending on the NO_BACKSLAH_ESCAPES sql mode. More...
 
bool read_user_application_user_metadata_from_table (const LEX_CSTRING user, const LEX_CSTRING host, String *metadata_str, TABLE *table, bool mode_no_backslash_escapes)
 Helper function for recreating the CREATE USER statement when an SHOW CREATE USER statement is issued. More...
 

Variables

const my_timeval consts::BEGIN_TIMESTAMP = {0, 0}
 Initial timestamp. More...
 
const int consts::CRITICAL_ERROR = -1
 Error indicating table operation error. More...
 
static std::map< const User_attribute_type, const std::string > acl_table::attribute_type_to_str
 Keys used in mysql.user.user_attributes. More...
 

Macro Definition Documentation

◆ INVALID_DATE

#define INVALID_DATE   "0000-00-00 00:00:00"

Function Documentation

◆ double_the_backslash()

void double_the_backslash ( String str)

Helper function which heals with how JSON quoting rules change depending on the NO_BACKSLAH_ESCAPES sql mode.

Parameters
strThe string which needs quoting
See also
read_user_application_user_metadata_from_table

◆ read_user_application_user_metadata_from_table()

bool read_user_application_user_metadata_from_table ( const LEX_CSTRING  user,
const LEX_CSTRING  host,
String metadata_str,
TABLE table,
bool  mode_no_backslash_escapes 
)

Helper function for recreating the CREATE USER statement when an SHOW CREATE USER statement is issued.

Parameters
userThe user name from which to read the metadata
hostThe host name part of the user from which to read the metadata
[out]metadata_strA buffer of text which will contain the CREATE USER .. ATTRIBUTE data. If the JSON object is null the metadata_str will be empty.
tableAn open TABLE handle to the mysql.user table.
mode_no_backslash_escapesThe SQL_MODE determines how JSON is quoted
See also
mysql_show_create_user
Returns
error state
Return values
falseSuccess
trueAn error occurred and DA was set.

◆ read_user_table()

bool read_user_table ( THD thd,
TABLE table 
)

Read data from user table and fill in-memory caches.

Parameters
[in]thdTHD handle
[in]tablemysql.user table handle
Returns
status of reading data from table
Return values
trueError reading data. Don't trust it.
falseAll well.

◆ replace_user_metadata()

static bool replace_user_metadata ( const std::string &  json_blob,
bool  expect_text,
TABLE user_table 
)
static

Replace or merge the user attributes of a given user.

This function is called from Acl_table_user_writer::driver() but initialized in replace_user_table through a lambda expression. It's assumed that the user table has been opened and the matching row for the target user is in record[0]

Parameters
json_blobEither a plain text comment or a JSON object depending on
expect_textif expect_text is true then json_blob is plain text
user_tableA cursor to the open mysql.user table.
Note
In case of failure this function sets the DA
Returns
false if the operation succeeded
Return values
falsesuccess
truefailure

◆ replace_user_table()

int replace_user_table ( THD thd,
TABLE table,
LEX_USER combo,
ulong  rights,
bool  revoke_grant,
bool  can_create_user,
acl_table::Pod_user_what_to_update what_to_update,
Restrictions restrictions,
I_multi_factor_auth mfa 
)

Search and create/update a record for the user requested.

Parameters
[in]thdThe current thread.
[in]tablePointer to a TABLE object of mysql.user table
[in]comboUser information
[in]rightsRights requested
[in]revoke_grantSet to true if a REVOKE command is executed
[in]can_create_userSet true if it's allowed to create user
[in]what_to_updateBitmap indicating which attributes need to be updated.
[in]restrictionsRestrictions handle if there is any
[in]mfaInterface pointer to Multi factor authentication methods
Returns
Operation result
Return values
0OK.
<0 System error or storage engine error happen
>0 Error in handling current user entry but still can continue processing subsequent user specified in the ACL statement.