MySQL  8.0.18
Source Code Documentation
acl_table_user.h
Go to the documentation of this file.
1 /* Copyright (c) 2018, 2019, Oracle and/or its affiliates. All rights reserved.
2 
3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the GNU General Public License, version 2.0,
5 as published by the Free Software Foundation.
6 
7 This program is also distributed with certain software (including
8 but not limited to OpenSSL) that is licensed under separate terms,
9 as designated in a particular file or component or in included license
10 documentation. The authors of MySQL hereby grant you an additional
11 permission to link the program and your derivative works with the
12 separately licensed software that they have included with MySQL.
13 
14 This program is distributed in the hope that it will be useful,
15 but WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 GNU General Public License, version 2.0, for more details.
18 
19 You should have received a copy of the GNU General Public License
20 along with this program; if not, write to the Free Software
21 Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 
23 #ifndef ACL_TABLE_USER_INCLUDED
24 #define ACL_TABLE_USER_INCLUDED
25 
27 #include "sql/auth/auth_common.h"
28 #include "sql/auth/auth_internal.h"
30 
31 namespace acl_table {
33 
34 // Forward and alias declarations
36  std::pair<Table_op_error_code, struct timeval>;
37 
38 /**
39  mysql.user table writer. It updates or drop a one single row from the table.
40 */
41 
43  public:
46  struct timeval pwd_timestamp, std::string cred,
49  updated_rights(rights),
50  error(err),
51  password_change_timestamp(pwd_timestamp),
52  second_cred(cred),
54 
58  struct timeval password_change_timestamp;
59  std::string second_cred;
61 };
62 
64  public:
65  Acl_table_user_writer(THD *thd, TABLE *table, LEX_USER *combo, ulong rights,
66  bool revoke_grant, bool can_create_user,
67  Pod_user_what_to_update what_to_update,
68  Restrictions *restrictions = nullptr);
69  virtual ~Acl_table_user_writer();
72 
73  bool setup_table(int &error, bool &builtin_password);
74 
75  /* Set of functions to set user table data */
78  bool update_ssl_properties();
79  bool update_user_resources();
83  bool update_password_reuse();
85  bool update_user_attributes(std::string &current_password,
86  Acl_table_user_writer_status &return_value);
87 
89  std::string get_current_credentials();
90 
91  private:
99 };
100 
101 /**
102  mysql.user table reader. It reads all raws from table and create in-memory
103  cache.
104 */
105 
107  public:
108  Acl_table_user_reader(THD *thd, TABLE *table);
110  bool driver();
111  bool setup_table(bool &is_old_db_layout);
112  bool read_row(bool &is_old_db_layout, bool &super_users_with_empty_plugin);
114 
115  /* Set of function to read user table data */
122  bool read_plugin_info(ACL_USER &user, bool &super_users_with_empty_plugin,
123  bool &is_old_db_layout);
124  bool read_password_expiry(ACL_USER &user, bool &password_expired);
133 
134  private:
139 };
140 
141 } // namespace acl_table
142 #endif /* ACL_TABLE_USER_INCLUDED */
ulong get_user_privileges()
Helper function to get global privileges from mysql.user table.
Definition: acl_table_user.cc:1125
Pod_user_what_to_update m_what_to_update
Definition: acl_table_user.h:96
char * user
Definition: mysqladmin.cc:59
void read_privileges(ACL_USER &user)
Get global privilege information.
Definition: acl_table_user.cc:1305
bool setup_table(bool &is_old_db_layout)
Make table ready to read.
Definition: acl_table_user.cc:1206
MEM_ROOT m_mem_root
Definition: acl_table_user.h:137
bool update_password_expiry()
Update password expiration info.
Definition: acl_table_user.cc:877
Acl_table_op_status
Definition: acl_table_base.h:35
Acl_table_user_reader(THD *thd, TABLE *table)
mysql.user table reader constructor.
Definition: acl_table_user.cc:1166
void read_user_resources(ACL_USER &user)
Read user resource restrictions.
Definition: acl_table_user.cc:1412
void read_account_name(ACL_USER &user)
Get user and host information for the account.
Definition: acl_table_user.cc:1256
mysql.user table writer.
Definition: acl_table_user.h:42
bool update_user_attributes(std::string &current_password, Acl_table_user_writer_status &return_value)
User_attributes updates.
Definition: acl_table_user.cc:1049
virtual ~Acl_table_user_writer()
Cleanup.
Definition: acl_table_user.cc:371
Definition: acl_table_user.h:63
std::pair< Table_op_error_code, struct timeval > acl_table_user_writer_status
Definition: acl_table_user.h:36
User_table_schema * m_table_schema
Definition: acl_table_user.h:135
Container of all restrictions for a given user.
Definition: partial_revokes.h:126
bool setup_table(int &error, bool &builtin_password)
Position user table.
Definition: acl_table_user.cc:457
void read_password_locked(ACL_USER &user)
Determine if user account is locked.
Definition: acl_table_user.cc:1578
User_attribute_type
Definition: acl_table_user.h:32
User_table_schema * m_table_schema
Definition: acl_table_user.h:97
void read_password_require_current(ACL_USER &user)
Get information about requiring current password while changing password.
Definition: acl_table_user.cc:1681
void read_password_last_changed(ACL_USER &user)
Get password change time.
Definition: acl_table_user.cc:1594
Definition: table.h:1301
Definition: sql_auth_cache.h:141
void read_password_history_fields(ACL_USER &user)
Get password history restriction.
Definition: acl_table_user.cc:1640
bool update_privileges(Acl_table_user_writer_status &return_value)
Update global privileges for user.
Definition: acl_table_user.cc:722
void read_ssl_fields(ACL_USER &user)
Read SSL restrictions.
Definition: acl_table_user.cc:1382
bool read_authentication_string(ACL_USER &user)
Read authentication string for the account.
Definition: acl_table_user.cc:1280
Acl_table_user_writer_status driver()
Perform add/update to mysql.user table.
Definition: acl_table_user.cc:381
Definition: table.h:2367
static size_t skip(size_t pos_start, size_t match_len)
Definition: uri.cc:83
bool read_user_attributes(ACL_USER &user)
Read user attributes.
Definition: acl_table_user.cc:1705
bool update_password_history()
Password history updates.
Definition: acl_table_user.cc:949
bool read_row(bool &is_old_db_layout, bool &super_users_with_empty_plugin)
Read a row from mysql.user table and add it to in-memory structure.
Definition: acl_table_user.cc:1816
bool m_revoke_grant
Definition: acl_table_user.h:94
bool read_plugin_info(ACL_USER &user, bool &super_users_with_empty_plugin, bool &is_old_db_layout)
Read plugin information.
Definition: acl_table_user.cc:1451
bool update_authentication_info(Acl_table_user_writer_status &return_value)
Update user&#39;s authentication information.
Definition: acl_table_user.cc:662
LEX_USER * m_combo
Definition: acl_table_user.h:92
mysql.user table reader.
Definition: acl_table_user.h:106
Base class to handle ACL table manipulation.
Definition: acl_table_base.h:42
Acl_table_user_writer(THD *thd, TABLE *table, LEX_USER *combo, ulong rights, bool revoke_grant, bool can_create_user, Pod_user_what_to_update what_to_update, Restrictions *restrictions=nullptr)
mysql.user table writer constructor
Definition: acl_table_user.cc:352
Definition: auth_common.h:363
struct timeval password_change_timestamp
Definition: acl_table_user.h:58
ulong m_rights
Definition: acl_table_user.h:93
void reset_acl_user(ACL_USER &user)
Scrub ACL_USER.
Definition: acl_table_user.cc:1231
static Value err()
Create a Value object that represents an error condition.
Definition: json_binary.cc:908
virtual Acl_table_op_status finish_operation(Table_op_error_code &error)
Finish the operation.
Definition: acl_table_user.cc:596
bool read_password_expiry(ACL_USER &user, bool &password_expired)
Read password expiry field.
Definition: acl_table_user.cc:1553
Definition: acl_table_base.h:31
Restrictions restrictions
Definition: acl_table_user.h:60
std::unique_ptr< T, Destroy_only< T > > unique_ptr_destroy_only
std::unique_ptr, but only destroying.
Definition: my_alloc.h:408
ulong updated_rights
Definition: acl_table_user.h:56
static MEM_ROOT mem_root
Definition: client_plugin.cc:107
bool update_password_require_current()
Whether current password is required to update exisitng one.
Definition: acl_table_user.cc:1009
void add_row_to_acl_users(ACL_USER &user)
Add a recently read row in acl_users.
Definition: acl_table_user.cc:1773
std::string get_current_credentials()
Get current password from mysql.user.authentication_string.
Definition: acl_table_user.cc:1151
void read_password_reuse_time_fields(ACL_USER &user)
Get password reuse time restriction.
Definition: acl_table_user.cc:1661
Acl_table_user_writer_status(MEM_ROOT *mem_root)
Definition: acl_table_user.cc:330
~Acl_table_user_reader()
Free resources before we destroy.
Definition: acl_table_user.cc:1175
bool skip_cache_update
Definition: acl_table_user.h:55
bool update_user_resources()
Update user resource restrictions.
Definition: acl_table_user.cc:846
int Table_op_error_code
Definition: acl_table_base.h:33
unique_ptr_destroy_only< RowIterator > m_iterator
Definition: acl_table_user.h:136
bool driver()
Driver function for mysql.user reader.
Definition: acl_table_user.cc:1857
void read_password_lifetime(ACL_USER &user)
Get password expiry policy infomration.
Definition: acl_table_user.cc:1622
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:77
bool update_account_locking()
Update account locking info.
Definition: acl_table_user.cc:917
Restrictions * m_restrictions
Definition: acl_table_user.h:138
std::string second_cred
Definition: acl_table_user.h:59
Acl_table_user_writer_status(bool skip, ulong rights, Table_op_error_code err, struct timeval pwd_timestamp, std::string cred, MEM_ROOT *mem_root)
Definition: acl_table_user.h:45
bool m_can_create_user
Definition: acl_table_user.h:95
Restrictions * m_restrictions
Definition: acl_table_user.h:98
unsigned long ulong
Definition: my_inttypes.h:48
Table_op_error_code error
Definition: acl_table_user.h:57
virtual Acl_table_op_status finish_operation(Table_op_error_code &error)
Finish mysql.user table read operation.
Definition: acl_table_user.cc:1188
bool update_password_reuse()
Password reuse time updates.
Definition: acl_table_user.cc:980
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_class.h:778
bool update_ssl_properties()
Update SSL properties.
Definition: acl_table_user.cc:769
Definition: user_table.h:40
Log error(cerr, "ERROR")