MySQL  8.0.18
Source Code Documentation
auth_acls.h File Reference
#include <string>
#include <unordered_map>
#include <vector>

Go to the source code of this file.

Macros

#define NUM_ACLS   31
 
#define SELECT_ACL   (1L << 0)
 
#define INSERT_ACL   (1L << 1)
 
#define UPDATE_ACL   (1L << 2)
 
#define DELETE_ACL   (1L << 3)
 
#define CREATE_ACL   (1L << 4)
 
#define DROP_ACL   (1L << 5)
 
#define RELOAD_ACL   (1L << 6)
 
#define SHUTDOWN_ACL   (1L << 7)
 
#define PROCESS_ACL   (1L << 8)
 
#define FILE_ACL   (1L << 9)
 
#define GRANT_ACL   (1L << 10)
 
#define REFERENCES_ACL   (1L << 11)
 
#define INDEX_ACL   (1L << 12)
 
#define ALTER_ACL   (1L << 13)
 
#define SHOW_DB_ACL   (1L << 14)
 
#define SUPER_ACL   (1L << 15)
 
#define CREATE_TMP_ACL   (1L << 16)
 
#define LOCK_TABLES_ACL   (1L << 17)
 
#define EXECUTE_ACL   (1L << 18)
 
#define REPL_SLAVE_ACL   (1L << 19)
 
#define REPL_CLIENT_ACL   (1L << 20)
 
#define CREATE_VIEW_ACL   (1L << 21)
 
#define SHOW_VIEW_ACL   (1L << 22)
 
#define CREATE_PROC_ACL   (1L << 23)
 
#define ALTER_PROC_ACL   (1L << 24)
 
#define CREATE_USER_ACL   (1L << 25)
 
#define EVENT_ACL   (1L << 26)
 
#define TRIGGER_ACL   (1L << 27)
 
#define CREATE_TABLESPACE_ACL   (1L << 28)
 
#define CREATE_ROLE_ACL   (1L << 29)
 
#define DROP_ROLE_ACL   (1L << 30)
 
#define NO_ACCESS   (1L << 31)
 
#define DB_OP_ACLS
 Privileges to perform database related operations. More...
 
#define TABLE_OP_ACLS
 Privileges to perform table related operations. More...
 
#define PROC_OP_ACLS   (ALTER_PROC_ACL | EXECUTE_ACL)
 Privileges to modify or execute stored procedures. More...
 
#define DB_ACLS   (DB_OP_ACLS | GRANT_ACL)
 Represents all privileges which could be granted to users at DB-level. More...
 
#define TABLE_ACLS   (TABLE_OP_ACLS | GRANT_ACL)
 Represents all privileges which could be granted to users at table-level. More...
 
#define COL_ACLS   (SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)
 Represents all privileges which could be granted to users at column-level. More...
 
#define PROC_ACLS   (PROC_OP_ACLS | GRANT_ACL)
 Represents all privileges which could be granted to users for stored procedures. More...
 
#define SHOW_PROC_ACLS   (PROC_OP_ACLS | CREATE_PROC_ACL)
 Represents all privileges which are required to show the stored procedure. More...
 
#define GLOBAL_ACLS
 Represents all privileges which could be granted to users globally. More...
 
#define DEFAULT_CREATE_PROC_ACLS   (ALTER_PROC_ACL | EXECUTE_ACL)
 
#define TMP_TABLE_ACLS
 Table-level privileges which are automatically "granted" to everyone on existing temporary tables (CREATE_ACL is necessary for ALTER ... More...
 
#define DB_CHUNK0   (SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL)
 
#define DB_CHUNK1   (GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)
 
#define DB_CHUNK2   (CREATE_TMP_ACL | LOCK_TABLES_ACL)
 
#define DB_CHUNK3   (CREATE_VIEW_ACL | SHOW_VIEW_ACL | CREATE_PROC_ACL | ALTER_PROC_ACL)
 
#define DB_CHUNK4   (EXECUTE_ACL)
 
#define DB_CHUNK5   (EVENT_ACL | TRIGGER_ACL)
 
#define fix_rights_for_db(A)
 
#define get_rights_for_db(A)
 
#define TBL_CHUNK0   DB_CHUNK0
 
#define TBL_CHUNK1   DB_CHUNK1
 
#define TBL_CHUNK2   (CREATE_VIEW_ACL | SHOW_VIEW_ACL)
 
#define TBL_CHUNK3   TRIGGER_ACL
 
#define fix_rights_for_table(A)
 
#define get_rights_for_table(A)
 
#define fix_rights_for_column(A)   (((A)&7) | (((A) & ~7) << 8))
 
#define get_rights_for_column(A)   (((A)&7) | ((A) >> 8))
 
#define fix_rights_for_procedure(A)
 
#define get_rights_for_procedure(A)
 

Variables

const std::vector< std::string > global_acls_vector
 Consts for static privileges. More...
 
const std::unordered_map< std::string, int > global_acls_map
 Bitmap offsets for static privileges. More...
 

Macro Definition Documentation

◆ ALTER_ACL

#define ALTER_ACL   (1L << 13)

◆ ALTER_PROC_ACL

#define ALTER_PROC_ACL   (1L << 24)

◆ COL_ACLS

#define COL_ACLS   (SELECT_ACL | INSERT_ACL | UPDATE_ACL | REFERENCES_ACL)

Represents all privileges which could be granted to users at column-level.

It essentially represents all the privileges present in the columns_priv table.

◆ CREATE_ACL

#define CREATE_ACL   (1L << 4)

◆ CREATE_PROC_ACL

#define CREATE_PROC_ACL   (1L << 23)

◆ CREATE_ROLE_ACL

#define CREATE_ROLE_ACL   (1L << 29)

◆ CREATE_TABLESPACE_ACL

#define CREATE_TABLESPACE_ACL   (1L << 28)

◆ CREATE_TMP_ACL

#define CREATE_TMP_ACL   (1L << 16)

◆ CREATE_USER_ACL

#define CREATE_USER_ACL   (1L << 25)

◆ CREATE_VIEW_ACL

#define CREATE_VIEW_ACL   (1L << 21)

◆ DB_ACLS

#define DB_ACLS   (DB_OP_ACLS | GRANT_ACL)

Represents all privileges which could be granted to users at DB-level.

It essentially represents all the privileges present in the mysql.db table.

◆ DB_CHUNK0

#define DB_CHUNK0   (SELECT_ACL | INSERT_ACL | UPDATE_ACL | DELETE_ACL | CREATE_ACL | DROP_ACL)

◆ DB_CHUNK1

#define DB_CHUNK1   (GRANT_ACL | REFERENCES_ACL | INDEX_ACL | ALTER_ACL)

◆ DB_CHUNK2

#define DB_CHUNK2   (CREATE_TMP_ACL | LOCK_TABLES_ACL)

◆ DB_CHUNK3

◆ DB_CHUNK4

#define DB_CHUNK4   (EXECUTE_ACL)

◆ DB_CHUNK5

#define DB_CHUNK5   (EVENT_ACL | TRIGGER_ACL)

◆ DB_OP_ACLS

#define DB_OP_ACLS
Value:
ALTER_PROC_ACL | EVENT_ACL | TRIGGER_ACL)
#define CREATE_VIEW_ACL
Definition: auth_acls.h:53
#define INSERT_ACL
Definition: auth_acls.h:33
#define CREATE_TMP_ACL
Definition: auth_acls.h:48
#define CREATE_ACL
Definition: auth_acls.h:36
#define DELETE_ACL
Definition: auth_acls.h:35
#define SELECT_ACL
Definition: auth_acls.h:32
#define TRIGGER_ACL
Definition: auth_acls.h:59
#define LOCK_TABLES_ACL
Definition: auth_acls.h:49
#define CREATE_PROC_ACL
Definition: auth_acls.h:55
#define DROP_ACL
Definition: auth_acls.h:37
#define INDEX_ACL
Definition: auth_acls.h:44
#define EVENT_ACL
Definition: auth_acls.h:58
#define SHOW_VIEW_ACL
Definition: auth_acls.h:54
#define ALTER_ACL
Definition: auth_acls.h:45
#define UPDATE_ACL
Definition: auth_acls.h:34

Privileges to perform database related operations.

Use this macro over DB_ACLS unless there is real need to use additional privileges present in the DB_ACLS

◆ DEFAULT_CREATE_PROC_ACLS

#define DEFAULT_CREATE_PROC_ACLS   (ALTER_PROC_ACL | EXECUTE_ACL)

◆ DELETE_ACL

#define DELETE_ACL   (1L << 3)

◆ DROP_ACL

#define DROP_ACL   (1L << 5)

◆ DROP_ROLE_ACL

#define DROP_ROLE_ACL   (1L << 30)

◆ EVENT_ACL

#define EVENT_ACL   (1L << 26)

◆ EXECUTE_ACL

#define EXECUTE_ACL   (1L << 18)

◆ FILE_ACL

#define FILE_ACL   (1L << 9)

◆ fix_rights_for_column

#define fix_rights_for_column (   A)    (((A)&7) | (((A) & ~7) << 8))

◆ fix_rights_for_db

#define fix_rights_for_db (   A)
Value:
(((A)&DB_CHUNK0) | (((A) << 4) & DB_CHUNK1) | (((A) << 6) & DB_CHUNK2) | \
(((A) << 9) & DB_CHUNK3) | (((A) << 2) & DB_CHUNK4)) | \
(((A) << 9) & DB_CHUNK5)
#define DB_CHUNK2
Definition: auth_acls.h:166
#define DB_CHUNK1
Definition: auth_acls.h:165
#define DB_CHUNK3
Definition: auth_acls.h:167
#define DB_CHUNK5
Definition: auth_acls.h:170
#define DB_CHUNK4
Definition: auth_acls.h:169
#define DB_CHUNK0
Definition: auth_acls.h:163

◆ fix_rights_for_procedure

#define fix_rights_for_procedure (   A)
Value:
((((A) << 18) & EXECUTE_ACL) | (((A) << 23) & ALTER_PROC_ACL) | \
(((A) << 8) & GRANT_ACL))
#define ALTER_PROC_ACL
Definition: auth_acls.h:56
#define GRANT_ACL
Definition: auth_acls.h:42
#define EXECUTE_ACL
Definition: auth_acls.h:50

◆ fix_rights_for_table

#define fix_rights_for_table (   A)
Value:
(((A)&TBL_CHUNK0) | (((A) << 4) & TBL_CHUNK1) | (((A) << 11) & TBL_CHUNK2) | \
(((A) << 15) & TBL_CHUNK3))
#define TBL_CHUNK0
Definition: auth_acls.h:180
#define TBL_CHUNK3
Definition: auth_acls.h:183
#define TBL_CHUNK1
Definition: auth_acls.h:181
#define TBL_CHUNK2
Definition: auth_acls.h:182

◆ get_rights_for_column

#define get_rights_for_column (   A)    (((A)&7) | ((A) >> 8))

◆ get_rights_for_db

#define get_rights_for_db (   A)
Value:
(((A)&DB_CHUNK0) | (((A)&DB_CHUNK1) >> 4) | (((A)&DB_CHUNK2) >> 6) | \
(((A)&DB_CHUNK3) >> 9) | (((A)&DB_CHUNK4) >> 2)) | \
(((A)&DB_CHUNK5) >> 9)
#define DB_CHUNK2
Definition: auth_acls.h:166
#define DB_CHUNK1
Definition: auth_acls.h:165
#define DB_CHUNK3
Definition: auth_acls.h:167
#define DB_CHUNK5
Definition: auth_acls.h:170
#define DB_CHUNK4
Definition: auth_acls.h:169
#define DB_CHUNK0
Definition: auth_acls.h:163

◆ get_rights_for_procedure

#define get_rights_for_procedure (   A)
Value:
((((A)&EXECUTE_ACL) >> 18) | (((A)&ALTER_PROC_ACL) >> 23) | \
(((A)&GRANT_ACL) >> 8))
#define ALTER_PROC_ACL
Definition: auth_acls.h:56
#define GRANT_ACL
Definition: auth_acls.h:42
#define EXECUTE_ACL
Definition: auth_acls.h:50

◆ get_rights_for_table

#define get_rights_for_table (   A)
Value:
(((A)&TBL_CHUNK0) | (((A)&TBL_CHUNK1) >> 4) | (((A)&TBL_CHUNK2) >> 11) | \
(((A)&TBL_CHUNK3) >> 15))
#define TBL_CHUNK0
Definition: auth_acls.h:180
#define TBL_CHUNK3
Definition: auth_acls.h:183
#define TBL_CHUNK1
Definition: auth_acls.h:181
#define TBL_CHUNK2
Definition: auth_acls.h:182

◆ GLOBAL_ACLS

#define GLOBAL_ACLS
Value:
RELOAD_ACL | SHUTDOWN_ACL | PROCESS_ACL | FILE_ACL | GRANT_ACL | \
REFERENCES_ACL | INDEX_ACL | ALTER_ACL | SHOW_DB_ACL | SUPER_ACL | \
ALTER_PROC_ACL | CREATE_USER_ACL | EVENT_ACL | TRIGGER_ACL | \
CREATE_TABLESPACE_ACL | CREATE_ROLE_ACL | DROP_ROLE_ACL)
#define CREATE_VIEW_ACL
Definition: auth_acls.h:53
#define INSERT_ACL
Definition: auth_acls.h:33
#define CREATE_ACL
Definition: auth_acls.h:36
#define SUPER_ACL
Definition: auth_acls.h:47
#define DROP_ROLE_ACL
Definition: auth_acls.h:62
#define DELETE_ACL
Definition: auth_acls.h:35
#define SELECT_ACL
Definition: auth_acls.h:32
#define SHUTDOWN_ACL
Definition: auth_acls.h:39
#define SHOW_DB_ACL
Definition: auth_acls.h:46
#define TRIGGER_ACL
Definition: auth_acls.h:59
#define LOCK_TABLES_ACL
Definition: auth_acls.h:49
#define CREATE_PROC_ACL
Definition: auth_acls.h:55
#define REPL_CLIENT_ACL
Definition: auth_acls.h:52
#define CREATE_USER_ACL
Definition: auth_acls.h:57
#define CREATE_ROLE_ACL
Definition: auth_acls.h:61
#define GRANT_ACL
Definition: auth_acls.h:42
#define PROCESS_ACL
Definition: auth_acls.h:40
#define DROP_ACL
Definition: auth_acls.h:37
#define INDEX_ACL
Definition: auth_acls.h:44
#define FILE_ACL
Definition: auth_acls.h:41
#define EVENT_ACL
Definition: auth_acls.h:58
#define SHOW_VIEW_ACL
Definition: auth_acls.h:54
#define REPL_SLAVE_ACL
Definition: auth_acls.h:51
#define ALTER_ACL
Definition: auth_acls.h:45
#define UPDATE_ACL
Definition: auth_acls.h:34

Represents all privileges which could be granted to users globally.

It essentially represents all the privileges present in the mysql.user table

◆ GRANT_ACL

#define GRANT_ACL   (1L << 10)

◆ INDEX_ACL

#define INDEX_ACL   (1L << 12)

◆ INSERT_ACL

#define INSERT_ACL   (1L << 1)

◆ LOCK_TABLES_ACL

#define LOCK_TABLES_ACL   (1L << 17)

◆ NO_ACCESS

#define NO_ACCESS   (1L << 31)

◆ NUM_ACLS

#define NUM_ACLS   31

◆ PROC_ACLS

#define PROC_ACLS   (PROC_OP_ACLS | GRANT_ACL)

Represents all privileges which could be granted to users for stored procedures.

It essentially represents all the privileges present in the mysql.procs_priv table.

◆ PROC_OP_ACLS

#define PROC_OP_ACLS   (ALTER_PROC_ACL | EXECUTE_ACL)

Privileges to modify or execute stored procedures.

Use this macro over PROC_ACLS unless there is real need to use additional privileges present in the PROC_ACLS

◆ PROCESS_ACL

#define PROCESS_ACL   (1L << 8)

◆ REFERENCES_ACL

#define REFERENCES_ACL   (1L << 11)

◆ RELOAD_ACL

#define RELOAD_ACL   (1L << 6)

◆ REPL_CLIENT_ACL

#define REPL_CLIENT_ACL   (1L << 20)

◆ REPL_SLAVE_ACL

#define REPL_SLAVE_ACL   (1L << 19)

◆ SELECT_ACL

#define SELECT_ACL   (1L << 0)

◆ SHOW_DB_ACL

#define SHOW_DB_ACL   (1L << 14)

◆ SHOW_PROC_ACLS

#define SHOW_PROC_ACLS   (PROC_OP_ACLS | CREATE_PROC_ACL)

Represents all privileges which are required to show the stored procedure.

◆ SHOW_VIEW_ACL

#define SHOW_VIEW_ACL   (1L << 22)

◆ SHUTDOWN_ACL

#define SHUTDOWN_ACL   (1L << 7)

◆ SUPER_ACL

#define SUPER_ACL   (1L << 15)

◆ TABLE_ACLS

#define TABLE_ACLS   (TABLE_OP_ACLS | GRANT_ACL)

Represents all privileges which could be granted to users at table-level.

It essentially represents all the privileges present in the mysql.tables_priv table.

◆ TABLE_OP_ACLS

#define TABLE_OP_ACLS
Value:
REFERENCES_ACL | INDEX_ACL | ALTER_ACL | CREATE_VIEW_ACL | SHOW_VIEW_ACL | \
TRIGGER_ACL)
#define CREATE_VIEW_ACL
Definition: auth_acls.h:53
#define INSERT_ACL
Definition: auth_acls.h:33
#define CREATE_ACL
Definition: auth_acls.h:36
#define DELETE_ACL
Definition: auth_acls.h:35
#define SELECT_ACL
Definition: auth_acls.h:32
#define DROP_ACL
Definition: auth_acls.h:37
#define INDEX_ACL
Definition: auth_acls.h:44
#define SHOW_VIEW_ACL
Definition: auth_acls.h:54
#define ALTER_ACL
Definition: auth_acls.h:45
#define UPDATE_ACL
Definition: auth_acls.h:34

Privileges to perform table related operations.

Use this macro over TABLE_ACLS unless there is real need to use additional privileges present in the DB_ACLS

◆ TBL_CHUNK0

#define TBL_CHUNK0   DB_CHUNK0

◆ TBL_CHUNK1

#define TBL_CHUNK1   DB_CHUNK1

◆ TBL_CHUNK2

#define TBL_CHUNK2   (CREATE_VIEW_ACL | SHOW_VIEW_ACL)

◆ TBL_CHUNK3

#define TBL_CHUNK3   TRIGGER_ACL

◆ TMP_TABLE_ACLS

#define TMP_TABLE_ACLS
Value:
INDEX_ACL | ALTER_ACL)
#define INSERT_ACL
Definition: auth_acls.h:33
#define CREATE_ACL
Definition: auth_acls.h:36
#define DELETE_ACL
Definition: auth_acls.h:35
#define SELECT_ACL
Definition: auth_acls.h:32
#define DROP_ACL
Definition: auth_acls.h:37
#define ALTER_ACL
Definition: auth_acls.h:45
#define UPDATE_ACL
Definition: auth_acls.h:34

Table-level privileges which are automatically "granted" to everyone on existing temporary tables (CREATE_ACL is necessary for ALTER ...

RENAME).

◆ TRIGGER_ACL

#define TRIGGER_ACL   (1L << 27)

◆ UPDATE_ACL

#define UPDATE_ACL   (1L << 2)

Variable Documentation

◆ global_acls_map

const std::unordered_map<std::string, int> global_acls_map

Bitmap offsets for static privileges.

◆ global_acls_vector

const std::vector<std::string> global_acls_vector

Consts for static privileges.