23#ifndef AUTH_COMMON_INCLUDED
24#define AUTH_COMMON_INCLUDED
45#include <openssl/rsa.h>
72extern const std::string
mysql;
129 ulong want_access, ulong *save_priv,
130 bool any_combination_will_do)
const = 0;
165 ulong want_access, ulong *save_priv,
166 bool any_combination_will_do)
const = 0;
198 bool any_combination_will_do)
const override;
691 : implicit_cast<User_table_schema *>(
714 const char *db,
THD *thd,
725#define DEFAULT_AUTH_ATTR (1L << 0)
726#define PLUGIN_ATTR (1L << 1)
728#define SSL_ATTR (1L << 2)
729#define RESOURCE_ATTR (1L << 3)
730#define PASSWORD_EXPIRE_ATTR (1L << 4)
731#define ACCESS_RIGHTS_ATTR (1L << 5)
732#define ACCOUNT_LOCK_ATTR (1L << 6)
733#define DIFFERENT_PLUGIN_ATTR \
735#define USER_ATTRIBUTES (1L << 8)
740 bool retain_current_password);
742 const char *current_password,
743 bool retain_current_password);
756 const char *wildstr,
size_t wildstr_len);
758bool acl_init(
bool dont_read_acl_tables);
766 const char *db,
bool db_is_pattern);
769 const char *
host,
const char *ip,
const char *db);
784 bool revoke_grant,
bool is_proxy,
786 bool grant_all_current_privileges,
LEX_GRANT_AS *grant_as);
789 bool write_to_binlog);
793 bool any_combination_will_do, uint number,
bool no_errors);
799 ulong want_privilege);
803 bool is_proc,
bool no_error);
805 const bool check_table_grant =
false);
812 const char *
table_name,
const char *field_name);
822 const char *db,
const char *
table);
836 bool *fake_lock_tables_acl);
846 char *
name,
bool is_proc,
bool no_errors);
849 const char *definer_user,
850 const char *definer_host);
852 const char *routine_name,
bool is_proc);
853bool check_access(
THD *thd, ulong want_access,
const char *db, ulong *save_priv,
855 bool dont_check_global_grants,
bool no_errors);
857 bool any_combination_of_privileges_will_do, uint number,
903 const char **ssl_ca,
const char **ssl_key,
904 const char **ssl_cert);
906#define DEFAULT_SSL_CA_CERT "ca.pem"
907#define DEFAULT_SSL_CA_KEY "ca-key.pem"
908#define DEFAULT_SSL_SERVER_CERT "server-cert.pem"
909#define DEFAULT_SSL_SERVER_KEY "server-key.pem"
929template <
class Derived>
933 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
935 if (op ==
Execute &&
static_cast<Derived *
>(
this)->
create(sctx))
941template <
class Derived>
945 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
947 if (op ==
Execute &&
static_cast<Derived *
>(
this)->grant_privileges(sctx))
1019 std::vector<std::string> privs);
1057 bool check_for_main_security_ctx =
false);
1067 Auth_id(
const char *
user,
size_t user_len,
const char *
host,
size_t host_len);
1079 void auth_str(std::string *out)
const;
1081 const std::string &
user()
const;
1082 const std::string &
host()
const;
1127 const std::string &json_blob,
bool expect_text);
1132#if OPENSSL_VERSION_NUMBER >= 0x30000000L
1134 unsigned char *plain_text,
size_t plain_text_len,
1135 EVP_PKEY *private_key);
1138 unsigned char *plain_text,
size_t plain_text_len,
mysql_dynamic_priv_table_field
Definition: auth_common.h:359
@ MYSQL_DYNAMIC_PRIV_FIELD_PRIV
Definition: auth_common.h:362
@ MYSQL_DYNAMIC_PRIV_FIELD_HOST
Definition: auth_common.h:361
@ MYSQL_DYNAMIC_PRIV_FIELD_USER
Definition: auth_common.h:360
@ MYSQL_DYNAMIC_PRIV_FIELD_COUNT
Definition: auth_common.h:364
@ MYSQL_DYNAMIC_PRIV_FIELD_WITH_GRANT_OPTION
Definition: auth_common.h:363
mysql_columns_priv_table_field
Definition: auth_common.h:311
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_NAME
Definition: auth_common.h:316
@ MYSQL_COLUMNS_PRIV_FIELD_HOST
Definition: auth_common.h:312
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:318
@ MYSQL_COLUMNS_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:315
@ MYSQL_COLUMNS_PRIV_FIELD_COUNT
Definition: auth_common.h:319
@ MYSQL_COLUMNS_PRIV_FIELD_DB
Definition: auth_common.h:313
@ MYSQL_COLUMNS_PRIV_FIELD_USER
Definition: auth_common.h:314
@ MYSQL_COLUMNS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:317
void roles_graphml(THD *thd, String *)
Definition: sql_authorization.cc:4886
bool check_fk_parent_table_access(THD *thd, HA_CREATE_INFO *create_info, Alter_info *alter_info)
Checks foreign key's parent table access.
Definition: sql_authorization.cc:5919
mysql_procs_priv_table_field
Definition: auth_common.h:299
@ MYSQL_PROCS_PRIV_FIELD_PROC_PRIV
Definition: auth_common.h:306
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_NAME
Definition: auth_common.h:303
@ MYSQL_PROCS_PRIV_FIELD_COUNT
Definition: auth_common.h:308
@ MYSQL_PROCS_PRIV_FIELD_HOST
Definition: auth_common.h:300
@ MYSQL_PROCS_PRIV_FIELD_DB
Definition: auth_common.h:301
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_TYPE
Definition: auth_common.h:304
@ MYSQL_PROCS_PRIV_FIELD_GRANTOR
Definition: auth_common.h:305
@ MYSQL_PROCS_PRIV_FIELD_USER
Definition: auth_common.h:302
@ MYSQL_PROCS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:307
bool acl_check_host(THD *thd, const char *host, const char *ip)
Definition: sql_authentication.cc:2352
bool lock_tables_precheck(THD *thd, Table_ref *tables)
Check privileges for LOCK TABLES statement.
Definition: sql_authorization.cc:1716
bool skip_grant_tables()
Definition: sql_auth_cache.cc:161
bool acl_check_proxy_grant_access(THD *thd, const char *host, const char *user, bool with_grant)
Definition: sql_authorization.cc:5539
bool check_access(THD *thd, ulong want_access, const char *db, ulong *save_priv, GRANT_INTERNAL_INFO *grant_internal_info, bool dont_check_global_grants, bool no_errors)
Compare requested privileges with the privileges acquired from the User- and Db-tables.
Definition: sql_authorization.cc:2138
void func_current_role(const THD *thd, String *active_role)
Helper function for Item_func_current_role.
Definition: sql_authorization.cc:6255
bool check_column_grant_in_table_ref(THD *thd, Table_ref *table_ref, const char *name, size_t length, ulong want_privilege)
Check the privileges for a column depending on the type of table.
Definition: sql_authorization.cc:4028
uint32 global_password_history
Global sysvar: the number of old passwords to check in the history.
Definition: sql_auth_cache.cc:3642
bool mysql_alter_or_clear_default_roles(THD *thd, role_enum role_type, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Set the default roles to NONE, ALL or list of authorization IDs as roles, depending upon the role_typ...
Definition: sql_authorization.cc:6396
int fill_schema_table_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5741
bool is_granted_table_access(THD *thd, ulong required_acl, Table_ref *table)
Given a Table_ref object this function checks against.
Definition: sql_authorization.cc:2444
bool check_some_access(THD *thd, ulong want_access, Table_ref *table)
Check if the given table has any of the asked privileges.
Definition: sql_authorization.cc:2028
void append_auth_id_string(const THD *thd, const char *user, size_t user_len, const char *host, size_t host_len, String *str)
Append the user@host to the str.
Definition: sql_auth_cache.cc:712
std::pair< LEX_CSTRING, LEX_CSTRING > Auth_id_ref
user, host tuple which reference either acl_cache or g_default_roles
Definition: auth_common.h:78
std::unique_ptr< T, std::function< void(T *)> > Sctx_ptr
Definition: auth_common.h:954
bool check_one_table_access(THD *thd, ulong privilege, Table_ref *tables)
Check grants for commands which work only with one table and all other tables belonging to subselects...
Definition: sql_authorization.cc:1903
mysql_role_edges_table_field
Definition: auth_common.h:334
@ MYSQL_ROLE_EDGES_FIELD_TO_USER
Definition: auth_common.h:338
@ MYSQL_ROLE_EDGES_FIELD_WITH_ADMIN_OPTION
Definition: auth_common.h:339
@ MYSQL_ROLE_EDGES_FIELD_FROM_USER
Definition: auth_common.h:336
@ MYSQL_ROLE_EDGES_FIELD_TO_HOST
Definition: auth_common.h:337
@ MYSQL_ROLE_EDGES_FIELD_FROM_HOST
Definition: auth_common.h:335
@ MYSQL_ROLE_EDGES_FIELD_COUNT
Definition: auth_common.h:340
void acl_log_connect(const char *user, const char *host, const char *auth_as, const char *db, THD *thd, enum enum_server_command command)
Logging connection for the general query log, extracted from acl_authenticate() as it's reused at dif...
Definition: sql_authentication.cc:4020
bool reload_acl_caches(THD *thd, bool mdl_locked)
Reload all ACL caches.
Definition: sql_auth_cache.cc:3660
bool is_acl_table_name(const char *name)
Check if given table name is a ACL table name.
Definition: sql_user_table.cc:2219
int fill_schema_schema_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5679
std::function< bool(Security_context *, Security_context_policy::Operation)> Security_context_functor
Definition: auth_common.h:927
bool check_routine_access(THD *thd, ulong want_access, const char *db, char *name, bool is_proc, bool no_errors)
Definition: sql_authorization.cc:1976
bool validate_user_plugins
controls the extra checks on plugin availability for mysql.user records
Definition: sql_auth_cache.cc:165
bool mysql_user_table_is_in_short_password_format
void acl_free(bool end=false)
Definition: sql_auth_cache.cc:1980
bool mysql_revoke_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:3077
bool check_acl_tables_intact(THD *thd, bool mdl_locked)
Opens the ACL tables and checks their sanity.
Definition: sql_auth_cache.cc:2104
bool mysql_show_grants(THD *, LEX_USER *, const List_of_auth_id_refs &, bool, bool)
SHOW GRANTS FOR user USING [ALL | role [,role ...]].
Definition: sql_authorization.cc:4780
void init_acl_memory()
Allocates the memory in the the global_acl_memory MEM_ROOT.
Definition: sql_auth_cache.cc:187
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name, bool is_proc)
Grant EXECUTE,ALTER privilege for a stored procedure.
Definition: sql_authorization.cc:5382
mysql_db_table_field
Definition: auth_common.h:207
@ MYSQL_DB_FIELD_GRANT_PRIV
Definition: auth_common.h:217
@ MYSQL_DB_FIELD_DELETE_PRIV
Definition: auth_common.h:214
@ MYSQL_DB_FIELD_INDEX_PRIV
Definition: auth_common.h:219
@ MYSQL_DB_FIELD_UPDATE_PRIV
Definition: auth_common.h:213
@ MYSQL_DB_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:223
@ MYSQL_DB_FIELD_ALTER_PRIV
Definition: auth_common.h:220
@ MYSQL_DB_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:222
@ MYSQL_DB_FIELD_COUNT
Definition: auth_common.h:230
@ MYSQL_DB_FIELD_TRIGGER_PRIV
Definition: auth_common.h:229
@ MYSQL_DB_FIELD_CREATE_PRIV
Definition: auth_common.h:215
@ MYSQL_DB_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:225
@ MYSQL_DB_FIELD_SELECT_PRIV
Definition: auth_common.h:211
@ MYSQL_DB_FIELD_EXECUTE_PRIV
Definition: auth_common.h:227
@ MYSQL_DB_FIELD_INSERT_PRIV
Definition: auth_common.h:212
@ MYSQL_DB_FIELD_EVENT_PRIV
Definition: auth_common.h:228
@ MYSQL_DB_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:226
@ MYSQL_DB_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:221
@ MYSQL_DB_FIELD_USER
Definition: auth_common.h:210
@ MYSQL_DB_FIELD_HOST
Definition: auth_common.h:208
@ MYSQL_DB_FIELD_DROP_PRIV
Definition: auth_common.h:216
@ MYSQL_DB_FIELD_DB
Definition: auth_common.h:209
@ MYSQL_DB_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:224
@ MYSQL_DB_FIELD_REFERENCES_PRIV
Definition: auth_common.h:218
bool is_mandatory_role(LEX_CSTRING role, LEX_CSTRING role_host, bool *is_mandatory)
Determine if a role@role_host authid is a mandatory role.
Definition: sql_authorization.cc:6796
int acl_authenticate(THD *thd, enum_server_command command)
Perform the handshake, authorize the client and update thd sctx variables.
Definition: sql_authentication.cc:4156
const std::vector< std::string > global_acls_vector
Consts for static privileges.
Definition: auth_acls.cc:61
bool lock_and_get_mandatory_roles(std::vector< Role_id > *mandatory_roles)
Copy a list of mandatory role authorization IDs.
Definition: sql_authorization.cc:6308
Auth_id_ref create_authid_from(const LEX_USER *user)
Definition: sql_authorization.cc:6634
bool mysql_grant_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles, bool with_admin_opt)
Grants a list of roles to a list of users.
Definition: sql_authorization.cc:3306
bool check_change_password(THD *thd, const char *host, const char *user, bool retain_current_password)
Definition: sql_user.cc:155
void get_privilege_desc(char *to, uint max_length, ulong access)
Definition: sql_authorization.cc:4513
int wild_case_compare(CHARSET_INFO *cs, const char *str, const char *wildstr)
Definition: sql_auth_cache.cc:797
bool mysql_alter_user_comment(THD *thd, const List< LEX_USER > *users, const std::string &json_blob, bool expect_text)
void get_mqh(THD *thd, const char *user, const char *host, USER_CONN *uc)
Definition: sql_auth_cache.cc:3107
bool is_acl_table(const TABLE *table)
Check if given TABLE* is a ACL table name.
Definition: sql_user_table.cc:2237
bool mysql_show_create_user(THD *thd, LEX_USER *user, bool are_both_users_same)
Auxiliary function for constructing CREATE USER sql for a given user.
Definition: sql_user.cc:258
ulong get_table_grant(THD *thd, Table_ref *table)
Definition: sql_authorization.cc:4419
bool do_auto_cert_generation(ssl_artifacts_status auto_detection_status, const char **ssl_ca, const char **ssl_key, const char **ssl_cert)
Check auto_generate_certs option and generate SSL certificates if required.
Definition: sql_authentication.cc:5916
const char * any_db
Definition: sql_authorization.cc:523
bool check_lock_view_underlying_table_access(THD *thd, Table_ref *tbl, bool *fake_lock_tables_acl)
For LOCK TABLES on a view checks if user in which context view is executed or user that has initiated...
Definition: sql_authorization.cc:5983
void set_connection_admin_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the connection_admin flag in the THD.
Definition: auth_common.cc:188
bool mysql_rename_user(THD *thd, List< LEX_USER > &list)
Definition: sql_user.cc:3136
bool check_global_access(THD *thd, ulong want_access)
check for global access and give descriptive error message if it fails.
Definition: sql_authorization.cc:5894
bool grant_init(bool skip_grant_tables)
Initialize structures responsible for table/column-level privilege checking and load information for ...
Definition: sql_auth_cache.cc:2348
uint32 global_password_reuse_interval
Definition: auth_common.h:915
void commit_and_close_mysql_tables(THD *thd)
A helper function to commit statement transaction and close ACL tables after reading some data from t...
Definition: sql_user_table.cc:508
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:79
std::string get_default_autnetication_plugin_name()
Return the default authentication plugin name.
Definition: sql_authentication.cc:1750
void set_system_user_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the system_user flag in the THD.
Definition: auth_common.cc:165
bool check_grant_column(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *name, size_t length, Security_context *sctx, ulong want_privilege)
Definition: sql_authorization.cc:3948
bool acl_getroot(THD *thd, Security_context *sctx, const char *user, const char *host, const char *ip, const char *db)
Definition: sql_auth_cache.cc:1501
ulong get_global_acl_cache_size()
Definition: sql_auth_cache.cc:108
bool create_table_precheck(THD *thd, Table_ref *tables, Table_ref *create_table)
CREATE TABLE query pre-check.
Definition: sql_authorization.cc:1744
bool mysql_set_active_role_none(THD *thd)
Reset active roles.
Definition: sql_authorization.cc:6698
bool check_readonly(THD *thd, bool err_if_readonly)
Performs standardized check whether to prohibit (true) or allow (false) operations based on read_only...
Definition: sql_authorization.cc:1846
int set_default_auth_plugin(char *plugin_name, size_t plugin_name_length)
Initialize default authentication plugin based on command line options or configuration file settings...
Definition: sql_authentication.cc:1724
bool check_grant(THD *thd, ulong want_access, Table_ref *tables, bool any_combination_will_do, uint number, bool no_errors)
Check table level grants.
Definition: sql_authorization.cc:3764
bool acl_init(bool dont_read_acl_tables)
Definition: sql_auth_cache.cc:1745
bool acl_can_access_user(THD *thd, LEX_USER *user)
Auxiliary function for the CAN_ACCESS_USER internal function used to check if a row from mysql....
Definition: sql_user.cc:207
bool change_password(THD *thd, LEX_USER *user, const char *password, const char *current_password, bool retain_current_password)
Change a password hash for a user.
Definition: sql_user.cc:1957
std::list< random_password_info > Userhostpassword_list
Definition: auth_common.h:1122
const ACL_internal_schema_access * get_cached_schema_access(GRANT_INTERNAL_INFO *grant_internal_info, const char *schema_name)
Get a cached internal schema access.
Definition: sql_authorization.cc:1649
bool send_password_result_set(THD *thd, const Userhostpassword_list &generated_passwords)
Sends the result set of generated passwords to the client.
Definition: sql_user.cc:977
bool operator<(const Auth_id_ref &a, const Auth_id_ref &b)
Definition: sql_authorization.cc:7467
std::string create_authid_str_from(const LEX_USER *user)
Helper used for producing a key to a key-value-map.
Definition: sql_authorization.cc:6626
bool mysql_set_active_role_all(THD *thd, const List< LEX_USER > *except_users)
Activates all granted role in the current security context.
Definition: sql_authorization.cc:6742
bool mysql_revoke_all(THD *thd, List< LEX_USER > &list)
Definition: sql_authorization.cc:5124
ACL_internal_access_result
Definition: auth_common.h:83
@ ACL_INTERNAL_ACCESS_GRANTED
Access granted for all the requested privileges, do not use the grant tables.
Definition: auth_common.h:90
@ ACL_INTERNAL_ACCESS_CHECK_GRANT
No decision yet, use the grant tables.
Definition: auth_common.h:94
@ ACL_INTERNAL_ACCESS_DENIED
Access denied, do not use the grant tables.
Definition: auth_common.h:92
bool turn_off_sandbox_mode(THD *thd, LEX_USER *user)
Helper method to turn off sandbox mode once registration step is complete.
Definition: sql_user.cc:1021
mysql_password_history_table_field
Definition: auth_common.h:351
@ MYSQL_PASSWORD_HISTORY_FIELD_COUNT
Definition: auth_common.h:356
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD_TIMESTAMP
Definition: auth_common.h:354
@ MYSQL_PASSWORD_HISTORY_FIELD_HOST
Definition: auth_common.h:352
@ MYSQL_PASSWORD_HISTORY_FIELD_USER
Definition: auth_common.h:353
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD
Definition: auth_common.h:355
bool mysql_create_user(THD *thd, List< LEX_USER > &list, bool if_not_exists, bool is_role)
Definition: sql_user.cc:2698
bool check_grant_routine(THD *thd, ulong want_access, Table_ref *procs, bool is_proc, bool no_error)
Definition: sql_authorization.cc:4317
void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, const char *db, const char *table)
Definition: sql_authorization.cc:5472
bool operator==(const LEX_CSTRING &a, const LEX_CSTRING &b)
Definition: sql_authorization.cc:7484
void get_default_roles(const Auth_id_ref &user, List_of_auth_id_refs &list)
Shallow copy a list of default role authorization IDs from an Role_id storage.
Definition: sql_authorization.cc:6286
int fill_schema_column_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5806
bool check_table_encryption_admin_access(THD *thd)
Check if a current user has the privilege TABLE_ENCRYPTION_ADMIN required to create encrypted table.
Definition: sql_authorization.cc:2410
bool is_role_id(LEX_USER *authid)
Definition: sql_authorization.cc:805
bool check_grant_all_columns(THD *thd, ulong want_access, Field_iterator_table_ref *fields)
check if a query can access a set of columns
Definition: sql_authorization.cc:4106
bool is_granted_role(LEX_CSTRING user, LEX_CSTRING host, LEX_CSTRING role, LEX_CSTRING role_host)
This function works just like check_if_granted_role, but also guarantees that the proper lock is take...
Definition: sql_authorization.cc:6775
mysql_default_roles_table_field
Definition: auth_common.h:343
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_USER
Definition: auth_common.h:347
@ MYSQL_DEFAULT_ROLES_FIELD_COUNT
Definition: auth_common.h:348
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_HOST
Definition: auth_common.h:346
@ MYSQL_DEFAULT_ROLES_FIELD_HOST
Definition: auth_common.h:344
@ MYSQL_DEFAULT_ROLES_FIELD_USER
Definition: auth_common.h:345
void append_identifier(String *packet, const char *name, size_t length)
Convert and quote the given identifier if needed and append it to the target string.
Definition: sql_show.cc:1458
bool mysql_grant(THD *thd, const char *db, List< LEX_USER > &list, ulong rights, bool revoke_grant, bool is_proxy, const List< LEX_CSTRING > &dynamic_privilege, bool grant_all_current_privileges, LEX_GRANT_AS *grant_as)
Definition: sql_authorization.cc:3429
bool is_acl_user(THD *thd, const char *host, const char *user)
Definition: sql_auth_cache.cc:1214
void update_mandatory_roles(void)
Definition: sql_authorization.cc:7318
bool has_full_view_routine_access(THD *thd, const char *db, const char *definer_user, const char *definer_host)
Check if user has full access to view routine's properties (i.e including stored routine code).
Definition: sql_authorization.cc:2058
void notify_flush_event(THD *thd)
Audit notification for flush.
Definition: sql_auth_cache.cc:1687
bool check_table_access(THD *thd, ulong requirements, Table_ref *tables, bool any_combination_of_privileges_will_do, uint number, bool no_errors)
Check if the requested privileges exists in either User-, DB- or, tables- tables.
Definition: sql_authorization.cc:2340
bool is_secure_transport(int vio_type)
Definition: sql_authentication.cc:4593
bool disconnect_on_expired_password
Definition: sql_authentication.cc:1448
bool wildcard_db_grant_exists()
mysql_tables_priv_table_field
Definition: auth_common.h:322
@ MYSQL_TABLES_PRIV_FIELD_HOST
Definition: auth_common.h:323
@ MYSQL_TABLES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:327
@ MYSQL_TABLES_PRIV_FIELD_COUNT
Definition: auth_common.h:331
@ MYSQL_TABLES_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:330
@ MYSQL_TABLES_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:326
@ MYSQL_TABLES_PRIV_FIELD_TABLE_PRIV
Definition: auth_common.h:329
@ MYSQL_TABLES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:328
@ MYSQL_TABLES_PRIV_FIELD_USER
Definition: auth_common.h:325
@ MYSQL_TABLES_PRIV_FIELD_DB
Definition: auth_common.h:324
void shutdown_acl_cache()
Shutdown the global Acl_cache system which was only initialized if the rwlocks were initialized.
Definition: sql_auth_cache.cc:3451
void log_user(THD *thd, String *str, LEX_USER *user, bool comma)
Auxiliary function for constructing a user list string.
Definition: sql_user.cc:123
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name, bool is_proc)
Revoke privileges for all users on a stored procedure.
Definition: sql_authorization.cc:5293
mysql_proxies_priv_table_feild
Definition: auth_common.h:288
@ MYSQL_PROXIES_PRIV_FIELD_HOST
Definition: auth_common.h:289
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_USER
Definition: auth_common.h:292
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_HOST
Definition: auth_common.h:291
@ MYSQL_PROXIES_PRIV_FIELD_COUNT
Definition: auth_common.h:296
@ MYSQL_PROXIES_PRIV_FIELD_WITH_GRANT
Definition: auth_common.h:293
@ MYSQL_PROXIES_PRIV_FIELD_USER
Definition: auth_common.h:290
@ MYSQL_PROXIES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:294
@ MYSQL_PROXIES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:295
bool check_single_table_access(THD *thd, ulong privilege, Table_ref *tables, bool no_errors)
Check grants for commands which work only with one table.
Definition: sql_authorization.cc:1942
void err_readonly(THD *thd)
Generates appropriate error messages for read-only state depending on whether user has SUPER privileg...
Definition: sql_authorization.cc:1882
void grant_free(void)
Definition: sql_auth_cache.cc:2328
bool check_grant_db(THD *thd, const char *db, const bool check_table_grant=false)
Check if a user has the right to access a database.
Definition: sql_authorization.cc:4255
bool mysql_routine_grant(THD *thd, Table_ref *table, bool is_proc, List< LEX_USER > &user_list, ulong rights, bool revoke, bool write_to_binlog)
Store routine level grants in the privilege tables.
Definition: sql_authorization.cc:2912
void generate_random_password(std::string *password, uint32_t)
Generates a random password of the length decided by the system variable generated_random_password_le...
Definition: sql_user.cc:957
bool decrypt_RSA_private_key(uchar *pkt, int cipher_length, unsigned char *plain_text, size_t plain_text_len, RSA *private_key)
Decrypt pkt data using RSA private key.
Definition: auth_common.cc:228
bool is_acl_inited()
Definition: sql_auth_cache.cc:3891
std::pair< std::string, std::string > get_authid_from_quoted_string(std::string str)
Return the unquoted authorization id as a user,host-tuple.
Definition: sql_authorization.cc:4587
ssl_artifacts_status
Definition: auth_common.h:893
@ SSL_ARTIFACTS_VIA_OPTIONS
Definition: auth_common.h:895
@ SSL_ARTIFACTS_AUTO_DETECTED
Definition: auth_common.h:897
@ SSL_ARTIFACT_TRACES_FOUND
Definition: auth_common.h:896
@ SSL_ARTIFACTS_NOT_FOUND
Definition: auth_common.h:894
int mysql_table_grant(THD *thd, Table_ref *table, List< LEX_USER > &user_list, List< LEX_COLUMN > &column_list, ulong rights, bool revoke)
Definition: sql_authorization.cc:2625
bool mysql_drop_user(THD *thd, List< LEX_USER > &list, bool if_exists, bool drop_role)
Drop a list of users and all their privileges.
Definition: sql_user.cc:2984
ulong acl_get(THD *thd, const char *host, const char *ip, const char *user, const char *db, bool db_is_pattern)
Get privilege for a host, user, and db combination.
Definition: sql_auth_cache.cc:1346
bool is_partial_revoke_exists(THD *thd)
Method to check if there exists at least one partial revokes in the cache.
Definition: sql_auth_cache.cc:3875
bool mysql_set_active_role(THD *thd, const List< LEX_USER > *role_list)
Definition: sql_authorization.cc:6752
bool mysql_alter_user(THD *thd, List< LEX_USER > &list, bool if_exists)
Definition: sql_user.cc:3331
int fill_schema_user_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5603
mysql_user_table_field
Definition: auth_common.h:233
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV
Definition: auth_common.h:264
@ MYSQL_USER_FIELD_SUPER_PRIV
Definition: auth_common.h:251
@ MYSQL_USER_FIELD_DROP_PRIV
Definition: auth_common.h:241
@ MYSQL_USER_FIELD_ACCOUNT_LOCKED
Definition: auth_common.h:278
@ MYSQL_USER_FIELD_SSL_TYPE
Definition: auth_common.h:265
@ MYSQL_USER_FIELD_SSL_CIPHER
Definition: auth_common.h:266
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV
Definition: auth_common.h:256
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS
Definition: auth_common.h:272
@ MYSQL_USER_FIELD_COUNT
Definition: auth_common.h:285
@ MYSQL_USER_FIELD_PROCESS_PRIV
Definition: auth_common.h:244
@ MYSQL_USER_FIELD_SELECT_PRIV
Definition: auth_common.h:236
@ MYSQL_USER_FIELD_USER
Definition: auth_common.h:235
@ MYSQL_USER_FIELD_MAX_CONNECTIONS
Definition: auth_common.h:271
@ MYSQL_USER_FIELD_REFERENCES_PRIV
Definition: auth_common.h:247
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED
Definition: auth_common.h:275
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:259
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:260
@ MYSQL_USER_FIELD_PLUGIN
Definition: auth_common.h:273
@ MYSQL_USER_FIELD_MAX_UPDATES
Definition: auth_common.h:270
@ MYSQL_USER_FIELD_EVENT_PRIV
Definition: auth_common.h:262
@ MYSQL_USER_FIELD_RELOAD_PRIV
Definition: auth_common.h:242
@ MYSQL_USER_FIELD_UPDATE_PRIV
Definition: auth_common.h:238
@ MYSQL_USER_FIELD_TRIGGER_PRIV
Definition: auth_common.h:263
@ MYSQL_USER_FIELD_X509_ISSUER
Definition: auth_common.h:267
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:253
@ MYSQL_USER_FIELD_CREATE_ROLE_PRIV
Definition: auth_common.h:279
@ MYSQL_USER_FIELD_PASSWORD_LAST_CHANGED
Definition: auth_common.h:276
@ MYSQL_USER_FIELD_INSERT_PRIV
Definition: auth_common.h:237
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV
Definition: auth_common.h:255
@ MYSQL_USER_FIELD_FILE_PRIV
Definition: auth_common.h:245
@ MYSQL_USER_FIELD_DROP_ROLE_PRIV
Definition: auth_common.h:280
@ MYSQL_USER_FIELD_INDEX_PRIV
Definition: auth_common.h:248
@ MYSQL_USER_FIELD_HOST
Definition: auth_common.h:234
@ MYSQL_USER_FIELD_PASSWORD_LIFETIME
Definition: auth_common.h:277
@ MYSQL_USER_FIELD_X509_SUBJECT
Definition: auth_common.h:268
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING
Definition: auth_common.h:274
@ MYSQL_USER_FIELD_SHOW_DB_PRIV
Definition: auth_common.h:250
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:258
@ MYSQL_USER_FIELD_CREATE_USER_PRIV
Definition: auth_common.h:261
@ MYSQL_USER_FIELD_EXECUTE_PRIV
Definition: auth_common.h:254
@ MYSQL_USER_FIELD_MAX_QUESTIONS
Definition: auth_common.h:269
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:257
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV
Definition: auth_common.h:243
@ MYSQL_USER_FIELD_CREATE_PRIV
Definition: auth_common.h:240
@ MYSQL_USER_FIELD_ALTER_PRIV
Definition: auth_common.h:249
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:252
@ MYSQL_USER_FIELD_GRANT_PRIV
Definition: auth_common.h:246
@ MYSQL_USER_FIELD_PASSWORD_REQUIRE_CURRENT
Definition: auth_common.h:283
@ MYSQL_USER_FIELD_PASSWORD_REUSE_TIME
Definition: auth_common.h:282
@ MYSQL_USER_FIELD_USER_ATTRIBUTES
Definition: auth_common.h:284
@ MYSQL_USER_FIELD_DELETE_PRIV
Definition: auth_common.h:239
@ MYSQL_USER_FIELD_PASSWORD_REUSE_HISTORY
Definition: auth_common.h:281
bool hostname_requires_resolving(const char *hostname)
Check if the given host name needs to be resolved or not.
Definition: sql_auth_cache.cc:876
bool has_grant_role_privilege(THD *thd, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:2513
bool mysql_set_role_default(THD *thd)
Activates all the default roles in the current security context.
Definition: sql_authorization.cc:6719
bool check_authorization_id_string(THD *thd, LEX_STRING &mandatory_roles)
Definition: sql_authorization.cc:7230
bool check_engine_type_for_acl_table(THD *thd, bool mdl_locked)
Definition: sql_auth_cache.cc:2008
bool has_partial_view_routine_access(THD *thd, const char *db, const char *routine_name, bool is_proc)
Check if user has partial access to view routine's properties (i.e.
Definition: sql_authorization.cc:2086
static constexpr int USER_HOST_BUFF_SIZE
Length of string buffer, that is enough to contain username and hostname parts of the user identifier...
Definition: auth_common.h:1111
bool opt_auto_generate_certs
Definition: sql_authentication.cc:1464
ulong get_column_grant(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *field_name)
Definition: sql_authorization.cc:4456
bool drop_role(THD *thd, TABLE *edge_table, TABLE *defaults_table, const Auth_id_ref &authid_user)
Definition: sql_authorization.cc:633
Definition: sql_auth_cache.h:245
Per internal schema ACL access rules.
Definition: auth_common.h:143
virtual const ACL_internal_table_access * lookup(const char *name) const =0
Search for per table ACL access rules by table name.
virtual ACL_internal_access_result check(ulong want_access, ulong *save_priv, bool any_combination_will_do) const =0
Check access to an internal schema.
virtual ~ACL_internal_schema_access()=default
ACL_internal_schema_access()=default
A registry for per internal schema ACL.
Definition: auth_common.h:181
static const ACL_internal_schema_access * lookup(const char *name)
Search per internal schema ACL by name.
Definition: sql_auth_cache.cc:211
static void register_schema(const LEX_CSTRING &name, const ACL_internal_schema_access *access)
Add an internal schema to the registry.
Definition: sql_auth_cache.cc:196
Per internal table ACL access rules.
Definition: auth_common.h:105
virtual ~ACL_internal_table_access()=default
ACL_internal_table_access()=default
virtual ACL_internal_access_result check(ulong want_access, ulong *save_priv, bool any_combination_will_do) const =0
Check access to an internal table.
Data describing the table being created by CREATE TABLE or altered by ALTER TABLE.
Definition: sql_alter.h:204
Storage container for default auth ids.
Definition: auth_common.h:1064
const std::string & host() const
Definition: auth_common.cc:124
std::string m_user
User part.
Definition: auth_common.h:1087
Auth_id & operator=(const Auth_id &)=default
void create_key()
Definition: auth_common.cc:56
const std::string & user() const
Definition: auth_common.cc:123
bool operator<(const Auth_id &id) const
Definition: auth_common.cc:100
std::string auth_str() const
Definition: auth_common.cc:115
std::string m_key
Key: Internal representation mainly to facilitate use of Auth_id class in standard container.
Definition: auth_common.h:1095
std::string m_host
Host part.
Definition: auth_common.h:1089
Definition: auth_common.h:930
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:932
Definition: auth_common.h:1001
const THD * m_thd
Definition: auth_common.h:1008
bool create(Security_context *sctx)
Create a local authid without modifying any tables.
Definition: sql_authorization.cc:7344
Default_local_authid(const THD *thd)
Definition: sql_authorization.cc:7324
bool precheck(Security_context *sctx)
Check if the security context can be created as a local authid.
Definition: sql_authorization.cc:7333
Definition: auth_common.h:1028
Drop_temporary_dynamic_privileges(std::vector< std::string > privs)
Definition: auth_common.h:1030
void operator()(Security_context *sctx)
Definition: sql_authorization.cc:7370
std::vector< std::string > m_privs
Definition: auth_common.h:1035
Generic iterator over the fields of an arbitrary table reference.
Definition: table.h:4098
Definition: auth_common.h:942
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:944
Grant the privilege temporarily to the in-memory global privileges map.
Definition: auth_common.h:1016
const std::vector< std::string > m_privs
Definition: auth_common.h:1025
Grant_temporary_dynamic_privileges(const THD *thd, std::vector< std::string > privs)
Definition: sql_authorization.cc:7348
bool grant_privileges(Security_context *sctx)
Grant dynamic privileges to an in-memory global authid.
Definition: sql_authorization.cc:7364
const THD * m_thd
Definition: auth_common.h:1024
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7352
Definition: auth_common.h:1039
const ulong m_privs
Privileges.
Definition: auth_common.h:1050
bool grant_privileges(Security_context *sctx)
Definition: sql_authorization.cc:7384
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7379
const THD * m_thd
THD handle.
Definition: auth_common.h:1047
Grant_temporary_static_privileges(const THD *thd, const ulong privs)
Definition: sql_authorization.cc:7375
Extension of ACL_internal_schema_access for Information Schema.
Definition: auth_common.h:191
~IS_internal_schema_access() override=default
IS_internal_schema_access()=default
const ACL_internal_table_access * lookup(const char *name) const override
Search for per table ACL access rules by table name.
Definition: sql_authorization.cc:1700
ACL_internal_access_result check(ulong want_access, ulong *save_priv, bool any_combination_will_do) const override
Check access to an internal schema.
Definition: sql_authorization.cc:1682
Base class that is used to represent any kind of expression in a relational query.
Definition: item.h:932
Definition: sql_lex.h:3645
Definition: sql_lex.h:3657
Definition: sql_list.h:433
Factory for creating any Security_context given a pre-constructed policy.
Definition: auth_common.h:959
Security_context_functor m_static_privileges
Definition: auth_common.h:997
Security_context_functor m_privileges
Definition: auth_common.h:996
Security_context_factory(THD *thd, std::string user, std::string host, Security_context_functor extend_user_profile, Security_context_functor priv, Security_context_functor static_priv, std::function< void(Security_context *)> drop_policy)
Default Security_context factory implementation.
Definition: auth_common.h:974
std::string m_user
Definition: auth_common.h:993
Sctx_ptr< Security_context > create()
Definition: sql_authorization.cc:7420
std::string m_host
Definition: auth_common.h:994
bool apply_pre_constructed_policies(Security_context *sctx)
Definition: sql_authorization.cc:7390
Security_context_functor m_user_profile
Definition: auth_common.h:995
THD * m_thd
Definition: auth_common.h:992
const std::function< void(Security_context *)> m_drop_policy
Definition: auth_common.h:998
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:52
Using this class is fraught with peril, and you need to be very careful when doing so.
Definition: sql_string.h:166
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:35
Definition: auth_common.h:436
uint repl_client_priv_idx() override
Definition: auth_common.h:477
uint max_user_connections_idx() override
Definition: auth_common.h:507
uint plugin_idx() override
Definition: auth_common.h:510
uint create_tablespace_priv_idx() override
Definition: auth_common.h:495
uint account_locked_idx() override
Definition: auth_common.h:523
uint create_priv_idx() override
Definition: auth_common.h:449
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:467
uint password_idx() override
Definition: auth_common.h:441
uint trigger_priv_idx() override
Definition: auth_common.h:494
uint max_questions_idx() override
Definition: auth_common.h:502
uint create_view_priv_idx() override
Definition: auth_common.h:480
uint index_priv_idx() override
Definition: auth_common.h:459
uint insert_priv_idx() override
Definition: auth_common.h:446
uint user_idx() override
Definition: auth_common.h:439
uint alter_routine_priv_idx() override
Definition: auth_common.h:487
uint create_user_priv_idx() override
Definition: auth_common.h:490
uint password_reuse_time_idx() override
Definition: auth_common.h:527
uint password_expired_idx() override
Definition: auth_common.h:514
uint password_require_current_idx() override
Definition: auth_common.h:530
uint shutdown_priv_idx() override
Definition: auth_common.h:452
uint drop_priv_idx() override
Definition: auth_common.h:450
uint host_idx() override
Definition: auth_common.h:438
uint file_priv_idx() override
Definition: auth_common.h:454
uint authentication_string_idx() override
Definition: auth_common.h:511
uint drop_role_priv_idx() override
Definition: auth_common.h:466
uint repl_slave_priv_idx() override
Definition: auth_common.h:474
uint x509_subject_idx() override
Definition: auth_common.h:501
uint references_priv_idx() override
Definition: auth_common.h:456
uint password_lifetime_idx() override
Definition: auth_common.h:520
uint event_priv_idx() override
Definition: auth_common.h:493
uint process_priv_idx() override
Definition: auth_common.h:453
uint max_connections_idx() override
Definition: auth_common.h:504
uint password_reuse_history_idx() override
Definition: auth_common.h:524
uint create_routine_priv_idx() override
Definition: auth_common.h:484
uint ssl_cipher_idx() override
Definition: auth_common.h:499
uint super_priv_idx() override
Definition: auth_common.h:462
uint update_priv_idx() override
Definition: auth_common.h:447
uint reload_priv_idx() override
Definition: auth_common.h:451
uint create_role_priv_idx() override
Definition: auth_common.h:463
uint password_last_changed_idx() override
Definition: auth_common.h:517
uint lock_tables_priv_idx() override
Definition: auth_common.h:470
uint show_db_priv_idx() override
Definition: auth_common.h:461
uint user_attributes_idx() override
Definition: auth_common.h:533
uint x509_issuer_idx() override
Definition: auth_common.h:500
uint grant_priv_idx() override
Definition: auth_common.h:455
uint ssl_type_idx() override
Definition: auth_common.h:498
uint alter_priv_idx() override
Definition: auth_common.h:460
uint max_updates_idx() override
Definition: auth_common.h:503
uint execute_priv_idx() override
Definition: auth_common.h:473
uint select_priv_idx() override
Definition: auth_common.h:445
uint show_view_priv_idx() override
Definition: auth_common.h:483
uint delete_priv_idx() override
Definition: auth_common.h:448
Definition: auth_common.h:541
uint file_priv_idx() override
Definition: auth_common.h:604
uint user_idx() override
Definition: auth_common.h:591
uint insert_priv_idx() override
Definition: auth_common.h:594
uint shutdown_priv_idx() override
Definition: auth_common.h:600
uint account_locked_idx() override
Definition: auth_common.h:673
uint x509_issuer_idx() override
Definition: auth_common.h:648
uint password_reuse_time_idx() override
Definition: auth_common.h:679
uint host_idx() override
Definition: auth_common.h:590
uint x509_subject_idx() override
Definition: auth_common.h:649
uint index_priv_idx() override
Definition: auth_common.h:609
mysql_user_table_field_56
Definition: auth_common.h:543
@ MYSQL_USER_FIELD_SUPER_PRIV_56
Definition: auth_common.h:562
@ MYSQL_USER_FIELD_SELECT_PRIV_56
Definition: auth_common.h:547
@ MYSQL_USER_FIELD_REFERENCES_PRIV_56
Definition: auth_common.h:558
@ MYSQL_USER_FIELD_SHOW_DB_PRIV_56
Definition: auth_common.h:561
@ MYSQL_USER_FIELD_UPDATE_PRIV_56
Definition: auth_common.h:549
@ MYSQL_USER_FIELD_DROP_PRIV_56
Definition: auth_common.h:552
@ MYSQL_USER_FIELD_PLUGIN_56
Definition: auth_common.h:584
@ MYSQL_USER_FIELD_FILE_PRIV_56
Definition: auth_common.h:556
@ MYSQL_USER_FIELD_X509_SUBJECT_56
Definition: auth_common.h:579
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV_56
Definition: auth_common.h:567
@ MYSQL_USER_FIELD_PASSWORD_56
Definition: auth_common.h:546
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS_56
Definition: auth_common.h:583
@ MYSQL_USER_FIELD_X509_ISSUER_56
Definition: auth_common.h:578
@ MYSQL_USER_FIELD_PROCESS_PRIV_56
Definition: auth_common.h:555
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV_56
Definition: auth_common.h:571
@ MYSQL_USER_FIELD_COUNT_56
Definition: auth_common.h:587
@ MYSQL_USER_FIELD_EVENT_PRIV_56
Definition: auth_common.h:573
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV_56
Definition: auth_common.h:554
@ MYSQL_USER_FIELD_SSL_TYPE_56
Definition: auth_common.h:576
@ MYSQL_USER_FIELD_SSL_CIPHER_56
Definition: auth_common.h:577
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV_56
Definition: auth_common.h:568
@ MYSQL_USER_FIELD_DELETE_PRIV_56
Definition: auth_common.h:550
@ MYSQL_USER_FIELD_MAX_CONNECTIONS_56
Definition: auth_common.h:582
@ MYSQL_USER_FIELD_CREATE_USER_PRIV_56
Definition: auth_common.h:572
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV_56
Definition: auth_common.h:570
@ MYSQL_USER_FIELD_CREATE_PRIV_56
Definition: auth_common.h:551
@ MYSQL_USER_FIELD_EXECUTE_PRIV_56
Definition: auth_common.h:565
@ MYSQL_USER_FIELD_MAX_QUESTIONS_56
Definition: auth_common.h:580
@ MYSQL_USER_FIELD_HOST_56
Definition: auth_common.h:544
@ MYSQL_USER_FIELD_GRANT_PRIV_56
Definition: auth_common.h:557
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING_56
Definition: auth_common.h:585
@ MYSQL_USER_FIELD_RELOAD_PRIV_56
Definition: auth_common.h:553
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV_56
Definition: auth_common.h:569
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV_56
Definition: auth_common.h:564
@ MYSQL_USER_FIELD_TRIGGER_PRIV_56
Definition: auth_common.h:574
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED_56
Definition: auth_common.h:586
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV_56
Definition: auth_common.h:563
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV_56
Definition: auth_common.h:575
@ MYSQL_USER_FIELD_USER_56
Definition: auth_common.h:545
@ MYSQL_USER_FIELD_INSERT_PRIV_56
Definition: auth_common.h:548
@ MYSQL_USER_FIELD_INDEX_PRIV_56
Definition: auth_common.h:559
@ MYSQL_USER_FIELD_ALTER_PRIV_56
Definition: auth_common.h:560
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV_56
Definition: auth_common.h:566
@ MYSQL_USER_FIELD_MAX_UPDATES_56
Definition: auth_common.h:581
uint drop_role_priv_idx() override
Definition: auth_common.h:675
uint user_attributes_idx() override
Definition: auth_common.h:683
uint lock_tables_priv_idx() override
Definition: auth_common.h:616
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:613
uint password_lifetime_idx() override
Definition: auth_common.h:672
uint process_priv_idx() override
Definition: auth_common.h:603
uint create_view_priv_idx() override
Definition: auth_common.h:626
uint plugin_idx() override
Definition: auth_common.h:660
uint max_user_connections_idx() override
Definition: auth_common.h:657
uint select_priv_idx() override
Definition: auth_common.h:593
uint references_priv_idx() override
Definition: auth_common.h:606
uint grant_priv_idx() override
Definition: auth_common.h:605
uint repl_slave_priv_idx() override
Definition: auth_common.h:620
uint max_updates_idx() override
Definition: auth_common.h:653
uint delete_priv_idx() override
Definition: auth_common.h:596
uint create_user_priv_idx() override
Definition: auth_common.h:638
uint repl_client_priv_idx() override
Definition: auth_common.h:623
uint show_view_priv_idx() override
Definition: auth_common.h:629
uint password_reuse_history_idx() override
Definition: auth_common.h:676
uint update_priv_idx() override
Definition: auth_common.h:595
uint create_priv_idx() override
Definition: auth_common.h:597
uint max_questions_idx() override
Definition: auth_common.h:650
uint drop_priv_idx() override
Definition: auth_common.h:598
uint alter_priv_idx() override
Definition: auth_common.h:610
uint execute_priv_idx() override
Definition: auth_common.h:619
uint password_idx() override
Definition: auth_common.h:592
uint password_expired_idx() override
Definition: auth_common.h:664
uint password_last_changed_idx() override
Definition: auth_common.h:669
uint authentication_string_idx() override
Definition: auth_common.h:661
uint show_db_priv_idx() override
Definition: auth_common.h:611
uint create_tablespace_priv_idx() override
Definition: auth_common.h:643
uint password_require_current_idx() override
Definition: auth_common.h:680
uint ssl_type_idx() override
Definition: auth_common.h:646
uint max_connections_idx() override
Definition: auth_common.h:654
uint reload_priv_idx() override
Definition: auth_common.h:599
uint create_role_priv_idx() override
Definition: auth_common.h:674
uint alter_routine_priv_idx() override
Definition: auth_common.h:635
uint create_routine_priv_idx() override
Definition: auth_common.h:632
uint super_priv_idx() override
Definition: auth_common.h:612
uint ssl_cipher_idx() override
Definition: auth_common.h:647
uint trigger_priv_idx() override
Definition: auth_common.h:642
uint event_priv_idx() override
Definition: auth_common.h:641
Definition: auth_common.h:686
virtual ~User_table_schema_factory()=default
virtual User_table_schema * get_user_table_schema(TABLE *table)
Definition: auth_common.h:688
virtual bool is_old_user_table_schema(TABLE *table)
Definition: auth_common.cc:47
Definition: auth_common.h:373
virtual uint user_attributes_idx()=0
virtual uint event_priv_idx()=0
virtual uint update_priv_idx()=0
virtual uint max_connections_idx()=0
virtual uint user_idx()=0
virtual uint select_priv_idx()=0
virtual uint repl_client_priv_idx()=0
virtual uint x509_issuer_idx()=0
virtual uint references_priv_idx()=0
virtual uint alter_priv_idx()=0
virtual uint password_last_changed_idx()=0
virtual uint host_idx()=0
virtual uint trigger_priv_idx()=0
virtual uint show_view_priv_idx()=0
virtual uint process_priv_idx()=0
virtual uint create_tablespace_priv_idx()=0
virtual uint reload_priv_idx()=0
virtual uint drop_priv_idx()=0
virtual uint password_expired_idx()=0
virtual uint max_user_connections_idx()=0
virtual uint max_updates_idx()=0
virtual uint password_reuse_time_idx()=0
virtual uint create_view_priv_idx()=0
virtual uint create_tmp_table_priv_idx()=0
virtual uint ssl_type_idx()=0
virtual uint password_lifetime_idx()=0
virtual uint show_db_priv_idx()=0
virtual uint password_reuse_history_idx()=0
virtual uint create_role_priv_idx()=0
virtual uint create_priv_idx()=0
virtual uint account_locked_idx()=0
virtual uint x509_subject_idx()=0
virtual uint alter_routine_priv_idx()=0
virtual uint super_priv_idx()=0
virtual uint password_require_current_idx()=0
virtual uint repl_slave_priv_idx()=0
virtual uint shutdown_priv_idx()=0
virtual uint lock_tables_priv_idx()=0
virtual uint authentication_string_idx()=0
virtual uint drop_role_priv_idx()=0
virtual uint ssl_cipher_idx()=0
virtual uint create_user_priv_idx()=0
virtual uint password_idx()=0
virtual uint grant_priv_idx()=0
virtual uint plugin_idx()=0
virtual uint index_priv_idx()=0
virtual uint max_questions_idx()=0
virtual uint create_routine_priv_idx()=0
virtual uint execute_priv_idx()=0
virtual uint delete_priv_idx()=0
virtual uint file_priv_idx()=0
virtual uint insert_priv_idx()=0
virtual ~User_table_schema()=default
Definition: sp_head.h:122
enum_server_command
A list of all MySQL protocol commands.
Definition: my_command.h:47
Common definition used by mysys, performance schema and server & client.
static constexpr int HOSTNAME_LENGTH
Definition: my_hostname.h:42
Some integer typedefs for easier portability.
unsigned char uchar
Definition: my_inttypes.h:51
uint32_t uint32
Definition: my_inttypes.h:66
Common definition between mysql server & client.
#define USERNAME_LENGTH
Definition: mysql_com.h:68
static char * password
Definition: mysql_secure_installation.cc:57
char * user
Definition: mysqladmin.cc:64
const char * host
Definition: mysqladmin.cc:63
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1085
static PFS_engine_table_share_proxy table
Definition: pfs.cc:60
Definition: acl_table_user.cc:79
const std::string system_user
const std::string connection_admin
Definition: commit_order_queue.h:33
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:75
static mysql_service_status_t create(const char *service_names[], reference_caching_channel *out_channel) noexcept
Definition: component.cc:44
const char * table_name
Definition: rules_table_service.cc:55
Cursor end()
A past-the-end Cursor.
Definition: rules_table_service.cc:191
const char * db_name
Definition: rules_table_service.cc:54
Definition: varlen_sort.h:183
std::conditional_t< !std::is_array< T >::value, std::unique_ptr< T, detail::Deleter< T > >, std::conditional_t< detail::is_unbounded_array_v< T >, std::unique_ptr< T, detail::Array_deleter< std::remove_extent_t< T > > >, void > > unique_ptr
The following is a common type that is returned by all the ut::make_unique (non-aligned) specializati...
Definition: ut0new.h:2437
std::list< T, ut::allocator< T > > list
Specialization of list which uses ut_allocator.
Definition: ut0new.h:2877
role_enum
Definition: sql_admin.h:239
struct rsa_st RSA
Definition: sql_authentication.h:102
LEX_CSTRING * plugin_name(st_plugin_int **ref)
Definition: sql_plugin_ref.h:94
Consumer_type
Target types where the rewritten query will be added.
Definition: sql_rewrite.h:37
case opt name
Definition: sslopt-case.h:32
Definition: m_ctype.h:422
The current state of the privilege checking process for the current user, SQL statement and SQL objec...
Definition: table.h:359
State information for internal tables grants.
Definition: table.h:336
Struct to hold information about the table that should be created.
Definition: handler.h:3132
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:82
Definition: mysql_lex_string.h:39
Definition: mysql_lex_string.h:34
Definition: auth_common.h:917
virtual bool operator()(Security_context *, Operation)=0
Security_context_policy(const Security_context_policy &)=default
Operation
Definition: auth_common.h:918
@ Precheck
Definition: auth_common.h:918
@ Execute
Definition: auth_common.h:918
Security_context_policy()=default
virtual ~Security_context_policy()=default
Definition: auth_common.h:1114
std::string host
Definition: auth_common.h:1116
std::string user
Definition: auth_common.h:1115
unsigned int authentication_factor
Definition: auth_common.h:1118
std::string password
Definition: auth_common.h:1117
Definition: sql_connect.h:69
command
Definition: version_token.cc:279
enum enum_vio_type vio_type(const MYSQL_VIO vio)