24#ifndef AUTH_COMMON_INCLUDED
25#define AUTH_COMMON_INCLUDED
47#include <openssl/rsa.h>
77extern const std::string
mysql;
135 bool any_combination_will_do)
const = 0;
171 bool any_combination_will_do)
const = 0;
204 bool any_combination_will_do)
const override;
697 : implicit_cast<User_table_schema *>(
716 const char *db,
THD *thd,
727#define DEFAULT_AUTH_ATTR (1L << 0)
728#define PLUGIN_ATTR (1L << 1)
730#define SSL_ATTR (1L << 2)
731#define RESOURCE_ATTR (1L << 3)
732#define PASSWORD_EXPIRE_ATTR (1L << 4)
733#define ACCESS_RIGHTS_ATTR (1L << 5)
734#define ACCOUNT_LOCK_ATTR (1L << 6)
735#define DIFFERENT_PLUGIN_ATTR \
737#define USER_ATTRIBUTES (1L << 8)
742 bool retain_current_password);
744 const char *current_password,
745 bool retain_current_password);
758 const char *wildstr,
size_t wildstr_len);
760bool acl_init(
bool dont_read_acl_tables);
767 bool preserve_temporary_account_locking,
770 const char *
user,
const char *db,
bool db_is_pattern);
773 const char *
host,
const char *ip,
const char *db);
790 bool grant_all_current_privileges,
LEX_GRANT_AS *grant_as);
793 bool revoke,
bool write_to_binlog,
794 bool all_current_privileges);
797 bool revoke,
bool all_current_privileges);
799 bool any_combination_will_do, uint number,
bool no_errors);
809 Acl_type routine_acl_type,
bool no_error);
811 const bool check_table_grant =
false);
819 const char *field_name);
829 const char *db,
const char *
table);
843 bool *fake_lock_tables_acl);
858 const char *definer_user,
859 const char *definer_host);
861 const char *routine_name,
866 bool dont_check_global_grants,
bool no_errors);
869 bool any_combination_of_privileges_will_do, uint number,
917 const char **ssl_ca,
const char **ssl_key,
918 const char **ssl_cert);
920#define DEFAULT_SSL_CA_CERT "ca.pem"
921#define DEFAULT_SSL_CA_KEY "ca-key.pem"
922#define DEFAULT_SSL_SERVER_CERT "server-cert.pem"
923#define DEFAULT_SSL_SERVER_KEY "server-key.pem"
943template <
class Derived>
947 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
949 if (op ==
Execute &&
static_cast<Derived *
>(
this)->
create(sctx))
955template <
class Derived>
959 if (op ==
Precheck &&
static_cast<Derived *
>(
this)->precheck(sctx))
961 if (op ==
Execute &&
static_cast<Derived *
>(
this)->grant_privileges(sctx))
1033 std::vector<std::string> privs);
1071 bool check_for_main_security_ctx =
false);
1081 Auth_id(
const char *
user,
size_t user_len,
const char *
host,
size_t host_len);
1093 void auth_str(std::string *out)
const;
1095 const std::string &
user()
const;
1096 const std::string &
host()
const;
1141 const std::string &json_blob,
bool expect_text);
1146#if OPENSSL_VERSION_NUMBER >= 0x30000000L
1148 unsigned char *plain_text,
size_t plain_text_len,
1149 EVP_PKEY *private_key);
1152 unsigned char *plain_text,
size_t plain_text_len,
uint32_t Access_bitmask
Definition: auth_acls.h:34
mysql_dynamic_priv_table_field
Definition: auth_common.h:365
@ MYSQL_DYNAMIC_PRIV_FIELD_PRIV
Definition: auth_common.h:368
@ MYSQL_DYNAMIC_PRIV_FIELD_HOST
Definition: auth_common.h:367
@ MYSQL_DYNAMIC_PRIV_FIELD_USER
Definition: auth_common.h:366
@ MYSQL_DYNAMIC_PRIV_FIELD_COUNT
Definition: auth_common.h:370
@ MYSQL_DYNAMIC_PRIV_FIELD_WITH_GRANT_OPTION
Definition: auth_common.h:369
mysql_columns_priv_table_field
Definition: auth_common.h:317
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_NAME
Definition: auth_common.h:322
@ MYSQL_COLUMNS_PRIV_FIELD_HOST
Definition: auth_common.h:318
@ MYSQL_COLUMNS_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:324
@ MYSQL_COLUMNS_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:321
@ MYSQL_COLUMNS_PRIV_FIELD_COUNT
Definition: auth_common.h:325
@ MYSQL_COLUMNS_PRIV_FIELD_DB
Definition: auth_common.h:319
@ MYSQL_COLUMNS_PRIV_FIELD_USER
Definition: auth_common.h:320
@ MYSQL_COLUMNS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:323
void roles_graphml(THD *thd, String *)
Definition: sql_authorization.cc:4965
bool check_fk_parent_table_access(THD *thd, HA_CREATE_INFO *create_info, Alter_info *alter_info)
Checks foreign key's parent table access.
Definition: sql_authorization.cc:6010
bool check_grant(THD *thd, Access_bitmask want_access, Table_ref *tables, bool any_combination_will_do, uint number, bool no_errors)
Check table level grants.
Definition: sql_authorization.cc:3813
mysql_procs_priv_table_field
Definition: auth_common.h:305
@ MYSQL_PROCS_PRIV_FIELD_PROC_PRIV
Definition: auth_common.h:312
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_NAME
Definition: auth_common.h:309
@ MYSQL_PROCS_PRIV_FIELD_COUNT
Definition: auth_common.h:314
@ MYSQL_PROCS_PRIV_FIELD_HOST
Definition: auth_common.h:306
@ MYSQL_PROCS_PRIV_FIELD_DB
Definition: auth_common.h:307
@ MYSQL_PROCS_PRIV_FIELD_ROUTINE_TYPE
Definition: auth_common.h:310
@ MYSQL_PROCS_PRIV_FIELD_GRANTOR
Definition: auth_common.h:311
@ MYSQL_PROCS_PRIV_FIELD_USER
Definition: auth_common.h:308
@ MYSQL_PROCS_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:313
bool mysql_routine_grant(THD *thd, Table_ref *table, Acl_type routine_acl_type, List< LEX_USER > &user_list, Access_bitmask rights, bool revoke, bool write_to_binlog, bool all_current_privileges)
Store routine level grants in the privilege tables.
Definition: sql_authorization.cc:2950
bool has_partial_view_routine_access(THD *thd, const char *db, const char *routine_name, Acl_type routine_acl_type)
Check if user has partial access to view routine's properties (i.e.
Definition: sql_authorization.cc:2108
bool acl_check_host(THD *thd, const char *host, const char *ip)
Definition: sql_authentication.cc:2175
void get_privilege_desc(char *to, uint max_length, Access_bitmask access)
Definition: sql_authorization.cc:4581
bool lock_tables_precheck(THD *thd, Table_ref *tables)
Check privileges for LOCK TABLES statement.
Definition: sql_authorization.cc:1732
bool skip_grant_tables()
Definition: sql_auth_cache.cc:166
bool acl_check_proxy_grant_access(THD *thd, const char *host, const char *user, bool with_grant)
Definition: sql_authorization.cc:5630
bool check_global_access(THD *thd, Access_bitmask want_access)
check for global access and give descriptive error message if it fails.
Definition: sql_authorization.cc:5985
int mysql_table_grant(THD *thd, Table_ref *table, List< LEX_USER > &user_list, List< LEX_COLUMN > &column_list, Access_bitmask rights, bool revoke, bool all_current_privileges)
Definition: sql_authorization.cc:2657
void func_current_role(const THD *thd, String *active_role)
Helper function for Item_func_current_role.
Definition: sql_authorization.cc:6346
uint32 global_password_history
Global sysvar: the number of old passwords to check in the history.
Definition: sql_auth_cache.cc:3871
bool mysql_alter_or_clear_default_roles(THD *thd, role_enum role_type, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Set the default roles to NONE, ALL or list of authorization IDs as roles, depending upon the role_typ...
Definition: sql_authorization.cc:6487
int fill_schema_table_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5832
void append_auth_id_string(const THD *thd, const char *user, size_t user_len, const char *host, size_t host_len, String *str)
Append the user@host to the str.
Definition: sql_auth_cache.cc:746
std::pair< LEX_CSTRING, LEX_CSTRING > Auth_id_ref
user, host tuple which reference either acl_cache or g_default_roles
Definition: auth_common.h:83
std::unique_ptr< T, std::function< void(T *)> > Sctx_ptr
Definition: auth_common.h:968
mysql_role_edges_table_field
Definition: auth_common.h:340
@ MYSQL_ROLE_EDGES_FIELD_TO_USER
Definition: auth_common.h:344
@ MYSQL_ROLE_EDGES_FIELD_WITH_ADMIN_OPTION
Definition: auth_common.h:345
@ MYSQL_ROLE_EDGES_FIELD_FROM_USER
Definition: auth_common.h:342
@ MYSQL_ROLE_EDGES_FIELD_TO_HOST
Definition: auth_common.h:343
@ MYSQL_ROLE_EDGES_FIELD_FROM_HOST
Definition: auth_common.h:341
@ MYSQL_ROLE_EDGES_FIELD_COUNT
Definition: auth_common.h:346
void acl_log_connect(const char *user, const char *host, const char *auth_as, const char *db, THD *thd, enum enum_server_command command)
Logging connection for the general query log, extracted from acl_authenticate() as it's reused at dif...
Definition: sql_authentication.cc:3851
bool is_acl_table_name(const char *name)
Check if given table name is a ACL table name.
Definition: sql_user_table.cc:2647
int fill_schema_schema_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5770
std::function< bool(Security_context *, Security_context_policy::Operation)> Security_context_functor
Definition: auth_common.h:941
bool validate_user_plugins
controls the extra checks on plugin availability for mysql.user records
Definition: sql_auth_cache.cc:170
bool mysql_user_table_is_in_short_password_format
void acl_free(bool end=false)
Definition: sql_auth_cache.cc:2016
bool mysql_revoke_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:3126
bool check_acl_tables_intact(THD *thd, bool mdl_locked)
Opens the ACL tables and checks their sanity.
Definition: sql_auth_cache.cc:2140
bool mysql_show_grants(THD *, LEX_USER *, const List_of_auth_id_refs &, bool, bool)
SHOW GRANTS FOR user USING [ALL | role [,role ...]].
Definition: sql_authorization.cc:4854
void init_acl_memory()
Allocates the memory in the the global_acl_memory MEM_ROOT.
Definition: sql_auth_cache.cc:214
mysql_db_table_field
Definition: auth_common.h:213
@ MYSQL_DB_FIELD_GRANT_PRIV
Definition: auth_common.h:223
@ MYSQL_DB_FIELD_DELETE_PRIV
Definition: auth_common.h:220
@ MYSQL_DB_FIELD_INDEX_PRIV
Definition: auth_common.h:225
@ MYSQL_DB_FIELD_UPDATE_PRIV
Definition: auth_common.h:219
@ MYSQL_DB_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:229
@ MYSQL_DB_FIELD_ALTER_PRIV
Definition: auth_common.h:226
@ MYSQL_DB_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:228
@ MYSQL_DB_FIELD_COUNT
Definition: auth_common.h:236
@ MYSQL_DB_FIELD_TRIGGER_PRIV
Definition: auth_common.h:235
@ MYSQL_DB_FIELD_CREATE_PRIV
Definition: auth_common.h:221
@ MYSQL_DB_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:231
@ MYSQL_DB_FIELD_SELECT_PRIV
Definition: auth_common.h:217
@ MYSQL_DB_FIELD_EXECUTE_PRIV
Definition: auth_common.h:233
@ MYSQL_DB_FIELD_INSERT_PRIV
Definition: auth_common.h:218
@ MYSQL_DB_FIELD_EVENT_PRIV
Definition: auth_common.h:234
@ MYSQL_DB_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:232
@ MYSQL_DB_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:227
@ MYSQL_DB_FIELD_USER
Definition: auth_common.h:216
@ MYSQL_DB_FIELD_HOST
Definition: auth_common.h:214
@ MYSQL_DB_FIELD_DROP_PRIV
Definition: auth_common.h:222
@ MYSQL_DB_FIELD_DB
Definition: auth_common.h:215
@ MYSQL_DB_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:230
@ MYSQL_DB_FIELD_REFERENCES_PRIV
Definition: auth_common.h:224
bool is_mandatory_role(LEX_CSTRING role, LEX_CSTRING role_host, bool *is_mandatory)
Determine if a role@role_host authid is a mandatory role.
Definition: sql_authorization.cc:6888
void append_identifier_with_backtick(String *packet, const char *name, size_t length)
Convert and quote the given identifier if needed and append it to the target string.
Definition: sql_show.cc:1469
bool check_grant_routine(THD *thd, Access_bitmask want_access, Table_ref *procs, Acl_type routine_acl_type, bool no_error)
Definition: sql_authorization.cc:4368
int acl_authenticate(THD *thd, enum_server_command command)
Perform the handshake, authorize the client and update thd sctx variables.
Definition: sql_authentication.cc:4034
const std::vector< std::string > global_acls_vector
Consts for static privileges.
Definition: auth_acls.cc:62
bool lock_and_get_mandatory_roles(std::vector< Role_id > *mandatory_roles)
Copy a list of mandatory role authorization IDs.
Definition: sql_authorization.cc:6399
Auth_id_ref create_authid_from(const LEX_USER *user)
Definition: sql_authorization.cc:6725
bool mysql_grant_role(THD *thd, const List< LEX_USER > *users, const List< LEX_USER > *roles, bool with_admin_opt)
Grants a list of roles to a list of users.
Definition: sql_authorization.cc:3355
bool check_change_password(THD *thd, const char *host, const char *user, bool retain_current_password)
Definition: sql_user.cc:158
int wild_case_compare(CHARSET_INFO *cs, const char *str, const char *wildstr)
Definition: sql_auth_cache.cc:831
bool sp_grant_privileges(THD *thd, const char *sp_db, const char *sp_name, Acl_type routine_acl_type)
Grant EXECUTE,ALTER privilege for a stored procedure.
Definition: sql_authorization.cc:5469
bool mysql_alter_user_comment(THD *thd, const List< LEX_USER > *users, const std::string &json_blob, bool expect_text)
void get_mqh(THD *thd, const char *user, const char *host, USER_CONN *uc)
Definition: sql_auth_cache.cc:3270
bool is_acl_table(const TABLE *table)
Check if given TABLE* is a ACL table name.
Definition: sql_user_table.cc:2665
bool mysql_show_create_user(THD *thd, LEX_USER *user, bool are_both_users_same)
Auxiliary function for constructing CREATE USER sql for a given user.
Definition: sql_user.cc:261
bool is_granted_table_access(THD *thd, Access_bitmask required_acl, Table_ref *table)
Given a Table_ref object this function checks against.
Definition: sql_authorization.cc:2472
bool do_auto_cert_generation(ssl_artifacts_status auto_detection_status, const char **ssl_ca, const char **ssl_key, const char **ssl_cert)
Check auto_generate_certs option and generate SSL certificates if required.
Definition: sql_authentication.cc:5767
const char * any_db
Definition: sql_authorization.cc:523
bool check_lock_view_underlying_table_access(THD *thd, Table_ref *tbl, bool *fake_lock_tables_acl)
For LOCK TABLES on a view checks if user in which context view is executed or user that has initiated...
Definition: sql_authorization.cc:6074
void set_connection_admin_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the connection_admin flag in the THD.
Definition: auth_common.cc:189
bool mysql_rename_user(THD *thd, List< LEX_USER > &list)
Definition: sql_user.cc:3260
bool grant_init(bool skip_grant_tables)
Initialize structures responsible for table/column-level privilege checking and load information for ...
Definition: sql_auth_cache.cc:2501
uint32 global_password_reuse_interval
Definition: auth_common.h:929
void commit_and_close_mysql_tables(THD *thd)
A helper function to commit statement transaction and close ACL tables after reading some data from t...
Definition: sql_user_table.cc:509
bool check_column_grant_in_table_ref(THD *thd, Table_ref *table_ref, const char *name, size_t length, Access_bitmask want_privilege)
Check the privileges for a column depending on the type of table.
Definition: sql_authorization.cc:4078
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:84
void set_system_user_flag(THD *thd, bool check_for_main_security_ctx=false)
Set the system_user flag in the THD.
Definition: auth_common.cc:166
bool acl_getroot(THD *thd, Security_context *sctx, const char *user, const char *host, const char *ip, const char *db)
Definition: sql_auth_cache.cc:1538
Access_bitmask get_table_grant(THD *thd, Table_ref *table)
Definition: sql_authorization.cc:4480
ulong get_global_acl_cache_size()
Definition: sql_auth_cache.cc:112
bool create_table_precheck(THD *thd, Table_ref *tables, Table_ref *create_table)
CREATE TABLE query pre-check.
Definition: sql_authorization.cc:1760
bool mysql_set_active_role_none(THD *thd)
Reset active roles.
Definition: sql_authorization.cc:6790
Access_bitmask acl_get(THD *thd, const char *host, const char *ip, const char *user, const char *db, bool db_is_pattern)
Get privilege for a host, user, and db combination.
Definition: sql_auth_cache.cc:1383
bool check_readonly(THD *thd, bool err_if_readonly)
Performs standardized check whether to prohibit (true) or allow (false) operations based on read_only...
Definition: sql_authorization.cc:1862
bool acl_init(bool dont_read_acl_tables)
Definition: sql_auth_cache.cc:1782
bool acl_can_access_user(THD *thd, LEX_USER *user)
Auxiliary function for the CAN_ACCESS_USER internal function used to check if a row from mysql....
Definition: sql_user.cc:210
bool change_password(THD *thd, LEX_USER *user, const char *password, const char *current_password, bool retain_current_password)
Change a password hash for a user.
Definition: sql_user.cc:2068
std::list< random_password_info > Userhostpassword_list
Definition: auth_common.h:1136
const ACL_internal_schema_access * get_cached_schema_access(GRANT_INTERNAL_INFO *grant_internal_info, const char *schema_name)
Get a cached internal schema access.
Definition: sql_authorization.cc:1666
bool send_password_result_set(THD *thd, const Userhostpassword_list &generated_passwords)
Sends the result set of generated passwords to the client.
Definition: sql_user.cc:980
bool operator<(const Auth_id_ref &a, const Auth_id_ref &b)
Definition: sql_authorization.cc:7559
std::string create_authid_str_from(const LEX_USER *user)
Helper used for producing a key to a key-value-map.
Definition: sql_authorization.cc:6717
bool check_grant_all_columns(THD *thd, Access_bitmask want_access, Field_iterator_table_ref *fields)
check if a query can access a set of columns
Definition: sql_authorization.cc:4156
bool mysql_set_active_role_all(THD *thd, const List< LEX_USER > *except_users)
Activates all granted role in the current security context.
Definition: sql_authorization.cc:6834
bool mysql_revoke_all(THD *thd, List< LEX_USER > &list)
Definition: sql_authorization.cc:5207
ACL_internal_access_result
Definition: auth_common.h:88
@ ACL_INTERNAL_ACCESS_GRANTED
Access granted for all the requested privileges, do not use the grant tables.
Definition: auth_common.h:95
@ ACL_INTERNAL_ACCESS_CHECK_GRANT
No decision yet, use the grant tables.
Definition: auth_common.h:99
@ ACL_INTERNAL_ACCESS_DENIED
Access denied, do not use the grant tables.
Definition: auth_common.h:97
bool turn_off_sandbox_mode(THD *thd, LEX_USER *user)
Helper method to turn off sandbox mode once registration step is complete.
Definition: sql_user.cc:1024
mysql_password_history_table_field
Definition: auth_common.h:357
@ MYSQL_PASSWORD_HISTORY_FIELD_COUNT
Definition: auth_common.h:362
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD_TIMESTAMP
Definition: auth_common.h:360
@ MYSQL_PASSWORD_HISTORY_FIELD_HOST
Definition: auth_common.h:358
@ MYSQL_PASSWORD_HISTORY_FIELD_USER
Definition: auth_common.h:359
@ MYSQL_PASSWORD_HISTORY_FIELD_PASSWORD
Definition: auth_common.h:361
bool mysql_create_user(THD *thd, List< LEX_USER > &list, bool if_not_exists, bool is_role)
Definition: sql_user.cc:2809
bool check_table_access(THD *thd, Access_bitmask requirements, Table_ref *tables, bool any_combination_of_privileges_will_do, uint number, bool no_errors)
Check if the requested privileges exists in either User-, DB- or, tables- tables.
Definition: sql_authorization.cc:2367
void fill_effective_table_privileges(THD *thd, GRANT_INFO *grant, const char *db, const char *table)
Definition: sql_authorization.cc:5562
bool operator==(const LEX_CSTRING &a, const LEX_CSTRING &b)
Definition: sql_authorization.cc:7576
void get_default_roles(const Auth_id_ref &user, List_of_auth_id_refs &list)
Shallow copy a list of default role authorization IDs from an Role_id storage.
Definition: sql_authorization.cc:6377
int fill_schema_column_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5897
bool check_table_encryption_admin_access(THD *thd)
Check if a current user has the privilege TABLE_ENCRYPTION_ADMIN required to create encrypted table.
Definition: sql_authorization.cc:2438
bool is_role_id(LEX_USER *authid)
Definition: sql_authorization.cc:805
bool is_granted_role(LEX_CSTRING user, LEX_CSTRING host, LEX_CSTRING role, LEX_CSTRING role_host)
This function works just like check_if_granted_role, but also guarantees that the proper lock is take...
Definition: sql_authorization.cc:6867
mysql_default_roles_table_field
Definition: auth_common.h:349
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_USER
Definition: auth_common.h:353
@ MYSQL_DEFAULT_ROLES_FIELD_COUNT
Definition: auth_common.h:354
@ MYSQL_DEFAULT_ROLES_FIELD_DEFAULT_ROLE_HOST
Definition: auth_common.h:352
@ MYSQL_DEFAULT_ROLES_FIELD_HOST
Definition: auth_common.h:350
@ MYSQL_DEFAULT_ROLES_FIELD_USER
Definition: auth_common.h:351
bool is_acl_user(THD *thd, const char *host, const char *user)
Definition: sql_auth_cache.cc:1251
void update_mandatory_roles(void)
Definition: sql_authorization.cc:7410
bool has_full_view_routine_access(THD *thd, const char *db, const char *definer_user, const char *definer_host)
Check if user has full access to view routine's properties (i.e including stored routine code).
Definition: sql_authorization.cc:2080
void notify_flush_event(THD *thd)
Audit notification for flush.
Definition: sql_auth_cache.cc:1724
bool is_secure_transport(int vio_type)
Definition: sql_authentication.cc:4469
bool disconnect_on_expired_password
Definition: sql_authentication.cc:1317
bool wildcard_db_grant_exists()
mysql_tables_priv_table_field
Definition: auth_common.h:328
@ MYSQL_TABLES_PRIV_FIELD_HOST
Definition: auth_common.h:329
@ MYSQL_TABLES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:333
@ MYSQL_TABLES_PRIV_FIELD_COUNT
Definition: auth_common.h:337
@ MYSQL_TABLES_PRIV_FIELD_COLUMN_PRIV
Definition: auth_common.h:336
@ MYSQL_TABLES_PRIV_FIELD_TABLE_NAME
Definition: auth_common.h:332
@ MYSQL_TABLES_PRIV_FIELD_TABLE_PRIV
Definition: auth_common.h:335
@ MYSQL_TABLES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:334
@ MYSQL_TABLES_PRIV_FIELD_USER
Definition: auth_common.h:331
@ MYSQL_TABLES_PRIV_FIELD_DB
Definition: auth_common.h:330
void shutdown_acl_cache()
Shutdown the global Acl_cache system which was only initialized if the rwlocks were initialized.
Definition: sql_auth_cache.cc:3680
void log_user(THD *thd, String *str, LEX_USER *user, bool comma)
Auxiliary function for constructing a user list string.
Definition: sql_user.cc:125
mysql_proxies_priv_table_feild
Definition: auth_common.h:294
@ MYSQL_PROXIES_PRIV_FIELD_HOST
Definition: auth_common.h:295
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_USER
Definition: auth_common.h:298
@ MYSQL_PROXIES_PRIV_FIELD_PROXIED_HOST
Definition: auth_common.h:297
@ MYSQL_PROXIES_PRIV_FIELD_COUNT
Definition: auth_common.h:302
@ MYSQL_PROXIES_PRIV_FIELD_WITH_GRANT
Definition: auth_common.h:299
@ MYSQL_PROXIES_PRIV_FIELD_USER
Definition: auth_common.h:296
@ MYSQL_PROXIES_PRIV_FIELD_GRANTOR
Definition: auth_common.h:300
@ MYSQL_PROXIES_PRIV_FIELD_TIMESTAMP
Definition: auth_common.h:301
void err_readonly(THD *thd)
Generates appropriate error messages for read-only state depending on whether user has SUPER privileg...
Definition: sql_authorization.cc:1898
void grant_free(void)
Definition: sql_auth_cache.cc:2480
bool check_some_access(THD *thd, Access_bitmask want_access, Table_ref *table)
Check if the given table has any of the asked privileges.
Definition: sql_authorization.cc:2050
bool check_grant_db(THD *thd, const char *db, const bool check_table_grant=false)
Check if a user has the right to access a database.
Definition: sql_authorization.cc:4305
bool check_single_table_access(THD *thd, Access_bitmask privilege, Table_ref *tables, bool no_errors)
Check grants for commands which work only with one table.
Definition: sql_authorization.cc:1959
void generate_random_password(std::string *password, uint32_t)
Generates a random password of the length decided by the system variable generated_random_password_le...
Definition: sql_user.cc:960
bool decrypt_RSA_private_key(uchar *pkt, int cipher_length, unsigned char *plain_text, size_t plain_text_len, RSA *private_key)
Decrypt pkt data using RSA private key.
Definition: auth_common.cc:229
bool is_acl_inited()
Definition: sql_auth_cache.cc:4131
std::pair< std::string, std::string > get_authid_from_quoted_string(std::string str)
Return the unquoted authorization id as a user,host-tuple.
Definition: sql_authorization.cc:4655
ssl_artifacts_status
Definition: auth_common.h:907
@ SSL_ARTIFACTS_VIA_OPTIONS
Definition: auth_common.h:909
@ SSL_ARTIFACTS_AUTO_DETECTED
Definition: auth_common.h:911
@ SSL_ARTIFACT_TRACES_FOUND
Definition: auth_common.h:910
@ SSL_ARTIFACTS_NOT_FOUND
Definition: auth_common.h:908
Access_bitmask get_column_grant(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *field_name)
Definition: sql_authorization.cc:4520
bool sp_revoke_privileges(THD *thd, const char *sp_db, const char *sp_name, Acl_type routine_acl_type)
Revoke privileges for all users on a stored procedure.
Definition: sql_authorization.cc:5376
bool mysql_drop_user(THD *thd, List< LEX_USER > &list, bool if_exists, bool drop_role)
Drop a list of users and all their privileges.
Definition: sql_user.cc:3095
bool reload_acl_caches(THD *thd, bool mdl_locked, bool preserve_temporary_account_locking, Lock_state_list *modified_user_lock_state_list)
Reload all ACL caches.
Definition: sql_auth_cache.cc:3896
bool is_partial_revoke_exists(THD *thd)
Method to check if there exists at least one partial revokes in the cache.
Definition: sql_auth_cache.cc:4115
bool mysql_set_active_role(THD *thd, const List< LEX_USER > *role_list)
Definition: sql_authorization.cc:6844
bool mysql_alter_user(THD *thd, List< LEX_USER > &list, bool if_exists)
Definition: sql_user.cc:3463
int fill_schema_user_privileges(THD *thd, Table_ref *tables, Item *cond)
Definition: sql_authorization.cc:5694
bool mysql_grant(THD *thd, const char *db, List< LEX_USER > &list, Access_bitmask rights, bool revoke_grant, bool is_proxy, const List< LEX_CSTRING > &dynamic_privilege, bool grant_all_current_privileges, LEX_GRANT_AS *grant_as)
Definition: sql_authorization.cc:3478
mysql_user_table_field
Definition: auth_common.h:239
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV
Definition: auth_common.h:270
@ MYSQL_USER_FIELD_SUPER_PRIV
Definition: auth_common.h:257
@ MYSQL_USER_FIELD_DROP_PRIV
Definition: auth_common.h:247
@ MYSQL_USER_FIELD_ACCOUNT_LOCKED
Definition: auth_common.h:284
@ MYSQL_USER_FIELD_SSL_TYPE
Definition: auth_common.h:271
@ MYSQL_USER_FIELD_SSL_CIPHER
Definition: auth_common.h:272
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV
Definition: auth_common.h:262
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS
Definition: auth_common.h:278
@ MYSQL_USER_FIELD_COUNT
Definition: auth_common.h:291
@ MYSQL_USER_FIELD_PROCESS_PRIV
Definition: auth_common.h:250
@ MYSQL_USER_FIELD_SELECT_PRIV
Definition: auth_common.h:242
@ MYSQL_USER_FIELD_USER
Definition: auth_common.h:241
@ MYSQL_USER_FIELD_MAX_CONNECTIONS
Definition: auth_common.h:277
@ MYSQL_USER_FIELD_REFERENCES_PRIV
Definition: auth_common.h:253
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED
Definition: auth_common.h:281
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV
Definition: auth_common.h:265
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV
Definition: auth_common.h:266
@ MYSQL_USER_FIELD_PLUGIN
Definition: auth_common.h:279
@ MYSQL_USER_FIELD_MAX_UPDATES
Definition: auth_common.h:276
@ MYSQL_USER_FIELD_EVENT_PRIV
Definition: auth_common.h:268
@ MYSQL_USER_FIELD_RELOAD_PRIV
Definition: auth_common.h:248
@ MYSQL_USER_FIELD_UPDATE_PRIV
Definition: auth_common.h:244
@ MYSQL_USER_FIELD_TRIGGER_PRIV
Definition: auth_common.h:269
@ MYSQL_USER_FIELD_X509_ISSUER
Definition: auth_common.h:273
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV
Definition: auth_common.h:259
@ MYSQL_USER_FIELD_CREATE_ROLE_PRIV
Definition: auth_common.h:285
@ MYSQL_USER_FIELD_PASSWORD_LAST_CHANGED
Definition: auth_common.h:282
@ MYSQL_USER_FIELD_INSERT_PRIV
Definition: auth_common.h:243
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV
Definition: auth_common.h:261
@ MYSQL_USER_FIELD_FILE_PRIV
Definition: auth_common.h:251
@ MYSQL_USER_FIELD_DROP_ROLE_PRIV
Definition: auth_common.h:286
@ MYSQL_USER_FIELD_INDEX_PRIV
Definition: auth_common.h:254
@ MYSQL_USER_FIELD_HOST
Definition: auth_common.h:240
@ MYSQL_USER_FIELD_PASSWORD_LIFETIME
Definition: auth_common.h:283
@ MYSQL_USER_FIELD_X509_SUBJECT
Definition: auth_common.h:274
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING
Definition: auth_common.h:280
@ MYSQL_USER_FIELD_SHOW_DB_PRIV
Definition: auth_common.h:256
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV
Definition: auth_common.h:264
@ MYSQL_USER_FIELD_CREATE_USER_PRIV
Definition: auth_common.h:267
@ MYSQL_USER_FIELD_EXECUTE_PRIV
Definition: auth_common.h:260
@ MYSQL_USER_FIELD_MAX_QUESTIONS
Definition: auth_common.h:275
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV
Definition: auth_common.h:263
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV
Definition: auth_common.h:249
@ MYSQL_USER_FIELD_CREATE_PRIV
Definition: auth_common.h:246
@ MYSQL_USER_FIELD_ALTER_PRIV
Definition: auth_common.h:255
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV
Definition: auth_common.h:258
@ MYSQL_USER_FIELD_GRANT_PRIV
Definition: auth_common.h:252
@ MYSQL_USER_FIELD_PASSWORD_REQUIRE_CURRENT
Definition: auth_common.h:289
@ MYSQL_USER_FIELD_PASSWORD_REUSE_TIME
Definition: auth_common.h:288
@ MYSQL_USER_FIELD_USER_ATTRIBUTES
Definition: auth_common.h:290
@ MYSQL_USER_FIELD_DELETE_PRIV
Definition: auth_common.h:245
@ MYSQL_USER_FIELD_PASSWORD_REUSE_HISTORY
Definition: auth_common.h:287
bool hostname_requires_resolving(const char *hostname)
Check if the given host name needs to be resolved or not.
Definition: sql_auth_cache.cc:910
bool check_routine_access(THD *thd, Access_bitmask want_access, const char *db, const char *name, Acl_type routine_acl_type, bool no_errors)
Definition: sql_authorization.cc:1993
bool has_grant_role_privilege(THD *thd, const List< LEX_USER > *roles)
Definition: sql_authorization.cc:2544
bool mysql_set_role_default(THD *thd)
Activates all the default roles in the current security context.
Definition: sql_authorization.cc:6811
bool check_authorization_id_string(THD *thd, LEX_STRING &mandatory_roles)
Definition: sql_authorization.cc:7322
bool check_engine_type_for_acl_table(THD *thd, bool mdl_locked)
Definition: sql_auth_cache.cc:2044
bool check_access(THD *thd, Access_bitmask want_access, const char *db, Access_bitmask *save_priv, GRANT_INTERNAL_INFO *grant_internal_info, bool dont_check_global_grants, bool no_errors)
Compare requested privileges with the privileges acquired from the User- and Db-tables.
Definition: sql_authorization.cc:2164
bool check_one_table_access(THD *thd, Access_bitmask privilege, Table_ref *tables)
Check grants for commands which work only with one table and all other tables belonging to subselects...
Definition: sql_authorization.cc:1919
std::vector< ACL_temporary_lock_state > Lock_state_list
Definition: auth_common.h:72
bool check_grant_column(THD *thd, GRANT_INFO *grant, const char *db_name, const char *table_name, const char *name, size_t length, Security_context *sctx, Access_bitmask want_privilege)
Definition: sql_authorization.cc:3998
static constexpr int USER_HOST_BUFF_SIZE
Length of string buffer, that is enough to contain username and hostname parts of the user identifier...
Definition: auth_common.h:1125
bool opt_auto_generate_certs
Definition: sql_authentication.cc:1333
bool drop_role(THD *thd, TABLE *edge_table, TABLE *defaults_table, const Auth_id_ref &authid_user)
Definition: sql_authorization.cc:633
Definition: sql_auth_cache.h:248
Per internal schema ACL access rules.
Definition: auth_common.h:148
virtual const ACL_internal_table_access * lookup(const char *name) const =0
Search for per table ACL access rules by table name.
virtual ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const =0
Check access to an internal schema.
virtual ~ACL_internal_schema_access()=default
ACL_internal_schema_access()=default
A registry for per internal schema ACL.
Definition: auth_common.h:186
static const ACL_internal_schema_access * lookup(const char *name)
Search per internal schema ACL by name.
Definition: sql_auth_cache.cc:238
static void register_schema(const LEX_CSTRING &name, const ACL_internal_schema_access *access)
Add an internal schema to the registry.
Definition: sql_auth_cache.cc:223
Per internal table ACL access rules.
Definition: auth_common.h:110
virtual ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const =0
Check access to an internal table.
virtual ~ACL_internal_table_access()=default
ACL_internal_table_access()=default
Enables preserving temporary account locking attributes during ACL DDL.
Definition: sql_auth_cache.h:868
Data describing the table being created by CREATE TABLE or altered by ALTER TABLE.
Definition: sql_alter.h:205
Storage container for default auth ids.
Definition: auth_common.h:1078
const std::string & host() const
Definition: auth_common.cc:125
std::string m_user
User part.
Definition: auth_common.h:1101
Auth_id & operator=(const Auth_id &)=default
void create_key()
Definition: auth_common.cc:57
const std::string & user() const
Definition: auth_common.cc:124
bool operator<(const Auth_id &id) const
Definition: auth_common.cc:101
std::string auth_str() const
Definition: auth_common.cc:116
std::string m_key
Key: Internal representation mainly to facilitate use of Auth_id class in standard container.
Definition: auth_common.h:1109
std::string m_host
Host part.
Definition: auth_common.h:1103
Definition: auth_common.h:944
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:946
Definition: auth_common.h:1015
const THD * m_thd
Definition: auth_common.h:1022
bool create(Security_context *sctx)
Create a local authid without modifying any tables.
Definition: sql_authorization.cc:7436
Default_local_authid(const THD *thd)
Definition: sql_authorization.cc:7416
bool precheck(Security_context *sctx)
Check if the security context can be created as a local authid.
Definition: sql_authorization.cc:7425
Definition: auth_common.h:1042
Drop_temporary_dynamic_privileges(std::vector< std::string > privs)
Definition: auth_common.h:1044
void operator()(Security_context *sctx)
Definition: sql_authorization.cc:7462
std::vector< std::string > m_privs
Definition: auth_common.h:1049
Generic iterator over the fields of an arbitrary table reference.
Definition: table.h:4197
Definition: auth_common.h:956
bool operator()(Security_context *sctx, Operation op) override
Definition: auth_common.h:958
Grant the privilege temporarily to the in-memory global privileges map.
Definition: auth_common.h:1030
const std::vector< std::string > m_privs
Definition: auth_common.h:1039
Grant_temporary_dynamic_privileges(const THD *thd, std::vector< std::string > privs)
Definition: sql_authorization.cc:7440
bool grant_privileges(Security_context *sctx)
Grant dynamic privileges to an in-memory global authid.
Definition: sql_authorization.cc:7456
const THD * m_thd
Definition: auth_common.h:1038
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7444
Definition: auth_common.h:1053
bool grant_privileges(Security_context *sctx)
Definition: sql_authorization.cc:7476
bool precheck(Security_context *sctx)
Definition: sql_authorization.cc:7471
Grant_temporary_static_privileges(const THD *thd, const Access_bitmask privs)
Definition: sql_authorization.cc:7467
const THD * m_thd
THD handle.
Definition: auth_common.h:1061
const Access_bitmask m_privs
Privileges.
Definition: auth_common.h:1064
Extension of ACL_internal_schema_access for Information Schema.
Definition: auth_common.h:196
~IS_internal_schema_access() override=default
IS_internal_schema_access()=default
const ACL_internal_table_access * lookup(const char *name) const override
Search for per table ACL access rules by table name.
Definition: sql_authorization.cc:1716
ACL_internal_access_result check(Access_bitmask want_access, Access_bitmask *save_priv, bool any_combination_will_do) const override
Check access to an internal schema.
Definition: sql_authorization.cc:1699
Base class that is used to represent any kind of expression in a relational query.
Definition: item.h:930
Definition: sql_lex.h:3861
Definition: sql_lex.h:3873
Definition: sql_list.h:494
Factory for creating any Security_context given a pre-constructed policy.
Definition: auth_common.h:973
Security_context_functor m_static_privileges
Definition: auth_common.h:1011
Security_context_functor m_privileges
Definition: auth_common.h:1010
Security_context_factory(THD *thd, std::string user, std::string host, Security_context_functor extend_user_profile, Security_context_functor priv, Security_context_functor static_priv, std::function< void(Security_context *)> drop_policy)
Default Security_context factory implementation.
Definition: auth_common.h:988
std::string m_user
Definition: auth_common.h:1007
Sctx_ptr< Security_context > create()
Definition: sql_authorization.cc:7512
std::string m_host
Definition: auth_common.h:1008
bool apply_pre_constructed_policies(Security_context *sctx)
Definition: sql_authorization.cc:7482
Security_context_functor m_user_profile
Definition: auth_common.h:1009
THD * m_thd
Definition: auth_common.h:1006
const std::function< void(Security_context *)> m_drop_policy
Definition: auth_common.h:1012
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:54
Using this class is fraught with peril, and you need to be very careful when doing so.
Definition: sql_string.h:167
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_lexer_thd.h:36
Definition: auth_common.h:442
uint repl_client_priv_idx() override
Definition: auth_common.h:483
uint max_user_connections_idx() override
Definition: auth_common.h:513
uint plugin_idx() override
Definition: auth_common.h:516
uint create_tablespace_priv_idx() override
Definition: auth_common.h:501
uint account_locked_idx() override
Definition: auth_common.h:529
uint create_priv_idx() override
Definition: auth_common.h:455
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:473
uint password_idx() override
Definition: auth_common.h:447
uint trigger_priv_idx() override
Definition: auth_common.h:500
uint max_questions_idx() override
Definition: auth_common.h:508
uint create_view_priv_idx() override
Definition: auth_common.h:486
uint index_priv_idx() override
Definition: auth_common.h:465
uint insert_priv_idx() override
Definition: auth_common.h:452
uint user_idx() override
Definition: auth_common.h:445
uint alter_routine_priv_idx() override
Definition: auth_common.h:493
uint create_user_priv_idx() override
Definition: auth_common.h:496
uint password_reuse_time_idx() override
Definition: auth_common.h:533
uint password_expired_idx() override
Definition: auth_common.h:520
uint password_require_current_idx() override
Definition: auth_common.h:536
uint shutdown_priv_idx() override
Definition: auth_common.h:458
uint drop_priv_idx() override
Definition: auth_common.h:456
uint host_idx() override
Definition: auth_common.h:444
uint file_priv_idx() override
Definition: auth_common.h:460
uint authentication_string_idx() override
Definition: auth_common.h:517
uint drop_role_priv_idx() override
Definition: auth_common.h:472
uint repl_slave_priv_idx() override
Definition: auth_common.h:480
uint x509_subject_idx() override
Definition: auth_common.h:507
uint references_priv_idx() override
Definition: auth_common.h:462
uint password_lifetime_idx() override
Definition: auth_common.h:526
uint event_priv_idx() override
Definition: auth_common.h:499
uint process_priv_idx() override
Definition: auth_common.h:459
uint max_connections_idx() override
Definition: auth_common.h:510
uint password_reuse_history_idx() override
Definition: auth_common.h:530
uint create_routine_priv_idx() override
Definition: auth_common.h:490
uint ssl_cipher_idx() override
Definition: auth_common.h:505
uint super_priv_idx() override
Definition: auth_common.h:468
uint update_priv_idx() override
Definition: auth_common.h:453
uint reload_priv_idx() override
Definition: auth_common.h:457
uint create_role_priv_idx() override
Definition: auth_common.h:469
uint password_last_changed_idx() override
Definition: auth_common.h:523
uint lock_tables_priv_idx() override
Definition: auth_common.h:476
uint show_db_priv_idx() override
Definition: auth_common.h:467
uint user_attributes_idx() override
Definition: auth_common.h:539
uint x509_issuer_idx() override
Definition: auth_common.h:506
uint grant_priv_idx() override
Definition: auth_common.h:461
uint ssl_type_idx() override
Definition: auth_common.h:504
uint alter_priv_idx() override
Definition: auth_common.h:466
uint max_updates_idx() override
Definition: auth_common.h:509
uint execute_priv_idx() override
Definition: auth_common.h:479
uint select_priv_idx() override
Definition: auth_common.h:451
uint show_view_priv_idx() override
Definition: auth_common.h:489
uint delete_priv_idx() override
Definition: auth_common.h:454
Definition: auth_common.h:547
uint file_priv_idx() override
Definition: auth_common.h:610
uint user_idx() override
Definition: auth_common.h:597
uint insert_priv_idx() override
Definition: auth_common.h:600
uint shutdown_priv_idx() override
Definition: auth_common.h:606
uint account_locked_idx() override
Definition: auth_common.h:679
uint x509_issuer_idx() override
Definition: auth_common.h:654
uint password_reuse_time_idx() override
Definition: auth_common.h:685
uint host_idx() override
Definition: auth_common.h:596
uint x509_subject_idx() override
Definition: auth_common.h:655
uint index_priv_idx() override
Definition: auth_common.h:615
mysql_user_table_field_56
Definition: auth_common.h:549
@ MYSQL_USER_FIELD_SUPER_PRIV_56
Definition: auth_common.h:568
@ MYSQL_USER_FIELD_SELECT_PRIV_56
Definition: auth_common.h:553
@ MYSQL_USER_FIELD_REFERENCES_PRIV_56
Definition: auth_common.h:564
@ MYSQL_USER_FIELD_SHOW_DB_PRIV_56
Definition: auth_common.h:567
@ MYSQL_USER_FIELD_UPDATE_PRIV_56
Definition: auth_common.h:555
@ MYSQL_USER_FIELD_DROP_PRIV_56
Definition: auth_common.h:558
@ MYSQL_USER_FIELD_PLUGIN_56
Definition: auth_common.h:590
@ MYSQL_USER_FIELD_FILE_PRIV_56
Definition: auth_common.h:562
@ MYSQL_USER_FIELD_X509_SUBJECT_56
Definition: auth_common.h:585
@ MYSQL_USER_FIELD_REPL_CLIENT_PRIV_56
Definition: auth_common.h:573
@ MYSQL_USER_FIELD_PASSWORD_56
Definition: auth_common.h:552
@ MYSQL_USER_FIELD_MAX_USER_CONNECTIONS_56
Definition: auth_common.h:589
@ MYSQL_USER_FIELD_X509_ISSUER_56
Definition: auth_common.h:584
@ MYSQL_USER_FIELD_PROCESS_PRIV_56
Definition: auth_common.h:561
@ MYSQL_USER_FIELD_ALTER_ROUTINE_PRIV_56
Definition: auth_common.h:577
@ MYSQL_USER_FIELD_COUNT_56
Definition: auth_common.h:593
@ MYSQL_USER_FIELD_EVENT_PRIV_56
Definition: auth_common.h:579
@ MYSQL_USER_FIELD_SHUTDOWN_PRIV_56
Definition: auth_common.h:560
@ MYSQL_USER_FIELD_SSL_TYPE_56
Definition: auth_common.h:582
@ MYSQL_USER_FIELD_SSL_CIPHER_56
Definition: auth_common.h:583
@ MYSQL_USER_FIELD_CREATE_VIEW_PRIV_56
Definition: auth_common.h:574
@ MYSQL_USER_FIELD_DELETE_PRIV_56
Definition: auth_common.h:556
@ MYSQL_USER_FIELD_MAX_CONNECTIONS_56
Definition: auth_common.h:588
@ MYSQL_USER_FIELD_CREATE_USER_PRIV_56
Definition: auth_common.h:578
@ MYSQL_USER_FIELD_CREATE_ROUTINE_PRIV_56
Definition: auth_common.h:576
@ MYSQL_USER_FIELD_CREATE_PRIV_56
Definition: auth_common.h:557
@ MYSQL_USER_FIELD_EXECUTE_PRIV_56
Definition: auth_common.h:571
@ MYSQL_USER_FIELD_MAX_QUESTIONS_56
Definition: auth_common.h:586
@ MYSQL_USER_FIELD_HOST_56
Definition: auth_common.h:550
@ MYSQL_USER_FIELD_GRANT_PRIV_56
Definition: auth_common.h:563
@ MYSQL_USER_FIELD_AUTHENTICATION_STRING_56
Definition: auth_common.h:591
@ MYSQL_USER_FIELD_RELOAD_PRIV_56
Definition: auth_common.h:559
@ MYSQL_USER_FIELD_SHOW_VIEW_PRIV_56
Definition: auth_common.h:575
@ MYSQL_USER_FIELD_LOCK_TABLES_PRIV_56
Definition: auth_common.h:570
@ MYSQL_USER_FIELD_TRIGGER_PRIV_56
Definition: auth_common.h:580
@ MYSQL_USER_FIELD_PASSWORD_EXPIRED_56
Definition: auth_common.h:592
@ MYSQL_USER_FIELD_CREATE_TMP_TABLE_PRIV_56
Definition: auth_common.h:569
@ MYSQL_USER_FIELD_CREATE_TABLESPACE_PRIV_56
Definition: auth_common.h:581
@ MYSQL_USER_FIELD_USER_56
Definition: auth_common.h:551
@ MYSQL_USER_FIELD_INSERT_PRIV_56
Definition: auth_common.h:554
@ MYSQL_USER_FIELD_INDEX_PRIV_56
Definition: auth_common.h:565
@ MYSQL_USER_FIELD_ALTER_PRIV_56
Definition: auth_common.h:566
@ MYSQL_USER_FIELD_REPL_SLAVE_PRIV_56
Definition: auth_common.h:572
@ MYSQL_USER_FIELD_MAX_UPDATES_56
Definition: auth_common.h:587
uint drop_role_priv_idx() override
Definition: auth_common.h:681
uint user_attributes_idx() override
Definition: auth_common.h:689
uint lock_tables_priv_idx() override
Definition: auth_common.h:622
uint create_tmp_table_priv_idx() override
Definition: auth_common.h:619
uint password_lifetime_idx() override
Definition: auth_common.h:678
uint process_priv_idx() override
Definition: auth_common.h:609
uint create_view_priv_idx() override
Definition: auth_common.h:632
uint plugin_idx() override
Definition: auth_common.h:666
uint max_user_connections_idx() override
Definition: auth_common.h:663
uint select_priv_idx() override
Definition: auth_common.h:599
uint references_priv_idx() override
Definition: auth_common.h:612
uint grant_priv_idx() override
Definition: auth_common.h:611
uint repl_slave_priv_idx() override
Definition: auth_common.h:626
uint max_updates_idx() override
Definition: auth_common.h:659
uint delete_priv_idx() override
Definition: auth_common.h:602
uint create_user_priv_idx() override
Definition: auth_common.h:644
uint repl_client_priv_idx() override
Definition: auth_common.h:629
uint show_view_priv_idx() override
Definition: auth_common.h:635
uint password_reuse_history_idx() override
Definition: auth_common.h:682
uint update_priv_idx() override
Definition: auth_common.h:601
uint create_priv_idx() override
Definition: auth_common.h:603
uint max_questions_idx() override
Definition: auth_common.h:656
uint drop_priv_idx() override
Definition: auth_common.h:604
uint alter_priv_idx() override
Definition: auth_common.h:616
uint execute_priv_idx() override
Definition: auth_common.h:625
uint password_idx() override
Definition: auth_common.h:598
uint password_expired_idx() override
Definition: auth_common.h:670
uint password_last_changed_idx() override
Definition: auth_common.h:675
uint authentication_string_idx() override
Definition: auth_common.h:667
uint show_db_priv_idx() override
Definition: auth_common.h:617
uint create_tablespace_priv_idx() override
Definition: auth_common.h:649
uint password_require_current_idx() override
Definition: auth_common.h:686
uint ssl_type_idx() override
Definition: auth_common.h:652
uint max_connections_idx() override
Definition: auth_common.h:660
uint reload_priv_idx() override
Definition: auth_common.h:605
uint create_role_priv_idx() override
Definition: auth_common.h:680
uint alter_routine_priv_idx() override
Definition: auth_common.h:641
uint create_routine_priv_idx() override
Definition: auth_common.h:638
uint super_priv_idx() override
Definition: auth_common.h:618
uint ssl_cipher_idx() override
Definition: auth_common.h:653
uint trigger_priv_idx() override
Definition: auth_common.h:648
uint event_priv_idx() override
Definition: auth_common.h:647
Definition: auth_common.h:692
virtual ~User_table_schema_factory()=default
virtual User_table_schema * get_user_table_schema(TABLE *table)
Definition: auth_common.h:694
virtual bool is_old_user_table_schema(TABLE *table)
Definition: auth_common.cc:48
Definition: auth_common.h:379
virtual uint user_attributes_idx()=0
virtual uint event_priv_idx()=0
virtual uint update_priv_idx()=0
virtual uint max_connections_idx()=0
virtual uint user_idx()=0
virtual uint select_priv_idx()=0
virtual uint repl_client_priv_idx()=0
virtual uint x509_issuer_idx()=0
virtual uint references_priv_idx()=0
virtual uint alter_priv_idx()=0
virtual uint password_last_changed_idx()=0
virtual uint host_idx()=0
virtual uint trigger_priv_idx()=0
virtual uint show_view_priv_idx()=0
virtual uint process_priv_idx()=0
virtual uint create_tablespace_priv_idx()=0
virtual uint reload_priv_idx()=0
virtual uint drop_priv_idx()=0
virtual uint password_expired_idx()=0
virtual uint max_user_connections_idx()=0
virtual uint max_updates_idx()=0
virtual uint password_reuse_time_idx()=0
virtual uint create_view_priv_idx()=0
virtual uint create_tmp_table_priv_idx()=0
virtual uint ssl_type_idx()=0
virtual uint password_lifetime_idx()=0
virtual uint show_db_priv_idx()=0
virtual uint password_reuse_history_idx()=0
virtual uint create_role_priv_idx()=0
virtual uint create_priv_idx()=0
virtual uint account_locked_idx()=0
virtual uint x509_subject_idx()=0
virtual uint alter_routine_priv_idx()=0
virtual uint super_priv_idx()=0
virtual uint password_require_current_idx()=0
virtual uint repl_slave_priv_idx()=0
virtual uint shutdown_priv_idx()=0
virtual uint lock_tables_priv_idx()=0
virtual uint authentication_string_idx()=0
virtual uint drop_role_priv_idx()=0
virtual uint ssl_cipher_idx()=0
virtual uint create_user_priv_idx()=0
virtual uint password_idx()=0
virtual uint grant_priv_idx()=0
virtual uint plugin_idx()=0
virtual uint index_priv_idx()=0
virtual uint max_questions_idx()=0
virtual uint create_routine_priv_idx()=0
virtual uint execute_priv_idx()=0
virtual uint delete_priv_idx()=0
virtual uint file_priv_idx()=0
virtual uint insert_priv_idx()=0
virtual ~User_table_schema()=default
Definition: sp_head.h:124
Acl_type
Definition: sql_lex.h:267
enum_server_command
A list of all MySQL protocol commands.
Definition: my_command.h:48
Common definition used by mysys, performance schema and server & client.
static constexpr int HOSTNAME_LENGTH
Definition: my_hostname.h:43
Some integer typedefs for easier portability.
unsigned char uchar
Definition: my_inttypes.h:52
uint32_t uint32
Definition: my_inttypes.h:67
Common definition between mysql server & client.
#define USERNAME_LENGTH
Definition: mysql_com.h:69
static char * password
Definition: mysql_secure_installation.cc:58
char * user
Definition: mysqladmin.cc:67
const char * host
Definition: mysqladmin.cc:66
std::string str(const mysqlrouter::ConfigGenerator::Options::Endpoint &ep)
Definition: config_generator.cc:1117
static PFS_engine_table_share_proxy table
Definition: pfs.cc:61
Definition: acl_table_user.cc:80
const std::string system_user
const std::string connection_admin
Definition: commit_order_queue.h:34
bool length(const dd::Spatial_reference_system *srs, const Geometry *g1, double *length, bool *null) noexcept
Computes the length of linestrings and multilinestrings.
Definition: length.cc:76
static mysql_service_status_t create(my_h_string *) noexcept
Definition: mysql_string_all_empty.cc:43
const char * table_name
Definition: rules_table_service.cc:56
Cursor end()
A past-the-end Cursor.
Definition: rules_table_service.cc:192
const char * db_name
Definition: rules_table_service.cc:55
Definition: gcs_xcom_synode.h:64
std::conditional_t< !std::is_array< T >::value, std::unique_ptr< T, detail::Deleter< T > >, std::conditional_t< detail::is_unbounded_array_v< T >, std::unique_ptr< T, detail::Array_deleter< std::remove_extent_t< T > > >, void > > unique_ptr
The following is a common type that is returned by all the ut::make_unique (non-aligned) specializati...
Definition: ut0new.h:2440
std::list< T, ut::allocator< T > > list
Specialization of list which uses ut_allocator.
Definition: ut0new.h:2880
role_enum
Definition: sql_admin.h:255
struct rsa_st RSA
Definition: sql_authentication.h:103
Consumer_type
Target types where the rewritten query will be added.
Definition: sql_rewrite.h:38
case opt name
Definition: sslopt-case.h:29
Definition: m_ctype.h:421
The current state of the privilege checking process for the current user, SQL statement and SQL objec...
Definition: table.h:372
State information for internal tables grants.
Definition: table.h:349
Struct to hold information about the table that should be created.
Definition: handler.h:3253
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:83
Definition: mysql_lex_string.h:40
Definition: mysql_lex_string.h:35
Definition: auth_common.h:931
virtual bool operator()(Security_context *, Operation)=0
Security_context_policy(const Security_context_policy &)=default
Operation
Definition: auth_common.h:932
@ Precheck
Definition: auth_common.h:932
@ Execute
Definition: auth_common.h:932
Security_context_policy()=default
virtual ~Security_context_policy()=default
Definition: auth_common.h:1128
std::string host
Definition: auth_common.h:1130
std::string user
Definition: auth_common.h:1129
unsigned int authentication_factor
Definition: auth_common.h:1132
std::string password
Definition: auth_common.h:1131
Definition: sql_connect.h:70
command
Definition: version_token.cc:284
enum enum_vio_type vio_type(const MYSQL_VIO vio)