|
bool | generate (Abstract_restrictions &restrictions) override |
| Driver function to aggregate restriction lists. More...
|
|
virtual | ~Restrictions_aggregator () |
| Destructor. More...
|
|
enum class | SQL_OP { SET_ROLE
, GLOBAL_GRANT
} |
|
using | Status = Restrictions_aggregator::Status |
|
enum class | Status {
Error
, Warning
, Validated
, Aggregated
,
No_op
} |
|
| DB_restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const Access_bitmask grantor_global_access, const Access_bitmask grantee_global_access, const DB_restrictions &grantor_restrictions, const DB_restrictions &grantee_restrictions, const Access_bitmask requested_access, const Security_context *sctx) |
| Constructor for database level restrictions aggregator. More...
|
|
bool | find_if_require_next_level_operation (Access_bitmask &rights) const override |
| Get list of privileges that are not restricted through restriction list. More...
|
|
bool | check_db_access_and_restrictions_collision (const Access_bitmask grantee_db_access, const Access_bitmask grantee_restrictions, const std::string &db_name) noexcept |
| Check possible descrepancy between DB access being granted and existing restrictions. More...
|
|
void | set_if_db_level_operation (const Access_bitmask requested_access, const Access_bitmask restrictions_mask) noexcept |
| Set privileges that needs to be processed further. More...
|
|
void | aggregate_restrictions (SQL_OP sql_op, const Db_access_map *m_db_map, DB_restrictions &restrictions) |
| A helper method that aggregates the restrictions for global_grant and set_role operations since both are similar in nature. More...
|
|
Access_bitmask | get_grantee_db_access (const std::string &db_name) const |
| Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More...
|
|
void | get_grantee_db_access (const std::string &db_name, Access_bitmask &access) const |
| Fetches the grantee's DB access on the specified DB If security context of current user exists and has some active roles then probe the security context since current user must be grantee. More...
|
|
| Restrictions_aggregator (const Auth_id &grantor, const Auth_id grantee, const Access_bitmask grantor_global_access, const Access_bitmask grantee_global_access, const Access_bitmask requested_access) |
| Constructor. More...
|
|
| Restrictions_aggregator (const Restrictions_aggregator &)=delete |
|
Restrictions_aggregator & | operator= (const Restrictions_aggregator &)=delete |
|
| Restrictions_aggregator (const Restrictions_aggregator &&)=delete |
|
Restrictions_aggregator & | operator= (const Restrictions_aggregator &&)=delete |
|
Access_bitmask | m_privs_not_processed = 0 |
| Privileges that needs to be checked further through DB grants. More...
|
|
DB_restrictions | m_grantor_rl |
| Database restrictions for grantor. More...
|
|
DB_restrictions | m_grantee_rl |
| Database restrictions for grantee. More...
|
|
const Security_context * | m_sctx |
| Security context of the current user. More...
|
|
const Auth_id | m_grantor |
| Grantor information. More...
|
|
const Auth_id | m_grantee |
| Grantee information. More...
|
|
const Access_bitmask | m_grantor_global_access |
| Global static privileges of grantor. More...
|
|
const Access_bitmask | m_grantee_global_access |
| Global static privileges of grantee. More...
|
|
const Access_bitmask | m_requested_access |
| Privileges that are being granted or revoked. More...
|
|
Status | m_status |
| Internal status of aggregation process. More...
|
|
Restriction aggregator for GRANT statement for GLOBAL privileges.