Grant_validator Class Reference

Class to handle sanity checks for GRANT ... AS ... statement. More...

Public Member Functions
	Grant_validator (THD *thd, const char *db, const List< LEX_USER > &user_list, Access_bitmask rights, bool revoke, const List< LEX_CSTRING > &dynamic_privilege, bool grant_all, LEX_GRANT_AS *grant_as, TABLE *dynamic_priv_table)
	~Grant_validator ()
bool	validate ()
	Umbrella method to perform validation. More...

Private Member Functions
bool	mask_and_return_error ()
	Helper function to mask specific error with generic one. More...
bool	validate_system_user_privileges ()
	Validate that if grantee has SYSTEM_USER privileges, current user has it too. More...
bool	validate_dynamic_privileges ()
	Permission and sanity checks for dynamic privileges. More...
bool	validate_and_process_grant_as ()
	Perform sanity checks for GRANT ... AS ... More...

Private Attributes
THD *	m_thd
const char *	m_db
const List< LEX_USER > &	m_user_list
Access_bitmask	m_rights
bool	m_revoke
const List< LEX_CSTRING > &	m_dynamic_privilege
bool	m_grant_all
LEX_GRANT_AS *	m_grant_as
TABLE *	m_dynamic_priv_table
bool	m_restore
Security_context *	m_backup
Security_context	m_security_context

Detailed Description

Class to handle sanity checks for GRANT ... AS ... statement.

Constructor & Destructor Documentation

Grant_validator()

Grant_validator::Grant_validator ( THD *  thd, const char *  db, const List< LEX_USER > &  user_list, Access_bitmask  rights, bool  revoke, const List< LEX_CSTRING > &  dynamic_privilege, bool  grant_all, LEX_GRANT_AS *  grant_as, TABLE *  dynamic_priv_table  )

inlineexplicit

~Grant_validator()

Grant_validator::~Grant_validator

(

)

Member Function Documentation

mask_and_return_error()

bool Grant_validator::mask_and_return_error ( )

private

Helper function to mask specific error with generic one.

Returns

true always.

validate()

bool Grant_validator::validate

(

)

Umbrella method to perform validation.

A possible side effect of this method is that active security context of the session may have been changed. This is true if GRANT ... AS ... is used.

Returns

status of checks

Return values

false	Success
true	Error found during validation

validate_and_process_grant_as()

bool Grant_validator::validate_and_process_grant_as ( )

private

Perform sanity checks for GRANT ... AS ...

Returns

status of checks

Return values

false	Success. Security context may have been changed
true	Failure. Error has been raised.

validate_dynamic_privileges()

bool Grant_validator::validate_dynamic_privileges ( )

private

Permission and sanity checks for dynamic privileges.

We check:

1. Current user's ability to grant dynamic privilege
2. SYSTEM_USER is not granted to mandatory roles

Returns

status of checks

Return values

false	Success
true	Error validating dynamic privileges

validate_system_user_privileges()

bool Grant_validator::validate_system_user_privileges ( )

private

Validate that if grantee has SYSTEM_USER privileges, current user has it too.

Returns

status of the check

Return values

false	Success
true	Current user lacks SYSTEM_USER privilege

Member Data Documentation

m_backup

Security_context* Grant_validator::m_backup

private

m_db

const char* Grant_validator::m_db

private

m_dynamic_priv_table

TABLE* Grant_validator::m_dynamic_priv_table

private

m_dynamic_privilege

const List<LEX_CSTRING>& Grant_validator::m_dynamic_privilege

private

m_grant_all

bool Grant_validator::m_grant_all

private

m_grant_as

LEX_GRANT_AS* Grant_validator::m_grant_as

private

m_restore

bool Grant_validator::m_restore

private

m_revoke

bool Grant_validator::m_revoke

private

m_rights

Access_bitmask Grant_validator::m_rights

private

m_security_context

Security_context Grant_validator::m_security_context

private

m_thd

THD* Grant_validator::m_thd

private

m_user_list

const List<LEX_USER>& Grant_validator::m_user_list

private

---

The documentation for this class was generated from the following file:

• sql/auth/sql_authorization.cc