Factory class that solely creates an object of type Restrictions_aggregator. More...

#include <partial_revokes.h>

Static Public Member Functions
static std::unique_ptr< Restrictions_aggregator >	create (THD thd, const ACL_USER acl_user, const char *db, const Access_bitmask rights, bool is_grant_revoke_all_on_db)
	A factory method that creates objects from Restrictions_aggregator hierarchy. More...

static std::unique_ptr< Restrictions_aggregator >	create (const Auth_id &grantor, const Auth_id &grantee, const Access_bitmask grantor_access, const Access_bitmask grantee_access, const DB_restrictions &grantor_restrictions, const DB_restrictions &grantee_restrictions, const Access_bitmask required_access, Db_access_map *db_map)

Static Private Member Functions
static Auth_id	fetch_grantor (const Security_context *sctx)
	Returns the grantor user name and host id. More...

static Auth_id	fetch_grantee (const ACL_USER *acl_user)
	Returns the grantee's user name and host info. More...

static Access_bitmask	fetch_grantor_db_access (THD thd, const char db)
	Returns the privileges granted on the DB to the grantor. More...

static Access_bitmask	fetch_grantee_db_access (THD thd, const ACL_USER acl_user, const char *db)
	Returns the privileges granted on the DB to the grantee. More...

static void	fetch_grantor_access (const Security_context sctx, const char db, Access_bitmask &global_access, Restrictions &restrictions)
	Returns the privileges and restrictions: More...

static void	fetch_grantee_access (const ACL_USER *grantee, Access_bitmask &access, Restrictions &restrictions)

Detailed Description

Factory class that solely creates an object of type Restrictions_aggregator.

The concrete implementations of Restrictions_aggregator cannot be created directly since their constructors are private. This class is declared as friend in those concrete implementations.
It also records the CURRENT_USER in the binlog so that partial_revokes can be executed on the replica with context of current user

Member Function Documentation

◆ create() [1/2]

std::unique_ptr< Restrictions_aggregator > Restrictions_aggregator_factory::create	(	const Auth_id &	grantor,
		const Auth_id &	grantee,
		const Access_bitmask	grantor_access,
		const Access_bitmask	grantee_access,
		const DB_restrictions &	grantor_restrictions,
		const DB_restrictions &	grantee_restrictions,
		const Access_bitmask	required_access,
		Db_access_map *	db_map
	)

static

◆ create() [2/2]

std::unique_ptr< Restrictions_aggregator > Restrictions_aggregator_factory::create	(	THD *	thd,
		const ACL_USER *	acl_user,
		const char *	db,
		const Access_bitmask	rights,
		bool	is_grant_revoke_all_on_db
	)

static

A factory method that creates objects from Restrictions_aggregator hierarchy.

Creates an object if –partial_revokes system variable is ON. It also records the CURRENT_USER in the binlog so that partial_revokes can be executed on slave with context of current user

Parameters

[in,out]	thd	Thread handle
[in]	acl_user	Grantee's info from ACL Cache
[in]	db	Database name if it is DB level operation
[in]	rights	access specified in the SQL statement
[in]	is_grant_revoke_all_on_db	flag that indicates if the REVOKE/GRANT ALL was executed on a DB

Returns: A restriction aggregator object

Return values

nullptr if partial_revokes system variable is OFF

◆ fetch_grantee()

Auth_id Restrictions_aggregator_factory::fetch_grantee ( const ACL_USER * acl_user )

staticprivate

Returns the grantee's user name and host info.

Parameters

[in] acl_user user handle from ACL_Cache

Returns: Grantee's user name and host info

◆ fetch_grantee_access()

void Restrictions_aggregator_factory::fetch_grantee_access	(	const ACL_USER *	grantee,
		Access_bitmask &	access,
		Restrictions &	restrictions
	)

staticprivate

◆ fetch_grantee_db_access()

Access_bitmask Restrictions_aggregator_factory::fetch_grantee_db_access	(	THD *	thd,
		const ACL_USER *	acl_user,
		const char *	db
	)

staticprivate

Returns the privileges granted on the DB to the grantee.

Parameters

[in,out]	thd	THD handle
[in]	acl_user	user handle from ACL_Cache
[in]	db	Database name for which privileges to be fetched.

Returns: privilege access to the grantee on the specified database

◆ fetch_grantor()

Auth_id Restrictions_aggregator_factory::fetch_grantor ( const Security_context * sctx )

staticprivate

Returns the grantor user name and host id.

Parameters

[in] sctx Security context

Returns: Grantor's user name and host info

◆ fetch_grantor_access()

void Restrictions_aggregator_factory::fetch_grantor_access	(	const Security_context *	sctx,
		const char *	db,
		Access_bitmask &	global_access,
		Restrictions &	restrictions
	)

staticprivate

Returns the privileges and restrictions:

Parameters

[in]	sctx	security context of current user
[in]	db	Database name for which privileges to be fetched.
[out]	global_access	fetch grantor's global access
[out]	restrictions	fetch grantor's restrictions

◆ fetch_grantor_db_access()

Access_bitmask Restrictions_aggregator_factory::fetch_grantor_db_access	(	THD *	thd,
		const char *	db
	)

staticprivate

Returns the privileges granted on the DB to the grantor.

Parameters

[in]	thd	Thread handle
[in]	db	Database name for which privileges to be fetched.

Returns: privilege access to the grantor on the specified database

The documentation for this class was generated from the following files:

sql/auth/partial_revokes.h
sql/auth/partial_revokes.cc

Static Public Member Functions

Static Private Member Functions

Detailed Description

Member Function Documentation

◆ create() [1/2]

◆ create() [2/2]

◆ fetch_grantee()

◆ fetch_grantee_access()

◆ fetch_grantee_db_access()

◆ fetch_grantor()

◆ fetch_grantor_access()

◆ fetch_grantor_db_access()