MySQL  8.0.17
Source Code Documentation
sql_security_ctx.h
Go to the documentation of this file.
1 /* Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 #ifndef SQL_SECURITY_CTX_INCLUDED
23 #define SQL_SECURITY_CTX_INCLUDED
24 #include <string.h>
25 #include <sys/types.h>
26 #include <algorithm>
27 #include <utility>
28 
29 #include "lex_string.h"
30 #include "m_ctype.h"
31 #include "m_string.h"
32 #include "my_dbug.h"
33 #include "my_hostname.h" // HOSTNAME_LENGTH
34 #include "mysql_com.h" // USERNAME_LENGTH
35 #include "sql/auth/auth_common.h"
37 #include "sql/sql_const.h"
38 #include "sql_string.h"
39 
40 /* Forward declaration. Depends on sql_auth_cache.h (which depends on this file)
41  */
42 class Acl_map;
43 class ACL_USER;
44 class THD;
46 
47 /**
48  @class Security_context
49  @brief A set of THD members describing the current authenticated user.
50 */
51 
53  public:
54  Security_context(THD *thd = nullptr);
55  Security_context(MEM_ROOT *m_mem_root, THD *thd = nullptr);
57 
58  Security_context(const Security_context &src_sctx);
59 
61 
62  void skip_grants(const char *user = "skip-grants user",
63  const char *host = "skip-grants host");
64  bool is_skip_grants_user();
65 
66  /**
67  Getter method for member m_user.
68 
69  @retval LEX_CSTRING object having constant pointer to m_user.Ptr
70  and its length.
71  */
72  LEX_CSTRING user() const;
73 
74  void set_user_ptr(const char *user_arg, const size_t user_arg_length);
75 
76  void assign_user(const char *user_arg, const size_t user_arg_length);
77 
78  std::pair<bool, bool> has_global_grant(const char *priv, size_t priv_len);
79  std::pair<bool, bool> has_global_grant(const Auth_id &auth_id,
80  const std::string &privilege,
81  bool cumulative = false);
82  bool can_operate_with(const Auth_id &auth_id, const std::string &privilege,
83  bool cumulative = false,
84  bool ignore_if_nonextant = true);
86  bool validate_access = false);
87  void clear_active_roles(void);
89  size_t get_num_active_roles() const;
91  void checkout_access_maps(void);
92  ulong db_acl(LEX_CSTRING db, bool use_pattern_scan = true) const;
93  ulong procedure_acl(LEX_CSTRING db, LEX_CSTRING procedure_name);
94  ulong function_acl(LEX_CSTRING db, LEX_CSTRING procedure_name);
97  LEX_CSTRING table);
98  bool has_with_admin_acl(const LEX_CSTRING &role_name,
99  const LEX_CSTRING &role_host);
100  bool any_sp_acl(const LEX_CSTRING &db);
101  bool any_table_acl(const LEX_CSTRING &db);
102 
103  /**
104  Getter method for member m_host.
105 
106  @retval LEX_CSTRING object having constant pointer to m_host.Ptr
107  and its length.
108  */
109 
110  LEX_CSTRING host() const;
111 
112  void set_host_ptr(const char *host_arg, const size_t host_arg_length);
113 
114  void assign_host(const char *host_arg, const size_t host_arg_length);
115 
116  /**
117  Getter method for member m_ip.
118 
119  @retval LEX_CSTRING object having constant pointer to m_ip.Ptr
120  and its length
121  */
122  LEX_CSTRING ip() const;
123 
124  void set_ip_ptr(const char *ip_arg, const int ip_arg_length);
125 
126  void assign_ip(const char *ip_arg, const int ip_arg_length);
127 
128  /**
129  Getter method for member m_host_or_ip.
130 
131  @retval LEX_CSTRING object having constant pointer to m_host_or_ip.Ptr
132  and its length
133  */
134  LEX_CSTRING host_or_ip() const;
135 
136  /**
137  Setter method for member m_host_or_ip.
138  */
139  void set_host_or_ip_ptr();
140 
141  /**
142  Setter method for member m_host_or_ip.
143 
144  @param[in] host_or_ip_arg New user value for m_host_or_ip.
145  @param[in] host_or_ip_arg_length Length of "host_or_ip_arg" param.
146  */
147  void set_host_or_ip_ptr(const char *host_or_ip_arg,
148  const int host_or_ip_arg_length);
149 
150  /**
151  Getter method for member m_external_user.
152 
153  @retval LEX_CSTRING object having constant pointer to m_external_host.Ptr
154  and its length
155  */
156  LEX_CSTRING external_user() const;
157 
158  void set_external_user_ptr(const char *ext_user_arg,
159  const int ext_user_arg_length);
160 
161  void assign_external_user(const char *ext_user_arg,
162  const int ext_user_arg_length);
163 
164  /**
165  Getter method for member m_priv_user.
166 
167  @retval LEX_CSTRING object having constant pointer to m_priv_user.Ptr
168  and its length
169  */
170  LEX_CSTRING priv_user() const;
171 
172  void assign_priv_user(const char *priv_user_arg,
173  const size_t priv_user_arg_length);
174 
175  /**
176  Getter method for member m_proxy_user.
177 
178  @retval LEX_CSTRING object having constant pointer to m_proxy_user.Ptr
179  and its length
180  */
181  LEX_CSTRING proxy_user() const;
182 
183  void assign_proxy_user(const char *proxy_user_arg,
184  const size_t proxy_user_arg_length);
185 
186  /**
187  Getter method for member m_priv_host.
188 
189  @retval LEX_CSTRING object having constant pointer to m_priv_host.Ptr
190  and its length
191  */
192  LEX_CSTRING priv_host() const;
193 
194  void assign_priv_host(const char *priv_host_arg,
195  const size_t priv_host_arg_length);
196 
197  const char *priv_host_name() const;
198 
199  /**
200  Getter method for member m_master_access.
201  */
202  ulong master_access() const;
203 
204  ulong master_access(const std::string &db_name) const;
205 
206  const Restrictions restrictions() const;
207 
209 
211 
212  /**
213  Check if a an account has been assigned to the security context
214 
215  The account assigment to the security context is always executed in the
216  following order:
217  1) assign user's name to the context
218  2) assign user's hostname to the context
219  Whilst user name can be null, hostname cannot. This is why we can say that
220  the full account has been assigned to the context when hostname is not
221  equal to empty string.
222 
223  @return Account assignment status
224  @retval true account has been assigned to the security context
225  @retval false account has not yet been assigned to the security context
226  */
227 
228  bool has_account_assigned() const;
229 
230  /**
231  Check permission against m_master_access
232  */
233 
234  /**
235  Check global access
236  @param want_access The required privileges
237  @param db_name The database name to check if it has restrictions attached
238  @param match_any if the security context must match all or any of the req.
239  * privileges.
240  @return True if the security context fulfills the access requirements.
241  */
242  bool check_access(ulong want_access, const std::string &db_name = "",
243  bool match_any = false);
244 
245  /**
246  Returns the schema level effective privileges (with applied roles)
247  for the currently active schema.
248  */
249  ulong current_db_access() const;
250 
251  /**
252  Cache the schema level effective privileges (apply roles first!) for the
253  currently active schema.
254  */
255  void cache_current_db_access(ulong db_access);
256 
257  /**
258  Getter method for member m_password_expired.
259  */
260  bool password_expired() const;
261 
263 
264  bool change_security_context(THD *thd, const LEX_CSTRING &definer_user,
265  const LEX_CSTRING &definer_host, LEX_STRING *db,
266  Security_context **backup, bool force = false);
267 
269 
271 
272  void logout();
273  /**
274  Locked account can still be used as routine definers and when they are
275  there shouldn't be any checks for expired passwords.
276  */
277  bool account_is_locked() { return m_is_locked; }
278 
279  void lock_account(bool is_locked) { m_is_locked = is_locked; }
280 
281  void set_drop_policy(const std::function<void(Security_context *)> &func);
282 
283  void add_as_local_temp_privs(const std::vector<std::string> &privs);
284  bool check_in_local_temp_privs(const std::string &priv);
285 
286  bool has_drop_policy(void);
287 
288  bool has_executed_drop_policy(void);
289 
290  void execute_drop_policy(void);
291 
292  bool is_access_restricted_on_db(ulong want_access,
293  const std::string &db_name) const;
294 
295  void clear_db_restrictions();
296 
297  private:
298  void init();
299  void destroy();
300  void copy_security_ctx(const Security_context &src_sctx);
301  ulong filter_access(const ulong access, const std::string &db_name) const;
303  std::pair<bool, bool> fetch_global_grant(const ACL_USER &acl_user,
304  const std::string &privilege,
305  bool cumulative = false);
306 
307  private:
308  /**
309  m_user - user of the client, set to NULL until the user has been read from
310  the connection
311  */
313 
314  /** m_host - host of the client */
316 
317  /** m_ip - client IP */
319 
320  /**
321  m_host_or_ip - points to host if host is available, otherwise points to ip
322  */
324 
326 
327  /**
328  m_priv_user - The user privilege we are using. May be "" for anonymous user.
329  */
332 
335 
336  /**
337  The host privilege we are using
338  */
341 
342  /**
343  Global privileges from mysql.user.
344  */
346 
347  /**
348  Privileges for current db
349  */
351 
352  /**
353  password expiration flag.
354 
355  This flag is set according to connecting user's context and not the
356  effective user.
357  */
362  /**
363  True if this account can't be logged into.
364  */
366  /**
367  True if the skip_grants_user is set.
368  */
370 
373  std::unique_ptr<std::function<void(Security_context *)>> m_drop_policy;
375 
376  /**
377  m_thd - Thread handle, set to nullptr if this does not belong to any THD yet
378  */
380 };
381 
382 /**
383  Getter method for member m_host_or_ip.
384 
385  @retval LEX_CSTRING object having constant pointer to m_host_or_ip.Ptr
386  and its length
387 */
390 
391  DBUG_ENTER("Security_context::host_or_ip");
392 
395 
397 }
398 
400  DBUG_ENTER("Security_context::set_host_or_ip_ptr");
401 
402  /*
403  Set host_or_ip to either host or ip if they are available else set it to
404  empty string.
405  */
406  const char *host_or_ip =
407  m_host.length() ? m_host.ptr() : (m_ip.length() ? m_ip.ptr() : "");
408 
410 
412 }
413 
415  const char *host_or_ip_arg, const int host_or_ip_arg_length) {
416  DBUG_ENTER("Security_context::set_host_or_ip_ptr");
417 
418  m_host_or_ip.set(host_or_ip_arg, host_or_ip_arg_length, system_charset_info);
419 
421 }
422 
424  LEX_CSTRING ext_user;
425 
426  DBUG_ENTER("Security_context::external_user");
427 
428  ext_user.str = m_external_user.ptr();
429  ext_user.length = m_external_user.length();
430 
431  DBUG_RETURN(ext_user);
432 }
433 
435 
437  return m_restrictions;
438 }
439 
440 inline void Security_context::set_master_access(ulong master_access) {
441  DBUG_ENTER("set_master_access");
443  DBUG_PRINT("info", ("Cached master access is %lu", m_master_access));
445 }
446 
448  ulong master_access, const Restrictions &restrictions) {
451 }
452 
453 inline const char *Security_context::priv_host_name() const {
454  return (*m_priv_host ? m_priv_host : "%");
455 }
456 
458  return m_priv_host[0] != '\0';
459 }
460 
462 
464  m_db_access = db_access;
465 }
466 
468  return m_password_expired;
469 }
470 
471 inline void Security_context::set_password_expired(bool password_expired) {
473 }
474 
476  return m_is_skip_grants_user;
477 }
478 
481 }
482 
483 #endif /* SQL_SECURITY_CTX_INCLUDED */
Security_context & operator=(const Security_context &src_sctx)
Definition: sql_security_ctx.cc:68
#define DBUG_RETURN(a1)
Definition: my_dbug.h:139
#define USERNAME_LENGTH
Definition: mysql_com.h:66
Our own string classes, used pervasively throughout the executor.
void checkout_access_maps(void)
Subscribes to a cache entry of aggregated ACLs.
Definition: sql_security_ctx.cc:383
bool m_is_skip_grants_user
True if the skip_grants_user is set.
Definition: sql_security_ctx.h:369
const char * db_name
Definition: rules_table_service.cc:54
void execute_drop_policy(void)
Definition: sql_security_ctx.cc:121
Definition: mysql_lex_string.h:34
Storage container for default auth ids.
Definition: auth_common.h:986
const Restrictions restrictions() const
Definition: sql_security_ctx.h:436
MYSQL_PLUGIN_IMPORT CHARSET_INFO * system_charset_info
Definition: mysqld.cc:1318
void skip_grants(const char *user="skip-grants user", const char *host="skip-grants host")
Grants all privilegs to user.
Definition: sql_security_ctx.cc:176
bool m_executed_drop_policy
Definition: sql_security_ctx.h:371
File containing constants that can be used throughout the server.
~Security_context()
Definition: sql_security_ctx.cc:61
void restore_security_context(THD *thd, Security_context *backup)
Definition: sql_security_ctx.cc:310
String m_user
m_user - user of the client, set to NULL until the user has been read from the connection ...
Definition: sql_security_ctx.h:312
bool has_executed_drop_policy(void)
Definition: sql_security_ctx.cc:117
bool check_access(ulong want_access, const std::string &db_name="", bool match_any=false)
Check permission against m_master_access.
Definition: sql_security_ctx.cc:324
const char * str
Definition: mysql_lex_string.h:40
std::pair< bool, bool > fetch_global_grant(const ACL_USER &acl_user, const std::string &privilege, bool cumulative=false)
Checks if the acl_user does have the asked dynamic privilege.
Definition: sql_security_ctx.cc:1146
void cache_current_db_access(ulong db_access)
Cache the schema level effective privileges (apply roles first!) for the currently active schema...
Definition: sql_security_ctx.h:463
void assign_external_user(const char *ext_user_arg, const int ext_user_arg_length)
Setter method for member m_external_user.
Definition: sql_security_ctx.cc:980
Definition: mysql_lex_string.h:39
Grant_table_aggregate table_and_column_acls(LEX_CSTRING db, LEX_CSTRING table)
Definition: sql_security_ctx.cc:549
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:52
void assign_priv_user(const char *priv_user_arg, const size_t priv_user_arg_length)
Setter method for member m_priv_user.
Definition: sql_security_ctx.cc:1002
String m_host
m_host - host of the client
Definition: sql_security_ctx.h:315
Container of all restrictions for a given user.
Definition: partial_revokes.h:126
List_of_auth_id_refs m_active_roles
Definition: sql_security_ctx.h:359
void lock_account(bool is_locked)
Definition: sql_security_ctx.h:279
LEX_CSTRING proxy_user() const
Getter method for member m_proxy_user.
Definition: sql_security_ctx.cc:1024
DBUG_VOID_RETURN
Definition: dbug_analyze.cc:151
void assign_user(const char *user_arg, const size_t user_arg_length)
Setter method for member m_user.
Definition: sql_security_ctx.cc:805
bool has_with_admin_acl(const LEX_CSTRING &role_name, const LEX_CSTRING &role_host)
Definition: sql_security_ctx.cc:568
void init_restrictions(const Restrictions &restrictions)
Definition: sql_security_ctx.cc:1098
Common definition used by mysys, performance schema and server & client.
Using this class is fraught with peril, and you need to be very careful when doing so...
Definition: sql_string.h:159
void assign_proxy_user(const char *proxy_user_arg, const size_t proxy_user_arg_length)
Setter method for member m_proxy_user.
Definition: sql_security_ctx.cc:1042
const char * priv_host_name() const
Definition: sql_security_ctx.h:453
String m_ip
m_ip - client IP
Definition: sql_security_ctx.h:318
static bool backup
Definition: myisampack.cc:194
void assign_ip(const char *ip_arg, const int ip_arg_length)
Setter method for member m_ip.
Definition: sql_security_ctx.cc:936
String m_external_user
Definition: sql_security_ctx.h:325
Common definition between mysql server & client.
void set_host_or_ip_ptr()
Setter method for member m_host_or_ip.
Definition: sql_security_ctx.h:399
Definition: sql_auth_cache.h:141
ulong m_db_access
Privileges for current db.
Definition: sql_security_ctx.h:350
#define DBUG_PRINT(keyword, arglist)
Definition: my_dbug.h:165
Definition: auth_internal.h:56
List_of_auth_id_refs * get_active_roles()
Definition: sql_security_ctx.cc:445
int m_map_checkout_count
Definition: sql_security_ctx.h:361
size_t m_priv_host_length
Definition: sql_security_ctx.h:340
ulong table_acl(LEX_CSTRING db, LEX_CSTRING table)
Definition: sql_security_ctx.cc:562
bool password_expired() const
Getter method for member m_password_expired.
Definition: sql_security_ctx.h:467
#define DBUG_ENTER(a)
Definition: my_dbug.h:135
LEX_CSTRING external_user() const
Getter method for member m_external_user.
Definition: sql_security_ctx.h:423
ulong filter_access(const ulong access, const std::string &db_name) const
If there is a restriction attached to an access on the given database then remove that access otherwi...
Definition: sql_security_ctx.cc:1117
void set_host_ptr(const char *host_arg, const size_t host_arg_length)
Setter method for member m_host.
Definition: sql_security_ctx.cc:845
bool any_sp_acl(const LEX_CSTRING &db)
Definition: sql_security_ctx.cc:582
size_t length
Definition: mysql_lex_string.h:41
void set_password_expired(bool password_expired)
Definition: sql_security_ctx.h:471
ulong function_acl(LEX_CSTRING db, LEX_CSTRING procedure_name)
Definition: sql_security_ctx.cc:533
size_t m_proxy_user_length
Definition: sql_security_ctx.h:334
bool m_has_drop_policy
Definition: sql_security_ctx.h:372
ulong current_db_access() const
Returns the schema level effective privileges (with applied roles) for the currently active schema...
Definition: sql_security_ctx.h:461
void init()
Definition: sql_security_ctx.cc:80
std::unique_ptr< std::function< void(Security_context *)> > m_drop_policy
Definition: sql_security_ctx.h:373
void set(String &str, size_t offset, size_t arg_length)
Definition: sql_string.h:272
ulong m_master_access
Global privileges from mysql.user.
Definition: sql_security_ctx.h:345
static constexpr int HOSTNAME_LENGTH
Definition: my_hostname.h:42
void set_master_access(ulong master_access)
Definition: sql_security_ctx.h:440
void copy_security_ctx(const Security_context &src_sctx)
Deep copy status of sctx object to this.
Definition: sql_security_ctx.cc:203
std::pair< bool, bool > has_global_grant(const char *priv, size_t priv_len)
Checks if the Current_user has the asked dynamic privilege.
Definition: sql_security_ctx.cc:627
LEX_CSTRING user() const
Getter method for member m_user.
Definition: sql_security_ctx.cc:763
LEX_CSTRING host_or_ip() const
Getter method for member m_host_or_ip.
Definition: sql_security_ctx.h:388
Security_context(THD *thd=nullptr)
Definition: sql_security_ctx.cc:51
void clear_active_roles(void)
This helper method clears the active roles list and frees the allocated memory used for any previousl...
Definition: sql_security_ctx.cc:426
bool has_account_assigned() const
Check if a an account has been assigned to the security context.
Definition: sql_security_ctx.h:457
void set_external_user_ptr(const char *ext_user_arg, const int ext_user_arg_length)
Setter method for member m_external_user.
Definition: sql_security_ctx.cc:958
bool m_password_expired
password expiration flag.
Definition: sql_security_ctx.h:358
LEX_CSTRING priv_user() const
Getter method for member m_priv_user.
Definition: sql_security_ctx.cc:749
ulong db_acl(LEX_CSTRING db, bool use_pattern_scan=true) const
Definition: sql_security_ctx.cc:478
void destroy()
Definition: sql_security_ctx.cc:135
char m_proxy_user[USERNAME_LENGTH+HOSTNAME_LENGTH+6]
Definition: sql_security_ctx.h:333
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:73
bool has_drop_policy(void)
Definition: sql_security_ctx.cc:115
bool account_is_locked()
Locked account can still be used as routine definers and when they are there shouldn&#39;t be any checks ...
Definition: sql_security_ctx.h:277
int activate_role(LEX_CSTRING user, LEX_CSTRING host, bool validate_access=false)
This method pushes a role to the list of active roles.
Definition: sql_security_ctx.cc:352
size_t get_num_active_roles() const
Definition: sql_security_ctx.cc:449
Container for global, schema, table/view and routine ACL maps.
Definition: sql_auth_cache.h:482
THD * m_thd
m_thd - Thread handle, set to nullptr if this does not belong to any THD yet
Definition: sql_security_ctx.h:379
bool user_matches(Security_context *)
Definition: sql_security_ctx.cc:315
LEX_CSTRING ip() const
Getter method for member m_ip.
Definition: sql_security_ctx.cc:894
void set_user_ptr(const char *user_arg, const size_t user_arg_length)
Setter method for member m_user.
Definition: sql_security_ctx.cc:783
String m_host_or_ip
m_host_or_ip - points to host if host is available, otherwise points to ip
Definition: sql_security_ctx.h:323
MEM_ROOT * m_mem_root
Mem root.
Definition: acl_table_user.cc:149
Restrictions m_restrictions
Definition: sql_security_ctx.h:374
void set_ip_ptr(const char *ip_arg, const int ip_arg_length)
Setter method for member m_ip.
Definition: sql_security_ctx.cc:914
A better implementation of the UNIX ctype(3) library.
void logout()
Definition: sql_security_ctx.cc:102
ulong master_access() const
Getter method for member m_master_access.
Definition: sql_security_ctx.h:434
Acl_map * m_acl_map
Definition: sql_security_ctx.h:360
char m_priv_host[HOSTNAME_LENGTH+1]
The host privilege we are using.
Definition: sql_security_ctx.h:339
char m_priv_user[USERNAME_LENGTH]
m_priv_user - The user privilege we are using.
Definition: sql_security_ctx.h:330
void assign_host(const char *host_arg, const size_t host_arg_length)
Setter method for member m_host.
Definition: sql_security_ctx.cc:870
const char * ptr() const
Definition: sql_string.h:241
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:77
void set_drop_policy(const std::function< void(Security_context *)> &func)
Definition: sql_security_ctx.cc:128
void clear_db_restrictions()
Definition: sql_security_ctx.h:479
bool m_is_locked
True if this account can&#39;t be logged into.
Definition: sql_security_ctx.h:365
LEX_CSTRING host() const
Getter method for member m_host.
Definition: sql_security_ctx.cc:825
LEX_CSTRING priv_host() const
Getter method for member m_priv_host.
Definition: sql_security_ctx.cc:1064
bool is_skip_grants_user()
Definition: sql_security_ctx.h:475
bool check_in_local_temp_privs(const std::string &priv)
bool can_operate_with(const Auth_id &auth_id, const std::string &privilege, bool cumulative=false, bool ignore_if_nonextant=true)
Checks if the specified auth_id with privilege can work with the current_user.
Definition: sql_security_ctx.cc:714
unsigned long ulong
Definition: my_inttypes.h:48
bool change_security_context(THD *thd, const LEX_CSTRING &definer_user, const LEX_CSTRING &definer_host, LEX_STRING *db, Security_context **backup, bool force=false)
Initialize this security context from the passed in credentials and activate it in the current thread...
Definition: sql_security_ctx.cc:281
size_t length() const
Definition: sql_string.h:233
void add_as_local_temp_privs(const std::vector< std::string > &privs)
void assign_priv_host(const char *priv_host_arg, const size_t priv_host_arg_length)
Setter method for member m_priv_host.
Definition: sql_security_ctx.cc:1082
size_t m_priv_user_length
Definition: sql_security_ctx.h:331
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_class.h:777
bool any_table_acl(const LEX_CSTRING &db)
Definition: sql_security_ctx.cc:597
bool is_access_restricted_on_db(ulong want_access, const std::string &db_name) const
Definition: sql_security_ctx.cc:1102
void clear_db()
Clear database restrictions.
Definition: partial_revokes.cc:1521
ulong procedure_acl(LEX_CSTRING db, LEX_CSTRING procedure_name)
Definition: sql_security_ctx.cc:517