MySQL  8.0.16
Source Code Documentation
sql_security_ctx.h
Go to the documentation of this file.
1 /* Copyright (c) 2014, 2019, Oracle and/or its affiliates. All rights reserved.
2 
3  This program is free software; you can redistribute it and/or modify
4  it under the terms of the GNU General Public License, version 2.0,
5  as published by the Free Software Foundation.
6 
7  This program is also distributed with certain software (including
8  but not limited to OpenSSL) that is licensed under separate terms,
9  as designated in a particular file or component or in included license
10  documentation. The authors of MySQL hereby grant you an additional
11  permission to link the program and your derivative works with the
12  separately licensed software that they have included with MySQL.
13 
14  This program is distributed in the hope that it will be useful,
15  but WITHOUT ANY WARRANTY; without even the implied warranty of
16  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17  GNU General Public License, version 2.0, for more details.
18 
19  You should have received a copy of the GNU General Public License
20  along with this program; if not, write to the Free Software
21  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */
22 #ifndef SQL_SECURITY_CTX_INCLUDED
23 #define SQL_SECURITY_CTX_INCLUDED
24 #include <string.h>
25 #include <sys/types.h>
26 #include <algorithm>
27 #include <utility>
28 
29 #include "lex_string.h"
30 #include "m_ctype.h"
31 #include "m_string.h"
32 #include "my_dbug.h"
33 #include "mysql_com.h"
34 #include "sql/auth/auth_common.h"
36 #include "sql/sql_const.h"
37 #include "sql_string.h"
38 
39 /* Forward declaration. Depends on sql_auth_cache.h (which depends on this file)
40  */
41 class Acl_map;
42 class ACL_USER;
43 class THD;
45 
46 /**
47  @class Security_context
48  @brief A set of THD members describing the current authenticated user.
49 */
50 
52  public:
53  Security_context(THD *thd = nullptr);
54  Security_context(MEM_ROOT *m_mem_root, THD *thd = nullptr);
56 
57  Security_context(const Security_context &src_sctx);
58 
60 
61  void skip_grants(const char *user = "skip-grants user",
62  const char *host = "skip-grants host");
63  bool is_skip_grants_user();
64 
65  /**
66  Getter method for member m_user.
67 
68  @retval LEX_CSTRING object having constant pointer to m_user.Ptr
69  and its length.
70  */
71  LEX_CSTRING user() const;
72 
73  void set_user_ptr(const char *user_arg, const size_t user_arg_length);
74 
75  void assign_user(const char *user_arg, const size_t user_arg_length);
76 
77  std::pair<bool, bool> has_global_grant(const char *priv, size_t priv_len);
78  std::pair<bool, bool> has_global_grant(const Auth_id &auth_id,
79  const std::string &privilege,
80  bool cumulative = false);
81  bool can_operate_with(const Auth_id &auth_id, const std::string &privilege,
82  bool cumulative = false,
83  bool ignore_if_nonextant = true);
85  bool validate_access = false);
86  void clear_active_roles(void);
88  size_t get_num_active_roles() const;
90  void checkout_access_maps(void);
91  ulong db_acl(LEX_CSTRING db, bool use_pattern_scan = true) const;
92  ulong procedure_acl(LEX_CSTRING db, LEX_CSTRING procedure_name);
93  ulong function_acl(LEX_CSTRING db, LEX_CSTRING procedure_name);
96  LEX_CSTRING table);
97  bool has_with_admin_acl(const LEX_CSTRING &role_name,
98  const LEX_CSTRING &role_host);
99  bool any_sp_acl(const LEX_CSTRING &db);
100  bool any_table_acl(const LEX_CSTRING &db);
101 
102  /**
103  Getter method for member m_host.
104 
105  @retval LEX_CSTRING object having constant pointer to m_host.Ptr
106  and its length.
107  */
108 
109  LEX_CSTRING host() const;
110 
111  void set_host_ptr(const char *host_arg, const size_t host_arg_length);
112 
113  void assign_host(const char *host_arg, const size_t host_arg_length);
114 
115  /**
116  Getter method for member m_ip.
117 
118  @retval LEX_CSTRING object having constant pointer to m_ip.Ptr
119  and its length
120  */
121  LEX_CSTRING ip() const;
122 
123  void set_ip_ptr(const char *ip_arg, const int ip_arg_length);
124 
125  void assign_ip(const char *ip_arg, const int ip_arg_length);
126 
127  /**
128  Getter method for member m_host_or_ip.
129 
130  @retval LEX_CSTRING object having constant pointer to m_host_or_ip.Ptr
131  and its length
132  */
133  LEX_CSTRING host_or_ip() const;
134 
135  /**
136  Setter method for member m_host_or_ip.
137  */
138  void set_host_or_ip_ptr();
139 
140  /**
141  Setter method for member m_host_or_ip.
142 
143  @param[in] host_or_ip_arg New user value for m_host_or_ip.
144  @param[in] host_or_ip_arg_length Length of "host_or_ip_arg" param.
145  */
146  void set_host_or_ip_ptr(const char *host_or_ip_arg,
147  const int host_or_ip_arg_length);
148 
149  /**
150  Getter method for member m_external_user.
151 
152  @retval LEX_CSTRING object having constant pointer to m_external_host.Ptr
153  and its length
154  */
155  LEX_CSTRING external_user() const;
156 
157  void set_external_user_ptr(const char *ext_user_arg,
158  const int ext_user_arg_length);
159 
160  void assign_external_user(const char *ext_user_arg,
161  const int ext_user_arg_length);
162 
163  /**
164  Getter method for member m_priv_user.
165 
166  @retval LEX_CSTRING object having constant pointer to m_priv_user.Ptr
167  and its length
168  */
169  LEX_CSTRING priv_user() const;
170 
171  void assign_priv_user(const char *priv_user_arg,
172  const size_t priv_user_arg_length);
173 
174  /**
175  Getter method for member m_proxy_user.
176 
177  @retval LEX_CSTRING object having constant pointer to m_proxy_user.Ptr
178  and its length
179  */
180  LEX_CSTRING proxy_user() const;
181 
182  void assign_proxy_user(const char *proxy_user_arg,
183  const size_t proxy_user_arg_length);
184 
185  /**
186  Getter method for member m_priv_host.
187 
188  @retval LEX_CSTRING object having constant pointer to m_priv_host.Ptr
189  and its length
190  */
191  LEX_CSTRING priv_host() const;
192 
193  void assign_priv_host(const char *priv_host_arg,
194  const size_t priv_host_arg_length);
195 
196  const char *priv_host_name() const;
197 
198  /**
199  Getter method for member m_master_access.
200  */
201  ulong master_access() const;
202 
203  ulong master_access(const std::string &db_name) const;
204 
205  const Restrictions restrictions() const;
206 
208 
210 
211  /**
212  Check if a an account has been assigned to the security context
213 
214  The account assigment to the security context is always executed in the
215  following order:
216  1) assign user's name to the context
217  2) assign user's hostname to the context
218  Whilst user name can be null, hostname cannot. This is why we can say that
219  the full account has been assigned to the context when hostname is not
220  equal to empty string.
221 
222  @return Account assignment status
223  @retval true account has been assigned to the security context
224  @retval false account has not yet been assigned to the security context
225  */
226 
227  bool has_account_assigned() const;
228 
229  /**
230  Check permission against m_master_access
231  */
232 
233  /**
234  Check global access
235  @param want_access The required privileges
236  @param db_name The database name to check if it has restrictions attached
237  @param match_any if the security context must match all or any of the req.
238  * privileges.
239  @return True if the security context fulfills the access requirements.
240  */
241  bool check_access(ulong want_access, const std::string &db_name = "",
242  bool match_any = false);
243 
244  /**
245  Returns the schema level effective privileges (with applied roles)
246  for the currently active schema.
247  */
248  ulong current_db_access() const;
249 
250  /**
251  Cache the schema level effective privileges (apply roles first!) for the
252  currently active schema.
253  */
254  void cache_current_db_access(ulong db_access);
255 
256  /**
257  Getter method for member m_password_expired.
258  */
259  bool password_expired() const;
260 
262 
263  bool change_security_context(THD *thd, const LEX_CSTRING &definer_user,
264  const LEX_CSTRING &definer_host, LEX_STRING *db,
265  Security_context **backup, bool force = false);
266 
268 
270 
271  void logout();
272  /**
273  Locked account can still be used as routine definers and when they are
274  there shouldn't be any checks for expired passwords.
275  */
276  bool account_is_locked() { return m_is_locked; }
277 
278  void lock_account(bool is_locked) { m_is_locked = is_locked; }
279 
280  void set_drop_policy(const std::function<void(Security_context *)> &func);
281 
282  void add_as_local_temp_privs(const std::vector<std::string> &privs);
283  bool check_in_local_temp_privs(const std::string &priv);
284 
285  bool has_drop_policy(void);
286 
287  bool has_executed_drop_policy(void);
288 
289  void execute_drop_policy(void);
290 
291  bool is_access_restricted_on_db(ulong want_access,
292  const std::string &db_name) const;
293 
294  void clear_db_restrictions();
295 
296  private:
297  void init();
298  void destroy();
299  void copy_security_ctx(const Security_context &src_sctx);
300  ulong filter_access(const ulong access, const std::string &db_name) const;
302  std::pair<bool, bool> fetch_global_grant(const ACL_USER &acl_user,
303  const std::string &privilege,
304  bool cumulative = false);
305 
306  private:
307  /**
308  m_user - user of the client, set to NULL until the user has been read from
309  the connection
310  */
312 
313  /** m_host - host of the client */
315 
316  /** m_ip - client IP */
318 
319  /**
320  m_host_or_ip - points to host if host is available, otherwise points to ip
321  */
323 
325 
326  /**
327  m_priv_user - The user privilege we are using. May be "" for anonymous user.
328  */
331 
334 
335  /**
336  The host privilege we are using
337  */
340 
341  /**
342  Global privileges from mysql.user.
343  */
345 
346  /**
347  Privileges for current db
348  */
350 
351  /**
352  password expiration flag.
353 
354  This flag is set according to connecting user's context and not the
355  effective user.
356  */
361  /**
362  True if this account can't be logged into.
363  */
365  /**
366  True if the skip_grants_user is set.
367  */
369 
372  std::unique_ptr<std::function<void(Security_context *)>> m_drop_policy;
374 
375  /**
376  m_thd - Thread handle, set to nullptr if this does not belong to any THD yet
377  */
379 };
380 
381 /**
382  Getter method for member m_host_or_ip.
383 
384  @retval LEX_CSTRING object having constant pointer to m_host_or_ip.Ptr
385  and its length
386 */
389 
390  DBUG_ENTER("Security_context::host_or_ip");
391 
394 
396 }
397 
399  DBUG_ENTER("Security_context::set_host_or_ip_ptr");
400 
401  /*
402  Set host_or_ip to either host or ip if they are available else set it to
403  empty string.
404  */
405  const char *host_or_ip =
406  m_host.length() ? m_host.ptr() : (m_ip.length() ? m_ip.ptr() : "");
407 
409 
411 }
412 
414  const char *host_or_ip_arg, const int host_or_ip_arg_length) {
415  DBUG_ENTER("Security_context::set_host_or_ip_ptr");
416 
417  m_host_or_ip.set(host_or_ip_arg, host_or_ip_arg_length, system_charset_info);
418 
420 }
421 
423  LEX_CSTRING ext_user;
424 
425  DBUG_ENTER("Security_context::external_user");
426 
427  ext_user.str = m_external_user.ptr();
428  ext_user.length = m_external_user.length();
429 
430  DBUG_RETURN(ext_user);
431 }
432 
434 
436  return m_restrictions;
437 }
438 
439 inline void Security_context::set_master_access(ulong master_access) {
440  DBUG_ENTER("set_master_access");
442  DBUG_PRINT("info", ("Cached master access is %lu", m_master_access));
444 }
445 
447  ulong master_access, const Restrictions &restrictions) {
450 }
451 
452 inline const char *Security_context::priv_host_name() const {
453  return (*m_priv_host ? m_priv_host : (char *)"%");
454 }
455 
457  return m_priv_host[0] != '\0';
458 }
459 
461 
463  m_db_access = db_access;
464 }
465 
467  return m_password_expired;
468 }
469 
470 inline void Security_context::set_password_expired(bool password_expired) {
472 }
473 
475  return m_is_skip_grants_user;
476 }
477 
480 }
481 
482 #endif /* SQL_SECURITY_CTX_INCLUDED */
Security_context & operator=(const Security_context &src_sctx)
Definition: sql_security_ctx.cc:68
#define DBUG_RETURN(a1)
Definition: my_dbug.h:84
#define USERNAME_LENGTH
Definition: mysql_com.h:67
Our own string classes, used pervasively throughout the executor.
void checkout_access_maps(void)
Subscribes to a cache entry of aggregated ACLs.
Definition: sql_security_ctx.cc:378
bool m_is_skip_grants_user
True if the skip_grants_user is set.
Definition: sql_security_ctx.h:368
const char * db_name
Definition: rules_table_service.cc:54
void execute_drop_policy(void)
Definition: sql_security_ctx.cc:121
Definition: mysql_lex_string.h:34
Storage container for default auth ids.
Definition: auth_common.h:983
const Restrictions restrictions() const
Definition: sql_security_ctx.h:435
MYSQL_PLUGIN_IMPORT CHARSET_INFO * system_charset_info
Definition: mysqld.cc:1274
void skip_grants(const char *user="skip-grants user", const char *host="skip-grants host")
Grants all privilegs to user.
Definition: sql_security_ctx.cc:176
bool m_executed_drop_policy
Definition: sql_security_ctx.h:370
File containing constants that can be used throughout the server.
~Security_context()
Definition: sql_security_ctx.cc:61
void restore_security_context(THD *thd, Security_context *backup)
Definition: sql_security_ctx.cc:310
String m_user
m_user - user of the client, set to NULL until the user has been read from the connection ...
Definition: sql_security_ctx.h:311
bool has_executed_drop_policy(void)
Definition: sql_security_ctx.cc:117
bool check_access(ulong want_access, const std::string &db_name="", bool match_any=false)
Check permission against m_master_access.
Definition: sql_security_ctx.cc:324
const char * str
Definition: mysql_lex_string.h:40
std::pair< bool, bool > fetch_global_grant(const ACL_USER &acl_user, const std::string &privilege, bool cumulative=false)
Checks if the acl_user does have the asked dynamic privilege.
Definition: sql_security_ctx.cc:1141
void cache_current_db_access(ulong db_access)
Cache the schema level effective privileges (apply roles first!) for the currently active schema...
Definition: sql_security_ctx.h:462
void assign_external_user(const char *ext_user_arg, const int ext_user_arg_length)
Setter method for member m_external_user.
Definition: sql_security_ctx.cc:975
Definition: mysql_lex_string.h:39
Grant_table_aggregate table_and_column_acls(LEX_CSTRING db, LEX_CSTRING table)
Definition: sql_security_ctx.cc:544
A set of THD members describing the current authenticated user.
Definition: sql_security_ctx.h:51
void assign_priv_user(const char *priv_user_arg, const size_t priv_user_arg_length)
Setter method for member m_priv_user.
Definition: sql_security_ctx.cc:997
String m_host
m_host - host of the client
Definition: sql_security_ctx.h:314
Container of all restrictions for a given user.
Definition: partial_revokes.h:120
char m_proxy_user[USERNAME_LENGTH+MAX_HOSTNAME+5]
Definition: sql_security_ctx.h:332
List_of_auth_id_refs m_active_roles
Definition: sql_security_ctx.h:358
void lock_account(bool is_locked)
Definition: sql_security_ctx.h:278
LEX_CSTRING proxy_user() const
Getter method for member m_proxy_user.
Definition: sql_security_ctx.cc:1019
DBUG_VOID_RETURN
Definition: dbug_analyze.cc:151
void assign_user(const char *user_arg, const size_t user_arg_length)
Setter method for member m_user.
Definition: sql_security_ctx.cc:800
bool has_with_admin_acl(const LEX_CSTRING &role_name, const LEX_CSTRING &role_host)
Definition: sql_security_ctx.cc:563
void init_restrictions(const Restrictions &restrictions)
Definition: sql_security_ctx.cc:1093
Using this class is fraught with peril, and you need to be very careful when doing so...
Definition: sql_string.h:159
void assign_proxy_user(const char *proxy_user_arg, const size_t proxy_user_arg_length)
Setter method for member m_proxy_user.
Definition: sql_security_ctx.cc:1037
const char * priv_host_name() const
Definition: sql_security_ctx.h:452
String m_ip
m_ip - client IP
Definition: sql_security_ctx.h:317
static bool backup
Definition: myisampack.cc:194
void assign_ip(const char *ip_arg, const int ip_arg_length)
Setter method for member m_ip.
Definition: sql_security_ctx.cc:931
String m_external_user
Definition: sql_security_ctx.h:324
Common definition between mysql server & client.
void set_host_or_ip_ptr()
Setter method for member m_host_or_ip.
Definition: sql_security_ctx.h:398
Definition: sql_auth_cache.h:141
ulong m_db_access
Privileges for current db.
Definition: sql_security_ctx.h:349
#define DBUG_PRINT(keyword, arglist)
Definition: my_dbug.h:110
Definition: auth_internal.h:56
List_of_auth_id_refs * get_active_roles()
Definition: sql_security_ctx.cc:440
int m_map_checkout_count
Definition: sql_security_ctx.h:360
size_t m_priv_host_length
Definition: sql_security_ctx.h:339
ulong table_acl(LEX_CSTRING db, LEX_CSTRING table)
Definition: sql_security_ctx.cc:557
bool password_expired() const
Getter method for member m_password_expired.
Definition: sql_security_ctx.h:466
#define DBUG_ENTER(a)
Definition: my_dbug.h:80
LEX_CSTRING external_user() const
Getter method for member m_external_user.
Definition: sql_security_ctx.h:422
ulong filter_access(const ulong access, const std::string &db_name) const
If there is a restriction attached to an access on the given database then remove that access otherwi...
Definition: sql_security_ctx.cc:1112
void set_host_ptr(const char *host_arg, const size_t host_arg_length)
Setter method for member m_host.
Definition: sql_security_ctx.cc:840
bool any_sp_acl(const LEX_CSTRING &db)
Definition: sql_security_ctx.cc:577
size_t length
Definition: mysql_lex_string.h:41
void set_password_expired(bool password_expired)
Definition: sql_security_ctx.h:470
ulong function_acl(LEX_CSTRING db, LEX_CSTRING procedure_name)
Definition: sql_security_ctx.cc:528
size_t m_proxy_user_length
Definition: sql_security_ctx.h:333
bool m_has_drop_policy
Definition: sql_security_ctx.h:371
ulong current_db_access() const
Returns the schema level effective privileges (with applied roles) for the currently active schema...
Definition: sql_security_ctx.h:460
void init()
Definition: sql_security_ctx.cc:80
char m_priv_host[MAX_HOSTNAME]
The host privilege we are using.
Definition: sql_security_ctx.h:338
std::unique_ptr< std::function< void(Security_context *)> > m_drop_policy
Definition: sql_security_ctx.h:372
void set(String &str, size_t offset, size_t arg_length)
Definition: sql_string.h:270
ulong m_master_access
Global privileges from mysql.user.
Definition: sql_security_ctx.h:344
void set_master_access(ulong master_access)
Definition: sql_security_ctx.h:439
#define MAX_HOSTNAME
Definition: sql_const.h:59
void copy_security_ctx(const Security_context &src_sctx)
Deep copy status of sctx object to this.
Definition: sql_security_ctx.cc:203
std::pair< bool, bool > has_global_grant(const char *priv, size_t priv_len)
Checks if the Current_user has the asked dynamic privilege.
Definition: sql_security_ctx.cc:622
LEX_CSTRING user() const
Getter method for member m_user.
Definition: sql_security_ctx.cc:758
LEX_CSTRING host_or_ip() const
Getter method for member m_host_or_ip.
Definition: sql_security_ctx.h:387
Security_context(THD *thd=nullptr)
Definition: sql_security_ctx.cc:51
void clear_active_roles(void)
This helper method clears the active roles list and frees the allocated memory used for any previousl...
Definition: sql_security_ctx.cc:421
bool has_account_assigned() const
Check if a an account has been assigned to the security context.
Definition: sql_security_ctx.h:456
void set_external_user_ptr(const char *ext_user_arg, const int ext_user_arg_length)
Setter method for member m_external_user.
Definition: sql_security_ctx.cc:953
bool m_password_expired
password expiration flag.
Definition: sql_security_ctx.h:357
LEX_CSTRING priv_user() const
Getter method for member m_priv_user.
Definition: sql_security_ctx.cc:744
ulong db_acl(LEX_CSTRING db, bool use_pattern_scan=true) const
Definition: sql_security_ctx.cc:473
void destroy()
Definition: sql_security_ctx.cc:135
std::vector< Auth_id_ref > List_of_auth_id_refs
Definition: auth_common.h:71
bool has_drop_policy(void)
Definition: sql_security_ctx.cc:115
bool account_is_locked()
Locked account can still be used as routine definers and when they are there shouldn&#39;t be any checks ...
Definition: sql_security_ctx.h:276
int activate_role(LEX_CSTRING user, LEX_CSTRING host, bool validate_access=false)
This method pushes a role to the list of active roles.
Definition: sql_security_ctx.cc:352
size_t get_num_active_roles() const
Definition: sql_security_ctx.cc:444
Container for global, schema, table/view and routine ACL maps.
Definition: sql_auth_cache.h:480
THD * m_thd
m_thd - Thread handle, set to nullptr if this does not belong to any THD yet
Definition: sql_security_ctx.h:378
bool user_matches(Security_context *)
Definition: sql_security_ctx.cc:315
LEX_CSTRING ip() const
Getter method for member m_ip.
Definition: sql_security_ctx.cc:889
void set_user_ptr(const char *user_arg, const size_t user_arg_length)
Setter method for member m_user.
Definition: sql_security_ctx.cc:778
String m_host_or_ip
m_host_or_ip - points to host if host is available, otherwise points to ip
Definition: sql_security_ctx.h:322
MEM_ROOT * m_mem_root
Mem root.
Definition: acl_table_user.cc:149
Restrictions m_restrictions
Definition: sql_security_ctx.h:373
void set_ip_ptr(const char *ip_arg, const int ip_arg_length)
Setter method for member m_ip.
Definition: sql_security_ctx.cc:909
A better implementation of the UNIX ctype(3) library.
void logout()
Definition: sql_security_ctx.cc:102
ulong master_access() const
Getter method for member m_master_access.
Definition: sql_security_ctx.h:433
Acl_map * m_acl_map
Definition: sql_security_ctx.h:359
char m_priv_user[USERNAME_LENGTH]
m_priv_user - The user privilege we are using.
Definition: sql_security_ctx.h:329
void assign_host(const char *host_arg, const size_t host_arg_length)
Setter method for member m_host.
Definition: sql_security_ctx.cc:865
const char * ptr() const
Definition: sql_string.h:240
The MEM_ROOT is a simple arena, where allocations are carved out of larger blocks.
Definition: my_alloc.h:77
void set_drop_policy(const std::function< void(Security_context *)> &func)
Definition: sql_security_ctx.cc:128
void clear_db_restrictions()
Definition: sql_security_ctx.h:478
bool m_is_locked
True if this account can&#39;t be logged into.
Definition: sql_security_ctx.h:364
LEX_CSTRING host() const
Getter method for member m_host.
Definition: sql_security_ctx.cc:820
LEX_CSTRING priv_host() const
Getter method for member m_priv_host.
Definition: sql_security_ctx.cc:1059
bool is_skip_grants_user()
Definition: sql_security_ctx.h:474
bool check_in_local_temp_privs(const std::string &priv)
bool can_operate_with(const Auth_id &auth_id, const std::string &privilege, bool cumulative=false, bool ignore_if_nonextant=true)
Checks if the specified auth_id with privilege can work with the current_user.
Definition: sql_security_ctx.cc:709
unsigned long ulong
Definition: my_inttypes.h:46
bool change_security_context(THD *thd, const LEX_CSTRING &definer_user, const LEX_CSTRING &definer_host, LEX_STRING *db, Security_context **backup, bool force=false)
Initialize this security context from the passed in credentials and activate it in the current thread...
Definition: sql_security_ctx.cc:281
size_t length() const
Definition: sql_string.h:233
void add_as_local_temp_privs(const std::vector< std::string > &privs)
void assign_priv_host(const char *priv_host_arg, const size_t priv_host_arg_length)
Setter method for member m_priv_host.
Definition: sql_security_ctx.cc:1077
size_t m_priv_user_length
Definition: sql_security_ctx.h:330
For each client connection we create a separate thread with THD serving as a thread/connection descri...
Definition: sql_class.h:776
bool any_table_acl(const LEX_CSTRING &db)
Definition: sql_security_ctx.cc:592
bool is_access_restricted_on_db(ulong want_access, const std::string &db_name) const
Definition: sql_security_ctx.cc:1097
void clear_db()
Clear database restrictions.
Definition: partial_revokes.cc:1521
ulong procedure_acl(LEX_CSTRING db, LEX_CSTRING procedure_name)
Definition: sql_security_ctx.cc:512