MySQL 9.1.0
Source Code Documentation
|
The current state of the privilege checking process for the current user, SQL statement and SQL object. More...
#include <table.h>
Public Member Functions | |
GRANT_INFO () | |
Public Attributes | |
GRANT_TABLE * | grant_table {nullptr} |
A copy of the privilege information regarding the current host, database, object and user. More... | |
uint | version {0} |
Used for cache invalidation when caching privilege information. More... | |
Access_bitmask | privilege {0} |
The set of privileges that the current user has fulfilled for a certain host, database, and object. More... | |
GRANT_INTERNAL_INFO | m_internal |
The grant state for internal tables. More... | |
The current state of the privilege checking process for the current user, SQL statement and SQL object.
The privilege checking process is divided into phases depending on the level of the privilege to be checked and the type of object to be accessed. Due to the mentioned scattering of privilege checking functionality, it is necessary to keep track of the state of the process.
A GRANT_INFO also serves as a cache of the privilege hash tables. Relevant members are grant_table and version.
GRANT_INFO::GRANT_INFO | ( | ) |
GRANT_TABLE* GRANT_INFO::grant_table {nullptr} |
A copy of the privilege information regarding the current host, database, object and user.
The version of this copy is found in GRANT_INFO::version.
GRANT_INTERNAL_INFO GRANT_INFO::m_internal |
The grant state for internal tables.
Access_bitmask GRANT_INFO::privilege {0} |
The set of privileges that the current user has fulfilled for a certain host, database, and object.
This field is continually updated throughout the access checking process. In each step the "wanted privilege" is checked against the fulfilled privileges. When/if the intersection of these sets is empty, access is granted.
The set is implemented as a bitmap, with the bits defined in sql_acl.h.
uint GRANT_INFO::version {0} |
Used for cache invalidation when caching privilege information.
The privilege information is stored on disk, with dedicated caches residing in memory: table-level and column-level privileges, respectively, have their own dedicated caches.
The GRANT_INFO works as a level 1 cache with this member updated to the current value of the global variable grant_version
(static
variable in sql_acl.cc). It is updated Whenever the GRANT_INFO is refreshed from the level 2 cache. The level 2 cache is the column_priv_hash
structure (static
variable in sql_acl.cc)