privileges

package

v0.0.0-...-3633c1a Latest Latest Go to latest Published: Jul 11, 2021 License: Apache-2.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/daiguadaidai/tidb

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type Handle
- func NewHandle() *Handle
- func (h *Handle) Get() *MySQLPrivilege
- func (h *Handle) Update(ctx sessionctx.Context) error
type MySQLPrivilege
type UserPrivileges
type UserRecord

Constants ¶

This section is empty.

Variables ¶

View Source

var SkipWithGrant = false

SkipWithGrant causes the server to start without using the privilege system at all.

Functions ¶

This section is empty.

Types ¶

type Handle ¶

type Handle struct {
	// contains filtered or unexported fields
}

Handle wraps MySQLPrivilege providing thread safe access.

func NewHandle ¶

func NewHandle() *Handle

NewHandle returns a Handle.

func (*Handle) Get ¶

func (h *Handle) Get() *MySQLPrivilege

Get the MySQLPrivilege for read.

func (*Handle) Update ¶

func (h *Handle) Update(ctx sessionctx.Context) error

Update loads all the privilege info from kv storage.

type MySQLPrivilege ¶

type MySQLPrivilege struct {
	User         []UserRecord
	DB           []dbRecord
	TablesPriv   []tablesPrivRecord
	ColumnsPriv  []columnsPrivRecord
	DefaultRoles []defaultRoleRecord
	RoleGraph    map[string]roleGraphEdgesTable
}

MySQLPrivilege is the in-memory cache of mysql privilege tables.

func (*MySQLPrivilege) DBIsVisible ¶

func (p *MySQLPrivilege) DBIsVisible(user, host, db string) bool

DBIsVisible checks whether the user can see the db.

func (*MySQLPrivilege) FindAllRole ¶

func (p *MySQLPrivilege) FindAllRole(activeRoles []*auth.RoleIdentity) []*auth.RoleIdentity

FindAllRole is used to find all roles grant to this user.

func (*MySQLPrivilege) FindRole ¶

func (p *MySQLPrivilege) FindRole(user string, host string, role *auth.RoleIdentity) bool

FindRole is used to detect whether there is edges between users and roles.

func (*MySQLPrivilege) LoadAll ¶

func (p *MySQLPrivilege) LoadAll(ctx sessionctx.Context) error

LoadAll loads the tables from database to memory.

func (*MySQLPrivilege) LoadColumnsPrivTable ¶

func (p *MySQLPrivilege) LoadColumnsPrivTable(ctx sessionctx.Context) error

LoadColumnsPrivTable loads the mysql.columns_priv table from database.

func (*MySQLPrivilege) LoadDBTable ¶

func (p *MySQLPrivilege) LoadDBTable(ctx sessionctx.Context) error

LoadDBTable loads the mysql.db table from database.

func (*MySQLPrivilege) LoadDefaultRoles ¶

func (p *MySQLPrivilege) LoadDefaultRoles(ctx sessionctx.Context) error

LoadDefaultRoles loads the mysql.columns_priv table from database.

func (*MySQLPrivilege) LoadRoleGraph ¶

func (p *MySQLPrivilege) LoadRoleGraph(ctx sessionctx.Context) error

LoadRoleGraph loads the mysql.role_edges table from database.

func (*MySQLPrivilege) LoadTablesPrivTable ¶

func (p *MySQLPrivilege) LoadTablesPrivTable(ctx sessionctx.Context) error

LoadTablesPrivTable loads the mysql.tables_priv table from database.

func (*MySQLPrivilege) LoadUserTable ¶

func (p *MySQLPrivilege) LoadUserTable(ctx sessionctx.Context) error

LoadUserTable loads the mysql.user table from database.

func (*MySQLPrivilege) RequestVerification ¶

func (p *MySQLPrivilege) RequestVerification(activeRoles []*auth.RoleIdentity, user, host, db, table, column string, priv mysql.PrivilegeType) bool

RequestVerification checks whether the user have sufficient privileges to do the operation.

func (MySQLPrivilege) SortUserTable ¶

func (p MySQLPrivilege) SortUserTable()

SortUserTable sorts p.User in the MySQLPrivilege struct.

func (*MySQLPrivilege) UserPrivilegesTable ¶

func (p *MySQLPrivilege) UserPrivilegesTable() [][]types.Datum

UserPrivilegesTable provide data for INFORMATION_SCHEMA.USERS_PRIVILEGE table.

type UserPrivileges ¶

type UserPrivileges struct {
	*Handle
	// contains filtered or unexported fields
}

UserPrivileges implements privilege.Manager interface. This is used to check privilege for the current user.

func (*UserPrivileges) ActiveRoles ¶

func (p *UserPrivileges) ActiveRoles(ctx sessionctx.Context, roleList []*auth.RoleIdentity) (bool, string)

ActiveRoles implements privilege.Manager ActiveRoles interface.

func (*UserPrivileges) ConnectionVerification ¶

func (p *UserPrivileges) ConnectionVerification(user, host string, authentication, salt []byte) (u string, h string, success bool)

ConnectionVerification implements the Manager interface.

func (*UserPrivileges) DBIsVisible ¶

func (p *UserPrivileges) DBIsVisible(activeRoles []*auth.RoleIdentity, db string) bool

DBIsVisible implements the Manager interface.

func (*UserPrivileges) FindEdge ¶

func (p *UserPrivileges) FindEdge(ctx sessionctx.Context, role *auth.RoleIdentity, user *auth.UserIdentity) bool

FindEdge implements privilege.Manager FindRelationship interface.

func (*UserPrivileges) GetAllRoles ¶

func (p *UserPrivileges) GetAllRoles(user, host string) []*auth.RoleIdentity

GetAllRoles return all roles of user.

func (*UserPrivileges) GetDefaultRoles ¶

func (p *UserPrivileges) GetDefaultRoles(user, host string) []*auth.RoleIdentity

GetDefaultRoles returns all default roles for certain user.

func (*UserPrivileges) GetEncodedPassword ¶

func (p *UserPrivileges) GetEncodedPassword(user, host string) string

GetEncodedPassword implements the Manager interface.

func (*UserPrivileges) RequestVerification ¶

func (p *UserPrivileges) RequestVerification(activeRoles []*auth.RoleIdentity, db, table, column string, priv mysql.PrivilegeType) bool

RequestVerification implements the Manager interface.

func (*UserPrivileges) RequestVerificationWithUser ¶

func (p *UserPrivileges) RequestVerificationWithUser(db, table, column string, priv mysql.PrivilegeType, user *auth.UserIdentity) bool

RequestVerificationWithUser implements the Manager interface.

func (*UserPrivileges) ShowGrants ¶

func (p *UserPrivileges) ShowGrants(ctx sessionctx.Context, user *auth.UserIdentity, roles []*auth.RoleIdentity) (grants []string, err error)

ShowGrants implements privilege.Manager ShowGrants interface.

func (*UserPrivileges) UserPrivilegesTable ¶

func (p *UserPrivileges) UserPrivilegesTable() [][]types.Datum

UserPrivilegesTable implements the Manager interface.

type UserRecord ¶

type UserRecord struct {
	Host          string // max length 60, primary key
	User          string // max length 32, primary key
	Password      string // max length 41
	Privileges    mysql.PrivilegeType
	AccountLocked bool // A role record when this field is true
	// contains filtered or unexported fields
}

UserRecord is used to represent a user record in privilege cache.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL