privilege

package

v3.1.0-fork Latest Latest Go to latest Published: Apr 18, 2020 License: Apache-2.0 Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/yujunz/tidb

Documentation ¶

Index ¶

func BindPrivilegeManager(ctx sessionctx.Context, pc Manager)
type Manager
- func GetPrivilegeManager(ctx sessionctx.Context) Manager

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func BindPrivilegeManager ¶

func BindPrivilegeManager(ctx sessionctx.Context, pc Manager)

BindPrivilegeManager binds Manager to context.

Types ¶

type Manager ¶

type Manager interface {
	// ShowGrants shows granted privileges for user.
	ShowGrants(ctx sessionctx.Context, user *auth.UserIdentity, roles []*auth.RoleIdentity) ([]string, error)

	// GetEncodedPassword shows the encoded password for user.
	GetEncodedPassword(user, host string) string

	// RequestVerification verifies user privilege for the request.
	// If table is "", only check global/db scope privileges.
	// If table is not "", check global/db/table scope privileges.
	// priv should be a defined constant like CreatePriv, if pass AllPrivMask to priv,
	// this means any privilege would be OK.
	RequestVerification(activeRole []*auth.RoleIdentity, db, table, column string, priv mysql.PrivilegeType) bool

	// RequestVerificationWithUser verifies specific user privilege for the request.
	RequestVerificationWithUser(db, table, column string, priv mysql.PrivilegeType, user *auth.UserIdentity) bool

	// ConnectionVerification verifies user privilege for connection.
	ConnectionVerification(user, host string, auth, salt []byte, tlsState *tls.ConnectionState) (string, string, bool)

	// GetAuthWithoutVerification uses to get auth name without verification.
	GetAuthWithoutVerification(user, host string) (string, string, bool)

	// DBIsVisible returns true is the database is visible to current user.
	DBIsVisible(activeRole []*auth.RoleIdentity, db string) bool

	// UserPrivilegesTable provide data for INFORMATION_SCHEMA.USERS_PRIVILEGE table.
	UserPrivilegesTable() [][]types.Datum

	// ActiveRoles active roles for current session.
	// The first illegal role will be returned.
	ActiveRoles(ctx sessionctx.Context, roleList []*auth.RoleIdentity) (bool, string)

	// FindEdge find if there is an edge between role and user.
	FindEdge(ctx sessionctx.Context, role *auth.RoleIdentity, user *auth.UserIdentity) bool

	// GetDefaultRoles returns all default roles for certain user.
	GetDefaultRoles(user, host string) []*auth.RoleIdentity

	// GetAllRoles return all roles of user.
	GetAllRoles(user, host string) []*auth.RoleIdentity
}

Manager is the interface for providing privilege related operations.

func GetPrivilegeManager ¶

func GetPrivilegeManager(ctx sessionctx.Context) Manager

GetPrivilegeManager gets Checker from context.

Source Files ¶

View all Source files

privilege.go

Directories ¶

Path	Synopsis
privileges

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL