~drizzle-trunk/drizzle/development : contents of plugin/simple_user

~drizzle-trunk/drizzle/development : (revision 2363.1.1)

/* -*- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; -*-
 *  vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
 *
 *  Copyright (C) 2010 Monty Taylor <mordred@inaugust.com>
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; version 2 of the License.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 */


#pragma once

#include <iostream>

#include <drizzled/plugin/authorization.h>

namespace simple_user_policy
{

class Policy :
  public drizzled::plugin::Authorization
{
public:
  Policy() :
    drizzled::plugin::Authorization("Simple User Policy")
  { }

  virtual bool restrictSchema(const drizzled::identifier::User &user_ctx,
                              const drizzled::identifier::Schema& schema);

  virtual bool restrictProcess(const drizzled::identifier::User &user_ctx,
                               const drizzled::identifier::User &session_ctx);
};

inline bool Policy::restrictSchema(const drizzled::identifier::User &user_ctx,
                                   const drizzled::identifier::Schema& schema)
{
  if ((user_ctx.username() == "root")
      || schema.compare("data_dictionary")
      || schema.compare("information_schema"))
  {
    return false;
  }

  return not schema.compare(user_ctx.username());
}

inline bool Policy::restrictProcess(const drizzled::identifier::User &user_ctx,
                                    const drizzled::identifier::User &session_ctx)
{
  if (user_ctx.username() == "root")
    return false;

  return user_ctx.username() != session_ctx.username();
}

} /* namespace simple_user_policy */


1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	1	/* -- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; --
	2	* vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
	3	*
	4	* Copyright (C) 2010 Monty Taylor <mordred@inaugust.com>
	5	*
	6	* This program is free software; you can redistribute it and/or modify
	7	* it under the terms of the GNU General Public License as published by
	8	* the Free Software Foundation; version 2 of the License.
	9	*
	10	* This program is distributed in the hope that it will be useful,
	11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	* GNU General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License
	16	* along with this program; if not, write to the Free Software
	17	* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
	18	*/
	19
	20
2234 by Brian Aker Mass removal of ifdef/endif in favor of pragma once.	21	#pragma once
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	22
	23	#include <iostream>
	24
	25	#include <drizzled/plugin/authorization.h>
	26
	27	namespace simple_user_policy
	28	{
	29
	30	class Policy :
	31	public drizzled::plugin::Authorization
	32	{
	33	public:
	34	Policy() :
	35	drizzled::plugin::Authorization("Simple User Policy")
	36	{ }
	37
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	38	virtual bool restrictSchema(const drizzled::identifier::User &user_ctx,
2246.4.9 by Olaf van der Spek Remove const_reference and reference from identifier::Schema	39	const drizzled::identifier::Schema& schema);
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	40
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	41	virtual bool restrictProcess(const drizzled::identifier::User &user_ctx,
	42	const drizzled::identifier::User &session_ctx);
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	43	};
	44
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	45	inline bool Policy::restrictSchema(const drizzled::identifier::User &user_ctx,
2246.4.9 by Olaf van der Spek Remove const_reference and reference from identifier::Schema	46	const drizzled::identifier::Schema& schema)
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	47	{
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	48	if ((user_ctx.username() == "root")
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	49	\|\| schema.compare("data_dictionary")
	50	\|\| schema.compare("information_schema"))
2087.4.1 by Brian Aker Merge in schema identifier.	51	{
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	52	return false;
2087.4.1 by Brian Aker Merge in schema identifier.	53	}
2087.4.1 by Brian Aker Merge in schema identifier.	54
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	55	return not schema.compare(user_ctx.username());
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	56	}
	57
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	58	inline bool Policy::restrictProcess(const drizzled::identifier::User &user_ctx,
	59	const drizzled::identifier::User &session_ctx)
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	60	{
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	61	if (user_ctx.username() == "root")
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	62	return false;
2008.1.1 by Brian Aker Adding user identifier that makes use of a shared ptr to handle concurrency	63
	64	return user_ctx.username() != session_ctx.username();
1471.2.3 by Monty Taylor Replaced test_authz with a plugin implementing a hard-coded simple	65	}
	66
	67	} /* namespace simple_user_policy */
	68