← Back to branch summary

~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to drizzled/plugin/authorization.cc

  • Committer: Brian Aker
  • Date: 2010-03-31 05:53:34 UTC
  • Revision ID: brian@gaz-20100331055334-yqqmzlgqb2xq1p5b
Mass overhaul to use schema_identifier.

Show diffs side-by-side

added added

removed removed

Lines of Context:
drizzled/plugin/authorization.cc
120
120
} /* namespace */
121
121
 
122
122
bool plugin::Authorization::isAuthorized(const SecurityContext &user_ctx,
123
 
                                         const string &schema,
 
123
                                         SchemaIdentifier &schema_identifier,
124
124
                                         bool send_error)
125
125
{
126
126
  /* If we never loaded any authorization plugins, just return true */
131
131
  vector<plugin::Authorization *>::const_iterator iter=
132
132
    find_if(authorization_plugins.begin(),
133
133
            authorization_plugins.end(),
134
 
            RestrictDbFunctor(user_ctx, schema));
 
134
            RestrictDbFunctor(user_ctx, schema_identifier.getPath()));
135
135
 
136
136
  /*
137
137
   * If iter is == end() here, that means that all of the plugins returned
145
145
      my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
146
146
               user_ctx.getUser().c_str(),
147
147
               user_ctx.getIp().c_str(),
148
 
               schema.c_str());
 
148
               schema_identifier.getSQLPath().c_str());
149
149
    }
150
150
    return false;
151
151
  }
220
220
}
221
221
 
222
222
void plugin::Authorization::pruneSchemaNames(const SecurityContext &user_ctx,
223
 
                                             set<string> &set_of_names)
 
223
                                             SchemaIdentifierList &set_of_schemas)
224
224
{
225
 
 
226
 
  set<string> pruned_set_of_names;
 
225
  SchemaIdentifierList pruned_set_of_names;
227
226
 
228
227
  /* If we never loaded any authorization plugins, just return true */
229
228
  if (authorization_plugins.empty())
233
232
   * @TODO: It would be stellar if we could find a way to do this with a
234
233
   * functor and an STL algoritm
235
234
   */
236
 
  for(set<string>::const_iterator iter= set_of_names.begin();
237
 
      iter != set_of_names.end();
238
 
      ++iter)
 
235
  for (SchemaIdentifierList::iterator iter; iter != set_of_schemas.end(); iter++)
239
236
  {
240
 
    if (plugin::Authorization::isAuthorized(user_ctx, *iter, false))
 
237
    if (not plugin::Authorization::isAuthorized(user_ctx, *iter, false))
241
238
    {
242
 
      pruned_set_of_names.insert(*iter);
 
239
      iter= pruned_set_of_names.erase(iter);
243
240
    }
244
241
  }
245
 
  set_of_names.swap(pruned_set_of_names);
 
242
  set_of_schemas.swap(pruned_set_of_names);
246
243
}
247
244
 
248
245
} /* namespace drizzled */