← Back to branch summary

~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to drizzled/plugin/authorization.cc

  • Committer: Brian Aker
  • Date: 2010-09-22 22:29:55 UTC
  • mto: (1787.3.1 drizzle)
  • mto: This revision was merged to the branch mainline in revision 1789.
  • Revision ID: brian@tangent.org-20100922222955-cg1bddv4b72jwe31
Fix enum at being an intefer (which is what PG did, and it saves on
alignment issues).

Show diffs side-by-side

added added

removed removed

Lines of Context:
drizzled/plugin/authorization.cc
29
29
#include "drizzled/session.h"
30
30
#include "drizzled/gettext.h"
31
31
 
 
32
using namespace std;
 
33
 
32
34
namespace drizzled
33
35
{
34
36
 
35
 
std::vector<plugin::Authorization *> authorization_plugins;
 
37
vector<plugin::Authorization *> authorization_plugins;
36
38
 
37
39
 
38
40
bool plugin::Authorization::addPlugin(plugin::Authorization *auth)
39
41
{
40
42
  if (auth != NULL)
41
43
    authorization_plugins.push_back(auth);
42
 
 
43
44
  return false;
44
45
}
45
46
 
47
48
{
48
49
  if (auth != NULL)
49
50
  {
50
 
    authorization_plugins.erase(std::find(authorization_plugins.begin(),
51
 
                                          authorization_plugins.end(),
52
 
                                          auth));
 
51
    authorization_plugins.erase(find(authorization_plugins.begin(),
 
52
                                     authorization_plugins.end(),
 
53
                                     auth));
53
54
  }
54
55
}
55
56
 
57
58
{
58
59
 
59
60
class RestrictDbFunctor :
60
 
  public std::unary_function<plugin::Authorization *, bool>
 
61
  public unary_function<plugin::Authorization *, bool>
61
62
{
62
63
  const SecurityContext &user_ctx;
63
 
  SchemaIdentifier::const_reference schema;
64
 
 
 
64
  SchemaIdentifier &schema;
65
65
public:
66
66
  RestrictDbFunctor(const SecurityContext &user_ctx_arg,
67
 
                    SchemaIdentifier::const_reference schema_arg) :
68
 
    std::unary_function<plugin::Authorization *, bool>(),
 
67
                    SchemaIdentifier &schema_arg) :
 
68
    unary_function<plugin::Authorization *, bool>(),
69
69
    user_ctx(user_ctx_arg),
70
70
    schema(schema_arg)
71
71
  { }
77
77
};
78
78
 
79
79
class RestrictTableFunctor :
80
 
  public std::unary_function<plugin::Authorization *, bool>
 
80
  public unary_function<plugin::Authorization *, bool>
81
81
{
82
82
  const SecurityContext &user_ctx;
83
83
  TableIdentifier &table;
84
84
public:
85
85
  RestrictTableFunctor(const SecurityContext &user_ctx_arg,
86
86
                       TableIdentifier &table_arg) :
87
 
    std::unary_function<plugin::Authorization *, bool>(),
 
87
    unary_function<plugin::Authorization *, bool>(),
88
88
    user_ctx(user_ctx_arg),
89
89
    table(table_arg)
90
90
  { }
96
96
};
97
97
 
98
98
class RestrictProcessFunctor :
99
 
  public std::unary_function<plugin::Authorization *, bool>
 
99
  public unary_function<plugin::Authorization *, bool>
100
100
{
101
101
  const SecurityContext &user_ctx;
102
102
  const SecurityContext &session_ctx;
103
103
public:
104
104
  RestrictProcessFunctor(const SecurityContext &user_ctx_arg,
105
105
                         const SecurityContext &session_ctx_arg) :
106
 
    std::unary_function<plugin::Authorization *, bool>(),
 
106
    unary_function<plugin::Authorization *, bool>(),
107
107
    user_ctx(user_ctx_arg),
108
108
    session_ctx(session_ctx_arg)
109
109
  { }
115
115
};
116
116
 
117
117
class PruneSchemaFunctor :
118
 
  public std::unary_function<SchemaIdentifier&, bool>
 
118
  public unary_function<SchemaIdentifier&, bool>
119
119
{
120
120
  const SecurityContext &user_ctx;
121
121
public:
122
122
  PruneSchemaFunctor(const SecurityContext &user_ctx_arg) :
123
 
    std::unary_function<SchemaIdentifier&, bool>(),
 
123
    unary_function<SchemaIdentifier&, bool>(),
124
124
    user_ctx(user_ctx_arg)
125
125
  { }
126
126
 
133
133
} /* namespace */
134
134
 
135
135
bool plugin::Authorization::isAuthorized(const SecurityContext &user_ctx,
136
 
                                         SchemaIdentifier::const_reference schema_identifier,
 
136
                                         SchemaIdentifier &schema_identifier,
137
137
                                         bool send_error)
138
138
{
139
139
  /* If we never loaded any authorization plugins, just return true */
141
141
    return true;
142
142
 
143
143
  /* Use find_if instead of foreach so that we can collect return codes */
144
 
  std::vector<plugin::Authorization *>::const_iterator iter=
145
 
    std::find_if(authorization_plugins.begin(),
146
 
                 authorization_plugins.end(),
147
 
                 RestrictDbFunctor(user_ctx, schema_identifier));
 
144
  vector<plugin::Authorization *>::const_iterator iter=
 
145
    find_if(authorization_plugins.begin(),
 
146
            authorization_plugins.end(),
 
147
            RestrictDbFunctor(user_ctx, schema_identifier));
148
148
 
149
149
 
150
150
  /*
156
156
  {
157
157
    if (send_error)
158
158
    {
159
 
      std::string path;
160
 
      schema_identifier.getSQLPath(path);
161
 
 
162
159
      my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
163
160
               user_ctx.getUser().c_str(),
164
161
               user_ctx.getIp().c_str(),
165
 
               path.c_str());
 
162
               schema_identifier.getSQLPath().c_str());
166
163
    }
167
164
    return false;
168
165
  }
178
175
    return true;
179
176
 
180
177
  /* Use find_if instead of foreach so that we can collect return codes */
181
 
  std::vector<plugin::Authorization *>::const_iterator iter=
182
 
    std::find_if(authorization_plugins.begin(),
 
178
  vector<plugin::Authorization *>::const_iterator iter=
 
179
    find_if(authorization_plugins.begin(),
183
180
            authorization_plugins.end(),
184
181
            RestrictTableFunctor(user_ctx, table));
185
182
 
192
189
  {
193
190
    if (send_error)
194
191
    {
195
 
      std::string path;
196
 
      table.getSQLPath(path);
197
 
 
198
192
      my_error(ER_DBACCESS_DENIED_ERROR, MYF(0),
199
193
               user_ctx.getUser().c_str(),
200
194
               user_ctx.getIp().c_str(),
201
 
               path.c_str());
 
195
               table.getSQLPath().c_str());
202
196
    }
203
197
    return false;
204
198
  }
216
210
    return true;
217
211
 
218
212
  /* Use find_if instead of foreach so that we can collect return codes */
219
 
  std::vector<plugin::Authorization *>::const_iterator iter=
220
 
    std::find_if(authorization_plugins.begin(),
221
 
                 authorization_plugins.end(),
222
 
                 RestrictProcessFunctor(user_ctx, session_ctx));
 
213
  vector<plugin::Authorization *>::const_iterator iter=
 
214
    find_if(authorization_plugins.begin(),
 
215
            authorization_plugins.end(),
 
216
            RestrictProcessFunctor(user_ctx, session_ctx));
223
217
 
224
218
  /*
225
219
   * If iter is == end() here, that means that all of the plugins returned
239
233
}
240
234
 
241
235
void plugin::Authorization::pruneSchemaNames(const SecurityContext &user_ctx,
242
 
                                             SchemaIdentifier::vector &set_of_schemas)
 
236
                                             SchemaIdentifiers &set_of_schemas)
243
237
{
244
238
  /* If we never loaded any authorization plugins, just return true */
245
239
  if (authorization_plugins.empty())
246
240
    return;
247
241
 
248
 
  set_of_schemas.erase(std::remove_if(set_of_schemas.begin(),
249
 
                                      set_of_schemas.end(),
250
 
                                      PruneSchemaFunctor(user_ctx)),
 
242
  set_of_schemas.erase(remove_if(set_of_schemas.begin(),
 
243
                                 set_of_schemas.end(),
 
244
                                 PruneSchemaFunctor(user_ctx)),
251
245
                       set_of_schemas.end());
252
246
}
253
247