~drizzle-trunk/drizzle/development

Viewing changes to plugin/simple_user_policy/policy.h

Committer: Brian Aker
Date: 2010-12-18 05:18:30 UTC
mto: This revision was merged to the branch mainline in revision 2009.
Revision ID: brian@tangent.org-20101218051830-lswb13hfiqbia74o

Adding user identifier that makes use of a shared ptr to handle concurrency
issues around looking at the state of a connection.

files added:
drizzled/identifier/user.cc

drizzled/identifier/user.h

plugin/utility_functions/tests/t/execute.test

files renamed:
plugin/utility_functions/tests/t/execute.test => plugin/utility_functions/tests/t/execute_complex.disabled

files modified:
drizzled/db.cc

drizzled/execute.cc

drizzled/identifier.h

drizzled/include.am

drizzled/plugin/authentication.cc

drizzled/plugin/authentication.h

drizzled/plugin/authorization.cc

drizzled/plugin/authorization.h

drizzled/plugin/schema_engine.cc

drizzled/security_context.h

drizzled/session.cc

drizzled/session.h

drizzled/sql_base.cc

drizzled/statement/create_schema.cc

drizzled/table.cc

plugin/auth_file/auth_file.cc

plugin/auth_http/auth_http.cc

plugin/auth_ldap/auth_ldap.cc

plugin/auth_pam/auth_pam.cc

plugin/auth_test/auth_test.cc

plugin/console/console.cc

plugin/drizzle_protocol/drizzle_protocol.cc

plugin/innobase/handler/ha_innodb.cc

plugin/logging_stats/logging_stats.cc

plugin/logging_stats/scoreboard.cc

plugin/mysql_protocol/mysql_protocol.cc

plugin/session_dictionary/processlist.cc

plugin/simple_user_policy/policy.h

plugin/user_locks/barriers.h

plugin/user_locks/create_barrier.cc

plugin/user_locks/get_lock.cc

plugin/user_locks/get_locks.cc

plugin/user_locks/is_free_lock.cc

plugin/user_locks/is_used_lock.cc

plugin/user_locks/key.h

plugin/user_locks/release_barrier.cc

plugin/user_locks/release_lock.cc

plugin/user_locks/release_wait.cc

plugin/user_locks/signal.cc

plugin/user_locks/wait.cc

plugin/user_locks/wait_for_lock.cc

plugin/user_locks/wait_until.cc

plugin/utility_functions/tests/r/execute.result

plugin/utility_functions/user.cc

unittests/plugin/authentication_test.cc

unittests/plugin/plugin_stubs.h

Show diffs side-by-side

added added

removed removed

plugin/simple_user_policy/policy.h

drizzled::plugin::Authorization("Simple User Policy")

{ }

virtual bool restrictSchema(const drizzled::SecurityContext &user_ctx,

virtual bool restrictSchema(const drizzled::identifier::User &user_ctx,

drizzled::SchemaIdentifier::const_reference schema);

virtual bool restrictProcess(const drizzled::SecurityContext &user_ctx,

const drizzled::SecurityContext &session_ctx);

virtual bool restrictProcess(const drizzled::identifier::User &user_ctx,

const drizzled::identifier::User &session_ctx);

};

inline bool Policy::restrictSchema(const drizzled::SecurityContext &user_ctx,

inline bool Policy::restrictSchema(const drizzled::identifier::User &user_ctx,

drizzled::SchemaIdentifier::const_reference schema)

{

if ((user_ctx.getUser() == "root")

if ((user_ctx.username() == "root")

|| schema.compare("data_dictionary")

|| schema.compare("information_schema"))

return false;

return not schema.compare(user_ctx.getUser());

return not schema.compare(user_ctx.username());

}

inline bool Policy::restrictProcess(const drizzled::SecurityContext &user_ctx,

const drizzled::SecurityContext &session_ctx)

inline bool Policy::restrictProcess(const drizzled::identifier::User &user_ctx,

const drizzled::identifier::User &session_ctx)

{

if (user_ctx.getUser() == "root")

if (user_ctx.username() == "root")

return false;

return user_ctx.getUser() != session_ctx.getUser();

return user_ctx.username() != session_ctx.username();

}

} /* namespace simple_user_policy */

Older »