openGauss-server/src/include/commands/user.h

/* -------------------------------------------------------------------------
 *
 * user.h
 *	  Commands for manipulating roles (formerly called users).
 *
 *
 * src/include/commands/user.h
 *
 * -------------------------------------------------------------------------
 */
#ifndef USER_H
#define USER_H

#include "nodes/parsenodes.h"
#include "utils/timestamp.h"

/* Hook to check passwords in CreateRole() and AlterRole() */
#define PASSWORD_TYPE_PLAINTEXT 0
#define PASSWORD_TYPE_MD5 1
typedef struct LockInfoBuck {
    ThreadId pid;
    Oid relation;
    Oid database;
    Oid nspoid;
} LockInfoBuck;

typedef struct AccountLockHashEntry {
    Oid roleoid;
    int4 failcount;
    TimestampTz locktime;
    int2 rolstatus;
    slock_t mutex;
} AccountLockHashEntry;

#define PASSWORD_TYPE_SHA256 2
#define PASSWORD_TYPE_SM3 3
#define UNLOCK_FLAG -1

/* status of the account */
typedef enum { UNLOCK_STATUS = 0, LOCK_STATUS, SUPERLOCK_STATUS } USER_STATUS;
typedef enum { UNEXPIRED_STATUS = 0, EXPIRED_STATUS } PASSWORD_STATUS;

typedef void (*check_password_hook_type)(
    const char* username, const char* password, int password_type, Datum validuntil_time, bool validuntil_null);

extern THR_LOCAL PGDLLIMPORT check_password_hook_type check_password_hook;

extern bool isStrHasInvalidCharacter(const char* str);
extern void CreateRole(CreateRoleStmt* stmt);
extern void AlterRole(AlterRoleStmt* stmt);
extern void AlterRoleSet(AlterRoleSetStmt* stmt);
extern void DropRole(DropRoleStmt* stmt);
extern void GrantRole(GrantRoleStmt* stmt);
extern void RenameRole(const char* oldname, const char* newname);
extern void DropOwnedObjects(DropOwnedStmt* stmt);
extern void ReassignOwnedObjects(ReassignOwnedStmt* stmt);
extern void TryLockAccount(Oid roleID, int extrafails, bool superlock);
extern bool TryUnlockAccount(Oid roleID, bool superunlock, bool isreset);
void TryUnlockAllAccounts(void);
extern USER_STATUS GetAccountLockedStatus(Oid roleID);
extern void DropUserStatus(Oid roleID);
extern Oid GetRoleOid(const char* username);
extern bool IsRoleExist(const char* username);
void CheckLockPrivilege(Oid roleID, HeapTuple tuple, bool is_opradmin);
extern bool is_role_persistence(Oid roleid);
void CheckAlterAuditadminPrivilege(Oid roleid, bool isOnlyAlterPassword);
extern char* GetRoleName(Oid rolid, char* rolname, size_t size);
extern char* GetSuperUserName(char* username);
extern int decode_iteration(const char* auth_iteration_string);
extern void initSqlCount();
extern void initWaitCount(Oid userid);
extern PASSWORD_STATUS GetAccountPasswordExpired(Oid roleID);

void ReportLockAccountMessage(bool locked, const char *rolename);
bool LockAccountParaValid(Oid roleID, int extrafails, bool superlock);
void UpdateFailCountToHashTable(Oid roleid, int extrafails, bool superlock);
bool UnlockAccountToHashTable(Oid roleid, bool superlock, bool isreset);
int64 SearchAllAccounts();
void InitAccountLockHashTable();
extern USER_STATUS GetAccountLockedStatusFromHashTable(Oid roleid);
extern void UpdateAccountInfoFromHashTable();

extern inline void str_reset(char* str)
{
    if (str != NULL) {
        memset(str, 0, strlen(str));
    }

    return;
}

#ifdef PGXC
extern void PreCleanAndCheckUserConns(const char* username, bool missing_ok);
#endif /* PGXC */

#endif /* USER_H */