96 lines
2.6 KiB
Go
96 lines
2.6 KiB
Go
// Copyright 2015 PingCAP, Inc.
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package auth
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/pingcap/tidb/parser/format"
|
|
)
|
|
|
|
const (
|
|
// UserNameMaxLength is the max length of username.
|
|
UserNameMaxLength = 32
|
|
// HostNameMaxLength is the max length of host name.
|
|
HostNameMaxLength = 255
|
|
)
|
|
|
|
// UserIdentity represents username and hostname.
|
|
type UserIdentity struct {
|
|
Username string
|
|
Hostname string
|
|
CurrentUser bool
|
|
AuthUsername string // Username matched in privileges system
|
|
AuthHostname string // Match in privs system (i.e. could be a wildcard)
|
|
AuthPlugin string // The plugin specified in handshake, only used during authentication.
|
|
}
|
|
|
|
// Restore implements Node interface.
|
|
func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error {
|
|
if user.CurrentUser {
|
|
ctx.WriteKeyWord("CURRENT_USER")
|
|
} else {
|
|
ctx.WriteName(user.Username)
|
|
ctx.WritePlain("@")
|
|
ctx.WriteName(user.Hostname)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// String converts UserIdentity to the format user@host.
|
|
// It defaults to providing the AuthIdentity (the matching entry in priv tables)
|
|
// To use the actual identity use LoginString()
|
|
func (user *UserIdentity) String() string {
|
|
// TODO: Escape username and hostname.
|
|
if user == nil {
|
|
return ""
|
|
}
|
|
if user.AuthUsername != "" {
|
|
return fmt.Sprintf("%s@%s", user.AuthUsername, user.AuthHostname)
|
|
}
|
|
return fmt.Sprintf("%s@%s", user.Username, user.Hostname)
|
|
}
|
|
|
|
// LoginString returns matched identity in user@host format
|
|
// It matches the login user.
|
|
func (user *UserIdentity) LoginString() string {
|
|
// TODO: Escape username and hostname.
|
|
if user == nil {
|
|
return ""
|
|
}
|
|
return fmt.Sprintf("%s@%s", user.Username, user.Hostname)
|
|
}
|
|
|
|
// RoleIdentity represents a role name.
|
|
type RoleIdentity struct {
|
|
Username string
|
|
Hostname string
|
|
}
|
|
|
|
// Restore implements Node interface.
|
|
func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error {
|
|
ctx.WriteName(role.Username)
|
|
if role.Hostname != "" {
|
|
ctx.WritePlain("@")
|
|
ctx.WriteName(role.Hostname)
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// String converts UserIdentity to the format user@host.
|
|
func (role *RoleIdentity) String() string {
|
|
// TODO: Escape username and hostname.
|
|
return fmt.Sprintf("`%s`@`%s`", role.Username, role.Hostname)
|
|
}
|