patch 4.0
This commit is contained in:
wangzelin.wzl
@ -16,114 +16,198 @@
|
||||
#include "lib/container/ob_se_array.h"
|
||||
#include "share/schema/ob_priv_type.h"
|
||||
|
||||
namespace oceanbase {
|
||||
namespace oceanbase
|
||||
{
|
||||
|
||||
namespace share {
|
||||
namespace share
|
||||
{
|
||||
|
||||
typedef int64_t ObRawPriv; /* raw sys priv
|
||||
value is PRIV_ID_CREATE_SESSION etc
|
||||
ob_sys_priv_type.h defined in */
|
||||
typedef int64_t ObRawPriv; /* raw sys priv
|
||||
value is PRIV_ID_CREATE_SESSION etc
|
||||
ob_sys_priv_type.h defined in */
|
||||
|
||||
typedef int64_t ObRawObjPriv; /* raw obj priv
|
||||
value is OBJ_PRIV_ID_ALTER etc
|
||||
ob_obj_priv_type.h defined in */
|
||||
typedef int64_t ObRawObjPriv; /* raw obj priv
|
||||
value is OBJ_PRIV_ID_ALTER etc
|
||||
ob_obj_priv_type.h defined in */
|
||||
|
||||
typedef common::ObSEArray<ObRawPriv, 4> ObRawPrivArray; // used in grant priv, revoke priv
|
||||
typedef common::ObSEArray<ObRawPriv, 4> ObRawPrivArray; // used in grant priv, revoke priv
|
||||
|
||||
typedef common::ObSEArray<ObRawObjPriv, 4> ObRawObjPrivArray; // used in grant, revoke objpriv
|
||||
typedef common::ObSEArray<ObRawObjPriv, 4> ObRawObjPrivArray; // used in grant, revoke objpriv
|
||||
|
||||
typedef common::ObSEArray<ObPrivSet, 3> ObPackedPrivArray; // used in priv schema, packed
|
||||
|
||||
typedef ObPrivSet ObPackedObjPriv; // used in obj priv in priv schema packed
|
||||
|
||||
/* database object type definition
|
||||
table, view, pf(procedure/function) */
|
||||
|
||||
// typedef share::schema::ObObjectType ObDbObjType;
|
||||
/* database object type definition
|
||||
table, view, pf(procedure/function)
|
||||
这里就不用新的类型了,复用ob_max_id_fetch.h里面的id_type,
|
||||
例如,user/role类型,就用 OB_MAX_USED_USER_ID_TYPE */
|
||||
|
||||
#define NO_OPTION 0
|
||||
#define ADMIN_OPTION 1 /* used in system privilege */
|
||||
#define GRANT_OPTION 1 /* used in obj privilege */
|
||||
//typedef share::schema::ObObjectType ObDbObjType;
|
||||
|
||||
#define COL_ID_FOR_TAB_PRIV OB_ALL_MAX_COLUMN_ID // when table level priv, set colid to this value
|
||||
#define ALL_DIR_NAME "DIRECTORY"
|
||||
#define OBJ_ID_FOR_DIR 0
|
||||
#define NO_OPTION 0
|
||||
#define ADMIN_OPTION 1 /* used in system privilege */
|
||||
#define GRANT_OPTION 1 /* used in obj privilege */
|
||||
|
||||
#define OBJ_LEVEL_FOR_TAB_PRIV OB_ALL_MAX_COLUMN_ID //当表级权限时,colid设置为这个值
|
||||
#define OBJ_LEVEL_FOR_COL_PRIV (OBJ_LEVEL_FOR_TAB_PRIV + 1) //当可以检查列权限时,colid设置为这个
|
||||
#define ALL_DIR_NAME "DIRECTORY"
|
||||
#define OBJ_ID_FOR_DIR 0
|
||||
|
||||
class ObPrivPacker {
|
||||
|
||||
public:
|
||||
static int init_packed_array(ObPackedPrivArray& array);
|
||||
static int init_packed_array(
|
||||
ObPackedPrivArray &array);
|
||||
|
||||
static int raw_priv_to_packed_info(
|
||||
const uint64_t option, const ObRawPriv priv, int& group_id, ObPrivSet& packed_priv);
|
||||
const uint64_t option,
|
||||
const ObRawPriv priv,
|
||||
int &group_id,
|
||||
ObPrivSet &packed_priv);
|
||||
|
||||
static int raw_obj_priv_to_packed_info(const uint64_t option, const ObRawObjPriv priv, ObPackedObjPriv& packed_priv);
|
||||
|
||||
static int pack_raw_priv(const uint64_t option, const ObRawPriv priv, ObPackedPrivArray& packed_array);
|
||||
static int raw_obj_priv_to_packed_info(
|
||||
const uint64_t option,
|
||||
const ObRawObjPriv priv,
|
||||
ObPackedObjPriv &packed_priv);
|
||||
|
||||
static int pack_raw_priv(
|
||||
const uint64_t option,
|
||||
const ObRawPriv priv,
|
||||
ObPackedPrivArray &packed_array);
|
||||
|
||||
static int pack_raw_priv_list(
|
||||
const uint64_t option, const ObRawPrivArray& priv_list, ObPackedPrivArray& packed_array);
|
||||
const uint64_t option,
|
||||
const ObRawPrivArray &priv_list,
|
||||
ObPackedPrivArray &packed_array);
|
||||
|
||||
static int pack_raw_obj_priv(const uint64_t option, const ObRawObjPriv priv, ObPackedObjPriv& packed_obj_privs);
|
||||
static int pack_raw_obj_priv(
|
||||
const uint64_t option,
|
||||
const ObRawObjPriv priv,
|
||||
ObPackedObjPriv &packed_obj_privs);
|
||||
|
||||
static int pack_raw_obj_priv_list(
|
||||
const uint64_t option, const ObRawObjPrivArray priv_list, ObPackedObjPriv& packed_obj_privs);
|
||||
const uint64_t option,
|
||||
const ObRawObjPrivArray priv_list,
|
||||
ObPackedObjPriv &packed_obj_privs);
|
||||
|
||||
static int append_raw_obj_priv(const uint64_t option, const ObRawObjPriv priv, ObPackedObjPriv& packed_obj_privs);
|
||||
static int append_raw_obj_priv(
|
||||
const uint64_t option,
|
||||
const ObRawObjPriv priv,
|
||||
ObPackedObjPriv &packed_obj_privs);
|
||||
|
||||
static int raw_obj_priv_from_pack(const ObPackedObjPriv& packed_obj_privs, ObRawObjPrivArray& raw_priv_array);
|
||||
static int raw_obj_priv_from_pack(
|
||||
const ObPackedObjPriv &packed_obj_privs,
|
||||
ObRawObjPrivArray &raw_priv_array
|
||||
);
|
||||
|
||||
static int raw_option_obj_priv_from_pack(const ObPackedObjPriv& packed_obj_privs, ObRawObjPrivArray& raw_priv_array);
|
||||
static int raw_option_obj_priv_from_pack(
|
||||
const ObPackedObjPriv &packed_obj_privs,
|
||||
ObRawObjPrivArray &raw_priv_array
|
||||
);
|
||||
|
||||
static int raw_no_option_obj_priv_from_pack(
|
||||
const ObPackedObjPriv& packed_obj_privs, ObRawObjPrivArray& raw_priv_array);
|
||||
const ObPackedObjPriv &packed_obj_privs,
|
||||
ObRawObjPrivArray &raw_priv_array
|
||||
);
|
||||
|
||||
static int merge_two_packed_array(ObPackedPrivArray& packed_array_1, const ObPackedPrivArray& packed_array_2);
|
||||
static int merge_two_packed_array(
|
||||
ObPackedPrivArray &packed_array_1,
|
||||
const ObPackedPrivArray &packed_array_2);
|
||||
|
||||
static int packed_array_to_raw_privs(const ObPackedPrivArray& packed_array, ObRawPrivArray& raw_priv_array,
|
||||
ObRawPrivArray& raw_priv_array_with_option);
|
||||
static int packed_array_to_raw_privs(
|
||||
const ObPackedPrivArray &packed_array,
|
||||
ObRawPrivArray &raw_priv_array,
|
||||
ObRawPrivArray &raw_priv_array_with_option);
|
||||
|
||||
static int get_total_obj_privs(const ObPackedObjPriv& packed_obj_privs, int& n_cnt);
|
||||
static int get_total_obj_privs(
|
||||
const ObPackedObjPriv &packed_obj_privs,
|
||||
int &n_cnt);
|
||||
|
||||
static int get_total_privs(const ObPackedPrivArray& packed_array, int& n_cnt);
|
||||
static int get_total_privs(
|
||||
const ObPackedPrivArray &packed_array,
|
||||
int &n_cnt);
|
||||
|
||||
private:
|
||||
static int has_raw_priv(const ObRawPriv raw_priv, const ObPrivSet priv_set, bool& exists, uint64_t& option);
|
||||
static int has_raw_priv(
|
||||
const ObRawPriv raw_priv,
|
||||
const ObPrivSet priv_set,
|
||||
bool &exists,
|
||||
uint64_t &option);
|
||||
|
||||
static int push_back_raw_priv_array(
|
||||
ObRawPriv raw_priv,
|
||||
bool exists,
|
||||
uint64_t option,
|
||||
ObRawPrivArray &raw_priv_array,
|
||||
ObRawPrivArray &raw_priv_array_with_option);
|
||||
|
||||
static int push_back_raw_priv_array(ObRawPriv raw_priv, bool exists, uint64_t option, ObRawPrivArray& raw_priv_array,
|
||||
ObRawPrivArray& raw_priv_array_with_option);
|
||||
};
|
||||
|
||||
class ObOraPrivCheck {
|
||||
public:
|
||||
|
||||
/* check if rawsyspriv exists */
|
||||
static int raw_sys_priv_exists(
|
||||
const uint64_t option, const ObRawPriv priv, const ObPackedPrivArray& packed_array, bool& exists);
|
||||
const uint64_t option,
|
||||
const ObRawPriv priv,
|
||||
const ObPackedPrivArray &packed_array,
|
||||
bool &exists);
|
||||
|
||||
static int raw_sys_priv_exists(
|
||||
const ObRawPriv priv,
|
||||
const ObPackedPrivArray &packed_array,
|
||||
bool &exists);
|
||||
|
||||
static int raw_sys_priv_exists(const ObRawPriv priv, const ObPackedPrivArray& packed_array, bool& exists);
|
||||
|
||||
/* at least, one in plist */
|
||||
/* plist里面的是否至少有一个 */
|
||||
static int packed_sys_priv_list_or_exists(
|
||||
const ObPackedPrivArray& plist_to_be_checked, const ObPackedPrivArray& packed_array, bool& exists);
|
||||
const ObPackedPrivArray &plist_to_be_checked,
|
||||
const ObPackedPrivArray &packed_array,
|
||||
bool &exists);
|
||||
|
||||
static int packed_sys_priv_list_and_exists(
|
||||
const ObPackedPrivArray &plist_to_be_checked,
|
||||
const ObPackedPrivArray &packed_array,
|
||||
bool &exists);
|
||||
|
||||
static int raw_obj_priv_exists(
|
||||
const ObRawObjPriv priv, const uint64_t option, const ObPackedObjPriv& obj_privs, bool& exists);
|
||||
const ObRawObjPriv priv,
|
||||
const uint64_t option,
|
||||
const ObPackedObjPriv &obj_privs,
|
||||
bool &exists);
|
||||
|
||||
static int raw_obj_priv_exists(const ObRawObjPriv priv, const ObPackedObjPriv& obj_privs, bool& exists);
|
||||
static int raw_obj_priv_exists(
|
||||
const ObRawObjPriv priv,
|
||||
const ObPackedObjPriv &obj_privs,
|
||||
bool &exists);
|
||||
|
||||
static int raw_obj_priv_exists_with_info(
|
||||
const ObRawObjPriv priv, const ObPackedObjPriv& obj_privs, bool& exists, uint64_t& option);
|
||||
const ObRawObjPriv priv,
|
||||
const ObPackedObjPriv &obj_privs,
|
||||
bool &exists,
|
||||
uint64_t &option);
|
||||
|
||||
static int packed_obj_priv_list_or_exists(
|
||||
const ObPackedObjPriv& priv_list_to_be_checked, const ObPackedObjPriv& obj_privs, bool& exists);
|
||||
const ObPackedObjPriv &priv_list_to_be_checked,
|
||||
const ObPackedObjPriv &obj_privs,
|
||||
bool &exists);
|
||||
|
||||
static bool user_is_owner(const common::ObString& user_name, const common::ObString& db_name);
|
||||
static bool user_is_owner(
|
||||
const common::ObString &user_name,
|
||||
const common::ObString &db_name);
|
||||
|
||||
/* check p1, if not passed, then cond==true and check p2 */
|
||||
static int p1_or_cond_p2_exists(
|
||||
const ObRawPriv priv1, bool cond, const ObRawPriv priv2, const ObPackedPrivArray& packed_array, bool& exists);
|
||||
const ObRawPriv priv1,
|
||||
bool cond,
|
||||
const ObRawPriv priv2,
|
||||
const ObPackedPrivArray &packed_array,
|
||||
bool &exists);
|
||||
|
||||
static bool raw_priv_can_be_granted_to_column(const ObRawObjPriv priv);
|
||||
};
|
||||
} // end namespace share
|
||||
} // end namespace oceanbase
|
||||
} // end namespace share
|
||||
} // end namespace oceanbase
|
||||
|
||||
#endif
|
||||
|
||||
Reference in New Issue
Block a user