Drizzled Public API Documentation

regex_policy::Policy Class Reference
Inheritance diagram for regex_policy::Policy:
drizzled::plugin::Authorization drizzled::plugin::Plugin

Public Types

typedef std::pair< const std::string, const std::string > map_key
 
typedef std::map< const map_key, plugin::Plugin * > map
 
typedef std::vector< Plugin * > vector
 

Public Member Functions

 Policy (const std::string &f_path)
 
virtual bool restrictSchema (const drizzled::identifier::User &user_ctx, const drizzled::identifier::Schema &schema)
 
virtual bool restrictProcess (const drizzled::identifier::User &user_ctx, const drizzled::identifier::User &session_ctx)
 
virtual bool restrictTable (const drizzled::identifier::User &user_ctx, const drizzled::identifier::Table &table)
 
void setPolicies (PolicyItemList new_table_policies, PolicyItemList new_schema_policies, PolicyItemList new_process_policies)
 
void clearPolicies ()
 
std::string & getPolicyFile ()
 
bool setPolicyFile (std::string &new_policy_file)
 
std::stringstream & getError ()
 
virtual void shutdownPlugin ()
 
virtual void prime ()
 
virtual void startup (drizzled::Session &)
 
void activate ()
 
void deactivate ()
 
bool isActive () const
 
const std::string & getName () const
 
void setModule (module::Module *module)
 
const std::string & getTypeName () const
 
virtual bool removeLast () const
 
const std::string & getModuleName () const
 

Static Public Member Functions

static bool isAuthorized (const drizzled::identifier::User &user_ctx, const identifier::Schema &schema_identifier, bool send_error=true)
 
static bool isAuthorized (const drizzled::identifier::User &user_ctx, const drizzled::identifier::Table &table_identifier, bool send_error=true)
 
static bool isAuthorized (const drizzled::identifier::User &user_ctx, const Session &session, bool send_error=true)
 
static void pruneSchemaNames (const drizzled::identifier::User &user_ctx, identifier::schema::vector &set_of_schemas)
 
static bool addPlugin (plugin::Authorization *auth)
 
static void removePlugin (plugin::Authorization *auth)
 

Private Member Functions

bool restrictObject (const drizzled::identifier::User &user_ctx, const std::string &obj, const PolicyItemList &policies, CheckMap &check_cache)
 

Private Attributes

std::string sysvar_policy_file
 
fs::path policy_file
 
std::stringstream error
 
PolicyItemList table_policies
 
PolicyItemList schema_policies
 
PolicyItemList process_policies
 
CheckMap table_check_cache
 
CheckMap schema_check_cache
 
CheckMap process_check_cache
 

Detailed Description

Definition at line 164 of file policy.h.

Member Function Documentation

bool drizzled::plugin::Authorization::addPlugin ( plugin::Authorization auth)
staticinherited

Standard plugin system registration hooks

Definition at line 37 of file authorization.cc.

bool drizzled::plugin::Authorization::isAuthorized ( const drizzled::identifier::User user_ctx,
const identifier::Schema schema_identifier,
bool  send_error = true 
)
staticinherited

Server API method for checking schema authorization

Definition at line 134 of file authorization.cc.

Referenced by drizzled::Session::isViewable().

bool drizzled::plugin::Authorization::isAuthorized ( const drizzled::identifier::User user_ctx,
const drizzled::identifier::Table table_identifier,
bool  send_error = true 
)
staticinherited

Server API method for checking table authorization

Definition at line 165 of file authorization.cc.

bool drizzled::plugin::Authorization::isAuthorized ( const drizzled::identifier::User user_ctx,
const Session session,
bool  send_error = true 
)
staticinherited

Server API method for checking process authorization

Definition at line 195 of file authorization.cc.

void drizzled::plugin::Authorization::pruneSchemaNames ( const drizzled::identifier::User user_ctx,
identifier::schema::vector &  set_of_schemas 
)
staticinherited

Server API helper method for applying authorization tests to a set of schema names (for use in the context of getSchemaNames

Definition at line 232 of file authorization.cc.

bool regex_policy::Policy::restrictProcess ( const drizzled::identifier::User user_ctx,
const drizzled::identifier::User session_ctx 
)
virtual

Should we restrict the current user's access to see this process?

Parameters
Currentsecurity context
Databaseto check against
Tableto check against
Returns
true if the user cannot see the process

Reimplemented from drizzled::plugin::Authorization.

Definition at line 298 of file module.cc.

bool regex_policy::Policy::restrictSchema ( const drizzled::identifier::User user_ctx,
const drizzled::identifier::Schema schema 
)
virtual

Should we restrict the current user's access to this schema?

Parameters
Currentsecurity context
Databaseto check against
Returns
true if the user cannot access the schema

Implements drizzled::plugin::Authorization.

Definition at line 292 of file module.cc.

bool regex_policy::Policy::restrictTable ( const drizzled::identifier::User user_ctx,
const drizzled::identifier::Table table 
)
virtual

Should we restrict the current user's access to this table?

Parameters
Currentsecurity context
Databaseto check against
Tableto check against
Returns
true if the user cannot access the table

Reimplemented from drizzled::plugin::Authorization.

Definition at line 304 of file module.cc.


The documentation for this class was generated from the following files: