MySQL 5.6.14 Source Code Document
|
The current state of the privilege checking process for the current user, SQL statement and SQL object. More...
#include <table.h>
Public Attributes | |
GRANT_TABLE * | grant_table |
A copy of the privilege information regarding the current host, database, object and user. | |
uint | version |
Used for cache invalidation when caching privilege information. | |
ulong | privilege |
The set of privileges that the current user has fulfilled for a certain host, database, and object. | |
ulong | want_privilege |
the set of privileges that the current user needs to fulfil in order to carry out the requested operation. | |
ulong | orig_want_privilege |
GRANT_INTERNAL_INFO | m_internal |
The current state of the privilege checking process for the current user, SQL statement and SQL object.
The privilege checking process is divided into phases depending on the level of the privilege to be checked and the type of object to be accessed. Due to the mentioned scattering of privilege checking functionality, it is necessary to keep track of the state of the process. This information is stored in privilege, want_privilege, and orig_want_privilege.
A GRANT_INFO also serves as a cache of the privilege hash tables. Relevant members are grant_table and version.
GRANT_TABLE* st_grant_info::grant_table |
A copy of the privilege information regarding the current host, database, object and user.
The version of this copy is found in GRANT_INFO::version.
GRANT_INTERNAL_INFO st_grant_info::m_internal |
ulong st_grant_info::orig_want_privilege |
ulong st_grant_info::privilege |
The set of privileges that the current user has fulfilled for a certain host, database, and object.
This field is continually updated throughout the access checking process. In each step the "wanted privilege" is checked against the fulfilled privileges. When/if the intersection of these sets is empty, access is granted.
The set is implemented as a bitmap, with the bits defined in sql_acl.h.
uint st_grant_info::version |
Used for cache invalidation when caching privilege information.
The privilege information is stored on disk, with dedicated caches residing in memory: table-level and column-level privileges, respectively, have their own dedicated caches.
The GRANT_INFO works as a level 1 cache with this member updated to the current value of the global variable grant_version
(static
variable in sql_acl.cc). It is updated Whenever the GRANT_INFO is refreshed from the level 2 cache. The level 2 cache is the column_priv_hash
structure (static
variable in sql_acl.cc)