Drizzled Public API Documentation

authorization.h

00001 /* -*- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; -*-
00002  *  vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
00003  *
00004  *  Definitions required for Authorization plugin
00005  *
00006  *  Copyright (C) 2010 Monty Taylor
00007  *
00008  *  This program is free software; you can redistribute it and/or modify
00009  *  it under the terms of the GNU General Public License as published by
00010  *  the Free Software Foundation; version 2 of the License.
00011  *
00012  *  This program is distributed in the hope that it will be useful,
00013  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  *  GNU General Public License for more details.
00016  *
00017  *  You should have received a copy of the GNU General Public License
00018  *  along with this program; if not, write to the Free Software
00019  *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
00020  */
00021 
00022 #pragma once
00023 
00024 #include <drizzled/plugin.h>
00025 #include <drizzled/plugin/plugin.h>
00026 #include <drizzled/identifier.h>
00027 
00028 #include <string>
00029 #include <set>
00030 
00031 #include <drizzled/visibility.h>
00032 
00033 namespace drizzled
00034 {
00035 
00036 namespace plugin
00037 {
00038 
00039 class DRIZZLED_API Authorization : public Plugin
00040 {
00041   Authorization();
00042   Authorization(const Authorization &);
00043   Authorization& operator=(const Authorization &);
00044 public:
00045   explicit Authorization(std::string name_arg)
00046     : Plugin(name_arg, "Authorization")
00047   {}
00048   virtual ~Authorization() {}
00049 
00058   virtual bool restrictSchema(const drizzled::identifier::User &user_ctx,
00059                               identifier::Schema::const_reference schema)= 0;
00060 
00070   virtual bool restrictTable(drizzled::identifier::User::const_reference user_ctx,
00071                              drizzled::identifier::Table::const_reference table);
00072 
00082   virtual bool restrictProcess(const drizzled::identifier::User &user_ctx,
00083                                const drizzled::identifier::User &session_ctx);
00084 
00086   static bool isAuthorized(drizzled::identifier::User::const_reference user_ctx,
00087                            identifier::Schema::const_reference schema_identifier,
00088                            bool send_error= true);
00089 
00091   static bool isAuthorized(drizzled::identifier::User::const_reference user_ctx,
00092                            drizzled::identifier::Table::const_reference table_identifier,
00093                            bool send_error= true);
00094 
00096   static bool isAuthorized(drizzled::identifier::User::const_reference user_ctx,
00097                            const Session &session,
00098                            bool send_error= true);
00099 
00104   static void pruneSchemaNames(drizzled::identifier::User::const_reference user_ctx,
00105                                identifier::Schema::vector &set_of_schemas);
00106   
00110   static bool addPlugin(plugin::Authorization *auth);
00111   static void removePlugin(plugin::Authorization *auth);
00112 
00113 };
00114 
00115 inline bool Authorization::restrictTable(drizzled::identifier::User::const_reference user_ctx,
00116                                          drizzled::identifier::Table::const_reference table)
00117 {
00118   return restrictSchema(user_ctx, table);
00119 }
00120 
00121 inline bool Authorization::restrictProcess(const drizzled::identifier::User &,
00122                                            const drizzled::identifier::User &)
00123 {
00124   return false;
00125 }
00126 
00127 } /* namespace plugin */
00128 
00129 } /* namespace drizzled */
00130