2020-03-07 17:37:38 +00:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
#include <Core/UUID.h>
|
|
|
|
#include <boost/container/flat_set.hpp>
|
|
|
|
#include <memory>
|
|
|
|
#include <optional>
|
|
|
|
|
|
|
|
|
|
|
|
namespace DB
|
|
|
|
{
|
2020-05-30 20:10:45 +00:00
|
|
|
class ASTRolesOrUsersSet;
|
2020-03-07 17:37:38 +00:00
|
|
|
class AccessControlManager;
|
|
|
|
|
|
|
|
|
|
|
|
/// Represents a set of users/roles like
|
|
|
|
/// {user_name | role_name | CURRENT_USER} [,...] | NONE | ALL | ALL EXCEPT {user_name | role_name | CURRENT_USER} [,...]
|
2020-05-30 20:10:45 +00:00
|
|
|
/// Similar to ASTRolesOrUsersSet, but with IDs instead of names.
|
|
|
|
struct RolesOrUsersSet
|
2020-03-07 17:37:38 +00:00
|
|
|
{
|
2020-05-30 20:10:45 +00:00
|
|
|
RolesOrUsersSet();
|
|
|
|
RolesOrUsersSet(const RolesOrUsersSet & src);
|
|
|
|
RolesOrUsersSet & operator =(const RolesOrUsersSet & src);
|
|
|
|
RolesOrUsersSet(RolesOrUsersSet && src);
|
|
|
|
RolesOrUsersSet & operator =(RolesOrUsersSet && src);
|
2020-03-07 17:37:38 +00:00
|
|
|
|
|
|
|
struct AllTag {};
|
2020-05-30 20:10:45 +00:00
|
|
|
RolesOrUsersSet(AllTag);
|
2020-03-07 17:37:38 +00:00
|
|
|
|
2020-05-30 20:10:45 +00:00
|
|
|
RolesOrUsersSet(const UUID & id);
|
|
|
|
RolesOrUsersSet(const std::vector<UUID> & ids_);
|
2020-03-07 17:37:38 +00:00
|
|
|
|
|
|
|
/// The constructor from AST requires the AccessControlManager if `ast.id_mode == false`.
|
2020-05-30 20:10:45 +00:00
|
|
|
RolesOrUsersSet(const ASTRolesOrUsersSet & ast);
|
|
|
|
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const std::optional<UUID> & current_user_id);
|
|
|
|
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager);
|
|
|
|
RolesOrUsersSet(const ASTRolesOrUsersSet & ast, const AccessControlManager & manager, const std::optional<UUID> & current_user_id);
|
2020-03-07 17:37:38 +00:00
|
|
|
|
2020-05-30 20:10:45 +00:00
|
|
|
std::shared_ptr<ASTRolesOrUsersSet> toAST() const;
|
|
|
|
std::shared_ptr<ASTRolesOrUsersSet> toASTWithNames(const AccessControlManager & manager) const;
|
2020-04-29 19:35:56 +00:00
|
|
|
|
|
|
|
String toString() const;
|
2020-03-07 17:37:38 +00:00
|
|
|
String toStringWithNames(const AccessControlManager & manager) const;
|
|
|
|
Strings toStringsWithNames(const AccessControlManager & manager) const;
|
|
|
|
|
|
|
|
bool empty() const;
|
|
|
|
void clear();
|
|
|
|
void add(const UUID & id);
|
|
|
|
void add(const std::vector<UUID> & ids_);
|
|
|
|
|
2020-05-30 20:10:45 +00:00
|
|
|
/// Checks if a specified ID matches this RolesOrUsersSet.
|
2020-03-07 17:37:38 +00:00
|
|
|
bool match(const UUID & id) const;
|
|
|
|
bool match(const UUID & user_id, const boost::container::flat_set<UUID> & enabled_roles) const;
|
|
|
|
|
|
|
|
/// Returns a list of matching IDs. The function must not be called if `all` == `true`.
|
|
|
|
std::vector<UUID> getMatchingIDs() const;
|
|
|
|
|
|
|
|
/// Returns a list of matching users and roles.
|
|
|
|
std::vector<UUID> getMatchingIDs(const AccessControlManager & manager) const;
|
|
|
|
|
2020-05-30 20:10:45 +00:00
|
|
|
friend bool operator ==(const RolesOrUsersSet & lhs, const RolesOrUsersSet & rhs);
|
|
|
|
friend bool operator !=(const RolesOrUsersSet & lhs, const RolesOrUsersSet & rhs) { return !(lhs == rhs); }
|
2020-03-07 17:37:38 +00:00
|
|
|
|
|
|
|
boost::container::flat_set<UUID> ids;
|
|
|
|
bool all = false;
|
|
|
|
boost::container::flat_set<UUID> except_ids;
|
|
|
|
|
|
|
|
private:
|
2020-05-30 20:10:45 +00:00
|
|
|
void init(const ASTRolesOrUsersSet & ast, const AccessControlManager * manager = nullptr, const std::optional<UUID> & current_user_id = {});
|
2020-03-07 17:37:38 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
}
|