2017-11-27 21:31:13 +00:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
|
|
#include <Interpreters/Users.h>
|
|
|
|
|
|
|
|
|
|
namespace DB
|
|
|
|
|
{
|
|
|
|
|
|
2017-11-28 00:52:56 +00:00
|
|
|
/** Duties of security manager:
|
|
|
|
|
* 1) Authenticate users
|
2017-11-28 01:08:21 +00:00
|
|
|
* 2) Provide user settings (profile, quota, ACLs)
|
2017-11-28 00:52:56 +00:00
|
|
|
* 3) Grant access to databases
|
|
|
|
|
*/
|
2017-11-27 21:31:13 +00:00
|
|
|
class ISecurityManager
|
|
|
|
|
{
|
|
|
|
|
public:
|
2017-11-30 14:53:12 +00:00
|
|
|
using UserPtr = std::shared_ptr<const User>;
|
|
|
|
|
|
2017-11-27 21:31:13 +00:00
|
|
|
virtual void loadFromConfig(Poco::Util::AbstractConfiguration & config) = 0;
|
|
|
|
|
|
|
|
|
|
/// Find user and make authorize checks
|
2017-11-30 14:53:12 +00:00
|
|
|
virtual UserPtr authorizeAndGetUser(
|
2017-11-27 21:31:13 +00:00
|
|
|
const String & user_name,
|
|
|
|
|
const String & password,
|
|
|
|
|
const Poco::Net::IPAddress & address) const = 0;
|
|
|
|
|
|
|
|
|
|
/// Just find user
|
2017-11-30 14:53:12 +00:00
|
|
|
virtual UserPtr getUser(const String & user_name) const = 0;
|
2017-11-27 21:31:13 +00:00
|
|
|
|
|
|
|
|
/// Check if the user has access to the database.
|
|
|
|
|
virtual bool hasAccessToDatabase(const String & user_name, const String & database_name) const = 0;
|
|
|
|
|
|
|
|
|
|
virtual ~ISecurityManager() {}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
}
|
