2019-11-17 11:57:02 +00:00
|
|
|
#pragma once
|
|
|
|
|
|
|
|
#include <Access/RowPolicy.h>
|
|
|
|
#include <Core/Types.h>
|
|
|
|
#include <Core/UUID.h>
|
2020-02-12 23:59:49 +00:00
|
|
|
#include <boost/smart_ptr/atomic_shared_ptr.hpp>
|
2019-11-17 11:57:02 +00:00
|
|
|
#include <memory>
|
|
|
|
#include <unordered_map>
|
|
|
|
|
|
|
|
|
|
|
|
namespace DB
|
|
|
|
{
|
|
|
|
class IAST;
|
|
|
|
using ASTPtr = std::shared_ptr<IAST>;
|
|
|
|
|
|
|
|
|
|
|
|
/// Provides fast access to row policies' conditions for a specific user and tables.
|
2020-03-07 17:37:38 +00:00
|
|
|
class EnabledRowPolicies
|
2019-11-17 11:57:02 +00:00
|
|
|
{
|
|
|
|
public:
|
2020-03-07 17:37:38 +00:00
|
|
|
struct Params
|
|
|
|
{
|
|
|
|
UUID user_id;
|
2020-04-29 19:35:56 +00:00
|
|
|
boost::container::flat_set<UUID> enabled_roles;
|
2020-03-07 17:37:38 +00:00
|
|
|
|
|
|
|
auto toTuple() const { return std::tie(user_id, enabled_roles); }
|
|
|
|
friend bool operator ==(const Params & lhs, const Params & rhs) { return lhs.toTuple() == rhs.toTuple(); }
|
|
|
|
friend bool operator !=(const Params & lhs, const Params & rhs) { return !(lhs == rhs); }
|
|
|
|
friend bool operator <(const Params & lhs, const Params & rhs) { return lhs.toTuple() < rhs.toTuple(); }
|
|
|
|
friend bool operator >(const Params & lhs, const Params & rhs) { return rhs < lhs; }
|
|
|
|
friend bool operator <=(const Params & lhs, const Params & rhs) { return !(rhs < lhs); }
|
|
|
|
friend bool operator >=(const Params & lhs, const Params & rhs) { return !(lhs < rhs); }
|
|
|
|
};
|
2019-11-17 11:57:02 +00:00
|
|
|
|
2020-03-07 17:37:38 +00:00
|
|
|
~EnabledRowPolicies();
|
2019-11-17 11:57:02 +00:00
|
|
|
|
2020-03-07 17:37:38 +00:00
|
|
|
using ConditionType = RowPolicy::ConditionType;
|
2019-11-17 11:57:02 +00:00
|
|
|
|
|
|
|
/// Returns prepared filter for a specific table and operations.
|
|
|
|
/// The function can return nullptr, that means there is no filters applied.
|
|
|
|
/// The returned filter can be a combination of the filters defined by multiple row policies.
|
2020-03-07 17:37:38 +00:00
|
|
|
ASTPtr getCondition(const String & database, const String & table_name, ConditionType type) const;
|
|
|
|
ASTPtr getCondition(const String & database, const String & table_name, ConditionType type, const ASTPtr & extra_condition) const;
|
2020-02-12 20:47:37 +00:00
|
|
|
|
2019-11-17 11:57:02 +00:00
|
|
|
/// Returns IDs of all the policies used by the current user.
|
|
|
|
std::vector<UUID> getCurrentPolicyIDs() const;
|
|
|
|
|
|
|
|
/// Returns IDs of the policies used by a concrete table.
|
|
|
|
std::vector<UUID> getCurrentPolicyIDs(const String & database, const String & table_name) const;
|
|
|
|
|
|
|
|
private:
|
2020-03-07 17:37:38 +00:00
|
|
|
friend class RowPolicyCache;
|
|
|
|
EnabledRowPolicies(const Params & params_);
|
2019-11-17 11:57:02 +00:00
|
|
|
|
|
|
|
using DatabaseAndTableName = std::pair<String, String>;
|
2020-02-12 23:59:49 +00:00
|
|
|
using DatabaseAndTableNameRef = std::pair<std::string_view, std::string_view>;
|
2019-11-17 11:57:02 +00:00
|
|
|
struct Hash
|
|
|
|
{
|
|
|
|
size_t operator()(const DatabaseAndTableNameRef & database_and_table_name) const;
|
|
|
|
};
|
2020-05-02 16:05:01 +00:00
|
|
|
using ParsedConditions = std::array<ASTPtr, RowPolicy::MAX_CONDITION_TYPE>;
|
2019-11-17 11:57:02 +00:00
|
|
|
struct MixedConditions
|
|
|
|
{
|
|
|
|
std::unique_ptr<DatabaseAndTableName> database_and_table_name_keeper;
|
|
|
|
ParsedConditions mixed_conditions;
|
|
|
|
std::vector<UUID> policy_ids;
|
|
|
|
};
|
|
|
|
using MapOfMixedConditions = std::unordered_map<DatabaseAndTableNameRef, MixedConditions, Hash>;
|
|
|
|
|
2020-03-07 17:37:38 +00:00
|
|
|
const Params params;
|
2020-02-12 23:59:49 +00:00
|
|
|
mutable boost::atomic_shared_ptr<const MapOfMixedConditions> map_of_mixed_conditions;
|
2019-11-17 11:57:02 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
}
|