2020-04-20 22:07:00 +00:00
|
|
|
#include <Access/GrantedRoles.h>
|
2021-02-26 22:37:00 +00:00
|
|
|
#include <Access/RolesOrUsersSet.h>
|
2020-04-20 22:07:00 +00:00
|
|
|
#include <boost/range/algorithm/set_algorithm.hpp>
|
2021-02-26 22:37:00 +00:00
|
|
|
#include <boost/range/algorithm_ext/erase.hpp>
|
2020-04-20 22:07:00 +00:00
|
|
|
|
|
|
|
namespace DB
|
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
void GrantedRoles::grant(const UUID & role_)
|
2020-04-20 22:07:00 +00:00
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles.insert(role_);
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void GrantedRoles::grant(const std::vector<UUID> & roles_)
|
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles.insert(roles_.begin(), roles_.end());
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
2021-02-26 22:37:00 +00:00
|
|
|
void GrantedRoles::grantWithAdminOption(const UUID & role_)
|
2020-04-20 22:07:00 +00:00
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles.insert(role_);
|
|
|
|
roles_with_admin_option.insert(role_);
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void GrantedRoles::grantWithAdminOption(const std::vector<UUID> & roles_)
|
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles.insert(roles_.begin(), roles_.end());
|
|
|
|
roles_with_admin_option.insert(roles_.begin(), roles_.end());
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-02-26 22:37:00 +00:00
|
|
|
void GrantedRoles::revoke(const UUID & role_)
|
2020-04-20 22:07:00 +00:00
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles.erase(role_);
|
|
|
|
roles_with_admin_option.erase(role_);
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void GrantedRoles::revoke(const std::vector<UUID> & roles_)
|
|
|
|
{
|
|
|
|
for (const UUID & role : roles_)
|
|
|
|
revoke(role);
|
|
|
|
}
|
|
|
|
|
2021-02-26 22:37:00 +00:00
|
|
|
void GrantedRoles::revokeAdminOption(const UUID & role_)
|
2020-04-20 22:07:00 +00:00
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
roles_with_admin_option.erase(role_);
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
void GrantedRoles::revokeAdminOption(const std::vector<UUID> & roles_)
|
|
|
|
{
|
|
|
|
for (const UUID & role : roles_)
|
|
|
|
revokeAdminOption(role);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2021-02-26 22:37:00 +00:00
|
|
|
bool GrantedRoles::isGranted(const UUID & role_) const
|
|
|
|
{
|
|
|
|
return roles.count(role_);
|
|
|
|
}
|
|
|
|
|
|
|
|
bool GrantedRoles::isGrantedWithAdminOption(const UUID & role_) const
|
|
|
|
{
|
|
|
|
return roles_with_admin_option.count(role_);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
std::vector<UUID> GrantedRoles::findGranted(const std::vector<UUID> & ids) const
|
|
|
|
{
|
|
|
|
std::vector<UUID> res;
|
|
|
|
res.reserve(ids.size());
|
|
|
|
for (const UUID & id : ids)
|
|
|
|
{
|
|
|
|
if (isGranted(id))
|
|
|
|
res.push_back(id);
|
|
|
|
}
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<UUID> GrantedRoles::findGranted(const boost::container::flat_set<UUID> & ids) const
|
|
|
|
{
|
|
|
|
std::vector<UUID> res;
|
|
|
|
res.reserve(ids.size());
|
2021-07-22 13:32:51 +00:00
|
|
|
boost::range::set_intersection(ids, roles, std::back_inserter(res));
|
2021-02-26 22:37:00 +00:00
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<UUID> GrantedRoles::findGranted(const RolesOrUsersSet & ids) const
|
2020-04-20 22:07:00 +00:00
|
|
|
{
|
2021-02-26 22:37:00 +00:00
|
|
|
std::vector<UUID> res;
|
|
|
|
for (const UUID & id : roles)
|
|
|
|
{
|
|
|
|
if (ids.match(id))
|
|
|
|
res.emplace_back(id);
|
|
|
|
}
|
2020-04-20 22:07:00 +00:00
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
2021-02-26 22:37:00 +00:00
|
|
|
std::vector<UUID> GrantedRoles::findGrantedWithAdminOption(const std::vector<UUID> & ids) const
|
|
|
|
{
|
|
|
|
std::vector<UUID> res;
|
|
|
|
res.reserve(ids.size());
|
|
|
|
for (const UUID & id : ids)
|
|
|
|
{
|
|
|
|
if (isGrantedWithAdminOption(id))
|
|
|
|
res.push_back(id);
|
|
|
|
}
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<UUID> GrantedRoles::findGrantedWithAdminOption(const boost::container::flat_set<UUID> & ids) const
|
|
|
|
{
|
|
|
|
std::vector<UUID> res;
|
|
|
|
res.reserve(ids.size());
|
2021-07-22 13:32:51 +00:00
|
|
|
boost::range::set_intersection(ids, roles_with_admin_option, std::back_inserter(res));
|
2021-02-26 22:37:00 +00:00
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
std::vector<UUID> GrantedRoles::findGrantedWithAdminOption(const RolesOrUsersSet & ids) const
|
|
|
|
{
|
|
|
|
std::vector<UUID> res;
|
|
|
|
for (const UUID & id : roles_with_admin_option)
|
|
|
|
{
|
|
|
|
if (ids.match(id))
|
|
|
|
res.emplace_back(id);
|
|
|
|
}
|
|
|
|
return res;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
GrantedRoles::Elements GrantedRoles::getElements() const
|
|
|
|
{
|
|
|
|
Elements elements;
|
|
|
|
|
|
|
|
Element element;
|
|
|
|
element.ids.reserve(roles.size());
|
|
|
|
boost::range::set_difference(roles, roles_with_admin_option, std::back_inserter(element.ids));
|
|
|
|
if (!element.empty())
|
|
|
|
{
|
2021-05-08 16:09:17 +00:00
|
|
|
element.admin_option = false; //-V1048
|
2021-02-26 22:37:00 +00:00
|
|
|
elements.emplace_back(std::move(element));
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!roles_with_admin_option.empty())
|
|
|
|
{
|
|
|
|
element = {};
|
|
|
|
element.ids.insert(element.ids.end(), roles_with_admin_option.begin(), roles_with_admin_option.end());
|
|
|
|
element.admin_option = true;
|
|
|
|
elements.emplace_back(std::move(element));
|
|
|
|
}
|
|
|
|
|
|
|
|
return elements;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
void GrantedRoles::makeUnion(const GrantedRoles & other)
|
|
|
|
{
|
|
|
|
roles.insert(other.roles.begin(), other.roles.end());
|
|
|
|
roles_with_admin_option.insert(other.roles_with_admin_option.begin(), other.roles_with_admin_option.end());
|
|
|
|
}
|
|
|
|
|
|
|
|
void GrantedRoles::makeIntersection(const GrantedRoles & other)
|
|
|
|
{
|
|
|
|
boost::range::remove_erase_if(roles, [&other](const UUID & id) { return other.roles.find(id) == other.roles.end(); });
|
|
|
|
|
|
|
|
boost::range::remove_erase_if(roles_with_admin_option, [&other](const UUID & id)
|
|
|
|
{
|
|
|
|
return other.roles_with_admin_option.find(id) == other.roles_with_admin_option.end();
|
|
|
|
});
|
|
|
|
}
|
2020-04-20 22:07:00 +00:00
|
|
|
}
|