#pragma once #include #include #include namespace DB { struct RolesOrUsersSet; /// Roles when they are granted to a role or user. /// Stores both the roles themselves and the roles with admin option. class GrantedRoles { public: void grant(const UUID & role_); void grant(const std::vector & roles_); void grantWithAdminOption(const UUID & role_); void grantWithAdminOption(const std::vector & roles_); void revoke(const UUID & role_); void revoke(const std::vector & roles_); void revokeAdminOption(const UUID & role_); void revokeAdminOption(const std::vector & roles_); bool isGranted(const UUID & role_) const; bool isGrantedWithAdminOption(const UUID & role_) const; const boost::container::flat_set & getGranted() const { return roles; } const boost::container::flat_set & getGrantedWithAdminOption() const { return roles_with_admin_option; } std::vector findGranted(const std::vector & ids) const; std::vector findGranted(const boost::container::flat_set & ids) const; std::vector findGranted(const RolesOrUsersSet & ids) const; std::vector findGrantedWithAdminOption(const std::vector & ids) const; std::vector findGrantedWithAdminOption(const boost::container::flat_set & ids) const; std::vector findGrantedWithAdminOption(const RolesOrUsersSet & ids) const; struct Element { std::vector ids; bool admin_option = false; bool empty() const { return ids.empty(); } }; using Elements = std::vector; /// Retrieves the information about grants. Elements getElements() const; void makeUnion(const GrantedRoles & other); void makeIntersection(const GrantedRoles & other); friend bool operator ==(const GrantedRoles & left, const GrantedRoles & right) { return (left.roles == right.roles) && (left.roles_with_admin_option == right.roles_with_admin_option); } friend bool operator !=(const GrantedRoles & left, const GrantedRoles & right) { return !(left == right); } private: boost::container::flat_set roles; boost::container::flat_set roles_with_admin_option; }; }