forked from pingcap/tidb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathauth.go
90 lines (79 loc) · 2.35 KB
/
auth.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
// Copyright 2015 PingCAP, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// See the License for the specific language governing permissions and
// limitations under the License.
package auth
import (
"fmt"
"github.com/pingcap/tidb/parser/format"
)
const (
UserNameMaxLength = 32
HostNameMaxLength = 255
)
// UserIdentity represents username and hostname.
type UserIdentity struct {
Username string
Hostname string
CurrentUser bool
AuthUsername string // Username matched in privileges system
AuthHostname string // Match in privs system (i.e. could be a wildcard)
}
// Restore implements Node interface.
func (user *UserIdentity) Restore(ctx *format.RestoreCtx) error {
if user.CurrentUser {
ctx.WriteKeyWord("CURRENT_USER")
} else {
ctx.WriteName(user.Username)
ctx.WritePlain("@")
ctx.WriteName(user.Hostname)
}
return nil
}
// String converts UserIdentity to the format user@host.
// It defaults to providing the AuthIdentity (the matching entry in priv tables)
// To use the actual identity use LoginString()
func (user *UserIdentity) String() string {
// TODO: Escape username and hostname.
if user == nil {
return ""
}
if user.AuthUsername != "" {
return fmt.Sprintf("%s@%s", user.AuthUsername, user.AuthHostname)
}
return fmt.Sprintf("%s@%s", user.Username, user.Hostname)
}
// LoginString returns matched identity in user@host format
// It matches the login user.
func (user *UserIdentity) LoginString() string {
// TODO: Escape username and hostname.
if user == nil {
return ""
}
return fmt.Sprintf("%s@%s", user.Username, user.Hostname)
}
type RoleIdentity struct {
Username string
Hostname string
}
func (role *RoleIdentity) Restore(ctx *format.RestoreCtx) error {
ctx.WriteName(role.Username)
if role.Hostname != "" {
ctx.WritePlain("@")
ctx.WriteName(role.Hostname)
}
return nil
}
// String converts UserIdentity to the format user@host.
func (role *RoleIdentity) String() string {
// TODO: Escape username and hostname.
return fmt.Sprintf("`%s`@`%s`", role.Username, role.Hostname)
}