OmniSciDB  fe05a0c208
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
SysCatalog.h
Go to the documentation of this file.
1 /*
2  * Copyright 2019 OmniSci, Inc.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
29 #ifndef SYS_CATALOG_H
30 #define SYS_CATALOG_H
31 
32 #include <atomic>
33 #include <cstdint>
34 #include <ctime>
35 #include <limits>
36 #include <list>
37 #include <map>
38 #include <mutex>
39 #include <string>
40 #include <unordered_map>
41 #include <utility>
42 #include <vector>
43 
44 #include "tbb/concurrent_hash_map.h"
45 
46 #include "Grantee.h"
47 #include "ObjectRoleDescriptor.h"
48 #include "PkiServer.h"
49 
50 #include "../DataMgr/DataMgr.h"
51 #include "../SqliteConnector/SqliteConnector.h"
52 #include "LeafHostInfo.h"
53 
54 #include "../Calcite/Calcite.h"
55 #include "Shared/Restriction.h"
56 #include "Shared/mapd_shared_mutex.h"
57 
58 const std::string OMNISCI_SYSTEM_CATALOG = "omnisci_system_catalog";
59 const std::string OMNISCI_DEFAULT_DB = "omnisci";
60 const std::string OMNISCI_ROOT_USER = "admin";
61 const int OMNISCI_ROOT_USER_ID = 0;
62 const std::string OMNISCI_ROOT_USER_ID_STR = "0";
63 const std::string OMNISCI_ROOT_PASSWD_DEFAULT = "HyperInteractive";
64 
65 class Calcite;
66 
67 extern std::string g_base_path;
68 
69 namespace Catalog_Namespace {
70 
71 /*
72  * @type UserMetadata
73  * @brief metadata for a db user
74  */
75 struct UserMetadata {
76  UserMetadata(int32_t u,
77  const std::string& n,
78  const std::string& p,
79  bool s,
80  int32_t d,
81  bool l)
82  : userId(u)
83  , userName(n)
84  , passwd_hash(p)
85  , isSuper(s)
86  , defaultDbId(d)
87  , can_login(l) {}
88  UserMetadata() {}
89  UserMetadata(UserMetadata const& user_meta)
90  : UserMetadata(user_meta.userId,
91  user_meta.userName,
92  user_meta.passwd_hash,
93  user_meta.isSuper.load(),
94  user_meta.defaultDbId,
95  user_meta.can_login) {}
96  int32_t userId;
97  std::string userName;
98  std::string passwd_hash;
99  std::atomic<bool> isSuper{false};
100  int32_t defaultDbId;
101  bool can_login{true};
102  Restriction restriction;
103 
104  // Return a string that is safe to log for the username based on --log-user-id.
105  std::string userLoggable() const;
106 
107  void setRestriction(Restriction in_restriction) { restriction = in_restriction; }
108 };
109 
110 /*
111  * @type DBMetadata
112  * @brief metadata for a database
113  */
114 struct DBMetadata {
115  DBMetadata() : dbId(0), dbOwner(0) {}
116  int32_t dbId;
117  std::string dbName;
118  int32_t dbOwner;
119 };
120 
121 /*
122  * @type DBSummary
123  * @brief summary info for a database
124  */
125 struct DBSummary {
126  std::string dbName;
127  std::string dbOwnerName;
128 };
129 using DBSummaryList = std::list<DBSummary>;
130 
131 class CommonFileOperations {
132  public:
133  CommonFileOperations(std::string const& base_path) : base_path_(base_path) {}
134 
135  inline void removeCatalogByFullPath(std::string const& full_path);
136  inline void removeCatalogByName(std::string const& name);
137  inline auto duplicateAndRenameCatalog(std::string const& current_name,
138  std::string const& new_name);
139  inline auto assembleCatalogName(std::string const& name);
140 
141  private:
142  std::string const& base_path_;
143 };
144 
145 /*
146  * @type SysCatalog
147  * @brief class for the system-wide catalog, currently containing user and database
148  * metadata
149  */
150 class SysCatalog : private CommonFileOperations {
151  public:
152  void init(const std::string& basePath,
153  std::shared_ptr<Data_Namespace::DataMgr> dataMgr,
154  const AuthMetadata& authMetadata,
155  std::shared_ptr<Calcite> calcite,
156  bool is_new_db,
157  bool aggregator,
158  const std::vector<LeafHostInfo>& string_dict_hosts);
159 
165  std::shared_ptr<Catalog> login(std::string& db,
166  std::string& username,
167  const std::string& password,
168  UserMetadata& user_meta,
169  bool check_password = true);
170  std::shared_ptr<Catalog> switchDatabase(std::string& dbname,
171  const std::string& username);
172  void createUser(const std::string& name,
173  const std::string& passwd,
174  bool issuper,
175  const std::string& dbname,
176  bool can_login);
177  void dropUser(const std::string& name);
178  void alterUser(const int32_t userid,
179  const std::string* passwd,
180  bool* issuper,
181  const std::string* dbname,
182  bool* can_login);
183  void renameUser(std::string const& old_name, std::string const& new_name);
184  void createDatabase(const std::string& dbname, int owner);
185  void renameDatabase(std::string const& old_name, std::string const& new_name);
186  void dropDatabase(const DBMetadata& db);
187  bool getMetadataForUser(const std::string& name, UserMetadata& user);
188  bool getMetadataForUserById(const int32_t idIn, UserMetadata& user);
189  bool checkPasswordForUser(const std::string& passwd,
190  std::string& name,
191  UserMetadata& user);
192  bool getMetadataForDB(const std::string& name, DBMetadata& db);
193  Data_Namespace::DataMgr& getDataMgr() const { return *dataMgr_; }
194  Calcite& getCalciteMgr() const { return *calciteMgr_; }
195  const std::string& getCatalogBasePath() const { return basePath_; }
196  SqliteConnector* getSqliteConnector() { return sqliteConnector_.get(); }
197  std::list<DBMetadata> getAllDBMetadata();
198  std::list<UserMetadata> getAllUserMetadata();
202  std::list<UserMetadata> getAllUserMetadata(const int64_t dbId);
203  DBSummaryList getDatabaseListForUser(const UserMetadata& user);
204  void createDBObject(const UserMetadata& user,
205  const std::string& objectName,
206  DBObjectType type,
207  const Catalog_Namespace::Catalog& catalog,
208  int32_t objectId = -1);
218  void renameDBObject(const std::string& objectName,
219  const std::string& newName,
220  DBObjectType type,
221  int32_t objectId,
222  const Catalog_Namespace::Catalog& catalog);
223  void grantDBObjectPrivileges(const std::string& grantee,
224  const DBObject& object,
225  const Catalog_Namespace::Catalog& catalog);
226  void grantDBObjectPrivilegesBatch(const std::vector<std::string>& grantees,
227  const std::vector<DBObject>& objects,
228  const Catalog_Namespace::Catalog& catalog);
229  void revokeDBObjectPrivileges(const std::string& grantee,
230  const DBObject& object,
231  const Catalog_Namespace::Catalog& catalog);
232  void revokeDBObjectPrivilegesBatch(const std::vector<std::string>& grantees,
233  const std::vector<DBObject>& objects,
234  const Catalog_Namespace::Catalog& catalog);
235  void revokeDBObjectPrivilegesFromAll(DBObject object, Catalog* catalog);
236  void revokeDBObjectPrivilegesFromAll_unsafe(DBObject object, Catalog* catalog);
237  void revokeDBObjectPrivilegesFromAllBatch(std::vector<DBObject>& objects,
238  Catalog* catalog);
239  void revokeDBObjectPrivilegesFromAllBatch_unsafe(std::vector<DBObject>& objects,
240  Catalog* catalog);
241  void getDBObjectPrivileges(const std::string& granteeName,
242  DBObject& object,
243  const Catalog_Namespace::Catalog& catalog) const;
244  bool verifyDBObjectOwnership(const UserMetadata& user,
245  DBObject object,
246  const Catalog_Namespace::Catalog& catalog);
256  void changeDBObjectOwnership(const UserMetadata& new_owner,
257  const UserMetadata& previous_owner,
258  DBObject object,
259  const Catalog_Namespace::Catalog& catalog,
260  bool revoke_privileges = true);
261  void createRole(const std::string& roleName, const bool& userPrivateRole = false);
262  void dropRole(const std::string& roleName);
263  void grantRoleBatch(const std::vector<std::string>& roles,
264  const std::vector<std::string>& grantees);
265  void grantRole(const std::string& role, const std::string& grantee);
266  void revokeRoleBatch(const std::vector<std::string>& roles,
267  const std::vector<std::string>& grantees);
268  void revokeRole(const std::string& role, const std::string& grantee);
269  // check if the user has any permissions on all the given objects
270  bool hasAnyPrivileges(const UserMetadata& user, std::vector<DBObject>& privObjects);
271  // check if the user has the requested permissions on all the given objects
272  bool checkPrivileges(const UserMetadata& user,
273  const std::vector<DBObject>& privObjects) const;
274  bool checkPrivileges(const std::string& userName,
275  const std::vector<DBObject>& privObjects) const;
276  Grantee* getGrantee(const std::string& name) const;
277  Role* getRoleGrantee(const std::string& name) const;
278  User* getUserGrantee(const std::string& name) const;
279  std::vector<ObjectRoleDescriptor*> getMetadataForObject(int32_t dbId,
280  int32_t dbType,
281  int32_t objectId) const;
282  bool isRoleGrantedToGrantee(const std::string& granteeName,
283  const std::string& roleName,
284  bool only_direct) const;
285  std::vector<std::string> getRoles(bool userPrivateRole,
286  bool isSuper,
287  const std::string& userName);
288  std::vector<std::string> getRoles(const std::string& userName, const int32_t dbId);
289  void revokeDashboardSystemRole(const std::string roleName,
290  const std::vector<std::string> grantees);
291  bool isAggregator() const { return aggregator_; }
292  static SysCatalog& instance() {
293  if (!instance_) {
294  instance_.reset(new SysCatalog());
295  }
296  return *instance_;
297  }
298 
299  static void destroy() { instance_.reset(); }
300 
301  void populateRoleDbObjects(const std::vector<DBObject>& objects);
302  std::string name() const { return OMNISCI_DEFAULT_DB; }
303  void renameObjectsInDescriptorMap(DBObject& object,
304  const Catalog_Namespace::Catalog& cat);
305  void syncUserWithRemoteProvider(const std::string& user_name,
306  std::vector<std::string> idp_roles,
307  bool* issuper);
308  std::unordered_map<std::string, std::vector<std::string>> getGranteesOfSharedDashboards(
309  const std::vector<std::string>& dashboard_ids);
310  void check_for_session_encryption(const std::string& pki_cert, std::string& session);
311  std::vector<std::shared_ptr<Catalog>> getCatalogsForAllDbs();
312 
313  std::shared_ptr<Catalog> getDummyCatalog() { return dummyCatalog_; }
314 
315  std::shared_ptr<Catalog> getCatalog(const std::string& dbName);
316  std::shared_ptr<Catalog> getCatalog(const int32_t db_id);
317  std::shared_ptr<Catalog> getCatalog(const DBMetadata& curDB, bool is_new_db);
318 
319  void removeCatalog(const std::string& dbName);
320 
321  virtual ~SysCatalog();
322 
323  private:
324  using GranteeMap = std::map<std::string, Grantee*>;
325  using ObjectRoleDescriptorMap = std::multimap<std::string, ObjectRoleDescriptor*>;
326 
327  SysCatalog()
328  : CommonFileOperations(basePath_)
329  , aggregator_(false)
330  , sqliteMutex_()
331  , sharedMutex_()
332  , thread_holding_sqlite_lock(std::thread::id())
333  , thread_holding_write_lock(std::thread::id())
334  , dummyCatalog_(std::make_shared<Catalog>()) {}
335 
336  void initDB();
337  void buildRoleMap();
338  void buildUserRoleMap();
339  void buildObjectDescriptorMap();
340  void checkAndExecuteMigrations();
341  void importDataFromOldMapdDB();
342  void createUserRoles();
343  void addAdminUserRole();
344  void migratePrivileges();
345  void migratePrivileged_old();
346  void updateUserSchema();
347  void updatePasswordsToHashes();
348  void updateBlankPasswordsToRandom();
349  void updateSupportUserDeactivation();
350  void migrateDBAccessPrivileges();
351  void loginImpl(std::string& username,
352  const std::string& password,
353  UserMetadata& user_meta);
354  bool checkPasswordForUserImpl(const std::string& passwd,
355  std::string& name,
356  UserMetadata& user);
357 
358  // Here go functions not wrapped into transactions (necessary for nested calls)
359  void grantDefaultPrivilegesToRole_unsafe(const std::string& name, bool issuper);
360  void createRole_unsafe(const std::string& roleName, const bool userPrivateRole = false);
361  void dropRole_unsafe(const std::string& roleName);
362  void grantRoleBatch_unsafe(const std::vector<std::string>& roles,
363  const std::vector<std::string>& grantees);
364  void grantRole_unsafe(const std::string& roleName, const std::string& granteeName);
365  void revokeRoleBatch_unsafe(const std::vector<std::string>& roles,
366  const std::vector<std::string>& grantees);
367  void revokeRole_unsafe(const std::string& roleName, const std::string& granteeName);
368  void updateObjectDescriptorMap(const std::string& roleName,
369  DBObject& object,
370  bool roleType,
371  const Catalog_Namespace::Catalog& cat);
372  void deleteObjectDescriptorMap(const std::string& roleName);
373  void deleteObjectDescriptorMap(const std::string& roleName,
374  DBObject& object,
375  const Catalog_Namespace::Catalog& cat);
376  void grantDBObjectPrivilegesBatch_unsafe(const std::vector<std::string>& grantees,
377  const std::vector<DBObject>& objects,
378  const Catalog_Namespace::Catalog& catalog);
379  void grantDBObjectPrivileges_unsafe(const std::string& granteeName,
380  const DBObject object,
381  const Catalog_Namespace::Catalog& catalog);
382  void revokeDBObjectPrivilegesBatch_unsafe(const std::vector<std::string>& grantees,
383  const std::vector<DBObject>& objects,
384  const Catalog_Namespace::Catalog& catalog);
385  void revokeDBObjectPrivileges_unsafe(const std::string& granteeName,
386  DBObject object,
387  const Catalog_Namespace::Catalog& catalog);
388  void grantAllOnDatabase_unsafe(const std::string& roleName,
389  DBObject& object,
390  const Catalog_Namespace::Catalog& catalog);
391  void revokeAllOnDatabase_unsafe(const std::string& roleName,
392  int32_t dbId,
393  Grantee* grantee);
394  bool isDashboardSystemRole(const std::string& roleName);
395  void updateUserRoleName(const std::string& roleName, const std::string& newName);
396  void getMetadataWithDefaultDB(std::string& dbname,
397  const std::string& username,
398  Catalog_Namespace::DBMetadata& db_meta,
399  UserMetadata& user_meta);
400  bool getMetadataForDBById(const int32_t idIn, DBMetadata& db);
406  bool allowLocalLogin() const;
407 
408  template <typename F, typename... Args>
409  void execInTransaction(F&& f, Args&&... args);
410 
411  std::string basePath_;
412  GranteeMap granteeMap_;
413  ObjectRoleDescriptorMap objectDescriptorMap_;
414  std::unique_ptr<SqliteConnector> sqliteConnector_;
415 
416  std::shared_ptr<Data_Namespace::DataMgr> dataMgr_;
417  std::unique_ptr<PkiServer> pki_server_;
418  const AuthMetadata* authMetadata_;
419  std::shared_ptr<Calcite> calciteMgr_;
420  std::vector<LeafHostInfo> string_dict_hosts_;
421  bool aggregator_;
422  auto yieldTransactionStreamer();
423 
424  // contains a map of all the catalog within this system
425  // it is lazy loaded
426  // std::map<std::string, std::shared_ptr<Catalog>> cat_map_;
427  using dbid_to_cat_map = tbb::concurrent_hash_map<std::string, std::shared_ptr<Catalog>>;
428  dbid_to_cat_map cat_map_;
429 
430  static std::unique_ptr<SysCatalog> instance_;
431 
432  public:
433  mutable std::mutex sqliteMutex_;
434  mutable mapd_shared_mutex sharedMutex_;
435  mutable std::atomic<std::thread::id> thread_holding_sqlite_lock;
436  mutable std::atomic<std::thread::id> thread_holding_write_lock;
437  static thread_local bool thread_holds_read_lock;
438  // used by catalog when initially creating a catalog instance
439  std::shared_ptr<Catalog> dummyCatalog_;
440 };
441 
442 } // namespace Catalog_Namespace
443 
444 #endif // SYS_CATALOG_H
ObjectRoleDescriptor.h
Catalog_Namespace::SysCatalog::revokeAllOnDatabase_unsafe
void revokeAllOnDatabase_unsafe(const std::string &roleName, int32_t dbId, Grantee *grantee)
Definition: SysCatalog.cpp:1689
Catalog_Namespace::SysCatalog::migrateDBAccessPrivileges
void migrateDBAccessPrivileges()
Definition: SysCatalog.cpp:684
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesBatch_unsafe
void revokeDBObjectPrivilegesBatch_unsafe(const std::vector< std::string > &grantees, const std::vector< DBObject > &objects, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1631
Catalog_Namespace::SysCatalog::createUserRoles
void createUserRoles()
Definition: SysCatalog.cpp:334
Catalog_Namespace::SysCatalog::isDashboardSystemRole
bool isDashboardSystemRole(const std::string &roleName)
Definition: SysCatalog.cpp:2119
Catalog_Namespace::SysCatalog::dropUser
void dropUser(const std::string &name)
Definition: SysCatalog.cpp:896
cat
std::string cat(Ts &&...args)
Definition: StringTransform.h:40
Catalog_Namespace::UserMetadata::defaultDbId
int32_t defaultDbId
Definition: SysCatalog.h:100
Catalog_Namespace::DBSummary
Definition: SysCatalog.h:125
Catalog_Namespace::CommonFileOperations::duplicateAndRenameCatalog
auto duplicateAndRenameCatalog(std::string const &current_name, std::string const &new_name)
Definition: SysCatalog.cpp:141
run_benchmark_import.args
tuple args
Definition: run_benchmark_import.py:247
Catalog_Namespace::SysCatalog::getSqliteConnector
SqliteConnector * getSqliteConnector()
Definition: SysCatalog.h:196
Catalog_Namespace::Catalog
class for a per-database catalog. also includes metadata for the current database and the current use...
Definition: Catalog.h:102
Catalog_Namespace::SysCatalog::createRole_unsafe
void createRole_unsafe(const std::string &roleName, const bool userPrivateRole=false)
Definition: SysCatalog.cpp:1806
Catalog_Namespace::SysCatalog::changeDBObjectOwnership
void changeDBObjectOwnership(const UserMetadata &new_owner, const UserMetadata &previous_owner, DBObject object, const Catalog_Namespace::Catalog &catalog, bool revoke_privileges=true)
Definition: SysCatalog.cpp:1740
Grantee.h
test_fsi.d
tuple d
Definition: test_fsi.py:9
DBObjectType
DBObjectType
Definition: DBObject.h:42
Catalog_Namespace::SysCatalog::revokeDashboardSystemRole
void revokeDashboardSystemRole(const std::string roleName, const std::vector< std::string > grantees)
Definition: SysCatalog.cpp:2164
Catalog_Namespace::SysCatalog::GranteeMap
std::map< std::string, Grantee * > GranteeMap
Definition: SysCatalog.h:324
Catalog_Namespace::SysCatalog::basePath_
std::string basePath_
Definition: SysCatalog.h:411
Catalog_Namespace::CommonFileOperations::base_path_
std::string const & base_path_
Definition: SysCatalog.h:142
Catalog_Namespace::SysCatalog::dropRole
void dropRole(const std::string &roleName)
Definition: SysCatalog.cpp:2338
Catalog_Namespace::SysCatalog::checkPasswordForUser
bool checkPasswordForUser(const std::string &passwd, std::string &name, UserMetadata &user)
Definition: SysCatalog.cpp:1264
Catalog_Namespace::SysCatalog::revokeDBObjectPrivileges_unsafe
void revokeDBObjectPrivileges_unsafe(const std::string &granteeName, DBObject object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1651
Catalog_Namespace::DBSummary::dbName
std::string dbName
Definition: SysCatalog.h:126
Catalog_Namespace::SysCatalog::migratePrivileges
void migratePrivileges()
Definition: SysCatalog.cpp:424
Catalog_Namespace::UserMetadata::UserMetadata
UserMetadata(UserMetadata const &user_meta)
Definition: SysCatalog.h:89
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesFromAll
void revokeDBObjectPrivilegesFromAll(DBObject object, Catalog *catalog)
Definition: SysCatalog.cpp:2389
Catalog_Namespace::SysCatalog::getMetadataForUser
bool getMetadataForUser(const std::string &name, UserMetadata &user)
Definition: SysCatalog.cpp:1312
Catalog_Namespace::SysCatalog::revokeDBObjectPrivileges
void revokeDBObjectPrivileges(const std::string &grantee, const DBObject &object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:2374
Catalog_Namespace::SysCatalog::removeCatalog
void removeCatalog(const std::string &dbName)
Definition: SysCatalog.cpp:2545
setup.name
string name
Definition: setup.in.py:72
Catalog_Namespace::SysCatalog::name
std::string name() const
Definition: SysCatalog.h:302
Catalog_Namespace::DBMetadata
Definition: SysCatalog.h:114
Catalog_Namespace::SysCatalog::instance_
static std::unique_ptr< SysCatalog > instance_
Definition: SysCatalog.h:430
Catalog_Namespace::SysCatalog::thread_holding_sqlite_lock
std::atomic< std::thread::id > thread_holding_sqlite_lock
Definition: SysCatalog.h:435
Catalog_Namespace::SysCatalog::getDummyCatalog
std::shared_ptr< Catalog > getDummyCatalog()
Definition: SysCatalog.h:313
mapd_shared_mutex.h
Catalog_Namespace::SysCatalog::objectDescriptorMap_
ObjectRoleDescriptorMap objectDescriptorMap_
Definition: SysCatalog.h:413
OMNISCI_SYSTEM_CATALOG
const std::string OMNISCI_SYSTEM_CATALOG
Definition: SysCatalog.h:58
User
Definition: Grantee.h:70
Catalog_Namespace::SysCatalog::updatePasswordsToHashes
void updatePasswordsToHashes()
Definition: SysCatalog.cpp:558
Catalog_Namespace::SysCatalog::getGrantee
Grantee * getGrantee(const std::string &name) const
Definition: SysCatalog.cpp:2066
Catalog_Namespace::SysCatalog::dropDatabase
void dropDatabase(const DBMetadata &db)
Definition: SysCatalog.cpp:1221
Catalog_Namespace::UserMetadata::userId
int32_t userId
Definition: SysCatalog.h:96
Catalog_Namespace::SysCatalog::loginImpl
void loginImpl(std::string &username, const std::string &password, UserMetadata &user_meta)
Definition: SysCatalog.cpp:805
Catalog_Namespace::SysCatalog::createUser
void createUser(const std::string &name, const std::string &passwd, bool issuper, const std::string &dbname, bool can_login)
Definition: SysCatalog.cpp:843
Catalog_Namespace::UserMetadata::UserMetadata
UserMetadata(int32_t u, const std::string &n, const std::string &p, bool s, int32_t d, bool l)
Definition: SysCatalog.h:76
Role
Definition: Grantee.h:76
Catalog_Namespace::SysCatalog::cat_map_
dbid_to_cat_map cat_map_
Definition: SysCatalog.h:428
Catalog_Namespace::SysCatalog::getMetadataForUserById
bool getMetadataForUserById(const int32_t idIn, UserMetadata &user)
Definition: SysCatalog.cpp:1322
Catalog_Namespace::SysCatalog::importDataFromOldMapdDB
void importDataFromOldMapdDB()
Definition: SysCatalog.cpp:285
Catalog_Namespace::SysCatalog::init
void init(const std::string &basePath, std::shared_ptr< Data_Namespace::DataMgr > dataMgr, const AuthMetadata &authMetadata, std::shared_ptr< Calcite > calcite, bool is_new_db, bool aggregator, const std::vector< LeafHostInfo > &string_dict_hosts)
Definition: SysCatalog.cpp:158
Catalog_Namespace::SysCatalog::createDBObject
void createDBObject(const UserMetadata &user, const std::string &objectName, DBObjectType type, const Catalog_Namespace::Catalog &catalog, int32_t objectId=-1)
Definition: SysCatalog.cpp:1482
Catalog_Namespace::SysCatalog::grantRole_unsafe
void grantRole_unsafe(const std::string &roleName, const std::string &granteeName)
Definition: SysCatalog.cpp:1863
Catalog_Namespace::SysCatalog::getDBObjectPrivileges
void getDBObjectPrivileges(const std::string &granteeName, DBObject &object, const Catalog_Namespace::Catalog &catalog) const
Definition: SysCatalog.cpp:1784
Catalog_Namespace::SysCatalog::grantDBObjectPrivileges_unsafe
void grantDBObjectPrivileges_unsafe(const std::string &granteeName, const DBObject object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1561
Catalog_Namespace::SysCatalog::alterUser
void alterUser(const int32_t userid, const std::string *passwd, bool *issuper, const std::string *dbname, bool *can_login)
Definition: SysCatalog.cpp:943
Catalog_Namespace::DBMetadata::dbId
int32_t dbId
Definition: SysCatalog.h:116
Catalog_Namespace::DBMetadata::DBMetadata
DBMetadata()
Definition: SysCatalog.h:115
Catalog_Namespace::SysCatalog::grantRoleBatch
void grantRoleBatch(const std::vector< std::string > &roles, const std::vector< std::string > &grantees)
Definition: SysCatalog.cpp:2342
Catalog_Namespace::SysCatalog::pki_server_
std::unique_ptr< PkiServer > pki_server_
Definition: SysCatalog.h:417
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesBatch
void revokeDBObjectPrivilegesBatch(const std::vector< std::string > &grantees, const std::vector< DBObject > &objects, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:2381
Catalog_Namespace::SysCatalog::authMetadata_
const AuthMetadata * authMetadata_
Definition: SysCatalog.h:418
Catalog_Namespace::SysCatalog::updateBlankPasswordsToRandom
void updateBlankPasswordsToRandom()
Definition: SysCatalog.cpp:610
Catalog_Namespace::DBSummary::dbOwnerName
std::string dbOwnerName
Definition: SysCatalog.h:127
Catalog_Namespace::SysCatalog::createRole
void createRole(const std::string &roleName, const bool &userPrivateRole=false)
Definition: SysCatalog.cpp:2334
Catalog_Namespace::SysCatalog::grantRoleBatch_unsafe
void grantRoleBatch_unsafe(const std::vector< std::string > &roles, const std::vector< std::string > &grantees)
Definition: SysCatalog.cpp:1853
Catalog_Namespace::SysCatalog::sqliteMutex_
std::mutex sqliteMutex_
Definition: SysCatalog.h:433
Catalog_Namespace::SysCatalog::getDataMgr
Data_Namespace::DataMgr & getDataMgr() const
Definition: SysCatalog.h:193
Catalog_Namespace::UserMetadata::UserMetadata
UserMetadata()
Definition: SysCatalog.h:88
Catalog_Namespace::SysCatalog::SysCatalog
SysCatalog()
Definition: SysCatalog.h:327
Catalog_Namespace::SysCatalog::checkPrivileges
bool checkPrivileges(const UserMetadata &user, const std::vector< DBObject > &privObjects) const
Definition: SysCatalog.cpp:2035
Catalog_Namespace::SysCatalog::renameDBObject
void renameDBObject(const std::string &objectName, const std::string &newName, DBObjectType type, int32_t objectId, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1526
Catalog_Namespace::SysCatalog::instance
static SysCatalog & instance()
Definition: SysCatalog.h:292
Catalog_Namespace::CommonFileOperations::assembleCatalogName
auto assembleCatalogName(std::string const &name)
Definition: SysCatalog.cpp:129
Catalog_Namespace::SysCatalog::getMetadataWithDefaultDB
void getMetadataWithDefaultDB(std::string &dbname, const std::string &username, Catalog_Namespace::DBMetadata &db_meta, UserMetadata &user_meta)
Definition: SysCatalog.cpp:1392
Catalog_Namespace::SysCatalog::yieldTransactionStreamer
auto yieldTransactionStreamer()
Definition: SysCatalog.cpp:989
Catalog_Namespace::SysCatalog::grantAllOnDatabase_unsafe
void grantAllOnDatabase_unsafe(const std::string &roleName, DBObject &object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1599
g_base_path
std::string g_base_path
Definition: SysCatalog.cpp:62
Catalog_Namespace::SysCatalog::getCatalogBasePath
const std::string & getCatalogBasePath() const
Definition: SysCatalog.h:195
OMNISCI_DEFAULT_DB
const std::string OMNISCI_DEFAULT_DB
Definition: SysCatalog.h:59
Catalog_Namespace::SysCatalog::dbid_to_cat_map
tbb::concurrent_hash_map< std::string, std::shared_ptr< Catalog >> dbid_to_cat_map
Definition: SysCatalog.h:427
Catalog_Namespace::UserMetadata::restriction
Restriction restriction
Definition: SysCatalog.h:102
mapd_shared_mutex
std::shared_timed_mutex mapd_shared_mutex
Definition: mapd_shared_mutex.h:28
Catalog_Namespace::SysCatalog::renameObjectsInDescriptorMap
void renameObjectsInDescriptorMap(DBObject &object, const Catalog_Namespace::Catalog &cat)
Definition: SysCatalog.cpp:1952
Catalog_Namespace::SysCatalog::checkPasswordForUserImpl
bool checkPasswordForUserImpl(const std::string &passwd, std::string &name, UserMetadata &user)
Definition: SysCatalog.cpp:1270
Catalog_Namespace::SysCatalog::login
std::shared_ptr< Catalog > login(std::string &db, std::string &username, const std::string &password, UserMetadata &user_meta, bool check_password=true)
Definition: SysCatalog.cpp:779
Catalog_Namespace::SysCatalog::revokeRoleBatch_unsafe
void revokeRoleBatch_unsafe(const std::vector< std::string > &roles, const std::vector< std::string > &grantees)
Definition: SysCatalog.cpp:1885
Catalog_Namespace::SysCatalog::revokeRoleBatch
void revokeRoleBatch(const std::vector< std::string > &roles, const std::vector< std::string > &grantees)
Definition: SysCatalog.cpp:2351
Catalog_Namespace::SysCatalog::dataMgr_
std::shared_ptr< Data_Namespace::DataMgr > dataMgr_
Definition: SysCatalog.h:416
Catalog_Namespace::SysCatalog::getDatabaseListForUser
DBSummaryList getDatabaseListForUser(const UserMetadata &user)
Definition: SysCatalog.cpp:1458
Catalog_Namespace::SysCatalog::switchDatabase
std::shared_ptr< Catalog > switchDatabase(std::string &dbname, const std::string &username)
Definition: SysCatalog.cpp:813
Catalog_Namespace::SysCatalog::getRoleGrantee
Role * getRoleGrantee(const std::string &name) const
Definition: SysCatalog.cpp:2075
Catalog_Namespace::SysCatalog::sharedMutex_
mapd_shared_mutex sharedMutex_
Definition: SysCatalog.h:434
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesFromAllBatch_unsafe
void revokeDBObjectPrivilegesFromAllBatch_unsafe(std::vector< DBObject > &objects, Catalog *catalog)
Definition: SysCatalog.cpp:1642
Catalog_Namespace::SysCatalog::getUserGrantee
User * getUserGrantee(const std::string &name) const
Definition: SysCatalog.cpp:2079
Catalog_Namespace::SysCatalog::grantDBObjectPrivilegesBatch
void grantDBObjectPrivilegesBatch(const std::vector< std::string > &grantees, const std::vector< DBObject > &objects, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:2367
Catalog_Namespace::SysCatalog::grantDBObjectPrivileges
void grantDBObjectPrivileges(const std::string &grantee, const DBObject &object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:2360
Catalog_Namespace::SysCatalog::sqliteConnector_
std::unique_ptr< SqliteConnector > sqliteConnector_
Definition: SysCatalog.h:414
Catalog_Namespace::CommonFileOperations::CommonFileOperations
CommonFileOperations(std::string const &base_path)
Definition: SysCatalog.h:133
Catalog_Namespace::SysCatalog::destroy
static void destroy()
Definition: SysCatalog.h:299
Catalog_Namespace::SysCatalog::updateUserRoleName
void updateUserRoleName(const std::string &roleName, const std::string &newName)
Definition: SysCatalog.cpp:1012
Catalog_Namespace::SysCatalog::getAllUserMetadata
std::list< UserMetadata > getAllUserMetadata()
Definition: SysCatalog.cpp:1387
Catalog_Namespace::SysCatalog::grantDBObjectPrivilegesBatch_unsafe
void grantDBObjectPrivilegesBatch_unsafe(const std::vector< std::string > &grantees, const std::vector< DBObject > &objects, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1549
Catalog_Namespace::SysCatalog::execInTransaction
void execInTransaction(F &&f, Args &&...args)
Definition: SysCatalog.cpp:2321
Catalog_Namespace::DBMetadata::dbOwner
int32_t dbOwner
Definition: SysCatalog.h:118
Catalog_Namespace::SysCatalog
Definition: SysCatalog.h:150
Catalog_Namespace::SysCatalog::check_for_session_encryption
void check_for_session_encryption(const std::string &pki_cert, std::string &session)
Definition: SysCatalog.cpp:835
Catalog_Namespace::SysCatalog::syncUserWithRemoteProvider
void syncUserWithRemoteProvider(const std::string &user_name, std::vector< std::string > idp_roles, bool *issuper)
Definition: SysCatalog.cpp:2399
Catalog_Namespace::SysCatalog::renameUser
void renameUser(std::string const &old_name, std::string const &new_name)
Definition: SysCatalog.cpp:1024
Catalog_Namespace::SysCatalog::revokeRole_unsafe
void revokeRole_unsafe(const std::string &roleName, const std::string &granteeName)
Definition: SysCatalog.cpp:1895
Data_Namespace::DataMgr
Definition: DataMgr.h:160
Catalog_Namespace::SysCatalog::getCatalog
std::shared_ptr< Catalog > getCatalog(const std::string &dbName)
Definition: SysCatalog.cpp:2495
Catalog_Namespace::CommonFileOperations
Definition: SysCatalog.h:131
Catalog_Namespace::SysCatalog::migratePrivileged_old
void migratePrivileged_old()
Definition: SysCatalog.cpp:762
Catalog_Namespace::SysCatalog::isRoleGrantedToGrantee
bool isRoleGrantedToGrantee(const std::string &granteeName, const std::string &roleName, bool only_direct) const
Definition: SysCatalog.cpp:2097
Catalog_Namespace::UserMetadata::userName
std::string userName
Definition: SysCatalog.h:97
Catalog_Namespace::SysCatalog::hasAnyPrivileges
bool hasAnyPrivileges(const UserMetadata &user, std::vector< DBObject > &privObjects)
Definition: SysCatalog.cpp:2014
Catalog_Namespace::SysCatalog::deleteObjectDescriptorMap
void deleteObjectDescriptorMap(const std::string &roleName)
Definition: SysCatalog.cpp:1981
Catalog_Namespace::CommonFileOperations::removeCatalogByName
void removeCatalogByName(std::string const &name)
Definition: SysCatalog.cpp:137
OMNISCI_ROOT_USER
const std::string OMNISCI_ROOT_USER
Definition: SysCatalog.h:60
Catalog_Namespace::SysCatalog::updateSupportUserDeactivation
void updateSupportUserDeactivation()
Definition: SysCatalog.cpp:657
OMNISCI_ROOT_PASSWD_DEFAULT
const std::string OMNISCI_ROOT_PASSWD_DEFAULT
Definition: SysCatalog.h:63
Catalog_Namespace::SysCatalog::granteeMap_
GranteeMap granteeMap_
Definition: SysCatalog.h:412
Catalog_Namespace::SysCatalog::checkAndExecuteMigrations
void checkAndExecuteMigrations()
Definition: SysCatalog.cpp:249
Catalog_Namespace::SysCatalog::updateObjectDescriptorMap
void updateObjectDescriptorMap(const std::string &roleName, DBObject &object, bool roleType, const Catalog_Namespace::Catalog &cat)
Definition: SysCatalog.cpp:1916
Catalog_Namespace::UserMetadata
Definition: SysCatalog.h:75
Catalog_Namespace::UserMetadata::setRestriction
void setRestriction(Restriction in_restriction)
Definition: SysCatalog.h:107
Catalog_Namespace::SysCatalog::allowLocalLogin
bool allowLocalLogin() const
Catalog_Namespace::SysCatalog::~SysCatalog
virtual ~SysCatalog()
Definition: SysCatalog.cpp:194
Catalog_Namespace::SysCatalog::grantRole
void grantRole(const std::string &role, const std::string &grantee)
Definition: SysCatalog.cpp:2347
OMNISCI_ROOT_USER_ID
const int OMNISCI_ROOT_USER_ID
Definition: SysCatalog.h:61
Catalog_Namespace::SysCatalog::getAllDBMetadata
std::list< DBMetadata > getAllDBMetadata()
Definition: SysCatalog.cpp:1331
Catalog_Namespace::SysCatalog::renameDatabase
void renameDatabase(std::string const &old_name, std::string const &new_name)
Definition: SysCatalog.cpp:1060
Catalog_Namespace::SysCatalog::buildUserRoleMap
void buildUserRoleMap()
Definition: SysCatalog.cpp:2246
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesFromAll_unsafe
void revokeDBObjectPrivilegesFromAll_unsafe(DBObject object, Catalog *catalog)
Definition: SysCatalog.cpp:1707
Catalog_Namespace::SysCatalog::buildRoleMap
void buildRoleMap()
Definition: SysCatalog.cpp:2176
Catalog_Namespace::SysCatalog::updateUserSchema
void updateUserSchema()
Definition: SysCatalog.cpp:261
Catalog_Namespace::SysCatalog::verifyDBObjectOwnership
bool verifyDBObjectOwnership(const UserMetadata &user, DBObject object, const Catalog_Namespace::Catalog &catalog)
Definition: SysCatalog.cpp:1724
Catalog_Namespace::SysCatalog::addAdminUserRole
void addAdminUserRole()
Definition: SysCatalog.cpp:537
Catalog_Namespace::DBMetadata::dbName
std::string dbName
Definition: SysCatalog.h:117
OMNISCI_ROOT_USER_ID_STR
const std::string OMNISCI_ROOT_USER_ID_STR
Definition: SysCatalog.h:62
Catalog_Namespace::SysCatalog::string_dict_hosts_
std::vector< LeafHostInfo > string_dict_hosts_
Definition: SysCatalog.h:420
Restriction.h
false
bool g_enable_watchdog false
Definition: Execute.cpp:76
Catalog_Namespace::SysCatalog::getCatalogsForAllDbs
std::vector< std::shared_ptr< Catalog > > getCatalogsForAllDbs()
Definition: SysCatalog.cpp:923
Catalog_Namespace::SysCatalog::calciteMgr_
std::shared_ptr< Calcite > calciteMgr_
Definition: SysCatalog.h:419
LeafHostInfo.h
Catalog_Namespace::SysCatalog::getGranteesOfSharedDashboards
std::unordered_map< std::string, std::vector< std::string > > getGranteesOfSharedDashboards(const std::vector< std::string > &dashboard_ids)
Definition: SysCatalog.cpp:2464
f
char * f
Definition: Parser_wnd_pregen.cpp:2080
Catalog_Namespace::DBSummaryList
std::list< DBSummary > DBSummaryList
Definition: SysCatalog.h:129
Catalog_Namespace::SysCatalog::populateRoleDbObjects
void populateRoleDbObjects(const std::vector< DBObject > &objects)
Definition: SysCatalog.cpp:2223
Catalog_Namespace::SysCatalog::thread_holds_read_lock
static thread_local bool thread_holds_read_lock
Definition: SysCatalog.h:437
Catalog_Namespace::SysCatalog::grantDefaultPrivilegesToRole_unsafe
void grantDefaultPrivilegesToRole_unsafe(const std::string &name, bool issuper)
Catalog_Namespace::SysCatalog::revokeRole
void revokeRole(const std::string &role, const std::string &grantee)
Definition: SysCatalog.cpp:2356
Catalog_Namespace::SysCatalog::getCalciteMgr
Calcite & getCalciteMgr() const
Definition: SysCatalog.h:194
Catalog_Namespace::SysCatalog::ObjectRoleDescriptorMap
std::multimap< std::string, ObjectRoleDescriptor * > ObjectRoleDescriptorMap
Definition: SysCatalog.h:325
Catalog_Namespace::SysCatalog::isAggregator
bool isAggregator() const
Definition: SysCatalog.h:291
PkiServer.h
Catalog_Namespace::UserMetadata::userLoggable
std::string userLoggable() const
Definition: SysCatalog.cpp:125
Catalog_Namespace::SysCatalog::getMetadataForDBById
bool getMetadataForDBById(const int32_t idIn, DBMetadata &db)
Definition: SysCatalog.cpp:1443
Catalog_Namespace::SysCatalog::createDatabase
void createDatabase(const std::string &dbname, int owner)
Definition: SysCatalog.cpp:1104
Catalog_Namespace::SysCatalog::buildObjectDescriptorMap
void buildObjectDescriptorMap()
Definition: SysCatalog.cpp:2294
Catalog_Namespace::SysCatalog::dummyCatalog_
std::shared_ptr< Catalog > dummyCatalog_
Definition: SysCatalog.h:439
Catalog_Namespace::CommonFileOperations::removeCatalogByFullPath
void removeCatalogByFullPath(std::string const &full_path)
Definition: SysCatalog.cpp:133
Catalog_Namespace::SysCatalog::getMetadataForObject
std::vector< ObjectRoleDescriptor * > getMetadataForObject(int32_t dbId, int32_t dbType, int32_t objectId) const
Definition: SysCatalog.cpp:2084
Catalog_Namespace::UserMetadata::can_login
bool can_login
Definition: SysCatalog.h:101
Catalog_Namespace::UserMetadata::isSuper
std::atomic< bool > isSuper
Definition: SysCatalog.h:99
Catalog_Namespace::SysCatalog::getMetadataForDB
bool getMetadataForDB(const std::string &name, DBMetadata &db)
Definition: SysCatalog.cpp:1428
Catalog_Namespace::UserMetadata::passwd_hash
std::string passwd_hash
Definition: SysCatalog.h:98
Catalog_Namespace::SysCatalog::revokeDBObjectPrivilegesFromAllBatch
void revokeDBObjectPrivilegesFromAllBatch(std::vector< DBObject > &objects, Catalog *catalog)
Definition: SysCatalog.cpp:2393
Catalog_Namespace::SysCatalog::aggregator_
bool aggregator_
Definition: SysCatalog.h:421
Catalog_Namespace::SysCatalog::initDB
void initDB()
Definition: SysCatalog.cpp:210
Catalog_Namespace::SysCatalog::dropRole_unsafe
void dropRole_unsafe(const std::string &roleName)
Definition: SysCatalog.cpp:1836
run_benchmark_import.type
type
Definition: run_benchmark_import.py:89
Catalog_Namespace::SysCatalog::getRoles
std::vector< std::string > getRoles(bool userPrivateRole, bool isSuper, const std::string &userName)
Definition: SysCatalog.cpp:2144
Catalog_Namespace::SysCatalog::thread_holding_write_lock
std::atomic< std::thread::id > thread_holding_write_lock
Definition: SysCatalog.h:436