All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Groups Pages
Data Structures | Macros | Enumerations | Functions
Admin Operations

Description

User administration operations.

+ Collaboration diagram for Admin Operations:

Data Structures

struct  as_privilege
 
struct  as_role
 
struct  as_user
 

Macros

#define AS_ROLE_SIZE   64
 

Enumerations

enum  as_privilege_code {
  AS_PRIVILEGE_USER_ADMIN = 0, AS_PRIVILEGE_SYS_ADMIN = 1, AS_PRIVILEGE_DATA_ADMIN = 2, AS_PRIVILEGE_UDF_ADMIN = 3,
  AS_PRIVILEGE_SINDEX_ADMIN = 4, AS_PRIVILEGE_READ = 10, AS_PRIVILEGE_READ_WRITE = 11, AS_PRIVILEGE_READ_WRITE_UDF = 12,
  AS_PRIVILEGE_WRITE = 13, AS_PRIVILEGE_TRUNCATE = 14
}
 

Functions

AS_EXTERN as_status aerospike_change_password (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password)
 
AS_EXTERN as_status aerospike_create_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_create_role_quotas (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size, const char **whitelist, int whitelist_size, int read_quota, int write_quota)
 
AS_EXTERN as_status aerospike_create_role_whitelist (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size, const char **whitelist, int whitelist_size)
 
AS_EXTERN as_status aerospike_create_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_drop_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role)
 
AS_EXTERN as_status aerospike_drop_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name)
 
AS_EXTERN as_status aerospike_grant_privileges (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_grant_roles (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_query_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role_name, as_role **role)
 
AS_EXTERN as_status aerospike_query_roles (aerospike *as, as_error *err, const as_policy_admin *policy, as_role ***roles, int *roles_size)
 
AS_EXTERN as_status aerospike_query_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, as_user **user)
 
AS_EXTERN as_status aerospike_query_users (aerospike *as, as_error *err, const as_policy_admin *policy, as_user ***users, int *users_size)
 
AS_EXTERN as_status aerospike_revoke_privileges (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_revoke_roles (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_set_password (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password)
 
AS_EXTERN as_status aerospike_set_quotas (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, int read_quota, int write_quota)
 
AS_EXTERN as_status aerospike_set_whitelist (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, const char **whitelist, int whitelist_size)
 
AS_EXTERN void as_role_destroy (as_role *role)
 
AS_EXTERN void as_roles_destroy (as_role **roles, int roles_size)
 
AS_EXTERN void as_user_destroy (as_user *user)
 
AS_EXTERN void as_users_destroy (as_user **users, int users_size)
 

Macro Definition Documentation

#define AS_ROLE_SIZE   64

Maximum size of role string including null byte.

Definition at line 42 of file as_admin.h.

Enumeration Type Documentation

Permission codes define the type of permission granted for a user's role.

Enumerator
AS_PRIVILEGE_USER_ADMIN 

User can edit/remove other users. Global scope only.

AS_PRIVILEGE_SYS_ADMIN 

User can perform systems administration functions on a database that do not involve user administration. Examples include setting dynamic server configuration. Global scope only.

AS_PRIVILEGE_DATA_ADMIN 

User can perform UDF and SINDEX administration actions. Global scope only.

AS_PRIVILEGE_UDF_ADMIN 

User can perform user defined function(UDF) administration actions. Examples include create/drop UDF. Global scope only. Requires server version 6.0+

AS_PRIVILEGE_SINDEX_ADMIN 

User can perform secondary index administration actions. Examples include create/drop index. Global scope only. Requires server version 6.0+

AS_PRIVILEGE_READ 

User can read data only.

AS_PRIVILEGE_READ_WRITE 

User can read and write data.

AS_PRIVILEGE_READ_WRITE_UDF 

User can read and write data through user defined functions.

AS_PRIVILEGE_WRITE 

User can write data only.

AS_PRIVILEGE_TRUNCATE 

User can truncate data only. Requires server version 6.0+

Definition at line 52 of file as_admin.h.

Function Documentation

AS_EXTERN as_status aerospike_change_password ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
const char *  password 
)

Change user's password by user. Clear-text password will be hashed using bcrypt before sending to server.

AS_EXTERN as_status aerospike_create_role ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
as_privilege **  privileges,
int  privileges_size 
)

Create user defined role.

AS_EXTERN as_status aerospike_create_role_quotas ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
as_privilege **  privileges,
int  privileges_size,
const char **  whitelist,
int  whitelist_size,
int  read_quota,
int  write_quota 
)

Create user defined role with optional privileges, whitelist and quotas. Whitelist IP addresses can contain wildcards (ie. 10.1.2.0/24). Quotas are maximum reads/writes per second limit, pass in zero for no limit. Quotas require server security configuration "enable-quotas" to be set to true.

AS_EXTERN as_status aerospike_create_role_whitelist ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
as_privilege **  privileges,
int  privileges_size,
const char **  whitelist,
int  whitelist_size 
)

Create user defined role with optional privileges and whitelist. Whitelist IP addresses can contain wildcards (ie. 10.1.2.0/24).

AS_EXTERN as_status aerospike_create_user ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
const char *  password,
const char **  roles,
int  roles_size 
)

Create user with password and roles. Clear-text password will be hashed using bcrypt before sending to server.

AS_EXTERN as_status aerospike_drop_role ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role 
)

Delete user defined role.

AS_EXTERN as_status aerospike_drop_user ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name 
)

Remove user from cluster.

AS_EXTERN as_status aerospike_grant_privileges ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
as_privilege **  privileges,
int  privileges_size 
)

Add specified privileges to user.

AS_EXTERN as_status aerospike_grant_roles ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
const char **  roles,
int  roles_size 
)

Add role to user's list of roles.

AS_EXTERN as_status aerospike_query_role ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role_name,
as_role **  role 
)

Retrieve role definition for a given role name. When successful, as_role_destroy() must be called to free resources.

AS_EXTERN as_status aerospike_query_roles ( aerospike as,
as_error err,
const as_policy_admin policy,
as_role ***  roles,
int *  roles_size 
)

Retrieve all roles and their privileges. When successful, as_roles_destroy() must be called to free resources.

AS_EXTERN as_status aerospike_query_user ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
as_user **  user 
)

Retrieve roles for a given user. When successful, as_user_destroy() must be called to free resources.

AS_EXTERN as_status aerospike_query_users ( aerospike as,
as_error err,
const as_policy_admin policy,
as_user ***  users,
int *  users_size 
)

Retrieve all users and their roles. When successful, as_users_destroy() must be called to free resources.

AS_EXTERN as_status aerospike_revoke_privileges ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
as_privilege **  privileges,
int  privileges_size 
)

Remove specified privileges from user.

AS_EXTERN as_status aerospike_revoke_roles ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
const char **  roles,
int  roles_size 
)

Remove role from user's list of roles.

AS_EXTERN as_status aerospike_set_password ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  user_name,
const char *  password 
)

Set user's password by user administrator. Clear-text password will be hashed using bcrypt before sending to server.

AS_EXTERN as_status aerospike_set_quotas ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
int  read_quota,
int  write_quota 
)

Set maximum reads/writes per second limits for a role. If a quota is zero, the limit is removed.

AS_EXTERN as_status aerospike_set_whitelist ( aerospike as,
as_error err,
const as_policy_admin policy,
const char *  role,
const char **  whitelist,
int  whitelist_size 
)

Set IP address whitelist for a role. If whitelist is NULL or empty, remove existing whitelist from role. IP addresses can contain wildcards (ie. 10.1.2.0/24).

AS_EXTERN void as_role_destroy ( as_role role)

Release as_role memory.

AS_EXTERN void as_roles_destroy ( as_role **  roles,
int  roles_size 
)

Release memory for as_role array.

AS_EXTERN void as_user_destroy ( as_user user)

Release as_user_roles memory.

AS_EXTERN void as_users_destroy ( as_user **  users,
int  users_size 
)

Release memory for as_user_roles array.