All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Modules Pages
Data Structures | Macros | Enumerations | Functions
Admin Operations
Client Operations

Description

User administration operations.

+ Collaboration diagram for Admin Operations:

Data Structures

struct  as_privilege
 
struct  as_role
 
struct  as_user
 

Macros

#define AS_ROLE_SIZE   64
 

Enumerations

enum  as_privilege_code {
  AS_PRIVILEGE_USER_ADMIN = 0 , AS_PRIVILEGE_SYS_ADMIN = 1 , AS_PRIVILEGE_DATA_ADMIN = 2 , AS_PRIVILEGE_UDF_ADMIN = 3 ,
  AS_PRIVILEGE_SINDEX_ADMIN = 4 , AS_PRIVILEGE_READ = 10 , AS_PRIVILEGE_READ_WRITE = 11 , AS_PRIVILEGE_READ_WRITE_UDF = 12 ,
  AS_PRIVILEGE_WRITE = 13 , AS_PRIVILEGE_TRUNCATE = 14
}
 

Functions

AS_EXTERN as_status aerospike_change_password (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password)
 
AS_EXTERN as_status aerospike_create_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_create_role_quotas (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size, const char **whitelist, int whitelist_size, int read_quota, int write_quota)
 
AS_EXTERN as_status aerospike_create_role_whitelist (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size, const char **whitelist, int whitelist_size)
 
AS_EXTERN as_status aerospike_create_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_drop_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role)
 
AS_EXTERN as_status aerospike_drop_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name)
 
AS_EXTERN as_status aerospike_grant_privileges (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_grant_roles (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_query_role (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role_name, as_role **role)
 
AS_EXTERN as_status aerospike_query_roles (aerospike *as, as_error *err, const as_policy_admin *policy, as_role ***roles, int *roles_size)
 
AS_EXTERN as_status aerospike_query_user (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, as_user **user)
 
AS_EXTERN as_status aerospike_query_users (aerospike *as, as_error *err, const as_policy_admin *policy, as_user ***users, int *users_size)
 
AS_EXTERN as_status aerospike_revoke_privileges (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, as_privilege **privileges, int privileges_size)
 
AS_EXTERN as_status aerospike_revoke_roles (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char **roles, int roles_size)
 
AS_EXTERN as_status aerospike_set_password (aerospike *as, as_error *err, const as_policy_admin *policy, const char *user_name, const char *password)
 
AS_EXTERN as_status aerospike_set_quotas (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, int read_quota, int write_quota)
 
AS_EXTERN as_status aerospike_set_whitelist (aerospike *as, as_error *err, const as_policy_admin *policy, const char *role, const char **whitelist, int whitelist_size)
 
AS_EXTERN void as_role_destroy (as_role *role)
 
AS_EXTERN void as_roles_destroy (as_role **roles, int roles_size)
 
AS_EXTERN void as_user_destroy (as_user *user)
 
AS_EXTERN void as_users_destroy (as_user **users, int users_size)
 

Macro Definition Documentation

◆ AS_ROLE_SIZE

#define AS_ROLE_SIZE   64

Maximum size of role string including null byte.

Definition at line 42 of file as_admin.h.

Enumeration Type Documentation

◆ as_privilege_code

enum as_privilege_code

Permission codes define the type of permission granted for a user's role.

Enumerator
AS_PRIVILEGE_USER_ADMIN 

User can edit/remove other users. Global scope only.

AS_PRIVILEGE_SYS_ADMIN 

User can perform systems administration functions on a database that do not involve user administration. Examples include setting dynamic server configuration. Global scope only.

AS_PRIVILEGE_DATA_ADMIN 

User can perform UDF and SINDEX administration actions. Global scope only.

AS_PRIVILEGE_UDF_ADMIN 

User can perform user defined function(UDF) administration actions. Examples include create/drop UDF. Global scope only. Requires server version 6.0+

AS_PRIVILEGE_SINDEX_ADMIN 

User can perform secondary index administration actions. Examples include create/drop index. Global scope only. Requires server version 6.0+

AS_PRIVILEGE_READ 

User can read data only.

AS_PRIVILEGE_READ_WRITE 

User can read and write data.

AS_PRIVILEGE_READ_WRITE_UDF 

User can read and write data through user defined functions.

AS_PRIVILEGE_WRITE 

User can write data only.

AS_PRIVILEGE_TRUNCATE 

User can truncate data only. Requires server version 6.0+

Definition at line 52 of file as_admin.h.

Function Documentation

◆ aerospike_change_password()

AS_EXTERN as_status aerospike_change_password ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
const char * password )

Change user's password by user. Clear-text password will be hashed using bcrypt before sending to server.

◆ aerospike_create_role()

AS_EXTERN as_status aerospike_create_role ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
as_privilege ** privileges,
int privileges_size )

Create user defined role.

◆ aerospike_create_role_quotas()

AS_EXTERN as_status aerospike_create_role_quotas ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
as_privilege ** privileges,
int privileges_size,
const char ** whitelist,
int whitelist_size,
int read_quota,
int write_quota )

Create user defined role with optional privileges, whitelist and quotas. Whitelist IP addresses can contain wildcards (ie. 10.1.2.0/24). Quotas are maximum reads/writes per second limit, pass in zero for no limit. Quotas require server security configuration "enable-quotas" to be set to true.

◆ aerospike_create_role_whitelist()

AS_EXTERN as_status aerospike_create_role_whitelist ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
as_privilege ** privileges,
int privileges_size,
const char ** whitelist,
int whitelist_size )

Create user defined role with optional privileges and whitelist. Whitelist IP addresses can contain wildcards (ie. 10.1.2.0/24).

◆ aerospike_create_user()

AS_EXTERN as_status aerospike_create_user ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
const char * password,
const char ** roles,
int roles_size )

Create user with password and roles. Clear-text password will be hashed using bcrypt before sending to server.

◆ aerospike_drop_role()

AS_EXTERN as_status aerospike_drop_role ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role )

Delete user defined role.

◆ aerospike_drop_user()

AS_EXTERN as_status aerospike_drop_user ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name )

Remove user from cluster.

◆ aerospike_grant_privileges()

AS_EXTERN as_status aerospike_grant_privileges ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
as_privilege ** privileges,
int privileges_size )

Add specified privileges to user.

◆ aerospike_grant_roles()

AS_EXTERN as_status aerospike_grant_roles ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
const char ** roles,
int roles_size )

Add role to user's list of roles.

◆ aerospike_query_role()

AS_EXTERN as_status aerospike_query_role ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role_name,
as_role ** role )

Retrieve role definition for a given role name. When successful, as_role_destroy() must be called to free resources.

◆ aerospike_query_roles()

AS_EXTERN as_status aerospike_query_roles ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
as_role *** roles,
int * roles_size )

Retrieve all roles and their privileges. When successful, as_roles_destroy() must be called to free resources.

◆ aerospike_query_user()

AS_EXTERN as_status aerospike_query_user ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
as_user ** user )

Retrieve roles for a given user. When successful, as_user_destroy() must be called to free resources.

◆ aerospike_query_users()

AS_EXTERN as_status aerospike_query_users ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
as_user *** users,
int * users_size )

Retrieve all users and their roles. When successful, as_users_destroy() must be called to free resources.

◆ aerospike_revoke_privileges()

AS_EXTERN as_status aerospike_revoke_privileges ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
as_privilege ** privileges,
int privileges_size )

Remove specified privileges from user.

◆ aerospike_revoke_roles()

AS_EXTERN as_status aerospike_revoke_roles ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
const char ** roles,
int roles_size )

Remove role from user's list of roles.

◆ aerospike_set_password()

AS_EXTERN as_status aerospike_set_password ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * user_name,
const char * password )

Set user's password by user administrator. Clear-text password will be hashed using bcrypt before sending to server.

◆ aerospike_set_quotas()

AS_EXTERN as_status aerospike_set_quotas ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
int read_quota,
int write_quota )

Set maximum reads/writes per second limits for a role. If a quota is zero, the limit is removed.

◆ aerospike_set_whitelist()

AS_EXTERN as_status aerospike_set_whitelist ( aerospike * as,
as_error * err,
const as_policy_admin * policy,
const char * role,
const char ** whitelist,
int whitelist_size )

Set IP address whitelist for a role. If whitelist is NULL or empty, remove existing whitelist from role. IP addresses can contain wildcards (ie. 10.1.2.0/24).

◆ as_role_destroy()

AS_EXTERN void as_role_destroy ( as_role * role)

Release as_role memory.

◆ as_roles_destroy()

AS_EXTERN void as_roles_destroy ( as_role ** roles,
int roles_size )

Release memory for as_role array.

◆ as_user_destroy()

AS_EXTERN void as_user_destroy ( as_user * user)

Release as_user_roles memory.

◆ as_users_destroy()

AS_EXTERN void as_users_destroy ( as_user ** users,
int users_size )

Release memory for as_user_roles array.