SQLBOX_ROLE_HIER_ALLOC(3) Library Functions Manual SQLBOX_ROLE_HIER_ALLOC(3)

sqlbox_role_hier_allocallocate hierarchical role generator

library “sqlbox”

#include <stdint.h>
#include <sqlbox.h>

struct sqlbox_role_hier *
sqlbox_role_hier_alloc(size_t rolesz);

Creates a generator for hierarchical roles. Accepts rolesz, the total number of roles including sinks and starts.

In a hierchical role system, roles inherit the permissions of their ancestors. "Permissions" includes SQL statements and database sources for opening/closing. Roles may transition into descendent roles, but not siblings or back to parents. Self-transition is a no-op. There are two special types of role: sinks and starts. Sinks may be transitioned into by all other roles, but not transitioned from. Starts transition to all other roles (except other starts), but may not be transitioned into.

By default, a role has no permissions and may not transition into any other role except itself.

Once allocated, callers usually use sqlbox_role_hier_child(3), sqlbox_role_hier_start(3), and sqlbox_role_hier_sink(3) to create the hierarchy and sqlbox_role_hier_gen(3) to generate.

Returns the allocated context or NULL if memory allocation failed. On success, the pointer must be freed with sqlbox_role_hier_free(3).

sqlbox_role_hier_child(3), sqlbox_role_hier_free(3), sqlbox_role_hier_gen(3), sqlbox_role_hier_sink(3), sqlbox_role_hier_start(3)

December 2, 2023 OpenBSD 7.4