Skip to main content

reinhardt_query/dcl/
user_options.rs

1//! MySQL user/role option specifications
2//!
3//! This module provides type-safe representations of MySQL user and role options
4//! used in CREATE ROLE, ALTER ROLE, CREATE USER, and ALTER USER statements.
5//!
6//! # Examples
7//!
8//! ```
9//! use reinhardt_query::dcl::UserOption;
10//!
11//! // Set user password
12//! let pass_opt = UserOption::Password("secret".to_string());
13//!
14//! // Lock user account
15//! let lock_opt = UserOption::AccountLock;
16//!
17//! // Set password expiration
18//! let expire_opt = UserOption::PasswordExpireInterval(90);
19//! ```
20
21/// MySQL user/role option specifications
22///
23/// These options control authentication, account locking, password policies,
24/// and metadata for MySQL users and roles.
25///
26/// # Authentication Options
27///
28/// - `` `Password` `` - Set user password (IDENTIFIED BY)
29/// - `` `AuthPlugin` `` - Use authentication plugin (IDENTIFIED WITH)
30///
31/// # Account Locking Options
32///
33/// - `` `AccountLock` `` - Lock the account (prevent login)
34/// - `` `AccountUnlock` `` - Unlock the account
35///
36/// # Password Expiration Options
37///
38/// - `` `PasswordExpire` `` - Expire password immediately
39/// - `` `PasswordExpireDefault` `` - Use default expiration policy
40/// - `` `PasswordExpireNever` `` - Password never expires
41/// - `` `PasswordExpireInterval` `` - Expire after N days
42///
43/// # Password History Options
44///
45/// - `` `PasswordHistory` `` - Prevent reuse of last N passwords
46/// - `` `PasswordHistoryDefault` `` - Use default history policy
47///
48/// # Password Reuse Options
49///
50/// - `` `PasswordReuseInterval` `` - Allow reuse after N days
51/// - `` `PasswordReuseIntervalDefault` `` - Use default reuse policy
52///
53/// # Password Requirement Options
54///
55/// - `` `PasswordRequireCurrent` `` - Require current password to change
56/// - `` `PasswordRequireCurrentOptional` `` - Current password optional
57/// - `` `PasswordRequireCurrentDefault` `` - Use default requirement policy
58///
59/// # Failed Login Handling Options
60///
61/// - `` `FailedLoginAttempts` `` - Lock after N failed attempts
62/// - `` `PasswordLockTime` `` - Lock for N days after failed attempts
63/// - `` `PasswordLockTimeUnbounded` `` - Lock indefinitely
64///
65/// # Metadata Options
66///
67/// - `` `Comment` `` - User comment/description
68/// - `` `Attribute` `` - User attribute (JSON format)
69#[derive(Debug, Clone, PartialEq)]
70pub enum UserOption {
71	/// IDENTIFIED BY - set user password
72	Password(String),
73
74	/// IDENTIFIED WITH - use authentication plugin
75	AuthPlugin {
76		/// Plugin name
77		plugin: String,
78		/// BY clause (authentication string)
79		by: Option<String>,
80		/// AS clause (hashed authentication string)
81		as_: Option<String>,
82	},
83
84	/// ACCOUNT LOCK - prevent user from logging in
85	AccountLock,
86	/// ACCOUNT UNLOCK - allow user to log in
87	AccountUnlock,
88
89	/// PASSWORD EXPIRE - expire password immediately
90	PasswordExpire,
91	/// PASSWORD EXPIRE DEFAULT - use default expiration policy
92	PasswordExpireDefault,
93	/// PASSWORD EXPIRE NEVER - password never expires
94	PasswordExpireNever,
95	/// PASSWORD EXPIRE INTERVAL N DAY - expire after N days
96	PasswordExpireInterval(u32),
97
98	/// PASSWORD HISTORY N - prevent reuse of last N passwords
99	PasswordHistory(u32),
100	/// PASSWORD HISTORY DEFAULT - use default history policy
101	PasswordHistoryDefault,
102
103	/// PASSWORD REUSE INTERVAL N DAY - allow password reuse after N days
104	PasswordReuseInterval(u32),
105	/// PASSWORD REUSE INTERVAL DEFAULT - use default reuse policy
106	PasswordReuseIntervalDefault,
107
108	/// PASSWORD REQUIRE CURRENT - require current password to change password
109	PasswordRequireCurrent,
110	/// PASSWORD REQUIRE CURRENT OPTIONAL - current password optional
111	PasswordRequireCurrentOptional,
112	/// PASSWORD REQUIRE CURRENT DEFAULT - use default requirement policy
113	PasswordRequireCurrentDefault,
114
115	/// FAILED_LOGIN_ATTEMPTS N - lock account after N failed login attempts
116	FailedLoginAttempts(u32),
117	/// PASSWORD_LOCK_TIME N - lock account for N days after failed attempts
118	PasswordLockTime(u32),
119	/// PASSWORD_LOCK_TIME UNBOUNDED - lock account indefinitely
120	PasswordLockTimeUnbounded,
121
122	/// COMMENT - user comment/description
123	Comment(String),
124	/// ATTRIBUTE - user attribute in JSON format
125	Attribute(String),
126}