/*
* This file is part of rasdaman community.
*
* Rasdaman community is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Rasdaman community is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with rasdaman community. If not, see .
*
* Copyright 2003, 2004, 2005, 2006, 2007, 2008, 2009 Peter Baumann /
rasdaman GmbH.
*
* For more information please see
* or contact Peter Baumann via .
/
/**
* SOURCE: rasmgr_users.hh
*
* MODULE: rasmgr
* CLASS: User, UserManager, Authorization
*
* PURPOSE:
* User management
*
* COMMENTS:
* None
*
*/
#ifndef RASMGR_USERS_HH
#define RASMGR_USERS_HH
#include "rasmgr.hh"
#include "rasmgr_config.hh"
#include "rasmgr_dbm.hh"
enum AdminRight
{
admR_none = 0,
admR_config= 1, // C
admR_acctrl= 2, // A
admR_sysup = 4, // S - up-down
admR_info = 8, // I
admR_full =255
};
enum DatabRight // maybe we'll put them together one day
{
dbR_none = 0<<8,
dbR_read = 1<<8, // R
dbR_write = 2<<8 // W
};
struct UserDBRight
{
Database *ptrDatabase;
int databRight;
};
// For persistency
#define AUTHFILEID 26012001
#define AUTHFILEVERS 2;
struct AuthFileHeader
{
long fileID;
long fileVersion;
long headerLength;
long lastUserID;
char hostName[100];
long countUsers;
unsigned char messageDigest[35];
int globalInitAdmR;
int globalInitDbsR;
char _unused[100];
};
struct AuthUserRec
{
long userID;
char userName[100];
char passWord[50];
int adminRight;
int databRight;
long countRights;
char _unused[32];
};
struct AuthDbRRec
{
char dbName[100];
int right;
};
//++++++++++++++++++++++++++++++++++++++++++++++++
/**
* \ingroup Rasmgrs
*/
class User
{
public:
User();
void init(long userID, const char *name);
void changeName(const char *name);
void changePassword(const char *encrPass);
void changePTPassword(const char *plainTextPass);
const char* getName();
long getUserID();
bool isThisMe(const char *name,const char *encrPass);
void setAdminRights(int rights);
bool hasAdminRights(int rights);
int getAdminRights();
void setDefaultDBRights(int);
int getDefaultDBRights();
int getEffectiveDatabaseRights(const char *databName);
bool setDatabaseRights(const char *databName,int rights);
bool removeDatabaseRights(const char *databName);
bool isTrusteeOn(const char *databName);
void loadToRec(AuthUserRec&);
void loadFromRec(AuthUserRec&);
long countRights();
bool loadRightToRec(int,AuthDbRRec&);
bool loadRightFromRec(AuthDbRRec&);
bool isValid();
private:
long userID;
char userName[100];
char passWord[50];
int adminRight;
int databRight;
list dbRList;
bool valid;
};
/**
* \ingroup Rasmgrs
*/
class UserManager
{
public:
UserManager();
~UserManager();
void loadDefaults();
bool insertNewUser(const char *userName);
bool removeUser(const char *userName);
int countUsers();
User& operator[](int);
User& operator[](const char* userName);
User* acceptEntry(const char *name,const char *encrPass);
void removeDatabaseRights(const char *databName);
// for loading only
User& loadUser(AuthUserRec&);
long getLastUserID();
void setLastUserID(long);
bool reset();
bool acceptChangeName(const char *oldName,const char *newName);
private:
bool testUniqueness(const char* userName);
list userList;
User protElem;
long lastUserID;
};
extern UserManager userManager;
/**
* \ingroup Rasmgrs
*/
class Authorization
{
public:
Authorization();
bool acceptEntry(const char*message);
const char *getUserName();
bool hasFullAdmin();
//bool hasConfigAdmin();
const char* getSyncroString();
const char* getCapability(const char *serverName,const char *databaseName, bool readonly);
void startConfigFile();
void endConfigFile();
int readAuthFile();
bool saveOrigAuthFile();
bool saveAltAuthFile();
const char* getAltAuthFileName();
void setGlobalInitAdminRights(int rights);
void setGlobalInitDatabRights(int rights);
int getGlobalInitAdminRights();
int getGlobalInitDatabRights();
const char * convertGlobalInitAdminRights();
const char * convertGlobalInitDatabRights();
const char * convertAdminRights(int);
const char * convertDatabRights(int);
int convertAdminRights(const char *);
int convertDatabRights(const char *);
bool hasAdminRights(int);
bool isInConfigFile();
private:
int verifyAuthFile(std::ifstream&);
const char* getFormatedTime(long int);
bool saveAuthFile();
void initcrypt(int);
void crypt(void*,int);
void decrypt(void*,int);
User *curUser;
bool inConfigFile;
char authFileName[ FILENAME_MAX ];
char altAuthFileName[ FILENAME_MAX ];
int globalInitAdminRight;
int globalInitDatabRight;
};
extern Authorization authorization;
/**
* \ingroup Rasmgrs
*/
class RandomGenerator
{
public:
RandomGenerator();
bool setFileVersion(long); // false, if not supported encr. method
void init(unsigned int);
unsigned char operator()();
bool insideTest();
private:
static unsigned char randomTable[1000];
unsigned int seed;
int fileVersion;
};
extern RandomGenerator randomGenerator;
// return codes:
#define RC_OK 0
#define ERRAUTHFNOTF -1
#define ERRAUTHFCORR -2
#define ERRAUTHFWRHOST -3
#define ERRAUTHFVERS -4
#endif