1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
|
/*
* This file is part of rasdaman community.
*
* Rasdaman community is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Rasdaman community is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with rasdaman community. If not, see <http://www.gnu.org/licenses/>.
*
* Copyright 2003, 2004, 2005, 2006, 2007, 2008, 2009 Peter Baumann /
rasdaman GmbH.
*
* For more information please see <http://www.rasdaman.org>
* or contact Peter Baumann via <baumann@rasdaman.com>.
/
/**
* SOURCE: rasmgr_users.hh
*
* MODULE: rasmgr
* CLASS: User, UserManager, Authorization
*
* PURPOSE:
* User management
*
* COMMENTS:
* None
*
*/
#ifndef RASMGR_USERS_HH
#define RASMGR_USERS_HH
#include "rasmgr.hh"
#include "rasmgr_config.hh"
#include "rasmgr_dbm.hh"
enum AdminRight
{
admR_none = 0,
admR_config= 1, // C
admR_acctrl= 2, // A
admR_sysup = 4, // S - up-down
admR_info = 8, // I
admR_full =255
};
enum DatabRight // maybe we'll put them together one day
{
dbR_none = 0<<8,
dbR_read = 1<<8, // R
dbR_write = 2<<8 // W
};
struct UserDBRight
{
Database *ptrDatabase;
int databRight;
};
// For persistency
#define AUTHFILEID 26012001
#define AUTHFILEVERS 2;
struct AuthFileHeader
{
long fileID;
long fileVersion;
long headerLength;
long lastUserID;
char hostName[100];
long countUsers;
unsigned char messageDigest[35];
int globalInitAdmR;
int globalInitDbsR;
char _unused[100];
};
struct AuthUserRec
{
long userID;
char userName[100];
char passWord[50];
int adminRight;
int databRight;
long countRights;
char _unused[32];
};
struct AuthDbRRec
{
char dbName[100];
int right;
};
//++++++++++++++++++++++++++++++++++++++++++++++++
class User
{
public:
User();
void init(long userID, const char *name);
void changeName(const char *name);
void changePassword(const char *encrPass);
void changePTPassword(const char *plainTextPass);
const char* getName();
long getUserID();
bool isThisMe(const char *name,const char *encrPass);
void setAdminRights(int rights);
bool hasAdminRights(int rights);
int getAdminRights();
void setDefaultDBRights(int);
int getDefaultDBRights();
int getEffectiveDatabaseRights(const char *databName);
bool setDatabaseRights(const char *databName,int rights);
bool removeDatabaseRights(const char *databName);
bool isTrusteeOn(const char *databName);
void loadToRec(AuthUserRec&);
void loadFromRec(AuthUserRec&);
long countRights();
bool loadRightToRec(int,AuthDbRRec&);
bool loadRightFromRec(AuthDbRRec&);
bool isValid();
private:
long userID;
char userName[100];
char passWord[50];
int adminRight;
int databRight;
list<UserDBRight> dbRList;
bool valid;
};
class UserManager
{
public:
UserManager();
~UserManager();
void loadDefaults();
bool insertNewUser(const char *userName);
bool removeUser(const char *userName);
int countUsers();
User& operator[](int);
User& operator[](const char* userName);
User* acceptEntry(const char *name,const char *encrPass);
void removeDatabaseRights(const char *databName);
// for loading only
User& loadUser(AuthUserRec&);
long getLastUserID();
void setLastUserID(long);
bool reset();
bool acceptChangeName(const char *oldName,const char *newName);
private:
bool testUniqueness(const char* userName);
list<User> userList;
User protElem;
long lastUserID;
};
extern UserManager userManager;
class Authorization
{
public:
Authorization();
bool acceptEntry(const char*message);
const char *getUserName();
bool hasFullAdmin();
//bool hasConfigAdmin();
const char* getSyncroString();
const char* getCapability(const char *serverName,const char *databaseName, bool readonly);
void startConfigFile();
void endConfigFile();
int readAuthFile();
bool saveOrigAuthFile();
bool saveAltAuthFile();
const char* getAltAuthFileName();
void setGlobalInitAdminRights(int rights);
void setGlobalInitDatabRights(int rights);
int getGlobalInitAdminRights();
int getGlobalInitDatabRights();
const char * convertGlobalInitAdminRights();
const char * convertGlobalInitDatabRights();
const char * convertAdminRights(int);
const char * convertDatabRights(int);
int convertAdminRights(const char *);
int convertDatabRights(const char *);
bool hasAdminRights(int);
bool isInConfigFile();
private:
int verifyAuthFile(std::ifstream&);
const char* getFormatedTime(long int);
bool saveAuthFile();
void initcrypt(int);
void crypt(void*,int);
void decrypt(void*,int);
User *curUser;
bool inConfigFile;
char authFileName[100];
char altAuthFileName[100];
int globalInitAdminRight;
int globalInitDatabRight;
};
extern Authorization authorization;
class RandomGenerator
{
public:
RandomGenerator();
bool setFileVersion(long); // false, if not supported encr. method
void init(unsigned int);
unsigned char operator()();
bool insideTest();
private:
static unsigned char randomTable[1000];
unsigned int seed;
int fileVersion;
};
extern RandomGenerator randomGenerator;
// return codes:
#define RC_OK 0
#define ERRAUTHFNOTF -1
#define ERRAUTHFCORR -2
#define ERRAUTHFWRHOST -3
#define ERRAUTHFVERS -4
#endif
|
