2009-07-09 18:34:34 +04:00
/* -------------------------------------------------------------------------- */
2014-01-09 14:51:20 +04:00
/* Copyright 2002-2014, OpenNebula Project (OpenNebula.org), C12G Labs */
2009-07-09 18:34:34 +04:00
/* */
/* Licensed under the Apache License, Version 2.0 (the "License"); you may */
/* not use this file except in compliance with the License. You may obtain */
/* a copy of the License at */
/* */
/* http://www.apache.org/licenses/LICENSE-2.0 */
/* */
/* Unless required by applicable law or agreed to in writing, software */
/* distributed under the License is distributed on an "AS IS" BASIS, */
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. */
/* See the License for the specific language governing permissions and */
/* limitations under the License. */
/* -------------------------------------------------------------------------- */
# ifndef USER_H_
# define USER_H_
# include "PoolSQL.h"
2011-10-11 02:20:50 +04:00
# include "UserTemplate.h"
2013-08-23 14:39:14 +04:00
# include "ObjectCollection.h"
2014-01-22 02:21:18 +04:00
# include "QuotasSQL.h"
class UserQuotas ;
2009-07-09 18:34:34 +04:00
using namespace std ;
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
/**
2010-04-05 02:07:31 +04:00
* The User class .
2009-07-09 18:34:34 +04:00
*/
2013-08-23 14:39:14 +04:00
class User : public PoolObjectSQL , public ObjectCollection
2009-07-09 18:34:34 +04:00
{
public :
2010-04-05 02:07:31 +04:00
2011-10-18 20:48:31 +04:00
/**
* Characters that can not be in a name
*/
static const string INVALID_NAME_CHARS ;
2011-09-09 20:31:46 +04:00
/**
* Characters that can not be in a password
*/
2011-10-18 20:48:31 +04:00
static const string INVALID_PASS_CHARS ;
2011-09-09 20:31:46 +04:00
2010-04-05 02:07:31 +04:00
/**
* Function to print the User object into a string in XML format
* @ param xml the resulting XML string
* @ return a reference to the generated string
*/
string & to_xml ( string & xml ) const ;
2013-02-28 17:53:34 +04:00
/**
* Function to print the User object into a string in
* XML format . The extended XML includes the default quotas
* @ param xml the resulting XML string
* @ return a reference to the generated string
*/
string & to_xml_extended ( string & xml ) const ;
2009-07-09 18:34:34 +04:00
/**
* Check if the user is enabled
* @ return true if the user is enabled
*/
bool isEnabled ( ) const
{
return enabled ;
}
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
/**
* Returns user password
2011-10-20 21:22:42 +04:00
* @ return the User ' s password
2009-07-09 18:34:34 +04:00
*/
2010-04-05 02:07:31 +04:00
const string & get_password ( ) const
2009-07-09 18:34:34 +04:00
{
2010-04-05 02:07:31 +04:00
return password ;
} ;
/**
2009-07-09 18:34:34 +04:00
* Enables the current user
2010-04-05 02:07:31 +04:00
*/
2009-07-09 18:34:34 +04:00
void enable ( )
{
enabled = true ;
} ;
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
/**
* Disables the current user
2010-04-05 02:07:31 +04:00
*/
2009-07-09 18:34:34 +04:00
void disable ( )
{
enabled = false ;
2011-10-20 13:55:44 +04:00
invalidate_session ( ) ;
2009-07-09 18:34:34 +04:00
} ;
2010-04-05 02:07:31 +04:00
2011-10-18 20:48:31 +04:00
/**
* Checks if a password is valid , i . e . it is not empty and does not
* contain invalid characters .
* @ param pass Password to be checked
* @ param error_str Returns the error reason , if any
* @ return true if the string is valid
*/
static bool pass_is_valid ( const string & pass , string & error_str ) ;
2011-09-09 20:31:46 +04:00
/**
* Sets user password . It checks that the new password does not contain
* forbidden chars .
* @ param _password the new pass
2011-09-13 19:50:45 +04:00
* @ param error_str Returns the error reason , if any
2011-09-09 20:31:46 +04:00
* @ returns - 1 if the password is not valid
2009-07-09 18:34:34 +04:00
*/
2013-12-12 01:40:01 +04:00
int set_password ( const string & passwd , string & error_str ) ;
2010-04-05 02:07:31 +04:00
2011-10-20 21:22:42 +04:00
/**
* Returns user password
* @ return the user ' s auth driver
*/
const string & get_auth_driver ( ) const
{
return auth_driver ;
} ;
2011-10-17 17:08:00 +04:00
/**
* Sets the user auth driver .
*
* @ param _auth_driver the new auth . driver
* @ param error_str Returns the error reason , if any
* @ return 0 on success , - 1 otherwise
*/
int set_auth_driver ( const string & _auth_driver , string & error_str )
{
auth_driver = _auth_driver ;
2011-10-20 13:55:44 +04:00
invalidate_session ( ) ;
2011-10-17 17:08:00 +04:00
return 0 ;
} ;
2009-07-09 18:34:34 +04:00
/**
* Splits an authentication token ( < usr > : < pass > )
* @ param secret , the authentication token
* @ param username
* @ param password
2010-04-05 02:07:31 +04:00
* @ return 0 on success
2009-07-09 18:34:34 +04:00
* */
static int split_secret ( const string secret , string & user , string & pass ) ;
2011-10-11 02:20:50 +04:00
/**
* Factory method for image templates
*/
2012-03-14 18:48:06 +04:00
Template * get_new_template ( ) const
2011-10-11 02:20:50 +04:00
{
return new UserTemplate ;
}
2012-05-29 02:36:13 +04:00
2012-06-06 01:32:05 +04:00
/**
2012-06-08 15:45:15 +04:00
* Object quotas , provides set and check interface
2012-06-06 01:32:05 +04:00
*/
2014-01-15 19:27:50 +04:00
UserQuotas quota ;
2012-06-06 01:32:05 +04:00
2013-01-21 17:38:07 +04:00
/**
* Returns the UMASK template attribute ( read as an octal number ) , or the
* default UMASK from oned . conf if it does not exist
*
* @ return the UMASK to create new objects
*/
int get_umask ( ) const ;
2013-08-23 14:39:14 +04:00
/**
* Returns a copy of the groups for the user
*/
set < int > get_groups ( )
{
return get_collection_copy ( ) ;
} ;
// *************************************************************************
// Group IDs set Management
// *************************************************************************
/**
* Adds a group ID to the groups set .
*
* @ param id The new id
* @ return 0 on success , - 1 if the ID was already in the set
*/
int add_group ( int group_id )
{
return add_collection_id ( group_id ) ;
}
/**
* Deletes a group ID from the groups set .
*
* @ param id The id
* @ return 0 on success ,
* - 1 if the ID was not in the set ,
* - 2 if the group to delete is the main group
*/
int del_group ( int group_id )
{
if ( group_id = = gid )
{
return - 2 ;
}
return del_collection_id ( group_id ) ;
}
2014-01-22 21:54:48 +04:00
// *************************************************************************
// Quotas
// *************************************************************************
/**
* Writes / updates the User quotas fields in the database .
* @ param db pointer to the db
* @ return 0 on success
*/
int update_quotas ( SqlDB * db )
{
return quota . update ( oid , db ) ;
} ;
2009-07-09 18:34:34 +04:00
private :
// -------------------------------------------------------------------------
// Friends
// -------------------------------------------------------------------------
2010-04-05 02:07:31 +04:00
friend class UserPool ;
2009-07-09 18:34:34 +04:00
// -------------------------------------------------------------------------
// User Attributes
// -------------------------------------------------------------------------
/**
* User ' s password
*/
string password ;
2011-10-11 21:15:13 +04:00
/**
* Authentication driver for this user
*/
string auth_driver ;
2009-07-09 18:34:34 +04:00
/**
* Flag marking user enabled / disabled
*/
bool enabled ;
2010-04-05 02:07:31 +04:00
2011-10-20 13:55:44 +04:00
// *************************************************************************
// Authentication session (Private)
// *************************************************************************
/**
* Until when the session_token is valid
*/
time_t session_expiration_time ;
/**
* Last authentication token validated by the driver , can
* be trusted until the session_expiration_time
*/
string session_token ;
/**
* Checks if a session token is authorized and still valid
*
* @ param token The authentication token
* @ return true if the token is still valid
*/
bool valid_session ( const string & token )
{
return ( ( session_token = = token ) & &
( time ( 0 ) < session_expiration_time ) ) ;
} ;
/**
* Resets the authentication session
*/
void invalidate_session ( )
{
session_token . clear ( ) ;
session_expiration_time = 0 ;
} ;
/**
* Stores the given session token for a limited time . This eliminates the
2011-10-20 14:53:36 +04:00
* need to call the external authentication driver until the time expires .
2011-10-20 13:55:44 +04:00
*
* @ param token The authenticated token
2011-10-20 14:53:36 +04:00
* @ param validity_time
2011-10-20 13:55:44 +04:00
*/
2011-10-20 14:53:36 +04:00
void set_session ( const string & token , time_t validity_time )
2011-10-20 13:55:44 +04:00
{
2011-10-20 14:53:36 +04:00
session_token = token ;
2011-10-20 13:55:44 +04:00
session_expiration_time = time ( 0 ) + validity_time ;
} ;
2009-07-09 18:34:34 +04:00
// *************************************************************************
// DataBase implementation (Private)
// *************************************************************************
2010-04-26 20:14:00 +04:00
/**
* Execute an INSERT or REPLACE Sql query .
* @ param db The SQL DB
* @ param replace Execute an INSERT or a REPLACE
2011-12-19 20:07:32 +04:00
* @ param error_str Returns the error reason , if any
2010-04-26 20:14:00 +04:00
* @ return 0 one success
*/
2011-12-19 20:07:32 +04:00
int insert_replace ( SqlDB * db , bool replace , string & error_str ) ;
2010-04-26 20:14:00 +04:00
2009-07-09 18:34:34 +04:00
/**
* Bootstraps the database table ( s ) associated to the User
2011-10-10 17:14:46 +04:00
* @ return 0 on success
2009-07-09 18:34:34 +04:00
*/
2011-10-10 17:14:46 +04:00
static int bootstrap ( SqlDB * db )
2010-04-05 02:07:31 +04:00
{
ostringstream oss_user ( User : : db_bootstrap ) ;
2014-03-08 05:44:53 +04:00
return db - > exec ( oss_user ) ;
2009-07-09 18:34:34 +04:00
} ;
2014-01-15 19:27:50 +04:00
/**
* Reads the User ( identified with its OID ) from the database .
* @ param db pointer to the db
* @ return 0 on success
*/
int select ( SqlDB * db ) ;
/**
* Reads the User ( identified with its OID ) from the database .
* @ param db pointer to the db
* @ param name of the user
* @ param uid of the owner
*
* @ return 0 on success
*/
int select ( SqlDB * db , const string & name , int uid ) ;
/**
* Drops the user from the database
* @ param db pointer to the db
* @ return 0 on success
*/
int drop ( SqlDB * db ) ;
2011-03-04 19:04:28 +03:00
/**
* Rebuilds the object from an xml formatted string
* @ param xml_str The xml - formatted string
*
* @ return 0 on success , - 1 otherwise
*/
int from_xml ( const string & xml_str ) ;
2013-02-28 17:53:34 +04:00
/**
* Function to print the User object into a string in
* XML format
* @ param xml the resulting XML string
* @ param extended If true , default quotas are included
* @ return a reference to the generated string
*/
string & to_xml_extended ( string & xml , bool extended ) const ;
2011-06-03 18:58:42 +04:00
2009-07-09 18:34:34 +04:00
protected :
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
// *************************************************************************
// Constructor
// *************************************************************************
2013-04-10 14:56:06 +04:00
User ( int id ,
int _gid ,
const string & _uname ,
2011-06-30 13:31:00 +04:00
const string & _gname ,
2011-10-11 21:15:13 +04:00
const string & _password ,
const string & _auth_driver ,
2011-06-30 13:31:00 +04:00
bool _enabled ) :
2012-01-03 05:58:23 +04:00
PoolObjectSQL ( id , USER , _uname , - 1 , _gid , " " , _gname , table ) ,
2013-08-23 14:39:14 +04:00
ObjectCollection ( " GROUPS " ) ,
2014-01-15 19:27:50 +04:00
quota ( ) ,
2011-06-30 13:31:00 +04:00
password ( _password ) ,
2011-10-11 21:15:13 +04:00
auth_driver ( _auth_driver ) ,
2011-10-20 13:55:44 +04:00
enabled ( _enabled ) ,
session_expiration_time ( 0 ) ,
session_token ( " " )
2011-10-11 02:20:50 +04:00
{
obj_template = new UserTemplate ;
} ;
2009-07-09 18:34:34 +04:00
2011-10-11 02:20:50 +04:00
virtual ~ User ( )
{
2013-12-10 21:03:03 +04:00
delete obj_template ;
2011-10-11 02:20:50 +04:00
} ;
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
// *************************************************************************
// DataBase implementation
// *************************************************************************
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
static const char * db_names ;
static const char * db_bootstrap ;
2010-04-05 02:07:31 +04:00
2009-07-09 18:34:34 +04:00
static const char * table ;
/**
* Writes the User in the database .
* @ param db pointer to the db
* @ return 0 on success
*/
2014-01-15 19:27:50 +04:00
int insert ( SqlDB * db , string & error_str ) ;
2009-07-09 18:34:34 +04:00
/**
2014-01-22 21:54:48 +04:00
* Writes / updates the User data fields in the database . This method does
* not update the user ' s quotas
2009-07-09 18:34:34 +04:00
* @ param db pointer to the db
* @ return 0 on success
*/
2014-01-22 21:54:48 +04:00
int update ( SqlDB * db )
{
string error_str ;
return insert_replace ( db , true , error_str ) ;
} ;
2009-07-09 18:34:34 +04:00
} ;
2012-01-03 01:14:43 +04:00
# endif /*USER_H_*/