2009-07-09 14:34:34 +00:00
/* -------------------------------------------------------------------------- */
2012-01-12 12:29:18 +01:00
/* Copyright 2002-2012, OpenNebula Project Leads (OpenNebula.org) */
2009-07-09 14:34:34 +00:00
/* */
/* Licensed under the Apache License, Version 2.0 (the "License"); you may */
/* not use this file except in compliance with the License. You may obtain */
/* a copy of the License at */
/* */
/* http://www.apache.org/licenses/LICENSE-2.0 */
/* */
/* Unless required by applicable law or agreed to in writing, software */
/* distributed under the License is distributed on an "AS IS" BASIS, */
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. */
/* See the License for the specific language governing permissions and */
/* limitations under the License. */
/* -------------------------------------------------------------------------- */
# ifndef USER_H_
# define USER_H_
# include "PoolSQL.h"
2011-10-11 00:20:50 +02:00
# include "UserTemplate.h"
2012-06-08 13:45:15 +02:00
# include "Quotas.h"
2009-07-09 14:34:34 +00:00
using namespace std ;
/* -------------------------------------------------------------------------- */
/* -------------------------------------------------------------------------- */
/**
2010-04-05 00:07:31 +02:00
* The User class .
2009-07-09 14:34:34 +00:00
*/
2011-07-07 19:01:04 +02:00
class User : public PoolObjectSQL
2009-07-09 14:34:34 +00:00
{
public :
2010-04-05 00:07:31 +02:00
2011-10-18 18:48:31 +02:00
/**
* Characters that can not be in a name
*/
static const string INVALID_NAME_CHARS ;
2011-09-09 18:31:46 +02:00
/**
* Characters that can not be in a password
*/
2011-10-18 18:48:31 +02:00
static const string INVALID_PASS_CHARS ;
2011-09-09 18:31:46 +02:00
2010-04-05 00:07:31 +02:00
/**
* Function to print the User object into a string in XML format
* @ param xml the resulting XML string
* @ return a reference to the generated string
*/
string & to_xml ( string & xml ) const ;
2009-07-09 14:34:34 +00:00
/**
* Check if the user is enabled
* @ return true if the user is enabled
*/
bool isEnabled ( ) const
{
return enabled ;
}
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
/**
* Returns user password
2011-10-20 19:22:42 +02:00
* @ return the User ' s password
2009-07-09 14:34:34 +00:00
*/
2010-04-05 00:07:31 +02:00
const string & get_password ( ) const
2009-07-09 14:34:34 +00:00
{
2010-04-05 00:07:31 +02:00
return password ;
} ;
/**
2009-07-09 14:34:34 +00:00
* Enables the current user
2010-04-05 00:07:31 +02:00
*/
2009-07-09 14:34:34 +00:00
void enable ( )
{
enabled = true ;
} ;
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
/**
* Disables the current user
2010-04-05 00:07:31 +02:00
*/
2009-07-09 14:34:34 +00:00
void disable ( )
{
enabled = false ;
2011-10-20 11:55:44 +02:00
invalidate_session ( ) ;
2009-07-09 14:34:34 +00:00
} ;
2010-04-05 00:07:31 +02:00
/**
2011-10-18 18:48:31 +02:00
* Checks if a name is valid , i . e . it is not empty and does not
2011-09-13 17:50:45 +02:00
* contain invalid characters .
2011-10-18 18:48:31 +02:00
* @ param uname Name to be checked
2011-09-13 17:50:45 +02:00
* @ param error_str Returns the error reason , if any
* @ return true if the string is valid
2011-09-09 18:31:46 +02:00
*/
2011-10-18 18:48:31 +02:00
static bool name_is_valid ( const string & uname , string & error_str ) ;
2011-09-13 17:50:45 +02:00
2011-10-18 18:48:31 +02:00
/**
* Checks if a password is valid , i . e . it is not empty and does not
* contain invalid characters .
* @ param pass Password to be checked
* @ param error_str Returns the error reason , if any
* @ return true if the string is valid
*/
static bool pass_is_valid ( const string & pass , string & error_str ) ;
2011-09-09 18:31:46 +02:00
/**
* Sets user password . It checks that the new password does not contain
* forbidden chars .
* @ param _password the new pass
2011-09-13 17:50:45 +02:00
* @ param error_str Returns the error reason , if any
2011-09-09 18:31:46 +02:00
* @ returns - 1 if the password is not valid
2009-07-09 14:34:34 +00:00
*/
2011-09-13 17:50:45 +02:00
int set_password ( const string & passwd , string & error_str )
2009-07-09 14:34:34 +00:00
{
2011-09-09 18:31:46 +02:00
int rc = 0 ;
2011-10-18 18:48:31 +02:00
if ( pass_is_valid ( passwd , error_str ) )
2011-09-09 18:31:46 +02:00
{
password = passwd ;
2011-10-20 11:55:44 +02:00
invalidate_session ( ) ;
2011-09-09 18:31:46 +02:00
}
else
{
rc = - 1 ;
}
return rc ;
2010-04-05 00:07:31 +02:00
} ;
2011-10-20 19:22:42 +02:00
/**
* Returns user password
* @ return the user ' s auth driver
*/
const string & get_auth_driver ( ) const
{
return auth_driver ;
} ;
2011-10-17 15:08:00 +02:00
/**
* Sets the user auth driver .
*
* @ param _auth_driver the new auth . driver
* @ param error_str Returns the error reason , if any
* @ return 0 on success , - 1 otherwise
*/
int set_auth_driver ( const string & _auth_driver , string & error_str )
{
auth_driver = _auth_driver ;
2011-10-20 11:55:44 +02:00
invalidate_session ( ) ;
2011-10-17 15:08:00 +02:00
return 0 ;
} ;
2009-07-09 14:34:34 +00:00
/**
* Splits an authentication token ( < usr > : < pass > )
* @ param secret , the authentication token
* @ param username
* @ param password
2010-04-05 00:07:31 +02:00
* @ return 0 on success
2009-07-09 14:34:34 +00:00
* */
static int split_secret ( const string secret , string & user , string & pass ) ;
2011-10-11 00:20:50 +02:00
/**
* Factory method for image templates
*/
2012-03-14 15:48:06 +01:00
Template * get_new_template ( ) const
2011-10-11 00:20:50 +02:00
{
return new UserTemplate ;
}
2012-05-29 00:36:13 +02:00
2012-06-05 23:32:05 +02:00
/**
2012-06-08 13:45:15 +02:00
* Object quotas , provides set and check interface
2012-06-05 23:32:05 +02:00
*/
2012-06-08 13:45:15 +02:00
Quotas quota ;
2012-06-05 23:32:05 +02:00
2009-07-09 14:34:34 +00:00
private :
// -------------------------------------------------------------------------
// Friends
// -------------------------------------------------------------------------
2010-04-05 00:07:31 +02:00
friend class UserPool ;
2009-07-09 14:34:34 +00:00
// -------------------------------------------------------------------------
// User Attributes
// -------------------------------------------------------------------------
/**
* User ' s password
*/
string password ;
2011-10-11 19:15:13 +02:00
/**
* Authentication driver for this user
*/
string auth_driver ;
2009-07-09 14:34:34 +00:00
/**
* Flag marking user enabled / disabled
*/
bool enabled ;
2010-04-05 00:07:31 +02:00
2011-10-20 11:55:44 +02:00
// *************************************************************************
// Authentication session (Private)
// *************************************************************************
/**
* Until when the session_token is valid
*/
time_t session_expiration_time ;
/**
* Last authentication token validated by the driver , can
* be trusted until the session_expiration_time
*/
string session_token ;
/**
* Checks if a session token is authorized and still valid
*
* @ param token The authentication token
* @ return true if the token is still valid
*/
bool valid_session ( const string & token )
{
return ( ( session_token = = token ) & &
( time ( 0 ) < session_expiration_time ) ) ;
} ;
/**
* Resets the authentication session
*/
void invalidate_session ( )
{
session_token . clear ( ) ;
session_expiration_time = 0 ;
} ;
/**
* Stores the given session token for a limited time . This eliminates the
2011-10-20 12:53:36 +02:00
* need to call the external authentication driver until the time expires .
2011-10-20 11:55:44 +02:00
*
* @ param token The authenticated token
2011-10-20 12:53:36 +02:00
* @ param validity_time
2011-10-20 11:55:44 +02:00
*/
2011-10-20 12:53:36 +02:00
void set_session ( const string & token , time_t validity_time )
2011-10-20 11:55:44 +02:00
{
2011-10-20 12:53:36 +02:00
session_token = token ;
2011-10-20 11:55:44 +02:00
session_expiration_time = time ( 0 ) + validity_time ;
} ;
2009-07-09 14:34:34 +00:00
// *************************************************************************
// DataBase implementation (Private)
// *************************************************************************
2010-04-26 18:14:00 +02:00
/**
* Execute an INSERT or REPLACE Sql query .
* @ param db The SQL DB
* @ param replace Execute an INSERT or a REPLACE
2011-12-19 17:07:32 +01:00
* @ param error_str Returns the error reason , if any
2010-04-26 18:14:00 +02:00
* @ return 0 one success
*/
2011-12-19 17:07:32 +01:00
int insert_replace ( SqlDB * db , bool replace , string & error_str ) ;
2010-04-26 18:14:00 +02:00
2009-07-09 14:34:34 +00:00
/**
* Bootstraps the database table ( s ) associated to the User
2011-10-10 06:14:46 -07:00
* @ return 0 on success
2009-07-09 14:34:34 +00:00
*/
2011-10-10 06:14:46 -07:00
static int bootstrap ( SqlDB * db )
2010-04-05 00:07:31 +02:00
{
ostringstream oss_user ( User : : db_bootstrap ) ;
2011-10-10 06:14:46 -07:00
return db - > exec ( oss_user ) ;
2009-07-09 14:34:34 +00:00
} ;
2011-03-04 17:04:28 +01:00
/**
* Rebuilds the object from an xml formatted string
* @ param xml_str The xml - formatted string
*
* @ return 0 on success , - 1 otherwise
*/
int from_xml ( const string & xml_str ) ;
2011-06-03 16:58:42 +02:00
2009-07-09 14:34:34 +00:00
protected :
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
// *************************************************************************
// Constructor
// *************************************************************************
2011-06-30 11:31:00 +02:00
User ( int id ,
int _gid ,
const string & _uname ,
const string & _gname ,
2011-10-11 19:15:13 +02:00
const string & _password ,
const string & _auth_driver ,
2011-06-30 11:31:00 +02:00
bool _enabled ) :
2012-01-03 02:58:23 +01:00
PoolObjectSQL ( id , USER , _uname , - 1 , _gid , " " , _gname , table ) ,
2012-06-08 13:45:15 +02:00
quota ( " /USER/DATASTORE_QUOTA " ,
" /USER/NETWORK_QUOTA " ,
" /USER/IMAGE_QUOTA " ,
" /USER/VM_QUOTA " ) ,
2011-06-30 11:31:00 +02:00
password ( _password ) ,
2011-10-11 19:15:13 +02:00
auth_driver ( _auth_driver ) ,
2011-10-20 11:55:44 +02:00
enabled ( _enabled ) ,
session_expiration_time ( 0 ) ,
session_token ( " " )
2011-10-11 00:20:50 +02:00
{
obj_template = new UserTemplate ;
} ;
2009-07-09 14:34:34 +00:00
2011-10-11 00:20:50 +02:00
virtual ~ User ( )
{
if ( obj_template ! = 0 )
{
delete obj_template ;
}
} ;
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
// *************************************************************************
// DataBase implementation
// *************************************************************************
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
static const char * db_names ;
static const char * db_bootstrap ;
2010-04-05 00:07:31 +02:00
2009-07-09 14:34:34 +00:00
static const char * table ;
/**
* Writes the User in the database .
* @ param db pointer to the db
* @ return 0 on success
*/
2011-12-19 17:07:32 +01:00
int insert ( SqlDB * db , string & error_str )
{
return insert_replace ( db , false , error_str ) ;
} ;
2009-07-09 14:34:34 +00:00
/**
* Writes / updates the User data fields in the database .
* @ param db pointer to the db
* @ return 0 on success
*/
2011-03-09 12:47:49 +01:00
int update ( SqlDB * db )
{
2011-12-19 17:07:32 +01:00
string error_str ;
return insert_replace ( db , true , error_str ) ;
2011-03-09 12:47:49 +01:00
}
2009-07-09 14:34:34 +00:00
} ;
2012-01-02 22:14:43 +01:00
# endif /*USER_H_*/