Context Navigation

← Previous Changeset
Next Changeset →

Changeset 13844

Timestamp:

2007-02-01T16:30:11+13:00 (17 years ago)

Author:

mdewsnip

Message:

Jeffrey's (DL Consulting) changes to userdb to make it a proper class, so it can be easily extended for collection-specific receptionists.

Location:

trunk/gsdl/src/recpt

Files:

: 5 edited

authenaction.cpp (modified) (3 diffs)
userdb.cpp (modified) (3 diffs)
userdb.h (modified) (2 diffs)
usersaction.cpp (modified) (11 diffs)
usersaction.h (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed

trunk/gsdl/src/recpt/authenaction.cpp

-              r9620
+              r13844
   if (args["uan"].empty()) return true;
+  userdbclass *user_database = new userdbclass(usersfile);
+  keydbclass *key_database = new keydbclass(keyfile);
   // failure means we have to redirect to this action to get authentication
 …
   // make sure we have a username
   if (!args_un.empty() && get_user_info (usersfile, args_un, thisuser)) {
+  if (!args_un.empty() && (user_database->get_user_info (args_un, thisuser) == ERRNO_SUCCEED)) {
     if (!args_pw.empty()) {
       // we are authenticating using a password
       if (check_passwd (thisuser, args_pw)) args_ua = "1"; // succeeded
+      if (user_database->check_passwd (thisuser.username, args_pw) == ERRNO_SUCCEED) args_ua = "1"; // succeeded
     } else if (!args_ky.empty()) {
       // we are authenticating using a key
       if (check_key (keyfile, thisuser, args_ky, args_ug, keydecay)) args_ua = "1";
+      if (key_database->check_key(thisuser, args_ky, args_ug, keydecay)) args_ua = "1";
       else args_us = "stalekey";
+    }
 …
      // note: we don't need to set "ug" as it is already set to what it needs to be
      args_us = "enabled";
     args_ky = generate_key (keyfile, args_un); // new key
+     args_ky = key_database->generate_key(args_un); // new key
     // delete old keys around every 50 accesses
     if (rand()%50 == 1) remove_old_keys (keyfile, keydecay);
+    if (rand()%50 == 1) key_database->remove_old_keys(keydecay);
       } else {

trunk/gsdl/src/recpt/userdb.cpp

-              r9620
+              r13844
 #endif
+// few useful functions
+text_t crypt_text (const text_t &text) {
+  static const char *salt = "Tp";
+  text_t crypt_password;
+  if (text.empty()) return g_EmptyText;
+  // encrypt the password
+  char *text_cstr = text.getcstr();
+  if (text_cstr == NULL) return g_EmptyText;
+  crypt_password = crypt(text_cstr, salt);
+  delete []text_cstr;
+  return crypt_password;
+}
+// username_ok tests to make sure a username is ok. a username
+// must be at least 2 characters long, but no longer than 30
+// characters long. it can contain the characters a-z A-Z 0-9
+// . and _
+bool username_ok (const text_t &username) {
+  if (username.size() < 2 || username.size() > 30) return false;
+  text_t::const_iterator here = username.begin();
+  text_t::const_iterator end = username.end();
+  while (here != end) {
+    if ((*here >= 'a' && *here <= 'z') ||
+    (*here >= 'A' && *here <= 'Z') ||
+    (*here >= '0' && *here <= '9') ||
+    *here == '.' ||
+    *here == '_') {
+      // ok
+    } else return false;
+    ++here;
+  }
+  return true;
+}
+// password_ok tests to make sure a password is ok. a password
+// must be at least 3 characters long but no longer than 8 characters
+// long. it can contain any character in the range 0x20-0x7e
+bool password_ok (const text_t &password) {
+  if (password.size() < 3 || password.size() > 8) return false;
+  text_t::const_iterator here = password.begin();
+  text_t::const_iterator end = password.end();
+  while (here != end) {
+    if (*here >= 0x20 && *here <= 0x7e) {
+      // ok
+    } else return false;
+    ++here;
+  }
+  return true;
+}
+/////////////
+// userinfo_t
+/////////////
+//==========================================//
+//      userinfo_t functions (Start)        //
+//==========================================//
+userinfo_t::userinfo_t()
+{
+  clear();
+}
+userinfo_t::~userinfo_t(){};
 void userinfo_t::clear () {
 …
   return *this;
+}
+// functions dealing with user databases
+// returns true on success (in which case userinfo will contain
+// the information for this user)
+bool get_user_info (gdbmclass &userdb, const text_t &username,
+            userinfo_t &userinfo) {
+  userinfo.clear();
+//==========================================//
+//       userinfo_t functions (END)         //
+//==========================================//
+//==========================================//
+//      userdbclass functions (Start)       //
+//==========================================//
+userdbclass::userdbclass(const text_t &userdbfilename)
+{
+  activated = (!userdb.opendatabase(userdbfilename, GDBM_WRCREAT, 1000, true)) ? false : true;
+  external_db = false;
+}
+userdbclass::userdbclass(const gdbmclass &external_userdb)
+{
+  userdb = external_userdb;
+  activated = true;
+  external_db = true;
+}
+userdbclass::~userdbclass()
+{
+  if (external_db == false) { userdb.closedatabase();}
+}
+// few useful functions
+text_t userdbclass::crypt_text (const text_t &text)
+{
+  static const char *salt = "Tp";
+  text_t crypt_password;
+  infodbclass info;
+  if (userdb.getinfo (username, info)) {
+    userinfo.username = info["username"];
+    userinfo.password = info["password"];
+    userinfo.enabled = (info["enabled"] == "true");
+    userinfo.groups = info["groups"];
+    userinfo.comment = info["comment"];
+    return true;
+  if (text.empty()) return g_EmptyText;
+  // encrypt the password
+  char *text_cstr = text.getcstr();
+  if (text_cstr == NULL) return g_EmptyText;
+  crypt_password = crypt(text_cstr, salt);
+  delete []text_cstr;
+  return crypt_password;
+}
+// username_ok tests to make sure a username is ok. a username
+// must be at least 2 characters long, but no longer than 30
+// characters long. it can contain the characters a-z A-Z 0-9
+// . and _
+bool userdbclass::username_ok (const text_t &username)
+{
+  if (username.size() < 2 || username.size() > 30) return false;
+  text_t::const_iterator here = username.begin();
+  text_t::const_iterator end = username.end();
+  while (here != end)
+    {
+      if ((*here >= 'a' && *here <= 'z') ||
+          (*here >= 'A' && *here <= 'Z') ||
+          (*here >= '0' && *here <= '9') ||
+          *here == '.' ||
+          *here == '_')
+        {
+          // ok
+        } else return false;
+      ++here;
+    }
+  return true;
+}
+// password_ok tests to make sure a password is ok. a password
+// must be at least 3 characters long but no longer than 8 characters
+// long. it can contain any character in the range 0x20-0x7e
+bool userdbclass::password_ok (const text_t &password)
+{
+  if (password.size() < 3 || password.size() > 8) return false;
+  text_t::const_iterator here = password.begin();
+  text_t::const_iterator end = password.end();
+  while (here != end) {
+    if (*here >= 0x20 && *here <= 0x7e)
+      {
+        // ok
+      } else return false;
+    ++here;
+  }
+  return false;
+}
+bool get_user_info (const text_t &userdbfile, const text_t &username,
+            userinfo_t &userinfo) {
+  gdbmclass userdb;
+  if (!userdb.opendatabase(userdbfile, GDBM_READER, 1000, true)) {
+/*    if (!userdbfile.empty() && !file_exists (userdbfile) &&
+    username == "admin") {*/
+    if (!userdbfile.empty() && username == "admin") {
+      // no database -- create a database with an initial account
+      userinfo.clear();
+      userinfo.username = "admin";
+      userinfo.password = crypt_text("admin");
+      userinfo.enabled = true;
+      userinfo.groups = "administrator,colbuilder";
+      userinfo.comment = "change the password for this account as soon as possible";
+      return set_user_info (userdbfile, username, userinfo);
+    }
+    return false;
+  }
+  bool success = get_user_info (userdb, username, userinfo);
+  userdb.closedatabase();
+  return success;
+}
+// returns true on success
+bool set_user_info (gdbmclass &userdb, const text_t &username,
+            const userinfo_t &userinfo) {
+  infodbclass info;
+  info["username"] = userinfo.username;
+  info["password"] = userinfo.password;
+  info["enabled"] = userinfo.enabled ? "true" : "false";
+  info["groups"] = userinfo.groups;
+  info["comment"] = userinfo.comment;
+  return userdb.setinfo (username, info);
+}
+bool set_user_info (const text_t &userdbfile, const text_t &username,
+            const userinfo_t &userinfo) {
+  gdbmclass userdb;
+  if (!userdb.opendatabase(userdbfile, GDBM_WRCREAT, 1000, true)) return false;
+  bool success = set_user_info (userdb, username, userinfo);
+  userdb.closedatabase();
+  return success;
+}
+// removes a user from the user database -- forever
+void delete_user (gdbmclass &userdb, const text_t &username) {
+  userdb.deletekey (username);
+}
+void delete_user (const text_t &userdbfile, const text_t &username) {
+  gdbmclass userdb;
+  if (!userdb.opendatabase(userdbfile, GDBM_WRCREAT, 1000, true)) return;
+  delete_user (userdb, username);
+  userdb.closedatabase();
+}
+// gets a list of all the users in the database. returns true
+// on success
+void get_user_list (gdbmclass &userdb, text_tarray &userlist) {
+  userlist.erase (userlist.begin(), userlist.end());
+  text_t user = userdb.getfirstkey ();
+  while (!user.empty()) {
+    userlist.push_back(user);
+    user = userdb.getnextkey (user);
+  }
+}
+// returns true if the user's password is correct.
+bool check_passwd (const userinfo_t &thisuser, const text_t &password) {
+  // couple of basic checks
+  if (thisuser.username.empty() || thisuser.password.empty() ||
+      password.empty()) return false;
+  text_t crypt_password = crypt_text(password);
+  return (thisuser.password == crypt_password);
+  return true;
+}
 // removes spaces from user groups
 text_t format_user_groups(const text_t user_groups){
+text_t userdbclass::format_user_groups(const text_t user_groups)
+{
   text_t new_groups = g_EmptyText;
   text_t::const_iterator here = user_groups.begin();
   text_t::const_iterator end = user_groups.end();
   while (here != end) {
+    if (*here != ' '&& *here != '\t' && *here != '\n') {
+      new_groups.push_back(*here);
+    }
+    if (*here != ' '&& *here != '\t' && *here != '\n')
+      {
+        new_groups.push_back(*here);
+      }
     ++here;
+  }
 …
+}
+// functions dealing with databases of temporary keys
+// functions dealing with user databases
+// returns true on success (in which case userinfo will contain
+// the information for this user)
+// @return 0 success
+// @return -1 database is not currently connected
+// @return -2 not defined username
+int userdbclass::get_user_info (const text_t &username, userinfo_t &userinfo)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      userinfo.clear();
+      infodbclass info;
+      // See if we can get the user's infomration
+      if (userdb.getinfo (username, info))
+        {
+          userinfo.username = info["username"];
+          userinfo.password = info["password"];
+          userinfo.enabled = (info["enabled"] == "true");
+          userinfo.groups = info["groups"];
+          userinfo.comment = info["comment"];
+          return ERRNO_SUCCEED;
+        }
+      // If we failed to retrieve the users information, we should check if the username is admin or not.
+      // If it is the admin user, let's create a new account for the admin user.
+      else if (username == "admin")
+        {
+          userinfo.clear();
+          userinfo.username = "admin";
+          userinfo.password = crypt_text("admin");
+          userinfo.enabled = true;
+          userinfo.groups = "administrator,colbuilder";
+          userinfo.comment = "change the password for this account as soon as possible";
+          // Return the set result.
+          return set_user_info (username, userinfo);
+        }
+      // The username is not found, return false
+      return ERRNO_USERNOTFOUND;
+    }
+  // Failed to connect to the database, return false.
+  return ERRNO_CONNECTIONFAILED;
+}
+// returns true on success
+int userdbclass::set_user_info (const text_t &username, const userinfo_t &userinfo)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      infodbclass info;
+      info["username"] = userinfo.username;
+      info["password"] = userinfo.password;
+      info["enabled"] = userinfo.enabled ? "true" : "false";
+      info["groups"] = userinfo.groups;
+      info["comment"] = userinfo.comment;
+      return (userdb.setinfo (username, info)) ? ERRNO_SUCCEED : ERRNO_GDBMACTIONFILED ;
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+// returns true if the user's password is correct.
+int userdbclass::check_passwd (const text_t &username, const text_t &password)
+{
+  userinfo_t thisuser;
+  int returned = get_user_info(username, thisuser);
+  if(returned != ERRNO_SUCCEED) return returned;
+  // couple of basic checks
+  if (thisuser.username.empty() || thisuser.password.empty() ||
+      password.empty()) return ERRNO_MISSINGPASSWORD;
+  text_t crypt_password = crypt_text(password);
+  return (thisuser.password == crypt_password) ? ERRNO_SUCCEED : ERRNO_PASSWORDMISMATCH;
+}
+int userdbclass::add_user (const userinfo_t &userinfo)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      infodbclass info;
+      if (userdb.getinfo (userinfo.username, info))
+        {
+          // There is an existing username already
+          return ERRNO_EXISTINGUSERNAME;
+        }
+      else
+        {
+          return set_user_info(userinfo.username, userinfo);
+        }
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+int userdbclass::edit_user (const userinfo_t &userinfo)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      infodbclass info;
+      if (userdb.getinfo (userinfo.username, info))
+        {
+          return set_user_info(userinfo.username, userinfo);
+        }
+      else
+        {
+          // The user does not exist in the database.
+          return ERRNO_USERNOTFOUND;
+        }
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+int userdbclass::delete_user (const text_t &username)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      userdb.deletekey (username);
+      return ERRNO_SUCCEED;
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+// gets all the users' information in the database. returns true
+// on success
+int userdbclass::get_all_users(userinfo_tarray &userinfo_array)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      userinfo_array.erase(userinfo_array.begin(), userinfo_array.end());
+      text_t user = userdb.getfirstkey();
+      while (!user.empty()) {
+        userinfo_t one_userinfo;
+        int returned = get_user_info(user, one_userinfo);
+        if (returned != ERRNO_SUCCEED) return returned;
+        userinfo_array.push_back(one_userinfo);
+        user = userdb.getnextkey(user);
+      }
+      return ERRNO_SUCCEED;
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+// gets a list of all the users in the database. returns true
+// on success
+int userdbclass::get_user_list (text_tarray &userlist)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      userlist.erase (userlist.begin(), userlist.end());
+      text_t user = userdb.getfirstkey ();
+      while (!user.empty()) {
+        userlist.push_back(user);
+        user = userdb.getnextkey (user);
+      }
+      return ERRNO_SUCCEED;
+    }
+  return ERRNO_CONNECTIONFAILED;
+}
+//==========================================//
+//       userdbclass functions (End)        //
+//==========================================//
+//==========================================//
+//      keydbclass functions (Start)        //
+//==========================================//
+keydbclass::keydbclass(const text_t &keydbfilename)
+{
+  activated = (!keydb.opendatabase(keydbfilename, GDBM_WRCREAT, 1000, true)) ? false : true;
+  external_db = false;
+}
+keydbclass::keydbclass(const gdbmclass &external_keydb)
+{
+  keydb = external_keydb;
+  activated = true;
+  external_db = true;
+}
+keydbclass::~keydbclass()
+{
+  if (external_db == false) { keydb.closedatabase();}
+}
 // generates a random key for the user, stores it in the database and
 // returns it so that it can be used in page generation
 // returns "" on failure
+text_t generate_key (gdbmclass &keydb, const text_t &username) {
+  static const char *numconvert = "0123456789abcdefghijklmnopqrstuvwxyz"
+    "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+  // loop looking for a suitable new key
+  text_t userkey;
+  text_t crypt_userkey;
+  do {
+    // convert to base 62 :-)
+    int userkey_int = rand ();
+    while (userkey_int > 0) {
+      userkey.push_back (numconvert[userkey_int%62]);
+      userkey_int /= 62;
+    }
+    // make sure this key is not in the database
+    crypt_userkey = crypt_text(userkey);
+    if (keydb.exists (crypt_userkey)) userkey.clear();
+  } while (userkey.empty());
+  // enter the key into the database
+  infodbclass keydata;
+  keydata["user"] = username;
+  keydata["time"] = time2text(time(NULL));
+  if (!keydb.setinfo (crypt_userkey, keydata)) {
+    userkey.clear(); // failed
+  }
+  return userkey;
+}
+text_t generate_key (const text_t &keydbfile, const text_t &username) {
+  gdbmclass keydb;
+  if (!keydb.opendatabase(keydbfile, GDBM_WRCREAT, 1000, true)) return g_EmptyText;
+  text_t key = generate_key (keydb, username);
+  keydb.closedatabase();
+  return key;
+}
+text_t keydbclass::generate_key (const text_t &username)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      static const char *numconvert = "0123456789abcdefghijklmnopqrstuvwxyz"
+        "ABCDEFGHIJKLMNOPQRSTUVWXYZ";
+      // loop looking for a suitable new key
+      text_t userkey;
+      text_t crypt_userkey;
+      do {
+        // convert to base 62 :-)
+        int userkey_int = rand ();
+        while (userkey_int > 0)
+          {
+            userkey.push_back (numconvert[userkey_int%62]);
+            userkey_int /= 62;
+          }
+        // make sure this key is not in the database
+        crypt_userkey = userdbclass::crypt_text(userkey);
+        if (keydb.exists (crypt_userkey)) userkey.clear();
+      } while (userkey.empty());
+      // enter the key into the database
+      infodbclass keydata;
+      keydata["user"] = username;
+      keydata["time"] = time2text(time(NULL));
+      if (!keydb.setinfo (crypt_userkey, keydata))
+        {
+          userkey.clear(); // failed
+        }
+      return userkey;
+    }
+  return "";
+}
 // checks to see if there is a key for this particular user in the
 // database that hasn't decayed. a short decay is used when group
 // is set to administrator
+bool check_key (gdbmclass &keydb, const userinfo_t &thisuser,
+        const text_t &key, const text_t &group, int keydecay) {
+  if (thisuser.username.empty() || key.empty()) return false;
+  // the keydecay is set to 5 minute for things requiring the
+  // administrator
+  //  if (group == "administrator") keydecay = 300;
+  // success if there is a key in the key database that is owned by this
+  // user whose creation time is less that keydecay
+  text_t crypt_key = crypt_text(key);
+  infodbclass info;
+  if (keydb.getinfo (crypt_key, info))  {
+    if (info["user"] == thisuser.username) {
+      time_t keycreation = text2time (info["time"]);
+      if (keycreation != (time_t)-1 && difftime (text2time(time2text(time(NULL))),
+                         keycreation) <= keydecay) {
+    // succeeded, update the key's time
+    info["time"] = time2text(time(NULL));
+    keydb.setinfo (crypt_key, info);
+    return true;
+      }
+    }
+  }
+  return false;;
+}
+bool check_key (const text_t &keydbfile, const userinfo_t &thisuser,
+        const text_t &key, const text_t &group, int keydecay) {
+  gdbmclass keydb;
+  if (!keydb.opendatabase(keydbfile, GDBM_WRCREAT, 1000, true)) return false;
+  bool success = check_key (keydb, thisuser, key, group, keydecay);
+  keydb.closedatabase();
+  return success;
+}
+bool keydbclass::check_key (const userinfo_t &thisuser, const text_t &key, const text_t &group, int keydecay)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      if (thisuser.username.empty() || key.empty()) return false;
+      // the keydecay is set to 5 minute for things requiring the
+      // administrator
+      //  if (group == "administrator") keydecay = 300;
+      // success if there is a key in the key database that is owned by this
+      // user whose creation time is less that keydecay
+      text_t crypt_key = userdbclass::crypt_text(key);
+      infodbclass info;
+      if (keydb.getinfo (crypt_key, info))  {
+        if (info["user"] == thisuser.username) {
+          time_t keycreation = text2time (info["time"]);
+          if (keycreation != (time_t)-1 && difftime (text2time(time2text(time(NULL))),
+                                                     keycreation) <= keydecay) {
+            // succeeded, update the key's time
+            info["time"] = time2text(time(NULL));
+            keydb.setinfo (crypt_key, info);
+            return true;
+          }
+        }
+      }
+    }
+  return false;
+}
 // remove_old_keys will remove all keys created more than keydecay ago.
 // use sparingly, it can be quite an expensive function
+void remove_old_keys (const text_t &keydbfile, int keydecay) {
+  // open the key database
+  gdbmclass keydb;
+  if (!keydb.opendatabase(keydbfile, GDBM_WRCREAT, 1000, true)) return;
+  // get a list of keys created more than keydecay seconds agon
+  text_tarray oldkeys;
+  text_t key = keydb.getfirstkey ();
+  infodbclass info;
+  time_t timenow = text2time(time2text(time(NULL)));
+  time_t keycreation = (time_t)-1;
+  while (!key.empty()) {
+    if (keydb.getinfo (key, info))  {
+      keycreation = text2time (info["time"]);
+      if (keycreation != (time_t)-1 && difftime (timenow, keycreation) > keydecay) {
+    // found an old key
+    oldkeys.push_back(key);
+      }
+    }
+    key = keydb.getnextkey (key);
+  }
+  // delete the keys
+  text_tarray::iterator keys_here = oldkeys.begin();
+  text_tarray::iterator keys_end = oldkeys.end();
+  while (keys_here != keys_end) {
+    keydb.deletekey(*keys_here);
+    ++keys_here;
+  }
+  // close the key database
+  keydb.closedatabase();
+}
+void keydbclass::remove_old_keys (int keydecay)
+{
+  // Let's make sure the connection has been established.
+  if (activated == true)
+    {
+      // get a list of keys created more than keydecay seconds agon
+      text_tarray oldkeys;
+      text_t key = keydb.getfirstkey ();
+      infodbclass info;
+      time_t timenow = text2time(time2text(time(NULL)));
+      time_t keycreation = (time_t)-1;
+      while (!key.empty()) {
+        if (keydb.getinfo (key, info))  {
+          keycreation = text2time (info["time"]);
+          if (keycreation != (time_t)-1 && difftime (timenow, keycreation) > keydecay) {
+            // found an old key
+            oldkeys.push_back(key);
+          }
+        }
+        key = keydb.getnextkey (key);
+      }
+      // delete the keys
+      text_tarray::iterator keys_here = oldkeys.begin();
+      text_tarray::iterator keys_end = oldkeys.end();
+      while (keys_here != keys_end) {
+        keydb.deletekey(*keys_here);
+        ++keys_here;
+      }
+    }
+}
+//==========================================//
+//       keydbclass functions (End)         //
+//==========================================//

trunk/gsdl/src/recpt/userdb.h

-              r2750
+              r13844
 #define USERDB_H
+#define ERRNO_SUCCEED           0
+#define ERRNO_CONNECTIONFAILED -1
+#define ERRNO_USERNOTFOUND     -2
+#define ERRNO_EXISTINGUSERNAME -3
+#define ERRNO_MISSINGPASSWORD  -4
+#define ERRNO_PASSWORDMISMATCH -5
+#define ERRNO_GDBMACTIONFILED  -6
 #include "infodbclass.h"
+// the password line in the userinfo_t must be encrypted using
+// this function
+text_t crypt_text (const text_t &text);
+// username_ok tests to make sure a username is ok. a username
+// must be at least 2 characters long, but no longer than 30
+// characters long. it can contain the characters a-z A-Z 0-9
+// . and _
+bool username_ok (const text_t &username);
+// password_ok tests to make sure a password is ok. a password
+// must be at least 3 characters long but no longer than 8 characters
+// long. it can contain any character in the range 0x20-0x7e
+bool password_ok (const text_t &password);
+// information about a single user
+struct userinfo_t {
+  void clear ();
+  userinfo_t () {clear();}
+  userinfo_t &operator=(const userinfo_t &x);
+// The user information object and it provides basic functions for the information object, such as clear and copy (=) functions;
+class userinfo_t
+{
+ public:
   text_t username;
   text_t password;
 …
   text_t groups; // comma separated list
   text_t comment;
+  userinfo_t ();
+  virtual ~userinfo_t();
+  userinfo_t &operator=(const userinfo_t &x);
+  void clear ();
 };
+typedef vector<userinfo_t> userinfo_tarray; // more space efficient than text_tlist
+// these functions deal with user and key databases that are already open
+// they should have been opened with gdbmclass::opendatabase
+// as soon as the databases are finished with they should be closed with
+// gdbmclass::closedatabase so that another process can access the database
+//
+// some of the functions need the databases opened with write access, an
+// appropriate call would be something like:
+//
+//   success = keydb.opendatabase (keyfile, GDBM_WRCREAT, 1000);
+//
+// note: passwords and keys are encrypted, so you can't just compare passwords
+// in a userinfo_t with a password given by the user. use check_passwd
+class userdbclass
+{
+ protected:
+  // The internal storage for the userdbfilename and the userdb object
+  gdbmclass userdb;
+  bool external_db;
+  bool activated;
+ public:
+  userdbclass (const text_t &userdbfilename);
+  userdbclass (const gdbmclass &external_userdb);
+  virtual ~userdbclass();
+  //======== the static methods========//
+  // the password line in the userinfo_t must be encrypted using
+  // this function
+  static text_t crypt_text (const text_t &text);
+  // username_ok tests to make sure a username is ok. a username
+  // must be at least 2 characters long, but no longer than 30
+  // characters long. it can contain the characters a-z A-Z 0-9
+  // . and _
+  static bool username_ok (const text_t &username);
+  // password_ok tests to make sure a password is ok. a password
+  // must be at least 3 characters long but no longer than 8 characters
+  // long. it can contain any character in the range 0x20-0x7e
+  static bool password_ok (const text_t &password);
+  // removes spaces from user groups
+  static text_t format_user_groups(const text_t user_groups);
+  //======== functions dealing with single user in the user databases ========//
+  // returns true on success (in which case userinfo will contain
+  // the information for this user)
+  int get_user_info (const text_t &username, userinfo_t &userinfo);
+  // returns true on success
+  int set_user_info (const text_t &username, const userinfo_t &userinfo);
+  // returns true if the user's password is correct.
+  int check_passwd (const text_t &username, const text_t &password);
+  // adds a user from the user database -- forever
+  int add_user (const userinfo_t &userinfo);
+  // edits a user from the user database -- forever
+  int edit_user (const userinfo_t &userinfo);
+  // removes a user from the user database -- forever
+  int delete_user (const text_t &username);
+  //======== functions dealing with multiple users in the user databases ========//
+  // gets all the users' information in the database. returns true
+  // on success
+  int get_all_users(userinfo_tarray &userinfo_array);
+  // gets a list of all the users in the database. returns true
+  // on success
+  int get_user_list (text_tarray &userlist);
+};
+// functions dealing with user databases
+// returns true on success (in which case userinfo will contain
+// the information for this user)
+bool get_user_info (gdbmclass &userdb, const text_t &username,
+            userinfo_t &userinfo);
+bool get_user_info (const text_t &userdbfile, const text_t &username,
+            userinfo_t &userinfo);
+// returns true on success
+bool set_user_info (gdbmclass &userdb, const text_t &username,
+            const userinfo_t &userinfo);
+bool set_user_info (const text_t &userdbfile, const text_t &username,
+            const userinfo_t &userinfo);
+// removes a user from the user database -- forever
+void delete_user (gdbmclass &userdb, const text_t &username);
+void delete_user (const text_t &userdbfile, const text_t &username);
+// gets a list of all the users in the database. returns true
+// on success
+void get_user_list (gdbmclass &userdb, text_tarray &userlist);
+// returns true if the user's password is correct.
+bool check_passwd (const userinfo_t &thisuser, const text_t &password);
+// removes spaces from user groups
+text_t format_user_groups(const text_t user_groups);
+// functions dealing with databases of temporary keys
+// generates a random key for the user, stores it in the database and
+// returns it so that it can be used in page generation
+// returns "" on failure
+text_t generate_key (gdbmclass &keydb, const text_t &username);
+text_t generate_key (const text_t &keydbfile, const text_t &username);
+// checks to see if there is a key for this particular user in the
+// database that hasn't decayed. a short decay is used when group
+// is set to administrator
+bool check_key (gdbmclass &keydb, const userinfo_t &thisuser,
+        const text_t &key, const text_t &group, int keydecay);
+bool check_key (const text_t &keydbfile, const userinfo_t &thisuser,
+        const text_t &key, const text_t &group, int keydecay);
+// remove_old_keys will remove all keys created more than keydecay ago.
+// use sparingly, it can be quite an expensive function
+void remove_old_keys (const text_t &keydbfile, int keydecay);
+class keydbclass
+{
+ protected:
+  // The internal storage for the userdbfilename and the userdb object
+  gdbmclass keydb;
+  bool external_db;
+  bool activated;
+ public:
+  keydbclass (const text_t &keydbfilename);
+  keydbclass (const gdbmclass &external_keydb);
+  virtual ~keydbclass();
+  // functions dealing with databases of temporary keys
+  // generates a random key for the user, stores it in the database and
+  // returns it so that it can be used in page generation
+  // returns "" on failure
+  text_t generate_key (const text_t &username);
+  // checks to see if there is a key for this particular user in the
+  // database that hasn't decayed. a short decay is used when group
+  // is set to administrator
+  bool check_key (const userinfo_t &thisuser, const text_t &key, const text_t &group, int keydecay);
+  // remove_old_keys will remove all keys created more than keydecay ago.
+  // use sparingly, it can be quite an expensive function
+  void remove_old_keys (int keydecay);
+};
 #endif

trunk/gsdl/src/recpt/usersaction.cpp

-              r9620
+              r13844
 #include "usersaction.h"
 #include "fileutil.h"
-#include "userdb.h"
 …
                  ostream &logout) {
+  // open the user database (it will be used a lot)
+  user_database = new userdbclass(usersfile);
   if (args["uma"] == "adduser" || args["uma"] == "edituser") {
     // adduser is handled by edituser
 …
       << "_userslistusers:header_\n_userslistusers:contentstart_\n";
-  // open the user database (it will be used a lot)
-  gdbmclass userdb;
   text_tarray userlist;
+  if (userdb.opendatabase(usersfile, GDBM_READER, 1000, true)) {
+    // get user list
+    get_user_list (userdb, userlist);
+  }
+  // get user list
+  user_database->get_user_list (userlist);
   // sort the list
 …
   text_tarray::iterator users_end = userlist.end();
   while (users_here != users_end) {
     if (get_user_info (userdb, *users_here, userinfo)) {
+    if (user_database->get_user_info(*users_here, userinfo) == ERRNO_SUCCEED) {
       textout << outconvert << disp
           << "<tr><td bgcolor=\"\\#eeeeee\">" << userinfo.username << "</td>\n"
 …
     ++users_here;
+  }
-  userdb.closedatabase();
   textout << outconvert << disp
 …
                    outconvertclass &outconvert, ostream &textout,
                    ostream &logout) {
   userinfo_t userinfo;
   text_t messagestatus;
 …
     noproblems = false;
   } else if (!username_ok (args["umun"])) {
+  } else if (!userdbclass::username_ok (args["umun"])) {
     // problem with username
     noproblems = false;
     messagestatus += "_users:messageinvalidusername_";
   } else if (get_user_info (usersfile, args["umun"], userinfo)) {
+  } else if (user_database->get_user_info (args["umun"], userinfo) == ERRNO_SUCCEED) {
     if (args["uma"] == "adduser") {
       // must not add a user that has the same name as another user
 …
+    }
   } else if (!password_ok(args["umpw"])) {
+  } else if (!userdbclass::password_ok(args["umpw"])) {
     noproblems = false;
     messagestatus += "_users:messageinvalidpassword_";
 …
     if (!args["umpw"].empty()) {
       // only set the password if it is not empty
       userinfo.password = crypt_text(args["umpw"]);
+      userinfo.password = userdbclass::crypt_text(args["umpw"]);
+    }
     userinfo.enabled = (args["umus"] == "enabled");
     userinfo.groups = format_user_groups(args["umug"]);
+    userinfo.groups = userdbclass::format_user_groups(args["umug"]);
     userinfo.comment = args["umc"];
     set_user_info (usersfile, args["umun"], userinfo);
+    user_database->set_user_info (args["umun"], userinfo);
     // show list of users
 …
     if (args["cm"] == "yes" && !args["umun"].empty()) {
       // user confirmed the deletion of the user
       delete_user (usersfile, args["umun"]);
+      user_database->delete_user(args["umun"]);
+    }
 …
     } else if (args["umnpw1"] != args["umnpw2"]) {
       messagestatus = "_users:messagenewpassmismatch_";
     } else if (!password_ok(args["umnpw1"])) {
+    } else if (!userdbclass::password_ok(args["umnpw1"])) {
       messagestatus = "_users:messageinvalidpassword_";
     } else {
       userinfo_t userinfo;
       if (get_user_info (usersfile, args["un"], userinfo)) {
+      if (user_database->get_user_info (args["un"], userinfo) == ERRNO_SUCCEED) {
     // check old password
     if (userinfo.password != crypt_text(args["umpw"])) {
+    if (userinfo.password != userdbclass::crypt_text(args["umpw"])) {
       messagestatus = "_users:messagefailed_";
     } else {
       userinfo.password = crypt_text(args["umnpw1"]);
       if (set_user_info (usersfile, args["un"], userinfo)) {
+      userinfo.password = userdbclass::crypt_text(args["umnpw1"]);
+      if (user_database->set_user_info (args["un"], userinfo) == ERRNO_SUCCEED) {
         // everything is ok
         textout << outconvert << disp

trunk/gsdl/src/recpt/usersaction.h

-              r7375
+              r13844
 #include "action.h"
 #include "text_t.h"
+#include "userdb.h"
 …
 protected:
   text_t usersfile;
+  userdbclass* user_database;
 public:

Note: See TracChangeset for help on using the changeset viewer.