OpenCores
URL https://opencores.org/ocsvn/or1k/or1k/trunk

Subversion Repositories or1k

[/] [or1k/] [trunk/] [rtems-20020807/] [c/] [src/] [libnetworking/] [rtems_webserver/] [um.c] - Blame information for rev 1765

Details | Compare with Previous | View Log

Line No. Rev Author Line
1 1026 ivang 
/*
2 
 *      um.c -- User Management
3 
 *
4 
 *      Copyright (c) GoAhead Software Inc., 1995-2000. All Rights Reserved.
5 
 *
6 
 *      See the file "license.txt" for usage and redistribution license requirements
7 
 *
8 
 *      um.c,v 1.1 2000/09/01 10:57:21 joel Exp
9 
 */
10 
 
11 
/******************************** Description *********************************/
12 
/*
13 
 *      User Management routines for adding/deleting/changing users and groups
14 
 *  Also, routines for determining user access
15 
 */
16 
 
17 
/********************************* Includes ***********************************/
18 
 
19 
#include        "um.h"
20 
#include        "emfdb.h"
21 
#include        "webs.h"
22 
 
23 
/********************************** Defines ***********************************/
24 
 
25 
#define UM_DB_FILENAME  T("um.xml")
26 
#define UM_TXT_FILENAME T("umconfig.txt")
27 
 
28 
/*
29 
 *      Table names
30 
 */
31 
#define UM_USER_TABLENAME       T("users")
32 
#define UM_GROUP_TABLENAME      T("groups")
33 
#define UM_ACCESS_TABLENAME     T("access")
34 
 
35 
/*
36 
 *      Column names
37 
 */
38 
#define UM_NAME                 T("name")
39 
#define UM_PASS                 T("password")
40 
#define UM_GROUP                T("group")
41 
#define UM_PROT                 T("prot")
42 
#define UM_DISABLE              T("disable")
43 
#define UM_METHOD               T("method")
44 
#define UM_PRIVILEGE    T("priv")
45 
#define UM_SECURE               T("secure")
46 
 
47 
/*
48 
 *      XOR encryption mask
49 
 *              Note:   This string should be modified for individual sites
50 
 *                              in order to enhance user password security.
51 
 */
52 
#define UM_XOR_ENCRYPT  T("*j7a(L#yZ98sSd5HfSgGjMj8;Ss;d)(*&^#@$a2s0i3g")
53 
 
54 
/******************************** Local Data **********************************/
55 
 
56 
#ifdef UEMF
57 
/*
58 
 *      User table definition
59 
 */
60 
#define NUMBER_OF_USER_COLUMNS  5
61 
 
62 
char_t  *userColumnNames[NUMBER_OF_USER_COLUMNS] = {
63 
                        UM_NAME, UM_PASS, UM_GROUP, UM_PROT, UM_DISABLE
64 
};
65 
 
66 
int             userColumnTypes[NUMBER_OF_USER_COLUMNS] = {
67 
                        T_STRING, T_STRING, T_STRING, T_INT, T_INT
68 
};
69 
 
70 
dbTable_t userTable = {
71 
        UM_USER_TABLENAME,
72 
        NUMBER_OF_USER_COLUMNS,
73 
        userColumnNames,
74 
        userColumnTypes,
75 
        0,
76 
        NULL
77 
};
78 
 
79 
/*
80 
 *      Group table definition
81 
 */
82 
#define NUMBER_OF_GROUP_COLUMNS 5
83 
 
84 
char_t  *groupColumnNames[NUMBER_OF_GROUP_COLUMNS] = {
85 
                        UM_NAME, UM_PRIVILEGE, UM_METHOD, UM_PROT, UM_DISABLE
86 
};
87 
 
88 
int             groupColumnTypes[NUMBER_OF_GROUP_COLUMNS] = {
89 
                        T_STRING, T_INT, T_INT, T_INT, T_INT
90 
};
91 
 
92 
dbTable_t groupTable = {
93 
        UM_GROUP_TABLENAME,
94 
        NUMBER_OF_GROUP_COLUMNS,
95 
        groupColumnNames,
96 
        groupColumnTypes,
97 
        0,
98 
        NULL
99 
};
100 
 
101 
/*
102 
 *      Access Limit table definition
103 
 */
104 
#define NUMBER_OF_ACCESS_COLUMNS        4
105 
 
106 
char_t  *accessColumnNames[NUMBER_OF_ACCESS_COLUMNS] = {
107 
                        UM_NAME, UM_METHOD, UM_SECURE, UM_GROUP
108 
};
109 
 
110 
int             accessColumnTypes[NUMBER_OF_ACCESS_COLUMNS] = {
111 
                        T_STRING, T_INT, T_INT, T_STRING
112 
};
113 
 
114 
dbTable_t accessTable = {
115 
        UM_ACCESS_TABLENAME,
116 
        NUMBER_OF_ACCESS_COLUMNS,
117 
        accessColumnNames,
118 
        accessColumnTypes,
119 
        0,
120 
        NULL
121 
};
122 
#endif  /* #ifdef UEMF */
123 
 
124 
/*
125 
 *      Database Identifier returned from dbOpen()
126 
 */
127 
static int              didUM = -1;
128 
 
129 
/*
130 
 *      Configuration database persist filename
131 
 */
132 
static char_t   *saveFilename = NULL;
133 
 
134 
static int              umOpenCount = 0;         /* count of apps using this module */
135 
 
136 
/*************************** Forward Declarations *****************************/
137 
 
138 
static bool_t umCheckName(char_t *name);
139 
 
140 
/*********************************** Code *************************************/
141 
/*
142 
 *      umOpen() registers the UM tables in the fake emf-database
143 
 */
144 
 
145 
int umOpen()
146 
{
147 
        if (++umOpenCount != 1) {
148 
                return didUM;
149 
        }
150 
/*
151 
 *      Do not initialize if intialization has already taken place
152 
 */
153 
        if (didUM == -1) {
154 
                didUM = dbOpen(UM_USER_TABLENAME, UM_DB_FILENAME, NULL, 0);
155 
#ifdef UEMF
156 
                dbRegisterDBSchema(&userTable);
157 
                dbRegisterDBSchema(&groupTable);
158 
                dbRegisterDBSchema(&accessTable);
159 
#endif
160 
        }
161 
 
162 
        if (saveFilename == NULL) {
163 
                saveFilename = bstrdup(B_L, UM_TXT_FILENAME);
164 
        }
165 
 
166 
        return didUM;
167 
}
168 
 
169 
/******************************************************************************/
170 
/*
171 
 *      umClose() frees up the UM tables in the fake emf-database
172 
 */
173 
 
174 
void umClose()
175 
{
176 
        if (--umOpenCount > 0) {
177 
                return;
178 
        }
179 
/*
180 
 *      Do not close if intialization has not taken place
181 
 */
182 
        if (didUM != -1) {
183 
                dbClose(didUM);
184 
                didUM = -1;
185 
        }
186 
 
187 
        if (saveFilename != NULL) {
188 
                bfree(B_L, saveFilename);
189 
                saveFilename = NULL;
190 
        }
191 
}
192 
 
193 
/******************************************************************************/
194 
/*
195 
 *      umCommit() persists all of the UM tables
196 
 */
197 
 
198 
int     umCommit(char_t *filename)
199 
{
200 
        if (filename && *filename) {
201 
                if (saveFilename != NULL) {
202 
                        bfree(B_L, saveFilename);
203 
                }
204 
 
205 
                saveFilename = bstrdup(B_L, filename);
206 
        }
207 
 
208 
        a_assert (saveFilename && *saveFilename);
209 
        trace(3, T("UM: Writing User Configuration to file <%s>\n"),
210 
                saveFilename);
211 
 
212 
        return dbSave(didUM, saveFilename, 0);
213 
}
214 
 
215 
/******************************************************************************/
216 
/*
217 
 *      umRestore() loads up the UM tables with persisted data
218 
 */
219 
 
220 
int umRestore(char_t *filename)
221 
{
222 
        if (filename && *filename) {
223 
                if (saveFilename != NULL) {
224 
                        bfree(B_L, saveFilename);
225 
                }
226 
 
227 
                saveFilename = bstrdup(B_L, filename);
228 
        }
229 
 
230 
        a_assert(saveFilename && *saveFilename);
231 
 
232 
        trace(3, T("UM: Loading User Configuration from file <%s>\n"),
233 
                saveFilename);
234 
 
235 
/*
236 
 *      First empty the database, otherwise we wind up with duplicates!
237 
 */
238 
        dbZero(didUM);
239 
        return dbLoad(didUM, saveFilename, 0);
240 
}
241 
 
242 
/******************************************************************************/
243 
/*
244 
 *      Encrypt/Decrypt a text string.
245 
 *              Returns the number of characters encrypted.
246 
 */
247 
 
248 
static int umEncryptString(char_t *textString)
249 
{
250 
        char_t  *enMask;
251 
        char_t  enChar;
252 
        int             numChars;
253 
 
254 
        a_assert(textString);
255 
 
256 
        enMask = UM_XOR_ENCRYPT;
257 
        numChars = 0;
258 
 
259 
        while (*textString) {
260 
                enChar = *textString ^ *enMask;
261 
/*
262 
 *              Do not produce encrypted text with embedded linefeeds or tabs.
263 
 *                      Simply use existing character.
264 
 */
265 
                if (enChar && !gisspace(enChar))
266 
                        *textString = enChar;
267 
/*
268 
 *              Increment all pointers.
269 
 */
270 
                enMask++;
271 
                textString++;
272 
                numChars++;
273 
/*
274 
 *              Wrap encryption mask pointer if at end of length.
275 
 */
276 
                if (*enMask == '\0') {
277 
                        enMask = UM_XOR_ENCRYPT;
278 
                }
279 
        }
280 
 
281 
        return numChars;
282 
}
283 
 
284 
/******************************************************************************/
285 
/*
286 
 *      umGetFirstRowData() -   return a pointer to the first non-blank key value
287 
 *                                                      in the given column for the given table.
288 
 */
289 
 
290 
static char_t *umGetFirstRowData(char_t *tableName, char_t *columnName)
291 
{
292 
        char_t  *columnData;
293 
        int             row;
294 
        int             check;
295 
 
296 
        a_assert(tableName && *tableName);
297 
        a_assert(columnName && *columnName);
298 
 
299 
        row = 0;
300 
/*
301 
 *      Move through table until we retrieve the first row with non-null
302 
 *      column data.
303 
 */
304 
        columnData = NULL;
305 
        while ((check = dbReadStr(didUM, tableName, columnName, row++,
306 
                &columnData)) == 0 || (check == DB_ERR_ROW_DELETED)) {
307 
                if (columnData && *columnData) {
308 
                        return columnData;
309 
                }
310 
        }
311 
 
312 
        return NULL;
313 
}
314 
 
315 
/******************************************************************************/
316 
/*
317 
 *      umGetNextRowData() -    return a pointer to the first non-blank
318 
 *                                              key value following the given one.
319 
 */
320 
 
321 
static char_t *umGetNextRowData(char_t *tableName, char_t *columnName,
322 
                                                                char_t *keyLast)
323 
{
324 
        char_t  *key;
325 
        int             row;
326 
        int             check;
327 
 
328 
        a_assert(tableName && *tableName);
329 
        a_assert(columnName && *columnName);
330 
        a_assert(keyLast && *keyLast);
331 
/*
332 
 *      Position row counter to row where the given key value was found
333 
 */
334 
        row = 0;
335 
        key = NULL;
336 
 
337 
        while ((((check = dbReadStr(didUM, tableName, columnName, row++,
338 
                &key)) == 0) || (check == DB_ERR_ROW_DELETED)) &&
339 
                ((key == NULL) || (gstrcmp(key, keyLast) != 0))) {
340 
        }
341 
/*
342 
 *      If the last key value was not found, return NULL
343 
 */
344 
        if (!key || gstrcmp(key, keyLast) != 0) {
345 
                return NULL;
346 
        }
347 
/*
348 
 *      Move through table until we retrieve the next row with a non-null key
349 
 */
350 
        while (((check = dbReadStr(didUM, tableName, columnName, row++, &key))
351 
                == 0) || (check == DB_ERR_ROW_DELETED)) {
352 
                if (key && *key && (gstrcmp(key, keyLast) != 0)) {
353 
                        return key;
354 
                }
355 
        }
356 
 
357 
        return NULL;
358 
}
359 
 
360 
/******************************************************************************/
361 
/*
362 
 *      umAddUser() - Adds a user to the "users" table.
363 
 */
364 
 
365 
int     umAddUser(char_t *user, char_t *pass, char_t *group,
366 
                          bool_t prot, bool_t disabled)
367 
{
368 
        int             row;
369 
        char_t  *password;
370 
 
371 
        a_assert(user && *user);
372 
        a_assert(pass && *pass);
373 
        a_assert(group && *group);
374 
 
375 
        trace(3, T("UM: Adding User <%s>\n"), user);
376 
 
377 
/*
378 
 *      Do not allow duplicates
379 
 */
380 
        if (umUserExists(user)) {
381 
                return UM_ERR_DUPLICATE;
382 
        }
383 
 
384 
/*
385 
 *      Make sure user name and password contain valid characters
386 
 */
387 
        if (!umCheckName(user)) {
388 
                return UM_ERR_BAD_NAME;
389 
        }
390 
 
391 
        if (!umCheckName(pass)) {
392 
                return UM_ERR_BAD_PASSWORD;
393 
        }
394 
 
395 
/*
396 
 *      Make sure group exists
397 
 */
398 
        if (!umGroupExists(group)) {
399 
                return UM_ERR_NOT_FOUND;
400 
        }
401 
 
402 
/*
403 
 *      Now create the user record
404 
 */
405 
        row = dbAddRow(didUM, UM_USER_TABLENAME);
406 
 
407 
        if (row < 0) {
408 
                return UM_ERR_GENERAL;
409 
        }
410 
 
411 
        if (dbWriteStr(didUM, UM_USER_TABLENAME, UM_NAME, row, user) != 0) {
412 
                return UM_ERR_GENERAL;
413 
        }
414 
 
415 
        password = bstrdup(B_L, pass);
416 
        umEncryptString(password);
417 
        dbWriteStr(didUM, UM_USER_TABLENAME, UM_PASS, row, password);
418 
        bfree(B_L, password);
419 
        dbWriteStr(didUM, UM_USER_TABLENAME, UM_GROUP, row, group);
420 
        dbWriteInt(didUM, UM_USER_TABLENAME, UM_PROT, row, prot);
421 
        dbWriteInt(didUM, UM_USER_TABLENAME, UM_DISABLE, row, disabled);
422 
 
423 
        return 0;
424 
}
425 
 
426 
/******************************************************************************/
427 
/*
428 
 *      umDeleteUser() - remove a user from the "users" table
429 
 */
430 
 
431 
int     umDeleteUser(char_t *user)
432 
{
433 
        int row;
434 
 
435 
        a_assert(user && *user);
436 
        trace(3, T("UM: Deleting User <%s>\n"), user);
437 
/*
438 
 *      Check to see if user is delete-protected
439 
 */
440 
        if (umGetUserProtected(user)) {
441 
                return UM_ERR_PROTECTED;
442 
        }
443 
 
444 
/*
445 
 *      If found, delete the user from the database
446 
 */
447 
        if ((row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0)) >= 0) {
448 
                return dbDeleteRow(didUM, UM_USER_TABLENAME, row);
449 
        }
450 
 
451 
        return UM_ERR_NOT_FOUND;
452 
}
453 
 
454 
/******************************************************************************/
455 
/*
456 
 *      umGetFirstUser() -      Returns the user ID of the first user found in the
457 
 *                                              "users" table.
458 
 */
459 
 
460 
char_t *umGetFirstUser()
461 
{
462 
        return umGetFirstRowData(UM_USER_TABLENAME, UM_NAME);
463 
}
464 
 
465 
/******************************************************************************/
466 
/*
467 
 *      umGetNextUser() Returns the next user found in the "users" table after
468 
 *                                      the given user.
469 
 */
470 
 
471 
char_t *umGetNextUser(char_t *userLast)
472 
{
473 
        return umGetNextRowData(UM_USER_TABLENAME, UM_NAME, userLast);
474 
}
475 
 
476 
/******************************************************************************/
477 
/*
478 
 *      umUserExists()  Returns TRUE if userid exists.
479 
 */
480 
 
481 
bool_t umUserExists(char_t *user)
482 
{
483 
        a_assert(user && *user);
484 
 
485 
        if (dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0) >= 0) {
486 
                return TRUE;
487 
        } else {
488 
                return FALSE;
489 
        }
490 
}
491 
 
492 
/******************************************************************************/
493 
/*
494 
 *      umGetUserPassword() returns a de-crypted copy of the user password
495 
 */
496 
 
497 
char_t *umGetUserPassword(char_t *user)
498 
{
499 
        char_t  *password;
500 
        int             row;
501 
 
502 
        a_assert(user && *user);
503 
 
504 
        password = NULL;
505 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
506 
 
507 
        if (row >= 0) {
508 
                char_t *pass = NULL;
509 
                dbReadStr(didUM, UM_USER_TABLENAME, UM_PASS, row, &pass);
510 
/*
511 
 *              Decrypt password
512 
 *              Note, this function returns a copy of the password, which must
513 
 *              be deleted at some time in the future.
514 
 */
515 
                password = bstrdup(B_L, pass);
516 
                umEncryptString(password);
517 
        }
518 
 
519 
        return password;
520 
}
521 
 
522 
/******************************************************************************/
523 
/*
524 
 *      umSetUserPassword() updates the user password in the user "table" after
525 
 *                                              encrypting the given password
526 
 */
527 
 
528 
int     umSetUserPassword(char_t *user, char_t *pass)
529 
{
530 
        int             row, nRet;
531 
        char_t  *password;
532 
 
533 
        a_assert(user && *user);
534 
        a_assert(pass && *pass);
535 
        trace(3, T("UM: Attempting to change the password for user <%s>\n"), user);
536 
/*
537 
 *      Find the row of the user
538 
 */
539 
        if ((row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0)) < 0) {
540 
                return UM_ERR_NOT_FOUND;
541 
        }
542 
 
543 
        password = bstrdup(B_L, pass);
544 
        umEncryptString(password);
545 
        nRet = dbWriteStr(didUM, UM_USER_TABLENAME, UM_PASS, row, password);
546 
        bfree(B_L, password);
547 
 
548 
        return nRet;
549 
}
550 
 
551 
/******************************************************************************/
552 
/*
553 
 *      umGetUserGroup() returns the name of the user group
554 
 */
555 
 
556 
char_t *umGetUserGroup(char_t *user)
557 
{
558 
        char_t  *group;
559 
        int             row;
560 
 
561 
        a_assert(user && *user);
562 
        group = NULL;
563 
/*
564 
 *      Find the row of the user
565 
 */
566 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
567 
 
568 
        if (row >= 0) {
569 
                dbReadStr(didUM, UM_USER_TABLENAME, UM_GROUP, row, &group);
570 
        }
571 
 
572 
        return group;
573 
}
574 
 
575 
/******************************************************************************/
576 
/*
577 
 *      umSetUserGroup() Sets the name of the user group for the user
578 
 */
579 
 
580 
int     umSetUserGroup(char_t *user, char_t *group)
581 
{
582 
        int row;
583 
 
584 
        a_assert(user && *user);
585 
        a_assert(group && *group);
586 
/*
587 
 *      Find the row of the user
588 
 */
589 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
590 
 
591 
        if (row >= 0) {
592 
                return dbWriteStr(didUM, UM_USER_TABLENAME, UM_GROUP, row, group);
593 
        } else {
594 
                return UM_ERR_NOT_FOUND;
595 
        }
596 
}
597 
 
598 
/******************************************************************************/
599 
/*
600 
 *      umGetUserEnabled() - returns if the user is enabled
601 
 *      Returns FALSE if the user is not found.
602 
 */
603 
 
604 
bool_t  umGetUserEnabled(char_t *user)
605 
{
606 
        int disabled, row;
607 
 
608 
        a_assert(user && *user);
609 
 
610 
        disabled = 1;
611 
/*
612 
 *      Find the row of the user
613 
 */
614 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
615 
 
616 
        if (row >= 0) {
617 
                dbReadInt(didUM, UM_USER_TABLENAME, UM_DISABLE, row, &disabled);
618 
        }
619 
 
620 
        return (bool_t)!disabled;
621 
}
622 
 
623 
/******************************************************************************/
624 
/*
625 
 *      umSetUserEnabled() Enables/disables the user
626 
 */
627 
int     umSetUserEnabled(char_t *user, bool_t enabled)
628 
{
629 
        int row;
630 
 
631 
        a_assert(user && *user);
632 
/*
633 
 *      Find the row of the user
634 
 */
635 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
636 
        if (row >= 0) {
637 
                return dbWriteInt(didUM, UM_USER_TABLENAME, UM_DISABLE, row, !enabled);
638 
        } else {
639 
                return UM_ERR_NOT_FOUND;
640 
        }
641 
}
642 
 
643 
/******************************************************************************/
644 
/*
645 
 *      umGetUserProtected() - determine deletability of user
646 
 */
647 
 
648 
bool_t umGetUserProtected(char_t *user)
649 
{
650 
        int protect, row;
651 
 
652 
        a_assert(user && *user);
653 
/*
654 
 *      Find the row of the user
655 
 */
656 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
657 
        protect = FALSE;
658 
 
659 
        if (row >= 0) {
660 
                dbReadInt(didUM, UM_USER_TABLENAME, UM_PROT, row, &protect);
661 
        }
662 
 
663 
        return (bool_t)protect;
664 
}
665 
 
666 
/******************************************************************************/
667 
/*
668 
 *      umSetUserProtected() sets the delete protection for the user
669 
 */
670 
int     umSetUserProtected(char_t *user, bool_t protect)
671 
{
672 
        int row;
673 
 
674 
        a_assert(user && *user);
675 
/*
676 
 *      Find the row of the user
677 
 */
678 
        row = dbSearchStr(didUM, UM_USER_TABLENAME, UM_NAME, user, 0);
679 
 
680 
        if (row >= 0) {
681 
                return dbWriteInt(didUM, UM_USER_TABLENAME, UM_PROT, row, protect);
682 
        } else {
683 
                return UM_ERR_NOT_FOUND;
684 
        }
685 
}
686 
 
687 
 
688 
/******************************************************************************/
689 
/*
690 
 *      umAddGroup() adds a group to the "Group" table
691 
 */
692 
 
693 
int     umAddGroup(char_t *group, short priv, accessMeth_t am,
694 
                           bool_t prot, bool_t disabled)
695 
{
696 
        int row;
697 
 
698 
        a_assert(group && *group);
699 
        trace(3, T("UM: Adding group <%s>\n"), group);
700 
 
701 
/*
702 
 *      Do not allow duplicates
703 
 */
704 
        if (umGroupExists(group)) {
705 
                return UM_ERR_DUPLICATE;
706 
        }
707 
 
708 
/*
709 
 *      Only allow valid characters in key field
710 
 */
711 
        if (!umCheckName(group)) {
712 
                return UM_ERR_BAD_NAME;
713 
        }
714 
 
715 
/*
716 
 *      Add a new row to the table
717 
 */
718 
        if ((row = dbAddRow(didUM, UM_GROUP_TABLENAME)) < 0) {
719 
                return UM_ERR_GENERAL;
720 
        }
721 
 
722 
/*
723 
 *      Write the key field
724 
 */
725 
        if (dbWriteStr(didUM, UM_GROUP_TABLENAME, UM_NAME, row, group) != 0) {
726 
                return UM_ERR_GENERAL;
727 
        }
728 
 
729 
/*
730 
 *      Write the remaining fields
731 
 */
732 
        dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_PRIVILEGE, row, priv);
733 
        dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_METHOD, row, (int) am);
734 
        dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_PROT, row, prot);
735 
        dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_DISABLE, row, disabled);
736 
 
737 
        return 0;
738 
}
739 
 
740 
/******************************************************************************/
741 
/*
742 
 *      umDeleteGroup() - Delete a user group, if not protected
743 
 */
744 
 
745 
int     umDeleteGroup(char_t *group)
746 
{
747 
        int row;
748 
 
749 
        a_assert(group && *group);
750 
        trace(3, T("UM: Deleting Group <%s>\n"), group);
751 
 
752 
/*
753 
 *      Check to see if the group is in use
754 
 */
755 
        if (umGetGroupInUse(group)) {
756 
                return UM_ERR_IN_USE;
757 
        }
758 
 
759 
/*
760 
 *      Check to see if the group is delete-protected
761 
 */
762 
        if (umGetGroupProtected(group)) {
763 
                return UM_ERR_PROTECTED;
764 
        }
765 
 
766 
/*
767 
 *      Find the row of the group to delete
768 
 */
769 
        if ((row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0)) < 0) {
770 
                return UM_ERR_NOT_FOUND;
771 
        }
772 
 
773 
        return dbDeleteRow(didUM, UM_GROUP_TABLENAME, row);
774 
}
775 
 
776 
/******************************************************************************/
777 
/*
778 
 *      umGroupExists() returns TRUE if group exists, FALSE otherwise
779 
 */
780 
 
781 
bool_t umGroupExists(char_t *group)
782 
{
783 
        a_assert(group && *group);
784 
 
785 
        if (dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0) >= 0) {
786 
                return TRUE;
787 
        } else {
788 
                return FALSE;
789 
        }
790 
}
791 
 
792 
 
793 
/******************************************************************************/
794 
/*
795 
 *      umGetGroupInUse() returns TRUE if the group is referenced by a user or by
796 
 *  an access limit.
797 
 */
798 
 
799 
bool_t umGetGroupInUse(char_t *group)
800 
{
801 
        a_assert(group && *group);
802 
 
803 
/*
804 
 *      First, check the user table
805 
 */
806 
        if (dbSearchStr(didUM, UM_USER_TABLENAME, UM_GROUP, group, 0) >= 0) {
807 
                return TRUE;
808 
        }
809 
 
810 
/*
811 
 *      Second, check the access limit table
812 
 */
813 
        if (dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_GROUP, group, 0) >= 0) {
814 
                return TRUE;
815 
        }
816 
 
817 
        return FALSE;
818 
}
819 
 
820 
 
821 
/******************************************************************************/
822 
/*
823 
 *      umGetFirstGroup() - return a pointer to the first non-blank group name
824 
 */
825 
 
826 
char_t *umGetFirstGroup()
827 
{
828 
        return umGetFirstRowData(UM_GROUP_TABLENAME, UM_NAME);
829 
}
830 
 
831 
/******************************************************************************/
832 
/*
833 
 *      umGetNextGroup() -      return a pointer to the first non-blank group name
834 
 *                                              following the given group name
835 
 */
836 
 
837 
char_t *umGetNextGroup(char_t *groupLast)
838 
{
839 
        return umGetNextRowData(UM_GROUP_TABLENAME, UM_NAME, groupLast);
840 
}
841 
 
842 
/******************************************************************************/
843 
/*
844 
 *      Returns the default access method to use for a given group
845 
 */
846 
 
847 
accessMeth_t umGetGroupAccessMethod(char_t *group)
848 
{
849 
        int am, row;
850 
 
851 
        a_assert(group && *group);
852 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
853 
 
854 
        if (row >= 0) {
855 
                dbReadInt(didUM, UM_GROUP_TABLENAME, UM_METHOD, row, (int *)&am);
856 
        } else {
857 
                am = AM_INVALID;
858 
        }
859 
 
860 
        return (accessMeth_t) am;
861 
}
862 
 
863 
/******************************************************************************/
864 
/*
865 
 *      Set the default access method to use for a given group
866 
 */
867 
 
868 
int     umSetGroupAccessMethod(char_t *group, accessMeth_t am)
869 
{
870 
        int row;
871 
 
872 
        a_assert(group && *group);
873 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
874 
 
875 
        if (row >= 0) {
876 
                return dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_METHOD, row, (int) am);
877 
        } else {
878 
                return UM_ERR_NOT_FOUND;
879 
        }
880 
}
881 
 
882 
/******************************************************************************/
883 
/*
884 
 *      Returns the privilege mask for a given group
885 
 */
886 
 
887 
short umGetGroupPrivilege(char_t *group)
888 
{
889 
        int privilege, row;
890 
 
891 
        a_assert(group && *group);
892 
        privilege = -1;
893 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
894 
 
895 
        if (row >= 0) {
896 
                dbReadInt(didUM, UM_GROUP_TABLENAME, UM_PRIVILEGE, row, &privilege);
897 
        }
898 
 
899 
        return (short) privilege;
900 
}
901 
 
902 
/******************************************************************************/
903 
/*
904 
 *      Set the privilege mask for a given group
905 
 */
906 
 
907 
int     umSetGroupPrivilege(char_t *group, short privilege)
908 
{
909 
        int row;
910 
 
911 
        a_assert(group && *group);
912 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
913 
 
914 
        if (row >= 0) {
915 
                return dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_PRIVILEGE, row,
916 
                        (int)privilege);
917 
        } else {
918 
                return UM_ERR_NOT_FOUND;
919 
        }
920 
}
921 
 
922 
/******************************************************************************/
923 
/*
924 
 *      Returns the enabled setting for a given group.
925 
 *      Returns FALSE if group is not found.
926 
 */
927 
 
928 
bool_t umGetGroupEnabled(char_t *group)
929 
{
930 
        int disabled, row;
931 
 
932 
        a_assert(group && *group);
933 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
934 
        disabled = 1;
935 
 
936 
        if (row >= 0) {
937 
                dbReadInt(didUM, UM_GROUP_TABLENAME, UM_DISABLE, row, &disabled);
938 
        }
939 
 
940 
        return (bool_t) !disabled;
941 
}
942 
 
943 
/******************************************************************************/
944 
/*
945 
 *      Sets the enabled setting for a given group.
946 
 */
947 
 
948 
int umSetGroupEnabled(char_t *group, bool_t enabled)
949 
{
950 
        int row;
951 
 
952 
        a_assert(group && *group);
953 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
954 
 
955 
        if (row >= 0) {
956 
                return dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_DISABLE, row,
957 
                        (int) !enabled);
958 
        } else {
959 
                return UM_ERR_NOT_FOUND;
960 
        }
961 
}
962 
 
963 
/******************************************************************************/
964 
/*
965 
 *      Returns the protected setting for a given group
966 
 *  Returns FALSE if user is not found
967 
 */
968 
 
969 
bool_t umGetGroupProtected(char_t *group)
970 
{
971 
        int protect, row;
972 
 
973 
        a_assert(group && *group);
974 
 
975 
        protect = 0;
976 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
977 
        if (row >= 0) {
978 
                dbReadInt(didUM, UM_GROUP_TABLENAME, UM_PROT, row, &protect);
979 
        }
980 
 
981 
        return (bool_t) protect;
982 
}
983 
 
984 
/******************************************************************************/
985 
/*
986 
 *      Sets the protected setting for a given group
987 
 */
988 
 
989 
int     umSetGroupProtected(char_t *group, bool_t protect)
990 
{
991 
        int row;
992 
 
993 
        a_assert(group && *group);
994 
        row = dbSearchStr(didUM, UM_GROUP_TABLENAME, UM_NAME, group, 0);
995 
 
996 
        if (row >= 0) {
997 
                return dbWriteInt(didUM, UM_GROUP_TABLENAME, UM_PROT, row,
998 
                        (int) protect);
999 
        } else {
1000 
                return UM_ERR_NOT_FOUND;
1001 
        }
1002 
}
1003 
 
1004 
 
1005 
/******************************************************************************/
1006 
/*
1007 
 *      umAddAccessLimit() adds an access limit to the "access" table
1008 
 */
1009 
 
1010 
int     umAddAccessLimit(char_t *url, accessMeth_t am, short secure, char_t *group)
1011 
{
1012 
        int row;
1013 
 
1014 
        a_assert(url && *url);
1015 
        trace(3, T("UM: Adding Access Limit for <%s>\n"), url);
1016 
 
1017 
/*
1018 
 *      Do not allow duplicates
1019 
 */
1020 
        if (umAccessLimitExists(url)) {
1021 
                return UM_ERR_DUPLICATE;
1022 
        }
1023 
 
1024 
/*
1025 
 *      Add a new row to the table
1026 
 */
1027 
        if ((row = dbAddRow(didUM, UM_ACCESS_TABLENAME)) < 0) {
1028 
                return UM_ERR_GENERAL;
1029 
        }
1030 
 
1031 
/*
1032 
 *      Write the key field
1033 
 */
1034 
        if(dbWriteStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, row, url) < 0) {
1035 
                return UM_ERR_GENERAL;
1036 
        }
1037 
 
1038 
/*
1039 
 *      Write the remaining fields
1040 
 */
1041 
        dbWriteInt(didUM, UM_ACCESS_TABLENAME, UM_METHOD, row, (int)am);
1042 
        dbWriteInt(didUM, UM_ACCESS_TABLENAME, UM_SECURE, row, (int)secure);
1043 
        dbWriteStr(didUM, UM_ACCESS_TABLENAME, UM_GROUP, row, group);
1044 
 
1045 
        return 0;
1046 
}
1047 
 
1048 
/******************************************************************************/
1049 
/*
1050 
 *      umDeleteAccessLimit()
1051 
 */
1052 
 
1053 
int     umDeleteAccessLimit(char_t *url)
1054 
{
1055 
        int row;
1056 
 
1057 
        a_assert(url && *url);
1058 
        trace(3, T("UM: Deleting Access Limit for <%s>\n"), url);
1059 
/*
1060 
 *      Find the row of the access limit to delete
1061 
 */
1062 
        if ((row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0)) < 0) {
1063 
                return UM_ERR_NOT_FOUND;
1064 
        }
1065 
 
1066 
        return dbDeleteRow(didUM, UM_ACCESS_TABLENAME, row);
1067 
}
1068 
 
1069 
/******************************************************************************/
1070 
/*
1071 
 *      umGetFirstGroup() - return a pointer to the first non-blank access limit
1072 
 */
1073 
 
1074 
char_t *umGetFirstAccessLimit()
1075 
{
1076 
        return umGetFirstRowData(UM_ACCESS_TABLENAME, UM_NAME);
1077 
}
1078 
 
1079 
/******************************************************************************/
1080 
/*
1081 
 *      umGetNextAccessLimit() -        return a pointer to the first non-blank
1082 
 *                                                              access limit following the given one
1083 
 */
1084 
 
1085 
char_t *umGetNextAccessLimit(char_t *urlLast)
1086 
{
1087 
        return umGetNextRowData(UM_ACCESS_TABLENAME, UM_NAME, urlLast);
1088 
}
1089 
 
1090 
/******************************************************************************/
1091 
/*
1092 
 *      umAccessLimitExists() returns TRUE if this access limit exists
1093 
 */
1094 
 
1095 
bool_t  umAccessLimitExists(char_t *url)
1096 
{
1097 
        a_assert(url && *url);
1098 
 
1099 
        if (dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0) < 0) {
1100 
                return FALSE;
1101 
        } else {
1102 
                return TRUE;
1103 
        }
1104 
}
1105 
 
1106 
/******************************************************************************/
1107 
/*
1108 
 *      umGetAccessLimit() returns the Access Method for the URL
1109 
 */
1110 
 
1111 
accessMeth_t umGetAccessLimitMethod(char_t *url)
1112 
{
1113 
        int am, row;
1114 
 
1115 
        am = (int) AM_INVALID;
1116 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1117 
 
1118 
        if (row >= 0) {
1119 
                dbReadInt(didUM, UM_ACCESS_TABLENAME, UM_METHOD, row, &am);
1120 
        }
1121 
 
1122 
        return (accessMeth_t) am;
1123 
}
1124 
 
1125 
/******************************************************************************/
1126 
/*
1127 
 *      umSetAccessLimitMethod() - set Access Method for Access Limit
1128 
 */
1129 
 
1130 
int     umSetAccessLimitMethod(char_t *url, accessMeth_t am)
1131 
{
1132 
        int row;
1133 
 
1134 
        a_assert(url && *url);
1135 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1136 
 
1137 
        if (row >= 0) {
1138 
                return dbWriteInt(didUM, UM_ACCESS_TABLENAME, UM_METHOD, row, (int) am);
1139 
        } else {
1140 
                return UM_ERR_NOT_FOUND;
1141 
        }
1142 
}
1143 
 
1144 
/******************************************************************************/
1145 
/*
1146 
 *      umGetAccessLimitSecure() - returns secure switch for access limit
1147 
 */
1148 
 
1149 
short umGetAccessLimitSecure(char_t *url)
1150 
{
1151 
        int secure, row;
1152 
 
1153 
        a_assert(url && *url);
1154 
        secure = -1;
1155 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1156 
 
1157 
        if (row >= 0) {
1158 
                dbReadInt(didUM, UM_ACCESS_TABLENAME, UM_SECURE, row, &secure);
1159 
        }
1160 
 
1161 
        return (short)secure;
1162 
}
1163 
 
1164 
/******************************************************************************/
1165 
/*
1166 
 *      umSetAccessLimitSecure() - sets the secure flag for the URL
1167 
 */
1168 
 
1169 
int     umSetAccessLimitSecure(char_t *url, short secure)
1170 
{
1171 
        int row;
1172 
 
1173 
        a_assert(url && *url);
1174 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1175 
 
1176 
        if (row >= 0) {
1177 
                return dbWriteInt(didUM, UM_ACCESS_TABLENAME, UM_SECURE, row,
1178 
                        (int)secure);
1179 
        } else {
1180 
                return UM_ERR_NOT_FOUND;
1181 
        }
1182 
}
1183 
 
1184 
/******************************************************************************/
1185 
/*
1186 
 *      umGetAccessLimitGroup() - returns the user group of the access limit
1187 
 */
1188 
 
1189 
char_t *umGetAccessLimitGroup(char_t *url)
1190 
{
1191 
        char_t  *group;
1192 
        int             row;
1193 
 
1194 
        a_assert(url && *url);
1195 
        group = NULL;
1196 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1197 
 
1198 
        if (row >= 0) {
1199 
                dbReadStr(didUM, UM_ACCESS_TABLENAME, UM_GROUP, row, &group);
1200 
        }
1201 
 
1202 
        return group;
1203 
}
1204 
 
1205 
/******************************************************************************/
1206 
/*
1207 
 *      umSetAccessLimitGroup() - sets the user group for the access limit.
1208 
 */
1209 
 
1210 
int     umSetAccessLimitGroup(char_t *url, char_t *group)
1211 
{
1212 
        int row;
1213 
 
1214 
        a_assert(url && *url);
1215 
        row = dbSearchStr(didUM, UM_ACCESS_TABLENAME, UM_NAME, url, 0);
1216 
 
1217 
        if (row >= 0) {
1218 
                return dbWriteStr(didUM, UM_ACCESS_TABLENAME, UM_GROUP, row, group);
1219 
        } else {
1220 
                return UM_ERR_NOT_FOUND;
1221 
        }
1222 
}
1223 
 
1224 
/******************************************************************************/
1225 
/*
1226 
 *      Returns the access limit to use for a given URL, by checking for URLs up
1227 
 *      the directory tree.  Creates a new string that must be deleted.
1228 
 */
1229 
 
1230 
char_t *umGetAccessLimit(char_t *url)
1231 
{
1232 
        char_t  *urlRet, *urlCheck, *lastChar;
1233 
        int             len;
1234 
 
1235 
        a_assert(url && *url);
1236 
        urlRet = NULL;
1237 
        urlCheck = bstrdup(B_L, url);
1238 
        a_assert(urlCheck);
1239 
        len = gstrlen(urlCheck);
1240 
/*
1241 
 *      Scan back through URL to see if there is a "parent" access limit
1242 
 */
1243 
        while (len && !urlRet) {
1244 
                if (umAccessLimitExists(urlCheck)) {
1245 
                        urlRet = bstrdup(B_L, urlCheck);
1246 
                } else {
1247 
/*
1248 
 *      Trim the end portion of the URL to the previous directory marker
1249 
 */
1250 
                        lastChar = urlCheck + len;
1251 
                        lastChar--;
1252 
 
1253 
                        while ((lastChar >= urlCheck) && ((*lastChar == '/') ||
1254 
                                (*lastChar == '\\'))) {
1255 
                                *lastChar = 0;
1256 
                                lastChar--;
1257 
                        }
1258 
 
1259 
                        while ((lastChar >= urlCheck) && (*lastChar != '/') &&
1260 
                                (*lastChar != '\\')) {
1261 
                                *lastChar = 0;
1262 
                                lastChar--;
1263 
                        }
1264 
 
1265 
                        len = gstrlen(urlCheck);
1266 
                }
1267 
        }
1268 
        bfree (B_L, urlCheck);
1269 
 
1270 
        return urlRet;
1271 
}
1272 
 
1273 
/******************************************************************************/
1274 
/*
1275 
 *      Returns the access method to use for a given URL
1276 
 */
1277 
 
1278 
accessMeth_t umGetAccessMethodForURL(char_t *url)
1279 
{
1280 
        accessMeth_t    amRet;
1281 
        char_t                  *urlHavingLimit, *group;
1282 
 
1283 
        urlHavingLimit = umGetAccessLimit(url);
1284 
        if (urlHavingLimit) {
1285 
                group = umGetAccessLimitGroup(urlHavingLimit);
1286 
 
1287 
                if (group && *group) {
1288 
                        amRet = umGetGroupAccessMethod(group);
1289 
                } else {
1290 
                        amRet = umGetAccessLimitMethod(urlHavingLimit);
1291 
                }
1292 
 
1293 
                bfree(B_L, urlHavingLimit);
1294 
        } else {
1295 
                amRet = AM_FULL;
1296 
        }
1297 
 
1298 
        return amRet;
1299 
}
1300 
 
1301 
/******************************************************************************/
1302 
/*
1303 
 *      Returns TRUE if user can access URL
1304 
 */
1305 
 
1306 
bool_t umUserCanAccessURL(char_t *user, char_t *url)
1307 
{
1308 
        accessMeth_t    amURL;
1309 
        char_t                  *group, *usergroup, *urlHavingLimit;
1310 
        short                   priv;
1311 
 
1312 
        a_assert(user && *user);
1313 
        a_assert(url && *url);
1314 
 
1315 
/*
1316 
 *      Make sure user exists
1317 
 */
1318 
        if (!umUserExists(user)) {
1319 
                return FALSE;
1320 
        }
1321 
 
1322 
/*
1323 
 *      Make sure user is enabled
1324 
 */
1325 
        if (!umGetUserEnabled(user)) {
1326 
                return FALSE;
1327 
        }
1328 
 
1329 
/*
1330 
 *      Make sure user has sufficient privileges (any will do)
1331 
 */
1332 
        usergroup = umGetUserGroup(user);
1333 
        priv = umGetGroupPrivilege(usergroup);
1334 
        if (priv == 0) {
1335 
                return FALSE;
1336 
        }
1337 
 
1338 
/*
1339 
 *      Make sure user's group is enabled
1340 
 */
1341 
        if (!umGetGroupEnabled(usergroup)) {
1342 
                return FALSE;
1343 
        }
1344 
 
1345 
/*
1346 
 *      The access method of the user group must not be AM_NONE
1347 
 */
1348 
        if (umGetGroupAccessMethod(usergroup) == AM_NONE) {
1349 
                return FALSE;
1350 
        }
1351 
 
1352 
/*
1353 
 *      Check to see if there is an Access Limit for this URL
1354 
 */
1355 
        urlHavingLimit = umGetAccessLimit(url);
1356 
        if (urlHavingLimit) {
1357 
                amURL = umGetAccessLimitMethod(urlHavingLimit);
1358 
                group = umGetAccessLimitGroup(urlHavingLimit);
1359 
                bfree(B_L, urlHavingLimit);
1360 
        } else {
1361 
/*
1362 
 *              If there isn't an access limit for the URL, user has full access
1363 
 */
1364 
                return TRUE;
1365 
        }
1366 
 
1367 
/*
1368 
 *      If the access method for the URL is AM_NONE then
1369 
 *      the file "doesn't exist".
1370 
 */
1371 
        if (amURL == AM_NONE) {
1372 
                return FALSE;
1373 
        }
1374 
 
1375 
/*
1376 
 *      If Access Limit has a group specified, then the user must be a
1377 
 *      member of that group
1378 
 */
1379 
        if (group && *group) {
1380 
                if (usergroup && (gstrcmp(group, usergroup) != 0)) {
1381 
                        return FALSE;
1382 
                }
1383 
        }
1384 
 
1385 
/*
1386 
 *      Otherwise, user can access the URL
1387 
 */
1388 
        return TRUE;
1389 
}
1390 
 
1391 
/******************************************************************************/
1392 
/*
1393 
 *      Returns TRUE if given name has only valid chars
1394 
 */
1395 
 
1396 
static bool_t umCheckName(char_t *name)
1397 
{
1398 
        a_assert(name && *name);
1399 
 
1400 
        if (name && *name) {
1401 
                while (*name) {
1402 
                        if (gisspace(*name)) {
1403 
                                return FALSE;
1404 
                        }
1405 
 
1406 
                        name++;
1407 
                }
1408 
 
1409 
                return TRUE;
1410 
        }
1411 
 
1412 
        return FALSE;
1413 
}
1414 
 
1415 
/******************************************************************************/

powered by: WebSVN 2.1.0

© copyright 1999-2024 OpenCores.org, equivalent to Oliscience, all rights reserved. OpenCores®, registered trademark.