void ItemMonitor::paint( QPainter *painter, const QStyleOptionViewItem &option) const
{
drawBack( painter, option, isSuperUser() ? &(afqt::QEnvironment::clr_LinkVisited.c) : NULL);
int x = option.rect.x();
int y = option.rect.y();
int w = option.rect.width();
int h = option.rect.height();
painter->setPen( clrTextMain( option) );
painter->setFont( afqt::QEnvironment::f_name);
painter->drawText( option.rect, Qt::AlignTop | Qt::AlignHCenter, m_name );
painter->setPen( clrTextInfo( option) );
painter->setFont( afqt::QEnvironment::f_info);
painter->drawText( x+10, y+15, eventstitle );
for( int e = 0; e < eventscount; e++)
painter->drawText( x+5, y+30+12*e, events[e] );
painter->setPen( clrTextInfo( option) );
painter->setFont( afqt::QEnvironment::f_info);
int i = y+2;
int dy = 15;
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignRight, time_launch_str );
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignRight, time_register_str );
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignRight, time_activity_str );
painter->drawText( x, y, w-5, h, Qt::AlignBottom | Qt::AlignRight, address_str );
i = y+2;
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignHCenter, m_user_id_str );
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignHCenter, jobsidstitle );
painter->drawText( x, i+=dy, w-5, h, Qt::AlignTop | Qt::AlignHCenter, jobsids );
painter->drawText( x, y+2, w-5, h, Qt::AlignTop | Qt::AlignRight, engine );
}
int
query_cred_handler(Service * /*service*/, int /*i*/, Stream *stream) {
classad::ClassAdUnParser unparser;
std::string adbuffer;
char * request = NULL;
int rtnVal = FALSE;
int length;
CredentialWrapper * cred = NULL;
SimpleList <Credential*> result_list;
ReliSock * socket = (ReliSock*)stream;
const char * user;
if (!socket->triedAuthentication()) {
CondorError errstack;
if( ! SecMan::authenticate_sock(socket, READ, &errstack) ) {
dprintf (D_ALWAYS, "Unable to authenticate, qutting\n");
goto EXIT;
}
}
user = socket->getFullyQualifiedUser();
dprintf (D_ALWAYS, "Authenticated as %s\n", user);
socket->decode();
if (!socket->code(request)) {
dprintf (D_ALWAYS, "Error receiving request\n");
goto EXIT;
}
if ((request != NULL) && (strcmp (request, "*") == 0)) {
if (!isSuperUser (user)) {
dprintf (D_ALWAYS, "User %s is NOT super user, request DENIED\n", user);
goto EXIT;
}
}
// Find credentials for this user
credentials.Rewind();
while (credentials.Next(cred)) {
if (cred->cred->GetType() == X509_CREDENTIAL_TYPE) {
if (strcmp(cred->cred->GetOwner(), user) == 0) {
result_list.Append (cred->cred);
}
}
}
socket->encode();
length = result_list.Length();
dprintf (D_FULLDEBUG, "User has %d credentials\n", length);
socket->code (length);
Credential * _cred;
result_list.Rewind();
while (result_list.Next(_cred)) {
classad::ClassAd * _temp = cred->GetMetadata();
unparser.Unparse(adbuffer,_temp);
char * classad_str = strdup(adbuffer.c_str());
socket->code (classad_str);
free (classad_str);
delete _temp;
}
rtnVal = TRUE;
EXIT:
if (request != NULL) {
free (request);
}
return rtnVal;
}
int
rm_cred_handler(Service * /*service*/, int /*i*/, Stream *stream) {
char * name = NULL;
int rtnVal = FALSE;
int rc;
bool found_cred;
CredentialWrapper * cred_wrapper = NULL;
char * owner = NULL;
const char * user;
ReliSock * socket = (ReliSock*)stream;
if (!socket->triedAuthentication()) {
CondorError errstack;
if( ! SecMan::authenticate_sock(socket, READ, &errstack) ) {
dprintf (D_ALWAYS, "Unable to authenticate, qutting\n");
goto EXIT;
}
}
socket->decode();
if (!socket->code(name)) {
dprintf (D_ALWAYS, "Error receiving credential name\n");
goto EXIT;
}
user = socket->getFullyQualifiedUser();
dprintf (D_ALWAYS, "Authenticated as %s\n", user);
if (strchr (name, ':')) {
// The name is of the form user:name
// This better be a super-user!
// TODO: Check super-user's list
// Owner is the first part
owner = strdup (name);
char * pColon = strchr (owner, ':');
*pColon = '\0';
// Name is the second part
sprintf (name, "%s", (char*)(pColon+sizeof(char)));
if (strcmp (owner, user) != 0) {
dprintf (D_ALWAYS, "Requesting another user's (%s) credential %s\n", owner, name);
if (!isSuperUser (user)) {
dprintf (D_ALWAYS, "User %s is NOT super user, request DENIED\n", user);
goto EXIT;
} else {
dprintf (D_FULLDEBUG, "User %s is super user, request GRANTED\n", user);
}
}
} else {
owner = strdup (user);
}
dprintf (D_ALWAYS, "Attempting to delete cred %s for user %s\n", name, owner);
found_cred=false;
credentials.Rewind();
while (credentials.Next(cred_wrapper)) {
if (cred_wrapper->cred->GetType() == X509_CREDENTIAL_TYPE) {
if ((strcmp(cred_wrapper->cred->GetName(), name) == 0) &&
(strcmp(cred_wrapper->cred->GetOwner(), owner) == 0)) {
credentials.DeleteCurrent();
found_cred=true;
break; // found it
}
}
}
if (found_cred) {
priv_state priv = set_root_priv();
// Remove credential data
unlink (cred_wrapper->GetStorageName());
// Save the metadata list
SaveCredentialList();
set_priv(priv);
delete cred_wrapper;
dprintf (D_ALWAYS, "Removed credential %s for owner %s\n", name, owner);
} else {
dprintf (D_ALWAYS, "Unable to remove credential %s:%s (not found)\n", owner, name);
}
free (owner);
socket->encode();
rc = (found_cred)?CREDD_SUCCESS:CREDD_CREDENTIAL_NOT_FOUND;
socket->code(rc);
rtnVal = TRUE;
EXIT:
if (name != NULL) {
free (name);
}
return rtnVal;
}
int
get_cred_handler(Service * /*service*/, int /*i*/, Stream *stream) {
char * name = NULL;
int rtnVal = FALSE;
bool found_cred=false;
CredentialWrapper * cred = NULL;
char * owner = NULL;
const char * user = NULL;
void * data = NULL;
ReliSock * socket = (ReliSock*)stream;
// Authenticate
if (!socket->triedAuthentication()) {
CondorError errstack;
if( ! SecMan::authenticate_sock(socket, READ, &errstack) ) {
dprintf (D_ALWAYS, "Unable to authenticate, qutting\n");
goto EXIT;
}
}
socket->decode();
if (!socket->code(name)) {
dprintf (D_ALWAYS, "Error receiving credential name\n");
goto EXIT;
}
user = socket->getFullyQualifiedUser();
dprintf (D_ALWAYS, "Authenticated as %s\n", user);
if (strchr (name, ':')) {
// The name is of the form user:name
// This better be a super-user!
// TODO: Check super-user's list
// Owner is the first part
owner = strdup (name);
char * pColon = strchr (owner, ':');
*pColon = '\0';
// Name is the second part
sprintf (name, "%s", (char*)(pColon+sizeof(char)));
if (strcmp (owner, user) != 0) {
dprintf (D_ALWAYS, "Requesting another user's (%s) credential %s\n", owner, name);
if (!isSuperUser (user)) {
dprintf (D_ALWAYS, "User %s is NOT super user, request DENIED\n", user);
goto EXIT;
} else {
dprintf (D_FULLDEBUG, "User %s is super user, request GRANTED\n", user);
}
}
} else {
owner = strdup (user);
}
dprintf (D_ALWAYS, "sending cred %s for user %s\n", name, owner);
credentials.Rewind();
while (credentials.Next(cred)) {
if (cred->cred->GetType() == X509_CREDENTIAL_TYPE) {
if ((strcmp(cred->cred->GetName(), name) == 0) &&
(strcmp(cred->cred->GetOwner(), owner) == 0)) {
found_cred=true;
break; // found it
}
}
}
socket->encode();
if (found_cred) {
dprintf (D_FULLDEBUG, "Found cred %s\n", cred->GetStorageName());
int data_size;
int rc = LoadData (cred->GetStorageName(), data, data_size);
dprintf (D_FULLDEBUG, "Credential::LoadData returned %d\n", rc);
if (rc == 0) {
goto EXIT;
}
socket->code (data_size);
socket->code_bytes (data, data_size);
dprintf (D_ALWAYS, "Credential name %s for owner %s returned to user %s\n",
name, owner, user);
}
else {
dprintf (D_ALWAYS, "Cannot find cred %s\n", name);
int rc = CREDD_CREDENTIAL_NOT_FOUND;
socket->code (rc);
}
rtnVal = TRUE;
EXIT:
if ( name != NULL) {
free (name);
}
if ( owner != NULL) {
free (owner);
}
if ( data != NULL) {
free (data);
}
return rtnVal;
}
