static int
update_user_passwd (CcnetUserManager *manager,
const char *email, const char *passwd)
{
CcnetDB *db = manager->priv->db;
char *db_passwd = NULL;
int ret;
hash_password_pbkdf2_sha256 (passwd, manager->passwd_hash_iter,
&db_passwd);
/* convert email to lower case for case insensitive lookup. */
char *email_down = g_ascii_strdown (email, strlen(email));
ret = ccnet_db_statement_query (db,
"UPDATE EmailUser SET passwd=? WHERE email=?",
2, "string", db_passwd, "string", email_down);
g_free (db_passwd);
g_free (email_down);
if (ret < 0)
return ret;
return 0;
}
int ccnet_group_manager_remove_member (CcnetGroupManager *mgr,
int group_id,
const char *user_name,
const char *member_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
char *sql;
/* check whether user is the staff of the group */
if (!check_group_staff (db, group_id, user_name)) {
g_set_error (error, CCNET_DOMAIN, 0,
"Only group staff can remove member");
return -1;
}
/* check whether group exists */
if (!check_group_exists (db, group_id)) {
g_set_error (error, CCNET_DOMAIN, 0, "Group not exists");
return -1;
}
/* can not remove myself */
if (g_strcmp0 (user_name, member_name) == 0) {
g_set_error (error, CCNET_DOMAIN, 0, "Can not remove myself");
return -1;
}
sql = "DELETE FROM GroupUser WHERE group_id=? AND user_name=?";
ccnet_db_statement_query (db, sql, 2, "int", group_id, "string", member_name);
return 0;
}
int
ccnet_user_manager_update_role_emailuser (CcnetUserManager *manager,
const char* email, const char* role)
{
CcnetDB* db = manager->priv->db;
char *old_role = ccnet_user_manager_get_role_emailuser (manager, email);
if (old_role) {
g_free (old_role);
return ccnet_db_statement_query (db, "UPDATE UserRole SET role=? "
"WHERE email=?",
2, "string", role, "string", email);
} else
return ccnet_db_statement_query (db, "INSERT INTO UserRole(role, email)"
" VALUES (?, ?)",
2, "string", role, "string", email);
}
int ccnet_group_manager_quit_group (CcnetGroupManager *mgr,
int group_id,
const char *user_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
/* check where user is the staff of the group */
if (check_group_staff (db, group_id, user_name)) {
g_set_error (error, CCNET_DOMAIN, 0,
"Group staff can not quit group");
return -1;
}
/* check whether group exists */
if (!check_group_exists (db, group_id)) {
g_set_error (error, CCNET_DOMAIN, 0, "Group not exists");
return -1;
}
ccnet_db_statement_query (db,
"DELETE FROM GroupUser WHERE group_id=? "
"AND user_name=?",
2, "int", group_id, "string", user_name);
return 0;
}
int
ccnet_user_manager_remove_emailuser (CcnetUserManager *manager,
const char *email)
{
CcnetDB *db = manager->priv->db;
int ret;
ccnet_db_statement_query (db,
"DELETE FROM UserRole WHERE email=?",
1, "string", email);
ret = ccnet_db_statement_query (db,
"DELETE FROM EmailUser WHERE email=?",
1, "string", email);
if (ret < 0)
return ret;
manager->priv->cur_users --;
return 0;
}
int
ccnet_group_manager_remove_group_user (CcnetGroupManager *mgr,
const char *user)
{
CcnetDB *db = mgr->priv->db;
ccnet_db_statement_query (db,
"DELETE FROM GroupUser "
"WHERE user_name = ?",
1, "string", user);
return 0;
}
int
ccnet_user_manager_update_emailuser (CcnetUserManager *manager,
int id, const char* passwd,
int is_staff, int is_active)
{
CcnetDB* db = manager->priv->db;
char *db_passwd = NULL;
if (g_strcmp0 (passwd, "!") == 0) {
/* Don't update passwd if it starts with '!' */
return ccnet_db_statement_query (db, "UPDATE EmailUser SET is_staff=?, "
"is_active=? WHERE id=?",
3, "int", is_staff, "int", is_active,
"int", id);
} else {
hash_password_pbkdf2_sha256 (passwd, manager->passwd_hash_iter, &db_passwd);
return ccnet_db_statement_query (db, "UPDATE EmailUser SET passwd=?, "
"is_staff=?, is_active=? WHERE id=?",
4, "string", db_passwd, "int", is_staff,
"int", is_active, "int", id);
}
}
int ccnet_group_manager_set_group_name (CcnetGroupManager *mgr,
int group_id,
const char *group_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
ccnet_db_statement_query (db,
"UPDATE `Group` SET group_name = ? "
"WHERE group_id = ?",
2, "string", group_name, "int", group_id);
return 0;
}
int ccnet_group_manager_unset_admin (CcnetGroupManager *mgr,
int group_id,
const char *member_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
ccnet_db_statement_query (db,
"UPDATE GroupUser SET is_staff = 0 "
"WHERE group_id = ? and user_name = ?",
2, "int", group_id, "string", member_name);
return 0;
}
int ccnet_group_manager_remove_group (CcnetGroupManager *mgr,
int group_id,
const char *user_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
char *sql;
/* No permission check here, since both group staff and seahub staff
* can remove group.
*/
if (ccnet_db_type(db) == CCNET_DB_TYPE_PGSQL)
sql = "DELETE FROM \"Group\" WHERE group_id=?";
else
sql = "DELETE FROM `Group` WHERE group_id=?";
ccnet_db_statement_query (db, sql, 1, "int", group_id);
sql = "DELETE FROM GroupUser WHERE group_id=?";
ccnet_db_statement_query (db, sql, 1, "int", group_id);
return 0;
}
int
ccnet_group_manager_set_group_creator (CcnetGroupManager *mgr,
int group_id,
const char *user_name)
{
CcnetDB *db = mgr->priv->db;
char *sql;
if (ccnet_db_type(db) == CCNET_DB_TYPE_PGSQL) {
sql = "UPDATE \"Group\" SET creator_name = ? WHERE group_id = ?";
} else {
sql = "UPDATE `Group` SET creator_name = ? WHERE group_id = ?";
}
ccnet_db_statement_query (db, sql, 2, "string", user_name, "int", group_id);
return 0;
}
int ccnet_group_manager_add_member (CcnetGroupManager *mgr,
int group_id,
const char *user_name,
const char *member_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
/* check whether user is the staff of the group */
if (!check_group_staff (db, group_id, user_name)) {
g_set_error (error, CCNET_DOMAIN, 0,
"Permission error: only group staff can add member");
return -1;
}
/* check whether group exists */
if (!check_group_exists (db, group_id)) {
g_set_error (error, CCNET_DOMAIN, 0, "Group not exists");
return -1;
}
/* check whether group is full */
/* snprintf (sql, sizeof(sql), "SELECT count(group_id) FROM `GroupUser` " */
/* "WHERE `group_id` = %d", group_id); */
/* int count = ccnet_db_get_int (db, sql); */
/* if (count >= MAX_GROUP_MEMBERS) { */
/* g_set_error (error, CCNET_DOMAIN, 0, "Group is full"); */
/* return -1; */
/* } */
char *member_name_l = g_ascii_strdown (member_name, -1);
int rc = ccnet_db_statement_query (db, "INSERT INTO GroupUser VALUES (?, ?, ?)",
3, "int", group_id, "string", member_name_l,
"int", 0);
g_free (member_name_l);
if (rc < 0) {
g_set_error (error, CCNET_DOMAIN, 0, "Failed to add member to group");
return -1;
}
return 0;
}
int
ccnet_user_manager_add_emailuser (CcnetUserManager *manager,
const char *email,
const char *passwd,
int is_staff, int is_active)
{
CcnetDB *db = manager->priv->db;
gint64 now = get_current_time();
char *db_passwd = NULL;
int ret;
if (manager->priv->max_users &&
manager->priv->cur_users >= manager->priv->max_users) {
ccnet_warning ("User number exceeds limit. Users %d, limit %d.\n",
manager->priv->cur_users, manager->priv->max_users);
return -1;
}
hash_password_pbkdf2_sha256 (passwd, manager->passwd_hash_iter,
&db_passwd);
/* convert email to lower case for case insensitive lookup. */
char *email_down = g_ascii_strdown (email, strlen(email));
ret = ccnet_db_statement_query (db,
"INSERT INTO EmailUser(email, passwd, is_staff, "
"is_active, ctime) VALUES (?, ?, ?, ?, ?)",
5, "string", email_down, "string", db_passwd,
"int", is_staff, "int", is_active, "int64", now);
g_free (db_passwd);
g_free (email_down);
if (ret < 0)
return ret;
manager->priv->cur_users ++;
return 0;
}
static int
create_group_common (CcnetGroupManager *mgr,
const char *group_name,
const char *user_name,
GError **error)
{
CcnetDB *db = mgr->priv->db;
gint64 now = get_current_time();
char *sql;
int group_id = -1;
char *user_name_l = g_ascii_strdown (user_name, -1);
if (ccnet_db_type(db) == CCNET_DB_TYPE_PGSQL)
sql = "INSERT INTO \"Group\"(group_name, "
"creator_name, timestamp) VALUES(?, ?, ?)";
else
sql = "INSERT INTO `Group`(group_name, "
"creator_name, timestamp) VALUES(?, ?, ?)";
if (ccnet_db_statement_query (db, sql, 3,
"string", group_name, "string", user_name_l,
"int64", now) < 0) {
g_set_error (error, CCNET_DOMAIN, 0, "Failed to create group");
goto out;
}
if (ccnet_db_type(db) == CCNET_DB_TYPE_PGSQL)
sql = "SELECT group_id FROM \"Group\" WHERE "
"group_name = ? AND creator_name = ? "
"AND timestamp = ?";
else
sql = "SELECT group_id FROM `Group` WHERE "
"group_name = ? AND creator_name = ? "
"AND timestamp = ?";
group_id = ccnet_db_statement_get_int (db, sql, 3,
"string", group_name, "string", user_name_l,
"int64", now);
if (group_id < 0) {
g_set_error (error, CCNET_DOMAIN, 0, "Failed to create group");
goto out;
}
sql = "INSERT INTO GroupUser VALUES (?, ?, ?)";
if (ccnet_db_statement_query (db, sql, 3,
"int", group_id, "string", user_name_l,
"int", 1) < 0) {
if (ccnet_db_type(db) == CCNET_DB_TYPE_PGSQL)
sql = "DELETE FROM \"Group\" WHERE group_id=?";
else
sql = "DELETE FROM `Group` WHERE group_id=?";
ccnet_db_statement_query (db, sql, 1, "int", group_id);
g_set_error (error, CCNET_DOMAIN, 0, "Failed to create group");
group_id = -1;
goto out;
}
out:
g_free (user_name_l);
return group_id;
}