Principal* PrincipalSet::lookup(const UserName& name) const { Principal* principal = lookupByDBName(name.getDB()); if (principal && principal->getName() == name) { return principal; } return NULL; }
void AuthorizationManager::logoutDatabase(const std::string& dbname) { Principal* principal = _authenticatedPrincipals.lookupByDBName(dbname); if (!principal) return; _acquiredPrivileges.revokePrivilegesFromPrincipal(principal->getName()); _authenticatedPrincipals.removeByDBName(dbname); }
void AuthorizationSession::logoutDatabase(const std::string& dbname) { Principal* principal = _authenticatedPrincipals.lookupByDBName(dbname); if (!principal) return; _acquiredPrivileges.revokePrivilegesFromUser(principal->getName()); _authenticatedPrincipals.removeByDBName(dbname); _externalState->onLogoutDatabase(dbname); }
int main(int argc, char *argv[]) { QApplication a(argc, argv); Principal w; w.show(); return a.exec(); }
int main( int argc, char ** argv ) { QApplication a( argc, argv ); Principal w; w.show(); a.connect( &a, SIGNAL( lastWindowClosed() ), &a, SLOT( quit() ) ); return a.exec(); }
void vagregapasajero::on_btnVolver_clicked() { Principal *p = new Principal(); p->colaEspera = this->colaEspera; p->colaTicket = this->colaTicket; p->colaTrenes = this->colaTrenes; p->show(); this->close(); }
void AuthorizationManager::grantInternalAuthorization(const std::string& principalName) { Principal* principal = new Principal(PrincipalName(principalName, "local")); ActionSet actions; actions.addAllActions(); addAuthorizedPrincipal(principal); fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions), principal->getName()).isOK()); }
void AuthorizationSession::grantInternalAuthorization(const UserName& userName) { Principal* principal = new Principal(userName); ActionSet actions; actions.addAllActions(); addAuthorizedPrincipal(principal); fassert(16581, acquirePrivilege(Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions), principal->getName()).isOK()); }
Principal* PrincipalSet::lookupByDBName(const StringData& dbname) const { for (std::vector<Principal*>::const_iterator it = _principals.begin(); it != _principals.end(); ++it) { Principal* current = *it; if (current->getName().getDB() == dbname) { return current; } } return NULL; }
void PrincipalSet::removeByDBName(const StringData& dbname) { for (std::vector<Principal*>::iterator it = _principals.begin(); it != _principals.end(); ++it) { Principal* current = *it; if (current->getName().getDB() == dbname) { delete current; _principals.erase(it); break; } } }
void _authorizePrincipal(const std::string& principalName, bool readOnly) { Principal* principal = new Principal(PrincipalName(principalName, "local")); ActionSet actions = AuthorizationManager::getActionsForOldStyleUser( "admin", readOnly); AuthorizationManager* authorizationManager = cc().getAuthorizationManager(); authorizationManager->addAuthorizedPrincipal(principal); Status status = authorizationManager->acquirePrivilege( Privilege(PrivilegeSet::WILDCARD_RESOURCE, actions), principal->getName()); verify (status == Status::OK()); }
void PrincipalSet::add(Principal* principal) { for (std::vector<Principal*>::iterator it = _principals.begin(); it != _principals.end(); ++it) { Principal* current = *it; if (current->getName().getDB() == principal->getName().getDB()) { // There can be only one principal per database. delete current; *it = principal; return; } } _principals.push_back(principal); }
void vagregaequipaje::on_btnAgregar_clicked() { int peso = ui->txfPeso->text().toInt(); bool isMano = ui->chxMano->checkState() == 1; Equipaje *nuevo = new Equipaje(peso, this->amo, isMano); this->amo->equipaje->insertar(nuevo); this->colaTicket->insertar(this->amo); Principal *p = new Principal(); p->colaEspera = this->colaEspera; p->colaTicket = this->colaTicket; p->colaTrenes = this->colaTrenes; p->show(); this->close(); }
bool CmdAuthenticate::authenticateX509(const string& dbname, BSONObj& cmdObj, string& errmsg, BSONObjBuilder& result) { if(dbname != "$external") { errmsg = "X.509 authentication must always use the $external database."; result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } std::string user = cmdObj.getStringField("user"); ClientBasic *client = ClientBasic::getCurrent(); AuthorizationSession* authorizationSession = client->getAuthorizationSession(); StringData subjectName = client->port()->getX509SubjectName(); if (user != subjectName) { errmsg = "There is no x.509 client certificate matching the user."; result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } else { StringData srvSubjectName = getSSLManager()->getSubjectName(); StringData srvClusterId = srvSubjectName.substr(0, srvSubjectName.find("/CN")+1); StringData peerClusterId = subjectName.substr(0, subjectName.find("/CN")+1); // Handle internal cluster member if (srvClusterId == peerClusterId) { authorizationSession->grantInternalAuthorization(UserName(user, "$external")); } // Handle normal client authentication else { Principal* principal = new Principal(UserName(user, "$external")); principal->setImplicitPrivilegeAcquisition(true); authorizationSession->addAuthorizedPrincipal(principal); } result.append( "dbname" , dbname ); result.append( "user" , user ); return true; } }
Status AuthorizationManager::_probeForPrivilege(const Privilege& privilege) { Privilege modifiedPrivilege = _modifyPrivilegeForSpecialCases(privilege); if (_acquiredPrivileges.hasPrivilege(modifiedPrivilege)) return Status::OK(); std::string dbname = nsToDatabase(modifiedPrivilege.getResource()); for (PrincipalSet::iterator iter = _authenticatedPrincipals.begin(), end = _authenticatedPrincipals.end(); iter != end; ++iter) { Principal* principal = *iter; if (!principal->isImplicitPrivilegeAcquisitionEnabled()) continue; if (principal->isDatabaseProbed(dbname)) continue; _acquirePrivilegesForPrincipalFromDatabase(dbname, principal->getName()); principal->markDatabaseAsProbed(dbname); if (_acquiredPrivileges.hasPrivilege(modifiedPrivilege)) return Status::OK(); } return Status(ErrorCodes::Unauthorized, "unauthorized", 0); }
void afficher(void *data) { Principal *p = static_cast<Principal *>(data); p->affichage(); }
bool Principal::operator==(const Principal& p) { return getHashCode()==p.getHashCode(); }
bool Principal::operator!=(const Principal& p) { return !(getHashCode()==p.getHashCode()); }
bool CmdAuthenticate::authenticateCR(const string& dbname, BSONObj& cmdObj, string& errmsg, BSONObjBuilder& result) { string user = cmdObj.getStringField("user"); if (!_areNonceAuthenticateCommandsEnabled) { // SERVER-8461, MONGODB-CR must be enabled for authenticating the internal user, so that // cluster members may communicate with each other. if (dbname != StringData("local", StringData::LiteralTag()) || user != internalSecurity.user) { errmsg = _nonceAuthenticateCommandsDisabledMessage; result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } } string key = cmdObj.getStringField("key"); string received_nonce = cmdObj.getStringField("nonce"); if( user.empty() || key.empty() || received_nonce.empty() ) { log() << "field missing/wrong type in received authenticate command " << dbname << endl; errmsg = "auth fails"; sleepmillis(10); result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } stringstream digestBuilder; { bool reject = false; ClientBasic *client = ClientBasic::getCurrent(); AuthenticationSession *session = client->getAuthenticationSession(); if (!session || session->getType() != AuthenticationSession::SESSION_TYPE_MONGO) { reject = true; LOG(1) << "auth: No pending nonce" << endl; } else { nonce64 nonce = static_cast<MongoAuthenticationSession*>(session)->getNonce(); digestBuilder << hex << nonce; reject = digestBuilder.str() != received_nonce; if ( reject ) { LOG(1) << "auth: Authentication failed for " << dbname << '$' << user << endl; } } client->resetAuthenticationSession(NULL); if ( reject ) { log() << "auth: bad nonce received or getnonce not called. could be a driver bug or a security attack. db:" << dbname << endl; errmsg = "auth fails"; sleepmillis(30); result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } } BSONObj userObj; string pwd; Status status = getGlobalAuthorizationManager()->getPrivilegeDocument( dbname, UserName(user, dbname), &userObj); if (!status.isOK()) { log() << status.reason() << std::endl; errmsg = "auth fails"; result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } pwd = userObj["pwd"].String(); md5digest d; { digestBuilder << user << pwd; string done = digestBuilder.str(); md5_state_t st; md5_init(&st); md5_append(&st, (const md5_byte_t *) done.c_str(), done.size()); md5_finish(&st, d); } string computed = digestToString( d ); if ( key != computed ) { log() << "auth: key mismatch " << user << ", ns:" << dbname << endl; errmsg = "auth fails"; result.append(saslCommandCodeFieldName, ErrorCodes::AuthenticationFailed); return false; } AuthorizationSession* authorizationSession = ClientBasic::getCurrent()->getAuthorizationSession(); Principal* principal = new Principal(UserName(user, dbname)); principal->setImplicitPrivilegeAcquisition(true); authorizationSession->addAuthorizedPrincipal(principal); result.append( "dbname" , dbname ); result.append( "user" , user ); return true; }