예제 #1
0
파일: UserServer.cpp 프로젝트: Ecapo/vishnu
/**
* \brief Function to delete VISHNU user
* \fn int deleteUser(UMS_Data::User user)
* \param user The user data structure
* \return raises an exception on error
*/
int
UserServer::deleteUser(UMS_Data::User user) {

  //If the user to delete is not the super VISHNU admin
  if (user.getUserId().compare(ROOTUSERNAME) != 0) {
    //If the user exists
    if (exist()) {
      if (isAdmin()) {
        //if the user who will be deleted exist
        if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) {
          //Execution of the sql code to delete the user
          mdatabaseVishnu->process("DELETE FROM users where userid='"+user.getUserId()+"'");
        } // End if the user who will be deleted exist
        else {
          UMSVishnuException e (ERRCODE_UNKNOWN_USERID);
          throw e;
        }
      } //END if the user is an admin
      else {
        UMSVishnuException e (ERRCODE_NO_ADMIN);
        throw e;
      }
    } //END if the user exists
    else {
      UMSVishnuException e (ERRCODE_UNKNOWN_USER);
      throw e;
    }
  }//END If the user to delete is not the super VISHNU admin
  else {
    UserException e (ERRCODE_INVALID_PARAM, "It is not possible to delete this user. It is the VISHNU root user");
    throw e;
  }
  return 0;
}//END: deleteUser(UMS_Data::User user)
예제 #2
0
파일: UserProxy.cpp 프로젝트: Ecapo/vishnu
/**
 * \brief Function to reset user password
 * \fn  int resetPassword(UMS_Data::User& user)
 * \param user The object which encapsulates the user information
 * \return raises an exception on error
 */
int UserProxy::resetPassword(UMS_Data::User& user)
{

  diet_profile_t* profile = NULL;
  char* tmpPassword;
  char* errorInfo;
  std::string msg = "call of function diet_string_set is rejected ";

  profile = diet_profile_alloc("userPasswordReset", 1, 1, 3);

  //IN Parameters
  if(diet_string_set(diet_parameter(profile,0), strdup((msessionProxy->getSessionKey()).c_str()), DIET_VOLATILE)) {
    msg += "with sessionKey parameter "+msessionProxy->getSessionKey();
    raiseDietMsgException(msg);
  }

  if(diet_string_set(diet_parameter(profile,1), strdup((user.getUserId()).c_str()), DIET_VOLATILE)) {
    msg += "with userId parameter "+user.getUserId();
    raiseDietMsgException(msg);
  }

  //OUT Parameters
  diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE);
  diet_string_set(diet_parameter(profile,3), NULL, DIET_VOLATILE);

  if(!diet_call(profile)) {
    if(diet_string_get(diet_parameter(profile,2), &tmpPassword, NULL)){
      msg += "by receiving tmpPassWord message";
      raiseDietMsgException(msg);
    }
    if(diet_string_get(diet_parameter(profile,3), &errorInfo, NULL)){
      msg += "by receiving errorInfo message";
      raiseDietMsgException(msg);
    }
  }
  else {
    raiseDietMsgException("DIET call failure");
  }
  /*To raise a vishnu exception if the receiving message is not empty*/
  raiseExceptionIfNotEmptyMsg(errorInfo);

  /*To set the temporary password*/
  muser.setUserId(user.getUserId());
  muser.setPassword(std::string(tmpPassword));

  diet_profile_free(profile);

  return 0;
}
예제 #3
0
bool
UMSAuthenticator::authenticate(UMS_Data::User& user) {
  DbFactory factory;
  Database* databaseVishnu = factory.getDatabaseInstance();

  //To encrypt the clear password
  user.setPassword(vishnu::cryptPassword(user.getUserId(), user.getPassword()));
  std::string sqlCommand = (boost::format("SELECT numuserid"
                                          " FROM users"
                                          " WHERE userid='%1%'"
                                          " AND pwd='%2%'"
                                          " AND users.status<>%3%"
                              )%databaseVishnu->escapeData(user.getUserId()) %databaseVishnu->escapeData(user.getPassword()) %vishnu::STATUS_DELETED).str();
  boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str()));
  return (result->getFirstElement().size() != 0);
}
예제 #4
0
파일: UserServer.cpp 프로젝트: Ecapo/vishnu
/**
* \brief Function to get the email content
* \param user     the user who will receives the email
* \param flagAdduser a flag which means that it is uses on adduser function
* \return the email content
*/
std::string
UserServer::getMailContent(const UMS_Data::User& user, bool flagAdduser) {
  std::string content;
  std::stringstream newline;
  newline << std::endl;

  if (flagAdduser) {
    content.append("Dear "+user.getFirstname()+" "+user.getLastname()+ ",");
    content.append(newline.str());
    content.append("This is respectively your userId and your password generated by vishnu:");
    content.append(newline.str());
    content.append("userId:"+ user.getUserId()+",");
    content.append(newline.str());
    content.append("password:"******"Dear "+user.getUserId()+",");
    content.append(newline.str());
    content.append("This is your new password: "+user.getPassword());
  }
  return content;
}
예제 #5
0
파일: UserServer.cpp 프로젝트: Ecapo/vishnu
/**
* \brief Function to change VISHNU user password
* \fn int resetPassword(UMS_Data::User user, std::string sendmailScriptPath)
* \param user The user data structure
* \param sendmailScriptPath The path to the script for sending emails
* \return raises an exception on error
*/
int
UserServer::resetPassword(UMS_Data::User& user, std::string sendmailScriptPath) {
  std::string sqlResetPwd;
  std::string sqlUpdatePwdState;
  std::string passwordCrypted;
  std::string pwd;


  //If the user exists
  if (exist()) {
    //if the user is an admin
    if (isAdmin()) {
      //if the user whose password will be reset exists
      if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) {
        //generation of a new password
        pwd = generatePassword(user.getUserId(), user.getUserId());
        user.setPassword(pwd.substr(0,PASSWORD_MAX_SIZE));

        //to get the password encryptes
        passwordCrypted = vishnu::cryptPassword(user.getUserId(), user.getPassword());

        //The sql code to reset the password
        sqlResetPwd = "UPDATE users SET pwd='"+passwordCrypted+"' where "
        "userid='"+user.getUserId()+"';";
        //sql code to update the passwordstate
        sqlUpdatePwdState = "UPDATE users SET passwordstate=0 "
        "where userid='"+user.getUserId()+"' and pwd='"+passwordCrypted+"';";
        //To append the previous sql codes
        sqlResetPwd.append(sqlUpdatePwdState);
        //Execution of the sql code on the database
        mdatabaseVishnu->process( sqlResetPwd.c_str());
        //to get the email adress of the user
        std::string email = getAttribut("where userid='"+user.getUserId()+"'", "email");
        user.setEmail(email);
        //Send email
        std::string emailBody = getMailContent(user, false);
        sendMailToUser(user, emailBody, "Vishnu message: password reset", sendmailScriptPath);
      } // End if the user whose password will be reset exists
      else {
        UMSVishnuException e (ERRCODE_UNKNOWN_USERID, "You must use a global VISHNU identifier");
        throw e;
      }
    } //END if the user is an admin
    else {
      UMSVishnuException e (ERRCODE_NO_ADMIN);
      throw e;
    }
  } //END if the user exists
  else {
    UMSVishnuException e (ERRCODE_UNKNOWN_USER);
    throw e;
  }
  return 0;
}//END: resetPassword(UMS_Data::User user)
예제 #6
0
/**
 * \brief Function to reset user password
 * \param user The object which encapsulates the user information
 * \return raises an exception on error
 */
int
UserProxy::resetPassword(UMS_Data::User& user) {

    diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERPASSWORDRESET], 2);
    diet_string_set(profile, 0, msessionProxy->getSessionKey());
    diet_string_set(profile, 1, user.getUserId());

    if (diet_call(profile)) {
        raiseCommunicationMsgException("RPC call failed");
    }
    raiseExceptionOnErrorResult(profile);

    std::string tmpPassword;
    diet_string_get(profile, 1, tmpPassword);

    /*To set the temporary password*/
    muser.setUserId(user.getUserId());
    muser.setPassword(tmpPassword);

    diet_profile_free(profile);

    return 0;
}
예제 #7
0
/**
 * \brief Function to remove user information
 * \param user The object which encapsulates the user information
 * \return raises an exception on error
 */
int
UserProxy::deleteUser(const UMS_Data::User& user) {

    diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERDELETE], 2);

    //IN Parameters
    diet_string_set(profile, 0, msessionProxy->getSessionKey());
    diet_string_set(profile, 1, user.getUserId());

    if (diet_call(profile)) {
        raiseCommunicationMsgException("RPC call failed");
    }
    raiseExceptionOnErrorResult(profile);

    diet_profile_free(profile);

    return 0;
}
예제 #8
0
파일: UserProxy.cpp 프로젝트: Ecapo/vishnu
/**
 * \brief Function to remove user information
 * \fn  int deleteUser(const UMS_Data::User& user)
 * \param user The object which encapsulates the user information
 * \return raises an exception on error
 */
int UserProxy::deleteUser(const UMS_Data::User& user)
{

  diet_profile_t* profile = NULL;
  std::string sessionKey;
  std::string userId;
  char* errorInfo;
  std::string msg = "call of function diet_string_set is rejected ";

  profile = diet_profile_alloc("userDelete", 1, 1, 2);
  sessionKey = msessionProxy->getSessionKey();
  userId = user.getUserId();

  //IN Parameters
  if(diet_string_set(diet_parameter(profile,0), strdup(sessionKey.c_str()), DIET_VOLATILE)) {
    msg += "with sessionKey parameter "+sessionKey;
    raiseDietMsgException(msg);
  }
  if(diet_string_set(diet_parameter(profile,1), strdup(userId.c_str()), DIET_VOLATILE)) {
    msg += "with userId parameter "+userId;
    raiseDietMsgException(msg);
  }

  //OUT Parameters
  diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE);

  if(!diet_call(profile)) {
    if(diet_string_get(diet_parameter(profile,2), &errorInfo, NULL)){
      msg += "by receiving errorInfo message";
      raiseDietMsgException(msg);
    }
  }
  else {
    raiseDietMsgException("DIET call failure");
  }
  /*To raise a vishnu exception if the receiving message is not empty*/
  raiseExceptionIfNotEmptyMsg(errorInfo);

  diet_profile_free(profile);

  return 0;
}
예제 #9
0
파일: UserServer.cpp 프로젝트: Ecapo/vishnu
/**
* \brief Function to send an email to a user
* \param user     the user to whom send the email
* \param content  the body of the email
* \param subject  the subject of the email
* \param sendmailScriptPath The path to the script for sending emails
*/
int
UserServer::sendMailToUser(const UMS_Data::User& user,
                           std::string content,
                           std::string subject,
                           std::string sendmailScriptPath) {

  std::vector<std::string> tokens;
  std::ostringstream command;
  pid_t pid;

  std::string address = user.getEmail();
  //If the address is empty
  if (address.empty()) {
    throw UserException(ERRCODE_INVALID_MAIL_ADRESS, "Empty email address");
  }

  //If the script is empty
  if (sendmailScriptPath.empty()) {
    throw SystemException(ERRCODE_SYSTEM, "Invalid server configuration");
  }
  // To build the script command
  command << sendmailScriptPath << " --to " << address << " -s ";

  std::istringstream is(command.str());
  std::copy(std::istream_iterator<std::string>(is),
  std::istream_iterator<std::string>(),
  std::back_inserter<std::vector<std::string> >(tokens));

  char* argv[tokens.size()+6];
  argv[tokens.size()+5]=NULL;
  //Use of tokens
  for (unsigned int i = 0; i < tokens.size(); ++i) {
    argv[i]=strdup(tokens[i].c_str());
  }
  //To avoid mutiple values by using tokens because of spaces
  argv[tokens.size()]=strdup(subject.c_str());
  argv[tokens.size()+1]=strdup(content.c_str());
  //To execute the script on background
  argv[tokens.size()+2]=strdup(" 1>/dev/null ");
  argv[tokens.size()+3]=strdup(" 2>/dev/null ");
  argv[tokens.size()+4]=strdup(" & ");

  pid = fork();
  if (pid == -1) {//if an error occurs during fork
    for (unsigned int i=0; i<tokens.size()+5; ++i) {
      free(argv[i]);
    }
    throw SystemException(ERRCODE_SYSTEM, "Error during the creation of the process for sending mail to "
    +user.getFirstname()+ " with userId:" +user.getUserId());
  }

  if (pid == 0) {//if the child process
    freopen("dev/null", "r", stdin);
    freopen("dev/null", "w", stdout);
    freopen("dev/null", "w", stderr);

    if (execv(argv[0], argv) == -1) {
      for (unsigned int i=0; i<tokens.size()+5; ++i) {
      free(argv[i]);
      }
      exit(1);
    }
  }
  for (unsigned int i=0; i<tokens.size()+5; ++i) {
    free(argv[i]);
  }
  return 0;
}
예제 #10
0
bool
LDAPAuthenticator::authenticate(UMS_Data::User& user) {
  bool authenticated = false;
  std::string uri, authlogin, authpassword, ldapbase, authSystemStatus, userid, pwd;

  DbFactory factory;
  Database* databaseVishnu = factory.getDatabaseInstance();
  std::string sqlCommand = (boost::format("SELECT uri, authlogin, authpassword, ldapbase, authsystem.status, userid, pwd"
                                          " FROM ldapauthsystem, authsystem, authaccount, users"
                                          " WHERE aclogin='******'"
                                          " AND authsystem.authtype=%2%"
                                          " AND authaccount.authsystem_authsystemid=authsystem.numauthsystemid"
                                          " AND ldapauthsystem.authsystem_authsystemid=authsystem.numauthsystemid"
                                          " AND authaccount.users_numuserid=users.numuserid"
                                          " AND authsystem.status<>%3%"
                                          " AND users.status<>%4%"
                              )%databaseVishnu->escapeData(user.getUserId()) %LDAPTYPE %vishnu::STATUS_DELETED %vishnu::STATUS_DELETED).str();

  boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str()));

  //If there is no results
  if (result->getNbTuples() == 0) {
    UMSVishnuException e (ERRCODE_UNKNOWN_USER, "There is no user-authentication account declared in VISHNU with this identifier");
    throw e;
  }

  std::vector<std::string> tmp;
  std::vector<std::string>::iterator ii;
  for (int i = 0; i < static_cast <int> (result->getNbTuples()); ++i) {
    tmp.clear();
    tmp = result->get(i);

    ii=tmp.begin();
    uri = *ii;
    authlogin = *(++ii);
    authpassword = *(++ii);
    ldapbase = *(++ii);
    authSystemStatus = *(++ii);
    userid = *(++ii);
    pwd = *(++ii);

    if (vishnu::convertToInt(authSystemStatus) != vishnu::STATUS_ACTIVE) {
      UMSVishnuException e (ERRCODE_UNKNOWN_AUTH_SYSTEM, "It is locked");
      throw e;
    }

    try {
      LDAPProxy ldapPoxy(uri,
                         user.getUserId(),
                         "",
                         user.getPassword());
      ldapPoxy.connectLDAP(ldapbase);
      authenticated = true;
      user.setUserId(userid);
      user.setPassword(pwd);
      break;
    }
    catch (UMSVishnuException& e) {
      if (e.getMsgI() != ERRCODE_UNKNOWN_USER) {
        throw UMSVishnuException(e);
      }
    }
    catch (SystemException& e) {
      //If there is a connection problem to LDAP and it is not the last LDAP account to check
      if ((e.getMsgI() == ERRCODE_AUTHENTERR) && (i == (static_cast <int> (result->getNbTuples())-1))) {
        throw SystemException(e);
      }
    }
  }
  return authenticated;
}