// verify the person, the machine and the URL exist in our DB REGISTRY_PERSON_URL *registry_verify_request(char *person_guid, char *machine_guid, char *url, REGISTRY_PERSON **pp, REGISTRY_MACHINE **mm) { char pbuf[GUID_LEN + 1], mbuf[GUID_LEN + 1]; if(!person_guid || !*person_guid || !machine_guid || !*machine_guid || !url || !*url) { info("Registry Request Verification: invalid request! person: '%s', machine '%s', url '%s'", person_guid?person_guid:"UNSET", machine_guid?machine_guid:"UNSET", url?url:"UNSET"); return NULL; } // normalize the url url = registry_fix_url(url, NULL); // make sure the person GUID is valid if(regenerate_guid(person_guid, pbuf) == -1) { info("Registry Request Verification: invalid person GUID, person: '%s', machine '%s', url '%s'", person_guid, machine_guid, url); return NULL; } person_guid = pbuf; // make sure the machine GUID is valid if(regenerate_guid(machine_guid, mbuf) == -1) { info("Registry Request Verification: invalid machine GUID, person: '%s', machine '%s', url '%s'", person_guid, machine_guid, url); return NULL; } machine_guid = mbuf; // make sure the machine exists REGISTRY_MACHINE *m = registry_machine_find(machine_guid); if(!m) { info("Registry Request Verification: machine not found, person: '%s', machine '%s', url '%s'", person_guid, machine_guid, url); return NULL; } if(mm) *mm = m; // make sure the person exist REGISTRY_PERSON *p = registry_person_find(person_guid); if(!p) { info("Registry Request Verification: person not found, person: '%s', machine '%s', url '%s'", person_guid, machine_guid, url); return NULL; } if(pp) *pp = p; REGISTRY_PERSON_URL *pu = registry_person_url_index_find(p, url); if(!pu) { info("Registry Request Verification: URL not found for person, person: '%s', machine '%s', url '%s'", person_guid, machine_guid, url); return NULL; } return pu; }
// 1. validate person GUID // 2. if it is valid, find it // 3. if it is not valid, create a new one // 4. return it REGISTRY_PERSON *registry_person_get(const char *person_guid, time_t when) { debug(D_REGISTRY, "Registry: registry_person_get('%s'): creating dictionary of urls", person_guid); REGISTRY_PERSON *p = NULL; if(person_guid && *person_guid) { char buf[GUID_LEN + 1]; // validate it is a GUID if(unlikely(regenerate_guid(person_guid, buf) == -1)) info("Registry: person guid '%s' is not a valid guid. Ignoring it.", person_guid); else { person_guid = buf; p = registry_person_find(person_guid); } } if(!p) p = registry_person_allocate(NULL, when); return p; }
// the main method for switching user identity int registry_request_switch_json(RRDHOST *host, struct web_client *w, char *person_guid, char *machine_guid, char *url, char *new_person_guid, time_t when) { if(!registry.enabled) return registry_json_disabled(host, w, "switch"); (void)url; (void)when; registry_lock(); REGISTRY_PERSON *op = registry_person_find(person_guid); if(!op) { registry_json_header(host, w, "switch", REGISTRY_STATUS_FAILED); registry_json_footer(w); registry_unlock(); return 430; } REGISTRY_PERSON *np = registry_person_find(new_person_guid); if(!np) { registry_json_header(host, w, "switch", REGISTRY_STATUS_FAILED); registry_json_footer(w); registry_unlock(); return 431; } REGISTRY_MACHINE *m = registry_machine_find(machine_guid); if(!m) { registry_json_header(host, w, "switch", REGISTRY_STATUS_FAILED); registry_json_footer(w); registry_unlock(); return 432; } struct registry_person_url_callback_verify_machine_exists_data data = { m, 0 }; // verify the old person has access to this machine avl_traverse(&op->person_urls, registry_person_url_callback_verify_machine_exists, &data); if(!data.count) { registry_json_header(host, w, "switch", REGISTRY_STATUS_FAILED); registry_json_footer(w); registry_unlock(); return 433; } // verify the new person has access to this machine data.count = 0; avl_traverse(&np->person_urls, registry_person_url_callback_verify_machine_exists, &data); if(!data.count) { registry_json_header(host, w, "switch", REGISTRY_STATUS_FAILED); registry_json_footer(w); registry_unlock(); return 434; } // set the cookie of the new person // the user just switched identity registry_set_person_cookie(w, np); // generate the response registry_json_header(host, w, "switch", REGISTRY_STATUS_OK); buffer_sprintf(w->response.data, ",\n\t\"person_guid\": \"%s\"", np->guid); registry_json_footer(w); registry_unlock(); return 200; }