/** * \brief Function to delete VISHNU user * \fn int deleteUser(UMS_Data::User user) * \param user The user data structure * \return raises an exception on error */ int UserServer::deleteUser(UMS_Data::User user) { //If the user to delete is not the super VISHNU admin if (user.getUserId().compare(ROOTUSERNAME) != 0) { //If the user exists if (exist()) { if (isAdmin()) { //if the user who will be deleted exist if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) { //Execution of the sql code to delete the user mdatabaseVishnu->process("DELETE FROM users where userid='"+user.getUserId()+"'"); } // End if the user who will be deleted exist else { UMSVishnuException e (ERRCODE_UNKNOWN_USERID); throw e; } } //END if the user is an admin else { UMSVishnuException e (ERRCODE_NO_ADMIN); throw e; } } //END if the user exists else { UMSVishnuException e (ERRCODE_UNKNOWN_USER); throw e; } }//END If the user to delete is not the super VISHNU admin else { UserException e (ERRCODE_INVALID_PARAM, "It is not possible to delete this user. It is the VISHNU root user"); throw e; } return 0; }//END: deleteUser(UMS_Data::User user)
/** * \brief Function to change VISHNU user password * \fn int resetPassword(UMS_Data::User user, std::string sendmailScriptPath) * \param user The user data structure * \param sendmailScriptPath The path to the script for sending emails * \return raises an exception on error */ int UserServer::resetPassword(UMS_Data::User& user, std::string sendmailScriptPath) { std::string sqlResetPwd; std::string sqlUpdatePwdState; std::string passwordCrypted; std::string pwd; //If the user exists if (exist()) { //if the user is an admin if (isAdmin()) { //if the user whose password will be reset exists if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) { //generation of a new password pwd = generatePassword(user.getUserId(), user.getUserId()); user.setPassword(pwd.substr(0,PASSWORD_MAX_SIZE)); //to get the password encryptes passwordCrypted = vishnu::cryptPassword(user.getUserId(), user.getPassword()); //The sql code to reset the password sqlResetPwd = "UPDATE users SET pwd='"+passwordCrypted+"' where " "userid='"+user.getUserId()+"';"; //sql code to update the passwordstate sqlUpdatePwdState = "UPDATE users SET passwordstate=0 " "where userid='"+user.getUserId()+"' and pwd='"+passwordCrypted+"';"; //To append the previous sql codes sqlResetPwd.append(sqlUpdatePwdState); //Execution of the sql code on the database mdatabaseVishnu->process( sqlResetPwd.c_str()); //to get the email adress of the user std::string email = getAttribut("where userid='"+user.getUserId()+"'", "email"); user.setEmail(email); //Send email std::string emailBody = getMailContent(user, false); sendMailToUser(user, emailBody, "Vishnu message: password reset", sendmailScriptPath); } // End if the user whose password will be reset exists else { UMSVishnuException e (ERRCODE_UNKNOWN_USERID, "You must use a global VISHNU identifier"); throw e; } } //END if the user is an admin else { UMSVishnuException e (ERRCODE_NO_ADMIN); throw e; } } //END if the user exists else { UMSVishnuException e (ERRCODE_UNKNOWN_USER); throw e; } return 0; }//END: resetPassword(UMS_Data::User user)
/** * \brief Function to reset user password * \fn int resetPassword(UMS_Data::User& user) * \param user The object which encapsulates the user information * \return raises an exception on error */ int UserProxy::resetPassword(UMS_Data::User& user) { diet_profile_t* profile = NULL; char* tmpPassword; char* errorInfo; std::string msg = "call of function diet_string_set is rejected "; profile = diet_profile_alloc("userPasswordReset", 1, 1, 3); //IN Parameters if(diet_string_set(diet_parameter(profile,0), strdup((msessionProxy->getSessionKey()).c_str()), DIET_VOLATILE)) { msg += "with sessionKey parameter "+msessionProxy->getSessionKey(); raiseDietMsgException(msg); } if(diet_string_set(diet_parameter(profile,1), strdup((user.getUserId()).c_str()), DIET_VOLATILE)) { msg += "with userId parameter "+user.getUserId(); raiseDietMsgException(msg); } //OUT Parameters diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE); diet_string_set(diet_parameter(profile,3), NULL, DIET_VOLATILE); if(!diet_call(profile)) { if(diet_string_get(diet_parameter(profile,2), &tmpPassword, NULL)){ msg += "by receiving tmpPassWord message"; raiseDietMsgException(msg); } if(diet_string_get(diet_parameter(profile,3), &errorInfo, NULL)){ msg += "by receiving errorInfo message"; raiseDietMsgException(msg); } } else { raiseDietMsgException("DIET call failure"); } /*To raise a vishnu exception if the receiving message is not empty*/ raiseExceptionIfNotEmptyMsg(errorInfo); /*To set the temporary password*/ muser.setUserId(user.getUserId()); muser.setPassword(std::string(tmpPassword)); diet_profile_free(profile); return 0; }
bool UMSAuthenticator::authenticate(UMS_Data::User& user) { DbFactory factory; Database* databaseVishnu = factory.getDatabaseInstance(); //To encrypt the clear password user.setPassword(vishnu::cryptPassword(user.getUserId(), user.getPassword())); std::string sqlCommand = (boost::format("SELECT numuserid" " FROM users" " WHERE userid='%1%'" " AND pwd='%2%'" " AND users.status<>%3%" )%databaseVishnu->escapeData(user.getUserId()) %databaseVishnu->escapeData(user.getPassword()) %vishnu::STATUS_DELETED).str(); boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str())); return (result->getFirstElement().size() != 0); }
/** * \brief Function to reset user password * \param user The object which encapsulates the user information * \return raises an exception on error */ int UserProxy::resetPassword(UMS_Data::User& user) { diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERPASSWORDRESET], 2); diet_string_set(profile, 0, msessionProxy->getSessionKey()); diet_string_set(profile, 1, user.getUserId()); if (diet_call(profile)) { raiseCommunicationMsgException("RPC call failed"); } raiseExceptionOnErrorResult(profile); std::string tmpPassword; diet_string_get(profile, 1, tmpPassword); /*To set the temporary password*/ muser.setUserId(user.getUserId()); muser.setPassword(tmpPassword); diet_profile_free(profile); return 0; }
/** * \brief Function to remove user information * \param user The object which encapsulates the user information * \return raises an exception on error */ int UserProxy::deleteUser(const UMS_Data::User& user) { diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERDELETE], 2); //IN Parameters diet_string_set(profile, 0, msessionProxy->getSessionKey()); diet_string_set(profile, 1, user.getUserId()); if (diet_call(profile)) { raiseCommunicationMsgException("RPC call failed"); } raiseExceptionOnErrorResult(profile); diet_profile_free(profile); return 0; }
/** * \brief Function to remove user information * \fn int deleteUser(const UMS_Data::User& user) * \param user The object which encapsulates the user information * \return raises an exception on error */ int UserProxy::deleteUser(const UMS_Data::User& user) { diet_profile_t* profile = NULL; std::string sessionKey; std::string userId; char* errorInfo; std::string msg = "call of function diet_string_set is rejected "; profile = diet_profile_alloc("userDelete", 1, 1, 2); sessionKey = msessionProxy->getSessionKey(); userId = user.getUserId(); //IN Parameters if(diet_string_set(diet_parameter(profile,0), strdup(sessionKey.c_str()), DIET_VOLATILE)) { msg += "with sessionKey parameter "+sessionKey; raiseDietMsgException(msg); } if(diet_string_set(diet_parameter(profile,1), strdup(userId.c_str()), DIET_VOLATILE)) { msg += "with userId parameter "+userId; raiseDietMsgException(msg); } //OUT Parameters diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE); if(!diet_call(profile)) { if(diet_string_get(diet_parameter(profile,2), &errorInfo, NULL)){ msg += "by receiving errorInfo message"; raiseDietMsgException(msg); } } else { raiseDietMsgException("DIET call failure"); } /*To raise a vishnu exception if the receiving message is not empty*/ raiseExceptionIfNotEmptyMsg(errorInfo); diet_profile_free(profile); return 0; }
/** * \brief Function to get the email content * \param user the user who will receives the email * \param flagAdduser a flag which means that it is uses on adduser function * \return the email content */ std::string UserServer::getMailContent(const UMS_Data::User& user, bool flagAdduser) { std::string content; std::stringstream newline; newline << std::endl; if (flagAdduser) { content.append("Dear "+user.getFirstname()+" "+user.getLastname()+ ","); content.append(newline.str()); content.append("This is respectively your userId and your password generated by vishnu:"); content.append(newline.str()); content.append("userId:"+ user.getUserId()+","); content.append(newline.str()); content.append("password:"******"Dear "+user.getUserId()+","); content.append(newline.str()); content.append("This is your new password: "+user.getPassword()); } return content; }
/** * \brief Function to send an email to a user * \param user the user to whom send the email * \param content the body of the email * \param subject the subject of the email * \param sendmailScriptPath The path to the script for sending emails */ int UserServer::sendMailToUser(const UMS_Data::User& user, std::string content, std::string subject, std::string sendmailScriptPath) { std::vector<std::string> tokens; std::ostringstream command; pid_t pid; std::string address = user.getEmail(); //If the address is empty if (address.empty()) { throw UserException(ERRCODE_INVALID_MAIL_ADRESS, "Empty email address"); } //If the script is empty if (sendmailScriptPath.empty()) { throw SystemException(ERRCODE_SYSTEM, "Invalid server configuration"); } // To build the script command command << sendmailScriptPath << " --to " << address << " -s "; std::istringstream is(command.str()); std::copy(std::istream_iterator<std::string>(is), std::istream_iterator<std::string>(), std::back_inserter<std::vector<std::string> >(tokens)); char* argv[tokens.size()+6]; argv[tokens.size()+5]=NULL; //Use of tokens for (unsigned int i = 0; i < tokens.size(); ++i) { argv[i]=strdup(tokens[i].c_str()); } //To avoid mutiple values by using tokens because of spaces argv[tokens.size()]=strdup(subject.c_str()); argv[tokens.size()+1]=strdup(content.c_str()); //To execute the script on background argv[tokens.size()+2]=strdup(" 1>/dev/null "); argv[tokens.size()+3]=strdup(" 2>/dev/null "); argv[tokens.size()+4]=strdup(" & "); pid = fork(); if (pid == -1) {//if an error occurs during fork for (unsigned int i=0; i<tokens.size()+5; ++i) { free(argv[i]); } throw SystemException(ERRCODE_SYSTEM, "Error during the creation of the process for sending mail to " +user.getFirstname()+ " with userId:" +user.getUserId()); } if (pid == 0) {//if the child process freopen("dev/null", "r", stdin); freopen("dev/null", "w", stdout); freopen("dev/null", "w", stderr); if (execv(argv[0], argv) == -1) { for (unsigned int i=0; i<tokens.size()+5; ++i) { free(argv[i]); } exit(1); } } for (unsigned int i=0; i<tokens.size()+5; ++i) { free(argv[i]); } return 0; }
bool LDAPAuthenticator::authenticate(UMS_Data::User& user) { bool authenticated = false; std::string uri, authlogin, authpassword, ldapbase, authSystemStatus, userid, pwd; DbFactory factory; Database* databaseVishnu = factory.getDatabaseInstance(); std::string sqlCommand = (boost::format("SELECT uri, authlogin, authpassword, ldapbase, authsystem.status, userid, pwd" " FROM ldapauthsystem, authsystem, authaccount, users" " WHERE aclogin='******'" " AND authsystem.authtype=%2%" " AND authaccount.authsystem_authsystemid=authsystem.numauthsystemid" " AND ldapauthsystem.authsystem_authsystemid=authsystem.numauthsystemid" " AND authaccount.users_numuserid=users.numuserid" " AND authsystem.status<>%3%" " AND users.status<>%4%" )%databaseVishnu->escapeData(user.getUserId()) %LDAPTYPE %vishnu::STATUS_DELETED %vishnu::STATUS_DELETED).str(); boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str())); //If there is no results if (result->getNbTuples() == 0) { UMSVishnuException e (ERRCODE_UNKNOWN_USER, "There is no user-authentication account declared in VISHNU with this identifier"); throw e; } std::vector<std::string> tmp; std::vector<std::string>::iterator ii; for (int i = 0; i < static_cast <int> (result->getNbTuples()); ++i) { tmp.clear(); tmp = result->get(i); ii=tmp.begin(); uri = *ii; authlogin = *(++ii); authpassword = *(++ii); ldapbase = *(++ii); authSystemStatus = *(++ii); userid = *(++ii); pwd = *(++ii); if (vishnu::convertToInt(authSystemStatus) != vishnu::STATUS_ACTIVE) { UMSVishnuException e (ERRCODE_UNKNOWN_AUTH_SYSTEM, "It is locked"); throw e; } try { LDAPProxy ldapPoxy(uri, user.getUserId(), "", user.getPassword()); ldapPoxy.connectLDAP(ldapbase); authenticated = true; user.setUserId(userid); user.setPassword(pwd); break; } catch (UMSVishnuException& e) { if (e.getMsgI() != ERRCODE_UNKNOWN_USER) { throw UMSVishnuException(e); } } catch (SystemException& e) { //If there is a connection problem to LDAP and it is not the last LDAP account to check if ((e.getMsgI() == ERRCODE_AUTHENTERR) && (i == (static_cast <int> (result->getNbTuples())-1))) { throw SystemException(e); } } } return authenticated; }