/**
* \brief Function to delete VISHNU user
* \fn int deleteUser(UMS_Data::User user)
* \param user The user data structure
* \return raises an exception on error
*/
int
UserServer::deleteUser(UMS_Data::User user) {
//If the user to delete is not the super VISHNU admin
if (user.getUserId().compare(ROOTUSERNAME) != 0) {
//If the user exists
if (exist()) {
if (isAdmin()) {
//if the user who will be deleted exist
if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) {
//Execution of the sql code to delete the user
mdatabaseVishnu->process("DELETE FROM users where userid='"+user.getUserId()+"'");
} // End if the user who will be deleted exist
else {
UMSVishnuException e (ERRCODE_UNKNOWN_USERID);
throw e;
}
} //END if the user is an admin
else {
UMSVishnuException e (ERRCODE_NO_ADMIN);
throw e;
}
} //END if the user exists
else {
UMSVishnuException e (ERRCODE_UNKNOWN_USER);
throw e;
}
}//END If the user to delete is not the super VISHNU admin
else {
UserException e (ERRCODE_INVALID_PARAM, "It is not possible to delete this user. It is the VISHNU root user");
throw e;
}
return 0;
}//END: deleteUser(UMS_Data::User user)
/**
* \brief Function to change VISHNU user password
* \fn int resetPassword(UMS_Data::User user, std::string sendmailScriptPath)
* \param user The user data structure
* \param sendmailScriptPath The path to the script for sending emails
* \return raises an exception on error
*/
int
UserServer::resetPassword(UMS_Data::User& user, std::string sendmailScriptPath) {
std::string sqlResetPwd;
std::string sqlUpdatePwdState;
std::string passwordCrypted;
std::string pwd;
//If the user exists
if (exist()) {
//if the user is an admin
if (isAdmin()) {
//if the user whose password will be reset exists
if (getAttribut("where userid='"+user.getUserId()+"'").size() != 0) {
//generation of a new password
pwd = generatePassword(user.getUserId(), user.getUserId());
user.setPassword(pwd.substr(0,PASSWORD_MAX_SIZE));
//to get the password encryptes
passwordCrypted = vishnu::cryptPassword(user.getUserId(), user.getPassword());
//The sql code to reset the password
sqlResetPwd = "UPDATE users SET pwd='"+passwordCrypted+"' where "
"userid='"+user.getUserId()+"';";
//sql code to update the passwordstate
sqlUpdatePwdState = "UPDATE users SET passwordstate=0 "
"where userid='"+user.getUserId()+"' and pwd='"+passwordCrypted+"';";
//To append the previous sql codes
sqlResetPwd.append(sqlUpdatePwdState);
//Execution of the sql code on the database
mdatabaseVishnu->process( sqlResetPwd.c_str());
//to get the email adress of the user
std::string email = getAttribut("where userid='"+user.getUserId()+"'", "email");
user.setEmail(email);
//Send email
std::string emailBody = getMailContent(user, false);
sendMailToUser(user, emailBody, "Vishnu message: password reset", sendmailScriptPath);
} // End if the user whose password will be reset exists
else {
UMSVishnuException e (ERRCODE_UNKNOWN_USERID, "You must use a global VISHNU identifier");
throw e;
}
} //END if the user is an admin
else {
UMSVishnuException e (ERRCODE_NO_ADMIN);
throw e;
}
} //END if the user exists
else {
UMSVishnuException e (ERRCODE_UNKNOWN_USER);
throw e;
}
return 0;
}//END: resetPassword(UMS_Data::User user)
/**
* \brief Function to reset user password
* \fn int resetPassword(UMS_Data::User& user)
* \param user The object which encapsulates the user information
* \return raises an exception on error
*/
int UserProxy::resetPassword(UMS_Data::User& user)
{
diet_profile_t* profile = NULL;
char* tmpPassword;
char* errorInfo;
std::string msg = "call of function diet_string_set is rejected ";
profile = diet_profile_alloc("userPasswordReset", 1, 1, 3);
//IN Parameters
if(diet_string_set(diet_parameter(profile,0), strdup((msessionProxy->getSessionKey()).c_str()), DIET_VOLATILE)) {
msg += "with sessionKey parameter "+msessionProxy->getSessionKey();
raiseDietMsgException(msg);
}
if(diet_string_set(diet_parameter(profile,1), strdup((user.getUserId()).c_str()), DIET_VOLATILE)) {
msg += "with userId parameter "+user.getUserId();
raiseDietMsgException(msg);
}
//OUT Parameters
diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE);
diet_string_set(diet_parameter(profile,3), NULL, DIET_VOLATILE);
if(!diet_call(profile)) {
if(diet_string_get(diet_parameter(profile,2), &tmpPassword, NULL)){
msg += "by receiving tmpPassWord message";
raiseDietMsgException(msg);
}
if(diet_string_get(diet_parameter(profile,3), &errorInfo, NULL)){
msg += "by receiving errorInfo message";
raiseDietMsgException(msg);
}
}
else {
raiseDietMsgException("DIET call failure");
}
/*To raise a vishnu exception if the receiving message is not empty*/
raiseExceptionIfNotEmptyMsg(errorInfo);
/*To set the temporary password*/
muser.setUserId(user.getUserId());
muser.setPassword(std::string(tmpPassword));
diet_profile_free(profile);
return 0;
}
bool
UMSAuthenticator::authenticate(UMS_Data::User& user) {
DbFactory factory;
Database* databaseVishnu = factory.getDatabaseInstance();
//To encrypt the clear password
user.setPassword(vishnu::cryptPassword(user.getUserId(), user.getPassword()));
std::string sqlCommand = (boost::format("SELECT numuserid"
" FROM users"
" WHERE userid='%1%'"
" AND pwd='%2%'"
" AND users.status<>%3%"
)%databaseVishnu->escapeData(user.getUserId()) %databaseVishnu->escapeData(user.getPassword()) %vishnu::STATUS_DELETED).str();
boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str()));
return (result->getFirstElement().size() != 0);
}
/**
* \brief Function to reset user password
* \param user The object which encapsulates the user information
* \return raises an exception on error
*/
int
UserProxy::resetPassword(UMS_Data::User& user) {
diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERPASSWORDRESET], 2);
diet_string_set(profile, 0, msessionProxy->getSessionKey());
diet_string_set(profile, 1, user.getUserId());
if (diet_call(profile)) {
raiseCommunicationMsgException("RPC call failed");
}
raiseExceptionOnErrorResult(profile);
std::string tmpPassword;
diet_string_get(profile, 1, tmpPassword);
/*To set the temporary password*/
muser.setUserId(user.getUserId());
muser.setPassword(tmpPassword);
diet_profile_free(profile);
return 0;
}
/**
* \brief Function to remove user information
* \param user The object which encapsulates the user information
* \return raises an exception on error
*/
int
UserProxy::deleteUser(const UMS_Data::User& user) {
diet_profile_t* profile = diet_profile_alloc(SERVICES_UMS[USERDELETE], 2);
//IN Parameters
diet_string_set(profile, 0, msessionProxy->getSessionKey());
diet_string_set(profile, 1, user.getUserId());
if (diet_call(profile)) {
raiseCommunicationMsgException("RPC call failed");
}
raiseExceptionOnErrorResult(profile);
diet_profile_free(profile);
return 0;
}
/**
* \brief Function to remove user information
* \fn int deleteUser(const UMS_Data::User& user)
* \param user The object which encapsulates the user information
* \return raises an exception on error
*/
int UserProxy::deleteUser(const UMS_Data::User& user)
{
diet_profile_t* profile = NULL;
std::string sessionKey;
std::string userId;
char* errorInfo;
std::string msg = "call of function diet_string_set is rejected ";
profile = diet_profile_alloc("userDelete", 1, 1, 2);
sessionKey = msessionProxy->getSessionKey();
userId = user.getUserId();
//IN Parameters
if(diet_string_set(diet_parameter(profile,0), strdup(sessionKey.c_str()), DIET_VOLATILE)) {
msg += "with sessionKey parameter "+sessionKey;
raiseDietMsgException(msg);
}
if(diet_string_set(diet_parameter(profile,1), strdup(userId.c_str()), DIET_VOLATILE)) {
msg += "with userId parameter "+userId;
raiseDietMsgException(msg);
}
//OUT Parameters
diet_string_set(diet_parameter(profile,2), NULL, DIET_VOLATILE);
if(!diet_call(profile)) {
if(diet_string_get(diet_parameter(profile,2), &errorInfo, NULL)){
msg += "by receiving errorInfo message";
raiseDietMsgException(msg);
}
}
else {
raiseDietMsgException("DIET call failure");
}
/*To raise a vishnu exception if the receiving message is not empty*/
raiseExceptionIfNotEmptyMsg(errorInfo);
diet_profile_free(profile);
return 0;
}
/**
* \brief Function to get the email content
* \param user the user who will receives the email
* \param flagAdduser a flag which means that it is uses on adduser function
* \return the email content
*/
std::string
UserServer::getMailContent(const UMS_Data::User& user, bool flagAdduser) {
std::string content;
std::stringstream newline;
newline << std::endl;
if (flagAdduser) {
content.append("Dear "+user.getFirstname()+" "+user.getLastname()+ ",");
content.append(newline.str());
content.append("This is respectively your userId and your password generated by vishnu:");
content.append(newline.str());
content.append("userId:"+ user.getUserId()+",");
content.append(newline.str());
content.append("password:"******"Dear "+user.getUserId()+",");
content.append(newline.str());
content.append("This is your new password: "+user.getPassword());
}
return content;
}
/**
* \brief Function to send an email to a user
* \param user the user to whom send the email
* \param content the body of the email
* \param subject the subject of the email
* \param sendmailScriptPath The path to the script for sending emails
*/
int
UserServer::sendMailToUser(const UMS_Data::User& user,
std::string content,
std::string subject,
std::string sendmailScriptPath) {
std::vector<std::string> tokens;
std::ostringstream command;
pid_t pid;
std::string address = user.getEmail();
//If the address is empty
if (address.empty()) {
throw UserException(ERRCODE_INVALID_MAIL_ADRESS, "Empty email address");
}
//If the script is empty
if (sendmailScriptPath.empty()) {
throw SystemException(ERRCODE_SYSTEM, "Invalid server configuration");
}
// To build the script command
command << sendmailScriptPath << " --to " << address << " -s ";
std::istringstream is(command.str());
std::copy(std::istream_iterator<std::string>(is),
std::istream_iterator<std::string>(),
std::back_inserter<std::vector<std::string> >(tokens));
char* argv[tokens.size()+6];
argv[tokens.size()+5]=NULL;
//Use of tokens
for (unsigned int i = 0; i < tokens.size(); ++i) {
argv[i]=strdup(tokens[i].c_str());
}
//To avoid mutiple values by using tokens because of spaces
argv[tokens.size()]=strdup(subject.c_str());
argv[tokens.size()+1]=strdup(content.c_str());
//To execute the script on background
argv[tokens.size()+2]=strdup(" 1>/dev/null ");
argv[tokens.size()+3]=strdup(" 2>/dev/null ");
argv[tokens.size()+4]=strdup(" & ");
pid = fork();
if (pid == -1) {//if an error occurs during fork
for (unsigned int i=0; i<tokens.size()+5; ++i) {
free(argv[i]);
}
throw SystemException(ERRCODE_SYSTEM, "Error during the creation of the process for sending mail to "
+user.getFirstname()+ " with userId:" +user.getUserId());
}
if (pid == 0) {//if the child process
freopen("dev/null", "r", stdin);
freopen("dev/null", "w", stdout);
freopen("dev/null", "w", stderr);
if (execv(argv[0], argv) == -1) {
for (unsigned int i=0; i<tokens.size()+5; ++i) {
free(argv[i]);
}
exit(1);
}
}
for (unsigned int i=0; i<tokens.size()+5; ++i) {
free(argv[i]);
}
return 0;
}
bool
LDAPAuthenticator::authenticate(UMS_Data::User& user) {
bool authenticated = false;
std::string uri, authlogin, authpassword, ldapbase, authSystemStatus, userid, pwd;
DbFactory factory;
Database* databaseVishnu = factory.getDatabaseInstance();
std::string sqlCommand = (boost::format("SELECT uri, authlogin, authpassword, ldapbase, authsystem.status, userid, pwd"
" FROM ldapauthsystem, authsystem, authaccount, users"
" WHERE aclogin='******'"
" AND authsystem.authtype=%2%"
" AND authaccount.authsystem_authsystemid=authsystem.numauthsystemid"
" AND ldapauthsystem.authsystem_authsystemid=authsystem.numauthsystemid"
" AND authaccount.users_numuserid=users.numuserid"
" AND authsystem.status<>%3%"
" AND users.status<>%4%"
)%databaseVishnu->escapeData(user.getUserId()) %LDAPTYPE %vishnu::STATUS_DELETED %vishnu::STATUS_DELETED).str();
boost::scoped_ptr<DatabaseResult> result(databaseVishnu->getResult(sqlCommand.c_str()));
//If there is no results
if (result->getNbTuples() == 0) {
UMSVishnuException e (ERRCODE_UNKNOWN_USER, "There is no user-authentication account declared in VISHNU with this identifier");
throw e;
}
std::vector<std::string> tmp;
std::vector<std::string>::iterator ii;
for (int i = 0; i < static_cast <int> (result->getNbTuples()); ++i) {
tmp.clear();
tmp = result->get(i);
ii=tmp.begin();
uri = *ii;
authlogin = *(++ii);
authpassword = *(++ii);
ldapbase = *(++ii);
authSystemStatus = *(++ii);
userid = *(++ii);
pwd = *(++ii);
if (vishnu::convertToInt(authSystemStatus) != vishnu::STATUS_ACTIVE) {
UMSVishnuException e (ERRCODE_UNKNOWN_AUTH_SYSTEM, "It is locked");
throw e;
}
try {
LDAPProxy ldapPoxy(uri,
user.getUserId(),
"",
user.getPassword());
ldapPoxy.connectLDAP(ldapbase);
authenticated = true;
user.setUserId(userid);
user.setPassword(pwd);
break;
}
catch (UMSVishnuException& e) {
if (e.getMsgI() != ERRCODE_UNKNOWN_USER) {
throw UMSVishnuException(e);
}
}
catch (SystemException& e) {
//If there is a connection problem to LDAP and it is not the last LDAP account to check
if ((e.getMsgI() == ERRCODE_AUTHENTERR) && (i == (static_cast <int> (result->getNbTuples())-1))) {
throw SystemException(e);
}
}
}
return authenticated;
}