// checks whether the combination
// of the username and password is correct
void paswd(char **params, short *abor, int fd,
struct state *cstate, struct config *configuration) {
if (cstate->logged) {
respond(fd, 5, 0, 3, "User already logged in.");
return;
}
// wrong order
if (cstate->user == NULL) {
respond(fd, 5, 0, 3, "Need username before password.");
return;
}
char correct_passwd[USER_LENGTH];
// error occured...
if (lookupUser(configuration->user_db,
cstate->user, correct_passwd, USER_LENGTH) == -1) {
respond(fd, 4, 5, 1, "Internal server error.");
return;
}
// password is OK
if (strcmp(params[0], correct_passwd) == 0) {
respond(fd, 2, 3, 0, "User logged in.");
cstate->logged = 1;
return;
}
// wrong password
char str[USER_LENGTH];
snprintf(str, USER_LENGTH,
"User %s failed to login: Wrong password.", cstate->user);
respond(fd, 4, 0, 0, "Wrong password.");
}
bool AuthorizationSession::isAuthorizedToChangeOwnCustomDataAsUser(const UserName& userName) {
User* user = lookupUser(userName);
if (!user) {
return false;
}
ResourcePattern resourceSearchList[resourceSearchListCapacity];
const int resourceSearchListLength =
buildResourceSearchList(ResourcePattern::forClusterResource(), resourceSearchList);
ActionSet actions;
for (int i = 0; i < resourceSearchListLength; ++i) {
actions.addAllActionsFromSet(user->getActionsForResource(resourceSearchList[i]));
}
return actions.contains(ActionType::changeOwnCustomData);
}
// interprets the user command;
// try to find the username in the database,
// forces the next command to be PASS
void user(char **params, short *abor, int fd,
struct state *cstate, struct config *configuration) {
if (params[0] == NULL) {
respond(fd, 5, 0, 4, "Require username.");
return;
}
switch (lookupUser(configuration->user_db, params[0], NULL, 0)) {
// some error occured while reading the database
case -1:
respond(fd, 4, 5, 1, "Internal server error.");
return;
break;
// user exists
case 0:
respond(fd, 3, 3, 1, "OK, awaiting password.");
break;
// user does not exist
case 1:
respond(fd, 4, 3, 0, "Unknown user.");
return;
break;
}
// waits for the next command and check if it is PASS
struct cmd psswd;
readCmd(fd, &psswd);
if (strcasecmp(psswd.name, "PASS") != 0) {
respond(fd, 5, 0, 3, "Bad command sequence.");
return;
}
// sets the username and initial path
strcpy(cstate->user, params[0]);
(*cstate->path) = '/';
(*(cstate->path + 1)) = 0;
cstate->logged = 0;
executeCmd(&psswd, NULL, fd, cstate, configuration);
}
