Bdb packages | Design docs | Source docs | Guidelines | Recent releases
| |
|
|
Bdb packages | Design docs | Source docs | Guidelines | Recent releases |
|
Main Page Modules Namespace List Class Hierarchy Alphabetical List Compound List File List Compound Members File Members /BdbApplication/BdbDomainAuth.cc
Go to the documentation of this file.00001 #if !defined(BDBDOMAINAUTH_CC) 00002 #define BDBDOMAINAUTH_CC 00003 //-------------------------------------------------------------------------- 00004 // File and Version Information: 00005 // $Id: BdbDomainAuth.cc,v 1.4 2002/06/18 23:29:00 becla Exp $ 00006 // 00007 // Description: 00008 // Class BdbDomainAuth 00009 // 00010 // Environment: 00011 // Software developed for the BaBar Detector at the SLAC B-Factory. 00012 // 00013 // Author List: 00014 // Simon Patton Stripped from origianl BdbDomain code 00015 // 00016 // Copyright Information: 00017 // Copyright (C) 1999 LBNL 00018 // 00019 //------------------------------------------------------------------------ 00020 00021 //----------------------- 00022 // This Class's Header -- 00023 //----------------------- 00024 #include "BdbApplication/BdbDomainAuth.hh" 00025 00026 //------------- 00027 // C Headers -- 00028 //------------- 00029 extern "C" { 00030 #include <assert.h> 00031 #include <stdlib.h> // getenv 00032 #include <ctype.h> // tolower 00033 #include <pwd.h> // getpwuid 00034 #include <string.h> 00035 #include <strings.h> 00036 #include <unistd.h> // cuserid 00037 #include <stdio.h> // cuserid for Linux 00038 } 00039 00040 //--------------- 00041 // C++ Headers -- 00042 //--------------- 00043 00044 //---------------- 00045 // BaBar Header -- 00046 //---------------- 00047 #include "BaBar/BaBar.hh" 00048 00049 //------------------------------- 00050 // Collaborating Class Headers -- 00051 //------------------------------- 00052 #include "BdbUtil/BdbPathName.hh" 00053 00054 //------------------------------------ 00055 // Collaborating Class Declarations -- 00056 //------------------------------------ 00057 00058 //----------------------------------------------------------------------- 00059 // Local Macros, Typedefs, Structures, Unions and Forward Declarations -- 00060 //----------------------------------------------------------------------- 00061 00062 // ----------------------------------------------- 00063 // -- Static Data & Function Member Definitions -- 00064 // ----------------------------------------------- 00065 00066 const char* 00067 BdbDomainAuth::AuthLevelNames[] = { "system" , 00068 "groups" , 00069 "users" , 00070 "illegal" }; 00071 00072 const char* 00073 BdbDomainAuth::_userName = 0; 00074 00075 const char* 00076 BdbDomainAuth::_groupName = 0; 00077 00078 const char* 00079 BdbDomainAuth::_systemAuthName = "bb"; 00080 00081 const char* 00082 BdbDomainAuth::authLevelName( AuthLevels theAuthLevel ) 00083 { 00084 return AuthLevelNames[theAuthLevel]; 00085 } 00086 00087 const char* 00088 BdbDomainAuth::groupName( ) 00089 { 00090 if ( 0 == _groupName ) { 00091 _groupName = getenv( "BABARGROUPNAME" ); 00092 if ( 0 == _groupName ) { 00093 _groupName = "bfactory"; 00094 } 00095 } 00096 return _groupName; 00097 } 00098 00099 const char* 00100 BdbDomainAuth::userName( ) 00101 { 00102 if ( 0 == _userName ) { 00103 _userName = getenv( "BABARUSERNAME" ); 00104 if ( 0 == _userName ) { 00105 00106 // Fixed by gg on 20/11/98 for HP/aCC 00107 #ifndef HPaCC 00108 _userName = cuserid( (char*)0 ); 00109 #else 00110 _userName = getpwuid(getuid())->pw_name; 00111 #endif 00112 00113 } 00114 } 00115 return _userName; 00116 } 00117 00118 bool 00119 BdbDomainAuth::isAuthLevelValid( AuthLevels theAuthLevel ) 00120 { 00121 bool result = false; 00122 if ( ( theAuthLevel >= FirstAuth ) && ( theAuthLevel < IllegalAuth ) ) { 00123 result = !false; 00124 } 00125 return result; 00126 } 00127 00128 // Only order is important, must start with 0. On error must return IllegalAuth 00129 int 00130 BdbDomainAuth::authLevelNr(const char* authLevelName) 00131 { 00132 if ( ! strcmp(authLevelName, "system") ) 00133 return 0 ; 00134 if ( ! strcmp(authLevelName, "groups") ) 00135 return 1 ; 00136 if ( ! strcmp(authLevelName, "users") ) 00137 return 2 ; 00138 00139 return IllegalAuth ; 00140 } 00141 00142 00143 const char* 00144 BdbDomainAuth::authLevelName(char c) 00145 { 00146 if ( c == 's' || c == 'S' ) { 00147 return AuthLevelNames[System]; 00148 } else if ( c == 'g' || c == 'G' ) { 00149 return AuthLevelNames[Group]; 00150 } 00151 00152 return AuthLevelNames[User]; 00153 } 00154 00155 // --------------------------------- 00156 // -- Member Function Definitions -- 00157 // --------------------------------- 00158 00159 //---------------- 00160 // Constructors -- 00161 //---------------- 00162 00163 BdbDomainAuth::BdbDomainAuth() 00164 : _authLevel ( User ), 00165 _authName ( NULL ) 00166 { 00167 } 00168 00169 // BdbDomainAuth::BdbDomainAuth( const BdbDomainAuth& aRhs ) 00170 // { 00171 // } 00172 00173 //-------------- 00174 // Destructor -- 00175 //-------------- 00176 00177 BdbDomainAuth::~BdbDomainAuth( ) 00178 { 00179 if ( NULL != _authName ) { 00180 delete [] _authName; 00181 _authName = NULL; 00182 } 00183 } 00184 00185 //------------- 00186 // Operators -- 00187 //------------- 00188 00189 // const BdbDomainAuth& BdbDomainAuth::operator=( const BdbDomainAuth& aRhs ) 00190 // { 00191 // } 00192 00193 //------------- 00194 // Selectors -- 00195 //------------- 00196 00197 BdbDomainAuth::AuthLevels 00198 BdbDomainAuth::authLevel( ) const 00199 { 00200 return _authLevel; 00201 } 00202 00203 const char* 00204 BdbDomainAuth::authLevelName( ) const 00205 { 00206 return BdbDomainAuth::AuthLevelNames[ _authLevel ]; 00207 } 00208 00209 const char* 00210 BdbDomainAuth::authName( ) const 00211 { 00212 return _authName; 00213 } 00214 00215 bool 00216 BdbDomainAuth::isAccessAllowed( const char* userName ) const 00217 { 00218 return !false; 00219 } 00220 00221 //------------- 00222 // Modifiers -- 00223 //------------- 00224 00225 bool 00226 BdbDomainAuth::setAuthLevel( AuthLevels theAuthLevel, const char* const theAuthName ) 00227 { 00228 assert( isAuthLevelValid( theAuthLevel ) ); 00229 bool result = false ; 00230 00231 if ( isAuthorized( theAuthLevel, theAuthName ) ) { 00232 result = setInitialAuthLevel( theAuthLevel, theAuthName ); 00233 } 00234 return result; 00235 } 00236 00237 bool 00238 BdbDomainAuth::setAuthLevel( const char* const theAuthPath ) 00239 { 00240 AuthLevels theAuthLevel = getAuthLevel( theAuthPath ); 00241 const char* theAuthName = getAuthName ( theAuthPath ); 00242 00243 bool result = setAuthLevel( theAuthLevel, theAuthName ); 00244 return result; 00245 } 00246 00247 void 00248 BdbDomainAuth::setAuthName( const char* const theAuthName ) 00249 { 00250 if ( ( NULL != _authName ) && ( theAuthName != _authName ) ) { 00251 delete [] _authName; 00252 _authName = NULL; 00253 } 00254 if ( ( NULL != theAuthName ) && ( NULL == _authName ) ) { 00255 _authName = new char[strlen( theAuthName )+1]; 00256 strcpy( _authName, theAuthName ); 00257 } 00258 } 00259 00260 //-------------- 00261 // Operations -- 00262 //-------------- 00263 00264 bool 00265 BdbDomainAuth::setInitialAuthLevel( AuthLevels theAuthLevel, 00266 const char* const theAuthName ) 00267 { 00268 assert( isAuthLevelValid( theAuthLevel ) ); 00269 const char* useName = theAuthName; 00270 00271 switch( theAuthLevel ) { 00272 case System: 00273 { 00274 _authLevel = theAuthLevel; 00275 useName = NULL; 00276 break; 00277 } 00278 case Group: 00279 { 00280 _authLevel = theAuthLevel; 00281 useName = theAuthName; 00282 if ( NULL == useName ) { 00283 useName = "Global"; 00284 } 00285 break; 00286 } 00287 case User: 00288 { 00289 // The theAuthName argument specifies the particular user 00290 // and defaults to current user if it's NULL or zero length. 00291 _authLevel = theAuthLevel; 00292 if ( NULL == useName ) { 00293 useName = userName( ); 00294 } 00295 break; 00296 } 00297 } 00298 setAuthName( useName ); 00299 return !false; 00300 } 00301 00302 BdbDomainAuth::AuthLevels 00303 BdbDomainAuth::parseAuthLevel( const char* const theAuthPath ) 00304 { 00305 // Check that the path is an absolute path 00306 AuthLevels result( IllegalAuth ); 00307 const char localSeparator( BdbPathName::separator() ); 00308 if( ( 0 == theAuthPath ) || 00309 ( localSeparator != *theAuthPath ) ) { 00310 return result; 00311 } 00312 00313 // copy leading leaf into temporary 00314 char* theAuthLevel = BdbPathName::leaf( theAuthPath, 00315 0 ); 00316 if( 0 == theAuthLevel ) { 00317 return result; 00318 } 00319 00320 // Test temporary for a valid authorization level (case-insensitive) 00321 if ( 0 == strncmp( theAuthLevel, 00322 AuthLevelNames[0], 00323 strlen( AuthLevelNames[0] ) ) ) { 00324 result = System; 00325 } else if ( 0 == strncmp( theAuthLevel, 00326 AuthLevelNames[1], 00327 strlen( AuthLevelNames[1] ) ) ) { 00328 result = Group; 00329 } else if ( 0 == strncmp( theAuthLevel, 00330 AuthLevelNames[2], 00331 strlen( AuthLevelNames[2] ) ) ) { 00332 result = User; 00333 } 00334 delete [] theAuthLevel; 00335 00336 return result; 00337 } 00338 00339 BdbDomainAuth::AuthLevels 00340 BdbDomainAuth::getAuthLevel( const char* const theAuthPath ) 00341 // Retrieve the authorization level from the authorization path. 00342 // 00343 // The format of the authorization path is: 00344 // 00345 // [/<level>][/<name>/]<text> 00346 // 00347 // where <level> is one of "system", "groups" or "users". Note that 00348 // the current level will be returned if no leading "/" is detected. 00349 { 00350 AuthLevels result( parseAuthLevel( theAuthPath ) ); 00351 if( IllegalAuth == result ) { 00352 return authLevel(); 00353 } 00354 00355 return result; 00356 } 00357 00358 char* 00359 BdbDomainAuth::parseAuthName( const char* const theAuthPath ) 00360 { 00361 // Check that the path is an absolute path 00362 char* result( 0 ); 00363 const char localSeparator( BdbPathName::separator() ); 00364 if( ( 0 == theAuthPath ) || 00365 ( localSeparator != *theAuthPath ) ) { 00366 return result; 00367 } 00368 00369 // Find user (if not System level authorization) 00370 AuthLevels theAuthLevel( parseAuthLevel( theAuthPath ) ); 00371 switch( theAuthLevel ) { 00372 case Group: 00373 case User: 00374 { 00375 result = BdbPathName::leaf( theAuthPath, 00376 1 ); 00377 if( 0 != result ) { 00378 if( 0 == strcmp( result, 00379 "<user>" ) ) { 00380 delete [] result; 00381 const char* realResult( userName() ); 00382 result = new char[ strlen( realResult ) + 1 ]; 00383 strcpy( result, 00384 realResult ); 00385 } 00386 } 00387 break; 00388 } 00389 default: 00390 { 00391 result = 0; 00392 break; 00393 } 00394 } 00395 return result; 00396 } 00397 00398 const char* 00399 BdbDomainAuth::getAuthName( const char* const theAuthPath ) 00400 // Retrieve the authorization name from the authorization path 00401 // 00402 // The format of the authorization path is: 00403 // 00404 // [/<level>][/<name>/]... 00405 // 00406 // where <level> is one of "system", "groups" or "users", and <name> 00407 // is the group name or user name. Note that NULL is returned for 00408 // level "system", and the default name will be returned if no leading "/" 00409 // is detected. Finally, /users/<user>/... is recognised as corresponding 00410 // to the current user name. 00411 { 00412 // Check that the path is an absolute path 00413 char* result( 0 ); 00414 const char localSeparator( BdbPathName::separator() ); 00415 if( ( 0 == theAuthPath ) || 00416 ( localSeparator != *theAuthPath ) ) { 00417 return authName(); 00418 } 00419 00420 result = parseAuthName( theAuthPath ); 00421 static char theAuthName[256]; 00422 if( 0 != result ) { 00423 strcpy( theAuthName, 00424 result ); 00425 delete [] result; 00426 result = theAuthName; 00427 } 00428 return result; 00429 } 00430 00431 const char* 00432 BdbDomainAuth::useAuthName( AuthLevels theAuthLevel, 00433 const char* const theAuthName ) 00434 // Retrieve the effective authorization name from the authorization level 00435 // and supplied name. If the level is either of groups or users and the 00436 // supplied name is NULL, then the default is returned. 00437 { 00438 const char* result = theAuthName; 00439 if ( ( 0 == result ) && ( System != theAuthLevel ) ) { 00440 result = authName( ); 00441 } 00442 return result; 00443 } 00444 00445 const char* 00446 BdbDomainAuth::skipAuthName( const char* const theAuthPath ) 00447 // Skip over the authorization level and name from the authorization path 00448 // 00449 // The format of the authorization path is: 00450 // 00451 // [/<level>][/<name>/]... 00452 // 00453 // where <level> is one of "system", "groups" or "users", and <name> 00454 // is the group name or user name. Note that NULL is returned for 00455 // level "system", and the default name will be returned if no leading "/" 00456 // is detected. Finally, /users/<user>/... is recognised as corresponding 00457 // to the current user name. 00458 { 00459 const char* result = theAuthPath; 00460 const char* theStart = theAuthPath; 00461 const char* theEnd; 00462 00463 if ( 0 != theAuthPath ) { 00464 // Locate Authorization Level 00465 if ( '/' == *theStart ) { 00466 theStart++; 00467 AuthLevels theAuthLevel = getAuthLevel( theAuthPath ); 00468 switch( theAuthLevel ) { 00469 case Group: 00470 case User: 00471 { 00472 theEnd = strchr( theStart, '/' ); 00473 if ( 0 != theEnd ) { 00474 theStart = theEnd + 1; 00475 } 00476 break; 00477 } 00478 case System: 00479 { 00480 } 00481 } 00482 theEnd = strchr( theStart, '/' ); 00483 if ( 0 != theEnd ) { 00484 theEnd++; 00485 } 00486 result = theEnd; 00487 } 00488 } 00489 return result; 00490 } 00491 00492 #endif // BDBDOMAINAUTH_CC
BaBar Public Site | SLAC | News | Links | Who's Who | Contact Us
Page Owner: Jacek Becla
Last Update: October 04, 2002