1 martin 1.24 //%LICENSE////////////////////////////////////////////////////////////////
|
2 martin 1.25 //
|
3 martin 1.24 // Licensed to The Open Group (TOG) under one or more contributor license
4 // agreements. Refer to the OpenPegasusNOTICE.txt file distributed with
5 // this work for additional information regarding copyright ownership.
6 // Each contributor licenses this file to you under the OpenPegasus Open
7 // Source License; you may not use this file except in compliance with the
8 // License.
|
9 martin 1.25 //
|
10 martin 1.24 // Permission is hereby granted, free of charge, to any person obtaining a
11 // copy of this software and associated documentation files (the "Software"),
12 // to deal in the Software without restriction, including without limitation
13 // the rights to use, copy, modify, merge, publish, distribute, sublicense,
14 // and/or sell copies of the Software, and to permit persons to whom the
15 // Software is furnished to do so, subject to the following conditions:
|
16 martin 1.25 //
|
17 martin 1.24 // The above copyright notice and this permission notice shall be included
18 // in all copies or substantial portions of the Software.
|
19 martin 1.25 //
|
20 martin 1.24 // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
21 martin 1.25 // OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
22 martin 1.24 // MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
23 // IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
24 // CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
25 // TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
26 // SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
|
27 martin 1.25 //
|
28 martin 1.24 //////////////////////////////////////////////////////////////////////////
|
29 mike 1.2 //
30 //%////////////////////////////////////////////////////////////////////////////
31
32
33 ///////////////////////////////////////////////////////////////////////////////
|
34 kumpf 1.22 //
|
35 mike 1.2 // User Manager
36 //
37 ///////////////////////////////////////////////////////////////////////////////
38
39 #include <Pegasus/Common/System.h>
40 #include <Pegasus/Common/Tracer.h>
|
41 kumpf 1.6 #include <Pegasus/Common/PegasusVersion.h>
42
|
43 mike 1.2 #include <Pegasus/Security/UserManager/UserManager.h>
44 #include <Pegasus/Security/UserManager/UserExceptions.h>
45
46
47 PEGASUS_USING_STD;
48
49 PEGASUS_NAMESPACE_BEGIN
50
51 /**
|
52 kumpf 1.22 Initialize UserManager instance
|
53 mike 1.2 */
54 UserManager* UserManager::_instance = 0;
|
55 aruran.ms 1.18 Mutex UserManager::_userManagerMutex;
|
56 mike 1.2
57 //
58 // Constructor
59 //
60 UserManager::UserManager(CIMRepository* repository)
61 {
|
62 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::UserManager");
|
63 kumpf 1.22
|
64 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
65 a.arora 1.12 _userFileHandler.reset(new UserFileHandler());
|
66 kumpf 1.7 #endif
|
67 a.arora 1.12 _authHandler.reset(new AuthorizationHandler(repository));
|
68 kumpf 1.22
|
69 kumpf 1.5 PEG_METHOD_EXIT();
|
70 mike 1.2 }
71
72 //
73 // Destructor
74 //
75 UserManager::~UserManager()
76 {
|
77 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::~UserManager");
|
78 mike 1.2
|
79 kumpf 1.5 PEG_METHOD_EXIT();
|
80 mike 1.2 }
81
82 //
|
83 konrad.r 1.16 // Terminates the usermanager;
84 //
|
85 kumpf 1.22 void UserManager::destroy()
|
86 konrad.r 1.16 {
|
87 kumpf 1.20 delete _instance;
88 _instance = 0;
|
89 konrad.r 1.16 }
|
90 kumpf 1.22
|
91 konrad.r 1.16 //
|
92 mike 1.2 // Construct the singleton instance of the UserManager and return a
93 // pointer to that instance.
94 //
95 UserManager* UserManager::getInstance(CIMRepository* repository)
96 {
|
97 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getInstance");
|
98 mike 1.2
|
99 kumpf 1.5 if (!_instance && !repository)
100 {
101 PEG_METHOD_EXIT();
102 throw CannotCreateUserManagerInstance();
103 }
|
104 mike 1.2
|
105 kumpf 1.4 if (!_instance)
|
106 mike 1.2 {
|
107 aruran.ms 1.18 AutoMutex lock(_userManagerMutex);
108 if (!_instance)
109 {
110 _instance = new UserManager(repository);
111 }
|
112 mike 1.2 }
113
|
114 kumpf 1.5 PEG_METHOD_EXIT();
|
115 mike 1.2
116 return _instance;
117 }
118
|
119 kumpf 1.22 //
|
120 mike 1.2 // Add a user
121 //
|
122 kumpf 1.22 void UserManager::addUser(
123 const String& userName,
124 const String& password)
|
125 mike 1.2 {
|
126 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::addUser");
|
127 mike 1.2
|
128 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
129 mike 1.2 //
130 // Check if the user is a valid system user
131 //
|
132 kumpf 1.22 if (!System::isSystemUser(userName.getCString()))
|
133 mike 1.2 {
|
134 kumpf 1.5 PEG_METHOD_EXIT();
|
135 kumpf 1.22 throw InvalidSystemUser(userName);
|
136 mike 1.2 }
137
|
138 kumpf 1.22 //
|
139 mike 1.2 // Add the user to the password file
140 //
|
141 kumpf 1.23 _userFileHandler->addUserEntry(userName, password);
|
142 kumpf 1.7 #endif
|
143 mike 1.2
|
144 kumpf 1.5 PEG_METHOD_EXIT();
|
145 mike 1.2 }
146
147 //
148 // Modify user's password
149 //
150 void UserManager::modifyUser(
|
151 kumpf 1.22 const String& userName,
152 const String& password,
153 const String& newPassword)
|
154 mike 1.2 {
|
155 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::modifyUser");
|
156 mike 1.2
|
157 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
158 kumpf 1.23 _userFileHandler->modifyUserEntry(userName, password, newPassword);
|
159 kumpf 1.7 #endif
160
|
161 kumpf 1.5 PEG_METHOD_EXIT();
|
162 mike 1.2 }
163
|
164 kumpf 1.22 //
|
165 mike 1.2 // Remove a user
166 //
167 void UserManager::removeUser(const String& userName)
168 {
|
169 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::removeUser");
|
170 kumpf 1.7
171 #ifndef PEGASUS_NO_PASSWORDFILE
|
172 kumpf 1.23 _userFileHandler->removeUserEntry(userName);
|
173 kumpf 1.7 #endif
|
174 mike 1.2
|
175 kumpf 1.5 PEG_METHOD_EXIT();
|
176 mike 1.2 }
177
178
179 //
180 // Get a list of all the user names.
181 //
182 void UserManager::getAllUserNames(Array<String>& userNames)
183 {
|
184 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::getAllUserNames");
|
185 mike 1.2
|
186 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
187 kumpf 1.23 _userFileHandler->getAllUserNames(userNames);
|
188 kumpf 1.7 #endif
|
189 mike 1.2
|
190 kumpf 1.5 PEG_METHOD_EXIT();
|
191 mike 1.2 }
192
193 //
194 // Verify whether the specified CIM user is valid
195 //
|
196 kumpf 1.22 Boolean UserManager::verifyCIMUser(const String& userName)
|
197 mike 1.2 {
|
198 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUser");
|
199 mike 1.2
|
200 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
201 kumpf 1.23 if (_userFileHandler->verifyCIMUser(userName))
|
202 kumpf 1.4 {
|
203 kumpf 1.5 PEG_METHOD_EXIT();
|
204 kumpf 1.23 return true;
|
205 kumpf 1.4 }
|
206 kumpf 1.23 #endif
207
|
208 kumpf 1.7 PEG_METHOD_EXIT();
209 return false;
|
210 mike 1.2 }
211
212 //
213 // Verify whether the specified user's password is valid
214 //
|
215 kumpf 1.22 Boolean UserManager::verifyCIMUserPassword(
216 const String& userName,
217 const String& password)
|
218 mike 1.2 {
|
219 kumpf 1.5 PEG_METHOD_ENTER(TRC_USER_MANAGER, "UserManager::verifyCIMUserPassword");
|
220 mike 1.2
|
221 kumpf 1.7 #ifndef PEGASUS_NO_PASSWORDFILE
|
222 kumpf 1.23 if (_userFileHandler->verifyCIMUserPassword(userName, password))
|
223 kumpf 1.4 {
|
224 kumpf 1.5 PEG_METHOD_EXIT();
|
225 kumpf 1.23 return true;
|
226 mike 1.2 }
|
227 kumpf 1.23 #endif
228
|
229 kumpf 1.7 PEG_METHOD_EXIT();
230 return false;
|
231 mike 1.2 }
232
233 //
234 // Verify whether the specified namespace is valid
235 //
|
236 kumpf 1.22 Boolean UserManager::verifyNamespace(const CIMNamespaceName& myNamespace)
|
237 mike 1.2 {
|
238 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyNamespace");
|
239 mike 1.2
|
240 kumpf 1.23 if (_authHandler->verifyNamespace(myNamespace))
|
241 mike 1.2 {
|
242 kumpf 1.23 PEG_METHOD_EXIT();
243 return true;
|
244 mike 1.2 }
|
245 kumpf 1.23 else
|
246 mike 1.2 {
|
247 kumpf 1.5 PEG_METHOD_EXIT();
|
248 kumpf 1.23 return false;
|
249 mike 1.2 }
250 }
251
252 //
253 // Verify whether the specified operation has authorization
254 // to be performed by the specified user.
255 //
256 Boolean UserManager::verifyAuthorization(
|
257 kumpf 1.22 const String& userName,
258 const CIMNamespaceName& nameSpace,
259 const CIMName& cimMethodName)
|
260 mike 1.2 {
|
261 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::verifyAuthorization");
|
262 mike 1.2
|
263 kumpf 1.23 if (_authHandler->verifyAuthorization(
264 userName, nameSpace, cimMethodName))
|
265 mike 1.2 {
|
266 kumpf 1.23 PEG_METHOD_EXIT();
267 return true;
|
268 mike 1.2 }
|
269 kumpf 1.23 else
|
270 mike 1.2 {
|
271 kumpf 1.5 PEG_METHOD_EXIT();
|
272 kumpf 1.23 return false;
|
273 mike 1.2 }
274 }
275
276 //
277 // Set the authorizations
278 //
279 void UserManager::setAuthorization(
|
280 kumpf 1.22 const String& userName,
281 const CIMNamespaceName& myNamespace,
282 const String& auth)
|
283 mike 1.2 {
|
284 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::setAuthorization");
|
285 kumpf 1.3
|
286 kumpf 1.23 _authHandler->setAuthorization(userName, myNamespace, auth);
|
287 kumpf 1.3
|
288 kumpf 1.5 PEG_METHOD_EXIT();
|
289 mike 1.2 }
290
291 //
292 // Remove the authorizations for the specified user and namespace
293 //
294 void UserManager::removeAuthorization(
|
295 kumpf 1.22 const String& userName,
296 const CIMNamespaceName& myNamespace)
|
297 mike 1.2 {
|
298 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::removeAuthorization");
|
299 kumpf 1.3
|
300 kumpf 1.23 _authHandler->removeAuthorization(userName, myNamespace);
|
301 kumpf 1.3
|
302 kumpf 1.5 PEG_METHOD_EXIT();
|
303 mike 1.2 }
304
305
306 //
307 // Get the authorizations for the specified user and namespace
308 //
309 String UserManager::getAuthorization(
|
310 kumpf 1.22 const String& userName,
311 const CIMNamespaceName& myNamespace)
|
312 mike 1.2 {
|
313 kumpf 1.5 PEG_METHOD_ENTER(TRC_AUTHORIZATION, "UserManager::getAuthorization");
|
314 kumpf 1.3
|
315 kumpf 1.23 String auth = _authHandler->getAuthorization(userName, myNamespace);
|
316 kumpf 1.3
|
317 kumpf 1.5 PEG_METHOD_EXIT();
|
318 mike 1.2
319 return auth;
320 }
321
322 PEGASUS_NAMESPACE_END
|