Leosac  0.8.0
Open Source Access Control
User.cpp
Go to the documentation of this file.
1 /*
2  Copyright (C) 2014-2016 Leosac
3 
4  This file is part of Leosac.
5 
6  Leosac is free software: you can redistribute it and/or modify
7  it under the terms of the GNU Affero General Public License as published by
8  the Free Software Foundation, either version 3 of the License, or
9  (at your option) any later version.
10 
11  Leosac is distributed in the hope that it will be useful,
12  but WITHOUT ANY WARRANTY; without even the implied warranty of
13  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  GNU Affero General Public License for more details.
15 
16  You should have received a copy of the GNU Affero General Public License
17  along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "core/auth/Group_odb.h"
21 #include "core/auth/User_odb.h"
22 #include "core/credentials/ICredential.hpp"
23 #include "exception/leosacexception.hpp"
24 #include "tools/AssertCast.hpp"
25 #include "tools/log.hpp"
26 #include <boost/algorithm/string.hpp>
27 
28 using namespace Leosac::Auth;
29 
30 static bool is_valid_username_character(char c)
31 {
32  return isascii(c) && (isalnum(c) || c == '.' || c == '_' || c == '-');
33 }
34 
35 User::User()
36  : User(0)
37 {
38 }
39 
40 User::User(const std::string &uname)
41  : id_(0)
42  , rank_(UserRank::USER)
43  , version_(0)
44 {
45  username(uname);
46 }
47 
48 User::User(const UserId &id)
49  : id_(id)
50  , rank_(UserRank::USER)
51  , version_(0)
52 {
53 }
54 
55 const std::string &User::username() const noexcept
56 {
57  for (const auto &c : username_)
58  ASSERT_LOG(is_valid_username_character(c), "Invalid username.");
59  return username_;
60 }
61 
62 void User::username(const std::string &username)
63 {
64  for (const auto &c : username)
65  {
66  if (is_valid_username_character(c))
67  continue;
68  throw LEOSACException("Invalid username: {" + username + "}");
69  }
70  username_ = boost::algorithm::to_lower_copy(username);
71 }
72 
73 IAccessProfilePtr User::profile() const noexcept
74 {
75  return profile_;
76 }
77 
78 void User::profile(IAccessProfilePtr user_profile)
79 {
80  profile_ = user_profile;
81 }
82 
83 const std::string &User::firstname() const
84 {
85  return firstname_;
86 }
87 
88 const std::string &User::lastname() const
89 {
90  return lastname_;
91 }
92 
93 const std::string &User::email() const
94 {
95  return email_;
96 }
97 
98 void User::firstname(std::string const &f)
99 {
100  firstname_ = f;
101 }
102 
103 void User::lastname(std::string const &l)
104 {
105  lastname_ = l;
106 }
107 
108 void User::email(std::string const &e)
109 {
110  email_ = e;
111 }
112 
113 const ValidityInfo &User::validity() const
114 {
115  return validity_;
116 }
117 
118 void User::validity(const ValidityInfo &c)
119 {
120  validity_ = c;
121 }
122 
123 bool User::is_valid() const
124 {
125  return validity_.is_valid();
126 }
127 
128 unsigned long User::id() const noexcept
129 {
130  return id_;
131 }
132 
133 const UserGroupMembershipSet &User::group_memberships() const
134 {
135  return membership_;
136 }
137 
138 void User::password(const std::string &pw)
139 {
140  std::vector<uint8_t> vec(pw.begin(), pw.end());
141  password_ = Scrypt::Hash(vec);
142 }
143 
144 bool User::verify_password(const std::string &pw) const
145 {
146  if (password_)
147  {
148  std::vector<uint8_t> vec(pw.begin(), pw.end());
149  return Scrypt::Verify(vec, *password_);
150  }
151  return false;
152 }
153 
154 std::string User::password() const
155 {
156  if (password_)
157  return std::string(password_->hash.begin(), password_->hash.end());
158  return "";
159 }
160 
161 UserRank User::rank() const
162 {
163  return rank_;
164 }
165 
166 void User::rank(UserRank r)
167 {
168  rank_ = r;
169 }
170 
171 size_t User::odb_version() const
172 {
173  return version_;
174 }
175 
176 std::vector<Leosac::Cred::CredentialLWPtr> User::lazy_credentials() const
177 {
178  return credentials_;
179 }
180 
181 std::vector<Leosac::Tools::ScheduleMappingLWPtr> User::lazy_schedules_mapping() const
182 {
183  return schedules_mapping_;
184 }
185 
186 void User::schedule_mapping_added(
187  const Leosac::Tools::ScheduleMappingPtr &sched_mapping)
188 {
189  schedules_mapping_.push_back(sched_mapping);
190 }
191 
192 void User::add_credential(const Leosac::Cred::ICredentialPtr &cred)
193 {
194  ASSERT_LOG(cred, "Credential is null.");
195  ASSERT_LOG(cred->owner_id() == 0 || cred->owner_id() == id_,
196  "Credential is already owned by someone else.");
197 
198  cred->owner(shared_from_this());
199  credentials_.push_back(assert_cast<Cred::CredentialPtr>(cred));
200 }
Leosac::Auth::User::lastname
const std::string & lastname() const
Definition: User.cpp:88
Leosac::Auth
Holds classes relevant to the Authentication and Authorization subsystem.
Definition: AccessPoint.hpp:27
Leosac::Auth::User::is_valid
bool is_valid() const
Check the validity status (enabled / disabled) of the user.
Definition: User.cpp:123
Leosac::Auth::User::profile
IAccessProfilePtr profile() const noexcept
Definition: User.cpp:73
Leosac::Auth::UserRank
UserRank
Definition: AuthFwd.hpp:56
Leosac::Auth::User::version_
const size_t version_
Definition: User.hpp:195
Leosac::Auth::User::profile_
IAccessProfilePtr profile_
Definition: User.hpp:192
Scrypt::Verify
static bool Verify(const std::vector< uint8_t > &in, const ScryptResult &expected)
Verify that the input in, when hashed, correspond to the expected ScryptResult.
Definition: Scrypt.cpp:49
Leosac::Auth::User::lastname_
std::string lastname_
Definition: User.hpp:169
ASSERT_LOG
#define ASSERT_LOG(cond, msg)
Definition: log.hpp:190
Leosac::Auth::User::rank
UserRank rank() const
Get the global rank of the user.
Definition: User.cpp:161
Leosac::Auth::IAccessProfilePtr
std::shared_ptr< IAccessProfile > IAccessProfilePtr
Definition: AuthFwd.hpp:88
ICredential.hpp
Leosac::Auth::User::odb_version
size_t odb_version() const
Definition: User.cpp:171
Leosac::Tools::ScheduleMappingPtr
std::shared_ptr< ScheduleMapping > ScheduleMappingPtr
Definition: ToolsFwd.hpp:41
Leosac::Auth::UserRank::USER
@ USER
A default user.
Leosac::Auth::User::rank_
UserRank rank_
Definition: User.hpp:176
Leosac::Auth::User::password_
boost::optional< ScryptResult > password_
Definition: User.hpp:166
Leosac::Auth::User::id_
UserId id_
Definition: User.hpp:155
Leosac::Auth::User
Represent a user.
Definition: User.hpp:42
leosacexception.hpp
Exception class for LEOSAC Project related errors.
Leosac::Auth::User::username
const std::string & username() const noexcept
Get the username of this user.
Definition: User.cpp:55
LEOSACException
A base class for Leosac specific exception.
Definition: leosacexception.hpp:40
Leosac::Auth::User::lazy_schedules_mapping
std::vector< Tools::ScheduleMappingLWPtr > lazy_schedules_mapping() const
Definition: User.cpp:181
Leosac::Auth::ValidityInfo::is_valid
bool is_valid() const
Check that the current date is between validity start and end and make sure its enabled too.
Definition: ValidityInfo.cpp:34
Leosac::Auth::User::id
UserId id() const noexcept
Definition: User.cpp:128
Leosac::Auth::User::email_
std::string email_
Definition: User.hpp:170
Leosac::Auth::User::schedule_mapping_added
void schedule_mapping_added(const Tools::ScheduleMappingPtr &sched_mapping)
The user has been mapped by a schedule.
Definition: User.cpp:186
Leosac::Auth::User::password
std::string password() const
Returns the password hash + salt (as stored in the database).
Definition: User.cpp:154
Leosac::Auth::User::group_memberships
const UserGroupMembershipSet & group_memberships() const
Retrieve the UserGroupMembership that this user is involved with.
Definition: User.cpp:133
Leosac::Auth::User::firstname_
std::string firstname_
Definition: User.hpp:168
Leosac::Auth::User::User
User()
Definition: User.cpp:35
Leosac::Auth::User::verify_password
bool verify_password(const std::string &pw) const
Verify that the password pw is equal to the user's password.
Definition: User.cpp:144
Leosac::Cred::ICredentialPtr
std::shared_ptr< ICredential > ICredentialPtr
Definition: CredentialFwd.hpp:32
Leosac::Auth::UserGroupMembershipSet
std::set< UserGroupMembershipPtr, UserGroupMembershipComparator > UserGroupMembershipSet
Definition: UserGroupMembership.hpp:96
Leosac::Auth::User::email
const std::string & email() const
Definition: User.cpp:93
log.hpp
Leosac::Auth::User::validity
const ValidityInfo & validity() const
Definition: User.cpp:113
Leosac::Auth::User::credentials_
std::vector< Cred::CredentialLWPtr > credentials_
Definition: User.hpp:179
Leosac::Auth::UserId
unsigned long UserId
Definition: AuthFwd.hpp:34
Leosac::Auth::User::schedules_mapping_
std::vector< Tools::ScheduleMappingLWPtr > schedules_mapping_
ScheduleMapping object to which we are mapped directly (as user).
Definition: User.hpp:185
Leosac::Auth::User::username_
std::string username_
This is an (unique) identifier for the user.
Definition: User.hpp:163
Leosac::Auth::User::lazy_credentials
std::vector< Cred::CredentialLWPtr > lazy_credentials() const
Definition: User.cpp:176
Leosac::Auth::User::validity_
ValidityInfo validity_
A user can have the same validity than credentials.
Definition: User.hpp:190
Scrypt::Hash
static ScryptResult Hash(const std::vector< uint8_t > &in, const std::vector< uint8_t > &salt, const ScryptParam &param=default_)
Wrapper around low-level hash function.
Definition: Scrypt.cpp:25
Leosac::Auth::ValidityInfo
A simple class that stores (and can be queried for) the validity of some objects.
Definition: ValidityInfo.hpp:42
Leosac::Auth::User::firstname
const std::string & firstname() const
Definition: User.cpp:83
Leosac::Auth::User::add_credential
void add_credential(const Cred::ICredentialPtr &cred)
Definition: User.cpp:192
AssertCast.hpp
Leosac::Auth::User::membership_
UserGroupMembershipSet membership_
Definition: User.hpp:173