[go: up one dir, main page]

File: user.h

package info (click to toggle)
tarantool 2.6.0-1.4
  • links: PTS, VCS
  • area: main
  • in suites: sid, trixie
  • size: 85,412 kB
  • sloc: ansic: 513,775; cpp: 69,493; sh: 25,650; python: 19,190; perl: 14,973; makefile: 4,178; yacc: 1,329; sql: 1,074; pascal: 620; ruby: 190; awk: 18; lisp: 7
file content (238 lines) | stat: -rw-r--r-- 6,537 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
 
#ifndef INCLUDES_TARANTOOL_BOX_USER_H
#define INCLUDES_TARANTOOL_BOX_USER_H
/*
 * Copyright 2010-2016, Tarantool AUTHORS, please see AUTHORS file.
 *
 * Redistribution and use in source and binary forms, with or
 * without modification, are permitted provided that the following
 * conditions are met:
 *
 * 1. Redistributions of source code must retain the above
 *    copyright notice, this list of conditions and the
 *    following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above
 *    copyright notice, this list of conditions and the following
 *    disclaimer in the documentation and/or other materials
 *    provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY <COPYRIGHT HOLDER> ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
 * <COPYRIGHT HOLDER> OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF
 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
#include <stdint.h>
#include "user_def.h"
#include "small/region.h"

#if defined(__cplusplus)
extern "C" {
#endif /* defined(__cplusplus) */

/** Global grants. */
struct universe {
	/** Global privileges this user has on the universe. */
	struct access access[BOX_USER_MAX];
};

/** A single instance of the universe. */
extern struct universe universe;

/** Bitmap type for used/unused authentication token map. */
typedef unsigned int umap_int_t;
enum {
	UMAP_INT_BITS = CHAR_BIT * sizeof(umap_int_t),
	USER_MAP_SIZE = (BOX_USER_MAX + UMAP_INT_BITS - 1)/UMAP_INT_BITS
};

struct user_map {
	umap_int_t m[USER_MAP_SIZE];
};

static inline bool
user_map_is_empty(struct user_map *map)
{
	for (int i = 0; i < USER_MAP_SIZE; i++)
		if (map->m[i])
			return false;
	return true;
}

typedef rb_tree(struct priv_def) privset_t;
rb_proto(, privset_, privset_t, struct priv_def);

struct user
{
	struct user_def *def;
	/**
	 * An id in privileges array to quickly find a
	 * respective privilege.
	 */
	uint8_t auth_token;
	/** List of users or roles this role has been granted to */
	struct user_map users;
	/** List of roles granted to this role or user. */
	struct user_map roles;
	/** A cache of effective privileges of this user. */
	privset_t privs;
	/** True if this user privileges need to be reloaded. */
	bool is_dirty;
	/** Memory pool for privs */
	struct region pool;
	/**
	 * List of all currently existing credentials caches of
	 * the user. Any update of user privileges is applied to
	 * them.
	 */
	struct rlist credentials_list;
	/** Cached runtime access imformation. */
	struct access access[BOX_USER_MAX];
};

struct access *
access_find(enum schema_object_type object_type, uint32_t object_id);

/** Find user by id. */
struct user *
user_by_id(uint32_t uid);

struct user *
user_find_by_name(const char *name, uint32_t len);

/* Find a user by name. Used by authentication. */
struct user *
user_find(uint32_t uid);

/* Find a user by authentication token. */
struct user *
user_find_by_token(uint8_t auth_token);

/** Create a cache of user's privileges in @a cr. */
void
credentials_create(struct credentials *cr, struct user *user);

/** Create a dummy credentials cache without a user. */
void
credentials_create_empty(struct credentials *cr);

/** Check if @a cr has a source user. */
static inline bool
credentials_is_empty(const struct credentials *cr)
{
	return cr->auth_token == BOX_USER_MAX;
}

/** Free credentials resources, invalidate the object. */
void
credentials_destroy(struct credentials *cr);

/** Change source user of the credentials cache. */
static inline void
credentials_reset(struct credentials *cr, struct user *new_user)
{
	credentials_destroy(cr);
	credentials_create(cr, new_user);
}

#if defined(__cplusplus)
} /* extern "C" */

/**
 * For best performance, all users are maintained in this array.
 * Position in the array is store in user->auth_token and also
 * in session->auth_token. This way it's easy to quickly find
 * the current user of the session.
 * An auth token, instead of a direct pointer, is stored in the
 * session because it makes dropping of a signed in user safe.
 * The same auth token (index in an array)
 * is also used to find out user privileges when accessing stored
 * objects, such as spaces and functions.
 */
extern struct user *guest_user, *admin_user;

/*
 * Insert or update user object (a cache entry
 * for user).
 * This is called from a trigger on _user table
 * and from trigger on _priv table, (in the latter
 * case, only when making a grant on the universe).
 *
 * If a user already exists, update it, otherwise
 * find space in users[] array and store the new
 * user in it. Update user->auth_token
 * with an index in the users[] array.
 */
struct user *
user_cache_replace(struct user_def *user);

/**
 * Find a user by id and delete it from the
 * users cache.
 */
void
user_cache_delete(uint32_t uid);

static inline struct user *
user_find_by_name_xc(const char *name, uint32_t len)
{
	struct user *user = user_find_by_name(name, len);
	if (user == NULL)
		diag_raise();
	return user;
}

/** Initialize the user cache and access control subsystem. */
void
user_cache_init(void);

/** Cleanup the user cache and access control subsystem */
void
user_cache_free(void);

/* {{{ Roles */

/**
 * Check, mainly, that users & roles form an acyclic graph,
 * and no loop in the graph will occur when grantee gets
 * a given role.
 */
int
role_check(struct user *grantee, struct user *role);

/**
 * Grant a role to a user or another role.
 */
int
role_grant(struct user *grantee, struct user *role);

/**
 * Revoke a role from a user or another role.
 */
int
role_revoke(struct user *grantee, struct user *role);

/**
 * Grant or revoke a single privilege to a user or role
 * and re-evaluate effective access of all users of this
 * role if this role.
 */
int
priv_grant(struct user *grantee, struct priv_def *priv);

int
priv_def_create_from_tuple(struct priv_def *priv, struct tuple *tuple);

/* }}} */

#endif /* defined(__cplusplus) */

#endif /* INCLUDES_TARANTOOL_BOX_USER_H */