* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
*/
-/** @file server/trackdb.c
+/** @file lib/trackdb.c
* @brief Track database
*
* This file is getting in desparate need of splitting up...
#include "hash.h"
#include "unicode.h"
#include "unidata.h"
-#include "mime.h"
+#include "base64.h"
#define RESCAN "disorder-rescan"
#define DEADLOCK "disorder-deadlock"
* - Values are UTF-8(NFC(unicode(path name)))
* - There can be more than one value per key
* - Presence of key,value means that path matches the search terms
- * - Only tracks fond in @ref tracks_tracksdb are represented here
+ * - Only tracks fond in @ref trackdb_tracksdb are represented here
* - This database can be reconstructed, it contains no user data
*/
DB *trackdb_searchdb;
}
/** @brief Open track databases
- * @param Flags flags word
+ * @param flags Flags flags word
*
* @p flags should have one of:
* - @p TRACKDB_NO_UPGRADE, if no upgrade should be attempted
int e;
struct vector v[1];
+ vector_init(v);
WITH_TRANSACTION(trackdb_listkeys(trackdb_tagsdb, v, tid));
return v->vec;
}
return n < config->trust.n;
}
+/** @brief Return non-zero for a valid username
+ *
+ * Currently we only allow the letters and digits in ASCII. We could be more
+ * liberal than this but it is a nice simple test. It is critical that
+ * semicolons are never allowed.
+ */
+static int valid_username(const char *user) {
+ if(!*user)
+ return 0;
+ while(*user) {
+ const uint8_t c = *user++;
+ /* For now we are very strict */
+ if((c >= 'a' && c <= 'z')
+ || (c >= 'A' && c <= 'Z')
+ || (c >= '0' && c <= '9'))
+ /* ok */;
+ else
+ return 0;
+ }
+ return 1;
+}
+
/** @brief Add a user */
static int create_user(const char *user,
const char *password,
const char *rights,
const char *email,
+ const char *confirmation,
DB_TXN *tid,
uint32_t flags) {
struct kvp *k = 0;
char s[64];
+ /* sanity check user */
+ if(!valid_username(user)) {
+ error(0, "invalid username '%s'", user);
+ return -1;
+ }
+ if(parse_rights(rights, 0, 1)) {
+ error(0, "invalid rights string");
+ return -1;
+ }
/* data for this user */
if(password)
kvp_set(&k, "password", password);
kvp_set(&k, "rights", rights);
if(email)
kvp_set(&k, "email", email);
+ if(confirmation)
+ kvp_set(&k, "confirmation", confirmation);
snprintf(s, sizeof s, "%jd", (intmax_t)time(0));
kvp_set(&k, "created", s);
return trackdb_putdata(trackdb_usersdb, user, k, tid, flags);
/* pick rights */
if(!strcmp(user, "root"))
rights = "all";
- else if(trusted(user))
- rights = rights_string(default_rights()|RIGHT_ADMIN);
- else
- rights = rights_string(default_rights());
- return create_user(user, password, rights, 0/*email*/, tid, DB_NOOVERWRITE);
+ else if(trusted(user)) {
+ rights_type r;
+
+ parse_rights(config->default_rights, &r, 1);
+ r &= ~(rights_type)(RIGHT_SCRATCH__MASK|RIGHT_MOVE__MASK|RIGHT_REMOVE__MASK);
+ r |= (RIGHT_ADMIN|RIGHT_RESCAN
+ |RIGHT_SCRATCH_ANY|RIGHT_MOVE_ANY|RIGHT_REMOVE_ANY);
+ rights = rights_string(r);
+ } else
+ rights = config->default_rights;
+ return create_user(user, password, rights, 0/*email*/, 0/*confirmation*/,
+ tid, DB_NOOVERWRITE);
}
static int trackdb_old_users_tid(DB_TXN *tid) {
gcry_randomize(pwbin, sizeof pwbin, GCRY_STRONG_RANDOM);
pw = mime_to_base64(pwbin, sizeof pwbin);
/* Create the root user if it does not exist */
- WITH_TRANSACTION(create_user("root", pw, "all", 0/*email*/, tid,
- DB_NOOVERWRITE));
+ WITH_TRANSACTION(create_user("root", pw, "all",
+ 0/*email*/, 0/*confirmation*/,
+ tid, DB_NOOVERWRITE));
if(e == 0)
info("created root user");
}
* @param user Username
* @param password Password or NULL
* @param rights Initial rights
- * @param email Email address
+ * @param email Email address or NULL
+ * @param confirmation Confirmation string or NULL
* @return 0 on success, non-0 on error
*/
int trackdb_adduser(const char *user,
const char *password,
- rights_type rights,
- const char *email) {
+ const char *rights,
+ const char *email,
+ const char *confirmation) {
int e;
- const char *r = rights_string(rights);
- WITH_TRANSACTION(create_user(user, password, r, email,
+ WITH_TRANSACTION(create_user(user, password, rights, email, confirmation,
tid, DB_NOOVERWRITE));
if(e) {
error(0, "cannot created user '%s' because they already exist", user);
} else {
if(email)
info("created user '%s' with rights '%s' and email address '%s'",
- user, r, email);
+ user, rights, email);
else
- info("created user '%s' with rights '%s'", user, r);
+ info("created user '%s' with rights '%s'", user, rights);
return 0;
}
}
/** @brief Delete a user
* @param user User to delete
- * @param 0 on success, non-0 if the user didn't exist anyway
+ * @return 0 on success, non-0 if the user didn't exist anyway
*/
int trackdb_deluser(const char *user) {
int e;
error(0, "cannot remove 'rights' key from user '%s'", user);
return -1;
}
- if(parse_rights(value, 0)) {
+ if(parse_rights(value, 0, 1)) {
error(0, "invalid rights string");
return -1;
}
return v->vec;
}
+static int trackdb_confirm_tid(const char *user, const char *confirmation,
+ DB_TXN *tid) {
+ const char *stored_confirmation;
+ struct kvp *k;
+ int e;
+
+ if((e = trackdb_getdata(trackdb_usersdb, user, &k, tid)))
+ return e;
+ if(!(stored_confirmation = kvp_get(k, "confirmation"))) {
+ error(0, "already confirmed user '%s'", user);
+ /* DB claims -30,800 to -30,999 so -1 should be a safe bet */
+ return -1;
+ }
+ if(strcmp(confirmation, stored_confirmation)) {
+ error(0, "wrong confirmation string for user '%s'", user);
+ return -1;
+ }
+ /* 'sall good */
+ kvp_set(&k, "confirmation", 0);
+ return trackdb_putdata(trackdb_usersdb, user, k, tid, 0);
+}
+
+/** @brief Confirm a user registration
+ * @param user Username
+ * @param confirmation Confirmation string
+ * @return 0 on success, non-0 on error
+ */
+int trackdb_confirm(const char *user, const char *confirmation) {
+ int e;
+
+ WITH_TRANSACTION(trackdb_confirm_tid(user, confirmation, tid));
+ switch(e) {
+ case 0:
+ info("registration confirmed for user '%s'", user);
+ return 0;
+ case DB_NOTFOUND:
+ error(0, "confirmation for nonexistent user '%s'", user);
+ return -1;
+ default: /* already reported */
+ return -1;
+ }
+}
+
/*
Local Variables:
c-basic-offset:2