CMS 3D CMS Logo
CredentialStore.h
Go to the documentation of this file.
1 #ifndef CondCore_CondDB_CredentialStore_h
2 #define CondCore_CondDB_CredentialStore_h
3 
4 #include "CondCore/CondDB/interface/DecodingKey.h"
5 //
6 #include <map>
7 #include <memory>
8 #include <string>
9 //
10 #include "CoralBase/MessageStream.h"
11 
12 namespace coral {
13 
14  class AuthenticationCredentials;
15  class IAuthenticationCredentials;
16  class ISession;
17  class IConnection;
18 
19 } // namespace coral
20 
21 namespace coral_bridge {
22 
23  class AuthenticationCredentialSet {
24  public:
26  AuthenticationCredentialSet();
27 
29  virtual ~AuthenticationCredentialSet();
30 
31  void registerItem(const std::string& connectionString, const std::string& itemName, const std::string& itemValue);
32 
33  void registerItem(const std::string& connectionString,
34  const std::string& role,
35  const std::string& itemName,
36  const std::string& itemValue);
37 
41  void registerCredentials(const std::string& connectionString,
42  const std::string& userName,
43  const std::string& password);
44 
48  void registerCredentials(const std::string& connectionString,
49  const std::string& role,
50  const std::string& userName,
51  const std::string& password);
52 
53  void import(const AuthenticationCredentialSet& data);
54 
55  const coral::IAuthenticationCredentials* get(const std::string& connectionString) const;
56 
57  const coral::IAuthenticationCredentials* get(const std::string& connectionString, const std::string& role) const;
58 
59  const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>& data() const;
60 
61  void reset();
62 
63  private:
65  std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*> m_data;
66  };
67 
68 } // namespace coral_bridge
69 
70 namespace cond {
71 
72  class Cipher;
73 
74  std::string schemaLabel(const std::string& serviceName, const std::string& userName);
75 
76  //
77  class CredentialStore {
78  public:
79  // default service is pointed in case the specific one has not been found in the key list
80  static const std::string DEFAULT_DATA_SOURCE;
81 
82  public:
84  CredentialStore();
85 
87  virtual ~CredentialStore();
88 
89  public:
91  std::string setUpForService(const std::string& serviceName, const std::string& authPath);
92 
93  std::string setUpForConnectionString(const std::string& connectionString, const std::string& authPath);
94 
95  bool createSchema(const std::string& connectionString, const std::string& userName, const std::string& password);
96 
97  bool drop(const std::string& connectionString, const std::string& userName, const std::string& password);
98 
99  bool resetAdmin(const std::string& userName, const std::string& password);
100 
101  bool updatePrincipal(const std::string& principal, const std::string& principalKey, bool setAdmin = false);
102 
103  bool setPermission(const std::string& principal,
104  const std::string& role,
105  const std::string& connectionString,
106  const std::string& connectionLabel);
107 
108  bool unsetPermission(const std::string& principal, const std::string& role, const std::string& connectionString);
109 
110  bool updateConnection(const std::string& connectionLabel, const std::string& userName, const std::string& password);
111 
112  bool removePrincipal(const std::string& principal);
113 
114  bool removeConnection(const std::string& connectionLabel);
115 
116  bool selectForUser(coral_bridge::AuthenticationCredentialSet& destinationData);
117 
119  bool importForPrincipal(const std::string& principal,
120  const coral_bridge::AuthenticationCredentialSet& data,
121  bool forceUpdateConnection = false);
122 
123  bool listPrincipals(std::vector<std::string>& destination);
124 
125  bool listConnections(std::map<std::string, std::pair<std::string, std::string> >& destination);
126 
127  struct Permission {
128  std::string principalName;
129  std::string role;
130  std::string connectionString;
131  std::string connectionLabel;
132  };
133  bool selectPermissions(const std::string& principalName,
134  const std::string& role,
135  const std::string& connectionString,
136  std::vector<Permission>& destination);
137 
138  bool exportAll(coral_bridge::AuthenticationCredentialSet& data);
139 
140  const std::string& keyPrincipalName();
141 
142  private:
143  friend class CSScopedSession;
144 
145  std::pair<std::string, std::string> openConnection(const std::string& connectionString);
146  void openSession(const std::string& schemaName,
147  const std::string& userName,
148  const std::string& password,
149  bool readMode);
150  void startSuperSession(const std::string& connectionString,
151  const std::string& userName,
152  const std::string& password);
153  void startSession(bool readMode);
154 
155  void openSession(bool readOnly = true);
156 
157  void closeSession(bool commit = true);
158 
159  private:
160  std::shared_ptr<coral::IConnection> m_connection;
161  std::shared_ptr<coral::ISession> m_session;
162 
163  int m_principalId;
164  // the key used to encrypt the db credentials accessibles by the owner of the authenticated key.
165  std::string m_principalKey;
166 
167  std::string m_serviceName;
168  const auth::ServiceCredentials* m_serviceData;
169 
170  auth::DecodingKey m_key;
171  };
172 
173 } // namespace cond
174 
175 #endif
lumi_dqm_sourceclient-live_cfg.authPath
authPath
Definition: lumi_dqm_sourceclient-live_cfg.py:33
cond::CredentialStore::m_session
std::shared_ptr< coral::ISession > m_session
Definition: CredentialStore.h:161
cond::CredentialStore::keyPrincipalName
const std::string & keyPrincipalName()
Definition: CredentialStore.cc:1471
cond::CredentialStore::updatePrincipal
bool updatePrincipal(const std::string &principal, const std::string &principalKey, bool setAdmin=false)
Definition: CredentialStore.cc:1002
cond::CredentialStore::m_serviceData
const auth::ServiceCredentials * m_serviceData
Definition: CredentialStore.h:168
cond::auth::DecodingKey
Definition: DecodingKey.h:31
cond::CredentialStore::m_serviceName
std::string m_serviceName
Definition: CredentialStore.h:167
cond::CSScopedSession
Definition: CredentialStore.cc:170
cond::CredentialStore::m_key
auth::DecodingKey m_key
Definition: CredentialStore.h:170
cond::CredentialStore::openConnection
std::pair< std::string, std::string > openConnection(const std::string &connectionString)
Definition: CredentialStore.cc:536
cond::CredentialStore::Permission::connectionString
std::string connectionString
Definition: CredentialStore.h:130
coral_bridge::AuthenticationCredentialSet::get
const coral::IAuthenticationCredentials * get(const std::string &connectionString) const
Definition: CredentialStore.cc:100
serviceName
static const std::string serviceName
Definition: CredentialStore.cc:31
coral_bridge::AuthenticationCredentialSet::data
const std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > & data() const
Definition: CredentialStore.cc:118
cond::CredentialStore::startSession
void startSession(bool readMode)
Definition: CredentialStore.cc:571
EcalCondDBWriter_cfi.userName
userName
Definition: EcalCondDBWriter_cfi.py:61
cond::CredentialStore::selectForUser
bool selectForUser(coral_bridge::AuthenticationCredentialSet &destinationData)
Definition: CredentialStore.cc:1188
cond::CredentialStore::listConnections
bool listConnections(std::map< std::string, std::pair< std::string, std::string > > &destination)
Definition: CredentialStore.cc:1308
coral_bridge::AuthenticationCredentialSet::registerItem
void registerItem(const std::string &connectionString, const std::string &itemName, const std::string &itemValue)
Definition: CredentialStore.cc:46
cond::CredentialStore::setUpForConnectionString
std::string setUpForConnectionString(const std::string &connectionString, const std::string &authPath)
Definition: CredentialStore.cc:714
EcalCondDBWriter_cfi.password
password
Definition: EcalCondDBWriter_cfi.py:62
coral
Definition: Binary.h:9
cond::CredentialStore::~CredentialStore
virtual ~CredentialStore()
Standard Destructor.
Definition: CredentialStore.cc:682
cond::CredentialStore::closeSession
void closeSession(bool commit=true)
Definition: CredentialStore.cc:518
cond::CredentialStore::removePrincipal
bool removePrincipal(const std::string &principal)
Definition: CredentialStore.cc:1120
cond::CredentialStore::setUpForService
std::string setUpForService(const std::string &serviceName, const std::string &authPath)
Sets the initialization parameters.
Definition: CredentialStore.cc:684
coral_bridge::AuthenticationCredentialSet::AuthenticationCredentialSet
AuthenticationCredentialSet()
Constructor.
Definition: CredentialStore.cc:33
cond::CredentialStore::drop
bool drop(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:872
coral_bridge::AuthenticationCredentialSet::~AuthenticationCredentialSet
virtual ~AuthenticationCredentialSet()
Destructor.
Definition: CredentialStore.cc:35
cond::CredentialStore
Definition: CredentialStore.h:77
cond::CredentialStore::createSchema
bool createSchema(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:740
coral_bridge::AuthenticationCredentialSet::reset
void reset()
Definition: CredentialStore.cc:37
AlCaHLTBitMon_QueryRunRegistry.string
string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond
Definition: plugin.cc:23
cond::CredentialStore::startSuperSession
void startSuperSession(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:563
cond::CredentialStore::listPrincipals
bool listPrincipals(std::vector< std::string > &destination)
Definition: CredentialStore.cc:1287
coral_bridge::AuthenticationCredentialSet::registerCredentials
void registerCredentials(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:66
cond::CredentialStore::importForPrincipal
bool importForPrincipal(const std::string &principal, const coral_bridge::AuthenticationCredentialSet &data, bool forceUpdateConnection=false)
import data
Definition: CredentialStore.cc:1244
coral_bridge
Definition: CredentialStore.h:21
cond::CredentialStore::updateConnection
bool updateConnection(const std::string &connectionLabel, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:1106
DecodingKey.h
cond::CredentialStore::removeConnection
bool removeConnection(const std::string &connectionLabel)
Definition: CredentialStore.cc:1154
coral_bridge::AuthenticationCredentialSet
Definition: CredentialStore.h:23
cond::CredentialStore::exportAll
bool exportAll(coral_bridge::AuthenticationCredentialSet &data)
Definition: CredentialStore.cc:1414
cond::CredentialStore::Permission::role
std::string role
Definition: CredentialStore.h:129
cond::CredentialStore::Permission::connectionLabel
std::string connectionLabel
Definition: CredentialStore.h:131
cond::CredentialStore::m_principalKey
std::string m_principalKey
Definition: CredentialStore.h:165
cond::CredentialStore::m_principalId
int m_principalId
Definition: CredentialStore.h:163
HLTMuonOfflineAnalyzer_cff.destination
destination
Definition: HLTMuonOfflineAnalyzer_cff.py:50
coral_bridge::AuthenticationCredentialSet::m_data
std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > m_data
credentials for the specific roles
Definition: CredentialStore.h:65
cond::CredentialStore::CredentialStore
CredentialStore()
Standard Constructor.
Definition: CredentialStore.cc:673
cond::auth::ServiceCredentials
Definition: DecodingKey.h:13
data
char data[epos_bytes_allocation]
Definition: EPOS_Wrapper.h:79
cond::CredentialStore::resetAdmin
bool resetAdmin(const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:887
cond::CredentialStore::selectPermissions
bool selectPermissions(const std::string &principalName, const std::string &role, const std::string &connectionString, std::vector< Permission > &destination)
Definition: CredentialStore.cc:1352
cond::schemaLabel
std::string schemaLabel(const std::string &serviceName, const std::string &userName)
Definition: CredentialStore.cc:154
cond::CredentialStore::m_connection
std::shared_ptr< coral::IConnection > m_connection
Definition: CredentialStore.h:160
genParticles_cff.map
map
Definition: genParticles_cff.py:11
cond::CredentialStore::setPermission
bool setPermission(const std::string &principal, const std::string &role, const std::string &connectionString, const std::string &connectionLabel)
Definition: CredentialStore.cc:1037
cond::CredentialStore::DEFAULT_DATA_SOURCE
static const std::string DEFAULT_DATA_SOURCE
Definition: CredentialStore.h:80
cond::CredentialStore::unsetPermission
bool unsetPermission(const std::string &principal, const std::string &role, const std::string &connectionString)
Definition: CredentialStore.cc:1074
l1RCTOmdsFedVectorProducer_cfi.connectionString
connectionString
Definition: l1RCTOmdsFedVectorProducer_cfi.py:4
cond::CredentialStore::Permission::principalName
std::string principalName
Definition: CredentialStore.h:128
cond::CredentialStore::openSession
void openSession(const std::string &schemaName, const std::string &userName, const std::string &password, bool readMode)
Definition: CredentialStore.cc:550
cond::CredentialStore::Permission
Definition: CredentialStore.h:127
Generated for CMSSW Reference Manual by doxygen 1.8.16