CMS 3D CMS Logo
CredentialStore.h
Go to the documentation of this file.
1 #ifndef CondCore_CondDB_CredentialStore_h
2 #define CondCore_CondDB_CredentialStore_h
3 
4 #include "CondCore/CondDB/interface/DecodingKey.h"
5 //
6 #include <map>
7 #include <memory>
8 #include <string>
9 #include <sstream>
10 //
11 #include "CoralBase/MessageStream.h"
12 
13 namespace coral {
14 
15  class AuthenticationCredentials;
16  class IAuthenticationCredentials;
17  class ISession;
18  class IConnection;
19 
20 } // namespace coral
21 
22 namespace coral_bridge {
23 
24  class AuthenticationCredentialSet {
25  public:
27  AuthenticationCredentialSet();
28 
30  virtual ~AuthenticationCredentialSet();
31 
32  void registerItem(const std::string& connectionString, const std::string& itemName, const std::string& itemValue);
33 
34  void registerItem(const std::string& connectionString,
35  const std::string& role,
36  const std::string& itemName,
37  const std::string& itemValue);
38 
42  void registerCredentials(const std::string& connectionString,
43  const std::string& userName,
44  const std::string& password);
45 
49  void registerCredentials(const std::string& connectionString,
50  const std::string& role,
51  const std::string& userName,
52  const std::string& password);
53 
54  void import(const AuthenticationCredentialSet& data);
55 
56  const coral::IAuthenticationCredentials* get(const std::string& connectionString) const;
57 
58  const coral::IAuthenticationCredentials* get(const std::string& connectionString, const std::string& role) const;
59 
60  const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>& data() const;
61 
62  void reset();
63 
64  private:
66  std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*> m_data;
67  };
68 
69 } // namespace coral_bridge
70 
71 namespace cond {
72 
73  class Cipher;
74 
75  std::string schemaLabel(const std::string& serviceName, const std::string& userName);
76 
77  //
78  class CredentialStore {
79  public:
80  // default service is pointed in case the specific one has not been found in the key list
81  static const std::string DEFAULT_DATA_SOURCE;
82 
83  public:
85  CredentialStore();
86 
88  virtual ~CredentialStore();
89 
90  public:
92  std::string setUpForService(const std::string& serviceName, const std::string& authPath);
93 
94  std::string setUpForConnectionString(const std::string& connectionString, const std::string& authPath);
95 
96  bool createSchema(const std::string& connectionString, const std::string& userName, const std::string& password);
97 
98  bool drop(const std::string& connectionString, const std::string& userName, const std::string& password);
99 
100  bool resetAdmin(const std::string& userName, const std::string& password);
101 
102  bool updatePrincipal(const std::string& principal, const std::string& principalKey, bool setAdmin = false);
103 
104  bool setPermission(const std::string& principal,
105  const std::string& role,
106  const std::string& connectionString,
107  const std::string& connectionLabel);
108 
109  bool unsetPermission(const std::string& principal, const std::string& role, const std::string& connectionString);
110 
111  bool updateConnection(const std::string& connectionLabel, const std::string& userName, const std::string& password);
112 
113  bool removePrincipal(const std::string& principal);
114 
115  bool removeConnection(const std::string& connectionLabel);
116 
117  bool selectForUser(coral_bridge::AuthenticationCredentialSet& destinationData);
118 
120  bool importForPrincipal(const std::string& principal,
121  const coral_bridge::AuthenticationCredentialSet& data,
122  bool forceUpdateConnection = false);
123 
124  bool listPrincipals(std::vector<std::string>& destination);
125 
126  bool listConnections(std::map<std::string, std::pair<std::string, std::string> >& destination);
127 
128  struct Permission {
129  std::string principalName;
130  std::string role;
131  std::string connectionString;
132  std::string connectionLabel;
133  };
134  bool selectPermissions(const std::string& principalName,
135  const std::string& role,
136  const std::string& connectionString,
137  std::vector<Permission>& destination);
138 
139  std::pair<std::string, std::string> getUserCredentials(const std::string& connectionString,
140  const std::string& role);
141 
142  bool exportAll(coral_bridge::AuthenticationCredentialSet& data);
143 
144  const std::string& serviceName();
145 
146  const std::string& keyPrincipalName();
147 
148  std::string log();
149 
150  private:
151  friend class CSScopedSession;
152 
153  std::pair<std::string, std::string> openConnection(const std::string& connectionString);
154  void openSession(const std::string& schemaName,
155  const std::string& userName,
156  const std::string& password,
157  bool readMode);
158  void startSuperSession(const std::string& connectionString,
159  const std::string& userName,
160  const std::string& password);
161  void startSession(bool readMode);
162 
163  void openSession(bool readOnly = true);
164 
165  void closeSession(bool commit = true);
166 
167  private:
168  std::shared_ptr<coral::IConnection> m_connection;
169  std::shared_ptr<coral::ISession> m_session;
170 
171  int m_principalId;
172  // the key used to encrypt the db credentials accessibles by the owner of the authenticated key.
173  std::string m_principalKey;
174 
175  std::string m_serviceName;
176  const auth::ServiceCredentials* m_serviceData;
177 
178  auth::DecodingKey m_key;
179 
180  std::stringstream m_log;
181  };
182 
183 } // namespace cond
184 
185 #endif
lumi_dqm_sourceclient-live_cfg.authPath
authPath
Definition: lumi_dqm_sourceclient-live_cfg.py:33
cond::CredentialStore::m_session
std::shared_ptr< coral::ISession > m_session
Definition: CredentialStore.h:169
cond::CredentialStore::keyPrincipalName
const std::string & keyPrincipalName()
Definition: CredentialStore.cc:1535
cond::CredentialStore::updatePrincipal
bool updatePrincipal(const std::string &principal, const std::string &principalKey, bool setAdmin=false)
Definition: CredentialStore.cc:983
cond::CredentialStore::m_serviceData
const auth::ServiceCredentials * m_serviceData
Definition: CredentialStore.h:176
cond::auth::DecodingKey
Definition: DecodingKey.h:31
cond::CredentialStore::m_serviceName
std::string m_serviceName
Definition: CredentialStore.h:175
cond::CSScopedSession
Definition: CredentialStore.cc:184
cond::CredentialStore::m_key
auth::DecodingKey m_key
Definition: CredentialStore.h:178
cond::CredentialStore::openConnection
std::pair< std::string, std::string > openConnection(const std::string &connectionString)
Definition: CredentialStore.cc:576
cond::CredentialStore::Permission::connectionString
std::string connectionString
Definition: CredentialStore.h:131
coral_bridge::AuthenticationCredentialSet::get
const coral::IAuthenticationCredentials * get(const std::string &connectionString) const
Definition: CredentialStore.cc:97
serviceName
static const std::string serviceName
Definition: CredentialStore.cc:31
coral_bridge::AuthenticationCredentialSet::data
const std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > & data() const
Definition: CredentialStore.cc:115
cond::CredentialStore::startSession
void startSession(bool readMode)
Definition: CredentialStore.cc:612
EcalCondDBWriter_cfi.userName
userName
Definition: EcalCondDBWriter_cfi.py:61
cond::CredentialStore::selectForUser
bool selectForUser(coral_bridge::AuthenticationCredentialSet &destinationData)
Definition: CredentialStore.cc:1183
cond::CredentialStore::listConnections
bool listConnections(std::map< std::string, std::pair< std::string, std::string > > &destination)
Definition: CredentialStore.cc:1370
coral_bridge::AuthenticationCredentialSet::registerItem
void registerItem(const std::string &connectionString, const std::string &itemName, const std::string &itemValue)
Definition: CredentialStore.cc:43
cond::CredentialStore::setUpForConnectionString
std::string setUpForConnectionString(const std::string &connectionString, const std::string &authPath)
Definition: CredentialStore.cc:760
EcalCondDBWriter_cfi.password
password
Definition: EcalCondDBWriter_cfi.py:62
coral
Definition: Binary.h:9
cond::CredentialStore::~CredentialStore
virtual ~CredentialStore()
Standard Destructor.
Definition: CredentialStore.cc:726
cond::CredentialStore::closeSession
void closeSession(bool commit=true)
Definition: CredentialStore.cc:557
cond::CredentialStore::removePrincipal
bool removePrincipal(const std::string &principal)
Definition: CredentialStore.cc:1112
cond::CredentialStore::log
std::string log()
Definition: CredentialStore.cc:1537
cond::CredentialStore::setUpForService
std::string setUpForService(const std::string &serviceName, const std::string &authPath)
Sets the initialization parameters.
Definition: CredentialStore.cc:728
coral_bridge::AuthenticationCredentialSet::AuthenticationCredentialSet
AuthenticationCredentialSet()
Constructor.
Definition: CredentialStore.cc:33
cond::CredentialStore::drop
bool drop(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:929
coral_bridge::AuthenticationCredentialSet::~AuthenticationCredentialSet
virtual ~AuthenticationCredentialSet()
Destructor.
Definition: CredentialStore.cc:35
cond::CredentialStore
Definition: CredentialStore.h:78
cond::CredentialStore::createSchema
bool createSchema(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:786
coral_bridge::AuthenticationCredentialSet::reset
void reset()
Definition: CredentialStore.cc:37
cond::CredentialStore::serviceName
const std::string & serviceName()
Definition: CredentialStore.cc:1533
AlCaHLTBitMon_QueryRunRegistry.string
string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond
Definition: plugin.cc:23
cond::CredentialStore::getUserCredentials
std::pair< std::string, std::string > getUserCredentials(const std::string &connectionString, const std::string &role)
Definition: CredentialStore.cc:1239
cond::CredentialStore::startSuperSession
void startSuperSession(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:604
cond::CredentialStore::listPrincipals
bool listPrincipals(std::vector< std::string > &destination)
Definition: CredentialStore.cc:1349
coral_bridge::AuthenticationCredentialSet::registerCredentials
void registerCredentials(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:63
cond::CredentialStore::importForPrincipal
bool importForPrincipal(const std::string &principal, const coral_bridge::AuthenticationCredentialSet &data, bool forceUpdateConnection=false)
import data
Definition: CredentialStore.cc:1299
coral_bridge
Definition: CredentialStore.h:22
cond::CredentialStore::updateConnection
bool updateConnection(const std::string &connectionLabel, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:1097
DecodingKey.h
cond::CredentialStore::removeConnection
bool removeConnection(const std::string &connectionLabel)
Definition: CredentialStore.cc:1148
coral_bridge::AuthenticationCredentialSet
Definition: CredentialStore.h:24
cond::CredentialStore::exportAll
bool exportAll(coral_bridge::AuthenticationCredentialSet &data)
Definition: CredentialStore.cc:1476
cond::CredentialStore::Permission::role
std::string role
Definition: CredentialStore.h:130
cond::CredentialStore::Permission::connectionLabel
std::string connectionLabel
Definition: CredentialStore.h:132
cond::CredentialStore::m_principalKey
std::string m_principalKey
Definition: CredentialStore.h:173
cond::CredentialStore::m_principalId
int m_principalId
Definition: CredentialStore.h:171
HLTMuonOfflineAnalyzer_cff.destination
destination
Definition: HLTMuonOfflineAnalyzer_cff.py:50
coral_bridge::AuthenticationCredentialSet::m_data
std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > m_data
credentials for the specific roles
Definition: CredentialStore.h:66
cond::CredentialStore::CredentialStore
CredentialStore()
Standard Constructor.
Definition: CredentialStore.cc:716
cond::auth::ServiceCredentials
Definition: DecodingKey.h:13
cond::CredentialStore::m_log
std::stringstream m_log
Definition: CredentialStore.h:180
data
char data[epos_bytes_allocation]
Definition: EPOS_Wrapper.h:79
cond::CredentialStore::resetAdmin
bool resetAdmin(const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:945
cond::CredentialStore::selectPermissions
bool selectPermissions(const std::string &principalName, const std::string &role, const std::string &connectionString, std::vector< Permission > &destination)
Definition: CredentialStore.cc:1414
cond::schemaLabel
std::string schemaLabel(const std::string &serviceName, const std::string &userName)
Definition: CredentialStore.cc:167
cond::CredentialStore::m_connection
std::shared_ptr< coral::IConnection > m_connection
Definition: CredentialStore.h:168
genParticles_cff.map
map
Definition: genParticles_cff.py:11
cond::CredentialStore::setPermission
bool setPermission(const std::string &principal, const std::string &role, const std::string &connectionString, const std::string &connectionLabel)
Definition: CredentialStore.cc:1021
cond::CredentialStore::DEFAULT_DATA_SOURCE
static const std::string DEFAULT_DATA_SOURCE
Definition: CredentialStore.h:81
cond::CredentialStore::unsetPermission
bool unsetPermission(const std::string &principal, const std::string &role, const std::string &connectionString)
Definition: CredentialStore.cc:1061
l1RCTOmdsFedVectorProducer_cfi.connectionString
connectionString
Definition: l1RCTOmdsFedVectorProducer_cfi.py:4
cond::CredentialStore::Permission::principalName
std::string principalName
Definition: CredentialStore.h:129
cond::CredentialStore::openSession
void openSession(const std::string &schemaName, const std::string &userName, const std::string &password, bool readMode)
Definition: CredentialStore.cc:590
cond::CredentialStore::Permission
Definition: CredentialStore.h:128
Generated for CMSSW Reference Manual by doxygen 1.8.16