CMS 3D CMS Logo
CredentialStore.h
Go to the documentation of this file.
1 #ifndef CondCore_CondDB_CredentialStore_h
2 #define CondCore_CondDB_CredentialStore_h
3 
4 #include "CondCore/CondDB/interface/DecodingKey.h"
5 //
6 #include <map>
7 #include <memory>
8 #include <string>
9 #include <sstream>
10 #include <algorithm>
11 //
12 #include "CoralBase/MessageStream.h"
13 
14 namespace coral {
15 
16  class AuthenticationCredentials;
17  class IAuthenticationCredentials;
18  class ISession;
19  class IConnection;
20 
21 } // namespace coral
22 
23 inline std::string to_lower(const std::string& s) {
24  std::string str(s);
25  std::transform(str.begin(), str.end(), str.begin(), [](unsigned char c) { return std::tolower(c); });
26  return str;
27 }
28 
29 namespace coral_bridge {
30 
31  class AuthenticationCredentialSet {
32  public:
34  AuthenticationCredentialSet();
35 
37  virtual ~AuthenticationCredentialSet();
38 
39  void registerItem(const std::string& connectionString, const std::string& itemName, const std::string& itemValue);
40 
41  void registerItem(const std::string& connectionString,
42  const std::string& role,
43  const std::string& itemName,
44  const std::string& itemValue);
45 
49  void registerCredentials(const std::string& connectionString,
50  const std::string& userName,
51  const std::string& password);
52 
56  void registerCredentials(const std::string& connectionString,
57  const std::string& role,
58  const std::string& userName,
59  const std::string& password);
60 
61  void import(const AuthenticationCredentialSet& data);
62 
63  const coral::IAuthenticationCredentials* get(const std::string& connectionString) const;
64 
65  const coral::IAuthenticationCredentials* get(const std::string& connectionString, const std::string& role) const;
66 
67  const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>& data() const;
68 
69  void reset();
70 
71  private:
73  std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*> m_data;
74  };
75 
76 } // namespace coral_bridge
77 
78 namespace cond {
79 
80  class Cipher;
81 
82  std::string schemaLabel(const std::string& serviceName, const std::string& userName);
83 
84  //
85  class CredentialStore {
86  public:
87  // default service is pointed in case the specific one has not been found in the key list
88  static const std::string DEFAULT_DATA_SOURCE;
89 
90  public:
92  CredentialStore();
93 
95  virtual ~CredentialStore();
96 
97  public:
99  std::string setUpForService(const std::string& serviceName, const std::string& authPath);
100 
101  std::string setUpForConnectionString(const std::string& connectionString, const std::string& authPath);
102 
103  bool createSchema(const std::string& connectionString, const std::string& userName, const std::string& password);
104 
105  bool drop(const std::string& connectionString, const std::string& userName, const std::string& password);
106 
107  bool resetAdmin(const std::string& userName, const std::string& password);
108 
109  bool updatePrincipal(const std::string& principal, const std::string& principalKey, bool setAdmin = false);
110 
111  bool setPermission(const std::string& principal,
112  const std::string& role,
113  const std::string& connectionString,
114  const std::string& connectionLabel);
115 
116  size_t unsetPermission(const std::string& principal, const std::string& role, const std::string& connectionString);
117 
118  bool updateConnection(const std::string& connectionLabel, const std::string& userName, const std::string& password);
119 
120  bool removePrincipal(const std::string& principal);
121 
122  bool removeConnection(const std::string& connectionLabel);
123 
124  bool selectForUser(coral_bridge::AuthenticationCredentialSet& destinationData);
125 
127  bool importForPrincipal(const std::string& principal,
128  const coral_bridge::AuthenticationCredentialSet& data,
129  bool forceUpdateConnection = false);
130 
131  bool listPrincipals(std::vector<std::string>& destination);
132 
133  bool listConnections(std::map<std::string, std::pair<std::string, std::string> >& destination);
134 
135  struct Permission {
136  std::string principalName;
137  std::string role;
138  std::string connectionString;
139  std::string connectionLabel;
140  };
141  bool selectPermissions(const std::string& principalName,
142  const std::string& role,
143  const std::string& connectionString,
144  std::vector<Permission>& destination);
145 
146  std::pair<std::string, std::string> getUserCredentials(const std::string& connectionString,
147  const std::string& role);
148 
149  bool exportAll(coral_bridge::AuthenticationCredentialSet& data);
150 
151  const std::string& serviceName();
152 
153  const std::string& keyPrincipalName();
154 
155  std::string log();
156 
157  private:
158  friend class CSScopedSession;
159 
160  std::pair<std::string, std::string> openConnection(const std::string& connectionString);
161  void openSession(const std::string& schemaName,
162  const std::string& userName,
163  const std::string& password,
164  bool readMode);
165  void startSuperSession(const std::string& connectionString,
166  const std::string& userName,
167  const std::string& password);
168  void startSession(bool readMode);
169 
170  void openSession(bool readOnly = true);
171 
172  void closeSession(bool commit = true);
173 
174  private:
175  std::shared_ptr<coral::IConnection> m_connection;
176  std::shared_ptr<coral::ISession> m_session;
177 
178  std::string m_authenticatedPrincipal;
179  int m_principalId;
180  // the key used to encrypt the db credentials accessibles by the owner of the authenticated key.
181  std::string m_principalKey;
182 
183  std::string m_serviceName;
184  const auth::ServiceCredentials* m_serviceData;
185 
186  auth::DecodingKey m_key;
187 
188  std::stringstream m_log;
189  };
190 
191 } // namespace cond
192 
193 #endif
lumi_dqm_sourceclient-live_cfg.authPath
authPath
Definition: lumi_dqm_sourceclient-live_cfg.py:33
cond::CredentialStore::m_session
std::shared_ptr< coral::ISession > m_session
Definition: CredentialStore.h:176
cond::CredentialStore::keyPrincipalName
const std::string & keyPrincipalName()
Definition: CredentialStore.cc:1584
cond::CredentialStore::updatePrincipal
bool updatePrincipal(const std::string &principal, const std::string &principalKey, bool setAdmin=false)
Definition: CredentialStore.cc:1014
cond::CredentialStore::m_serviceData
const auth::ServiceCredentials * m_serviceData
Definition: CredentialStore.h:184
cond::auth::DecodingKey
Definition: DecodingKey.h:31
cond::CredentialStore::m_serviceName
std::string m_serviceName
Definition: CredentialStore.h:183
cond::CSScopedSession
Definition: CredentialStore.cc:177
cond::CredentialStore::m_key
auth::DecodingKey m_key
Definition: CredentialStore.h:186
cond::CredentialStore::openConnection
std::pair< std::string, std::string > openConnection(const std::string &connectionString)
Definition: CredentialStore.cc:605
cond::CredentialStore::Permission::connectionString
std::string connectionString
Definition: CredentialStore.h:138
coral_bridge::AuthenticationCredentialSet::get
const coral::IAuthenticationCredentials * get(const std::string &connectionString) const
Definition: CredentialStore.cc:97
serviceName
static const std::string serviceName
Definition: CredentialStore.cc:31
coral_bridge::AuthenticationCredentialSet::data
const std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > & data() const
Definition: CredentialStore.cc:115
cond::CredentialStore::startSession
void startSession(bool readMode)
Definition: CredentialStore.cc:641
EcalCondDBWriter_cfi.userName
userName
Definition: EcalCondDBWriter_cfi.py:61
cond::CredentialStore::selectForUser
bool selectForUser(coral_bridge::AuthenticationCredentialSet &destinationData)
Definition: CredentialStore.cc:1230
cond::CredentialStore::listConnections
bool listConnections(std::map< std::string, std::pair< std::string, std::string > > &destination)
Definition: CredentialStore.cc:1419
coral_bridge::AuthenticationCredentialSet::registerItem
void registerItem(const std::string &connectionString, const std::string &itemName, const std::string &itemValue)
Definition: CredentialStore.cc:43
alignCSCRings.s
s
Definition: alignCSCRings.py:92
cond::CredentialStore::setUpForConnectionString
std::string setUpForConnectionString(const std::string &connectionString, const std::string &authPath)
Definition: CredentialStore.cc:791
EcalCondDBWriter_cfi.password
password
Definition: EcalCondDBWriter_cfi.py:62
coral
Definition: Binary.h:9
cond::CredentialStore::~CredentialStore
virtual ~CredentialStore()
Standard Destructor.
Definition: CredentialStore.cc:757
cond::CredentialStore::closeSession
void closeSession(bool commit=true)
Definition: CredentialStore.cc:586
cond::CredentialStore::removePrincipal
bool removePrincipal(const std::string &principal)
Definition: CredentialStore.cc:1159
cond::CredentialStore::log
std::string log()
Definition: CredentialStore.cc:1586
cond::CredentialStore::m_authenticatedPrincipal
std::string m_authenticatedPrincipal
Definition: CredentialStore.h:178
cond::CredentialStore::setUpForService
std::string setUpForService(const std::string &serviceName, const std::string &authPath)
Sets the initialization parameters.
Definition: CredentialStore.cc:759
coral_bridge::AuthenticationCredentialSet::AuthenticationCredentialSet
AuthenticationCredentialSet()
Constructor.
Definition: CredentialStore.cc:33
str
#define str(s)
Definition: TestProcessor.cc:53
cond::CredentialStore::drop
bool drop(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:960
coral_bridge::AuthenticationCredentialSet::~AuthenticationCredentialSet
virtual ~AuthenticationCredentialSet()
Destructor.
Definition: CredentialStore.cc:35
HcalDetIdTransform::transform
unsigned transform(const HcalDetId &id, unsigned transformCode)
Definition: HcalDetIdTransform.cc:7
cond::CredentialStore
Definition: CredentialStore.h:85
cond::CredentialStore::createSchema
bool createSchema(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:817
coral_bridge::AuthenticationCredentialSet::reset
void reset()
Definition: CredentialStore.cc:37
cond::CredentialStore::serviceName
const std::string & serviceName()
Definition: CredentialStore.cc:1582
cond
Definition: plugin.cc:23
cond::CredentialStore::getUserCredentials
std::pair< std::string, std::string > getUserCredentials(const std::string &connectionString, const std::string &role)
Definition: CredentialStore.cc:1288
cond::CredentialStore::startSuperSession
void startSuperSession(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:633
cond::CredentialStore::listPrincipals
bool listPrincipals(std::vector< std::string > &destination)
Definition: CredentialStore.cc:1398
coral_bridge::AuthenticationCredentialSet::registerCredentials
void registerCredentials(const std::string &connectionString, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:63
cond::CredentialStore::importForPrincipal
bool importForPrincipal(const std::string &principal, const coral_bridge::AuthenticationCredentialSet &data, bool forceUpdateConnection=false)
import data
Definition: CredentialStore.cc:1348
to_lower
std::string to_lower(const std::string &s)
Definition: CredentialStore.h:23
coral_bridge
Definition: CredentialStore.h:29
cond::CredentialStore::updateConnection
bool updateConnection(const std::string &connectionLabel, const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:1144
DecodingKey.h
cond::CredentialStore::removeConnection
bool removeConnection(const std::string &connectionLabel)
Definition: CredentialStore.cc:1195
coral_bridge::AuthenticationCredentialSet
Definition: CredentialStore.h:31
cond::CredentialStore::exportAll
bool exportAll(coral_bridge::AuthenticationCredentialSet &data)
Definition: CredentialStore.cc:1525
cond::CredentialStore::Permission::role
std::string role
Definition: CredentialStore.h:137
cond::CredentialStore::Permission::connectionLabel
std::string connectionLabel
Definition: CredentialStore.h:139
cond::CredentialStore::m_principalKey
std::string m_principalKey
Definition: CredentialStore.h:181
AlCaHLTBitMon_QueryRunRegistry.string
string string
Definition: AlCaHLTBitMon_QueryRunRegistry.py:256
cond::CredentialStore::m_principalId
int m_principalId
Definition: CredentialStore.h:179
HLTMuonOfflineAnalyzer_cff.destination
destination
Definition: HLTMuonOfflineAnalyzer_cff.py:50
cond::CredentialStore::unsetPermission
size_t unsetPermission(const std::string &principal, const std::string &role, const std::string &connectionString)
Definition: CredentialStore.cc:1092
coral_bridge::AuthenticationCredentialSet::m_data
std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > m_data
credentials for the specific roles
Definition: CredentialStore.h:73
cond::CredentialStore::CredentialStore
CredentialStore()
Standard Constructor.
Definition: CredentialStore.cc:746
cond::auth::ServiceCredentials
Definition: DecodingKey.h:13
cond::CredentialStore::m_log
std::stringstream m_log
Definition: CredentialStore.h:188
data
char data[epos_bytes_allocation]
Definition: EPOS_Wrapper.h:79
cond::CredentialStore::resetAdmin
bool resetAdmin(const std::string &userName, const std::string &password)
Definition: CredentialStore.cc:976
cond::CredentialStore::selectPermissions
bool selectPermissions(const std::string &principalName, const std::string &role, const std::string &connectionString, std::vector< Permission > &destination)
Definition: CredentialStore.cc:1463
cond::schemaLabel
std::string schemaLabel(const std::string &serviceName, const std::string &userName)
Definition: CredentialStore.cc:160
cond::CredentialStore::m_connection
std::shared_ptr< coral::IConnection > m_connection
Definition: CredentialStore.h:175
genParticles_cff.map
map
Definition: genParticles_cff.py:11
cond::CredentialStore::setPermission
bool setPermission(const std::string &principal, const std::string &role, const std::string &connectionString, const std::string &connectionLabel)
Definition: CredentialStore.cc:1052
cond::CredentialStore::DEFAULT_DATA_SOURCE
static const std::string DEFAULT_DATA_SOURCE
Definition: CredentialStore.h:88
c
auto & c
Definition: CAHitNtupletGeneratorKernelsImpl.h:56
l1RCTOmdsFedVectorProducer_cfi.connectionString
connectionString
Definition: l1RCTOmdsFedVectorProducer_cfi.py:4
cond::CredentialStore::Permission::principalName
std::string principalName
Definition: CredentialStore.h:136
cond::CredentialStore::openSession
void openSession(const std::string &schemaName, const std::string &userName, const std::string &password, bool readMode)
Definition: CredentialStore.cc:619
cond::CredentialStore::Permission
Definition: CredentialStore.h:135
Generated for CMSSW Reference Manual by doxygen 1.8.16