6 #include "CoralBase/AttributeList.h" 7 #include "CoralBase/Attribute.h" 8 #include "CoralKernel/Context.h" 9 #include "CoralCommon/URIParser.h" 10 #include "RelationalAccess/AuthenticationCredentials.h" 11 #include "RelationalAccess/IBulkOperation.h" 12 #include "RelationalAccess/IConnection.h" 13 #include "RelationalAccess/ISession.h" 14 #include "RelationalAccess/IRelationalService.h" 15 #include "RelationalAccess/IRelationalDomain.h" 16 #include "RelationalAccess/ITransaction.h" 17 #include "RelationalAccess/ISchema.h" 18 #include "RelationalAccess/ITable.h" 19 #include "RelationalAccess/TableDescription.h" 20 #include "RelationalAccess/ITableDataEditor.h" 21 #include "RelationalAccess/ITablePrivilegeManager.h" 22 #include "RelationalAccess/IQuery.h" 23 #include "RelationalAccess/ICursor.h" 25 #include "RelationalAccess/AuthenticationCredentials.h" 38 for (
auto iData = m_data.begin(); iData != m_data.end(); ++iData)
54 std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>::iterator iData =
56 if (iData == m_data.end()) {
57 iData = m_data.insert(std::make_pair(connKey,
new coral::AuthenticationCredentials(
serviceName))).first;
59 iData = m_data.insert(std::make_pair(connKey,
new coral::AuthenticationCredentials(
serviceName))).first;
60 iData->second->registerItem(itemName, itemValue);
74 std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>::iterator iData =
76 if (iData != m_data.end()) {
78 m_data.erase(connKey);
80 iData = m_data.insert(std::make_pair(connKey,
new coral::AuthenticationCredentials(
serviceName))).first;
81 iData->second->registerItem(coral::IAuthenticationCredentials::userItem(),
userName);
82 iData->second->registerItem(coral::IAuthenticationCredentials::passwordItem(),
password);
86 for (
std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>::const_iterator iData =
88 iData !=
data.m_data.end();
90 registerCredentials(iData->first.first,
92 iData->second->valueForItem(coral::IAuthenticationCredentials::userItem()),
93 iData->second->valueForItem(coral::IAuthenticationCredentials::passwordItem()));
104 const coral::IAuthenticationCredentials*
ret =
nullptr;
106 std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>::const_iterator iData =
107 m_data.find(connKey);
108 if (iData != m_data.end()) {
114 const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>&
152 if (schemaVersion.empty())
184 void start(
bool readOnly =
true) { m_store.startSession(readOnly); }
185 void close() { m_store.closeSession(); }
199 coral::ISchema& schema,
203 coral::AttributeList readBuff;
208 coral::AttributeList whereData;
212 query->defineOutput(readBuff);
217 query->setCondition(whereClause, whereData);
218 coral::ICursor& cursor =
query->execute();
222 const coral::AttributeList& row = cursor.currentRow();
241 coral::ISchema& schema,
245 coral::AttributeList readBuff;
251 coral::AttributeList whereData;
255 query->defineOutput(readBuff);
261 query->setCondition(whereClause, whereData);
262 coral::ICursor& cursor =
query->execute();
265 const coral::AttributeList& row = cursor.currentRow();
284 coral::ISchema& schema,
290 coral::AttributeList readBuff;
294 coral::AttributeList whereData;
298 whereData[
P_ID_COL].data<
int>() = principalId;
301 std::stringstream whereClause;
305 query->defineOutput(readBuff);
309 query->setCondition(whereClause.str(), whereData);
310 coral::ICursor& cursor =
query->execute();
313 const coral::AttributeList& row = cursor.currentRow();
323 coral::ISchema& schema,
328 coral::AttributeList readBuff;
330 coral::AttributeList whereData;
332 std::stringstream whereClause;
334 if (principalId >= 0) {
343 if (principalId >= 0)
344 whereData[
P_ID_COL].data<
int>() = principalId;
346 whereData[
ROLE_COL].data<std::string>() = role;
347 query->defineOutput(readBuff);
349 query->setCondition(whereClause.str(), whereData);
350 coral::ICursor& cursor =
query->execute();
351 size_t n_entries = 0;
352 while (cursor.next()) {
359 coral::ISchema& schema,
364 query->limitReturnedRows(1, 0);
367 query->setForUpdate();
369 coral::AttributeList rowData;
372 query->setCondition(whereClause, rowData);
373 coral::ICursor& cursor =
query->execute();
375 value = cursor.currentRow().begin()->data<
int>() + 1;
381 coral::AttributeList updateData;
386 coral::AttributeList::iterator iAttribute = updateData.begin();
389 iAttribute->data<
int>() =
value;
390 schema.tableHandle(
tname(
SEQUENCE_TABLE, schemaVersion)).dataEditor().updateRows(setClause, whClause, updateData);
395 coral::ISchema& schema,
400 std::stringstream&
log) {
409 int principalId = princData.
id;
413 coral::ITableDataEditor& editor = schema.tableHandle(authentication_table_name).dataEditor();
415 log <<
"Updating existing principal " << principalName <<
" (id: " << principalId <<
" )" << std::endl;
417 coral::AttributeList updateData;
426 std::stringstream setClause;
431 editor.updateRows(setClause.str(), whereClause, updateData);
434 principalKey = adminKey;
439 coral::ITableDataEditor& editor0 = schema.tableHandle(authentication_table_name).dataEditor();
442 throwException(
"Can't find " + authentication_table_name +
" sequence.",
"CredentialStore::updatePrincipal");
443 log <<
"Creating new principal " << principalName <<
" (id: " << principalId <<
" )" << std::endl;
444 coral::AttributeList authData;
445 editor0.rowBuffer(authData);
451 editor0.insertRow(authData);
454 return std::make_pair(principalId, principalKey);
458 coral::ISchema& schema,
465 std::stringstream&
log) {
475 coral::ITableDataEditor& editor = schema.tableHandle(authorization_table_name).dataEditor();
477 log <<
"Updating permission for principal id " << principalId <<
" to access resource " <<
connectionString 478 <<
" with role " << role << std::endl;
479 coral::AttributeList updateData;
484 updateData[
C_ID_COL].data<
int>() = connectionId;
488 editor.updateRows(setCl, whereCl, updateData);
492 throwException(
"Can't find " + authorization_table_name +
" sequence.",
"CredentialStore::setPermission");
493 log <<
"Setting permission for principal id " << principalId <<
" to access resource " <<
connectionString 494 <<
" with role " << role << std::endl;
495 coral::AttributeList insertData;
503 insertData[
P_ID_COL].data<
int>() = principalId;
507 insertData[
C_ID_COL].data<
int>() = connectionId;
508 editor.insertRow(insertData);
514 coral::ISchema& schema,
520 std::stringstream&
log) {
523 int connId = credsData.
id;
528 coral::ITableDataEditor& editor = schema.tableHandle(credential_table_name).dataEditor();
533 if (verificationKey != connectionLabel) {
534 throwException(
"Decoding of connection key failed.",
"CredentialStore::updateConnection");
539 log <<
"Forcing update of connection " << connectionLabel << std::endl;
540 coral::AttributeList updateData;
547 std::stringstream setCl;
551 editor.updateRows(setCl.str(), whereCl, updateData);
562 throwException(
"Can't find " + credential_table_name +
" sequence.",
"CredentialStore::updateConnection");
563 log <<
"Creating new connection " << connectionLabel << std::endl;
564 coral::AttributeList insertData;
578 editor.insertRow(insertData);
580 return std::make_pair(connId, connectionKey);
587 if (m_session.get()) {
588 if (m_session->transaction().isActive()) {
590 m_session->transaction().commit();
592 m_session->transaction().rollback();
595 m_session->endUserSession();
598 if (m_connection.get()) {
599 m_connection->disconnect();
601 m_connection.reset();
602 m_log <<
"Session has been closed." << std::endl;
606 coral::IHandle<coral::IRelationalService> relationalService =
608 if (!relationalService.isValid()) {
612 coral::IRelationalDomain& domain = relationalService->domainForConnection(
connectionString);
613 std::pair<std::string, std::string> connTokens = domain.decodeUserConnectionString(
connectionString);
614 m_connection.reset(domain.newConnection(connTokens.first));
615 m_connection->connect();
623 coral::AccessMode accessMode = coral::ReadOnly;
625 accessMode = coral::Update;
626 m_session.reset(m_connection->newSession(schemaName, accessMode));
629 m_session->transaction().start(readMode);
630 m_log <<
"New session opened." << std::endl;
636 std::pair<std::string, std::string> connTokens = openConnection(
connectionString);
642 if (!m_serviceData) {
643 throwException(
"The credential store has not been initialized.",
"cond::CredentialStore::openConnection");
645 const std::string& storeConnectionString = m_serviceData->connectionString;
647 std::pair<std::string, std::string> connTokens = openConnection(storeConnectionString);
654 coral::ISchema& schema = m_session->nominalSchema();
655 const std::string& schemaVersion = m_key.version();
659 throwException(
"Credential database does not exists in \"" + storeConnectionString +
"\"",
660 "CredentialStore::startSession");
663 const std::string& principalName = m_key.principalName();
666 if (!
selectPrincipal(schemaVersion, m_session->nominalSchema(), principalName, princData)) {
667 throwException(
"Invalid credentials provided.(0)",
"CredentialStore::startSession");
671 if (verifStr != principalName) {
672 throwException(
"Invalid credentials provided (1)",
"CredentialStore::startSession");
675 m_principalId = princData.
id;
676 m_principalKey = cipher0.b64decrypt(princData.
principalKey);
677 m_authenticatedPrincipal = m_key.principalName();
682 if (adminKey != m_principalKey) {
684 throwException(
"Provided credentials does not allow admin operation.",
"CredentialStore::openSession");
688 std::unique_ptr<coral::IQuery>
query(schema.newQuery());
691 coral::AttributeList readBuff;
697 coral::AttributeList whereData;
701 whereData[
P_ID_COL].data<
int>() = m_principalId;
704 std::stringstream whereClause;
709 query->defineOutput(readBuff);
715 query->setCondition(whereClause.str(), whereData);
716 coral::ICursor& cursor =
query->execute();
721 const coral::AttributeList& row = cursor.currentRow();
729 if (verificationKey != connLabel) {
730 throwException(
"Could not decrypt credentials.Provided key is invalid.",
"CredentialStore::startSession");
732 writeUserName = cipher1.
b64decrypt(encryptedUserName);
733 writePassword = cipher1.
b64decrypt(encryptedPassword);
737 throwException(
"Provided credentials are invalid for write access.",
"CredentialStore::openSession");
739 m_session->transaction().commit();
740 m_session->endUserSession();
741 openSession(connTokens.second, writeUserName, writePassword,
false);
749 m_authenticatedPrincipal(
""),
753 m_serviceData(nullptr),
761 throwException(
"Service name has not been provided.",
"cond::CredentialStore::setUpConnection");
763 m_serviceName.clear();
764 m_serviceData =
nullptr;
767 throwException(
"The authentication Path has not been provided.",
"cond::CredentialStore::setUpForService");
770 if (!std::filesystem::exists(
authPath) || !std::filesystem::is_directory(
authPath)) {
771 throwException(
"Authentication Path is invalid.",
"cond::CredentialStore::setUpForService");
778 std::map<std::string, auth::ServiceCredentials>::const_iterator iK = m_key.services().find(
serviceName);
779 if (iK == m_key.services().end()) {
781 msg +=
"Service \"" +
serviceName +
"\" can't be open with the current key.";
785 m_serviceData = &iK->second;
786 m_log <<
"Opening Credential Store for service " << m_serviceName <<
" on " << m_serviceData->connectionString
788 return m_serviceData->connectionString;
793 coral::IHandle<coral::IRelationalService> relationalService =
795 if (!relationalService.isValid()) {
799 coral::IRelationalDomain& domain = relationalService->domainForConnection(
connectionString);
800 std::pair<std::string, std::string> connTokens = domain.decodeUserConnectionString(
connectionString);
807 coral::AttributeList insertData;
810 coral::AttributeList::iterator iAttribute = insertData.begin();
813 iAttribute->data<
int>() = -1;
814 schema.tableHandle(
tname(
SEQUENCE_TABLE, schemaVersion)).dataEditor().insertRow(insertData);
823 coral::ISchema& schema = m_session->nominalSchema();
825 if (schema.existsTable(authentication_table_name)) {
826 throwException(
"Credential database, already exists.",
"CredentialStore::create");
829 m_log <<
"Creating sequence table." << std::endl;
831 coral::TableDescription dseq;
832 dseq.setName(sequence_table_name);
833 dseq.insertColumn(
SEQUENCE_NAME_COL, coral::AttributeSpecification::typeNameForType<std::string>());
835 dseq.insertColumn(
SEQUENCE_VALUE_COL, coral::AttributeSpecification::typeNameForType<int>());
838 schema.createTable(dseq);
840 int columnSize = 2000;
842 m_log <<
"Creating authentication table." << std::endl;
844 addSequence(m_key.version(), schema, authentication_table_name);
845 coral::TableDescription descr0;
846 descr0.setName(authentication_table_name);
847 descr0.insertColumn(
PRINCIPAL_ID_COL, coral::AttributeSpecification::typeNameForType<int>());
849 PRINCIPAL_NAME_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
851 VERIFICATION_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
853 PRINCIPAL_KEY_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
854 descr0.insertColumn(
ADMIN_KEY_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
860 std::vector<std::string> columnsUnique;
862 descr0.setUniqueConstraint(columnsUnique);
863 std::vector<std::string> columnsForIndex;
865 descr0.setPrimaryKey(columnsForIndex);
866 schema.createTable(descr0);
868 m_log <<
"Creating authorization table." << std::endl;
871 addSequence(m_key.version(), schema, authorization_table_name);
872 coral::TableDescription descr1;
873 descr1.setName(authorization_table_name);
874 descr1.insertColumn(
AUTH_ID_COL, coral::AttributeSpecification::typeNameForType<int>());
875 descr1.insertColumn(
P_ID_COL, coral::AttributeSpecification::typeNameForType<int>());
876 descr1.insertColumn(
ROLE_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
877 descr1.insertColumn(
SCHEMA_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
878 descr1.insertColumn(
AUTH_KEY_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
879 descr1.insertColumn(
C_ID_COL, coral::AttributeSpecification::typeNameForType<int>());
881 descr1.setNotNullConstraint(
P_ID_COL);
882 descr1.setNotNullConstraint(
ROLE_COL);
885 descr1.setNotNullConstraint(
C_ID_COL);
886 columnsUnique.clear();
890 descr1.setUniqueConstraint(columnsUnique);
891 columnsForIndex.clear();
893 descr1.setPrimaryKey(columnsForIndex);
894 schema.createTable(descr1);
896 m_log <<
"Creating credential table." << std::endl;
899 addSequence(m_key.version(), schema, credential_table_name);
900 coral::TableDescription descr2;
901 descr2.setName(credential_table_name);
902 descr2.insertColumn(
CONNECTION_ID_COL, coral::AttributeSpecification::typeNameForType<int>());
904 CONNECTION_LABEL_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
905 descr2.insertColumn(
USERNAME_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
906 descr2.insertColumn(
PASSWORD_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
908 VERIFICATION_KEY_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
910 CONNECTION_KEY_COL, coral::AttributeSpecification::typeNameForType<std::string>(), columnSize,
false);
917 columnsUnique.clear();
919 descr2.setUniqueConstraint(columnsUnique);
920 columnsForIndex.clear();
922 descr2.setPrimaryKey(columnsForIndex);
923 schema.createTable(descr2);
926 schema.tableHandle(authentication_table_name)
928 .grantToUser(m_serviceData->userName, coral::ITablePrivilegeManager::Select);
929 schema.tableHandle(authorization_table_name)
931 .grantToUser(m_serviceData->userName, coral::ITablePrivilegeManager::Select);
932 schema.tableHandle(credential_table_name)
934 .grantToUser(m_serviceData->userName, coral::ITablePrivilegeManager::Select);
936 std::cout <<
"WARNING: Could not grant select access to user " << m_serviceData->userName <<
": [" <<
e.what()
939 m_log <<
"Granting ADMIN access permission." << std::endl;
943 m_key.version(), schema, m_key.principalKey(), m_key.principalName(), m_principalKey,
true, m_log);
946 m_key.version(), schema, m_principalKey, credentialAccessLabel,
userName,
password,
true, m_log);
966 m_log <<
"Dropping AUTHORIZATION, CREDENTIAL, AUTHENTICATION and SEQUENCE tables." << std::endl;
967 coral::ISchema& schema = m_session->nominalSchema();
977 if (!m_serviceData) {
978 throwException(
"The credential store has not been initialized.",
"cond::CredentialStore::installAdmin");
985 coral::ISchema& schema = m_session->nominalSchema();
986 const std::string& principalName = m_key.principalName();
987 const std::string& authenticationKey = m_key.principalKey();
989 if (!
selectPrincipal(m_key.version(), schema, principalName, princData)) {
991 msg += principalName +
"\" has not been found.";
997 auto p =
updatePrincipalData(m_key.version(), schema, authenticationKey, principalName, m_principalKey,
false, m_log);
1000 m_key.version(), schema, m_principalKey, credentialAccessLabel,
userName,
password,
true, m_log);
1018 session.
start(
false);
1019 coral::ISchema& schema = m_session->nominalSchema();
1021 updatePrincipalData(m_key.version(), schema, authenticationKey, principalName, m_principalKey,
false, m_log);
1024 int princId = princData.first;
1026 std::string connString = m_serviceData->connectionString;
1029 throwException(
"The current operating user is not admin user on the underlying Credential Store.",
1030 "CredentialStore::updatePrincipal");
1035 throwException(
"Credential Store connection has not been defined.",
"CredentialStore::updatePrincipal");
1057 session.
start(
false);
1059 coral::ISchema& schema = m_session->nominalSchema();
1065 std::string msg =
"Principal \"" + principal +
"\" does not exist in the database.";
1069 m_log <<
"Principal " << principal <<
" id: " << princData.
id << std::endl;
1074 std::string msg =
"Connection named \"" + connectionLabel +
"\" does not exist in the database.";
1099 session.
start(
false);
1100 coral::ISchema& schema = m_session->nominalSchema();
1102 coral::AttributeList deleteData;
1104 std::stringstream whereClause;
1106 if (!role.empty()) {
1108 m_log <<
" with role " << role;
1111 if (!principal.empty()) {
1116 std::string msg =
"Principal \"" + principal +
"\" does not exist in the database.";
1120 princId = princData.
id;
1121 m_log <<
" by principal " << principal <<
" (id: " << princData.
id <<
")";
1125 m_log <<
": " << n_e <<
" authorization entries." << std::endl;
1129 if (!role.empty()) {
1133 if (!principal.empty()) {
1134 deleteData[
P_ID_COL].data<
int>() = princId;
1138 editor.deleteRows(whereClause.str(), deleteData);
1148 session.
start(
false);
1150 m_session->transaction().start();
1151 coral::ISchema& schema = m_session->nominalSchema();
1161 session.
start(
false);
1162 coral::ISchema& schema = m_session->nominalSchema();
1168 std::string msg =
"Principal \"" + principal +
"\" does not exist in the database.";
1172 m_log <<
"Removing principal " << principal <<
" (id: " << princData.
id <<
")" << std::endl;
1176 coral::AttributeList deleteData0;
1178 deleteData0[
P_ID_COL].data<
int>() = princData.
id;
1180 editor0.deleteRows(whereClause0, deleteData0);
1184 coral::AttributeList deleteData1;
1188 editor1.deleteRows(whereClause1, deleteData1);
1197 session.
start(
false);
1198 coral::ISchema& schema = m_session->nominalSchema();
1204 std::string msg =
"Connection named \"" + connectionLabel +
"\" does not exist in the database.";
1208 m_log <<
"Removing connection " << connectionLabel << std::endl;
1211 coral::AttributeList deleteData0;
1213 deleteData0[
C_ID_COL].data<
int>() = credsData.
id;
1215 editor0.deleteRows(whereClause0, deleteData0);
1217 coral::ITableDataEditor& editor1 = schema.tableHandle(
tname(
CREDENTIAL_TABLE, m_key.version())).dataEditor();
1219 coral::AttributeList deleteData1;
1223 editor1.deleteRows(whereClause1, deleteData1);
1232 session.
start(
true);
1233 coral::ISchema& schema = m_session->nominalSchema();
1237 std::unique_ptr<coral::IQuery>
query(schema.newQuery());
1240 coral::AttributeList readBuff;
1248 coral::AttributeList whereData;
1250 whereData[
P_ID_COL].data<
int>() = m_principalId;
1251 std::stringstream whereClause;
1252 whereClause <<
"AUTHO." <<
C_ID_COL <<
"=" 1254 whereClause <<
" AND " 1256 query->defineOutput(readBuff);
1264 query->setCondition(whereClause.str(), whereData);
1265 coral::ICursor& cursor =
query->execute();
1266 while (cursor.next()) {
1267 const coral::AttributeList& row = cursor.currentRow();
1277 if (verificationString == connectionLabel) {
1291 session.
start(
true);
1292 coral::ISchema& schema = m_session->nominalSchema();
1296 std::unique_ptr<coral::IQuery>
query(schema.newQuery());
1299 coral::AttributeList readBuff;
1305 coral::AttributeList whereData;
1309 whereData[
P_ID_COL].data<
int>() = m_principalId;
1312 std::stringstream whereClause;
1313 whereClause <<
"AUTHO." <<
C_ID_COL <<
"=" 1315 whereClause <<
" AND " 1317 whereClause <<
" AND " 1319 whereClause <<
" AND " 1321 query->defineOutput(readBuff);
1327 query->setCondition(whereClause.str(), whereData);
1328 coral::ICursor& cursor =
query->execute();
1330 if (cursor.next()) {
1331 const coral::AttributeList& row = cursor.currentRow();
1339 if (verificationString == connectionLabel) {
1350 bool forceUpdateConnection) {
1352 session.
start(
false);
1353 coral::ISchema& schema = m_session->nominalSchema();
1359 std::string msg =
"Principal \"" + principal +
"\" does not exist in the database.";
1363 bool imported =
false;
1367 const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>& creds =
dataSource.data();
1368 for (
std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>::const_iterator iConn =
1370 iConn != creds.end();
1377 std::string userName = iConn->second->valueForItem(coral::IAuthenticationCredentials::userItem());
1378 std::string password = iConn->second->valueForItem(coral::IAuthenticationCredentials::passwordItem());
1386 forceUpdateConnection,
1400 session.
start(
true);
1401 coral::ISchema& schema = m_session->nominalSchema();
1404 coral::AttributeList readBuff;
1406 query->defineOutput(readBuff);
1408 coral::ICursor& cursor =
query->execute();
1410 while (cursor.next()) {
1412 const coral::AttributeList& row = cursor.currentRow();
1421 session.
start(
true);
1422 coral::ISchema& schema = m_session->nominalSchema();
1425 coral::AttributeList readBuff;
1431 query->defineOutput(readBuff);
1437 coral::ICursor& cursor =
query->execute();
1440 while (cursor.next()) {
1443 const coral::AttributeList& row = cursor.currentRow();
1450 if (verif == connLabel) {
1468 session.
start(
true);
1469 coral::ISchema& schema = m_session->nominalSchema();
1470 std::unique_ptr<coral::IQuery>
query(schema.newQuery());
1474 coral::AttributeList readBuff;
1479 coral::AttributeList whereData;
1480 std::stringstream whereClause;
1482 whereClause <<
" AND AUTHO." <<
C_ID_COL <<
"=" 1484 if (!principalName.empty()) {
1489 if (!role.empty()) {
1500 query->defineOutput(readBuff);
1505 query->setCondition(whereClause.str(), whereData);
1509 coral::ICursor& cursor =
query->execute();
1511 while (cursor.next()) {
1512 const coral::AttributeList& row = cursor.currentRow();
1527 session.
start(
true);
1528 coral::ISchema& schema = m_session->nominalSchema();
1529 std::unique_ptr<coral::IQuery>
query(schema.newQuery());
1532 coral::AttributeList readBuff;
1540 coral::AttributeList whereData;
1541 std::stringstream whereClause;
1542 whereClause <<
"AUTHO." <<
C_ID_COL <<
"=" 1545 query->defineOutput(readBuff);
1553 query->setCondition(whereClause.str(), whereData);
1554 coral::ICursor& cursor =
query->execute();
1557 while (cursor.next()) {
1558 const coral::AttributeList& row = cursor.currentRow();
1569 if (verifKey == connectionLabel) {
std::pair< std::string, std::string > getUserCredentials(const std::string &connectionString, const std::string &role)
CSScopedSession(CredentialStore &store)
const std::string & keyPrincipalName()
static const std::string LEGACY_TABLE_PREFIX("COND_")
void import(const AuthenticationCredentialSet &data)
static const std::string SEQUENCE_VALUE_COL("VALUE")
std::pair< int, std::string > updateConnectionData(const std::string &schemaVersion, coral::ISchema &schema, const std::string &adminKey, const std::string &connectionLabel, const std::string &userName, const std::string &password, bool forceUpdate, std::stringstream &log)
size_t unsetPermission(const std::string &principal, const std::string &role, const std::string &connectionString)
bool updatePrincipal(const std::string &principal, const std::string &principalKey, bool setAdmin=false)
CredentialStore()
Standard Constructor.
static const std::string ROLE_COL("C_ROLE")
virtual ~AuthenticationCredentialSet()
Destructor.
static PFTauRenderPlugin instance
bool removeConnection(const std::string &connectionLabel)
ret
prodAgent to be discontinued
void openSession(const std::string &schemaName, const std::string &userName, const std::string &password, bool readMode)
bool resetAdmin(const std::string &userName, const std::string &password)
static const std::string SCHEMA_COL("C_SCHEMA")
static const std::string AUTHENTICATION_TABLE("AUTHENTICATION")
AuthenticationCredentialSet()
Constructor.
bool listConnections(std::map< std::string, std::pair< std::string, std::string > > &destination)
void addSequence(const std::string &schemaVersion, coral::ISchema &schema, const std::string &name)
std::pair< int, std::string > updatePrincipalData(const std::string &schemaVersion, coral::ISchema &schema, const std::string &authenticationKey, const std::string &principalName, const std::string &adminKey, bool init, std::stringstream &log)
void start(bool readOnly=true)
std::string to_lower(const std::string &s)
bool selectAuthorization(const std::string &schemaVersion, coral::ISchema &schema, int principalId, const std::string &role, const std::string &connectionString, AuthorizationData &destination)
void startSuper(const std::string &connectionString, const std::string &userName, const std::string &password)
void find(edm::Handle< EcalRecHitCollection > &hits, DetId thisDet, std::vector< EcalRecHitCollection::const_iterator > &hit, bool debug=false)
static const std::string serviceName
CredentialStore & m_store
void throwException(const std::string &message, const std::string &methodName)
static const std::string PASSWORD_COL("CRED5")
std::string principalName
bool setPermissionData(const std::string &schemaVersion, coral::ISchema &schema, int principalId, const std::string &principalKey, const std::string &role, const std::string &connectionString, int connectionId, const std::string &connectionKey, std::stringstream &log)
void closeSession(bool commit=true)
static const std::string CONNECTION_KEY_COL("CRED7")
static const std::string TABLE_PREFIX("DB_")
void registerItem(const std::string &connectionString, const std::string &itemName, const std::string &itemValue)
static const std::string SEQUENCE_TABLE("CREDENTIAL_SEQUENCE")
std::string connectionString
bool getNextSequenceValue(const std::string &schemaVersion, coral::ISchema &schema, const std::string &sequenceName, int &value)
static const std::string ADMIN_KEY_COL("CRED2")
std::string connectionKey
static const std::string VERIFICATION_KEY_COL("CRED6")
void startSession(bool readMode)
static const std::set< std::string > ROLES
bool updateConnection(const std::string &connectionLabel, const std::string &userName, const std::string &password)
bool createSchema(const std::string &connectionString, const std::string &userName, const std::string &password)
static constexpr const char *const COND_ADMIN_ROLE
bool exportAll(coral_bridge::AuthenticationCredentialSet &data)
std::string schemaLabel(const std::string &serviceName, const std::string &userName)
static constexpr unsigned int COND_DB_KEY_SIZE
bool listPrincipals(std::vector< std::string > &destination)
std::string setUpForConnectionString(const std::string &connectionString, const std::string &authPath)
static const std::string VERIFICATION_COL("CRED0")
static const std::string SEQUENCE_NAME_COL("NAME")
std::string setUpForService(const std::string &serviceName, const std::string &authPath)
Sets the initialization parameters.
bool importForPrincipal(const std::string &principal, const coral_bridge::AuthenticationCredentialSet &data, bool forceUpdateConnection=false)
import data
static const std::string USERNAME_COL("CRED4")
def gen(fragment, howMuch)
Production test section ####.
bool setPermission(const std::string &principal, const std::string &role, const std::string &connectionString, const std::string &connectionLabel)
virtual ~CredentialStore()
Standard Destructor.
std::string schemaLabelForCredentialStore(const std::string &connectionString)
bool selectForUser(coral_bridge::AuthenticationCredentialSet &destinationData)
static const std::string CONNECTION_ID_COL("CONN_ID")
bool removePrincipal(const std::string &principal)
const std::string & serviceName()
bool selectConnection(const std::string &schemaVersion, coral::ISchema &schema, const std::string &connectionLabel, CredentialData &destination)
void startSuperSession(const std::string &connectionString, const std::string &userName, const std::string &password)
static const std::string PRINCIPAL_ID_COL("P_ID")
bool selectPermissions(const std::string &principalName, const std::string &role, const std::string &connectionString, std::vector< Permission > &destination)
std::string b64encrypt(const std::string &input)
static const std::string AUTH_ID_COL("AUTH_ID")
static const std::string AUTHORIZATION_TABLE("AUTHORIZATION")
void registerCredentials(const std::string &connectionString, const std::string &userName, const std::string &password)
const std::string DEFAULT_DATA_SOURCE("Cond_Default_Authentication")
std::pair< std::string, std::string > openConnection(const std::string &connectionString)
char data[epos_bytes_allocation]
bool drop(const std::string &connectionString, const std::string &userName, const std::string &password)
static const std::string PRINCIPAL_KEY_COL("CRED1")
std::string tname(const std::string &tableName, const std::string &schemaVersion)
static const std::string CREDENTIAL_TABLE("CREDENTIAL")
std::string verificationKey
std::string connectionLabel
static const std::string P_ID_COL("P_ID")
static constexpr const char *const FILE_PATH
const coral::IAuthenticationCredentials * get(const std::string &connectionString) const
const std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > & data() const
static const std::string CONNECTION_LABEL_COL("CONN_LABEL")
void reset(double vett[256])
bool selectPrincipal(const std::string &schemaVersion, coral::ISchema &schema, const std::string &principal, PrincipalData &destination)
void throwException(const std::string &message, const std::string &methodName)
static const std::string C_ID_COL("C_ID")
static constexpr const char *const COND_KEY
std::string b64decrypt(const std::string &input)
static const std::string AUTH_KEY_COL("CRED3")
static constexpr const char *const COND_DEFAULT_ROLE
static const std::string PRINCIPAL_NAME_COL("P_NAME")
size_t getAuthorizationEntries(const std::string &schemaVersion, coral::ISchema &schema, int principalId, const std::string &role, const std::string &connectionString)