CMS 3D CMS Logo

CredentialStore.h
Go to the documentation of this file.
1 #ifndef CondCore_CondDB_CredentialStore_h
2 #define CondCore_CondDB_CredentialStore_h
3 
5 //
6 #include <map>
7 #include <memory>
8 #include <string>
9 #include <sstream>
10 #include <algorithm>
11 //
12 #include "CoralBase/MessageStream.h"
13 
14 namespace coral {
15 
16  class AuthenticationCredentials;
17  class IAuthenticationCredentials;
18  class ISession;
19  class IConnection;
20 
21 } // namespace coral
22 
24  std::string str(s);
25  std::transform(str.begin(), str.end(), str.begin(), [](unsigned char c) { return std::tolower(c); });
26  return str;
27 }
28 
29 namespace coral_bridge {
30 
32  public:
35 
38 
39  void registerItem(const std::string& connectionString, const std::string& itemName, const std::string& itemValue);
40 
42  const std::string& role,
43  const std::string& itemName,
44  const std::string& itemValue);
45 
50  const std::string& userName,
51  const std::string& password);
52 
57  const std::string& role,
58  const std::string& userName,
59  const std::string& password);
60 
61  void import(const AuthenticationCredentialSet& data);
62 
63  const coral::IAuthenticationCredentials* get(const std::string& connectionString) const;
64 
65  const coral::IAuthenticationCredentials* get(const std::string& connectionString, const std::string& role) const;
66 
67  const std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*>& data() const;
68 
69  void reset();
70 
71  private:
73  std::map<std::pair<std::string, std::string>, coral::AuthenticationCredentials*> m_data;
74  };
75 
76 } // namespace coral_bridge
77 
78 namespace cond {
79 
80  class Cipher;
81 
83 
84  //
86  public:
87  // default service is pointed in case the specific one has not been found in the key list
89 
90  public:
93 
95  virtual ~CredentialStore();
96 
97  public:
100 
102 
104 
106 
107  bool resetAdmin(const std::string& userName, const std::string& password);
108 
109  bool updatePrincipal(const std::string& principal, const std::string& principalKey, bool setAdmin = false);
110 
111  bool setPermission(const std::string& principal,
112  const std::string& role,
114  const std::string& connectionLabel);
115 
116  size_t unsetPermission(const std::string& principal, const std::string& role, const std::string& connectionString);
117 
118  bool updateConnection(const std::string& connectionLabel, const std::string& userName, const std::string& password);
119 
120  bool removePrincipal(const std::string& principal);
121 
122  bool removeConnection(const std::string& connectionLabel);
123 
125 
127  bool importForPrincipal(const std::string& principal,
129  bool forceUpdateConnection = false);
130 
131  bool listPrincipals(std::vector<std::string>& destination);
132 
133  bool listConnections(std::map<std::string, std::pair<std::string, std::string> >& destination);
134 
135  struct Permission {
140  };
141  bool selectPermissions(const std::string& principalName,
142  const std::string& role,
144  std::vector<Permission>& destination);
145 
146  std::pair<std::string, std::string> getUserCredentials(const std::string& connectionString,
147  const std::string& role);
148 
150 
151  const std::string& serviceName();
152 
153  const std::string& keyPrincipalName();
154 
155  std::string log();
156 
157  private:
158  friend class CSScopedSession;
159 
160  std::pair<std::string, std::string> openConnection(const std::string& connectionString);
161  void openSession(const std::string& schemaName,
162  const std::string& userName,
163  const std::string& password,
164  bool readMode);
166  const std::string& userName,
167  const std::string& password);
168  void startSession(bool readMode);
169 
170  void openSession(bool readOnly = true);
171 
172  void closeSession(bool commit = true);
173 
174  private:
175  std::shared_ptr<coral::IConnection> m_connection;
176  std::shared_ptr<coral::ISession> m_session;
177 
180  // the key used to encrypt the db credentials accessibles by the owner of the authenticated key.
182 
185 
187 
188  std::stringstream m_log;
189  };
190 
191 } // namespace cond
192 
193 #endif
std::pair< std::string, std::string > getUserCredentials(const std::string &connectionString, const std::string &role)
const std::string & keyPrincipalName()
std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > m_data
credentials for the specific roles
size_t unsetPermission(const std::string &principal, const std::string &role, const std::string &connectionString)
bool updatePrincipal(const std::string &principal, const std::string &principalKey, bool setAdmin=false)
CredentialStore()
Standard Constructor.
virtual ~AuthenticationCredentialSet()
Destructor.
bool removeConnection(const std::string &connectionLabel)
void openSession(const std::string &schemaName, const std::string &userName, const std::string &password, bool readMode)
bool resetAdmin(const std::string &userName, const std::string &password)
std::string m_authenticatedPrincipal
bool listConnections(std::map< std::string, std::pair< std::string, std::string > > &destination)
std::string to_lower(const std::string &s)
static const std::string serviceName
void closeSession(bool commit=true)
void registerItem(const std::string &connectionString, const std::string &itemName, const std::string &itemValue)
std::stringstream m_log
void startSession(bool readMode)
bool updateConnection(const std::string &connectionLabel, const std::string &userName, const std::string &password)
bool createSchema(const std::string &connectionString, const std::string &userName, const std::string &password)
bool exportAll(coral_bridge::AuthenticationCredentialSet &data)
std::string schemaLabel(const std::string &serviceName, const std::string &userName)
bool listPrincipals(std::vector< std::string > &destination)
std::string setUpForConnectionString(const std::string &connectionString, const std::string &authPath)
Definition: Binary.h:9
std::string setUpForService(const std::string &serviceName, const std::string &authPath)
Sets the initialization parameters.
bool importForPrincipal(const std::string &principal, const coral_bridge::AuthenticationCredentialSet &data, bool forceUpdateConnection=false)
import data
bool setPermission(const std::string &principal, const std::string &role, const std::string &connectionString, const std::string &connectionLabel)
virtual ~CredentialStore()
Standard Destructor.
bool selectForUser(coral_bridge::AuthenticationCredentialSet &destinationData)
bool removePrincipal(const std::string &principal)
const std::string & serviceName()
auth::DecodingKey m_key
void startSuperSession(const std::string &connectionString, const std::string &userName, const std::string &password)
bool selectPermissions(const std::string &principalName, const std::string &role, const std::string &connectionString, std::vector< Permission > &destination)
static const std::string DEFAULT_DATA_SOURCE
std::shared_ptr< coral::ISession > m_session
void registerCredentials(const std::string &connectionString, const std::string &userName, const std::string &password)
std::pair< std::string, std::string > openConnection(const std::string &connectionString)
Definition: plugin.cc:23
char data[epos_bytes_allocation]
Definition: EPOS_Wrapper.h:79
std::shared_ptr< coral::IConnection > m_connection
bool drop(const std::string &connectionString, const std::string &userName, const std::string &password)
const auth::ServiceCredentials * m_serviceData
const std::map< std::pair< std::string, std::string >, coral::AuthenticationCredentials * > & data() const
#define str(s)
unsigned transform(const HcalDetId &id, unsigned transformCode)