LSSTApplications  19.0.0-14-gb0260a2+d60062ef16,20.0.0+1540ce6389,20.0.0+7c6b12c2f9,20.0.0+ae956f52c5,20.0.0+be870186d9,20.0.0+e2e26847c2,20.0.0-1-g10df615+7683e4f082,20.0.0-1-g253301a+7c6b12c2f9,20.0.0-1-g2b7511a+46a6078777,20.0.0-1-g3dda6ea+606b36f8c0,20.0.0-1-g4d801e7+901ee84527,20.0.0-1-g5b95a8c+a5fa15ec54,20.0.0-1-gb058bd0+46a6078777,20.0.0-1-gb88604f+acecce4127,20.0.0-1-gc96f8cb+61a4a056b1,20.0.0-1-gedffbd8+4f0e391d5e,20.0.0-10-g0891cd99+aadc987f3e,20.0.0-10-g9a20bd332+576ca7b471,20.0.0-17-gcdbda88+ed0d4927ab,20.0.0-2-g4dae9ad+61a4a056b1,20.0.0-2-g61b8584+85c46248f3,20.0.0-2-gb780d76+f45b7d88f4,20.0.0-2-gf072044+7c6b12c2f9,20.0.0-21-g9bbb7f7+61a4a056b1,20.0.0-22-gc512666+9eba1c4719,20.0.0-23-g8900aa8+68630f7098,20.0.0-3-g1653f94+85c46248f3,20.0.0-3-g4cc78c6+63636aeed8,20.0.0-3-g750bffe+e05f822de9,20.0.0-3-gbd60e8c+ff10c6d78d,20.0.0-32-g15a0e07c+ff1c9f120b,20.0.0-4-g97dc21a+68630f7098,20.0.0-4-gfea843c+f45b7d88f4,20.0.0-5-g357b56b+f45b7d88f4,20.0.0-6-g9a5b7a1+2c4171520d,20.0.0-61-g4de25fb+e4dd172200,20.0.0-7-gcda7bf1+85e953d7e4,w.2020.43
LSSTDataManagementBasePackage
DbAuth.cc
Go to the documentation of this file.
1 // -*- lsst-c++ -*-
2 
3 /*
4  * LSST Data Management System
5  * Copyright 2008, 2009, 2010, 2016 LSST Corporation.
6  *
7  * This product includes software developed by the
8  * LSST Project (http://www.lsst.org/).
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the LSST License Statement and
21  * the GNU General Public License along with this program. If not,
22  * see <http://www.lsstcorp.org/LegalNotices/>.
23  */
24 
37 #ifndef __GNUC__
38 #define __attribute__(x) /*NOTHING*/
39 #endif
40 static char const* SVNid __attribute__((unused)) = "$Id$";
41 
43 
44 #include <cstdlib>
45 #include <fstream>
46 #include <memory>
47 
48 extern "C" {
49 #include <pwd.h>
50 #include <sys/types.h>
51 #include <sys/stat.h>
52 #include <unistd.h>
53 }
54 
55 #include "lsst/pex/exceptions.h"
56 
57 namespace dafBase = lsst::daf::base;
59 namespace pexPolicy = lsst::pex::policy;
60 
61 static pexPolicy::Policy::Ptr authPolicy(static_cast<pexPolicy::Policy*>(0));
62 
63 static std::pair<std::string, std::string> search(std::string const& host, std::string const& port) {
64  if (authPolicy == 0) {
65  passwd pwd;
66  passwd* pw;
67  long maxbuf = sysconf(_SC_GETPW_R_SIZE_MAX);
68  std::unique_ptr<char[]> buffer(new char[maxbuf]);
69  int ret = getpwuid_r(geteuid(), &pwd, buffer.get(), maxbuf, &pw);
70  if (ret != 0 || pw->pw_dir == 0) {
71  throw LSST_EXCEPT(pexExcept::RuntimeError, "Could not get home directory");
72  }
73  std::string dir = std::string(pw->pw_dir) + "/.lsst";
74  std::string filename = dir + "/db-auth.paf";
75  struct stat st;
76  ret = stat(dir.c_str(), &st);
77  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
78  throw LSST_EXCEPT(pexExcept::RuntimeError, dir + " directory is missing or accessible by others");
79  }
80  ret = stat(filename.c_str(), &st);
81  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
82  throw LSST_EXCEPT(pexExcept::RuntimeError, filename + " is missing or accessible by others");
83  }
84  { authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(filename)); }
85  }
86  int portNum = atoi(port.c_str());
87  pexPolicy::Policy::PolicyPtrArray authArray = authPolicy->getPolicyArray("database.authInfo");
88  for (pexPolicy::Policy::PolicyPtrArray::const_iterator i = authArray.begin(); i != authArray.end(); ++i) {
89  if ((*i)->getString("host") == host && (*i)->getInt("port") == portNum) {
90  std::string username = (*i)->getString("user");
91  std::string password = (*i)->getString("password");
92  if (username.empty()) {
94  "Empty username for host/port: " + host + ":" + port);
95  }
96  return std::pair<std::string, std::string>(username, password);
97  }
98  }
99  throw LSST_EXCEPT(pexExcept::RuntimeError, "No credentials found for host/port: " + host + ":" + port);
100  return std::pair<std::string, std::string>("", ""); // not reached
101 }
102 
107  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(*policy, true));
108 }
109 
112 void dafPersist::DbAuth::resetPolicy() { authPolicy = nullptr; }
113 
120 bool dafPersist::DbAuth::available(std::string const& host, std::string const& port) {
121  try {
122  std::pair<std::string, std::string> result = search(host, port);
123  return true;
124  } catch (...) {
125  return false;
126  }
127  return false; // not reached
128 }
129 
136  std::pair<std::string, std::string> result = search(host, port);
137  return result.first + ":" + result.second;
138 }
139 
146  std::pair<std::string, std::string> result = search(host, port);
147  return result.first;
148 }
149 
156  std::pair<std::string, std::string> result = search(host, port);
157  return result.second;
158 }
__attribute__
#define __attribute__(x)
Definition: DbAuth.cc:38
std::string
STL class.
lsst::daf::persistence::DbAuth::available
static bool available(std::string const &host, std::string const &port)
Determine whether an authenticator string is available for database access.
Definition: DbAuth.cc:120
lsst::daf::persistence::DbAuth::authString
static std::string authString(std::string const &host, std::string const &port)
Get the authenticator string for a database.
Definition: DbAuth.cc:135
std::pair
std::search
T search(T... args)
lsst.pex::policy::Policy
a container for holding hierarchical configuration data in memory.
Definition: Policy.h:167
lsst::daf::persistence::DbAuth::resetPolicy
static void resetPolicy()
Set the authenticator Policy back to null.
Definition: DbAuth.cc:112
lsst::daf::persistence::DbAuth::setPolicy
static void setPolicy(lsst::pex::policy::Policy::Ptr policy)
Set the authenticator Policy.
Definition: DbAuth.cc:106
lsst.pex::policy::Policy::PolicyPtrArray
std::vector< Ptr > PolicyPtrArray
Definition: Policy.h:179
std::string::c_str
T c_str(T... args)
std::atoi
T atoi(T... args)
result
py::object result
Definition: _schema.cc:429
lsst::daf::persistence::DbAuth::password
static std::string password(std::string const &host, std::string const &port)
Get the password to use to authenticate to a database.
Definition: DbAuth.cc:155
LSST_EXCEPT
#define LSST_EXCEPT(type,...)
Create an exception with a given type.
Definition: Exception.h:48
lsst.pex::policy::Policy::Ptr
std::shared_ptr< Policy > Ptr
Definition: Policy.h:169
lsst::daf::persistence::DbAuth::username
static std::string username(std::string const &host, std::string const &port)
Get the username to use to authenticate to a database.
Definition: DbAuth.cc:145
exceptions.h
lsst::daf::base
Definition: Utils.h:47
std::string::empty
T empty(T... args)
lsst::daf::persistence
Definition: Utils.h:50
std::unique_ptr
STL class.
lsst.pex::policy
Definition: dictionaries.dox:1
DbAuth.h
Interface for DbAuth class.
lsst.pex::exceptions::RuntimeError
Reports errors that are due to events beyond the control of the program.
Definition: Runtime.h:104