LSSTApplications  11.0-13-gbb96280,12.1+18,12.1+7,12.1-1-g14f38d3+72,12.1-1-g16c0db7+5,12.1-1-g5961e7a+84,12.1-1-ge22e12b+23,12.1-11-g06625e2+4,12.1-11-g0d7f63b+4,12.1-19-gd507bfc,12.1-2-g7dda0ab+38,12.1-2-gc0bc6ab+81,12.1-21-g6ffe579+2,12.1-21-gbdb6c2a+4,12.1-24-g941c398+5,12.1-3-g57f6835+7,12.1-3-gf0736f3,12.1-37-g3ddd237,12.1-4-gf46015e+5,12.1-5-g06c326c+20,12.1-5-g648ee80+3,12.1-5-gc2189d7+4,12.1-6-ga608fc0+1,12.1-7-g3349e2a+5,12.1-7-gfd75620+9,12.1-9-g577b946+5,12.1-9-gc4df26a+10
LSSTDataManagementBasePackage
DbAuth.cc
Go to the documentation of this file.
1 // -*- lsst-c++ -*-
2 
3 /*
4  * LSST Data Management System
5  * Copyright 2008, 2009, 2010, 2016 LSST Corporation.
6  *
7  * This product includes software developed by the
8  * LSST Project (http://www.lsst.org/).
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the LSST License Statement and
21  * the GNU General Public License along with this program. If not,
22  * see <http://www.lsstcorp.org/LegalNotices/>.
23  */
24 
25 
38 #ifndef __GNUC__
39 # define __attribute__(x) /*NOTHING*/
40 #endif
41 static char const* SVNid __attribute__((unused)) = "$Id$";
42 
43 #include "lsst/daf/base/Citizen.h"
44 #include "lsst/daf/persistence/DbAuth.h"
45 
46 #include <cstdlib>
47 #include <fstream>
48 #include <memory>
49 
50 extern "C" {
51  #include <pwd.h>
52  #include <sys/types.h>
53  #include <sys/stat.h>
54  #include <unistd.h>
55 }
56 
57 #include "lsst/pex/exceptions.h"
58 
59 namespace dafBase = lsst::daf::base;
60 namespace dafPersist = lsst::daf::persistence;
61 namespace pexPolicy = lsst::pex::policy;
62 
63 static pexPolicy::Policy::Ptr authPolicy(static_cast<pexPolicy::Policy*>(0));
64 
65 static std::pair<std::string, std::string>
66 search(std::string const& host, std::string const& port) {
67  if (authPolicy == 0) {
68  passwd pwd;
69  passwd *pw;
70  long maxbuf = sysconf(_SC_GETPW_R_SIZE_MAX);
71  std::unique_ptr<char[]> buffer(new char[maxbuf]);
72  int ret = getpwuid_r(geteuid(), &pwd, buffer.get(), maxbuf, &pw);
73  if (ret != 0 || pw->pw_dir == 0) {
74  throw LSST_EXCEPT(pexExcept::RuntimeError,
75  "Could not get home directory");
76  }
77  std::string dir = std::string(pw->pw_dir) + "/.lsst";
78  std::string filename = dir + "/db-auth.paf";
79  struct stat st;
80  ret = stat(dir.c_str(), &st);
81  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
82  throw LSST_EXCEPT(pexExcept::RuntimeError,
83  dir + " directory is missing or accessible by others");
84  }
85  ret = stat(filename.c_str(), &st);
86  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
87  throw LSST_EXCEPT(pexExcept::RuntimeError,
88  filename + " is missing or accessible by others");
89  }
90  {
91  dafBase::PersistentCitizenScope scopeGuard;
92  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(filename));
93  }
94  }
95  int portNum = atoi(port.c_str());
96  pexPolicy::Policy::PolicyPtrArray authArray =
97  authPolicy->getPolicyArray("database.authInfo");
98  for (pexPolicy::Policy::PolicyPtrArray::const_iterator i =
99  authArray.begin(); i != authArray.end(); ++i) {
100  if ((*i)->getString("host") == host &&
101  (*i)->getInt("port") == portNum) {
102  std::string username = (*i)->getString("user");
103  std::string password = (*i)->getString("password");
104  if (username.empty()) {
105  throw LSST_EXCEPT(pexExcept::RuntimeError,
106  "Empty username for host/port: " + host + ":" + port);
107  }
108  return std::pair<std::string, std::string>(username, password);
109  }
110  }
111  throw LSST_EXCEPT(pexExcept::RuntimeError,
112  "No credentials found for host/port: " + host + ":" + port);
113  return std::pair<std::string, std::string>("", ""); // not reached
114 }
115 
119 void dafPersist::DbAuth::setPolicy(pexPolicy::Policy::Ptr policy) {
120  dafBase::PersistentCitizenScope scopeGuard;
121  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(*policy, true));
122 }
123 
126 void dafPersist::DbAuth::resetPolicy() {
127  dafBase::PersistentCitizenScope scopeGuard;
128  authPolicy = nullptr;
129 }
130 
137 bool dafPersist::DbAuth::available(std::string const& host,
138  std::string const& port) {
139  try {
140  std::pair<std::string, std::string> result = search(host, port);
141  return true;
142  }
143  catch (...) {
144  return false;
145  }
146  return false; // not reached
147 }
148 
154 std::string dafPersist::DbAuth::authString(std::string const& host,
155  std::string const& port) {
156  std::pair<std::string, std::string> result = search(host, port);
157  return result.first + ":" + result.second;
158 }
159 
165 std::string dafPersist::DbAuth::username(std::string const& host,
166  std::string const& port) {
167  std::pair<std::string, std::string> result = search(host, port);
168  return result.first;
169 }
170 
176 std::string dafPersist::DbAuth::password(std::string const& host,
177  std::string const& port) {
178  std::pair<std::string, std::string> result = search(host, port);
179  return result.second;
180 }
lsst::pex::policy::Policy::Ptr
std::shared_ptr< Policy > Ptr
Definition: Policy.h:172
DbAuth.h
Interface for DbAuth class.
lsst.daf::base::PersistentCitizenScope
A PersistentCitizenScope object causes all Citizen objects created during its lifetime to be marked a...
Definition: Citizen.h:129
lsst::pex::policy::Policy::PolicyPtrArray
std::vector< Ptr > PolicyPtrArray
Definition: Policy.h:182
lsst.daf.persistence::DbAuth::available
static bool available(std::string const &host, std::string const &port)
Determine whether an authenticator string is available for database access.
Definition: DbAuth.cc:137
exceptions.h
Include files required for standard LSST Exception handling.
lsst::pex::policy::Policy
a container for holding hierarchical configuration data in memory.
Definition: Policy.h:169
lsst.daf.persistence::DbAuth::password
static std::string password(std::string const &host, std::string const &port)
Get the password to use to authenticate to a database.
Definition: DbAuth.cc:176
lsst.daf.persistence::DbAuth::setPolicy
static void setPolicy(lsst::pex::policy::Policy::Ptr policy)
Set the authenticator Policy.
Definition: DbAuth.cc:119
__attribute__
#define __attribute__(x)
Definition: DbAuth.cc:39
lsst.daf.persistence::DbAuth::authString
static std::string authString(std::string const &host, std::string const &port)
Get the authenticator string for a database.
Definition: DbAuth.cc:154
lsst.daf.persistence::DbAuth::resetPolicy
static void resetPolicy()
Set the authenticator Policy back to null.
Definition: DbAuth.cc:126
Citizen.h
LSST_EXCEPT
#define LSST_EXCEPT(type,...)
Create an exception with a given type and message and optionally other arguments (dependent on the ty...
Definition: Exception.h:46
lsst.daf.persistence::DbAuth::username
static std::string username(std::string const &host, std::string const &port)
Get the username to use to authenticate to a database.
Definition: DbAuth.cc:165
Generated on Mon Feb 27 2017 03:55:22 for LSSTApplications by   doxygen 1.8.5