LSSTApplications  16.0-10-g0ee56ad+5,16.0-11-ga33d1f2+5,16.0-12-g3ef5c14+3,16.0-12-g71e5ef5+18,16.0-12-gbdf3636+3,16.0-13-g118c103+3,16.0-13-g8f68b0a+3,16.0-15-gbf5c1cb+4,16.0-16-gfd17674+3,16.0-17-g7c01f5c+3,16.0-18-g0a50484+1,16.0-20-ga20f992+8,16.0-21-g0e05fd4+6,16.0-21-g15e2d33+4,16.0-22-g62d8060+4,16.0-22-g847a80f+4,16.0-25-gf00d9b8+1,16.0-28-g3990c221+4,16.0-3-gf928089+3,16.0-32-g88a4f23+5,16.0-34-gd7987ad+3,16.0-37-gc7333cb+2,16.0-4-g10fc685+2,16.0-4-g18f3627+26,16.0-4-g5f3a788+26,16.0-5-gaf5c3d7+4,16.0-5-gcc1f4bb+1,16.0-6-g3b92700+4,16.0-6-g4412fcd+3,16.0-6-g7235603+4,16.0-69-g2562ce1b+2,16.0-8-g14ebd58+4,16.0-8-g2df868b+1,16.0-8-g4cec79c+6,16.0-8-gadf6c7a+1,16.0-8-gfc7ad86,16.0-82-g59ec2a54a+1,16.0-9-g5400cdc+2,16.0-9-ge6233d7+5,master-g2880f2d8cf+3,v17.0.rc1
LSSTDataManagementBasePackage
DbAuth.cc
Go to the documentation of this file.
1 // -*- lsst-c++ -*-
2 
3 /*
4  * LSST Data Management System
5  * Copyright 2008, 2009, 2010, 2016 LSST Corporation.
6  *
7  * This product includes software developed by the
8  * LSST Project (http://www.lsst.org/).
9  *
10  * This program is free software: you can redistribute it and/or modify
11  * it under the terms of the GNU General Public License as published by
12  * the Free Software Foundation, either version 3 of the License, or
13  * (at your option) any later version.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the LSST License Statement and
21  * the GNU General Public License along with this program. If not,
22  * see <http://www.lsstcorp.org/LegalNotices/>.
23  */
24 
25 
38 #ifndef __GNUC__
39 # define __attribute__(x) /*NOTHING*/
40 #endif
41 static char const* SVNid __attribute__((unused)) = "$Id$";
42 
43 #include "lsst/daf/base/Citizen.h"
44 #include "lsst/daf/persistence/DbAuth.h"
45 
46 #include <cstdlib>
47 #include <fstream>
48 #include <memory>
49 
50 extern "C" {
51  #include <pwd.h>
52  #include <sys/types.h>
53  #include <sys/stat.h>
54  #include <unistd.h>
55 }
56 
57 #include "lsst/pex/exceptions.h"
58 
59 namespace dafBase = lsst::daf::base;
60 namespace dafPersist = lsst::daf::persistence;
61 namespace pexPolicy = lsst::pex::policy;
62 
63 static pexPolicy::Policy::Ptr authPolicy(static_cast<pexPolicy::Policy*>(0));
64 
65 static std::pair<std::string, std::string>
66 search(std::string const& host, std::string const& port) {
67  if (authPolicy == 0) {
68  passwd pwd;
69  passwd *pw;
70  long maxbuf = sysconf(_SC_GETPW_R_SIZE_MAX);
71  std::unique_ptr<char[]> buffer(new char[maxbuf]);
72  int ret = getpwuid_r(geteuid(), &pwd, buffer.get(), maxbuf, &pw);
73  if (ret != 0 || pw->pw_dir == 0) {
74  throw LSST_EXCEPT(pexExcept::RuntimeError,
75  "Could not get home directory");
76  }
77  std::string dir = std::string(pw->pw_dir) + "/.lsst";
78  std::string filename = dir + "/db-auth.paf";
79  struct stat st;
80  ret = stat(dir.c_str(), &st);
81  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
82  throw LSST_EXCEPT(pexExcept::RuntimeError,
83  dir + " directory is missing or accessible by others");
84  }
85  ret = stat(filename.c_str(), &st);
86  if (ret != 0 || (st.st_mode & (S_IRWXG | S_IRWXO)) != 0) {
87  throw LSST_EXCEPT(pexExcept::RuntimeError,
88  filename + " is missing or accessible by others");
89  }
90  {
91  dafBase::PersistentCitizenScope scopeGuard;
92  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(filename));
93  }
94  }
95  int portNum = atoi(port.c_str());
96  pexPolicy::Policy::PolicyPtrArray authArray =
97  authPolicy->getPolicyArray("database.authInfo");
98  for (pexPolicy::Policy::PolicyPtrArray::const_iterator i =
99  authArray.begin(); i != authArray.end(); ++i) {
100  if ((*i)->getString("host") == host &&
101  (*i)->getInt("port") == portNum) {
102  std::string username = (*i)->getString("user");
103  std::string password = (*i)->getString("password");
104  if (username.empty()) {
105  throw LSST_EXCEPT(pexExcept::RuntimeError,
106  "Empty username for host/port: " + host + ":" + port);
107  }
108  return std::pair<std::string, std::string>(username, password);
109  }
110  }
111  throw LSST_EXCEPT(pexExcept::RuntimeError,
112  "No credentials found for host/port: " + host + ":" + port);
113  return std::pair<std::string, std::string>("", ""); // not reached
114 }
115 
119 void dafPersist::DbAuth::setPolicy(pexPolicy::Policy::Ptr policy) {
120  dafBase::PersistentCitizenScope scopeGuard;
121  authPolicy = pexPolicy::Policy::Ptr(new pexPolicy::Policy(*policy, true));
122 }
123 
126 void dafPersist::DbAuth::resetPolicy() {
127  dafBase::PersistentCitizenScope scopeGuard;
128  authPolicy = nullptr;
129 }
130 
137 bool dafPersist::DbAuth::available(std::string const& host,
138  std::string const& port) {
139  try {
140  std::pair<std::string, std::string> result = search(host, port);
141  return true;
142  }
143  catch (...) {
144  return false;
145  }
146  return false; // not reached
147 }
148 
154 std::string dafPersist::DbAuth::authString(std::string const& host,
155  std::string const& port) {
156  std::pair<std::string, std::string> result = search(host, port);
157  return result.first + ":" + result.second;
158 }
159 
165 std::string dafPersist::DbAuth::username(std::string const& host,
166  std::string const& port) {
167  std::pair<std::string, std::string> result = search(host, port);
168  return result.first;
169 }
170 
176 std::string dafPersist::DbAuth::password(std::string const& host,
177  std::string const& port) {
178  std::pair<std::string, std::string> result = search(host, port);
179  return result.second;
180 }
std::string::empty
T empty(T... args)
DbAuth.h
Interface for DbAuth class.
__attribute__
#define __attribute__(x)
Definition: DbAuth.cc:39
lsst::daf::base::PersistentCitizenScope
A PersistentCitizenScope object causes all Citizen objects created during its lifetime to be marked a...
Definition: Citizen.h:131
lsst::daf::persistence::DbAuth::available
static bool available(std::string const &host, std::string const &port)
Determine whether an authenticator string is available for database access.
Definition: DbAuth.cc:137
lsst.pex::policy::Policy
a container for holding hierarchical configuration data in memory.
Definition: Policy.h:169
result
py::object result
Definition: schema.cc:284
lsst.pex::policy::Policy::PolicyPtrArray
std::vector< Ptr > PolicyPtrArray
Definition: Policy.h:182
lsst::daf::persistence::DbAuth::setPolicy
static void setPolicy(lsst::pex::policy::Policy::Ptr policy)
Set the authenticator Policy.
Definition: DbAuth.cc:119
exceptions.h
std::string
STL class.
lsst::daf::persistence::DbAuth::resetPolicy
static void resetPolicy()
Set the authenticator Policy back to null.
Definition: DbAuth.cc:126
lsst.pex::policy::Policy::Ptr
std::shared_ptr< Policy > Ptr
Definition: Policy.h:172
Citizen.h
std::unique_ptr::get
T get(T... args)
lsst::daf::persistence::DbAuth::authString
static std::string authString(std::string const &host, std::string const &port)
Get the authenticator string for a database.
Definition: DbAuth.cc:154
LSST_EXCEPT
#define LSST_EXCEPT(type,...)
Create an exception with a given type.
Definition: Exception.h:48
std::unique_ptr
STL class.
std::string::c_str
T c_str(T... args)
lsst::daf::persistence::DbAuth::username
static std::string username(std::string const &host, std::string const &port)
Get the username to use to authenticate to a database.
Definition: DbAuth.cc:165
lsst::daf::persistence::DbAuth::password
static std::string password(std::string const &host, std::string const &port)
Get the password to use to authenticate to a database.
Definition: DbAuth.cc:176
lsst.pex::exceptions::RuntimeError
Reports errors that are due to events beyond the control of the program.
Definition: Runtime.h:104
Generated on Fri Feb 15 2019 09:17:54 for LSSTApplications by   doxygen 1.8.13