[system] / trunk / webwork2 / lib / WeBWorK / DB / Auth.pm Repository:
ViewVC logotype

Diff of /trunk/webwork2/lib/WeBWorK/DB/Auth.pm

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

Revision 317 Revision 337
1################################################################################
2# WeBWorK mod_perl (c) 1995-2002 WeBWorK Team, Univeristy of Rochester
3# $Id$
4################################################################################
5
1package WeBWorK::DB::Auth; 6package WeBWorK::DB::Auth;
2 7
3# there should be a `use' line for each database type 8# there should be a `use' line for each database type
4use WeBWorK::DB::GDBM; 9use WeBWorK::DB::GDBM;
5 10
6# params: class, course environment 11# new($invocant, $courseEnv)
12# $invocant implicitly set by caller
13# $courseEnv an instance of CourseEnvironment
7sub new($$) { 14sub new($$) {
8 my $proto = shift; 15 my $invocant = shift;
9 my $class = ref($proto) || $proto; 16 my $class = ref($invocant) || $invocant;
10 my $courseEnv = shift; 17 my $courseEnv = shift;
11 my $dbModule = fullyQualifiedPackageName($courseEnv->{auth_db_type}); 18 my $dbModule = fullyQualifiedPackageName($courseEnv->{dbInfo}->{auth_type});
12 my $self = { 19 my $self = {
13 password_file => $courseEnv->{something}, 20 password_file => $courseEnv->{dbInfo}->{auth_passwd_file},
14 permissions_file => $courseEnv->{something}, 21 permissions_file => $courseEnv->{dbInfo}->{auth_perm_file},
15 keys_file => $courseEnv->{something}, 22 keys_file => $courseEnv->{dbInfo}->{auth_keys_file},
23 key_timeout => $courseEnv->{sessionKeyTimeout},
16 }; 24 };
17 $self->{password_db} = $self->{dbModule}->new($self->{password_file}); 25 $self->{password_db} = $dbModule->new($self->{password_file});
18 $self->{permissions_db} = $self->{dbModule}->new($self->{permissions_file}); 26 $self->{permissions_db} = $dbModule->new($self->{permissions_file});
19 $self->{keys_db} = $self->{dbModule}->new($self->{keys_file}); 27 $self->{keys_db} = $dbModule->new($self->{keys_file});
20 bless $self, $class; 28 bless $self, $class;
21 return $self; 29 return $self;
22} 30}
23 31
24sub fullyQualifiedPackageName($) { 32sub fullyQualifiedPackageName($) {
25 my $n = shift; 33 my $n = shift;
26 my $package = "__PACKAGE__"; 34 my $package = __PACKAGE__;
27 $package =~ s/([^:]*)$/$n/; 35 $package =~ s/([^:]*)$/$n/;
28 return $package; 36 return $package;
29} 37}
30 38
31sub connect($$$) { 39sub connect($$$) {
39 47
40sub disconnect($$) { 48sub disconnect($$) {
41 my $self = shift; 49 my $self = shift;
42 my $db = shift; 50 my $db = shift;
43 return unless defined $self->{$db."_db"}; 51 return unless defined $self->{$db."_db"};
44 $self->{$db."_db"}->disconnect(); 52 $self->{$db."_db"}->disconnect;
53}
54
55# -----
56
57sub getUsers($) {
58 my $self = shift;
59 return unless $self->{password_db}->connect("ro");
60 my @password_users = keys %{$self->{password_db}->hashRef};
61 $self->{password_db}->disconnect;
62 return unless $self->{permissions_db}->connect("ro");
63 my @permissions_users = keys %{$self->{permissions_db}->hashRef};
64 $self->{permissions_db}->disconnect;
65 return unless $self->{keys_db}->connect("ro");
66 my @keys_users = keys %{$self->{keys_db}->hashRef};
67 $self->{keys_db}->disconnect;
68 my %all_users;
69 $all_users{$_}++ foreach (@password_users, @permissions_users, @keys_users);
70 return keys %all_users;
45} 71}
46 72
47# ----- 73# -----
48 74
49sub getPassword($$) { 75sub getPassword($$) {
50 my $self = shift; 76 my $self = shift;
51 my $user = shift; 77 my $user = shift;
52 $self->{password_db}->connect("ro"); 78 return unless $self->{password_db}->connect("ro");
53 my $result = $self->{password_db}->hashRef()->{$user}; 79 my $result = $self->{password_db}->hashRef->{$user};
54 $self->{password_db}->disconnect(); 80 $self->{password_db}->disconnect;
55 return $result; 81 return $result;
56} 82}
57 83
58sub setPassword($$$) { 84sub setPassword($$$) {
59 my $self = shift; 85 my $self = shift;
60 my $user = shift; 86 my $user = shift;
87 my $password = crypt shift, join "", ('.','/','0'..'9','A'..'Z','a'..'z')[rand 64, rand 64];
88 $self->{password_db}->connect("rw");
89 $self->{password_db}->hashRef->{$user} = $password;
90 $self->{password_db}->disconnect;
91}
92
93sub verifyPassword($$$) {
94 my $self = shift;
95 my $user = shift;
61 my $password = shift; 96 my $password = shift;
62 $password = crypt $password, join "", ('.','/','0'..'9','A'..'Z','a'..'z')[rand 64, rand 64] 97 my $real_password = $self->getPassword($user);
98 $password = crypt $password, $real_password;
99 return $password eq $real_password;
100}
101
102sub deletePassword($$) {
103 my $self = shift;
104 my $user = shift;
63 $self->{password_db}->connect("rw"); 105 $self->{password_db}->connect("rw");
64 $self->{password_db}->hashRef()->{$user} = $password;
65 $self->{password_db}->disconnect();
66}
67
68sub verifyPassword($$$) {
69 my $self = shift;
70 my $user = shift;
71 my $password = shift;
72 $self->{password_db}->connect("ro");
73 my $result = $self->{password_db}->hashRef()->{$user} eq $password;
74 $self->{password_db}->disconnect();
75 return $result;
76}
77
78sub deletePassword($$) {
79 my $self = shift;
80 my $user = shift;
81 $self->{password_db}->connect("rw");
82 delete $self->{password_db}->hashRef()->{$user}; 106 delete $self->{password_db}->hashRef->{$user};
83 $self->{password_db}->disconnect(); 107 $self->{password_db}->disconnect;
84} 108}
85 109
86# ----- 110# -----
87 111
88sub getKey($$) { 112sub getKey($$) {
89 my $self = shift; 113 my $self = shift;
90 my $user = shift; 114 my $user = shift;
91 $self->{keys_db}->connect("ro"); 115 return unless $self->{keys_db}->connect("ro");
92 my $result = $self->{keys_db}->hashRef()->{$user}; 116 my $result = $self->{keys_db}->hashRef->{$user};
93 $self->{keys_db}->disconnect(); 117 $self->{keys_db}->disconnect;
94 my ($key, $timestamp) = split /\s+/, $result; 118 my ($key, $timestamp) = defined $result ? split /\s+/, $result : (undef, undef);
95 return $key, $timestamp; 119 return defined $result ? split /\s+/, $result : undef;
96} 120}
97 121
98sub setKey($$$$) { 122sub setKey($$$$) {
99 my $self = shift; 123 my $self = shift;
100 my $user = shift; 124 my $user = shift;
101 my $key = shift; 125 my $key = shift;
102 my $timestamp = shift; 126 my $timestamp = shift;
103 my $key_string = "$key $timestamp"; 127 my $key_string = "$key $timestamp";
104 $self->{keys_db}->connect("rw"); 128 $self->{keys_db}->connect("rw");
105 $self->{keys_db}->hashRef()->{$user} = $key_string; 129 $self->{keys_db}->hashRef->{$user} = $key_string;
106 $self->{keys_db}->disconnect(); 130 $self->{keys_db}->disconnect;
107} 131}
108 132
109sub verifyKey($$$) { 133sub verifyKey($$$$$) {
110 my $self = shift; 134 my $self = shift;
111 my $user = shift; 135 my $user = shift;
112 my $key = shift; 136 my $key = shift;
113 $self->{keys_db}->connect("ro"); 137 my $timestamp = shift;
114 my $result = $self->{keys_db}->hashRef()->{$user}; 138
115 $self->{keys_db}->disconnect(); 139 my ($real_key, $real_timestamp) = $self->getKey($user);
116 my ($real_key, $timestamp) = split /\s+/, $result; 140 if ($key eq $real_key and $timestamp <= $real_timestamp+$self->{key_timeout}) {
117 return $key eq $real_key; 141 $self->setKey($user, $key, $timestamp);
118 # DANGER DANGER! this function no longer updates timestamp! 142 return 1;
143 } else {
144 return 0;
145 }
119} 146}
120 147
121sub deleteKey($$) { 148sub deleteKey($$) {
122 my $self = shift; 149 my $self = shift;
123 my $user = shift; 150 my $user = shift;
124 $self->{keys_db}->connect("rw"); 151 $self->{keys_db}->connect("rw");
125 delete $self->{keys_db}->hashRef()->{$user}; 152 delete $self->{keys_db}->hashRef->{$user};
126 $self->{keys_db}->disconnect(); 153 $self->{keys_db}->disconnect;
127} 154}
128 155
129# ----- 156# -----
130 157
131sub getPermissions($$) { 158sub getPermissions($$) {
132 my $self = shift; 159 my $self = shift;
133 my $user = shift; 160 my $user = shift;
134 $self->{permissions_db}->connect("ro"); 161 return unless $self->{permissions_db}->connect("ro");
135 my $result = $self->{permissions_db}->hashRef()->{$user}; 162 my $result = $self->{permissions_db}->hashRef->{$user};
136 $self->{permissions_db}->disconnect(); 163 $self->{permissions_db}->disconnect;
137 return $result; 164 return $result;
138} 165}
139 166
140sub setPermissions($$$) { 167sub setPermissions($$$) {
141 my $self = shift; 168 my $self = shift;
142 my $user = shift; 169 my $user = shift;
143 my $permissions = shift; 170 my $permissions = shift;
144 $self->{permissions_db}->connect("rw"); 171 $self->{permissions_db}->connect("rw");
145 $self->{permissions_db}->hashRef()->{$user} = $key; 172 $self->{permissions_db}->hashRef->{$user} = $permissions;
146 $self->{permissions_db}->disconnect(); 173 $self->{permissions_db}->disconnect;
147} 174}
148 175
149sub deletePermissions($$) { 176sub deletePermissions($$) {
150 my $self = shift; 177 my $self = shift;
151 my $user = shift; 178 my $user = shift;
152 $self->{permissions_db}->connect("rw"); 179 $self->{permissions_db}->connect("rw");
153 delete $self->{permissions_db}->hashRef()->{$user}; 180 delete $self->{permissions_db}->hashRef->{$user};
154 $self->{permissions_db}->disconnect(); 181 $self->{permissions_db}->disconnect;
155} 182}
156 183
157# ----- ghetto for stupid functions ----- 184# ----- ghetto for stupid functions -----
158 185
159sub change_user_in_password_file($$$) { 186sub change_user_in_password_file($$$) {
160 my $self = shift; 187 my $self = shift;
161 my $user = shift; 188 my $user = shift;
162 my $new_user = shift; 189 my $new_user = shift;
163 $self->{password_db}->connect("rw"); 190 $self->{password_db}->connect("rw");
164 my $pwhash = $self->{password_db}->hashRef(); # make things easier 191 my $pwhash = $self->{password_db}->hashRef; # make things easier
165 if (exists $pwhash->{user}) { 192 if (exists $pwhash->{$user}) {
166 $pwhash->{new_user} = $pwhash->{user}; 193 $pwhash->{$new_user} = $pwhash->{$user};
167 delete $pwhash->{user}; 194 delete $pwhash->{$user};
168 } 195 }
169 $self->{password_db}->disconnect(); 196 $self->{password_db}->disconnect;
170} 197}
171 198
172sub change_user_in_permissions_file($$$) { 199sub change_user_in_permissions_file($$$) {
173 my $self = shift; 200 my $self = shift;
174 my $user = shift; 201 my $user = shift;
175 my $new_user = shift; 202 my $new_user = shift;
176 $self->{permissions_db}->connect("rw"); 203 $self->{permissions_db}->connect("rw");
177 my $permhash = $self->{permissions_db}->hashRef(); # make things easier 204 my $permhash = $self->{permissions_db}->hashRef; # make things easier
178 if (exists $permhash->{user}) { 205 if (exists $permhash->{$user}) {
179 $permhash->{new_user} = $permhash->{user}; 206 $permhash->{$new_user} = $permhash->{$user};
180 delete $permhash->{user}; 207 delete $permhash->{$user};
181 } 208 }
182 $self->disconnect{permissions_db}->(); 209 $self->{permissions_db}->disconnect;
183} 210}
184 211
185=pod 2121;
186sub create_db {
187 my ($fileName, $permissions) =@_;
188 my %pwhash;
189 my $pw_obj;
190 &Global::tie_hash('PW_FH',\$pw_obj,\%pwhash, $fileName,'W',$permissions);
191 &Global::untie_hash('PW_FH',\$pw_obj,\%pwhash, $fileName);
192
193 chmod($permissions, $fileName) or
194 wwerror($0, "Can't do chmod($permissions, $fileName)");
195 chown(-1,$Global::numericalGroupID,$fileName) or
196 wwerror($0, "Can't do chown(-1,$Global::numericalGroupID,$fileName)");
197
198}
199=cut

Legend:
Removed from v.317  
changed lines
  Added in v.337

aubreyja at gmail dot com
ViewVC Help
Powered by ViewVC 1.0.9