Statistics
| Branch: | Tag: | Revision:

one / src / pool / PoolObjectSQL.cc @ 621a1869

History | View | Annotate | Download (14.4 KB)

1
/* -------------------------------------------------------------------------- */
2
/* Copyright 2002-2015, OpenNebula Project, OpenNebula Systems                */
3
/*                                                                            */
4
/* Licensed under the Apache License, Version 2.0 (the "License"); you may    */
5
/* not use this file except in compliance with the License. You may obtain    */
6
/* a copy of the License at                                                   */
7
/*                                                                            */
8
/* http://www.apache.org/licenses/LICENSE-2.0                                 */
9
/*                                                                            */
10
/* Unless required by applicable law or agreed to in writing, software        */
11
/* distributed under the License is distributed on an "AS IS" BASIS,          */
12
/* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   */
13
/* See the License for the specific language governing permissions and        */
14
/* limitations under the License.                                             */
15
/* -------------------------------------------------------------------------- */
16

    
17
#include "PoolObjectSQL.h"
18
#include "PoolObjectAuth.h"
19
#include "NebulaUtil.h"
20
#include "Nebula.h"
21
#include "Clusterable.h"
22

    
23
const string PoolObjectSQL::INVALID_NAME_CHARS = "&|:\\\";/'#{}$<>";
24

    
25
const int PoolObjectSQL::LOCK_DB_EXPIRATION = 120;
26

    
27
/* -------------------------------------------------------------------------- */
28
/* -------------------------------------------------------------------------- */
29

    
30
string& PoolObjectSQL::to_xml64(string &xml64)
31
{
32
    string *str64;
33

    
34
    to_xml(xml64);
35

    
36
    str64 = one_util::base64_encode(xml64);
37

    
38
    xml64 = *str64;
39

    
40
    delete str64;
41

    
42
    return xml64;
43
}
44

    
45
/* -------------------------------------------------------------------------- */
46
/* -------------------------------------------------------------------------- */
47

    
48
int PoolObjectSQL::select(SqlDB *db)
49
{
50
    ostringstream   oss;
51
    int             rc;
52
    int             boid;
53

    
54
    set_callback(
55
            static_cast<Callbackable::Callback>(&PoolObjectSQL::select_cb));
56

    
57
    oss << "SELECT body FROM " << table << " WHERE oid = " << oid;
58

    
59
    boid = oid;
60
    oid  = -1;
61

    
62
    rc = db->exec(oss, this);
63

    
64
    unset_callback();
65

    
66
    if ((rc != 0) || (oid != boid ))
67
    {
68
        return -1;
69
    }
70

    
71
    return 0;
72
}
73

    
74
/* -------------------------------------------------------------------------- */
75
/* -------------------------------------------------------------------------- */
76

    
77
int PoolObjectSQL::select(SqlDB *db, const string& _name, int _uid)
78
{
79
    ostringstream oss;
80

    
81
    int rc;
82
    char * sql_name;
83

    
84
    sql_name = db->escape_str(_name.c_str());
85

    
86
    if ( sql_name == 0 )
87
    {
88
        return -1;
89
    }
90

    
91
    set_callback(
92
            static_cast<Callbackable::Callback>(&PoolObjectSQL::select_cb));
93

    
94
    oss << "SELECT body FROM " << table << " WHERE name = '" << sql_name << "'";
95

    
96
    if ( _uid != -1 )
97
    {
98
        oss << " AND uid = " << _uid;
99
    }
100

    
101
    name  = "";
102
    uid   = -1;
103

    
104
    rc = db->exec(oss, this);
105

    
106
    unset_callback();
107

    
108
    db->free_str(sql_name);
109

    
110
    if ((rc != 0) || (_name != name) || (_uid != -1 && _uid != uid))
111
    {
112
        return -1;
113
    }
114

    
115
    return 0;
116
}
117

    
118
/* -------------------------------------------------------------------------- */
119
/* -------------------------------------------------------------------------- */
120

    
121
int PoolObjectSQL::drop(SqlDB *db)
122
{
123
    ostringstream oss;
124
    int rc;
125

    
126
    oss << "DELETE FROM " << table << " WHERE oid=" << oid;
127

    
128
    rc = db->exec(oss);
129

    
130
    if ( rc == 0 )
131
    {
132
        set_valid(false);
133
    }
134

    
135
    return rc;
136
}
137

    
138
/* -------------------------------------------------------------------------- */
139
/* -------------------------------------------------------------------------- */
140

    
141
void PoolObjectSQL::set_template_error_message(const string& message)
142
{
143
    set_template_error_message("ERROR", message);
144
}
145

    
146
/* -------------------------------------------------------------------------- */
147

    
148
void PoolObjectSQL::set_template_error_message(const string& name,
149
                                               const string& message)
150
{
151
    SingleAttribute * attr;
152
    ostringstream     error_value;
153

    
154
    error_value << one_util::log_time() << " : " << message;
155

    
156
    attr = new SingleAttribute(name, error_value.str());
157

    
158
    obj_template->erase(name);
159
    obj_template->set(attr);
160
}
161

    
162
/* -------------------------------------------------------------------------- */
163

    
164
void PoolObjectSQL::clear_template_error_message()
165
{
166
    remove_template_attribute("ERROR");
167
}
168

    
169
/* -------------------------------------------------------------------------- */
170
/* -------------------------------------------------------------------------- */
171

    
172
int PoolObjectSQL::replace_template(
173
        const string& tmpl_str, bool keep_restricted, string& error)
174
{
175
    Template * old_tmpl = 0;
176
    Template * new_tmpl = get_new_template();
177

    
178
    if ( new_tmpl == 0 )
179
    {
180
        error = "Cannot allocate a new template";
181
        return -1;
182
    }
183

    
184
    if ( new_tmpl->parse_str_or_xml(tmpl_str, error) != 0 )
185
    {
186
        delete new_tmpl;
187
        return -1;
188
    }
189

    
190
    if (obj_template != 0)
191
    {
192
        old_tmpl = new Template(*obj_template);
193
    }
194

    
195
    if (keep_restricted && new_tmpl->has_restricted())
196
    {
197
        new_tmpl->remove_restricted();
198

    
199
        if (obj_template != 0)
200
        {
201
            obj_template->remove_all_except_restricted();
202

    
203
            string aux_error;
204
            new_tmpl->merge(obj_template, aux_error);
205
        }
206
    }
207

    
208
    delete obj_template;
209

    
210
    obj_template = new_tmpl;
211

    
212
    if (post_update_template(error) == -1)
213
    {
214
        delete obj_template;
215

    
216
        if (old_tmpl != 0)
217
        {
218
            obj_template = old_tmpl;
219
        }
220
        else
221
        {
222
            obj_template = 0;
223
        }
224

    
225
        return -1;
226
    }
227

    
228
    delete old_tmpl;
229

    
230
    return 0;
231
}
232

    
233
/* -------------------------------------------------------------------------- */
234
/* -------------------------------------------------------------------------- */
235

    
236
int PoolObjectSQL::append_template(
237
        const string& tmpl_str, bool keep_restricted, string& error)
238
{
239
    Template * old_tmpl = 0;
240
    Template * new_tmpl = get_new_template();
241

    
242
    if ( new_tmpl == 0 )
243
    {
244
        error = "Cannot allocate a new template";
245
        return -1;
246
    }
247

    
248
    if ( new_tmpl->parse_str_or_xml(tmpl_str, error) != 0 )
249
    {
250
        delete new_tmpl;
251
        return -1;
252
    }
253

    
254
    if (keep_restricted)
255
    {
256
        new_tmpl->remove_restricted();
257
    }
258

    
259
    if ( obj_template != 0 )
260
    {
261
        old_tmpl = new Template(*obj_template);
262

    
263
        obj_template->merge(new_tmpl, error);
264
        delete new_tmpl;
265
    }
266
    else
267
    {
268
        obj_template = new_tmpl;
269
    }
270

    
271
    if (post_update_template(error) == -1)
272
    {
273
        delete obj_template;
274

    
275
        if (old_tmpl != 0)
276
        {
277
            obj_template = old_tmpl;
278
        }
279
        else
280
        {
281
            obj_template = 0;
282
        }
283

    
284
        return -1;
285
    }
286

    
287
    delete old_tmpl;
288

    
289
    return 0;
290
}
291

    
292
/* -------------------------------------------------------------------------- */
293
/* -------------------------------------------------------------------------- */
294

    
295
string& PoolObjectSQL::perms_to_xml(string& xml) const
296
{
297
    ostringstream   oss;
298

    
299
    oss <<
300
        "<PERMISSIONS>" <<
301
            "<OWNER_U>" << owner_u << "</OWNER_U>"  <<
302
            "<OWNER_M>" << owner_m << "</OWNER_M>"  <<
303
            "<OWNER_A>" << owner_a << "</OWNER_A>"  <<
304
            "<GROUP_U>" << group_u << "</GROUP_U>"  <<
305
            "<GROUP_M>" << group_m << "</GROUP_M>"  <<
306
            "<GROUP_A>" << group_a << "</GROUP_A>"  <<
307
            "<OTHER_U>" << other_u << "</OTHER_U>"  <<
308
            "<OTHER_M>" << other_m << "</OTHER_M>"  <<
309
            "<OTHER_A>" << other_a << "</OTHER_A>"  <<
310
        "</PERMISSIONS>";
311

    
312
    xml = oss.str();
313
    return xml;
314
}
315

    
316
/* -------------------------------------------------------------------------- */
317
/* -------------------------------------------------------------------------- */
318

    
319
int PoolObjectSQL::perms_from_xml()
320
{
321
    int rc = 0;
322

    
323
    rc += xpath(owner_u, "/*/PERMISSIONS/OWNER_U", 0);
324
    rc += xpath(owner_m, "/*/PERMISSIONS/OWNER_M", 0);
325
    rc += xpath(owner_a, "/*/PERMISSIONS/OWNER_A", 0);
326

    
327
    rc += xpath(group_u, "/*/PERMISSIONS/GROUP_U", 0);
328
    rc += xpath(group_m, "/*/PERMISSIONS/GROUP_M", 0);
329
    rc += xpath(group_a, "/*/PERMISSIONS/GROUP_A", 0);
330

    
331
    rc += xpath(other_u, "/*/PERMISSIONS/OTHER_U", 0);
332
    rc += xpath(other_m, "/*/PERMISSIONS/OTHER_M", 0);
333
    rc += xpath(other_a, "/*/PERMISSIONS/OTHER_A", 0);
334

    
335
    return rc;
336
}
337

    
338
/* -------------------------------------------------------------------------- */
339
/* -------------------------------------------------------------------------- */
340

    
341
void PoolObjectSQL::get_permissions(PoolObjectAuth& auth)
342
{
343
    auth.obj_type = obj_type;
344

    
345
    auth.oid = oid;
346
    auth.uid = uid;
347
    auth.gid = gid;
348

    
349
    auth.owner_u = owner_u;
350
    auth.owner_m = owner_m;
351
    auth.owner_a = owner_a;
352

    
353
    auth.group_u = group_u;
354
    auth.group_m = group_m;
355
    auth.group_a = group_a;
356

    
357
    auth.other_u = other_u;
358
    auth.other_m = other_m;
359
    auth.other_a = other_a;
360

    
361
    Clusterable* cl = dynamic_cast<Clusterable*>(this);
362

    
363
    if(cl != 0)
364
    {
365
        auth.cids = cl->get_cluster_ids();
366
    }
367
}
368

    
369
/* -------------------------------------------------------------------------- */
370
/* -------------------------------------------------------------------------- */
371

    
372
int PoolObjectSQL::set_permissions( int _owner_u,
373
                                    int _owner_m,
374
                                    int _owner_a,
375
                                    int _group_u,
376
                                    int _group_m,
377
                                    int _group_a,
378
                                    int _other_u,
379
                                    int _other_m,
380
                                    int _other_a,
381
                                    string& error_str)
382
{
383
    if ( _owner_u < -1 || _owner_u > 1 ) goto error_value;
384
    if ( _owner_m < -1 || _owner_m > 1 ) goto error_value;
385
    if ( _owner_a < -1 || _owner_a > 1 ) goto error_value;
386
    if ( _group_u < -1 || _group_u > 1 ) goto error_value;
387
    if ( _group_m < -1 || _group_m > 1 ) goto error_value;
388
    if ( _group_a < -1 || _group_a > 1 ) goto error_value;
389
    if ( _other_u < -1 || _other_u > 1 ) goto error_value;
390
    if ( _other_m < -1 || _other_m > 1 ) goto error_value;
391
    if ( _other_a < -1 || _other_a > 1 ) goto error_value;
392

    
393
    set_perm(owner_u, _owner_u);
394
    set_perm(owner_m, _owner_m);
395
    set_perm(owner_a, _owner_a);
396
    set_perm(group_u, _group_u);
397
    set_perm(group_m, _group_m);
398
    set_perm(group_a, _group_a);
399
    set_perm(other_u, _other_u);
400
    set_perm(other_m, _other_m);
401
    set_perm(other_a, _other_a);
402

    
403
    return 0;
404

    
405
error_value:
406
    error_str = "New permission values must be -1, 0 or 1";
407
    return -1;
408
}
409

    
410
/* -------------------------------------------------------------------------- */
411
/* -------------------------------------------------------------------------- */
412

    
413
void PoolObjectSQL::set_umask(int umask)
414
{
415
    int perms;
416
    bool enable_other;
417

    
418
    Nebula::instance().get_configuration_attribute(
419
            "ENABLE_OTHER_PERMISSIONS", enable_other);
420

    
421
    if (uid == 0 || gid == 0)
422
    {
423
        perms = 0777;
424
    }
425
    else if (enable_other)
426
    {
427
        perms = 0666;
428
    }
429
    else
430
    {
431
        perms = 0660;
432
    }
433

    
434
    perms = perms & ~umask;
435

    
436
    owner_u = ( (perms & 0400) != 0 ) ? 1 : 0;
437
    owner_m = ( (perms & 0200) != 0 ) ? 1 : 0;
438
    owner_a = ( (perms & 0100) != 0 ) ? 1 : 0;
439
    group_u = ( (perms & 0040) != 0 ) ? 1 : 0;
440
    group_m = ( (perms & 0020) != 0 ) ? 1 : 0;
441
    group_a = ( (perms & 0010) != 0 ) ? 1 : 0;
442
    other_u = ( (perms & 0004) != 0 ) ? 1 : 0;
443
    other_m = ( (perms & 0002) != 0 ) ? 1 : 0;
444
    other_a = ( (perms & 0001) != 0 ) ? 1 : 0;
445

    
446
}
447

    
448
/* -------------------------------------------------------------------------- */
449
/* -------------------------------------------------------------------------- */
450

    
451
bool PoolObjectSQL::name_is_valid(const string& obj_name,
452
                                  const string& extra_chars,
453
                                  string& error_str)
454
{
455
    size_t pos;
456

    
457
    if ( obj_name.empty() )
458
    {
459
        error_str = "Invalid NAME, it cannot be empty";
460
        return false;
461
    }
462

    
463
    if (extra_chars.empty())
464
    {
465
        pos = obj_name.find_first_of(INVALID_NAME_CHARS);
466
    }
467
    else
468
    {
469
        string invalid_chars = INVALID_NAME_CHARS + extra_chars;
470
        pos = obj_name.find_first_of(invalid_chars);
471
    }
472

    
473
    if ( pos != string::npos )
474
    {
475
        ostringstream oss;
476
        oss << "Invalid NAME, char '" << obj_name.at(pos) << "' is not allowed";
477

    
478
        error_str = oss.str();
479
        return false;
480
    }
481

    
482
    if ( obj_name.length() > 128 )
483
    {
484
        error_str = "Invalid NAME, max length is 128 chars";
485
        return false;
486
    }
487

    
488
    return true;
489
}
490

    
491
/* -------------------------------------------------------------------------- */
492
/* -------------------------------------------------------------------------- */
493

    
494
int PoolObjectSQL::lock_db(const string& owner)
495
{
496
    if (locked && time(0) < lock_expires)
497
    {
498
        return -1;
499
    }
500

    
501
    locked       = true;
502
    lock_expires = time(0) + LOCK_DB_EXPIRATION;
503
    lock_owner   = owner;
504

    
505
    return 0;
506
}
507

    
508
/* -------------------------------------------------------------------------- */
509
/* -------------------------------------------------------------------------- */
510

    
511
void PoolObjectSQL::unlock_db(const string& owner)
512
{
513
    // Check if owner == lock_owner?
514

    
515
    locked       = false;
516
    lock_expires = 0;
517
    lock_owner   = "";
518
}
519

    
520
/* -------------------------------------------------------------------------- */
521
/* -------------------------------------------------------------------------- */
522

    
523
string& PoolObjectSQL::lock_db_to_xml(string& xml) const
524
{
525
    ostringstream   oss;
526
    int locked_int = locked ? 1 : 0;
527

    
528
    oss << "<LOCK>"
529
            << "<LOCKED>"  << locked_int   << "</LOCKED>"
530
            << "<OWNER>"   << one_util::escape_xml(lock_owner) << "</OWNER>"
531
            << "<EXPIRES>" << lock_expires << "</EXPIRES>"
532
        << "</LOCK>";
533

    
534
    xml = oss.str();
535
    return xml;
536
}
537

    
538
/* -------------------------------------------------------------------------- */
539
/* -------------------------------------------------------------------------- */
540

    
541
int PoolObjectSQL::lock_db_from_xml()
542
{
543
    int rc = 0;
544
    int locked_int;
545

    
546
    rc += xpath(locked_int,   "/*/LOCK/LOCKED", 0);
547
    rc += xpath(lock_owner,   "/*/LOCK/OWNER", "");
548
    rc += xpath<time_t>(lock_expires, "/*/LOCK/EXPIRES", 0);
549

    
550
    locked = locked_int;
551

    
552
    return rc;
553
}