Inheritance: DBRecord
Exemplo n.º 1
0
		public WebServiceResponse EditUser (WebServiceLogin login, DBPerson user)
		{
			WebServiceResponse response = new WebServiceResponse ();

			using (DB db = new DB ()) {
				Authenticate (db, login, response, true);
				
				if (user.id == 0) {
					/* new user, anybody can create new users */
					/* create a new person object, and only copy over the fields self is allowed to edit */

					if (string.IsNullOrEmpty (user.password) || user.password.Length < 8) {
						response.Exception = new WebServiceException ("Password must be at least 8 characters long");
						return response;
					}

					DBPerson person = new DBPerson ();
					person.fullname = user.fullname;
					person.login = user.login;
					person.password = user.password;
					person.irc_nicknames = user.irc_nicknames;
					person.Save (db);
				} else {
					if (Utilities.IsInRole (response, Roles.Administrator)) {
						/* admin editing (or adming editing self) */
						user.Save (db); // no restrictions
					} else if (response.UserName == user.login) {
						/* editing self */
						/* create another person object, and only copy over the fields self is allowed to edit */
						DBPerson person = DBPerson_Extensions.Create (db, user.id);
						person.fullname = user.fullname;
						person.password = user.password;
						person.irc_nicknames = user.irc_nicknames;
						person.Save (db);
					} else {
						/* somebody else editing some other person */
						response.Exception = new WebServiceException (new HttpException (403, "You're not allowed to edit this user"));
					}
				}
			}

			return response;
		}
Exemplo n.º 2
0
		public GetUserResponse GetUser (WebServiceLogin login, int? id, string username)
		{
			DBPerson result = null;
			GetUserResponse response = new GetUserResponse ();

			using (DB db = new DB ()) {
				Authenticate (db, login, response, true);

				if (!id.HasValue) {
					using (IDbCommand cmd = db.CreateCommand ()) {
						cmd.CommandText = "SELECT * FROM Person WHERE login = @login;";
						DB.CreateParameter (cmd, "login", username);
						using (IDataReader reader = cmd.ExecuteReader ()) {
							if (reader.Read ())
								result = new DBPerson (reader);
						}
					}
				} else {
					result = DBPerson_Extensions.Create (db, id.Value);
				}

				if (result != null && (result.login == response.UserName || Utilities.IsInRole (response, Roles.Administrator))) {
					result.Emails = result.GetEmails (db).ToArray ();
					response.User = result;
				} else {
					response.Exception = new WebServiceException (new HttpException (403, "You don't have access to this user's data"));
				}
			}

			return response;
		}
Exemplo n.º 3
0
		private void FindPerson (DBPerson person, List<DBPerson> people)
		{
			using (DB db = new DB ()) {
				using (IDbCommand cmd = db.CreateCommand ()) {
					cmd.CommandText = string.Empty;

					// find registered people with the same email
					if (person.Emails != null) {
						int email_counter = 0;
						foreach (string email in person.Emails) {
							if (string.IsNullOrEmpty (email))
								continue;
							email_counter++;
							cmd.CommandText += "SELECT Person.* FROM Person INNER JOIN UserEmail ON Person.id = UserEmail.person_id WHERE UserEmail.email ILIKE @email" + email_counter.ToString () + ";\n";
							DB.CreateParameter (cmd, "email" + email_counter.ToString (), email);
						}
					}

					// find registered people with the same fullname
					if (!string.IsNullOrEmpty (person.fullname)) {
						cmd.CommandText += "SELECT Person.* FROM Person WHERE fullname ILIKE @fullname;";
						DB.CreateParameter (cmd, "fullname", person.fullname);
					}

					using (IDataReader reader = cmd.ExecuteReader ()) {
						do {
							while (reader.Read ()) {
								DBPerson guy = new DBPerson (reader);
								if (people.Exists ((v) => v.id == guy.id))
									continue;
								people.Add (guy);
							}
						} while (reader.NextResult ());
					}
				}
			}

			if (people.Count == 0)
				people.Add (person);
		}
Exemplo n.º 4
0
		public void EditHostWithPassword (WebServiceLogin login, DBHost host, string password)
		{
			using (DB db = new DB ()) {
				using (IDbTransaction transaction = db.BeginTransaction ()) {
					VerifyUserInRole (db, login, Roles.Administrator);

					var oldHost = FindHost (db, host.id, null);
					host.Save (db);

					// NOTE: it is possible to change the password of an existing account by creating 
					// a host with the same name and specify the password. Given that admin rights
					// are required to create/modify hosts, it shouldn't pose a security issue.

					// TODO: if host changed name, delete the old user account.
					DBPerson person = FindPerson (db, host.host);

					if (person == null) {
						person = new DBPerson ();
						person.login = host.host;
						person.roles = Roles.BuildBot;
					} else {
						if (person.roles != Roles.BuildBot)
							throw new ArgumentException ("The hosts entry in the person table must have its roles set to 'BuildBot'.");
					}
					person.password = password;
					person.Save (db);
					transaction.Commit ();

					Audit (login, "edited host `{0}` -> `{1}`",
						Newtonsoft.Json.JsonConvert.SerializeObject(oldHost),
						Newtonsoft.Json.JsonConvert.SerializeObject(host)
					);
				}
			}
		}
Exemplo n.º 5
0
		public static void FindPeopleForCommit (DBLane lane, DBRevision revision, List<DBPerson> people)
		{
			DBPerson person;
			try {
				foreach (string repository in lane.repository.Split (new char [] { ',' }, StringSplitOptions.RemoveEmptyEntries)) {
					string cache_dir = Configuration.GetSchedulerRepositoryCacheDirectory (repository);

					if (!Directory.Exists (cache_dir))
						continue;

					using (Process git = new Process ()) {
						DateTime git_start = DateTime.Now;
						git.StartInfo.FileName = "git";
						git.StartInfo.Arguments = "log -1 --pretty=format:'%aE%n%aN%n%cE%n%cN' " + revision.revision;
						git.StartInfo.WorkingDirectory = cache_dir;
						git.StartInfo.UseShellExecute = false;
						git.StartInfo.RedirectStandardOutput = true;

						git.Start ();

						string author_email = git.StandardOutput.ReadLine ();
						string author_name = git.StandardOutput.ReadLine ();
						string committer_email = git.StandardOutput.ReadLine ();
						string committer_name = git.StandardOutput.ReadLine ();

						// Wait 10 minutes for git to finish, otherwise abort.
						if (!git.WaitForExit (1000 * 60 * 10)) {
							GITUpdater.log.Error ("Getting commit info took more than 10 minutes, aborting.");
							try {
								git.Kill ();
								git.WaitForExit (10000); // Give the process 10 more seconds to completely exit.
							} catch (Exception ex) {
								GITUpdater.log.ErrorFormat ("Aborting commit info retrieval failed: {0}", ex.ToString ());
							}
						}

						if (git.HasExited && git.ExitCode == 0) {
							GITUpdater.log.InfoFormat ("Got commit info successfully in {0} seconds", (DateTime.Now - git_start).TotalSeconds);
							person = new DBPerson ();
							person.fullname = author_name;
							person.Emails = new string [] { author_email };
							people.Add (person);
							if (author_name != committer_name && !string.IsNullOrEmpty (committer_name)) {
								person = new DBPerson ();
								person.fullname = committer_name;
								person.Emails = new string [] {committer_email};
								people.Add (person);
							}
							GITUpdater.log.DebugFormat ("Git commit info for {0}: author_name = {1} author_email: {2} committer_name: {3} committer_email: {4}", revision.revision, author_name, author_email, committer_name, committer_email);
						} else {
							GITUpdater.log.ErrorFormat ("Didn't get commit info, HasExited: {0}, ExitCode: {1}", git.HasExited, git.HasExited ? git.ExitCode.ToString () : "N/A");
						}
					}
				}
			} catch (Exception ex) {
				GITUpdater.log.ErrorFormat ("Exception while trying to get commit info: {0}", ex.ToString ());
			}
		}
Exemplo n.º 6
0
		public static void LoginDB (DB db, LoginResponse response, string username, string roles, string ip4) {
			// We now create an account with an empty password and the specified roles.
			// Note that it is not possible to log into an account with an empty password
			// using the normal login procedure.

			DBPerson open_person = null;

			using (IDbCommand cmd = db.CreateCommand ()) {
				cmd.CommandText = @"SELECT * FROM Person WHERE login = @login;";
				DB.CreateParameter (cmd, "login", username);
				using (var reader = cmd.ExecuteReader ()) {
					if (reader.Read ())
						open_person = new DBPerson (reader);
				}
			}

			if (open_person == null) {
				open_person = new DBPerson ();
				open_person.login = username;
				open_person.roles = roles;
				open_person.Save (db);
			} else {
				// only save if something has changed
				if (open_person.roles != roles) {
					open_person.roles = roles;
					open_person.Save (db);
				}
			}
			WebServiceLogin login = new WebServiceLogin ();
			login.Ip4 = ip4;
			login.User = open_person.login;
			db.Audit (login, "DBLogin_Extensions.Login (username: {0}, ip4: {1})", username, ip4);

			var result = new DBLogin ();
			result.person_id = open_person.id;
			result.ip4 = ip4;
			result.cookie = CreateCookie ();
			result.expires = DateTime.Now.AddDays (1);
			result.Save (db);

			response.User = username;
			response.UserName = username;
			response.UserRoles = open_person.Roles;
			response.Cookie = result.cookie;
		}
Exemplo n.º 7
0
	protected void cmdSave_OnClick (object sender, EventArgs e)
	{
		WebServiceResponse rsp;
		DBPerson user;
		bool created = false;

		if (response == null) {
			user = new DBPerson ();
			user.login = txtUserName.Text;
			created = true;
		} else {
			user = response.User;
		}
		user.fullname = txtFullName.Text;
		user.password = txtPassword.Text;
		user.roles = txtRoles.Text;
		user.irc_nicknames = txtIRCNicks.Text;
		rsp = Utils.LocalWebService.EditUser (Master.WebServiceLogin, user);
		if (rsp.Exception != null) {
			lblMessage.Text = rsp.Exception.Message;
		} else {
			if (!Authentication.IsLoggedIn (rsp) && created) {
				Authentication.Login (user.login, user.password, Request, Response);
			}
			Response.Redirect ("User.aspx?username=" + HttpUtility.UrlEncode (user.login), false);
		}
	}
		public static void LoginOpenId (DB db, LoginResponse response, string email, string ip4)
		{
			if (string.IsNullOrEmpty (Configuration.OpenIdProvider) && string.IsNullOrEmpty (Configuration.OauthClientId))
				throw new Exception ("No OpenId provider available");

			if (string.IsNullOrEmpty (Configuration.OpenIdRoles))
				throw new Exception ("No OpenId roles specified");

			if (string.IsNullOrEmpty (email))
				throw new Exception ("OpenId authentication requires an email");
			
			string [] specs = Configuration.OpenIdRoles.Split (';');
			foreach (var spec in specs) {
				// email:role1,role2
				string [] split = spec.Split (':');
				if (split.Length != 2) {
					log.ErrorFormat ("AuthenticateOpenId: Invalid role spec: {0}", spec);
					continue;
				}

				if (string.IsNullOrEmpty (split [1])) {
					log.ErrorFormat ("AuthenticateOpenId: No roles specified for {0}", split [0]);
					continue;
				}

				if (!Regex.IsMatch (email, split [0]))
					continue;

				// We now create an account with an empty password and the specified roles.
				// Note that it is not possible to log into an account with an empty password
				// using the normal login procedure.

				DBPerson open_person = null;

				using (IDbCommand cmd = db.CreateCommand ()) {
					cmd.CommandText = @"SELECT * FROM Person WHERE login = @login;";
					DB.CreateParameter (cmd, "login", email);
					using (var reader = cmd.ExecuteReader ()) {
						if (reader.Read ())
							open_person = new DBPerson (reader);
					}
				}

				if (open_person == null) {
					open_person = new DBPerson ();
					open_person.login = email;
					open_person.roles = split [1];
					open_person.Save (db);
				} else {
					// only save if something has changed
					if (open_person.roles != split [1]) {
						open_person.roles = split [1];
						open_person.Save (db);
					}
				}
				WebServiceLogin login = new WebServiceLogin ();
				login.Ip4 = ip4;
				login.User = open_person.login;
				db.Audit (login, "DBLogin_Extensions.LoginOpenId (email: {0}, ip4: {1})", email, ip4);

				var result = new DBLogin ();
				result.person_id = open_person.id;
				result.ip4 = ip4;
				result.cookie = CreateCookie ();
				result.expires = DateTime.Now.AddDays (1);
				result.Save (db);
				
				response.User = email;
				response.UserName = email;
				response.UserRoles = open_person.Roles;
				response.Cookie = result.cookie;

				return;
			}

			throw new Exception ("The provided email address is not allowed to log in");
		}
Exemplo n.º 9
0
		public static void FindPeopleForCommit (DBLane lane, DBRevision revision, List<DBPerson> people)
		{
			DBPerson person = new DBPerson ();
			person.fullname = revision.author;
			people.Add (person);
		}