+
+// TODO: I am not sure if this function is implemented correctly.
+// There is currently no concept of migraiton between auth backends.
+bool Core::selectAuthenticator(const QString& backend)
+{
+ // Register all authentication backends.
+ registerAuthenticators();
+ auto auther = authenticator(backend);
+ if (!auther) {
+ QStringList authenticators;
+ std::transform(_registeredAuthenticators.begin(),
+ _registeredAuthenticators.end(),
+ std::back_inserter(authenticators),
+ [](const DeferredSharedPtr<Authenticator>& authenticator) { return authenticator->displayName(); });
+ qWarning() << qPrintable(tr("Unsupported authenticator: %1").arg(backend));
+ qWarning() << qPrintable(tr("Supported authenticators are:")) << qPrintable(authenticators.join(", "));
+ return false;
+ }
+
+ QVariantMap settings = promptForSettings(auther.get());
+
+ Authenticator::State state = auther->init(settings);
+ switch (state) {
+ case Authenticator::IsReady:
+ saveAuthenticatorSettings(backend, settings);
+ qWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend));
+ return true;
+ case Authenticator::NotAvailable:
+ qCritical() << qPrintable(tr("Authenticator is not available: %1").arg(backend));
+ return false;
+ case Authenticator::NeedsSetup:
+ if (!auther->setup(settings)) {
+ qWarning() << qPrintable(tr("Unable to setup authenticator: %1").arg(backend));
+ return false;
+ }
+
+ if (auther->init(settings) != Authenticator::IsReady) {
+ qWarning() << qPrintable(tr("Unable to initialize authenticator: %1").arg(backend));
+ return false;
+ }
+
+ saveAuthenticatorSettings(backend, settings);
+ qWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend));
+ }
+
+ _authenticator = std::move(auther);
+ return true;
+}
+
+bool Core::createUser()
+{
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ out << "Add a new user:" << endl;
+ out << "Username: ";
+ out.flush();
+ QString username = in.readLine().trimmed();
+
+ disableStdInEcho();
+ out << "Password: ";
+ out.flush();
+ QString password = in.readLine().trimmed();
+ out << endl;
+ out << "Repeat Password: ";
+ out.flush();
+ QString password2 = in.readLine().trimmed();
+ out << endl;
+ enableStdInEcho();
+
+ if (password != password2) {
+ qWarning() << "Passwords don't match!";
+ return false;
+ }
+ if (password.isEmpty()) {
+ qWarning() << "Password is empty!";
+ return false;
+ }
+
+ if (_configured && _storage->addUser(username, password).isValid()) {
+ out << "Added user " << username << " successfully!" << endl;
+ return true;
+ }
+ else {
+ qWarning() << "Unable to add user:" << qPrintable(username);
+ return false;
+ }
+}
+
+bool Core::changeUserPass(const QString& username)
+{
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ UserId userId = _storage->getUserId(username);
+ if (!userId.isValid()) {
+ out << "User " << username << " does not exist." << endl;
+ return false;
+ }
+
+ if (!canChangeUserPassword(userId)) {
+ out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl;
+ return false;
+ }
+
+ out << "Change password for user: " << username << endl;
+
+ disableStdInEcho();
+ out << "New Password: ";
+ out.flush();
+ QString password = in.readLine().trimmed();
+ out << endl;
+ out << "Repeat Password: ";
+ out.flush();
+ QString password2 = in.readLine().trimmed();
+ out << endl;
+ enableStdInEcho();
+
+ if (password != password2) {
+ qWarning() << "Passwords don't match!";
+ return false;
+ }
+ if (password.isEmpty()) {
+ qWarning() << "Password is empty!";
+ return false;
+ }
+
+ if (_configured && _storage->updateUser(userId, password)) {
+ out << "Password changed successfully!" << endl;
+ return true;
+ }
+ else {
+ qWarning() << "Failed to change password!";
+ return false;
+ }
+}
+
+bool Core::changeUserPassword(UserId userId, const QString& password)
+{
+ if (!isConfigured() || !userId.isValid())
+ return false;
+
+ if (!canChangeUserPassword(userId))
+ return false;
+
+ return instance()->_storage->updateUser(userId, password);
+}
+
+// TODO: this code isn't currently 100% optimal because the core
+// doesn't know it can have multiple auth providers configured (there aren't
+// multiple auth providers at the moment anyway) and we have hardcoded the
+// Database provider to be always allowed.
+bool Core::canChangeUserPassword(UserId userId)
+{
+ QString authProvider = instance()->_storage->getUserAuthenticator(userId);
+ if (authProvider != "Database") {
+ if (authProvider != instance()->_authenticator->backendId()) {
+ return false;
+ }
+ else if (instance()->_authenticator->canChangePassword()) {
+ return false;
+ }
+ }
+ return true;
+}
+
+std::unique_ptr<AbstractSqlMigrationReader> Core::getMigrationReader(Storage* storage)
+{
+ if (!storage)
+ return nullptr;
+
+ auto* sqlStorage = qobject_cast<AbstractSqlStorage*>(storage);
+ if (!sqlStorage) {
+ qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
+ return nullptr;
+ }
+
+ return sqlStorage->createMigrationReader();
+}
+
+std::unique_ptr<AbstractSqlMigrationWriter> Core::getMigrationWriter(Storage* storage)
+{
+ if (!storage)
+ return nullptr;
+
+ auto* sqlStorage = qobject_cast<AbstractSqlStorage*>(storage);
+ if (!sqlStorage) {
+ qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!";
+ return nullptr;
+ }
+
+ return sqlStorage->createMigrationWriter();
+}
+
+bool Core::saveBackendSettings(const QString& backend, const QVariantMap& settings)
+{
+ QVariantMap dbsettings;
+ dbsettings["Backend"] = backend;
+ dbsettings["ConnectionProperties"] = settings;
+ CoreSettings s = CoreSettings();
+ s.setStorageSettings(dbsettings);
+ return s.sync();
+}
+
+void Core::saveAuthenticatorSettings(const QString& backend, const QVariantMap& settings)
+{
+ QVariantMap dbsettings;
+ dbsettings["Authenticator"] = backend;
+ dbsettings["AuthProperties"] = settings;
+ CoreSettings().setAuthSettings(dbsettings);
+}
+
+// Generic version of promptForSettings that doesn't care what *type* of
+// backend it runs over.
+template<typename Backend>
+QVariantMap Core::promptForSettings(const Backend* backend)
+{
+ QVariantMap settings;
+ const QVariantList& setupData = backend->setupData();
+
+ if (setupData.isEmpty())
+ return settings;
+
+ QTextStream out(stdout);
+ QTextStream in(stdin);
+ out << "Default values are in brackets" << endl;
+
+ for (int i = 0; i + 2 < setupData.size(); i += 3) {
+ QString key = setupData[i].toString();
+ out << setupData[i + 1].toString() << " [" << setupData[i + 2].toString() << "]: " << flush;
+
+ bool noEcho = key.toLower().contains("password");
+ if (noEcho) {
+ disableStdInEcho();
+ }
+ QString input = in.readLine().trimmed();
+ if (noEcho) {
+ out << endl;
+ enableStdInEcho();
+ }
+
+ QVariant value{setupData[i + 2]};
+ if (!input.isEmpty()) {
+ switch (value.type()) {
+ case QVariant::Int:
+ value = input.toInt();
+ break;
+ default:
+ value = input;
+ }
+ }
+ settings[key] = value;
+ }
+ return settings;
+}
+
+#ifdef Q_OS_WIN
+void Core::stdInEcho(bool on)
+{
+ HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE);
+ DWORD mode = 0;
+ GetConsoleMode(hStdin, &mode);
+ if (on)
+ mode |= ENABLE_ECHO_INPUT;
+ else
+ mode &= ~ENABLE_ECHO_INPUT;
+ SetConsoleMode(hStdin, mode);
+}
+
+#else
+void Core::stdInEcho(bool on)
+{
+ termios t;
+ tcgetattr(STDIN_FILENO, &t);
+ if (on)
+ t.c_lflag |= ECHO;
+ else
+ t.c_lflag &= ~ECHO;
+ tcsetattr(STDIN_FILENO, TCSANOW, &t);
+}
+
+#endif /* Q_OS_WIN */