X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fcore.cpp;h=d596344ca83d560d9c26fca79ac8b105d74c17a0;hp=18f022b13cfcb07cc0bf06dddf2ca569647b415e;hb=5fc6f7e2d63b45770574260afd6ce535e9548d23;hpb=e042ae69dbe4f42e9e4441f4b5832cfe5ca89067 diff --git a/src/core/core.cpp b/src/core/core.cpp index 18f022b1..d596344c 100644 --- a/src/core/core.cpp +++ b/src/core/core.cpp @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-09 by the Quassel Project * + * Copyright (C) 2005-2018 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -15,952 +15,1251 @@ * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the * * Free Software Foundation, Inc., * - * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * + * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ***************************************************************************/ +#include + #include #include "core.h" +#include "coreauthhandler.h" #include "coresession.h" #include "coresettings.h" +#include "logger.h" +#include "internalpeer.h" +#include "network.h" #include "postgresqlstorage.h" #include "quassel.h" -#include "signalproxy.h" +#include "sqlauthenticator.h" #include "sqlitestorage.h" -#include "network.h" -#include "logger.h" - #include "util.h" +// Currently building with LDAP bindings is optional. +#ifdef HAVE_LDAP +#include "ldapauthenticator.h" +#endif + // migration related #include -#ifdef Q_OS_WIN32 +#ifdef Q_OS_WIN # include #else +# include # include -#endif /* Q_OS_WIN32 */ +#endif /* Q_OS_WIN */ -Core *Core::instanceptr = 0; +// ============================== +// Custom Events +// ============================== +const int Core::AddClientEventId = QEvent::registerEventType(); -Core *Core::instance() { - if(instanceptr) return instanceptr; - instanceptr = new Core(); - instanceptr->init(); - return instanceptr; -} +class AddClientEvent : public QEvent +{ +public: + AddClientEvent(RemotePeer *p, UserId uid) : QEvent(QEvent::Type(Core::AddClientEventId)), peer(p), userId(uid) {} + RemotePeer *peer; + UserId userId; +}; -void Core::destroy() { - delete instanceptr; - instanceptr = 0; + +// ============================== +// Core +// ============================== +Core *Core::_instance{nullptr}; + +Core *Core::instance() +{ + return _instance; } + Core::Core() - : _storage(0) { - _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :) + if (_instance) { + qWarning() << "Recreating core instance!"; + delete _instance; + } + _instance = this; - Quassel::loadTranslation(QLocale::system()); + // Parent all QObject-derived attributes, so when the Core instance gets moved into another + // thread, they get moved with it + _server.setParent(this); + _v6server.setParent(this); + _storageSyncTimer.setParent(this); +} - // FIXME: MIGRATION 0.3 -> 0.4: Move database and core config to new location - // Move settings, note this does not delete the old files -#ifdef Q_WS_MAC - QSettings newSettings("quassel-irc.org", "quasselcore"); -#else -# ifdef Q_WS_WIN - QSettings::Format format = QSettings::IniFormat; -# else - QSettings::Format format = QSettings::NativeFormat; -# endif - QString newFilePath = Quassel::configDirPath() + "quasselcore" - + ((format == QSettings::NativeFormat) ? QLatin1String(".conf") : QLatin1String(".ini")); - QSettings newSettings(newFilePath, format); -#endif /* Q_WS_MAC */ - - if(newSettings.value("Config/Version").toUInt() == 0) { -# ifdef Q_WS_MAC - QString org = "quassel-irc.org"; -# else - QString org = "Quassel Project"; -# endif - QSettings oldSettings(org, "Quassel Core"); - if(oldSettings.allKeys().count()) { - qWarning() << "\n\n*** IMPORTANT: Config and data file locations have changed. Attempting to auto-migrate your core settings..."; - foreach(QString key, oldSettings.allKeys()) - newSettings.setValue(key, oldSettings.value(key)); - newSettings.setValue("Config/Version", 1); - qWarning() << "* Your core settings have been migrated to" << newSettings.fileName(); - -#ifndef Q_WS_MAC /* we don't need to move the db and cert for mac */ -#ifdef Q_OS_WIN32 - QString quasselDir = qgetenv("APPDATA") + "/quassel/"; -#elif defined Q_WS_MAC - QString quasselDir = QDir::homePath() + "/Library/Application Support/Quassel/"; -#else - QString quasselDir = QDir::homePath() + "/.quassel/"; -#endif +Core::~Core() +{ + saveState(); + qDeleteAll(_connectingClients); + qDeleteAll(_sessions); + syncStorage(); + _instance = nullptr; +} + + +bool Core::init() +{ + _startTime = QDateTime::currentDateTime().toUTC(); // for uptime :) + + if (Quassel::runMode() == Quassel::RunMode::CoreOnly) { + Quassel::loadTranslation(QLocale::system()); + } + + // check settings version + // so far, we only have 1 + CoreSettings s; + if (s.version() != 1) { + qCritical() << "Invalid core settings version, terminating!"; + QCoreApplication::exit(EXIT_FAILURE); + return false; + } + + // Set up storage and authentication backends + registerStorageBackends(); + registerAuthenticators(); + + QProcessEnvironment environment = QProcessEnvironment::systemEnvironment(); + bool config_from_environment = Quassel::isOptionSet("config-from-environment"); + + QString db_backend; + QVariantMap db_connectionProperties; + + QString auth_authenticator; + QVariantMap auth_properties; - QFileInfo info(Quassel::configDirPath() + "quassel-storage.sqlite"); - if(!info.exists()) { - // move database, if we found it - QFile oldDb(quasselDir + "quassel-storage.sqlite"); - if(oldDb.exists()) { - bool success = oldDb.rename(Quassel::configDirPath() + "quassel-storage.sqlite"); - if(success) - qWarning() << "* Your database has been moved to" << Quassel::configDirPath() + "quassel-storage.sqlite"; - else - qWarning() << "!!! Moving your database has failed. Please move it manually into" << Quassel::configDirPath(); + bool writeError = false; + + if (config_from_environment) { + db_backend = environment.value("DB_BACKEND"); + auth_authenticator = environment.value("AUTH_AUTHENTICATOR"); + } else { + CoreSettings cs; + + QVariantMap dbsettings = cs.storageSettings().toMap(); + db_backend = dbsettings.value("Backend").toString(); + db_connectionProperties = dbsettings.value("ConnectionProperties").toMap(); + + QVariantMap authSettings = cs.authSettings().toMap(); + auth_authenticator = authSettings.value("Authenticator", "Database").toString(); + auth_properties = authSettings.value("AuthProperties").toMap(); + + writeError = !cs.isWritable(); + } + + // legacy + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment); + + // Not entirely sure what is 'legacy' about the above, but it seems to be the way things work! + if (_configured) { + initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment); + } + + if (Quassel::isOptionSet("select-backend") || Quassel::isOptionSet("select-authenticator")) { + bool success{true}; + if (Quassel::isOptionSet("select-backend")) { + success &= selectBackend(Quassel::optionValue("select-backend")); } - } - // move certificate - QFileInfo certInfo(quasselDir + "quasselCert.pem"); - if(certInfo.exists()) { - QFile cert(quasselDir + "quasselCert.pem"); - bool success = cert.rename(Quassel::configDirPath() + "quasselCert.pem"); - if(success) - qWarning() << "* Your certificate has been moved to" << Quassel::configDirPath() + "quasselCert.pem"; - else - qWarning() << "!!! Moving your certificate has failed. Please move it manually into" << Quassel::configDirPath(); - } -#endif /* !Q_WS_MAC */ - qWarning() << "*** Migration completed.\n\n"; + if (Quassel::isOptionSet("select-authenticator")) { + success &= selectAuthenticator(Quassel::optionValue("select-authenticator")); + } + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; } - } - // MIGRATION end - // check settings version - // so far, we only have 1 - CoreSettings s; - if(s.version() != 1) { - qCritical() << "Invalid core settings version, terminating!"; - exit(EXIT_FAILURE); - } + if (!_configured) { + if (config_from_environment) { + _configured = initStorage(db_backend, db_connectionProperties, environment, config_from_environment, true); + initAuthenticator(auth_authenticator, auth_properties, environment, config_from_environment, true); - registerStorageBackends(); + if (!_configured) { + qWarning() << "Cannot configure from environment"; + QCoreApplication::exit(EXIT_FAILURE); + return false; + } + } + else { + if (_registeredStorageBackends.empty()) { + quWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting...")); + quWarning() + << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" + "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" + "to work.")); + QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal (especially for mono client -> popup) + return false; + } - connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); - _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes -} + if (writeError) { + qWarning() << "Cannot write quasselcore configuration; probably a permission problem."; + QCoreApplication::exit(EXIT_FAILURE); + return false; + } + + quInfo() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; + } + } + else { + if (Quassel::isOptionSet("add-user")) { + bool success = createUser(); + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; + } -void Core::init() { - CoreSettings cs; - _configured = initStorage(cs.storageSettings().toMap()); + if (Quassel::isOptionSet("change-userpass")) { + bool success = changeUserPass(Quassel::optionValue("change-userpass")); + QCoreApplication::exit(success ? EXIT_SUCCESS : EXIT_FAILURE); + return success; + } - if(Quassel::isOptionSet("select-backend")) { - selectBackend(Quassel::optionValue("select-backend")); - exit(0); - } + _strictIdentEnabled = Quassel::isOptionSet("strict-ident"); + if (_strictIdentEnabled) { + cacheSysIdent(); + } + + if (Quassel::isOptionSet("oidentd")) { + _oidentdConfigGenerator = new OidentdConfigGenerator(this); + } - if(!_configured) { - if(!_storageBackends.count()) { - qWarning() << qPrintable(tr("Could not initialize any storage backend! Exiting...")); - qWarning() << qPrintable(tr("Currently, Quassel supports SQLite3 and PostgreSQL. You need to build your\n" - "Qt library with the sqlite or postgres plugin enabled in order for quasselcore\n" - "to work.")); - exit(1); // TODO make this less brutal (especially for mono client -> popup) + + if (Quassel::isOptionSet("ident-daemon")) { + _identServer = new IdentServer(this); + } + + Quassel::registerReloadHandler([]() { + // Currently, only reloading SSL certificates and the sysident cache is supported + if (Core::instance()) { + Core::instance()->cacheSysIdent(); + Core::instance()->reloadCerts(); + return true; + } + return false; + }); + + connect(&_storageSyncTimer, SIGNAL(timeout()), this, SLOT(syncStorage())); + _storageSyncTimer.start(10 * 60 * 1000); // 10 minutes } - qWarning() << "Core is currently not configured! Please connect with a Quassel Client for basic setup."; - } - if(Quassel::isOptionSet("add-user")) { - createUser(); - exit(0); - } + connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); + connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); - if(Quassel::isOptionSet("change-userpass")) { - changeUserPass(Quassel::optionValue("change-userpass")); - exit(0); - } + if (!startListening()) { + QCoreApplication::exit(EXIT_FAILURE); // TODO make this less brutal + return false; + } - connect(&_server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); - connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection())); - if(!startListening()) exit(1); // TODO make this less brutal -} + if (_configured && !Quassel::isOptionSet("norestore")) { + Core::restoreState(); + } + + _initialized = true; + + if (_pendingInternalConnection) { + connectInternalPeer(_pendingInternalConnection); + _pendingInternalConnection = {}; + } -Core::~Core() { - foreach(QTcpSocket *socket, blocksizes.keys()) { - socket->disconnectFromHost(); // disconnect non authed clients - } - qDeleteAll(sessions); - qDeleteAll(_storageBackends); + return true; } /*** Session Restore ***/ -void Core::saveState() { - CoreSettings s; - QVariantMap state; - QVariantList activeSessions; - foreach(UserId user, instance()->sessions.keys()) activeSessions << QVariant::fromValue(user); - state["CoreStateVersion"] = 1; - state["ActiveSessions"] = activeSessions; - s.setCoreState(state); -} - -void Core::restoreState() { - if(!instance()->_configured) { - // qWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); - return; - } - if(instance()->sessions.count()) { - qWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); - return; - } - CoreSettings s; - /* We don't check, since we are at the first version since switching to Git - uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt(); - if(statever < 1) { - qWarning() << qPrintable(tr("Core state too old, ignoring...")); - return; - } - */ - QVariantList activeSessions = s.coreState().toMap()["ActiveSessions"].toList(); - if(activeSessions.count() > 0) { - quInfo() << "Restoring previous core state..."; - foreach(QVariant v, activeSessions) { - UserId user = v.value(); - instance()->createSession(user, true); - } - } +void Core::saveState() +{ + if (_storage) { + QVariantList activeSessions; + for (auto &&user : instance()->_sessions.keys()) + activeSessions << QVariant::fromValue(user); + _storage->setCoreState(activeSessions); + } +} + + +void Core::restoreState() +{ + if (!_configured) { + quWarning() << qPrintable(tr("Cannot restore a state for an unconfigured core!")); + return; + } + if (_sessions.count()) { + quWarning() << qPrintable(tr("Calling restoreState() even though active sessions exist!")); + return; + } + + CoreSettings s; + /* We don't check, since we are at the first version since switching to Git + uint statever = s.coreState().toMap()["CoreStateVersion"].toUInt(); + if(statever < 1) { + quWarning() << qPrintable(tr("Core state too old, ignoring...")); + return; + } + */ + + const QList &activeSessionsFallback = s.coreState().toMap()["ActiveSessions"].toList(); + QVariantList activeSessions = instance()->_storage->getCoreState(activeSessionsFallback); + + if (activeSessions.count() > 0) { + quInfo() << "Restoring previous core state..."; + for(auto &&v : activeSessions) { + UserId user = v.value(); + sessionForUser(user, true); + } + } } + /*** Core Setup ***/ -QString Core::setupCoreForInternalUsage() { - Q_ASSERT(!_storageBackends.isEmpty()); - QVariantMap setupData; - qsrand(QDateTime::currentDateTime().toTime_t()); - int pass = 0; - for(int i = 0; i < 10; i++) { - pass *= 10; - pass += qrand() % 10; - } - setupData["AdminUser"] = "AdminUser"; - setupData["AdminPasswd"] = QString::number(pass); - setupData["Backend"] = _storageBackends[_storageBackends.keys().first()]->displayName(); - return setupCore(setupData); -} - -QString Core::setupCore(QVariantMap setupData) { - QString user = setupData.take("AdminUser").toString(); - QString password = setupData.take("AdminPasswd").toString(); - if(user.isEmpty() || password.isEmpty()) { - return tr("Admin user or password not set."); - } - _configured = initStorage(setupData, true); - if(!_configured) { - return tr("Could not setup storage!"); - } - CoreSettings s; - s.setStorageSettings(setupData); - quInfo() << qPrintable(tr("Creating admin user...")); - _storage->addUser(user, password); - startListening(); // TODO check when we need this - return QString(); + +QString Core::setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) +{ + return instance()->setupCore(adminUser, adminPassword, backend, setupData, authenticator, authSetupData); } -/*** Storage Handling ***/ -void Core::registerStorageBackends() { - // Register storage backends here! - registerStorageBackend(new SqliteStorage(this)); - registerStorageBackend(new PostgreSqlStorage(this)); + +QString Core::setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authenticator, const QVariantMap &authSetupData) +{ + if (_configured) + return tr("Core is already configured! Not configuring again..."); + + if (adminUser.isEmpty() || adminPassword.isEmpty()) { + return tr("Admin user or password not set."); + } + if (!(_configured = initStorage(backend, setupData, {}, false, true))) { + return tr("Could not setup storage!"); + } + + quInfo() << "Selected authenticator:" << authenticator; + if (!(_configured = initAuthenticator(authenticator, authSetupData, {}, false, true))) + { + return tr("Could not setup authenticator!"); + } + + if (!saveBackendSettings(backend, setupData)) { + return tr("Could not save backend settings, probably a permission problem."); + } + saveAuthenticatorSettings(authenticator, authSetupData); + + quInfo() << qPrintable(tr("Creating admin user...")); + _storage->addUser(adminUser, adminPassword); + cacheSysIdent(); + startListening(); // TODO check when we need this + return QString(); } -bool Core::registerStorageBackend(Storage *backend) { - if(backend->isAvailable()) { - _storageBackends[backend->displayName()] = backend; - return true; - } else { - backend->deleteLater(); - return false; - } + +QString Core::setupCoreForInternalUsage() +{ + Q_ASSERT(!_registeredStorageBackends.empty()); + + qsrand(QDateTime::currentDateTime().toMSecsSinceEpoch()); + int pass = 0; + for (int i = 0; i < 10; i++) { + pass *= 10; + pass += qrand() % 10; + } + + // mono client currently needs sqlite + return setupCore("AdminUser", QString::number(pass), "SQLite", QVariantMap(), "Database", QVariantMap()); } -void Core::unregisterStorageBackends() { - foreach(Storage *s, _storageBackends.values()) { - s->deleteLater(); - } - _storageBackends.clear(); + +/*** Storage Handling ***/ + +template +void Core::registerStorageBackend() +{ + auto backend = makeDeferredShared(this); + if (backend->isAvailable()) + _registeredStorageBackends.emplace_back(std::move(backend)); + else + backend->deleteLater(); } -void Core::unregisterStorageBackend(Storage *backend) { - _storageBackends.remove(backend->displayName()); - backend->deleteLater(); + +void Core::registerStorageBackends() +{ + if (_registeredStorageBackends.empty()) { + registerStorageBackend(); + registerStorageBackend(); + } +} + + +DeferredSharedPtr Core::storageBackend(const QString &backendId) const +{ + auto it = std::find_if(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + [backendId](const DeferredSharedPtr &backend) { + return backend->displayName() == backendId; + }); + return it != _registeredStorageBackends.end() ? *it : nullptr; } // old db settings: // "Type" => "sqlite" -bool Core::initStorage(const QString &backend, QVariantMap settings, bool setup) { - _storage = 0; +bool Core::initStorage(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, bool setup) +{ + if (backend.isEmpty()) { + quWarning() << "No storage backend selected!"; + return false; + } - if(backend.isEmpty()) { - return false; - } + auto storage = storageBackend(backend); + if (!storage) { + qCritical() << "Selected storage backend is not available:" << backend; + return false; + } - Storage *storage = 0; - if(_storageBackends.contains(backend)) { - storage = _storageBackends[backend]; - } else { - qCritical() << "Selected storage backend is not available:" << backend; - return false; - } - - Storage::State storageState = storage->init(settings); - switch(storageState) { - case Storage::NeedsSetup: - if(!setup) - return false; // trigger setup process - if(storage->setup(settings)) - return initStorage(backend, settings, false); - // if setup wasn't successfull we mark the backend as unavailable - case Storage::NotAvailable: - qCritical() << "Selected storage backend is not available:" << backend; - storage->deleteLater(); - _storageBackends.remove(backend); - storage = 0; - return false; - case Storage::IsReady: - // delete all other backends - _storageBackends.remove(backend); - unregisterStorageBackends(); - connect(storage, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); - } - _storage = storage; - return true; + connect(storage.get(), SIGNAL(dbUpgradeInProgress(bool)), this, SIGNAL(dbUpgradeInProgress(bool))); + + Storage::State storageState = storage->init(settings, environment, loadFromEnvironment); + switch (storageState) { + case Storage::NeedsSetup: + if (!setup) + return false; // trigger setup process + if (storage->setup(settings, environment, loadFromEnvironment)) + return initStorage(backend, settings, environment, loadFromEnvironment, false); + return false; + + // if initialization wasn't successful, we quit to keep from coming up unconfigured + case Storage::NotAvailable: + qCritical() << "FATAL: Selected storage backend is not available:" << backend; + if (!setup) { + QCoreApplication::exit(EXIT_FAILURE); + } + return false; + + case Storage::IsReady: + // delete all other backends + _registeredStorageBackends.clear(); + connect(storage.get(), SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &)), + this, SIGNAL(bufferInfoUpdated(UserId, const BufferInfo &))); + break; + } + _storage = std::move(storage); + return true; } -bool Core::initStorage(QVariantMap dbSettings, bool setup) { - return initStorage(dbSettings["Backend"].toString(), dbSettings["ConnectionProperties"].toMap(), setup); + +void Core::syncStorage() +{ + if (_storage) + _storage->sync(); } -void Core::syncStorage() { - if(_storage) - _storage->sync(); +/*** Storage Access ***/ +bool Core::createNetwork(UserId user, NetworkInfo &info) +{ + NetworkId networkId = instance()->_storage->createNetwork(user, info); + if (!networkId.isValid()) + return false; + + info.networkId = networkId; + return true; } -/*** Storage Access ***/ -bool Core::createNetwork(UserId user, NetworkInfo &info) { - NetworkId networkId = instance()->_storage->createNetwork(user, info); - if(!networkId.isValid()) - return false; - info.networkId = networkId; - return true; +/*** Authenticators ***/ + +// Authentication handling, now independent from storage. +template +void Core::registerAuthenticator() +{ + auto authenticator = makeDeferredShared(this); + if (authenticator->isAvailable()) + _registeredAuthenticators.emplace_back(std::move(authenticator)); + else + authenticator->deleteLater(); } -/*** Network Management ***/ -bool Core::startListening() { - // in mono mode we only start a local port if a port is specified in the cli call - if(Quassel::runMode() == Quassel::Monolithic && !Quassel::isOptionSet("port")) - return true; +void Core::registerAuthenticators() +{ + if (_registeredAuthenticators.empty()) { + registerAuthenticator(); +#ifdef HAVE_LDAP + registerAuthenticator(); +#endif + } +} - bool success = false; - uint port = Quassel::optionValue("port").toUInt(); - - const QString listen = Quassel::optionValue("listen"); - const QStringList listen_list = listen.split(",", QString::SkipEmptyParts); - if(listen_list.size() > 0) { - foreach (const QString listen_term, listen_list) { // TODO: handle multiple interfaces for same TCP version gracefully - QHostAddress addr; - if(!addr.setAddress(listen_term)) { - qCritical() << qPrintable( - tr("Invalid listen address %1") - .arg(listen_term) - ); - } else { - switch(addr.protocol()) { - case QAbstractSocket::IPv4Protocol: - if(_server.listen(addr, port)) { - quInfo() << qPrintable( - tr("Listening for GUI clients on IPv4 %1 port %2 using protocol version %3") - .arg(addr.toString()) - .arg(_server.serverPort()) - .arg(Quassel::buildInfo().protocolVersion) - ); - success = true; - } else - quWarning() << qPrintable( - tr("Could not open IPv4 interface %1:%2: %3") - .arg(addr.toString()) - .arg(port) - .arg(_server.errorString())); - break; - case QAbstractSocket::IPv6Protocol: - if(_v6server.listen(addr, port)) { - quInfo() << qPrintable( - tr("Listening for GUI clients on IPv6 %1 port %2 using protocol version %3") - .arg(addr.toString()) - .arg(_v6server.serverPort()) - .arg(Quassel::buildInfo().protocolVersion) - ); - success = true; - } else { - // if v4 succeeded on Any, the port will be already in use - don't display the error then - // FIXME: handle this more sanely, make sure we can listen to both v4 and v6 by default! - if(!success || _v6server.serverError() != QAbstractSocket::AddressInUseError) - quWarning() << qPrintable( - tr("Could not open IPv6 interface %1:%2: %3") - .arg(addr.toString()) - .arg(port) - .arg(_v6server.errorString())); - } - break; - default: - qCritical() << qPrintable( - tr("Invalid listen address %1, unknown network protocol") - .arg(listen_term) - ); - break; + +DeferredSharedPtr Core::authenticator(const QString &backendId) const +{ + auto it = std::find_if(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + [backendId](const DeferredSharedPtr &authenticator) { + return authenticator->backendId() == backendId; + }); + return it != _registeredAuthenticators.end() ? *it : nullptr; +} + + +// FIXME: Apparently, this is the legacy way of initting storage backends? +// If there's a not-legacy way, it should be used here +bool Core::initAuthenticator(const QString &backend, const QVariantMap &settings, + const QProcessEnvironment &environment, bool loadFromEnvironment, + bool setup) +{ + if (backend.isEmpty()) { + quWarning() << "No authenticator selected!"; + return false; + } + + auto auth = authenticator(backend); + if (!auth) { + qCritical() << "Selected auth backend is not available:" << backend; + return false; + } + + Authenticator::State authState = auth->init(settings, environment, loadFromEnvironment); + switch (authState) { + case Authenticator::NeedsSetup: + if (!setup) + return false; // trigger setup process + if (auth->setup(settings, environment, loadFromEnvironment)) + return initAuthenticator(backend, settings, environment, loadFromEnvironment, false); + return false; + + // if initialization wasn't successful, we quit to keep from coming up unconfigured + case Authenticator::NotAvailable: + qCritical() << "FATAL: Selected auth backend is not available:" << backend; + if (!setup) { + QCoreApplication::exit(EXIT_FAILURE); } - } - } - } - if(!success) - quError() << qPrintable(tr("Could not open any network interfaces to listen on!")); - - return success; -} - -void Core::stopListening(const QString &reason) { - bool wasListening = false; - if(_server.isListening()) { - wasListening = true; - _server.close(); - } - if(_v6server.isListening()) { - wasListening = true; - _v6server.close(); - } - if(wasListening) { - if(reason.isEmpty()) - quInfo() << "No longer listening for GUI clients."; - else - quInfo() << qPrintable(reason); - } -} - -void Core::incomingConnection() { - QTcpServer *server = qobject_cast(sender()); - Q_ASSERT(server); - while(server->hasPendingConnections()) { - QTcpSocket *socket = server->nextPendingConnection(); - connect(socket, SIGNAL(disconnected()), this, SLOT(clientDisconnected())); - connect(socket, SIGNAL(readyRead()), this, SLOT(clientHasData())); - connect(socket, SIGNAL(error(QAbstractSocket::SocketError)), this, SLOT(socketError(QAbstractSocket::SocketError))); - - QVariantMap clientInfo; - blocksizes.insert(socket, (quint32)0); - quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString()); - - if(!_configured) { - stopListening(tr("Closing server for basic setup.")); - } - } -} - -void Core::clientHasData() { - QTcpSocket *socket = dynamic_cast(sender()); - Q_ASSERT(socket && blocksizes.contains(socket)); - QVariant item; - while(SignalProxy::readDataFromDevice(socket, blocksizes[socket], item)) { - QVariantMap msg = item.toMap(); - processClientMessage(socket, msg); - if(!blocksizes.contains(socket)) break; // this socket is no longer ours to handle! - } -} - -void Core::processClientMessage(QTcpSocket *socket, const QVariantMap &msg) { - if(!msg.contains("MsgType")) { - // Client is way too old, does not even use the current init format - qWarning() << qPrintable(tr("Antique client trying to connect... refusing.")); - socket->close(); - return; - } - // OK, so we have at least an init message format we can understand - if(msg["MsgType"] == "ClientInit") { - QVariantMap reply; - - // Just version information -- check it! - uint ver = msg["ProtocolVersion"].toUInt(); - if(ver < Quassel::buildInfo().coreNeedsProtocol) { - reply["MsgType"] = "ClientInitReject"; - reply["Error"] = tr("Your Quassel Client is too old!
" - "This core needs at least client/core protocol version %1.
" - "Please consider upgrading your client.").arg(Quassel::buildInfo().coreNeedsProtocol); - SignalProxy::writeDataToDevice(socket, reply); - qWarning() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("too old, rejecting.")); - socket->close(); return; - } - - reply["CoreVersion"] = Quassel::buildInfo().fancyVersionString; - reply["CoreDate"] = Quassel::buildInfo().buildDate; - reply["ProtocolVersion"] = Quassel::buildInfo().protocolVersion; - // TODO: Make the core info configurable - int uptime = startTime().secsTo(QDateTime::currentDateTime().toUTC()); - int updays = uptime / 86400; uptime %= 86400; - int uphours = uptime / 3600; uptime %= 3600; - int upmins = uptime / 60; - reply["CoreInfo"] = tr("Quassel Core Version %1
" - "Built: %2
" - "Up %3d%4h%5m (since %6)").arg(Quassel::buildInfo().fancyVersionString) - .arg(Quassel::buildInfo().buildDate) - .arg(updays).arg(uphours,2,10,QChar('0')).arg(upmins,2,10,QChar('0')).arg(startTime().toString(Qt::TextDate)); + return false; + case Authenticator::IsReady: + // delete all other backends + _registeredAuthenticators.clear(); + break; + } + _authenticator = std::move(auth); + return true; +} + + +/*** Network Management ***/ + +bool Core::sslSupported() +{ #ifdef HAVE_SSL - SslServer *sslServer = qobject_cast(&_server); - QSslSocket *sslSocket = qobject_cast(socket); - bool supportSsl = (bool)sslServer && (bool)sslSocket && sslServer->isCertValid(); + SslServer *sslServer = qobject_cast(&instance()->_server); + return sslServer && sslServer->isCertValid(); #else - bool supportSsl = false; + return false; #endif +} + + +bool Core::reloadCerts() +{ +#ifdef HAVE_SSL + SslServer *sslServerv4 = qobject_cast(&_server); + bool retv4 = sslServerv4->reloadCerts(); + + SslServer *sslServerv6 = qobject_cast(&_v6server); + bool retv6 = sslServerv6->reloadCerts(); -#ifndef QT_NO_COMPRESS - bool supportsCompression = true; + return retv4 && retv6; #else - bool supportsCompression = false; + // SSL not supported, don't mark configuration reload as failed + return true; #endif +} - reply["SupportSsl"] = supportSsl; - reply["SupportsCompression"] = supportsCompression; - // switch to ssl/compression after client has been informed about our capabilities (see below) - reply["LoginEnabled"] = true; +void Core::cacheSysIdent() +{ + if (isConfigured()) { + _authUserNames = _storage->getAllAuthUserNames(); + } +} - // check if we are configured, start wizard otherwise - if(!_configured) { - reply["Configured"] = false; - QList backends; - foreach(Storage *backend, _storageBackends.values()) { - QVariantMap v; - v["DisplayName"] = backend->displayName(); - v["Description"] = backend->description(); - v["SetupKeys"] = backend->setupKeys(); - v["SetupDefaults"] = backend->setupDefaults(); - backends.append(v); - } - reply["StorageBackends"] = backends; - reply["LoginEnabled"] = false; - } else { - reply["Configured"] = true; + +QString Core::strictSysIdent(UserId user) const +{ + if (_authUserNames.contains(user)) { + return _authUserNames[user]; } - clientInfo[socket] = msg; // store for future reference - reply["MsgType"] = "ClientInitAck"; - SignalProxy::writeDataToDevice(socket, reply); - socket->flush(); // ensure that the write cache is flushed before we switch to ssl -#ifdef HAVE_SSL - // after we told the client that we are ssl capable we switch to ssl mode - if(supportSsl && msg["UseSsl"].toBool()) { - qDebug() << qPrintable(tr("Starting TLS for Client:")) << qPrintable(socket->peerAddress().toString()); - connect(sslSocket, SIGNAL(sslErrors(const QList &)), this, SLOT(sslErrors(const QList &))); - sslSocket->startServerEncryption(); + // A new user got added since we last pulled our cache from the database. + // There's no way to avoid a database hit - we don't even know the authname! + instance()->cacheSysIdent(); + + if (_authUserNames.contains(user)) { + return _authUserNames[user]; } -#endif -#ifndef QT_NO_COMPRESS - if(supportsCompression && msg["UseCompression"].toBool()) { - socket->setProperty("UseCompression", true); - qDebug() << "Using compression for Client:" << qPrintable(socket->peerAddress().toString()); + // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?) + qWarning().nospace() << "Unable to find authusername for UserId " << user << ", this should never happen!"; + return "unknown"; // Should we just terminate the program instead? +} + + +bool Core::startListening() +{ + // in mono mode we only start a local port if a port is specified in the cli call + if (Quassel::runMode() == Quassel::Monolithic && !Quassel::isOptionSet("port")) + return true; + + bool success = false; + uint port = Quassel::optionValue("port").toUInt(); + + const QString listen = Quassel::optionValue("listen"); + const QStringList listen_list = listen.split(",", QString::SkipEmptyParts); + if (listen_list.size() > 0) { + foreach(const QString listen_term, listen_list) { // TODO: handle multiple interfaces for same TCP version gracefully + QHostAddress addr; + if (!addr.setAddress(listen_term)) { + qCritical() << qPrintable( + tr("Invalid listen address %1") + .arg(listen_term) + ); + } + else { + switch (addr.protocol()) { + case QAbstractSocket::IPv6Protocol: + if (_v6server.listen(addr, port)) { + quInfo() << qPrintable( + tr("Listening for GUI clients on IPv6 %1 port %2 using protocol version %3") + .arg(addr.toString()) + .arg(_v6server.serverPort()) + .arg(Quassel::buildInfo().protocolVersion) + ); + success = true; + } + else + quWarning() << qPrintable( + tr("Could not open IPv6 interface %1:%2: %3") + .arg(addr.toString()) + .arg(port) + .arg(_v6server.errorString())); + break; + case QAbstractSocket::IPv4Protocol: + if (_server.listen(addr, port)) { + quInfo() << qPrintable( + tr("Listening for GUI clients on IPv4 %1 port %2 using protocol version %3") + .arg(addr.toString()) + .arg(_server.serverPort()) + .arg(Quassel::buildInfo().protocolVersion) + ); + success = true; + } + else { + // if v6 succeeded on Any, the port will be already in use - don't display the error then + if (!success || _server.serverError() != QAbstractSocket::AddressInUseError) + quWarning() << qPrintable( + tr("Could not open IPv4 interface %1:%2: %3") + .arg(addr.toString()) + .arg(port) + .arg(_server.errorString())); + } + break; + default: + qCritical() << qPrintable( + tr("Invalid listen address %1, unknown network protocol") + .arg(listen_term) + ); + break; + } + } + } } -#endif + if (!success) + quError() << qPrintable(tr("Could not open any network interfaces to listen on!")); - } else { - // for the rest, we need an initialized connection - if(!clientInfo.contains(socket)) { - QVariantMap reply; - reply["MsgType"] = "ClientLoginReject"; - reply["Error"] = tr("Client not initialized!
You need to send an init message before trying to login."); - SignalProxy::writeDataToDevice(socket, reply); - qWarning() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("did not send an init message before trying to login, rejecting.")); - socket->close(); return; - } - if(msg["MsgType"] == "CoreSetupData") { - QVariantMap reply; - QString result = setupCore(msg["SetupData"].toMap()); - if(!result.isEmpty()) { - reply["MsgType"] = "CoreSetupReject"; - reply["Error"] = result; - } else { - reply["MsgType"] = "CoreSetupAck"; - } - SignalProxy::writeDataToDevice(socket, reply); - } else if(msg["MsgType"] == "ClientLogin") { - QVariantMap reply; - UserId uid = _storage->validateUser(msg["User"].toString(), msg["Password"].toString()); - if(uid == 0) { - reply["MsgType"] = "ClientLoginReject"; - reply["Error"] = tr("Invalid username or password!
The username/password combination you supplied could not be found in the database."); - SignalProxy::writeDataToDevice(socket, reply); - return; - } - reply["MsgType"] = "ClientLoginAck"; - SignalProxy::writeDataToDevice(socket, reply); - quInfo() << qPrintable(tr("Client")) << qPrintable(socket->peerAddress().toString()) << qPrintable(tr("initialized and authenticated successfully as \"%1\" (UserId: %2).").arg(msg["User"].toString()).arg(uid.toInt())); - setupClientSession(socket, uid); + if (_identServer) { + _identServer->startListening(); } - } + + return success; } + +void Core::stopListening(const QString &reason) +{ + if (_identServer) { + _identServer->stopListening(reason); + } + + bool wasListening = false; + if (_server.isListening()) { + wasListening = true; + _server.close(); + } + if (_v6server.isListening()) { + wasListening = true; + _v6server.close(); + } + if (wasListening) { + if (reason.isEmpty()) + quInfo() << "No longer listening for GUI clients."; + else + quInfo() << qPrintable(reason); + } +} + + +void Core::incomingConnection() +{ + QTcpServer *server = qobject_cast(sender()); + Q_ASSERT(server); + while (server->hasPendingConnections()) { + QTcpSocket *socket = server->nextPendingConnection(); + + CoreAuthHandler *handler = new CoreAuthHandler(socket, this); + _connectingClients.insert(handler); + + connect(handler, SIGNAL(disconnected()), SLOT(clientDisconnected())); + connect(handler, SIGNAL(socketError(QAbstractSocket::SocketError,QString)), SLOT(socketError(QAbstractSocket::SocketError,QString))); + connect(handler, SIGNAL(handshakeComplete(RemotePeer*,UserId)), SLOT(setupClientSession(RemotePeer*,UserId))); + + quInfo() << qPrintable(tr("Client connected from")) << qPrintable(socket->peerAddress().toString()); + + if (!_configured) { + stopListening(tr("Closing server for basic setup.")); + } + } +} + + // Potentially called during the initialization phase (before handing the connection off to the session) -void Core::clientDisconnected() { - QTcpSocket *socket = qobject_cast(sender()); - if(socket) { - // here it's safe to call methods on socket! - quInfo() << qPrintable(tr("Non-authed client disconnected.")) << qPrintable(socket->peerAddress().toString()); - blocksizes.remove(socket); - clientInfo.remove(socket); - socket->deleteLater(); - } else { - // we have to crawl through the hashes and see if we find a victim to remove - qDebug() << qPrintable(tr("Non-authed client disconnected. (socket allready destroyed)")); - - // DO NOT CALL ANY METHODS ON socket!! - socket = static_cast(sender()); - - QHash::iterator blockSizeIter = blocksizes.begin(); - while(blockSizeIter != blocksizes.end()) { - if(blockSizeIter.key() == socket) { - blockSizeIter = blocksizes.erase(blockSizeIter); - } else { - blockSizeIter++; - } - } - - QHash::iterator clientInfoIter = clientInfo.begin(); - while(clientInfoIter != clientInfo.end()) { - if(clientInfoIter.key() == socket) { - clientInfoIter = clientInfo.erase(clientInfoIter); - } else { - clientInfoIter++; - } - } - } - - - // make server listen again if still not configured - if (!_configured) { - startListening(); - } - - // TODO remove unneeded sessions - if necessary/possible... - // Suggestion: kill sessions if they are not connected to any network and client. -} - -void Core::setupClientSession(QTcpSocket *socket, UserId uid) { - // Find or create session for validated user - SessionThread *sess; - if(sessions.contains(uid)) sess = sessions[uid]; - else sess = createSession(uid); - // Hand over socket, session then sends state itself - disconnect(socket, 0, this, 0); - socket->flush(); // ensure that the write cache is flushed before we hand over the connection to another thread. - blocksizes.remove(socket); - clientInfo.remove(socket); - if(!sess) { - qWarning() << qPrintable(tr("Could not initialize session for client:")) << qPrintable(socket->peerAddress().toString()); - socket->close(); - } - sess->addClient(socket); -} - -void Core::setupInternalClientSession(SignalProxy *proxy) { - if(!_configured) { - stopListening(); - setupCoreForInternalUsage(); - } - - UserId uid; - if(_storage) { - uid = _storage->internalUser(); - } else { - qWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; - return; - } - - // Find or create session for validated user - SessionThread *sess; - if(sessions.contains(uid)) - sess = sessions[uid]; - else - sess = createSession(uid); - sess->addClient(proxy); -} - -SessionThread *Core::createSession(UserId uid, bool restore) { - if(sessions.contains(uid)) { - qWarning() << "Calling createSession() when a session for the user already exists!"; - return 0; - } - SessionThread *sess = new SessionThread(uid, restore, this); - sessions[uid] = sess; - sess->start(); - return sess; +void Core::clientDisconnected() +{ + CoreAuthHandler *handler = qobject_cast(sender()); + Q_ASSERT(handler); + + quInfo() << qPrintable(tr("Non-authed client disconnected:")) << qPrintable(handler->socket()->peerAddress().toString()); + _connectingClients.remove(handler); + handler->deleteLater(); + + // make server listen again if still not configured + if (!_configured) { + startListening(); + } + + // TODO remove unneeded sessions - if necessary/possible... + // Suggestion: kill sessions if they are not connected to any network and client. } -#ifdef HAVE_SSL -void Core::sslErrors(const QList &errors) { - Q_UNUSED(errors); - QSslSocket *socket = qobject_cast(sender()); - if(socket) - socket->ignoreSslErrors(); + +void Core::setupClientSession(RemotePeer *peer, UserId uid) +{ + CoreAuthHandler *handler = qobject_cast(sender()); + Q_ASSERT(handler); + + // From now on everything is handled by the client session + disconnect(handler, 0, this, 0); + _connectingClients.remove(handler); + handler->deleteLater(); + + // Find or create session for validated user + sessionForUser(uid); + + // as we are currently handling an event triggered by incoming data on this socket + // it is unsafe to directly move the socket to the client thread. + QCoreApplication::postEvent(this, new AddClientEvent(peer, uid)); } -#endif -void Core::socketError(QAbstractSocket::SocketError err) { - QAbstractSocket *socket = qobject_cast(sender()); - if(socket && err != QAbstractSocket::RemoteHostClosedError) - qWarning() << "Core::socketError()" << socket << err << socket->errorString(); + +void Core::customEvent(QEvent *event) +{ + if (event->type() == AddClientEventId) { + AddClientEvent *addClientEvent = static_cast(event); + addClientHelper(addClientEvent->peer, addClientEvent->userId); + return; + } +} + + +void Core::addClientHelper(RemotePeer *peer, UserId uid) +{ + // Find or create session for validated user + SessionThread *session = sessionForUser(uid); + session->addClient(peer); +} + + +void Core::connectInternalPeer(QPointer peer) +{ + if (_initialized && peer) { + setupInternalClientSession(peer); + } + else { + _pendingInternalConnection = peer; + } +} + + +void Core::setupInternalClientSession(QPointer clientPeer) +{ + if (!_configured) { + stopListening(); + setupCoreForInternalUsage(); + } + + UserId uid; + if (_storage) { + uid = _storage->internalUser(); + } + else { + quWarning() << "Core::setupInternalClientSession(): You're trying to run monolithic Quassel with an unusable Backend! Go fix it!"; + QCoreApplication::exit(EXIT_FAILURE); + return; + } + + if (!clientPeer) { + quWarning() << "Client peer went away, not starting a session"; + return; + } + + InternalPeer *corePeer = new InternalPeer(this); + corePeer->setPeer(clientPeer); + clientPeer->setPeer(corePeer); + + // Find or create session for validated user + SessionThread *sessionThread = sessionForUser(uid); + sessionThread->addClient(corePeer); +} + + +SessionThread *Core::sessionForUser(UserId uid, bool restore) +{ + if (_sessions.contains(uid)) + return _sessions[uid]; + + SessionThread *session = new SessionThread(uid, restore, strictIdentEnabled(), this); + _sessions[uid] = session; + session->start(); + return session; +} + + +void Core::socketError(QAbstractSocket::SocketError err, const QString &errorString) +{ + quWarning() << QString("Socket error %1: %2").arg(err).arg(errorString); +} + + +QVariantList Core::backendInfo() +{ + instance()->registerStorageBackends(); + + QVariantList backendInfos; + for (auto &&backend : instance()->_registeredStorageBackends) { + QVariantMap v; + v["BackendId"] = backend->backendId(); + v["DisplayName"] = backend->displayName(); + v["Description"] = backend->description(); + v["SetupData"] = backend->setupData(); // ignored by legacy clients + + // TODO Protocol Break: Remove legacy (cf. authenticatorInfo()) + const auto &setupData = backend->setupData(); + QStringList setupKeys; + QVariantMap setupDefaults; + for (int i = 0; i + 2 < setupData.size(); i += 3) { + setupKeys << setupData[i].toString(); + setupDefaults[setupData[i].toString()] = setupData[i + 2]; + } + v["SetupKeys"] = setupKeys; + v["SetupDefaults"] = setupDefaults; + // TODO Protocol Break: Remove + v["IsDefault"] = (backend->backendId() == "SQLite"); // newer clients will just use the first in the list + + backendInfos << v; + } + return backendInfos; +} + + +QVariantList Core::authenticatorInfo() +{ + instance()->registerAuthenticators(); + + QVariantList authInfos; + for(auto &&backend : instance()->_registeredAuthenticators) { + QVariantMap v; + v["BackendId"] = backend->backendId(); + v["DisplayName"] = backend->displayName(); + v["Description"] = backend->description(); + v["SetupData"] = backend->setupData(); + authInfos << v; + } + return authInfos; } // migration / backend selection -bool Core::selectBackend(const QString &backend) { - // reregister all storage backends - registerStorageBackends(); - if(!_storageBackends.contains(backend)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unsupported backend: %1").arg(backend)); - qWarning() << " supported backends are:" << qPrintable(QStringList(_storageBackends.keys()).join(", ")); - return false; - } +bool Core::selectBackend(const QString &backend) +{ + // reregister all storage backends + registerStorageBackends(); + auto storage = storageBackend(backend); + if (!storage) { + QStringList backends; + std::transform(_registeredStorageBackends.begin(), _registeredStorageBackends.end(), + std::back_inserter(backends), [](const DeferredSharedPtr& backend) { + return backend->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported storage backend: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported backends are:")) << qPrintable(backends.join(", ")); + return false; + } + + QVariantMap settings = promptForSettings(storage.get()); + + Storage::State storageState = storage->init(settings); + switch (storageState) { + case Storage::IsReady: + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); + quWarning() << qPrintable(tr("Backend already initialized. Skipping Migration...")); + return true; + case Storage::NotAvailable: + qCritical() << qPrintable(tr("Storage backend is not available: %1").arg(backend)); + return false; + case Storage::NeedsSetup: + if (!storage->setup(settings)) { + quWarning() << qPrintable(tr("Unable to setup storage backend: %1").arg(backend)); + return false; + } + + if (storage->init(settings) != Storage::IsReady) { + quWarning() << qPrintable(tr("Unable to initialize storage backend: %1").arg(backend)); + return false; + } + + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + } + quWarning() << qPrintable(tr("Switched storage backend to: %1").arg(backend)); + break; + } - Storage *storage = _storageBackends[backend]; - QVariantMap settings = promptForSettings(storage); + // let's see if we have a current storage object we can migrate from + auto reader = getMigrationReader(_storage.get()); + auto writer = getMigrationWriter(storage.get()); + if (reader && writer) { + qDebug() << qPrintable(tr("Migrating storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); + _storage.reset(); + storage.reset(); + if (reader->migrateTo(writer.get())) { + qDebug() << "Migration finished!"; + qDebug() << qPrintable(tr("Migration finished!")); + if (!saveBackendSettings(backend, settings)) { + qCritical() << qPrintable(QString("Could not save backend settings, probably a permission problem.")); + return false; + } + return true; + } + quWarning() << qPrintable(tr("Unable to migrate storage backend! (No migration writer for %1)").arg(backend)); + return false; + } + + // inform the user why we cannot merge + if (!_storage) { + quWarning() << qPrintable(tr("No currently active storage backend. Skipping migration...")); + } + else if (!reader) { + quWarning() << qPrintable(tr("Currently active storage backend does not support migration: %1").arg(_storage->displayName())); + } + if (writer) { + quWarning() << qPrintable(tr("New storage backend does not support migration: %1").arg(backend)); + } - Storage::State storageState = storage->init(settings); - switch(storageState) { - case Storage::IsReady: - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); - qWarning() << "Backend already initialized. Skipping Migration"; + // so we were unable to merge, but let's create a user \o/ + _storage = std::move(storage); + createUser(); return true; - case Storage::NotAvailable: - qCritical() << "Backend is not available:" << qPrintable(backend); - return false; - case Storage::NeedsSetup: - if(!storage->setup(settings)) { - qWarning() << qPrintable(QString("Core::selectBackend(): unable to setup backend: %1").arg(backend)); - return false; - } - - if(storage->init(settings) != Storage::IsReady) { - qWarning() << qPrintable(QString("Core::migrateBackend(): unable to initialize backend: %1").arg(backend)); - return false; - } - - saveBackendSettings(backend, settings); - qWarning() << "Switched backend to:" << qPrintable(backend); - break; - } - - // let's see if we have a current storage object we can migrate from - AbstractSqlMigrationReader *reader = getMigrationReader(_storage); - AbstractSqlMigrationWriter *writer = getMigrationWriter(storage); - if(reader && writer) { - qDebug() << qPrintable(QString("Migrating Storage backend %1 to %2...").arg(_storage->displayName(), storage->displayName())); - delete _storage; - _storage = 0; - delete storage; - storage = 0; - if(reader->migrateTo(writer)) { - qDebug() << "Migration finished!"; - saveBackendSettings(backend, settings); - return true; +} + +// TODO: I am not sure if this function is implemented correctly. +// There is currently no concept of migraiton between auth backends. +bool Core::selectAuthenticator(const QString &backend) +{ + // Register all authentication backends. + registerAuthenticators(); + auto auther = authenticator(backend); + if (!auther) { + QStringList authenticators; + std::transform(_registeredAuthenticators.begin(), _registeredAuthenticators.end(), + std::back_inserter(authenticators), [](const DeferredSharedPtr& authenticator) { + return authenticator->displayName(); + }); + quWarning() << qPrintable(tr("Unsupported authenticator: %1").arg(backend)); + quWarning() << qPrintable(tr("Supported authenticators are:")) << qPrintable(authenticators.join(", ")); + return false; } - return false; - qWarning() << qPrintable(QString("Core::migrateDb(): unable to migrate storage backend! (No migration writer for %1)").arg(backend)); - } - - // inform the user why we cannot merge - if(!_storage) { - qWarning() << "No currently active backend. Skipping migration."; - } else if(!reader) { - qWarning() << "Currently active backend does not support migration:" << qPrintable(_storage->displayName()); - } - if(writer) { - qWarning() << "New backend does not support migration:" << qPrintable(backend); - } - - // so we were unable to merge, but let's create a user \o/ - _storage = storage; - createUser(); - return true; -} - -void Core::createUser() { - QTextStream out(stdout); - QTextStream in(stdin); - out << "Add a new user:" << endl; - out << "Username: "; - out.flush(); - QString username = in.readLine().trimmed(); - - disableStdInEcho(); - out << "Password: "; - out.flush(); - QString password = in.readLine().trimmed(); - out << endl; - out << "Repeat Password: "; - out.flush(); - QString password2 = in.readLine().trimmed(); - out << endl; - enableStdInEcho(); - - if(password != password2) { - qWarning() << "Passwords don't match!"; - return; - } - if(password.isEmpty()) { - qWarning() << "Password is empty!"; - return; - } - - if(_storage->addUser(username, password).isValid()) { - out << "Added user " << username << " successfully!" << endl; - } else { - qWarning() << "Unable to add user:" << qPrintable(username); - } -} - -void Core::changeUserPass(const QString &username) { - QTextStream out(stdout); - QTextStream in(stdin); - UserId userId = _storage->getUserId(username); - if(!userId.isValid()) { - out << "User " << username << " does not exist." << endl; - return; - } - - out << "Change password for user: " << username << endl; - - disableStdInEcho(); - out << "New Password: "; - out.flush(); - QString password = in.readLine().trimmed(); - out << endl; - out << "Repeat Password: "; - out.flush(); - QString password2 = in.readLine().trimmed(); - out << endl; - enableStdInEcho(); - - if(password != password2) { - qWarning() << "Passwords don't match!"; - return; - } - if(password.isEmpty()) { - qWarning() << "Password is empty!"; - return; - } - - if(_storage->updateUser(userId, password)) { - out << "Password changed successfuly!" << endl; - } else { - qWarning() << "Failed to change password!"; - } -} - -AbstractSqlMigrationReader *Core::getMigrationReader(Storage *storage) { - if(!storage) - return 0; - - AbstractSqlStorage *sqlStorage = qobject_cast(storage); - if(!sqlStorage) { - qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; - } - - return sqlStorage->createMigrationReader(); -} - -AbstractSqlMigrationWriter *Core::getMigrationWriter(Storage *storage) { - if(!storage) - return 0; - - AbstractSqlStorage *sqlStorage = qobject_cast(storage); - if(!sqlStorage) { - qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; - return 0; - } - - return sqlStorage->createMigrationWriter(); -} - -void Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) { - QVariantMap dbsettings; - dbsettings["Backend"] = backend; - dbsettings["ConnectionProperties"] = settings; - CoreSettings().setStorageSettings(dbsettings); -} - -QVariantMap Core::promptForSettings(const Storage *storage) { - QVariantMap settings; - - QStringList keys = storage->setupKeys(); - if(keys.isEmpty()) - return settings; - QTextStream out(stdout); - QTextStream in(stdin); - out << "Default values are in brackets" << endl; + QVariantMap settings = promptForSettings(auther.get()); + + Authenticator::State state = auther->init(settings); + switch (state) { + case Authenticator::IsReady: + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + return true; + case Authenticator::NotAvailable: + qCritical() << qPrintable(tr("Authenticator is not available: %1").arg(backend)); + return false; + case Authenticator::NeedsSetup: + if (!auther->setup(settings)) { + quWarning() << qPrintable(tr("Unable to setup authenticator: %1").arg(backend)); + return false; + } + + if (auther->init(settings) != Authenticator::IsReady) { + quWarning() << qPrintable(tr("Unable to initialize authenticator: %1").arg(backend)); + return false; + } + + saveAuthenticatorSettings(backend, settings); + quWarning() << qPrintable(tr("Switched authenticator to: %1").arg(backend)); + } + + _authenticator = std::move(auther); + return true; +} + + +bool Core::createUser() +{ + QTextStream out(stdout); + QTextStream in(stdin); + out << "Add a new user:" << endl; + out << "Username: "; + out.flush(); + QString username = in.readLine().trimmed(); + + disableStdInEcho(); + out << "Password: "; + out.flush(); + QString password = in.readLine().trimmed(); + out << endl; + out << "Repeat Password: "; + out.flush(); + QString password2 = in.readLine().trimmed(); + out << endl; + enableStdInEcho(); + + if (password != password2) { + quWarning() << "Passwords don't match!"; + return false; + } + if (password.isEmpty()) { + quWarning() << "Password is empty!"; + return false; + } - QVariantMap defaults = storage->setupDefaults(); - QString value; - foreach(QString key, keys) { - QVariant val; - if(defaults.contains(key)) { - val = defaults[key]; + if (_configured && _storage->addUser(username, password).isValid()) { + out << "Added user " << username << " successfully!" << endl; + return true; } - out << key; - if(!val.toString().isEmpty()) { - out << " (" << val.toString() << ")"; + else { + quWarning() << "Unable to add user:" << qPrintable(username); + return false; } - out << ": "; +} + + +bool Core::changeUserPass(const QString &username) +{ + QTextStream out(stdout); + QTextStream in(stdin); + UserId userId = _storage->getUserId(username); + if (!userId.isValid()) { + out << "User " << username << " does not exist." << endl; + return false; + } + + if (!canChangeUserPassword(userId)) { + out << "User " << username << " is configured through an auth provider that has forbidden manual password changing." << endl; + return false; + } + + out << "Change password for user: " << username << endl; + + disableStdInEcho(); + out << "New Password: "; out.flush(); + QString password = in.readLine().trimmed(); + out << endl; + out << "Repeat Password: "; + out.flush(); + QString password2 = in.readLine().trimmed(); + out << endl; + enableStdInEcho(); - bool noEcho = QString("password").toLower().startsWith(key.toLower()); - if(noEcho) { - disableStdInEcho(); + if (password != password2) { + quWarning() << "Passwords don't match!"; + return false; } - value = in.readLine().trimmed(); - if(noEcho) { - out << endl; - enableStdInEcho(); + if (password.isEmpty()) { + quWarning() << "Password is empty!"; + return false; } - if(!value.isEmpty()) { - switch(defaults[key].type()) { - case QVariant::Int: - val = QVariant(value.toInt()); - break; - default: - val = QVariant(value); - } + if (_configured && _storage->updateUser(userId, password)) { + out << "Password changed successfully!" << endl; + return true; + } + else { + quWarning() << "Failed to change password!"; + return false; } - settings[key] = val; - } - return settings; } -#ifdef Q_OS_WIN32 -void Core::stdInEcho(bool on) { - HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE); - DWORD mode = 0; - GetConsoleMode(hStdin, &mode); - if(on) - mode |= ENABLE_ECHO_INPUT; - else - mode &= ~ENABLE_ECHO_INPUT; - SetConsoleMode(hStdin, mode); +bool Core::changeUserPassword(UserId userId, const QString &password) +{ + if (!isConfigured() || !userId.isValid()) + return false; + + if (!canChangeUserPassword(userId)) + return false; + + return instance()->_storage->updateUser(userId, password); } + +// TODO: this code isn't currently 100% optimal because the core +// doesn't know it can have multiple auth providers configured (there aren't +// multiple auth providers at the moment anyway) and we have hardcoded the +// Database provider to be always allowed. +bool Core::canChangeUserPassword(UserId userId) +{ + QString authProvider = instance()->_storage->getUserAuthenticator(userId); + if (authProvider != "Database") { + if (authProvider != instance()->_authenticator->backendId()) { + return false; + } + else if (instance()->_authenticator->canChangePassword()) { + return false; + } + } + return true; +} + + +std::unique_ptr Core::getMigrationReader(Storage *storage) +{ + if (!storage) + return nullptr; + + AbstractSqlStorage *sqlStorage = qobject_cast(storage); + if (!sqlStorage) { + qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; + return nullptr; + } + + return sqlStorage->createMigrationReader(); +} + + +std::unique_ptr Core::getMigrationWriter(Storage *storage) +{ + if (!storage) + return nullptr; + + AbstractSqlStorage *sqlStorage = qobject_cast(storage); + if (!sqlStorage) { + qDebug() << "Core::migrateDb(): only SQL based backends can be migrated!"; + return nullptr; + } + + return sqlStorage->createMigrationWriter(); +} + + +bool Core::saveBackendSettings(const QString &backend, const QVariantMap &settings) +{ + QVariantMap dbsettings; + dbsettings["Backend"] = backend; + dbsettings["ConnectionProperties"] = settings; + CoreSettings s = CoreSettings(); + s.setStorageSettings(dbsettings); + return s.sync(); +} + + +void Core::saveAuthenticatorSettings(const QString &backend, const QVariantMap &settings) +{ + QVariantMap dbsettings; + dbsettings["Authenticator"] = backend; + dbsettings["AuthProperties"] = settings; + CoreSettings().setAuthSettings(dbsettings); +} + +// Generic version of promptForSettings that doesn't care what *type* of +// backend it runs over. +template +QVariantMap Core::promptForSettings(const Backend *backend) +{ + QVariantMap settings; + const QVariantList& setupData = backend->setupData(); + + if (setupData.isEmpty()) + return settings; + + QTextStream out(stdout); + QTextStream in(stdin); + out << "Default values are in brackets" << endl; + + for (int i = 0; i + 2 < setupData.size(); i += 3) { + QString key = setupData[i].toString(); + out << setupData[i+1].toString() << " [" << setupData[i+2].toString() << "]: " << flush; + + bool noEcho = key.toLower().contains("password"); + if (noEcho) { + disableStdInEcho(); + } + QString input = in.readLine().trimmed(); + if (noEcho) { + out << endl; + enableStdInEcho(); + } + + QVariant value{setupData[i+2]}; + if (!input.isEmpty()) { + switch (value.type()) { + case QVariant::Int: + value = input.toInt(); + break; + default: + value = input; + } + } + settings[key] = value; + } + return settings; +} + + +#ifdef Q_OS_WIN +void Core::stdInEcho(bool on) +{ + HANDLE hStdin = GetStdHandle(STD_INPUT_HANDLE); + DWORD mode = 0; + GetConsoleMode(hStdin, &mode); + if (on) + mode |= ENABLE_ECHO_INPUT; + else + mode &= ~ENABLE_ECHO_INPUT; + SetConsoleMode(hStdin, mode); +} + #else -void Core::stdInEcho(bool on) { - termios t; - tcgetattr(STDIN_FILENO, &t); - if(on) - t.c_lflag |= ECHO; - else - t.c_lflag &= ~ECHO; - tcsetattr(STDIN_FILENO, TCSANOW, &t); -} -#endif /* Q_OS_WIN32 */ +void Core::stdInEcho(bool on) +{ + termios t; + tcgetattr(STDIN_FILENO, &t); + if (on) + t.c_lflag |= ECHO; + else + t.c_lflag &= ~ECHO; + tcsetattr(STDIN_FILENO, TCSANOW, &t); +} + +#endif /* Q_OS_WIN */