X-Git-Url: https://git.quassel-irc.org/?p=quassel.git;a=blobdiff_plain;f=src%2Fcore%2Fcore.h;h=9971278ca45c3fd5e1611c63f2c388c8f4921e90;hp=aab2b84b0a115a18872cd8152cfff8ca6c9d718d;hb=e0f5fdf1fe6131d403fcaeaa0952e1042590e3e1;hpb=d980ae4852fc633213802565b9127c9966f9249b diff --git a/src/core/core.h b/src/core/core.h index aab2b84b..9971278c 100644 --- a/src/core/core.h +++ b/src/core/core.h @@ -1,5 +1,5 @@ /*************************************************************************** - * Copyright (C) 2005-2015 by the Quassel Project * + * Copyright (C) 2005-2016 by the Quassel Project * * devel@quassel-irc.org * * * * This program is free software; you can redistribute it and/or modify * @@ -34,6 +34,7 @@ # include #endif +#include "authenticator.h" #include "bufferinfo.h" #include "message.h" #include "oidentdconfiggenerator.h" @@ -74,6 +75,36 @@ public: return instance()->_storage->validateUser(userName, password); } + //! Authenticate user against auth backend + /** + * \param userName The user's login name + * \param password The user's uncrypted password + * \return The user's ID if valid; 0 otherwise + */ + static inline UserId authenticateUser(const QString &userName, const QString &password) { + return instance()->_authenticator->validateUser(userName, password); + } + + //! Add a new user, exposed so auth providers can call this without being the storage. + /** + * \param userName The user's login name + * \param password The user's uncrypted password + * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database". + * \return The user's ID if valid; 0 otherwise + */ + static inline UserId addUser(const QString &userName, const QString &password, const QString &authenticator = "Database") { + return instance()->_storage->addUser(userName, password, authenticator); + } + + //! Does a comparison test against the authenticator in the database and the authenticator currently in use for a UserID. + /** + * \param userid The user's ID (note: not login name). + * \param authenticator The name of the auth provider service used to log the user in, defaults to "Database". + * \return True if the userid was configured with the passed authenticator, false otherwise. + */ + static inline bool checkAuthProvider(const UserId userid, const QString &authenticator) { + return instance()->_storage->getUserAuthenticator(userid) == authenticator; + } //! Change a user's password /** @@ -83,6 +114,13 @@ public: */ static bool changeUserPassword(UserId userId, const QString &password); + //! Check if we can change a user password. + /** + * \param userID The user's ID + * \return true, if we can change their password, false otherwise + */ + static bool canChangeUserPassword(UserId userId); + //! Store a user setting persistently /** * \param userId The users Id @@ -494,9 +532,31 @@ public: static inline QDateTime startTime() { return instance()->_startTime; } static inline bool isConfigured() { return instance()->_configured; } static bool sslSupported(); + + /** + * Reloads SSL certificates used for connection with clients + * + * @return True if certificates reloaded successfully, otherwise false. + */ + static bool reloadCerts(); + static QVariantList backendInfo(); + static QVariantList authenticatorInfo(); - static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData); + /** + * Checks if a storage backend is the default storage backend. This + * hardcodes this information into the core (not the client). + * + * \param backend The backend to check. + * + * @return True if storage backend is default, false otherwise. + */ + static inline bool isStorageBackendDefault(const Storage *backend) + { + return (backend->displayName() == "SQLite") ? true : false; + } + + static QString setup(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap); static inline QTimer &syncTimer() { return instance()->_storageSyncTimer; } @@ -510,7 +570,7 @@ public slots: */ void syncStorage(); void setupInternalClientSession(InternalPeer *clientConnection); - QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData); + QString setupCore(const QString &adminUser, const QString &adminPassword, const QString &backend, const QVariantMap &setupData, const QString &authBackend, const QVariantMap &authSetupMap); signals: //! Sent when a BufferInfo is updated in storage. @@ -529,6 +589,7 @@ private slots: void clientDisconnected(); bool initStorage(const QString &backend, const QVariantMap &settings, bool setup = false); + bool initAuthenticator(const QString &backend, const QVariantMap &settings, bool setup = false); void socketError(QAbstractSocket::SocketError err, const QString &errorString); void setupClientSession(RemotePeer *, UserId); @@ -550,15 +611,25 @@ private: bool registerStorageBackend(Storage *); void unregisterStorageBackends(); void unregisterStorageBackend(Storage *); + + void registerAuthenticatorBackends(); + bool registerAuthenticatorBackend(Authenticator *); + void unregisterAuthenticatorBackends(); + void unregisterAuthenticatorBackend(Authenticator *); + bool selectBackend(const QString &backend); bool createUser(); - void saveBackendSettings(const QString &backend, const QVariantMap &settings); + bool saveBackendSettings(const QString &backend, const QVariantMap &settings); + void saveAuthBackendSettings(const QString &backend, const QVariantMap &settings); QVariantMap promptForSettings(const Storage *storage); private: QSet _connectingClients; QHash _sessions; + + // Have both a storage backend and an authenticator backend. Storage *_storage; + Authenticator *_authenticator; QTimer _storageSyncTimer; #ifdef HAVE_SSL @@ -570,6 +641,7 @@ private: OidentdConfigGenerator *_oidentdConfigGenerator; QHash _storageBackends; + QHash _authenticatorBackends; QDateTime _startTime;