--- /dev/null
+SELECT userid, username
+FROM quasseluser;
--- /dev/null
+SELECT userid, username
+FROM quasseluser;
connect(&_v6server, SIGNAL(newConnection()), this, SLOT(incomingConnection()));
if (!startListening()) exit(1); // TODO make this less brutal
- if (Quassel::isOptionSet("oidentd"))
+ if (Quassel::isOptionSet("oidentd")) {
_oidentdConfigGenerator = new OidentdConfigGenerator(Quassel::isOptionSet("oidentd-strict"), this);
+ if (Quassel::isOptionSet("oidentd-strict")) {
+ cacheSysident();
+ }
+ }
}
quInfo() << qPrintable(tr("Creating admin user..."));
_storage->addUser(adminUser, adminPassword);
+ cacheSysident();
startListening(); // TODO check when we need this
return QString();
}
#endif
}
+void Core::cacheSysident() {
+ if(isConfigured()) {
+ instance()->_authusernames = instance()->_storage->getAllAuthusernames();
+ }
+}
+
+QString Core::strictSysident(UserId user) {
+ QMap<UserId, QString> *allAuthusernames = &instance()->_authusernames;
+ auto authusername = allAuthusernames->find(user);
+ if (authusername == allAuthusernames->end()) {
+ // A new user got added since we last pulled our cache from the database.
+ // There's no way to avoid a database hit - we don't even know the authname!
+ cacheSysident();
+ authusername = allAuthusernames->find(user);
+ if (authusername == allAuthusernames->end()) {
+ // ...something very weird is going on if we ended up here (an active CoreSession without a corresponding database entry?)
+ QDebug d = qWarning();
+ d << "Unable to find authusername for UserId" << user;
+ d.nospace();
+ d << ", this should never happen!";
+ return "unknown"; // Should we just terminate the program instead?
+ }
+ }
+ return *authusername;
+}
bool Core::startListening()
{
return instance()->_storage->getAuthusername(user);
}
+ //! Get a usable sysident for the given user in oidentd-strict mode
+ /** \param user The user to retrieve the sysident for
+ * \return The authusername
+ */
+ QString strictSysident(UserId user);
+
//! Get a Hash of all last seen message ids
/** This Method is called when the Quassel Core is started to restore the lastSeenMsgIds
*/
static bool reloadCerts();
+ static void cacheSysident();
+
static QVariantList backendInfo();
static QVariantList authenticatorInfo();
DeferredSharedPtr<Storage> _storage; ///< Active storage backend
DeferredSharedPtr<Authenticator> _authenticator; ///< Active authenticator
QTimer _storageSyncTimer;
+ QMap<UserId, QString> _authusernames;
#ifdef HAVE_SSL
SslServer _server, _v6server;
_coreCreated = true;
Quassel::registerReloadHandler([]() {
- // Currently, only reloading SSL certificates is supported
+ // Currently, only reloading SSL certificates and the sysident cache is supported
+ Core::cacheSysident();
return Core::reloadCerts();
});
}
const QString CoreSession::strictSysident() {
- const QString authusername = Core::getAuthusername(_user);
- return authusername;
+ return Core::instance()->strictSysident(_user);
}
void CoreSession::createIdentity(const CoreIdentity &identity)
return messagelist;
}
+QMap<UserId, QString> PostgreSqlStorage::getAllAuthusernames() {
+ QMap<UserId, QString> authusernames;
+ QSqlQuery query(logDb());
+ query.prepare(queryString("select_all_authusernames"));
+ safeExec(query);
+ watchQuery(query);
+
+ while (query.next()) {
+ authusernames[query.value(0).toInt()] = query.value(1).toString();
+ }
+ return authusernames;
+}
+
const QString PostgreSqlStorage::getAuthusername(UserId user) {
QString authusername;
QSqlQuery query(logDb());
QList<Message> requestAllMsgs(UserId user, MsgId first = -1, MsgId last = -1, int limit = -1) override;
/* Sysident handling */
+ virtual QMap<UserId, QString> getAllAuthusernames();
virtual const QString getAuthusername(UserId user);
protected:
<file>./SQL/PostgreSQL/migrate_write_quasseluser.sql</file>
<file>./SQL/PostgreSQL/migrate_write_sender.sql</file>
<file>./SQL/PostgreSQL/migrate_write_usersetting.sql</file>
+ <file>./SQL/PostgreSQL/select_all_authusernames.sql</file>
<file>./SQL/PostgreSQL/select_authenticator.sql</file>
<file>./SQL/PostgreSQL/select_authuser.sql</file>
<file>./SQL/PostgreSQL/select_authusername.sql</file>
<file>./SQL/SQLite/migrate_read_quasseluser.sql</file>
<file>./SQL/SQLite/migrate_read_sender.sql</file>
<file>./SQL/SQLite/migrate_read_usersetting.sql</file>
+ <file>./SQL/SQLite/select_all_authusernames.sql</file>
<file>./SQL/SQLite/select_authenticator.sql</file>
<file>./SQL/SQLite/select_authuser.sql</file>
<file>./SQL/SQLite/select_authusername.sql</file>
return messagelist;
}
+QMap<UserId, QString> SqliteStorage::getAllAuthusernames()
+{
+ QMap<UserId, QString> authusernames;
+
+ QSqlDatabase db = logDb();
+ db.transaction();
+ {
+ QSqlQuery query(db);
+ query.prepare(queryString("select_all_authusernames"));
+
+ lockForRead();
+ safeExec(query);
+ watchQuery(query);
+ while (query.next()) {
+ authusernames[query.value(0).toInt()] = query.value(1).toString();
+ }
+ }
+ db.commit();
+ unlock();
+ return authusernames;
+}
+
const QString SqliteStorage::getAuthusername(UserId user) {
QString authusername;
QSqlQuery query(logDb());
QList<Message> requestAllMsgs(UserId user, MsgId first = -1, MsgId last = -1, int limit = -1) override;
/* Sysident handling */
+ virtual QMap<UserId, QString> getAllAuthusernames();
virtual const QString getAuthusername(UserId user);
protected:
*/
virtual QList<Message> requestAllMsgs(UserId user, MsgId first = -1, MsgId last = -1, int limit = -1) = 0;
+ //! Fetch all authusernames
+ /** \return Map of all current UserIds to permitted idents
+ */
+ virtual QMap<UserId, QString> getAllAuthusernames() = 0;
+
//! Get the auth username associated with a userId
/** \param user The user to retrieve the username for
* \return The username for the user