---

BDBSecurityPlugin.h

/*
   Copyright (C) 2002 the Strongroom project

   This library is free software; you can redistribute it and/or
   modify it under the terms of the GNU Lesser General Public
   License as published by the Free Software Foundation; either
   version 2.1 of the License, or (at your option) any later version.

   The definition of the security module.
   @author Denis de Leeuw Duarte
*/



#ifndef __BDBSECURITYPLUGIN_H_
#define __BDBSECURITYPLUGIN_H_

using namespace std;

#define __SECDATAFILE "securitydb"


#include <SecurityPlugin.h>
#include <db_cxx.h>

class BDBSecurityPlugin : public SecurityPlugin
{
  typedef DbTxn transaction_t; 
  typedef struct 
  { 
    NumID userID;
    bool hasWritePermission;
    bool hasDeletePermission;
  } docperm_t;

 public:
    
  BDBSecurityPlugin( const Config &cfg );
  ~BDBSecurityPlugin();

  /* ======== Required by Plugin base class =======*/

  bool init();

  /* ==== Required by SecurityPlugin base class ====*/

  void getLoginChallenge( string username, string &challenge );
  bool hasReadPermission(NumID userid, NumID docid);
  bool hasWritePermission(NumID userid, NumID docid);
  bool hasDeletePermission( NumID userid, NumID docid );
  CoreError fileCreated(NumID userid, NumID docid, Permission permission);
  CoreError changeUserPermission(NumID userid, Permission permission, NumID adminid);
  CoreError changeFilePermission(NumID docid, Permission permission, NumID userid);
  CoreError filterSearchResults(QueryResult &queryResult);
  CoreError addUser( const UserProfile &userProfile, string challenge, string password, NumID &userid );
  CoreError delUser( NumID userid );
  CoreError login( string username, string challenge, string response, UserProfile &user );
  CoreError getUserProfile( NumID userid, UserProfile &userProfile );
  CoreError changeUserProfile( NumID userid, const UserProfile &userProfile );
  CoreError setPassword( NumID userid, string challenge, string oldPassword, string newPassword );
  CoreError clearPassword( NumID userid );
  CoreError listUsers( vector<NumID> &users );

  /* ===============================================*/

 private:

  /*
    Checks if the key exists in the system database. If not, it is created  and 
    initialized with the default value. This method is used during the 
    initialization process to ensure a meaningful system database. 
  */
  bool checkSysKeyOrSetDefault( const char *key, uint64_t defaultValue   );

  /*
    Creates a new BDB transaction and returns a handle to it. The transaction
    needs to be finished with commitTransaction() or abortTransaction() to 
    prevent a memory leak and/or deadlock.
   */
  transaction_t *startTransaction();
  
  /*
    Commits the transaction and frees it. 
   */
  void commitTransaction( transaction_t *transaction );

  /*
    Aborts the transaction and frees it.
   */
  void abortTransaction( transaction_t *transaction );

  /*
    Fetch a user's ID from the database. Returns true on success and false on failure.
    \param txn the transaction that guards the operation.
    \param username the name of the user
    \param userid the destination address of the fetched user-ID.
  */
  bool fetchUserID( transaction_t *txn, std::string username, NumID *userid );

  /*
    Fetch a user's profile from the database. Returns true on success and false on failure.
    \param txn the transaction that guards the operation.
    \param userid the ID of the user.
    \param xmlprofile the string object that will receive the XML user profile
  */
  bool fetchUserProfile( transaction_t *txn, NumID userid, std::string &xmlprofile );

  Db *usrTableHandle;
  Db *docTableHandle;
  Db *sysTableHandle;
  DbEnv *dbEnvHandle;
  bool _initialized;
};

/* Standard system database keys */

static const char *key_highest_uid = "HIGHEST_UID";

#endif /*_BDBSECURITYPLUGIN_H_*/

---