1 (* Copyright (C) 2004-2011, HELM Team.
3 * This file is part of HELM, an Hypertextual, Electronic
4 * Library of Mathematics, developed at the Computer Science
5 * Department, University of Bologna, Italy.
7 * HELM is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
12 * HELM is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with HELM; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place - Suite 330, Boston,
22 * For details, see the HELM World-Wide-Web page,
23 * http://helm.cs.unibo.it/
26 type session_id = Uuidm.t
28 type matita_file = MatitaFilesystem.matita_flag * string
30 (* user table: user id, (salt, encrypted password, optional session id) *)
31 type user = string * (string * string * session_id option)
33 let user_tbl = (ref [] : user list ref)
35 (* low users can't commit or update *)
36 let luser_tbl = (ref [] : user list ref)
38 (* session table: session id, (user id, matita status, matita history, commit privileges *)
39 type session = session_id * (string * MatitaEngine.status * MatitaEngine.status list * bool)
41 let session_tbl = (ref [] : session list ref)
43 exception UsernameCollision of string
44 exception InvalidPassword
46 (* returns user entry and privileges *)
48 try List.assoc uid !user_tbl, true
49 with Not_found -> List.assoc uid !luser_tbl, false
51 let user_of_session sid = let res,_,_,_ = List.assoc sid !session_tbl in res
53 (* disable for debugging *)
54 let prerr_endline _ = ()
56 (* used for commits, so lusers are excluded *)
57 let get_users () = List.map fst !user_tbl
59 let create_session uid =
60 let status = new MatitaEngine.status (Some uid) "cic:/matita" in
61 let history = [status] in
62 let (salt,pw,sid),cp = lookup_user uid in
63 let new_session = Uuidm.create `V4 in
65 let clean_utbl = List.remove_assoc uid !user_tbl in
66 user_tbl := (uid,(salt,pw,Some new_session))::clean_utbl
68 let clean_lutbl = List.remove_assoc uid !luser_tbl in
69 luser_tbl := (uid,(salt,pw,Some new_session))::clean_lutbl);
70 let clean_stbl = match sid with
72 List.remove_assoc sid' !session_tbl
75 session_tbl := (new_session,(uid,status,history,cp))::clean_stbl;
79 let get_session_owner sid =
80 let uid,_,_,_ = List.assoc sid !session_tbl
84 let _,st,_,_ = List.assoc sid !session_tbl
88 let _,_,hist,_ = List.assoc sid !session_tbl
91 let get_commit_priv sid =
92 let _,_,_,cp = List.assoc sid !session_tbl
95 let probe_commit_priv sid =
96 let _,_,_,cp = List.assoc sid !session_tbl in
97 if not cp then failwith "no commit privileges"
99 let set_status sid st =
100 let uid, oldst, hist, cp = List.assoc sid !session_tbl in
101 session_tbl := (sid,(uid,st,hist,cp))::(List.remove_assoc sid !session_tbl)
103 let set_history sid hist =
104 let uid, st, oldhist, cp = List.assoc sid !session_tbl in
105 session_tbl := (sid,(uid,st,hist,cp))::(List.remove_assoc sid !session_tbl)
107 let logout_user sid =
108 let uid,st,hist,cp = List.assoc sid !session_tbl in
110 let salt,pw,_ = List.assoc uid !user_tbl in
111 user_tbl := (uid,(salt,pw,None))::List.remove_assoc uid !user_tbl
113 let salt,pw,_ = List.assoc uid !luser_tbl in
114 luser_tbl := (uid,(salt,pw,None))::List.remove_assoc uid !luser_tbl);
115 session_tbl := List.remove_assoc sid !session_tbl
118 let remove_user uid =
119 user_tbl := List.remove_assoc uid !user_tbl;
120 luser_tbl := List.remove_assoc uid !luser_tbl
123 (* serialization and deserialization of the user table *)
125 let path = Helm_registry.get "matita.basedir" in
126 let dirname = Filename.dirname path in
127 HExtlib.mkdir dirname;
132 let clean_utbl = List.map (fun (uid,(salt,pw,_)) -> uid,(salt,pw,None)) !user_tbl in
133 let clean_lutbl = List.map (fun (uid,(salt,pw,_)) -> uid,(salt,pw,None)) !luser_tbl in
134 let utbl_ch = open_out (config_path () ^ "/usertable.dump") in
135 Marshal.to_channel utbl_ch clean_utbl [];
137 let lutbl_ch = open_out (config_path () ^ "/lusertable.dump") in
138 Marshal.to_channel lutbl_ch clean_lutbl [];
144 let utbl_ch = open_in (config_path () ^ "/usertable.dump") in
145 user_tbl := Marshal.from_channel utbl_ch;
149 user_tbl := []; serialize());
151 let lutbl_ch = open_in (config_path () ^ "/lusertable.dump") in
152 luser_tbl := Marshal.from_channel lutbl_ch;
156 luser_tbl := []; serialize());
157 (* old_sessions are now invalid *)
161 let write_ft uid ft =
162 let ft_ch = open_out (config_path () ^ "/ft_" ^ uid ^ ".dump") in
163 Marshal.to_channel ft_ch ft [];
169 let ft_ch = open_in (config_path () ^ "/ft_" ^ uid ^ ".dump") in
170 let ft = Marshal.from_channel ft_ch in
175 (* this is an error, we should rebuild the table by a diff of
176 the directory listing and svn stat *)
180 let set_file_flag uid files_flags =
181 let ft = read_ft uid in
182 let files = List.map fst files_flags in
183 let ft = List.filter (fun (x,_) -> not (List.mem x files)) ft in
184 let ft' = List.fold_left (fun acc (filename,flag) ->
185 let filename = MatitaFilesystem.normalize_qfn filename in
187 (filename,HExtlib.unopt flag)::acc
188 with Failure _ -> acc) [] files_flags
190 write_ft uid (ft'@ft)
193 let add_user uid pw cp =
195 let _ = lookup_user uid in
196 raise (UsernameCollision uid)
198 let ft = MatitaFilesystem.checkout uid in
199 (* use a 8 byte salt *)
200 let salt = Cryptokit.Random.string Cryptokit.Random.secure_rng 8 in
201 let sha256 = Cryptokit.Hash.sha256 () in
202 sha256#add_string (salt ^ pw);
203 let crypto_pw = sha256#result in
205 user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl
207 luser_tbl := (uid,(salt,crypto_pw,None))::!luser_tbl);
212 let add_user_no_checkout uid pw cp =
214 let _ = lookup_user uid in
215 raise (UsernameCollision uid)
217 (* use a 8 byte salt *)
218 let salt = Cryptokit.Random.string Cryptokit.Random.secure_rng 8 in
219 let sha256 = Cryptokit.Hash.sha256 () in
220 sha256#add_string (salt ^ pw);
221 let crypto_pw = sha256#result in
224 user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl
226 luser_tbl := (uid,(salt,crypto_pw,None))::!luser_tbl);
230 let check_pw uid pw =
232 let (salt,crypto_pw,_),_ = lookup_user uid in
233 let sha256 = Cryptokit.Hash.sha256 () in
234 sha256#add_string (salt ^ pw);
235 let computed_pw = sha256#result in
237 if crypto_pw <> computed_pw
238 then (prerr_endline ("password " ^ pw ^ " incorrect"); raise InvalidPassword)
239 with Not_found _ -> raise InvalidPassword
246 MatitaFilesystem.reset_lib ();