X-Git-Url: http://matita.cs.unibo.it/gitweb/?a=blobdiff_plain;f=matitaB%2Fmatita%2FmatitaAuthentication.ml;h=4eff42e4ce4d6f1df3808a7f7a57786aa8a37406;hb=e499c2e36d8a39c4749b8e0e34438b49532d15b8;hp=a3704ee4eb3056b16287f74f2d16847842afafc5;hpb=11a20b624a4b5ed18008678cf6cd46dd9a32634d;p=helm.git

diff --git a/matitaB/matita/matitaAuthentication.ml b/matitaB/matita/matitaAuthentication.ml
index a3704ee4e..4eff42e4c 100644
--- a/matitaB/matita/matitaAuthentication.ml
+++ b/matitaB/matita/matitaAuthentication.ml
@@ -32,65 +32,92 @@ type user = string * (string * string * session_id option)
 
 let user_tbl = (ref [] : user list ref)
 
-(* session table: session id, (user id, matita status, matita history *)
-type session = session_id * (string * MatitaEngine.status * MatitaEngine.status list)
+(* low users can't commit or update *)
+let luser_tbl = (ref [] : user list ref)
+
+(* session table: session id, (user id, matita status, matita history, commit privileges *)
+type session = session_id * (string * MatitaEngine.status * MatitaEngine.status list * bool)
 
 let session_tbl = (ref [] : session list ref)
 
 exception UsernameCollision of string
 exception InvalidPassword
 
-let lookup_user uid = List.assoc uid !user_tbl
+(* returns user entry and privileges *)
+let lookup_user uid = 
+  try List.assoc uid !user_tbl, true
+  with Not_found -> List.assoc uid !luser_tbl, false
+
+let user_of_session sid = let res,_,_,_ = List.assoc sid !session_tbl in res
 
-let user_of_session sid = let res,_,_ = List.assoc sid !session_tbl in res
+(* disable for debugging *)
+let prerr_endline _ = ()
 
+(* used for commits, so lusers are excluded *)
 let get_users () = List.map fst !user_tbl
 
 let create_session uid =
   let status = new MatitaEngine.status (Some uid) "cic:/matita" in
   let history = [status] in
-  let salt,pw,sid = List.assoc uid !user_tbl in
-  let clean_utbl = List.remove_assoc uid !user_tbl in
+  let (salt,pw,sid),cp = lookup_user uid in
   let new_session = Uuidm.create `V4 in
-  user_tbl := (uid,(salt,pw,Some new_session))::clean_utbl;
+  (if cp then
+    let clean_utbl = List.remove_assoc uid !user_tbl in
+    user_tbl := (uid,(salt,pw,Some new_session))::clean_utbl
+  else
+    let clean_lutbl = List.remove_assoc uid !luser_tbl in
+    luser_tbl := (uid,(salt,pw,Some new_session))::clean_lutbl);
   let clean_stbl = match sid with
     | Some sid' -> 
        List.remove_assoc sid' !session_tbl
     | _ -> !session_tbl
   in 
-  session_tbl := (new_session,(uid,status,history))::clean_stbl;
+  session_tbl := (new_session,(uid,status,history,cp))::clean_stbl;
   new_session
 ;;
 
 let get_session_owner sid =
-  let uid,_,_ = List.assoc sid !session_tbl
+  let uid,_,_,_ = List.assoc sid !session_tbl
   in uid
 
 let get_status sid =
-  let _,st,_ = List.assoc sid !session_tbl
+  let _,st,_,_ = List.assoc sid !session_tbl
   in st
 
 let get_history sid = 
-  let _,_,hist = List.assoc sid !session_tbl
+  let _,_,hist,_ = List.assoc sid !session_tbl
   in hist
 
+let get_commit_priv sid =
+  let _,_,_,cp = List.assoc sid !session_tbl
+  in cp
+
+let probe_commit_priv sid =
+  let _,_,_,cp = List.assoc sid !session_tbl in
+  if not cp then failwith "no commit privileges" 
+
 let set_status sid st =
-  let uid, oldst, hist = List.assoc sid !session_tbl in
-  session_tbl := (sid,(uid,st,hist))::(List.remove_assoc sid !session_tbl)
+  let uid, oldst, hist, cp = List.assoc sid !session_tbl in
+  session_tbl := (sid,(uid,st,hist,cp))::(List.remove_assoc sid !session_tbl)
    
 let set_history sid hist =
-  let uid, st, oldhist = List.assoc sid !session_tbl in
-  session_tbl := (sid,(uid,st,hist))::(List.remove_assoc sid !session_tbl)
+  let uid, st, oldhist, cp = List.assoc sid !session_tbl in
+  session_tbl := (sid,(uid,st,hist,cp))::(List.remove_assoc sid !session_tbl)
 
 let logout_user sid =
-  let uid,st,hist = List.assoc sid !session_tbl in
-  let salt,pw,_ = List.assoc uid !user_tbl in
-  user_tbl := (uid,(salt,pw,None))::List.remove_assoc uid !user_tbl;
+  let uid,st,hist,cp = List.assoc sid !session_tbl in
+  (if cp then 
+    let salt,pw,_ = List.assoc uid !user_tbl in
+    user_tbl := (uid,(salt,pw,None))::List.remove_assoc uid !user_tbl
+  else
+    let salt,pw,_ = List.assoc uid !luser_tbl in
+    luser_tbl := (uid,(salt,pw,None))::List.remove_assoc uid !luser_tbl);
   session_tbl := List.remove_assoc sid !session_tbl
 ;;
 
 let remove_user uid =
-  user_tbl := List.remove_assoc uid !user_tbl
+  user_tbl := List.remove_assoc uid !user_tbl;
+  luser_tbl := List.remove_assoc uid !luser_tbl
 ;;
 
 (* serialization and deserialization of the user table *)
@@ -103,9 +130,13 @@ let config_path () =
 
 let serialize () =
   let clean_utbl = List.map (fun (uid,(salt,pw,_)) -> uid,(salt,pw,None)) !user_tbl in
+  let clean_lutbl = List.map (fun (uid,(salt,pw,_)) -> uid,(salt,pw,None)) !luser_tbl in
   let utbl_ch = open_out (config_path () ^ "/usertable.dump") in
   Marshal.to_channel utbl_ch clean_utbl [];
   close_out utbl_ch;
+  let lutbl_ch = open_out (config_path () ^ "/lusertable.dump") in
+  Marshal.to_channel lutbl_ch clean_lutbl [];
+  close_out lutbl_ch
 ;;
 
 let deserialize () =
@@ -116,6 +147,13 @@ let deserialize () =
   with
     | Sys_error _ -> 
        user_tbl := []; serialize());
+  (try
+    let lutbl_ch = open_in (config_path () ^ "/lusertable.dump") in
+    luser_tbl := Marshal.from_channel lutbl_ch;
+    close_in lutbl_ch;
+  with
+    | Sys_error _ -> 
+       luser_tbl := []; serialize());
   (* old_sessions are now invalid *)
   session_tbl := [];
 ;;
@@ -152,7 +190,7 @@ let set_file_flag uid files_flags =
   write_ft uid (ft'@ft)
 ;;
 
-let add_user uid pw =
+let add_user uid pw cp =
   try
     let _ = lookup_user uid in
     raise (UsernameCollision uid)
@@ -163,12 +201,15 @@ let add_user uid pw =
     let sha256 = Cryptokit.Hash.sha256 () in
     sha256#add_string (salt ^ pw);
     let crypto_pw = sha256#result in
-    user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl;
+    (if cp then
+      user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl
+    else 
+      luser_tbl := (uid,(salt,crypto_pw,None))::!luser_tbl);
     write_ft uid ft;
     serialize ()
 ;;
 
-let add_user_no_checkout uid pw =
+let add_user_no_checkout uid pw cp =
   try
     let _ = lookup_user uid in
     raise (UsernameCollision uid)
@@ -179,13 +220,16 @@ let add_user_no_checkout uid pw =
     sha256#add_string (salt ^ pw);
     let crypto_pw = sha256#result in
     sha256#wipe;
-    user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl;
+    (if cp then
+      user_tbl := (uid,(salt,crypto_pw,None))::!user_tbl
+    else 
+      luser_tbl := (uid,(salt,crypto_pw,None))::!luser_tbl);
     serialize ()
 ;;
 
 let check_pw uid pw =
   try
-    let salt,crypto_pw,_ = lookup_user uid in
+    let (salt,crypto_pw,_),_ = lookup_user uid in
     let sha256 = Cryptokit.Hash.sha256 () in
     sha256#add_string (salt ^ pw);
     let computed_pw = sha256#result in
@@ -197,6 +241,7 @@ let check_pw uid pw =
 
 let reset () =
   user_tbl := [];
+  luser_tbl := [];
   session_tbl := [];
   MatitaFilesystem.reset_lib ();
   serialize ();