aboutsummaryrefslogtreecommitdiff
path: root/src/DatabaseStorage.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/DatabaseStorage.cpp')
-rw-r--r--src/DatabaseStorage.cpp98
1 files changed, 43 insertions, 55 deletions
diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp
index 501bd35..d7f42bb 100644
--- a/src/DatabaseStorage.cpp
+++ b/src/DatabaseStorage.cpp
@@ -1,7 +1,4 @@
#include "../include/odhtdb/DatabaseStorage.hpp"
-#include "../include/odhtdb/RemoteUser.hpp"
-#include "../include/odhtdb/LocalUser.hpp"
-#include "../include/odhtdb/LocalUserEncrypted.hpp"
#include "../include/odhtdb/Group.hpp"
#include "../include/odhtdb/FileUtils.hpp"
#include "../include/odhtdb/bin2hex.hpp"
@@ -28,22 +25,6 @@ namespace odhtdb
const u64 QUARANTINE_STORAGE_TIME_MICROSECONDS = 60 * 1.0e6;
const u16 STORAGE_VERSION = 3;
-
- DatabaseStorageObject::DatabaseStorageObject(const Hash &_requestHash, DataView &_data, u64 _timestamp, const Signature::PublicKey &_creatorPublicKey) :
- requestHash(_requestHash),
- data(_data),
- createdTimestamp(_timestamp),
- creatorPublicKey(_creatorPublicKey)
- {
-
- }
-
- DatabaseStorageQuarantineObject::DatabaseStorageQuarantineObject(DataView &_data, u64 _timestamp, const Signature::PublicKey &_creatorPublicKey) :
- data(_data), createdTimestamp(_timestamp), creatorPublicKey(_creatorPublicKey)
- {
- auto time = chrono::high_resolution_clock::now().time_since_epoch();
- storedTimestamp = chrono::duration_cast<chrono::microseconds>(time).count();
- }
static void sqlite_exec_checked(sqlite3 *db, const char *sql)
{
@@ -431,11 +412,8 @@ namespace odhtdb
return query.next();
}
- void DatabaseStorage::createStorage(const Hash &hash, Group *creatorGroup, u64 timestamp, const void *data, usize size)
+ void DatabaseStorage::createStorage(const Hash &hash, const Signature::PublicKey &adminPublicKey, const DataView &adminGroupId, u64 timestamp, const void *data, usize size)
{
- assert(creatorGroup->getUsers().size() == 1);
- User *creator = (User*)creatorGroup->getUsers()[0];
-
sqlite3_exec(sqliteDb, "BEGIN", 0, 0, 0);
{
sqlite3_reset(insertNodeStmt);
@@ -448,15 +426,15 @@ namespace odhtdb
rc = sqlite3_bind_int64(insertNodeStmt, 2, timestamp);
bindCheckError(rc);
- rc = sqlite3_bind_blob(insertNodeStmt, 3, creator->getPublicKey().getData(), creator->getPublicKey().getSize(), SQLITE_STATIC);
+ rc = sqlite3_bind_blob(insertNodeStmt, 3, adminPublicKey.getData(), adminPublicKey.getSize(), SQLITE_STATIC);
bindCheckError(rc);
- rc = sqlite3_bind_blob(insertNodeStmt, 4, creatorGroup->getId().data, GROUP_ID_LENGTH, SQLITE_STATIC);
+ rc = sqlite3_bind_blob(insertNodeStmt, 4, adminGroupId.data, GROUP_ID_LENGTH, SQLITE_STATIC);
bindCheckError(rc);
sqlite_step_rollback_on_failure(sqliteDb, insertNodeStmt, "insert data into Node");
- addGroup(hash, creatorGroup);
- addUser(hash, creator->getPublicKey(), creatorGroup->getId());
+ addGroup(hash, adminGroupId, ADMIN_PERMISSION);
+ addUser(hash, adminPublicKey, adminGroupId);
}
{
sqlite3_reset(insertNodeRawStmt);
@@ -475,7 +453,7 @@ namespace odhtdb
auto nodeDecryptionKeyResult = getNodeDecryptionKey(hash);
if(nodeDecryptionKeyResult.first)
- decryptNodeData(hash, nodeDecryptionKeyResult.second, &creator->getPublicKey(), creatorGroup->getId(), timestamp);
+ decryptNodeData(hash, nodeDecryptionKeyResult.second, &adminPublicKey, adminGroupId, timestamp);
}
void DatabaseStorage::appendStorage(const Hash &nodeHash, const Hash &dataHash, DatabaseOperation operation, const Signature::PublicKey &creatorPublicKey, u64 timestamp, const void *data, usize size, const DataView &additionalDataView)
@@ -591,7 +569,7 @@ namespace odhtdb
sqlite3_exec(sqliteDb, "COMMIT", 0, 0, 0);
}
- void DatabaseStorage::addGroup(const Hash &nodeHash, Group *group)
+ void DatabaseStorage::addGroup(const Hash &nodeHash, const DataView &groupId, const Permission &permissions)
{
sqlite3_reset(insertGroupStmt);
sqlite3_clear_bindings(insertGroupStmt);
@@ -600,17 +578,17 @@ namespace odhtdb
rc = sqlite3_bind_blob(insertGroupStmt, 1, nodeHash.getData(), nodeHash.getSize(), SQLITE_STATIC);
bindCheckError(rc);
- rc = sqlite3_bind_blob(insertGroupStmt, 2, group->getId().data, GROUP_ID_LENGTH, SQLITE_STATIC);
+ rc = sqlite3_bind_blob(insertGroupStmt, 2, groupId.data, GROUP_ID_LENGTH, SQLITE_STATIC);
bindCheckError(rc);
- rc = sqlite3_bind_int(insertGroupStmt, 3, group->getPermission().getPermissionLevel());
+ rc = sqlite3_bind_int(insertGroupStmt, 3, permissions.getPermissionLevel());
bindCheckError(rc);
- rc = sqlite3_bind_int64(insertGroupStmt, 4, group->getPermission().getPermissionFlags());
+ rc = sqlite3_bind_int64(insertGroupStmt, 4, permissions.getPermissionFlags());
bindCheckError(rc);
sqlite_step_rollback_on_failure(sqliteDb, insertGroupStmt, "insert data into NodeGroup");
- Log::debug("Created group %s in node %s", bin2hex((const char*)group->getId().data, GROUP_ID_LENGTH).c_str(), nodeHash.toString().c_str());
+ Log::debug("Created group %s in node %s", bin2hex((const char*)groupId.data, GROUP_ID_LENGTH).c_str(), nodeHash.toString().c_str());
}
void DatabaseStorage::addUserToGroup(const Hash &nodeHash, const Signature::PublicKey &userPublicKey, const DataView &groupId)
@@ -669,6 +647,36 @@ namespace odhtdb
callbackFunc(data);
}
}
+
+ bool DatabaseStorage::isUserAllowedToAddDataInNode(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const
+ {
+ SqlQuery queryCreatorGroupWithRightsToAddData(sqliteDb,
+ "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc"
+ " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId"
+ " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionFlags & ?) != 0",
+ { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)userPublicKey.getData(), userPublicKey.getSize()), (i64)PermissionType::ADD_DATA });
+ return queryCreatorGroupWithRightsToAddData.next();
+ }
+
+ bool DatabaseStorage::isUserAllowedToAddUserToGroupInNode(const Hash &nodeHash, const Signature::PublicKey &userPublicKey, const DataView &groupToAddUserTo) const
+ {
+ SqlQuery queryGroupToAdd(sqliteDb, "SELECT permissionLevel FROM NodeGroup WHERE groupId = ?", { groupToAddUserTo });
+ if(!queryGroupToAdd.next())
+ {
+ // TODO: Add to quarantine?
+ Log::error("There is no group with id %s in node %s", bin2hex((const char*)groupToAddUserTo.data, groupToAddUserTo.size).c_str(), nodeHash.toString().c_str());
+ return false;
+ }
+
+ int groupToAddPermissionLevel = queryGroupToAdd.getInt(0);
+
+ SqlQuery queryCreatorGroupWithRightsToAddUserToGroup(sqliteDb,
+ "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc"
+ " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId"
+ " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionLevel = ? AND ((nodeGroup.permissionFlags & ?) != 0) OR (nodeGroup.permissionLevel > ? AND (nodeGroup.permissionFlags & ?) != 0))",
+ { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)userPublicKey.getData(), userPublicKey.getSize()), groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_SAME_LEVEL, groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_HIGHER_LEVEL });
+ return queryCreatorGroupWithRightsToAddUserToGroup.next();
+ }
#if 0
bool DatabaseStorage::storeLocalUser(const string &username, const Signature::KeyPair &keyPair, const string &password)
{
@@ -943,12 +951,7 @@ namespace odhtdb
bool DatabaseStorage::decryptNodeAddData(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const DataView &encryptedData, const shared_ptr<OwnedMemory> decryptionKey)
{
- SqlQuery queryCreatorGroupWithRightsToAddData(sqliteDb,
- "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc"
- " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId"
- " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionFlags & ?) != 0",
- { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)creatorPublicKey->getData(), creatorPublicKey->getSize()), (i64)PermissionType::ADD_DATA });
- if(!queryCreatorGroupWithRightsToAddData.next())
+ if(!isUserAllowedToAddDataInNode(nodeHash, *creatorPublicKey))
{
// TODO: User might have permission to perform operation, but we haven't got the packet that adds user to the group with the permission,
// or we haven't received the packet that modifies group with the permission to perform the operation.
@@ -976,22 +979,7 @@ namespace odhtdb
bool DatabaseStorage::decryptNodeAddUser(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const Signature::PublicKey *userToAddPublicKey, const DataView &groupToAddUserTo, const shared_ptr<OwnedMemory> decryptionKey)
{
- SqlQuery queryGroupToAdd(sqliteDb, "SELECT permissionLevel FROM NodeGroup WHERE groupId = ?", { groupToAddUserTo });
- if(!queryGroupToAdd.next())
- {
- // TODO: Add to quarantine?
- Log::error("There is no group with id %s in node %s", bin2hex((const char*)groupToAddUserTo.data, groupToAddUserTo.size).c_str(), nodeHash.toString().c_str());
- return false;
- }
-
- int groupToAddPermissionLevel = queryGroupToAdd.getInt(0);
-
- SqlQuery queryCreatorGroupWithRightsToAddUserToGroup(sqliteDb,
- "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc"
- " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId"
- " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionLevel = ? AND ((nodeGroup.permissionFlags & ?) != 0) OR (nodeGroup.permissionLevel > ? AND (nodeGroup.permissionFlags & ?) != 0))",
- { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)creatorPublicKey->getData(), creatorPublicKey->getSize()), groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_SAME_LEVEL, groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_HIGHER_LEVEL });
- if(!queryCreatorGroupWithRightsToAddUserToGroup.next())
+ if(!isUserAllowedToAddUserToGroupInNode(nodeHash, *creatorPublicKey, groupToAddUserTo))
{
// TODO: User might have permission to perform operation, but we haven't got the packet that adds user to the group with the permission,
// or we haven't received the packet that modifies group with the permission to perform the operation.
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 13:03:02 +0000