From 1fe14e8fcfbec25cb6b70df194a82ede4cc0a3e5 Mon Sep 17 00:00:00 2001 From: dec05eba <0xdec05eba@gmail.com> Date: Mon, 14 May 2018 03:07:43 +0200 Subject: Remove user/group classes, user public key/group id directly to database instead --- src/DatabaseStorage.cpp | 98 ++++++++++++++++++++++--------------------------- 1 file changed, 43 insertions(+), 55 deletions(-) (limited to 'src/DatabaseStorage.cpp') diff --git a/src/DatabaseStorage.cpp b/src/DatabaseStorage.cpp index 501bd35..d7f42bb 100644 --- a/src/DatabaseStorage.cpp +++ b/src/DatabaseStorage.cpp @@ -1,7 +1,4 @@ #include "../include/odhtdb/DatabaseStorage.hpp" -#include "../include/odhtdb/RemoteUser.hpp" -#include "../include/odhtdb/LocalUser.hpp" -#include "../include/odhtdb/LocalUserEncrypted.hpp" #include "../include/odhtdb/Group.hpp" #include "../include/odhtdb/FileUtils.hpp" #include "../include/odhtdb/bin2hex.hpp" @@ -28,22 +25,6 @@ namespace odhtdb const u64 QUARANTINE_STORAGE_TIME_MICROSECONDS = 60 * 1.0e6; const u16 STORAGE_VERSION = 3; - - DatabaseStorageObject::DatabaseStorageObject(const Hash &_requestHash, DataView &_data, u64 _timestamp, const Signature::PublicKey &_creatorPublicKey) : - requestHash(_requestHash), - data(_data), - createdTimestamp(_timestamp), - creatorPublicKey(_creatorPublicKey) - { - - } - - DatabaseStorageQuarantineObject::DatabaseStorageQuarantineObject(DataView &_data, u64 _timestamp, const Signature::PublicKey &_creatorPublicKey) : - data(_data), createdTimestamp(_timestamp), creatorPublicKey(_creatorPublicKey) - { - auto time = chrono::high_resolution_clock::now().time_since_epoch(); - storedTimestamp = chrono::duration_cast(time).count(); - } static void sqlite_exec_checked(sqlite3 *db, const char *sql) { @@ -431,11 +412,8 @@ namespace odhtdb return query.next(); } - void DatabaseStorage::createStorage(const Hash &hash, Group *creatorGroup, u64 timestamp, const void *data, usize size) + void DatabaseStorage::createStorage(const Hash &hash, const Signature::PublicKey &adminPublicKey, const DataView &adminGroupId, u64 timestamp, const void *data, usize size) { - assert(creatorGroup->getUsers().size() == 1); - User *creator = (User*)creatorGroup->getUsers()[0]; - sqlite3_exec(sqliteDb, "BEGIN", 0, 0, 0); { sqlite3_reset(insertNodeStmt); @@ -448,15 +426,15 @@ namespace odhtdb rc = sqlite3_bind_int64(insertNodeStmt, 2, timestamp); bindCheckError(rc); - rc = sqlite3_bind_blob(insertNodeStmt, 3, creator->getPublicKey().getData(), creator->getPublicKey().getSize(), SQLITE_STATIC); + rc = sqlite3_bind_blob(insertNodeStmt, 3, adminPublicKey.getData(), adminPublicKey.getSize(), SQLITE_STATIC); bindCheckError(rc); - rc = sqlite3_bind_blob(insertNodeStmt, 4, creatorGroup->getId().data, GROUP_ID_LENGTH, SQLITE_STATIC); + rc = sqlite3_bind_blob(insertNodeStmt, 4, adminGroupId.data, GROUP_ID_LENGTH, SQLITE_STATIC); bindCheckError(rc); sqlite_step_rollback_on_failure(sqliteDb, insertNodeStmt, "insert data into Node"); - addGroup(hash, creatorGroup); - addUser(hash, creator->getPublicKey(), creatorGroup->getId()); + addGroup(hash, adminGroupId, ADMIN_PERMISSION); + addUser(hash, adminPublicKey, adminGroupId); } { sqlite3_reset(insertNodeRawStmt); @@ -475,7 +453,7 @@ namespace odhtdb auto nodeDecryptionKeyResult = getNodeDecryptionKey(hash); if(nodeDecryptionKeyResult.first) - decryptNodeData(hash, nodeDecryptionKeyResult.second, &creator->getPublicKey(), creatorGroup->getId(), timestamp); + decryptNodeData(hash, nodeDecryptionKeyResult.second, &adminPublicKey, adminGroupId, timestamp); } void DatabaseStorage::appendStorage(const Hash &nodeHash, const Hash &dataHash, DatabaseOperation operation, const Signature::PublicKey &creatorPublicKey, u64 timestamp, const void *data, usize size, const DataView &additionalDataView) @@ -591,7 +569,7 @@ namespace odhtdb sqlite3_exec(sqliteDb, "COMMIT", 0, 0, 0); } - void DatabaseStorage::addGroup(const Hash &nodeHash, Group *group) + void DatabaseStorage::addGroup(const Hash &nodeHash, const DataView &groupId, const Permission &permissions) { sqlite3_reset(insertGroupStmt); sqlite3_clear_bindings(insertGroupStmt); @@ -600,17 +578,17 @@ namespace odhtdb rc = sqlite3_bind_blob(insertGroupStmt, 1, nodeHash.getData(), nodeHash.getSize(), SQLITE_STATIC); bindCheckError(rc); - rc = sqlite3_bind_blob(insertGroupStmt, 2, group->getId().data, GROUP_ID_LENGTH, SQLITE_STATIC); + rc = sqlite3_bind_blob(insertGroupStmt, 2, groupId.data, GROUP_ID_LENGTH, SQLITE_STATIC); bindCheckError(rc); - rc = sqlite3_bind_int(insertGroupStmt, 3, group->getPermission().getPermissionLevel()); + rc = sqlite3_bind_int(insertGroupStmt, 3, permissions.getPermissionLevel()); bindCheckError(rc); - rc = sqlite3_bind_int64(insertGroupStmt, 4, group->getPermission().getPermissionFlags()); + rc = sqlite3_bind_int64(insertGroupStmt, 4, permissions.getPermissionFlags()); bindCheckError(rc); sqlite_step_rollback_on_failure(sqliteDb, insertGroupStmt, "insert data into NodeGroup"); - Log::debug("Created group %s in node %s", bin2hex((const char*)group->getId().data, GROUP_ID_LENGTH).c_str(), nodeHash.toString().c_str()); + Log::debug("Created group %s in node %s", bin2hex((const char*)groupId.data, GROUP_ID_LENGTH).c_str(), nodeHash.toString().c_str()); } void DatabaseStorage::addUserToGroup(const Hash &nodeHash, const Signature::PublicKey &userPublicKey, const DataView &groupId) @@ -669,6 +647,36 @@ namespace odhtdb callbackFunc(data); } } + + bool DatabaseStorage::isUserAllowedToAddDataInNode(const Hash &nodeHash, const Signature::PublicKey &userPublicKey) const + { + SqlQuery queryCreatorGroupWithRightsToAddData(sqliteDb, + "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc" + " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId" + " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionFlags & ?) != 0", + { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)userPublicKey.getData(), userPublicKey.getSize()), (i64)PermissionType::ADD_DATA }); + return queryCreatorGroupWithRightsToAddData.next(); + } + + bool DatabaseStorage::isUserAllowedToAddUserToGroupInNode(const Hash &nodeHash, const Signature::PublicKey &userPublicKey, const DataView &groupToAddUserTo) const + { + SqlQuery queryGroupToAdd(sqliteDb, "SELECT permissionLevel FROM NodeGroup WHERE groupId = ?", { groupToAddUserTo }); + if(!queryGroupToAdd.next()) + { + // TODO: Add to quarantine? + Log::error("There is no group with id %s in node %s", bin2hex((const char*)groupToAddUserTo.data, groupToAddUserTo.size).c_str(), nodeHash.toString().c_str()); + return false; + } + + int groupToAddPermissionLevel = queryGroupToAdd.getInt(0); + + SqlQuery queryCreatorGroupWithRightsToAddUserToGroup(sqliteDb, + "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc" + " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId" + " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionLevel = ? AND ((nodeGroup.permissionFlags & ?) != 0) OR (nodeGroup.permissionLevel > ? AND (nodeGroup.permissionFlags & ?) != 0))", + { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)userPublicKey.getData(), userPublicKey.getSize()), groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_SAME_LEVEL, groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_HIGHER_LEVEL }); + return queryCreatorGroupWithRightsToAddUserToGroup.next(); + } #if 0 bool DatabaseStorage::storeLocalUser(const string &username, const Signature::KeyPair &keyPair, const string &password) { @@ -943,12 +951,7 @@ namespace odhtdb bool DatabaseStorage::decryptNodeAddData(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const DataView &encryptedData, const shared_ptr decryptionKey) { - SqlQuery queryCreatorGroupWithRightsToAddData(sqliteDb, - "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc" - " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId" - " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionFlags & ?) != 0", - { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)creatorPublicKey->getData(), creatorPublicKey->getSize()), (i64)PermissionType::ADD_DATA }); - if(!queryCreatorGroupWithRightsToAddData.next()) + if(!isUserAllowedToAddDataInNode(nodeHash, *creatorPublicKey)) { // TODO: User might have permission to perform operation, but we haven't got the packet that adds user to the group with the permission, // or we haven't received the packet that modifies group with the permission to perform the operation. @@ -976,22 +979,7 @@ namespace odhtdb bool DatabaseStorage::decryptNodeAddUser(i64 rowId, const Hash &nodeHash, const Hash &dataHash, u64 timestamp, const Signature::PublicKey *creatorPublicKey, const Signature::PublicKey *userToAddPublicKey, const DataView &groupToAddUserTo, const shared_ptr decryptionKey) { - SqlQuery queryGroupToAdd(sqliteDb, "SELECT permissionLevel FROM NodeGroup WHERE groupId = ?", { groupToAddUserTo }); - if(!queryGroupToAdd.next()) - { - // TODO: Add to quarantine? - Log::error("There is no group with id %s in node %s", bin2hex((const char*)groupToAddUserTo.data, groupToAddUserTo.size).c_str(), nodeHash.toString().c_str()); - return false; - } - - int groupToAddPermissionLevel = queryGroupToAdd.getInt(0); - - SqlQuery queryCreatorGroupWithRightsToAddUserToGroup(sqliteDb, - "SELECT nodeGroup.rowid FROM NodeUserGroupAssoc AS userGroupAssoc" - " INNER JOIN NodeGroup AS nodeGroup ON nodeGroup.groupId = userGroupAssoc.groupId" - " WHERE userGroupAssoc.node = ? AND userGroupAssoc.userPublicKey = ? AND (nodeGroup.permissionLevel = ? AND ((nodeGroup.permissionFlags & ?) != 0) OR (nodeGroup.permissionLevel > ? AND (nodeGroup.permissionFlags & ?) != 0))", - { DataView(nodeHash.getData(), nodeHash.getSize()), DataView((void*)creatorPublicKey->getData(), creatorPublicKey->getSize()), groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_SAME_LEVEL, groupToAddPermissionLevel, (i64)PermissionType::ADD_USER_HIGHER_LEVEL }); - if(!queryCreatorGroupWithRightsToAddUserToGroup.next()) + if(!isUserAllowedToAddUserToGroupInNode(nodeHash, *creatorPublicKey, groupToAddUserTo)) { // TODO: User might have permission to perform operation, but we haven't got the packet that adds user to the group with the permission, // or we haven't received the packet that modifies group with the permission to perform the operation. -- cgit v1.2.3