MXS-1354: Take refactored users into use

The refactored interface is now in use. The only module that used it
directly was the CDC protocol module. This should probably be changed so
that it uses the adminusers interface instead of the users interface
directly.

server/core/adminusers.cc

@@ -38,7 +38,6 @@ static const char *admin_add_user(USERS** pusers, const char* fname,
                                   const char* uname, const char* password);
 static const char* admin_remove_user(USERS *users, const char* fname,
                                      const char *uname, const char *passwd);
-static bool admin_search_user(USERS *users, const char *uname);
 
 
 
@@ -89,11 +88,12 @@ static const char *admin_add_user(USERS** pusers, const char* fname,
         }
         fclose(fp);
     }
-    if (users_fetch(*pusers, (char*)uname) != NULL) // TODO: Make users const correct.
+
+    if (!users_add(*pusers, uname, password ? password : ""))
     {
         return ADMIN_ERR_DUPLICATE;
     }
-    users_add(*pusers, (char*)uname, password ? (char*)password : ""); // TODO: Make users const correct.
+
     if ((fp = fopen(path, "a")) == NULL)
     {
         MXS_ERROR("Unable to append to password file %s.", path);
@@ -130,7 +130,7 @@ static const char* admin_remove_user(USERS *users, const char* fname,
         return ADMIN_ERR_DELROOT;
     }
 
-    if (!admin_search_user(users, uname))
+    if (!users_find(users, uname))
     {
         MXS_ERROR("Couldn't find user %s. Removing user failed.", uname);
         return ADMIN_ERR_USERNOTFOUND;
@@ -147,7 +147,7 @@ static const char* admin_remove_user(USERS *users, const char* fname,
     }
 
     /** Remove user from in-memory structure */
-    users_delete(users, (char*)uname); // TODO: Make users const correct.
+    users_delete(users, uname);
 
     /**
      * Open passwd file and remove user from the file.
@@ -273,45 +273,6 @@ static const char* admin_remove_user(USERS *users, const char* fname,
     return ADMIN_SUCCESS;
 }
 
-/**
- * Check for existance of the user
- *
- * @param uname The user name to test
- * @return      True if the user exists
- */
-static bool admin_search_user(USERS *users, const char *uname)
-{
-    return (users_fetch(users, (char*)uname) != NULL); // TODO: Make users const correct.
-}
-
-/**
- */
-void dcb_print_users(DCB *dcb, const char* heading, USERS *users)
-{
-    dcb_printf(dcb, "%s", heading);
-
-    if (users)
-    {
-        HASHITERATOR *iter = hashtable_iterator(users->data);
-
-        if (iter)
-        {
-            const char *sep = "";
-            const char *user;
-
-            while ((user = (const char*)hashtable_next(iter)) != NULL)
-            {
-                dcb_printf(dcb, "%s%s", sep, user);
-                sep = ", ";
-            }
-
-            hashtable_iterator_free(iter);
-        }
-    }
-
-    dcb_printf(dcb, "%s", "\n");
-}
-
 static json_t* admin_user_json_data(const char* host, const char* user, enum user_type user_type)
 {
     ss_dassert(user_type != USER_TYPE_ALL);
@@ -330,15 +291,16 @@ static json_t* admin_user_json_data(const char* host, const char* user, enum use
 
 static void user_types_to_json(USERS* users, json_t* arr, const char* host, enum user_type type)
 {
-    const char* user;
+    json_t* json = users_diagnostic_json(users);
-    HASHITERATOR *iter = hashtable_iterator(users->data);
+    size_t index;
+    json_t* value;
 
-    while ((user = (const char*)hashtable_next(iter)))
+    json_array_foreach(json, index, value)
     {
-        json_array_append_new(arr, admin_user_json_data(host, user, type));
+        json_array_append_new(arr, admin_user_json_data(host, json_string_value(value), type));
     }
 
-    hashtable_iterator_free(iter);
+    json_decref(json);
 }
 
 static std::string path_from_type(enum user_type type)
@@ -507,7 +469,7 @@ bool admin_linux_account_enabled(const char *uname)
     }
     else if (linux_users)
     {
-        rv = admin_search_user(linux_users, uname);
+        rv = users_find(linux_users, uname);
     }
 
     return rv;
@@ -573,7 +535,7 @@ bool admin_inet_user_exists(const char *uname)
 
     if (inet_users)
     {
-        rv = admin_search_user(inet_users, uname);
+        rv = users_find(inet_users, uname);
     }
 
     return rv;
@@ -593,19 +555,10 @@ admin_verify_inet_user(const char *username, const char *password)
     bool rv = false;
 
     if (inet_users)
-    {
-        const char* pw = users_fetch(inet_users, (char*)username); // TODO: Make users const-correct.
-
-        if (pw)
     {
         char cpassword[MXS_CRYPT_SIZE];
         mxs_crypt(password, ADMIN_SALT, cpassword);
-
+        rv = users_auth(inet_users, username, cpassword);
-            if (strcmp(pw, cpassword) == 0)
-            {
-                rv = true;
-            }
-        }
     }
     else
     {
@@ -626,6 +579,17 @@ admin_verify_inet_user(const char *username, const char *password)
  */
 void dcb_PrintAdminUsers(DCB *dcb)
 {
-    dcb_print_users(dcb, "Enabled Linux accounts (secure)    : ", linux_users);
+    dcb_printf(dcb, "Enabled Linux accounts (secure):\n");
-    dcb_print_users(dcb, "Created network accounts (insecure): ", inet_users);
+
+    if (linux_users)
+    {
+        users_diagnostic(dcb, linux_users);
+    }
+
+    dcb_printf(dcb, "Created network accounts (insecure):\n");
+
+    if (inet_users)
+    {
+        users_diagnostic(dcb, inet_users);
+    }
 }

server/core/test/testusers.cc

@@ -34,20 +34,12 @@
 #include <string.h>
 
 #include <maxscale/users.h>
-
 #include <maxscale/log_manager.h>
 
-/**
+static int test1()
- * test1    Allocate table of users and mess around with it
- *
-  */
-
-static int
-test1()
 {
     USERS* users;
-    const char *authdata;
+    bool rv;
-    int        result, count;
 
     /* Poll tests */
     ss_dfprintf(stderr,
@@ -56,33 +48,24 @@ test1()
     mxs_log_flush_sync();
     ss_info_dassert(NULL != users, "Allocating user table should not return NULL.");
     ss_dfprintf(stderr, "\t..done\nAdd a user");
-    count = users_add(users, "username", "authorisation");
+    rv = users_add(users, "username", "authorisation");
     mxs_log_flush_sync();
-    ss_info_dassert(1 == count, "Should add one user");
+    ss_info_dassert(rv, "Should add one user");
-    authdata = users_fetch(users, "username");
+    rv = users_auth(users, "username", "authorisation");
     mxs_log_flush_sync();
-    ss_info_dassert(NULL != authdata, "Fetch valid user must not return NULL");
+    ss_info_dassert(rv, "Fetch valid user must not return NULL");
-    ss_info_dassert(0 == strcmp("authorisation", authdata), "User authorisation should be correct");
+    rv = users_auth(users, "username", "newauth");
-    ss_dfprintf(stderr, "\t..done\nPrint users");
-    usersPrint(users);
     mxs_log_flush_sync();
-    ss_dfprintf(stderr, "\t..done\nUpdate a user");
+    ss_info_dassert(rv, "Fetch valid user must not return NULL");
-    count = users_update(users, "username", "newauth");
-    mxs_log_flush_sync();
-    ss_info_dassert(1 == count, "Should update just one user");
-    authdata = users_fetch(users, "username");
-    mxs_log_flush_sync();
-    ss_info_dassert(NULL != authdata, "Fetch valid user must not return NULL");
-    ss_info_dassert(0 == strcmp("newauth", authdata), "User authorisation should be correctly updated");
 
     ss_dfprintf(stderr, "\t..done\nAdd another user");
-    count = users_add(users, "username2", "authorisation2");
+    rv = users_add(users, "username2", "authorisation2");
     mxs_log_flush_sync();
-    ss_info_dassert(1 == count, "Should add one user");
+    ss_info_dassert(rv, "Should add one user");
     ss_dfprintf(stderr, "\t..done\nDelete a user.");
-    count = users_delete(users, "username");
+    rv = users_delete(users, "username");
     mxs_log_flush_sync();
-    ss_info_dassert(1 == count, "Should delete just one user");
+    ss_info_dassert(rv, "Should delete just one user");
     ss_dfprintf(stderr, "\t..done\nFree user table.");
     users_free(users);
     mxs_log_flush_sync();

server/modules/authenticator/CDCPlainAuth/cdc_plain_auth.c

@@ -202,14 +202,12 @@ MXS_MODULE* MXS_CREATE_MODULE()
  * @return Authentication status
  * @note Authentication status codes are defined in cdc.h
  */
-static int cdc_auth_check(DCB *dcb, CDC_protocol *protocol, char *username, uint8_t *auth_data,
+static int cdc_auth_check(DCB *dcb, CDC_protocol *protocol, char *username,
-                          unsigned int *flags)
+                          uint8_t *auth_data, unsigned int *flags)
 {
-    if (dcb->listener->users)
+    int rval = CDC_STATE_AUTH_FAILED;
-    {
-        const char *user_password = users_fetch(dcb->listener->users, username);
 
-        if (user_password)
+    if (dcb->listener->users)
     {
         /* compute SHA1 of auth_data */
         uint8_t sha1_step1[SHA_DIGEST_LENGTH] = "";
@@ -218,12 +216,13 @@ static int cdc_auth_check(DCB *dcb, CDC_protocol *protocol, char *username, uint
         gw_sha1_str(auth_data, SHA_DIGEST_LENGTH, sha1_step1);
         gw_bin2hex(hex_step1, sha1_step1, SHA_DIGEST_LENGTH);
 
-            return memcmp(user_password, hex_step1, SHA_DIGEST_LENGTH) == 0 ?
+        if (users_auth(dcb->listener->users, username, hex_step1))
-                   CDC_STATE_AUTH_OK : CDC_STATE_AUTH_FAILED;
+        {
+            rval = CDC_STATE_AUTH_OK;
         }
     }
 
-    return CDC_STATE_AUTH_FAILED;
+    return rval;
 }
 
 /**