Changeset 1350

Show
Ignore:
Timestamp:
06/10/08 00:25:06 (4 months ago)
Author:
benoitg
Message:
Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • trunk/wifidog-auth/CHANGELOG

    r1349 r1350  
    11# $Id$ 
     22008-06-10 Benoit GrĂ©goire  <bock@step.polymtl.ca> 
     3        * Begin implementing http://dev.wifidog.org/wiki/doc/developer/TokenArchitecture.  This is a first step:  SQL schema changes, and adapt the current functionnality to the new schema to have a baseline.  Everything should work as before, please notify me if you notice anything strange... 
     4 
    252008-04-27 Benoit GrĂ©goire  <bock@step.polymtl.ca> 
    36        * Fixed dependencies on simplepie.  Simplepie removed a stable branch from their SVN.  Why on earth would one do that!?!? 

  • trunk/wifidog-auth/wifidog/admin/online_users.php

    r1249 r1350  
    5555$smarty = SmartyWifidog::getObject(); 
    5656$online_users = null; 
    57 $db->execSql("SELECT connections.user_id, name, username, account_origin, timestamp_in, incoming, outgoing FROM connections,users,nodes WHERE token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND nodes.node_id=connections.node_id ORDER BY account_origin, timestamp_in DESC", $online_users); 
     57$db->execSql("SELECT connections.user_id, name, username, account_origin, timestamp_in, incoming, outgoing FROM users,nodes,connections JOIN tokens USING (token_id) WHERE token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND nodes.node_id=connections.node_id ORDER BY account_origin, timestamp_in DESC", $online_users); 
    5858$smarty->assign("users_array", $online_users); 
    5959 

  • trunk/wifidog-auth/wifidog/auth/index.php

    r1128 r1350  
    6161} 
    6262 
    63 $db->execSqlUniqueRes("SELECT CURRENT_TIMESTAMP, *, CASE WHEN ((CURRENT_TIMESTAMP - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.token='$token'", $info, false); 
     63$db->execSqlUniqueRes("SELECT CURRENT_TIMESTAMP, *, CASE WHEN ((CURRENT_TIMESTAMP - reg_date) > networks.validation_grace_time) THEN true ELSE false END AS validation_grace_time_expired FROM connections JOIN tokens USING (token_id) JOIN users ON (users.user_id=connections.user_id) JOIN networks ON (users.account_origin = networks.network_id) WHERE connections.token_id='$token'", $info, false); 
    6464 
    6565if ($info != null) 

  • trunk/wifidog-auth/wifidog/classes/Authenticator.php

    r1330 r1350  
    229229            if ($splash_user_id != $user->getId() && $node = Node::getCurrentNode()) { 
    230230                // Try to destroy all connections tied to the current node 
    231                 $sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND node_id='{$node->getId()}' AND token_status='".TOKEN_INUSE."';"; 
     231                $sql = "SELECT conn_id FROM connections JOIN tokens USING (token_id) WHERE user_id = '{$user->getId()}' AND node_id='{$node->getId()}' AND token_status='".TOKEN_INUSE."';"; 
    232232                $conn_rows = null; 
    233233                $db->execSql($sql, $conn_rows, false); 
     
    247247             * that all other active tokens should expire 
    248248             */ 
    249             $sql = "SELECT conn_id FROM connections WHERE user_id = '{$user->getId()}' AND token_status='".TOKEN_INUSE."';"; 
     249            $sql = "SELECT conn_id FROM connections JOIN tokens USING (token_id) WHERE user_id = '{$user->getId()}' AND token_status='".TOKEN_INUSE."';"; 
    250250            $conn_rows = null; 
    251251            $db->execSql($sql, $conn_rows, false); 
     
    285285        $mac = $db->escapeString($_REQUEST['mac']); 
    286286        $ip = $db->escapeString($_REQUEST['ip']); 
    287         $sql = "UPDATE connections SET token_status='".TOKEN_INUSE."',user_mac='$mac',user_ip='$ip',last_updated=CURRENT_TIMESTAMP WHERE conn_id='{$conn_id}';"; 
     287        $sql = "BEGIN;\n"; 
     288        $sql .= "UPDATE connections SET user_mac='$mac',user_ip='$ip',last_updated=CURRENT_TIMESTAMP WHERE conn_id='{$conn_id}';"; 
     289        $sql .= "UPDATE tokens SET token_status='".TOKEN_INUSE."' FROM connections WHERE connections.token_id=tokens.token_id AND conn_id='{$conn_id}';"; 
     290        $sql .= "COMMIT;\n"; 
     291         
    288292        $db->execSqlUpdate($sql, false); 
    289293 
     
    295299             */ 
    296300            $token = $db->escapeString($_REQUEST['token']); 
    297             $sql = "SELECT * FROM connections WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token!='$token';"; 
     301            $sql = "SELECT * FROM connections JOIN tokens USING (token_id) WHERE user_id = '{$info['user_id']}' AND token_status='".TOKEN_INUSE."' AND token_id!='$token';"; 
    298302            $conn_rows = array (); 
    299303            $db->execSql($sql, $conn_rows, false); 
     
    305309            } 
    306310        } 
    307  
    308         /* 
    309          * Delete all unused tokens for this user, so we don't fill the database 
    310          * with them 
    311          */ 
    312         $sql = "DELETE FROM connections "."WHERE token_status='".TOKEN_UNUSED."' AND user_id = '{$info['user_id']}';"; 
    313         $db->execSqlUpdate($sql, false); 
    314311    } 
    315312 

  • trunk/wifidog-auth/wifidog/classes/Network.php

    r1342 r1350  
    10791079    { 
    10801080        $username = 'SPLASH_ONLY_USER'; 
    1081  
    1082         $user = User :: getUserByUsernameAndOrigin($username, $this); 
    1083         if (!$user) { 
    1084             $user = User :: createUser(get_guid(), $username, $this, '', ''); 
    1085             $user->setAccountStatus(ACCOUNT_STATUS_ALLOWED); 
     1081        if(!empty($this->splashOnlyUser)) { 
     1082            $user = $this->splashOnlyUser; 
     1083        } 
     1084        else 
     1085        { 
     1086            $user = User :: getUserByUsernameAndOrigin($username, $this); 
     1087            if (!$user) { 
     1088                $user = User :: createUser(get_guid(), $username, $this, '', ''); 
     1089                $user->setAccountStatus(ACCOUNT_STATUS_ALLOWED); 
     1090            } 
     1091            $this->splashOnlyUser = $user; 
    10861092        } 
    10871093        return $user; 
     
    12171223            $network_id = $db->escapeString($this->_id); 
    12181224            $splashOnlyUserId = $this->getSplashOnlyUser()->getId(); 
    1219             $sql = "SELECT ((SELECT COUNT(DISTINCT users.user_id) as count FROM users,connections NATURAL JOIN nodes JOIN networks ON (nodes.network_id=networks.network_id AND networks.network_id='$network_id') WHERE connections.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND users.user_id!='{$splashOnlyUserId}') + (SELECT COUNT(DISTINCT connections.user_mac) as count FROM users,connections NATURAL JOIN nodes JOIN networks ON (nodes.network_id=networks.network_id AND networks.network_id='$network_id') WHERE connections.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND users.user_id='{$splashOnlyUserId}')) AS count"; 
     1225            $sql = "SELECT ((SELECT COUNT(DISTINCT users.user_id) as count FROM users,connections JOIN tokens USING (token_id) NATURAL JOIN nodes JOIN networks ON (nodes.network_id=networks.network_id AND networks.network_id='$network_id') WHERE tokens.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND users.user_id!='{$splashOnlyUserId}') + (SELECT COUNT(DISTINCT connections.user_mac) as count FROM users,connections JOIN tokens USING (token_id) NATURAL JOIN nodes JOIN networks ON (nodes.network_id=networks.network_id AND networks.network_id='$network_id') WHERE tokens.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND users.user_id='{$splashOnlyUserId}')) AS count"; 
    12201226            $db->execSqlUniqueRes($sql, $row, false); 
    12211227 

  • trunk/wifidog-auth/wifidog/classes/Node.php

    r1331 r1350  
    15431543 
    15441544    private function getOnlineUsersSql() { 
    1545         return "SELECT users.user_id FROM users,connections WHERE connections.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}'"; 
     1545        return "SELECT users.user_id FROM users,connections JOIN tokens USING (token_id) WHERE tokens.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}'"; 
    15461546    } 
    15471547    /** 
     
    15851585        $row = null; 
    15861586        $splashOnlyUserId = $this->getNetwork()->getSplashOnlyUser()->getId(); 
    1587         $sql = "SELECT ((SELECT COUNT(DISTINCT users.user_id) as count FROM users,connections WHERE connections.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}' AND users.user_id!='{$splashOnlyUserId}') + (SELECT COUNT(DISTINCT connections.user_mac) as count FROM users,connections WHERE connections.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}' AND users.user_id='{$splashOnlyUserId}')) AS count"; 
     1587        $sql = "SELECT ((SELECT COUNT(DISTINCT users.user_id) as count FROM users,connections JOIN tokens USING (token_id) WHERE tokens.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}' AND users.user_id!='{$splashOnlyUserId}') + (SELECT COUNT(DISTINCT connections.user_mac) as count FROM users,connections JOIN tokens USING (token_id) WHERE tokens.token_status='".TOKEN_INUSE."' AND users.user_id=connections.user_id AND connections.node_id='{$this->id}' AND users.user_id='{$splashOnlyUserId}')) AS count"; 
    15881588        $db->execSqlUniqueRes($sql, $row, false); 
    15891589 

  • trunk/wifidog-auth/wifidog/classes/Statistics.php

    r1316 r1350  
    322322 
    323323        $sql .= "FROM connections  \n"; 
     324        $sql .= "JOIN tokens USING (token_id) \n"; 
    324325        $sql .= "JOIN nodes ON (connections.node_id = nodes.node_id) \n"; 
    325326        $sql .= "$join_users_sql \n"; 

  • trunk/wifidog-auth/wifidog/classes/User.php

    r1336 r1350  
    152152     * @param $username The username of the user 
    153153     * @param $account_origin Network:  The account origin 
    154      * @param &$errMsg An error message will be appended to this is the username is not empty, but the user doesn't exist. 
     154     * @param &$errMsg An error message will be appended to this if the username is not empty, but the user doesn't exist. 
    155155     * @return a User object, or null if there was an error 
    156156     */ 
     
    536536                //echo "$session && $node_ip && {$session->get(SESS_NODE_ID_VAR)}"; 
    537537                $node_id = $db->escapeString($session->get(SESS_NODE_ID_VAR)); 
    538                 $db->execSqlUpdate("INSERT INTO connections (user_id, token, token_status, timestamp_in, node_id, node_ip, last_updated) VALUES ('" . $this->getId() . "', '$token', '" . TOKEN_UNUSED . "', CURRENT_TIMESTAMP, '$node_id', '$node_ip', CURRENT_TIMESTAMP)", false); 
     538 
     539                /* 
     540                 * Delete all unused tokens for this user, so we don't fill the database 
     541                 * with them 
     542                 */ 
     543                $sql = "DELETE FROM connections USING tokens "."WHERE tokens.token_id=connections.token_id AND token_status='".TOKEN_UNUSED."' AND user_id = '".$this->getId()."';\n"; 
     544                // TODO:  Try to find a reusable token before creating a brand new one! 
     545                 
     546                $sql .= "INSERT INTO tokens (token_owner, token_issuer, token_id, token_status) VALUES ('" . $this->getId() . "', '" . $this->getId() . "', '$token', '" . TOKEN_UNUSED . "');\n"; 
     547                $sql .= "INSERT INTO connections (user_id, token_id, timestamp_in, node_id, node_ip, last_updated) VALUES ('" . $this->getId() . "', '$token', CURRENT_TIMESTAMP, '$node_id', '$node_ip', CURRENT_TIMESTAMP)"; 
     548                $db->execSqlUpdate($sql, false); 
    539549                $retval = $token; 
    540550            } else 

  • trunk/wifidog-auth/wifidog/include/common.php

    r1249 r1350  
    172172    // 10 minutes 
    173173    $expiration = '10 minutes'; 
    174     $db->execSqlUpdate("UPDATE connections SET token_status='" . TOKEN_USED . "' WHERE last_updated < (CURRENT_TIMESTAMP - interval '$expiration') AND token_status = '" . TOKEN_INUSE . "';", false); 
     174    $db->execSqlUpdate("UPDATE tokens SET token_status='" . TOKEN_USED . "' FROM connections WHERE connections.token_id=tokens.token_id AND last_updated < (CURRENT_TIMESTAMP - interval '$expiration') AND token_status = '" . TOKEN_INUSE . "';", false); 
    175175} 
    176176 

  • trunk/wifidog-auth/wifidog/include/schema_validate.php

    r1335 r1350  
    4848 * Define current database schema version 
    4949 */ 
    50 define('REQUIRED_SCHEMA_VERSION', 59); 
     50define('REQUIRED_SCHEMA_VERSION', 60); 
    5151/** Used to test a new shecma version before modyfying the database */ 
    5252define('SCHEMA_UPDATE_TEST_MODE', false); 
     
    13201320        $sql .= "CREATE INDEX idx_nodes_node_deployment_status ON nodes (node_deployment_status);\n"; 
    13211321    } 
    1322      
     1322 
     1323    $new_schema_version = 60; 
     1324    if ($schema_version < $new_schema_version && $new_schema_version <= $targetSchema) { 
     1325        printUpdateVersion($new_schema_version); 
     1326        $sql .= "\n\nUPDATE schema_info SET value='$new_schema_version' WHERE tag='schema_version';\n"; 
     1327        $sql .= "CREATE TABLE token_templates \n"; 
     1328        $sql .= "( \n"; 
     1329        $sql .= "token_template_id text PRIMARY KEY, \n"; 
     1330        $sql .= "token_template_network text REFERENCES networks (network_id) ON UPDATE CASCADE ON DELETE CASCADE NOT NULL, -- (Note:  Server-wide tokens aren't supported, but the code will look up the tokens of networks you peer with) \n"; 
     1331        $sql .= "token_template_creation_date timestamp NOT NULL DEFAULT now(),\n"; 
     1332        $sql .= "token_max_incoming_data integer, -- Ex: Allows capping bandwidth \n"; 
     1333        $sql .= "token_max_outgoing_data integer, -- Ex: Allows capping bandwidth \n"; 
     1334        $sql .= "token_max_total_data integer, -- Ex: Allows capping bandwidth \n"; 
     1335        $sql .= "token_max_connection_duration interval, -- Ex: Allows limiting the length of a single connection \n"; 
     1336        $sql .= "token_max_usage_duration interval, -- Ex: Allows selling access by the hour (counting only when in use) \n"; 
     1337        $sql .= "token_max_wall_clock_duration interval, -- Ex:  Allows selling daily, weekly or monthly passes (starting the count as soon as the token is first used) \n"; 
     1338        $sql .= "token_max_age interval, -- Ex:  Allow setting a maximum time before expiration (starting the count as soon as the token is issued) \n"; 
     1339        $sql .= "token_is_reusable boolean DEFAULT true --  Can a user connect again using this token? (normally, yes) \n"; 
     1340 
     1341        $sql .= ");\n\n"; 
     1342 
     1343        $sql .= "CREATE TABLE tokens_template_valid_nodes -- (Unfortunately, for hotels selling 24h access to their clients, we have to consider that their network may consist of more than one node.  If the token has no entry in this table, it's considered valid everywhere on the Network (and it's peers)) \n"; 
     1344        $sql .= "( \n"; 
     1345        $sql .= "token_template_id text REFERENCES token_templates (token_template_id) ON UPDATE CASCADE ON DELETE CASCADE NOT NULL, \n"; 
     1346        $sql .= "token_valid_at_node text REFERENCES nodes (node_id) ON UPDATE CASCADE ON DELETE CASCADE NOT NULL, \n"; 
     1347        $sql .= "PRIMARY KEY (token_template_id, token_valid_at_node) \n"; 
     1348        $sql .= ");\n\n"; 
     1349 
     1350        $sql .= "CREATE TABLE token_lots \n"; 
     1351        $sql .= "( \n"; 
     1352        $sql .= "token_lot_id text PRIMARY KEY, \n"; 
     1353        $sql .= "token_lot_comment text, -- A free-form comment about the lot text \n"; 
     1354        $sql .= "token_lot_creation_date timestamp NOT NULL DEFAULT now()\n"; 
     1355        $sql .= ");\n\n"; 
     1356 
     1357        $sql .= "CREATE TABLE tokens \n"; 
     1358        $sql .= "( \n"; 
     1359        $sql .= "token_id text PRIMARY KEY, \n"; 
     1360        $sql .= "token_template_id text REFERENCES token_templates (token_template_id) ON UPDATE CASCADE ON DELETE CASCADE, \n"; 
     1361        $sql .= "token_status text REFERENCES token_status (token_status)  ON UPDATE CASCADE ON DELETE RESTRICT, \n"; 
     1362        $sql .= "token_lot_id text REFERENCES token_lots (token_lot_id) ON UPDATE CASCADE ON DELETE CASCADE, \n"; 
     1363        $sql .= "token_creation_date timestamp NOT NULL DEFAULT now(), -- (not the same as connection start time) \n"; 
     1364        $sql .= "token_issuer text REFERENCES users (user_id) ON UPDATE CASCADE ON DELETE CASCADE NOT NULL, -- A user in the system.  User responsible for the creation of the token (not necessarily the same as the one using it), \n"; 
     1365        $sql .= "token_owner text REFERENCES users (user_id) ON UPDATE CASCADE ON DELETE CASCADE -- The user that can USE the token, anyone if empty.\n"; 
     1366        $sql .= ");\n\n"; 
     1367 
     1368        $sql .= "INSERT INTO tokens (token_id, token_status, token_creation_date, token_issuer, token_owner) SELECT token AS token_id, token_status, timestamp_in AS token_creation_date, user_id AS token_issuer, user_id AS token_owner FROM connections; \n"; 
     1369        $sql .= "CREATE INDEX idx_token_status ON tokens (token_status);\n";    
     1370        $sql .= "ALTER TABLE connections ADD CONSTRAINT fk_tokens FOREIGN KEY (token) REFERENCES tokens (token_id) ON UPDATE CASCADE ON DELETE RESTRICT; \n"; 
     1371 
     1372        $sql .= "ALTER TABLE connections DROP column token_status; \n"; 
     1373        $sql .= "ALTER TABLE connections ADD COLUMN max_total_bytes integer;\n"; 
     1374        $sql .= "ALTER TABLE connections ALTER COLUMN max_total_bytes SET DEFAULT NULL;\n"; 
     1375        $sql .= "ALTER TABLE connections ADD COLUMN max_incoming_bytes integer;\n"; 
     1376        $sql .= "ALTER TABLE connections ALTER COLUMN max_incoming_bytes SET DEFAULT NULL;\n"; 
     1377        $sql .= "ALTER TABLE connections ADD COLUMN max_outgoing_bytes integer;\n"; 
     1378        $sql .= "ALTER TABLE connections ALTER COLUMN max_outgoing_bytes SET DEFAULT NULL;\n"; 
     1379        $sql .= "ALTER TABLE connections ADD COLUMN expiration_date timestamp;\n"; 
     1380        $sql .= "ALTER TABLE connections ALTER COLUMN expiration_date SET DEFAULT NULL;\n"; 
     1381        $sql .= "ALTER TABLE connections ADD COLUMN logout_reason integer;\n"; 
     1382        $sql .= "ALTER TABLE connections ALTER COLUMN logout_reason SET DEFAULT NULL;\n"; 
     1383        $sql .= "ALTER TABLE connections RENAME COLUMN token TO token_id;\n";      
     1384    } 
     1385    /* 
     1386 
     1387 
     1388    */ 
    13231389    /* 
    13241390     $new_schema_version = ;