Girocco/User.pm

   1 package Girocco::User;
   2
   3 use strict;
   4 use warnings;
   5
   6 use Girocco::Config;
   7
   8 BEGIN {
   9         use Girocco::CGI;
  10         use Girocco::Util;
  11         use Digest::SHA1 qw(sha1_hex);
  12 }
  13
  14 sub _passwd_add {
  15         my $self = shift;
  16         filedb_atomic_append(jailed_file('/etc/passwd'),
  17                 join(':', $self->{name}, 'x', '\i', 65534, $self->{email}, '/', '/bin/git-shell'));
  18 }
  19
  20 sub _sshkey_path {
  21         my $self = shift;
  22         '/etc/sshkeys/'.$self->{name};
  23 }
  24
  25 sub _sshkey_load {
  26         my $self = shift;
  27         open F, "<".jailed_file($self->_sshkey_path) or die "sshkey load failed: $!";
  28         my @keys;
  29         my $auth;
  30         while (<F>) {
  31                 chomp;
  32                 if (/^ssh-(?:dss|rsa) /) {
  33                         push @keys, $_;
  34                 } elsif (/^# REPOAUTH ([0-9a-f]+) (\d+)/) {
  35                         my $expire = $2;
  36                         $auth = $1 unless (time >= $expire);
  37                 }
  38         }
  39         close F;
  40         my $keys = join('', @keys); chomp $keys;
  41         ($keys, $auth);
  42 }
  43
  44 sub _sshkey_save {
  45         my $self = shift;
  46         open F, ">".jailed_file($self->_sshkey_path) or die "sshkey failed: $!";
  47         if (defined($self->{auth}) && $self->{auth}) {
  48                 my $expire = time + 24 * 3600;
  49                 print F "# REPOAUTH $self->{auth} $expire\n";
  50         }
  51         print F $self->{keys}."\n";
  52         close F;
  53         chmod 0664, jailed_file($self->_sshkey_path);
  54 }
  55
  56 # private constructor, do not use
  57 sub _new {
  58         my $class = shift;
  59         my ($name) = @_;
  60         Girocco::User::valid_name($name) or die "refusing to create user with invalid name ($name)!";
  61         my $proj = { name => $name };
  62
  63         bless $proj, $class;
  64 }
  65
  66 # public constructor #0
  67 # creates a virtual user not connected to disk record
  68 # you can conjure() it later to disk
  69 sub ghost {
  70         my $class = shift;
  71         my ($name) = @_;
  72         my $self = $class->_new($name);
  73         $self;
  74 }
  75
  76 # public constructor #1
  77 sub load {
  78         my $class = shift;
  79         my ($name) = @_;
  80
  81         open F, jailed_file("/etc/passwd") or die "user load failed: $!";
  82         while (<F>) {
  83                 chomp;
  84                 @_ = split /:/;
  85                 next unless (shift eq $name);
  86
  87                 my $self = $class->_new($name);
  88
  89                 (undef, $self->{uid}, undef, $self->{email}) = @_;
  90                 ($self->{keys}, $self->{auth}) = $self->_sshkey_load;
  91
  92                 return $self;
  93         }
  94         close F;
  95         undef;
  96 }
  97
  98 # public constructor #2
  99 sub load_by_uid {
 100         my $class = shift;
 101         my ($uid) = @_;
 102
 103         open F, jailed_file("/etc/passwd") or die "user load failed: $!";
 104         while (<F>) {
 105                 chomp;
 106                 @_ = split /:/;
 107                 next unless ($_[2] eq $uid);
 108
 109                 my $self = $class->_new($_[0]);
 110
 111                 (undef, undef, $self->{uid}, undef, $self->{email}) = @_;
 112                 ($self->{keys}, $self->{auth}) = $self->_sshkey_load;
 113
 114                 return $self;
 115         }
 116         close F;
 117         undef;
 118 }
 119
 120 # $user may not be in sane state if this returns false!
 121 sub cgi_fill {
 122         my $self = shift;
 123         my ($gcgi) = @_;
 124         my $cgi = $gcgi->cgi;
 125
 126         $self->{name} = $gcgi->wparam('name');
 127         Girocco::User::valid_name($self->{name})
 128                 or $gcgi->err("Name contains invalid characters.");
 129
 130         $self->{email} = $gcgi->wparam('email');
 131         valid_email($self->{email})
 132                 or $gcgi->err("Your email sure looks weird...?");
 133
 134         $self->keys_fill($gcgi);
 135 }
 136
 137 sub keys_fill {
 138         my $self = shift;
 139         my ($gcgi) = @_;
 140         my $cgi = $gcgi->cgi;
 141
 142         $self->{keys} = $cgi->param('keys');
 143         length($self->{keys}) <= 4096
 144                 or $gcgi->err("The list of keys is more than 4kb. Do you really need that much?");
 145         foreach (split /\r?\n/, $self->{keys}) {
 146                 /^ssh-(?:dss|rsa) .* \S+@\S+$/ or $gcgi->err("Your ssh key (\"$_\") appears to have invalid format (does not start by ssh-dss|rsa or does not end with @-identifier) - maybe your browser has split a single key to multiple lines?");
 147         }
 148
 149         not $gcgi->err_check;
 150 }
 151
 152 sub keys_save {
 153         my $self = shift;
 154
 155         $self->_sshkey_save;
 156 }
 157
 158 sub gen_auth {
 159         my $self = shift;
 160
 161         $self->{auth} = Digest::SHA1::sha1_hex(time . $$ . rand() . $self->{keys});
 162         $self->_sshkey_save;
 163         $self->{auth};
 164 }
 165
 166 sub del_auth {
 167         my $self = shift;
 168
 169         delete $self->{auth};
 170 }
 171
 172 sub conjure {
 173         my $self = shift;
 174
 175         $self->_passwd_add;
 176         $self->_sshkey_save;
 177 }
 178
 179 ### static methods
 180
 181 sub valid_name {
 182         $_ = $_[0];
 183         /^[a-zA-Z0-9+._-]+$/;
 184 }
 185
 186 sub does_exist {
 187         my ($name) = @_;
 188         Girocco::User::valid_name($name) or die "tried to query for user with invalid name $name!";
 189         (-e jailed_file("/etc/sshkeys/$name"));
 190 }
 191
 192 sub resolve_uid {
 193         my ($name) = @_;
 194         $Girocco::Config::chrooted and undef; # TODO for ACLs within chroot
 195         scalar(getpwnam($name));
 196 }
 197
 198
 199 1;