1#include <string.h>
2#include <Poco/RegularExpression.h>
3#include <Poco/Util/AbstractConfiguration.h>
4#include <Common/Exception.h>
5#include <IO/ReadHelpers.h>
6#include <Interpreters/Users.h>
7#include <common/logger_useful.h>
8#include <Poco/MD5Engine.h>
9
10
11namespace DB
12{
13
14namespace ErrorCodes
15{
16 extern const int UNKNOWN_ADDRESS_PATTERN_TYPE;
17 extern const int UNKNOWN_USER;
18 extern const int BAD_ARGUMENTS;
19}
20
21
22User::User(const String & name_, const String & config_elem, const Poco::Util::AbstractConfiguration & config)
23 : name(name_)
24{
25 bool has_password = config.has(config_elem + ".password");
26 bool has_password_sha256_hex = config.has(config_elem + ".password_sha256_hex");
27 bool has_password_double_sha1_hex = config.has(config_elem + ".password_double_sha1_hex");
28
29 if (has_password + has_password_sha256_hex + has_password_double_sha1_hex > 1)
30 throw Exception("More than one field of 'password', 'password_sha256_hex', 'password_double_sha1_hex' is used to specify password for user " + name + ". Must be only one of them.",
31 ErrorCodes::BAD_ARGUMENTS);
32
33 if (!has_password && !has_password_sha256_hex && !has_password_double_sha1_hex)
34 throw Exception("Either 'password' or 'password_sha256_hex' or 'password_double_sha1_hex' must be specified for user " + name + ".", ErrorCodes::BAD_ARGUMENTS);
35
36 if (has_password)
37 {
38 authentication = Authentication{Authentication::PLAINTEXT_PASSWORD};
39 authentication.setPassword(config.getString(config_elem + ".password"));
40 }
41 else if (has_password_sha256_hex)
42 {
43 authentication = Authentication{Authentication::SHA256_PASSWORD};
44 authentication.setPasswordHashHex(config.getString(config_elem + ".password_sha256_hex"));
45 }
46 else if (has_password_double_sha1_hex)
47 {
48 authentication = Authentication{Authentication::DOUBLE_SHA1_PASSWORD};
49 authentication.setPasswordHashHex(config.getString(config_elem + ".password_double_sha1_hex"));
50 }
51
52 profile = config.getString(config_elem + ".profile");
53
54 /// Fill list of allowed hosts.
55 const auto config_networks = config_elem + ".networks";
56 if (config.has(config_networks))
57 {
58 Poco::Util::AbstractConfiguration::Keys config_keys;
59 config.keys(config_networks, config_keys);
60 for (Poco::Util::AbstractConfiguration::Keys::const_iterator it = config_keys.begin(); it != config_keys.end(); ++it)
61 {
62 String value = config.getString(config_networks + "." + *it);
63 if (startsWith(*it, "ip"))
64 allowed_client_hosts.addSubnet(value);
65 else if (startsWith(*it, "host_regexp"))
66 allowed_client_hosts.addHostRegexp(value);
67 else if (startsWith(*it, "host"))
68 allowed_client_hosts.addHostName(value);
69 else
70 throw Exception("Unknown address pattern type: " + *it, ErrorCodes::UNKNOWN_ADDRESS_PATTERN_TYPE);
71 }
72 }
73
74 /// Fill list of allowed databases.
75 const auto config_sub_elem = config_elem + ".allow_databases";
76 if (config.has(config_sub_elem))
77 {
78 databases = DatabaseSet();
79 Poco::Util::AbstractConfiguration::Keys config_keys;
80 config.keys(config_sub_elem, config_keys);
81
82 databases->reserve(config_keys.size());
83 for (const auto & key : config_keys)
84 {
85 const auto database_name = config.getString(config_sub_elem + "." + key);
86 databases->insert(database_name);
87 }
88 }
89
90 /// Fill list of allowed dictionaries.
91 const auto config_dictionary_sub_elem = config_elem + ".allow_dictionaries";
92 if (config.has(config_dictionary_sub_elem))
93 {
94 dictionaries = DictionarySet();
95 Poco::Util::AbstractConfiguration::Keys config_keys;
96 config.keys(config_dictionary_sub_elem, config_keys);
97
98 dictionaries->reserve(config_keys.size());
99 for (const auto & key : config_keys)
100 {
101 const auto dictionary_name = config.getString(config_dictionary_sub_elem + "." + key);
102 dictionaries->insert(dictionary_name);
103 }
104 }
105
106 if (config.has(config_elem + ".allow_quota_management"))
107 is_quota_management_allowed = config.getBool(config_elem + ".allow_quota_management");
108 if (config.has(config_elem + ".allow_row_policy_management"))
109 is_row_policy_management_allowed = config.getBool(config_elem + ".allow_row_policy_management");
110}
111
112}
113