- Implemented RADIUS authentication
[public/netxms.git] / src / server / include / nms_users.h
1 /*
2 ** NetXMS - Network Management System
3 ** Copyright (C) 2003 Victor Kirhenshtein
4 **
5 ** This program is free software; you can redistribute it and/or modify
6 ** it under the terms of the GNU General Public License as published by
7 ** the Free Software Foundation; either version 2 of the License, or
8 ** (at your option) any later version.
9 **
10 ** This program is distributed in the hope that it will be useful,
11 ** but WITHOUT ANY WARRANTY; without even the implied warranty of
12 ** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 ** GNU General Public License for more details.
14 **
15 ** You should have received a copy of the GNU General Public License
16 ** along with this program; if not, write to the Free Software
17 ** Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18 **
19 ** $module: nms_users.h
20 **
21 **/
22
23 #ifndef _nms_users_h_
24 #define _nms_users_h_
25
26
27 //
28 // Maximum number of grace logins allowed for user
29 //
30
31 #define MAX_GRACE_LOGINS 5
32
33
34 //
35 // Authentication methods
36 //
37
38 #define AUTH_NETXMS_PASSWORD 0
39 #define AUTH_RADIUS 1
40 #define AUTH_RSA_SECUREID 2
41
42
43 //
44 // User structure
45 //
46
47 typedef struct
48 {
49 DWORD dwId;
50 char szName[MAX_USER_NAME];
51 BYTE szPassword[SHA1_DIGEST_SIZE];
52 WORD wSystemRights; // System-wide user's rights
53 WORD wFlags;
54 char szFullName[MAX_USER_FULLNAME];
55 char szDescription[MAX_USER_DESCR];
56 int nGraceLogins;
57 int nAuthMethod;
58 uuid_t guid;
59 } NMS_USER;
60
61
62 //
63 // Group structure
64 //
65
66 typedef struct
67 {
68 DWORD dwId;
69 char szName[MAX_USER_NAME];
70 WORD wSystemRights;
71 WORD wFlags;
72 DWORD dwNumMembers;
73 DWORD *pMembers;
74 char szDescription[MAX_USER_DESCR];
75 uuid_t guid;
76 } NMS_USER_GROUP;
77
78
79 //
80 // Access list element structure
81 //
82
83 typedef struct
84 {
85 DWORD dwUserId;
86 DWORD dwAccessRights;
87 } ACL_ELEMENT;
88
89
90 //
91 // Access list class
92 //
93
94 class AccessList
95 {
96 private:
97 DWORD m_dwNumElements;
98 ACL_ELEMENT *m_pElements;
99 MUTEX m_hMutex;
100
101 void Lock(void) { MutexLock(m_hMutex, INFINITE); }
102 void Unlock(void) { MutexUnlock(m_hMutex); }
103
104 public:
105 AccessList();
106 ~AccessList();
107
108 BOOL GetUserRights(DWORD dwUserId, DWORD *pdwAccessRights);
109 void AddElement(DWORD dwUserId, DWORD dwAccessRights);
110 BOOL DeleteElement(DWORD dwUserId);
111 void DeleteAll(void);
112
113 void EnumerateElements(void (* pHandler)(DWORD, DWORD, void *), void *pArg);
114
115 void CreateMessage(CSCPMessage *pMsg);
116 };
117
118
119 //
120 // Functions
121 //
122
123 BOOL LoadUsers(void);
124 void SaveUsers(DB_HANDLE hdb);
125 void AddUserToGroup(DWORD dwUserId, DWORD dwGroupId);
126 BOOL CheckUserMembership(DWORD dwUserId, DWORD dwGroupId);
127 DWORD AuthenticateUser(char *szName, char *szPassword, DWORD *pdwId,
128 DWORD *pdwSystemRights, BOOL *pbChangePasswd);
129 void DumpUsers(CONSOLE_CTX pCtx);
130 DWORD CreateNewUser(char *pszName, BOOL bIsGroup, DWORD *pdwId);
131 DWORD DeleteUserFromDB(DWORD dwId);
132 DWORD ModifyUser(NMS_USER *pUserInfo);
133 DWORD ModifyGroup(NMS_USER_GROUP *pGroupInfo);
134 DWORD SetUserPassword(DWORD dwId, BYTE *pszPassword, BOOL bResetChPasswd);
135 void SendUserDBUpdate(int iCode, DWORD dwUserId, NMS_USER *pUser, NMS_USER_GROUP *pUserGroup);
136
137
138 //
139 // Global variables
140 //
141
142 extern NMS_USER *g_pUserList;
143 extern DWORD g_dwNumUsers;
144 extern NMS_USER_GROUP *g_pGroupList;
145 extern DWORD g_dwNumGroups;
146
147 #endif