scottk/wlan-cloud-ucentralsec
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/wlan-cloud-ucentralsec.git synced 2025-10-30 18:27:49 +00:00
Code Issues Packages Projects Releases 10 Wiki Activity

Adding DB Cache

Browse Source
This commit is contained in:
stephb9959
2021-12-31 22:11:46 -08:00
parent 84bcb28328
commit 83a1d80d77
13 changed files with 287 additions and 278 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
build
View File

@@ -1 +1 @@
159 163

227
src/AuthService.cpp
View File

@@ -75,42 +75,24 @@ namespace OpenWifi {
CallToken = Auth.getBearerToken(); CallToken = Auth.getBearerToken();
} }
if(!CallToken.empty()) { if(CallToken.empty()) {
auto Client = UserCacheTokenToSharedID_.get(CallToken); return false;
if( Client.isNull() ) { }
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0; SecurityObjects::WebToken WT;
std::string UserId; uint64_t RevocationDate=0;
if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) { std::string UserId;
if(RevocationDate!=0) if(StorageService()->UserTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
return false; if(RevocationDate!=0)
Expired = (WT.created_ + WT.expires_in_) < time(nullptr); return false;
if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) { Expired = (WT.created_ + WT.expires_in_) < time(nullptr);
UserCacheTokenToSharedID_.update(CallToken, { WT, UserId}); if(StorageService()->UserDB().GetUserById(UserId,UInfo.userinfo)) {
UserCacheIDToUserInfo_.update(UserId, UInfo.userinfo); UInfo.webtoken = WT;
UInfo.webtoken = WT; SessionToken = CallToken;
SessionToken = CallToken;
return true;
}
}
return false;
}
if(!Expired) {
SessionToken = CallToken;
UInfo.webtoken = Client->WT ;
auto UInfoCacheEntry = UserCacheIDToUserInfo_.get(Client->ID);
if(UInfoCacheEntry.isNull()) {
if(!StorageService()->UserDB().GetUserById(Client->ID,UInfo.userinfo)) {
return false;
}
} else {
UInfo.userinfo = *UInfoCacheEntry;
}
return true; return true;
} }
RevokeToken(CallToken); }
return false; return false;
}
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
@@ -128,42 +110,24 @@ namespace OpenWifi {
CallToken = Auth.getBearerToken(); CallToken = Auth.getBearerToken();
} }
if(!CallToken.empty()) { if(CallToken.empty()) {
auto Client = SubUserCacheTokenToSharedID_.get(CallToken);
if( Client.isNull() ) {
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
std::string UserId;
if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (WT.created_ + WT.expires_in_) < time(nullptr);
if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) {
SubUserCacheTokenToSharedID_.update(CallToken, { WT, UserId});
SubUserCacheIDToUserInfo_.update(UserId, UInfo.userinfo);
UInfo.webtoken = WT;
SessionToken = CallToken;
return true;
}
}
return false;
}
if(!Expired) {
SessionToken = CallToken;
UInfo.webtoken = Client->WT ;
auto UInfoCacheEntry = SubUserCacheIDToUserInfo_.get(Client->ID);
if(UInfoCacheEntry.isNull()) {
if(!StorageService()->SubDB().GetUserById(Client->ID,UInfo.userinfo)) {
return false;
}
} else {
UInfo.userinfo = *UInfoCacheEntry;
}
return true;
}
RevokeSubToken(CallToken);
return false; return false;
} }
SecurityObjects::WebToken WT;
uint64_t RevocationDate=0;
std::string UserId;
if(StorageService()->SubTokenDB().GetToken(CallToken, WT, UserId, RevocationDate)) {
if(RevocationDate!=0)
return false;
Expired = (WT.created_ + WT.expires_in_) < time(nullptr);
if(StorageService()->SubDB().GetUserById(UserId,UInfo.userinfo)) {
UInfo.webtoken = WT;
SessionToken = CallToken;
return true;
}
}
return false;
} catch(const Poco::Exception &E) { } catch(const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
@@ -171,53 +135,23 @@ namespace OpenWifi {
} }
void AuthService::RevokeToken(std::string & Token) { void AuthService::RevokeToken(std::string & Token) {
UserCacheTokenToSharedID_.remove(Token);
StorageService()->UserTokenDB().RevokeToken(Token); StorageService()->UserTokenDB().RevokeToken(Token);
} }
void AuthService::RevokeSubToken(std::string & Token) { void AuthService::RevokeSubToken(std::string & Token) {
SubUserCacheTokenToSharedID_.remove(Token);
StorageService()->SubTokenDB().RevokeToken(Token); StorageService()->SubTokenDB().RevokeToken(Token);
} }
bool AuthService::DeleteUserFromCache(const std::string &Id) { bool AuthService::DeleteUserFromCache(const std::string &Id) {
std::lock_guard Guard(Mutex_); return StorageService()->UserTokenDB().DeleteRecordsFromCache("userName",Id);
std::vector<std::string> OldTokens;
UserCacheIDToUserInfo_.remove(Id);
UserCacheTokenToSharedID_.forEach([&OldTokens,Id](const std::string &token, const SharedTokenID & O) -> void
{ if(O.ID==Id)
OldTokens.push_back(token);
});
for(const auto &i:OldTokens) {
Logout(i,false);
UserCacheTokenToSharedID_.remove(i);
}
return true;
} }
bool AuthService::DeleteSubUserFromCache(const std::string &Id) { bool AuthService::DeleteSubUserFromCache(const std::string &Id) {
std::lock_guard Guard(Mutex_); return StorageService()->SubTokenDB().DeleteRecordsFromCache("userName",Id);
std::vector<std::string> OldTokens;
SubUserCacheIDToUserInfo_.remove(Id);
SubUserCacheTokenToSharedID_.forEach([&OldTokens,Id](const std::string &token, const SharedTokenID & O) -> void
{ if(O.ID==Id)
OldTokens.push_back(token);
});
for(const auto &i:OldTokens) {
Logout(i,false);
SubUserCacheTokenToSharedID_.remove(i);
}
return true;
} }
bool AuthService::RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo) { bool AuthService::RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo) {
return (UInfo.userinfo.userTypeProprietaryInfo.mfa.enabled && MFAServer()->MethodEnabled(UInfo.userinfo.userTypeProprietaryInfo.mfa.method)); return (UInfo.userinfo.userTypeProprietaryInfo.mfa.enabled && MFAServer::MethodEnabled(UInfo.userinfo.userTypeProprietaryInfo.mfa.method));
} }
bool AuthService::ValidatePassword(const std::string &Password) { bool AuthService::ValidatePassword(const std::string &Password) {
@@ -228,39 +162,41 @@ namespace OpenWifi {
return std::regex_match(Password, SubPasswordValidation_); return std::regex_match(Password, SubPasswordValidation_);
} }
void AuthService::Logout(const std::string &token, bool EraseFromCache) { void AuthService::RemoveTokenSystemWide(const std::string &token) {
std::lock_guard Guard(Mutex_);
try { try {
Poco::JSON::Object Obj; if(KafkaManager()->Enabled()) {
Obj.set("event", "remove-token"); Poco::JSON::Object Obj;
Obj.set("id", MicroService::instance().ID()); Obj.set("event", "remove-token");
Obj.set("token", token); Obj.set("id", MicroService::instance().ID());
std::stringstream ResultText; Obj.set("token", token);
Poco::JSON::Stringifier::stringify(Obj, ResultText); std::stringstream ResultText;
std::string Tmp{token}; Poco::JSON::Stringifier::stringify(Obj, ResultText);
RevokeToken(Tmp); KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroService::instance().PrivateEndPoint(),
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroService::instance().PrivateEndPoint(), ResultText.str(), ResultText.str(),
false); false);
}
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
} }
void AuthService::SubLogout(const std::string &token, bool EraseFromCache) { void AuthService::Logout(const std::string &Token, bool EraseFromCache) {
std::lock_guard Guard(Mutex_);
try {
auto tToken{Token};
StorageService()->UserTokenDB().DeleteRecord("id",tToken);
} catch (const Poco::Exception &E) {
Logger().log(E);
}
}
void AuthService::SubLogout(const std::string &Token, bool EraseFromCache) {
std::lock_guard Guard(Mutex_); std::lock_guard Guard(Mutex_);
try { try {
Poco::JSON::Object Obj; auto tToken{Token};
Obj.set("event", "remove-token"); StorageService()->SubTokenDB().DeleteRecord("id",tToken);
Obj.set("id", MicroService::instance().ID());
Obj.set("token", token);
std::stringstream ResultText;
Poco::JSON::Stringifier::stringify(Obj, ResultText);
std::string Tmp{token};
RevokeSubToken(Tmp);
KafkaManager()->PostMessage(KafkaTopics::SERVICE_EVENTS, MicroService::instance().PrivateEndPoint(), ResultText.str(),
false);
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger().log(E); Logger().log(E);
} }
@@ -309,8 +245,6 @@ namespace OpenWifi {
UInfo.webtoken.username_ = UserName; UInfo.webtoken.username_ = UserName;
UInfo.webtoken.errorCode = 0; UInfo.webtoken.errorCode = 0;
UInfo.webtoken.userMustChangePassword = false; UInfo.webtoken.userMustChangePassword = false;
UserCacheTokenToSharedID_.update(UInfo.webtoken.access_token_,{UInfo.webtoken,UInfo.userinfo.Id});
UserCacheIDToUserInfo_.update(UInfo.userinfo.Id, UInfo.userinfo);
StorageService()->UserDB().SetLastLogin(UInfo.userinfo.Id); StorageService()->UserDB().SetLastLogin(UInfo.userinfo.Id);
StorageService()->UserTokenDB().AddToken(UInfo.userinfo.Id, UInfo.webtoken.access_token_, StorageService()->UserTokenDB().AddToken(UInfo.userinfo.Id, UInfo.webtoken.access_token_,
UInfo.webtoken.refresh_token_, UInfo.webtoken.token_type_, UInfo.webtoken.refresh_token_, UInfo.webtoken.token_type_,
@@ -334,8 +268,6 @@ namespace OpenWifi {
UInfo.webtoken.username_ = UserName; UInfo.webtoken.username_ = UserName;
UInfo.webtoken.errorCode = 0; UInfo.webtoken.errorCode = 0;
UInfo.webtoken.userMustChangePassword = false; UInfo.webtoken.userMustChangePassword = false;
SubUserCacheTokenToSharedID_.update(UInfo.webtoken.access_token_,{UInfo.webtoken,UInfo.userinfo.Id});
SubUserCacheIDToUserInfo_.update(UInfo.userinfo.Id, UInfo.userinfo);
StorageService()->SubDB().SetLastLogin(UInfo.userinfo.Id); StorageService()->SubDB().SetLastLogin(UInfo.userinfo.Id);
StorageService()->SubTokenDB().AddToken(UInfo.userinfo.Id, UInfo.webtoken.access_token_, StorageService()->SubTokenDB().AddToken(UInfo.userinfo.Id, UInfo.webtoken.access_token_,
UInfo.webtoken.refresh_token_, UInfo.webtoken.token_type_, UInfo.webtoken.refresh_token_, UInfo.webtoken.token_type_,
@@ -647,21 +579,6 @@ namespace OpenWifi {
std::lock_guard G(Mutex_); std::lock_guard G(Mutex_);
Expired = false; Expired = false;
auto Client = UserCacheTokenToSharedID_.get(Token);
if(!Client.isNull()) {
Expired = (Client->WT.created_ + Client->WT.expires_in_) < std::time(nullptr);
WebToken = Client->WT;
auto CachedUserInfo = UserCacheIDToUserInfo_.get(Client->ID);
if(!CachedUserInfo.isNull()) {
UserInfo = *CachedUserInfo;
return true;
}
if(!StorageService()->UserDB().GetUserById(Client->ID,UserInfo)) {
return false;
}
return true;
}
std::string TToken{Token}, UserId; std::string TToken{Token}, UserId;
SecurityObjects::WebToken WT; SecurityObjects::WebToken WT;
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
@@ -671,13 +588,10 @@ namespace OpenWifi {
Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr); Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr);
if(StorageService()->UserDB().GetUserById(UserId,UserInfo)) { if(StorageService()->UserDB().GetUserById(UserId,UserInfo)) {
WebToken = WT; WebToken = WT;
UserCacheTokenToSharedID_.update(Token, {WebToken, UserId});
UserCacheIDToUserInfo_.update(UserId, UserInfo);
return true; return true;
} }
return false; return false;
} }
return IsValidSubToken(Token, WebToken, UserInfo, Expired); return IsValidSubToken(Token, WebToken, UserInfo, Expired);
} }
@@ -685,21 +599,6 @@ namespace OpenWifi {
std::lock_guard G(Mutex_); std::lock_guard G(Mutex_);
Expired = false; Expired = false;
auto Client = SubUserCacheTokenToSharedID_.get(Token);
if(!Client.isNull()) {
Expired = (Client->WT.created_ + Client->WT.expires_in_) < std::time(nullptr);
WebToken = Client->WT;
auto CachedUserInfo = SubUserCacheIDToUserInfo_.get(Client->ID);
if(!CachedUserInfo.isNull()) {
UserInfo = *CachedUserInfo;
return true;
}
if(!StorageService()->SubDB().GetUserById(Client->ID,UserInfo)) {
return false;
}
return true;
}
std::string TToken{Token}, UserId; std::string TToken{Token}, UserId;
SecurityObjects::WebToken WT; SecurityObjects::WebToken WT;
uint64_t RevocationDate=0; uint64_t RevocationDate=0;
@@ -709,8 +608,6 @@ namespace OpenWifi {
Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr); Expired = (WT.created_ + WT.expires_in_) < std::time(nullptr);
if(StorageService()->SubDB().GetUserById(UserId,UserInfo)) { if(StorageService()->SubDB().GetUserById(UserId,UserInfo)) {
WebToken = WT; WebToken = WT;
SubUserCacheTokenToSharedID_.update(Token, {WebToken, UserId});
SubUserCacheIDToUserInfo_.update(UserId, UserInfo);
return true; return true;
} }
return false; return false;

31
src/AuthService.h
View File

@@ -44,8 +44,8 @@ namespace OpenWifi{
static ACCESS_TYPE IntToAccessType(int C); static ACCESS_TYPE IntToAccessType(int C);
static int AccessTypeToInt(ACCESS_TYPE T); static int AccessTypeToInt(ACCESS_TYPE T);
static AuthService *instance() { static auto instance() {
static auto * instance_ = new AuthService; static auto instance_ = new AuthService;
return instance_; return instance_;
} }
@@ -59,14 +59,6 @@ namespace OpenWifi{
[[nodiscard]] const std:: string & PasswordValidationExpression() const { return PasswordValidationStr_;}; [[nodiscard]] const std:: string & PasswordValidationExpression() const { return PasswordValidationStr_;};
void Logout(const std::string &token, bool EraseFromCache=true); void Logout(const std::string &token, bool EraseFromCache=true);
inline void UpdateUserCache(const SecurityObjects::UserInfo &UI) {
UserCacheIDToUserInfo_.update(UI.Id,UI);
}
inline void UpdateSubUserCache(const SecurityObjects::UserInfo &UI) {
SubUserCacheIDToUserInfo_.update(UI.Id,UI);
}
[[nodiscard]] bool IsSubAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired); [[nodiscard]] bool IsSubAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired);
[[nodiscard]] UNAUTHORIZED_REASON AuthorizeSub( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired ); [[nodiscard]] UNAUTHORIZED_REASON AuthorizeSub( std::string & UserName, const std::string & Password, const std::string & NewPassword, SecurityObjects::UserInfoAndPolicy & UInfo, bool & Expired );
void CreateSubToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo); void CreateSubToken(const std::string & UserName, SecurityObjects::UserInfoAndPolicy &UInfo);
@@ -74,6 +66,8 @@ namespace OpenWifi{
[[nodiscard]] const std:: string & SubPasswordValidationExpression() const { return PasswordValidationStr_;}; [[nodiscard]] const std:: string & SubPasswordValidationExpression() const { return PasswordValidationStr_;};
void SubLogout(const std::string &token, bool EraseFromCache=true); void SubLogout(const std::string &token, bool EraseFromCache=true);
void RemoveTokenSystemWide(const std::string &token);
bool ValidatePassword(const std::string &pwd); bool ValidatePassword(const std::string &pwd);
bool ValidateSubPassword(const std::string &pwd); bool ValidateSubPassword(const std::string &pwd);
@@ -97,10 +91,10 @@ namespace OpenWifi{
[[nodiscard]] static bool SendEmailToUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason); [[nodiscard]] static bool SendEmailToUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason);
[[nodiscard]] static bool SendEmailToSubUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason); [[nodiscard]] static bool SendEmailToSubUser(const std::string &LinkId, std::string &Email, EMAIL_REASON Reason);
[[nodiscard]] bool DeleteUserFromCache(const std::string &UserName);
[[nodiscard]] bool DeleteSubUserFromCache(const std::string &UserName);
[[nodiscard]] bool RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo); [[nodiscard]] bool RequiresMFA(const SecurityObjects::UserInfoAndPolicy &UInfo);
bool DeleteUserFromCache(const std::string &UserName);
bool DeleteSubUserFromCache(const std::string &UserName);
void RevokeToken(std::string & Token); void RevokeToken(std::string & Token);
void RevokeSubToken(std::string & Token); void RevokeSubToken(std::string & Token);
@@ -122,17 +116,6 @@ namespace OpenWifi{
Poco::JWT::Signer Signer_; Poco::JWT::Signer Signer_;
Poco::SHA2Engine SHA2_; Poco::SHA2Engine SHA2_;
struct SharedTokenID {
SecurityObjects::WebToken WT; // Web token
std::string ID; // user.Id
};
Poco::ExpireLRUCache<std::string,SharedTokenID> UserCacheTokenToSharedID_{256,1200000};
Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfo> UserCacheIDToUserInfo_{256,1200000};
Poco::ExpireLRUCache<std::string,SharedTokenID> SubUserCacheTokenToSharedID_{4096,1200000};
Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfo> SubUserCacheIDToUserInfo_{4096,1200000};
std::string AccessPolicy_; std::string AccessPolicy_;
std::string PasswordPolicy_; std::string PasswordPolicy_;
std::string SubAccessPolicy_; std::string SubAccessPolicy_;
@@ -169,7 +152,7 @@ namespace OpenWifi{
} }
}; };
inline AuthService * AuthService() { return AuthService::instance(); } inline auto AuthService() { return AuthService::instance(); }
[[nodiscard]] inline bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo , bool & Expired, bool Sub ) { [[nodiscard]] inline bool AuthServiceIsAuthorized(Poco::Net::HTTPServerRequest & Request,std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo , bool & Expired, bool Sub ) {
if(Sub) if(Sub)

1
src/RESTAPI/RESTAPI_subuser_handler.cpp
View File

@@ -234,7 +234,6 @@ namespace OpenWifi {
if(StorageService()->SubDB().UpdateUserInfo(UserInfo_.userinfo.email,Id,Existing)) { if(StorageService()->SubDB().UpdateUserInfo(UserInfo_.userinfo.email,Id,Existing)) {
SecurityObjects::UserInfo NewUserInfo; SecurityObjects::UserInfo NewUserInfo;
StorageService()->SubDB().GetUserByEmail(UserInfo_.userinfo.email,NewUserInfo); StorageService()->SubDB().GetUserByEmail(UserInfo_.userinfo.email,NewUserInfo);
AuthService()->UpdateSubUserCache(NewUserInfo);
Poco::JSON::Object ModifiedObject; Poco::JSON::Object ModifiedObject;
FilterCredentials(NewUserInfo); FilterCredentials(NewUserInfo);
NewUserInfo.to_json(ModifiedObject); NewUserInfo.to_json(ModifiedObject);

8
src/RESTAPI/RESTAPI_user_handler.cpp
View File

@@ -59,14 +59,9 @@ namespace OpenWifi {
return NotFound(); return NotFound();
} }
if(AuthService()->DeleteUserFromCache(Id)) { AuthService()->DeleteUserFromCache(Id);
// nothing to do
}
StorageService()->AvatarDB().DeleteAvatar(UserInfo_.userinfo.email,Id); StorageService()->AvatarDB().DeleteAvatar(UserInfo_.userinfo.email,Id);
StorageService()->PreferencesDB().DeletePreferences(UserInfo_.userinfo.email,Id); StorageService()->PreferencesDB().DeletePreferences(UserInfo_.userinfo.email,Id);
Logger_.information(Poco::format("Remove all tokens for '%s'", UserInfo_.userinfo.email));
StorageService()->UserTokenDB().RevokeAllTokens(UInfo.email); StorageService()->UserTokenDB().RevokeAllTokens(UInfo.email);
Logger_.information(Poco::format("User '%s' deleted by '%s'.",Id,UserInfo_.userinfo.email)); Logger_.information(Poco::format("User '%s' deleted by '%s'.",Id,UserInfo_.userinfo.email));
OK(); OK();
@@ -232,7 +227,6 @@ namespace OpenWifi {
if(StorageService()->UserDB().UpdateUserInfo(UserInfo_.userinfo.email,Id,Existing)) { if(StorageService()->UserDB().UpdateUserInfo(UserInfo_.userinfo.email,Id,Existing)) {
SecurityObjects::UserInfo NewUserInfo; SecurityObjects::UserInfo NewUserInfo;
StorageService()->UserDB().GetUserByEmail(UserInfo_.userinfo.email,NewUserInfo); StorageService()->UserDB().GetUserByEmail(UserInfo_.userinfo.email,NewUserInfo);
AuthService()->UpdateUserCache(NewUserInfo);
Poco::JSON::Object ModifiedObject; Poco::JSON::Object ModifiedObject;
FilterCredentials(NewUserInfo); FilterCredentials(NewUserInfo);
NewUserInfo.to_json(ModifiedObject); NewUserInfo.to_json(ModifiedObject);

2
src/RESTObjects/RESTAPI_SecurityObjects.h
View File

@@ -17,6 +17,8 @@
namespace OpenWifi { namespace OpenWifi {
namespace SecurityObjects { namespace SecurityObjects {
typedef std::string USER_ID_TYPE;
struct AclTemplate { struct AclTemplate {
bool Read_ = true; bool Read_ = true;
bool ReadWrite_ = true; bool ReadWrite_ = true;

14
src/StorageService.cpp
View File

@@ -16,10 +16,16 @@ namespace OpenWifi {
StorageClass::Start(); StorageClass::Start();
UserDB_ = std::make_unique<OpenWifi::BaseUserDB>("Users", "usr", dbType_,*Pool_, Logger()); UserCache_ = std::make_unique<OpenWifi::UserCache>(128,120000,true);
SubDB_ = std::make_unique<OpenWifi::BaseUserDB>("Subscribers", "sub", dbType_,*Pool_, Logger()); SubCache_ = std::make_unique<OpenWifi::UserCache>(2048,120000,false);
UserTokenDB_ = std::make_unique<OpenWifi::BaseTokenDB>("Tokens", "tok", dbType_,*Pool_, Logger()); UserTokenCache_ = std::make_unique<OpenWifi::TokenCache>(128,120000, true);
SubTokenDB_ = std::make_unique<OpenWifi::BaseTokenDB>("SubTokens", "stk", dbType_,*Pool_, Logger()); SubTokenCache_ = std::make_unique<OpenWifi::TokenCache>(2048,120000,false);
UserDB_ = std::make_unique<OpenWifi::BaseUserDB>("Users", "usr", dbType_,*Pool_, Logger(), UserCache_.get(), true);
SubDB_ = std::make_unique<OpenWifi::BaseUserDB>("Subscribers", "sub", dbType_,*Pool_, Logger(), SubCache_.get(), false);
UserTokenDB_ = std::make_unique<OpenWifi::BaseTokenDB>("Tokens", "tok", dbType_,*Pool_, Logger(), UserTokenCache_.get(), true);
SubTokenDB_ = std::make_unique<OpenWifi::BaseTokenDB>("SubTokens", "stk", dbType_,*Pool_, Logger(), SubTokenCache_.get(), false);
PreferencesDB_ = std::make_unique<OpenWifi::PreferencesDB>("Preferences", "pre", dbType_,*Pool_, Logger()); PreferencesDB_ = std::make_unique<OpenWifi::PreferencesDB>("Preferences", "pre", dbType_,*Pool_, Logger());
ActionLinksDB_ = std::make_unique<OpenWifi::ActionLinkDB>("Actions", "act", dbType_,*Pool_, Logger()); ActionLinksDB_ = std::make_unique<OpenWifi::ActionLinkDB>("Actions", "act", dbType_,*Pool_, Logger());
AvatarDB_ = std::make_unique<OpenWifi::AvatarDB>("Avatars", "ava", dbType_,*Pool_, Logger()); AvatarDB_ = std::make_unique<OpenWifi::AvatarDB>("Avatars", "ava", dbType_,*Pool_, Logger());

5
src/StorageService.h
View File

@@ -58,6 +58,11 @@ namespace OpenWifi {
std::unique_ptr<OpenWifi::ActionLinkDB> ActionLinksDB_; std::unique_ptr<OpenWifi::ActionLinkDB> ActionLinksDB_;
std::unique_ptr<OpenWifi::AvatarDB> AvatarDB_; std::unique_ptr<OpenWifi::AvatarDB> AvatarDB_;
std::unique_ptr<OpenWifi::UserCache> UserCache_;
std::unique_ptr<OpenWifi::UserCache> SubCache_;
std::unique_ptr<OpenWifi::TokenCache> UserTokenCache_;
std::unique_ptr<OpenWifi::TokenCache> SubTokenCache_;
Poco::Timer Timer_; Poco::Timer Timer_;
Archiver Archiver_; Archiver Archiver_;
std::unique_ptr<Poco::TimerCallback<Archiver>> Archivercallback_; std::unique_ptr<Poco::TimerCallback<Archiver>> Archivercallback_;

44
src/framework/orm.h
View File

@@ -155,6 +155,20 @@ namespace ORM {
return S; return S;
} }
template <typename RecordType> class DBCache {
public:
DBCache(unsigned Size, unsigned Timeout)
{
}
virtual void Create(const RecordType &R)=0;
virtual bool GetFromCache(const std::string &FieldName, const std::string &Value, RecordType &R)=0;
virtual void UpdateCache(const RecordType &R)=0;
virtual void Delete(const std::string &FieldName, const std::string &Value)=0;
private:
};
template <typename RecordTuple, typename RecordType> class DB { template <typename RecordTuple, typename RecordType> class DB {
public: public:
DB( OpenWifi::DBType dbtype, DB( OpenWifi::DBType dbtype,
@@ -163,12 +177,14 @@ namespace ORM {
const IndexVec & Indexes, const IndexVec & Indexes,
Poco::Data::SessionPool & Pool, Poco::Data::SessionPool & Pool,
Poco::Logger &L, Poco::Logger &L,
const char *Prefix): const char *Prefix,
DBCache<RecordType> * Cache=nullptr):
Type_(dbtype), Type_(dbtype),
DBName_(TableName), DBName_(TableName),
Pool_(Pool), Pool_(Pool),
Logger_(L), Logger_(L),
Prefix_(Prefix) Prefix_(Prefix),
Cache_(Cache)
{ {
assert(RecordTuple::length == Fields.size()); assert(RecordTuple::length == Fields.size());
@@ -373,7 +389,11 @@ namespace ORM {
Insert << ConvertParams(St) , Insert << ConvertParams(St) ,
Poco::Data::Keywords::use(RT); Poco::Data::Keywords::use(RT);
Insert.execute(); Insert.execute();
if(Cache_)
Cache_->Create(R);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger_.log(E); Logger_.log(E);
} }
@@ -382,9 +402,13 @@ namespace ORM {
template<typename T> bool GetRecord( const char * FieldName, T Value, RecordType & R) { template<typename T> bool GetRecord( const char * FieldName, T Value, RecordType & R) {
try { try {
assert( FieldNames_.find(FieldName) != FieldNames_.end() ); assert( FieldNames_.find(FieldName) != FieldNames_.end() );
if(Cache_) {
if(Cache_->GetFromCache("id",Value,R))
return true;
}
Poco::Data::Session Session = Pool_.get(); Poco::Data::Session Session = Pool_.get();
Poco::Data::Statement Select(Session); Poco::Data::Statement Select(Session);
RecordTuple RT; RecordTuple RT;
@@ -396,6 +420,8 @@ namespace ORM {
Poco::Data::Keywords::use(Value); Poco::Data::Keywords::use(Value);
if(Select.execute()==1) { if(Select.execute()==1) {
Convert(RT,R); Convert(RT,R);
if(Cache_)
Cache_->UpdateCache(R);
return true; return true;
} }
return false; return false;
@@ -480,6 +506,8 @@ namespace ORM {
Poco::Data::Keywords::use(RT), Poco::Data::Keywords::use(RT),
Poco::Data::Keywords::use(Value); Poco::Data::Keywords::use(Value);
Update.execute(); Update.execute();
if(Cache_)
Cache_->UpdateCache(R);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger_.log(E); Logger_.log(E);
@@ -535,6 +563,8 @@ namespace ORM {
Delete << ConvertParams(St) , Delete << ConvertParams(St) ,
Poco::Data::Keywords::use(Value); Poco::Data::Keywords::use(Value);
Delete.execute(); Delete.execute();
if(Cache_)
Cache_->Delete(FieldName, Value);
return true; return true;
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
Logger_.log(E); Logger_.log(E);
@@ -784,10 +814,17 @@ namespace ORM {
Poco::Logger & Logger() { return Logger_; } Poco::Logger & Logger() { return Logger_; }
bool DeleteRecordsFromCache(const char *FieldName, const std::string &Value ) {
if(Cache_)
Cache_->Delete(FieldName, Value);
return true;
}
protected: protected:
Poco::Data::SessionPool &Pool_; Poco::Data::SessionPool &Pool_;
Poco::Logger &Logger_; Poco::Logger &Logger_;
std::string DBName_; std::string DBName_;
DBCache<RecordType> *Cache_= nullptr;
private: private:
OpenWifi::DBType Type_; OpenWifi::DBType Type_;
std::string CreateFields_; std::string CreateFields_;
@@ -796,7 +833,6 @@ namespace ORM {
std::string UpdateFields_; std::string UpdateFields_;
std::vector<std::string> IndexCreation_; std::vector<std::string> IndexCreation_;
std::map<std::string,int> FieldNames_; std::map<std::string,int> FieldNames_;
// Poco::Data::SessionPool &Pool_;
std::string Prefix_; std::string Prefix_;
}; };
} }

69
src/storage/orm_tokens.cpp
View File

@@ -3,6 +3,8 @@
// //
#include "orm_tokens.h" #include "orm_tokens.h"
#include "AuthService.h"
#include "StorageService.h"
/* /*
"Token TEXT PRIMARY KEY, " "Token TEXT PRIMARY KEY, "
@@ -41,8 +43,9 @@ namespace OpenWifi {
} }
BaseTokenDB::BaseTokenDB(const std::string &Name, const std::string &ShortName, OpenWifi::DBType T, BaseTokenDB::BaseTokenDB(const std::string &Name, const std::string &ShortName, OpenWifi::DBType T,
Poco::Data::SessionPool &P, Poco::Logger &L) : Poco::Data::SessionPool &P, Poco::Logger &L, TokenCache *Cache, bool Users) :
DB(T, Name.c_str(), BaseTokenDB_Fields, MakeIndices(ShortName), P, L, ShortName.c_str()) { DB(T, Name.c_str(), BaseTokenDB_Fields, MakeIndices(ShortName), P, L, ShortName.c_str(), Cache),
UsersOnly_(Users) {
} }
bool BaseTokenDB::AddToken(std::string &UserID, std::string &Token, std::string &RefreshToken, std::string & TokenType, uint64_t Expires, uint64_t TimeOut) { bool BaseTokenDB::AddToken(std::string &UserID, std::string &Token, std::string &RefreshToken, std::string & TokenType, uint64_t Expires, uint64_t TimeOut) {
@@ -73,19 +76,13 @@ namespace OpenWifi {
SecurityObjects::Token T; SecurityObjects::Token T;
if(GetRecord("token",Token,T)) { if(GetRecord("token",Token,T)) {
return T.revocationDate!=0; return false;
} }
return false; return true;
} }
bool BaseTokenDB::RevokeToken(std::string &Token) { bool BaseTokenDB::RevokeToken(std::string &Token) {
SecurityObjects::Token T; return DeleteRecord("token", Token);
if(GetRecord("token", Token, T)) {
T.revocationDate = std::time(nullptr);
return UpdateRecord("token", Token, T);
}
return false;
} }
bool BaseTokenDB::CleanExpiredTokens() { bool BaseTokenDB::CleanExpiredTokens() {
@@ -97,9 +94,59 @@ namespace OpenWifi {
bool BaseTokenDB::RevokeAllTokens(std::string & UserId) { bool BaseTokenDB::RevokeAllTokens(std::string & UserId) {
std::string WhereClause{" userName='" + UserId + "' "}; std::string WhereClause{" userName='" + UserId + "' "};
DeleteRecords( WhereClause ); DeleteRecords( WhereClause );
Cache_->Delete("userName", UserId);
return true; return true;
} }
TokenCache::TokenCache(unsigned Size, unsigned TimeOut, bool Users) :
UsersOnly_(Users),
ORM::DBCache<SecurityObjects::Token>(Size,TimeOut) {
CacheByToken_ = std::make_unique<Poco::ExpireLRUCache<std::string,SecurityObjects::Token>>(Size,TimeOut);
}
void TokenCache::UpdateCache(const SecurityObjects::Token &R) {
std::lock_guard M(Mutex_);
std::cout << "Updating token: " << R.token << std::endl;
CacheByToken_->update(R.token,R);
}
void TokenCache::Create(const SecurityObjects::Token &R) {
}
bool TokenCache::GetFromCache(const std::string &FieldName, const std::string &Value, SecurityObjects::Token &R) {
std::lock_guard M(Mutex_);
std::cout << "Getting token: " << Value << std::endl;
if(FieldName=="token") {
auto Entry = CacheByToken_->get(Value);
if(Entry.isNull())
return false;
R = *Entry;
return true;
}
return false;
}
void TokenCache::Delete(const std::string &FieldName, const std::string &Value) {
std::lock_guard M(Mutex_);
std::cout << "Deleting token: " << Value << std::endl;
if(FieldName=="token") {
AuthService()->RemoveTokenSystemWide(Value);
CacheByToken_->remove(Value);
} else if(FieldName=="userName") {
std::vector<std::string> TokenToRemove;
CacheByToken_->forEach([&TokenToRemove,Value](const std::string &Key, const SecurityObjects::Token &TokenRecord) {
if(TokenRecord.userName==Value)
TokenToRemove.push_back(Key);
});
for(const auto &i:TokenToRemove) {
AuthService()->RemoveTokenSystemWide(i);
CacheByToken_->remove(i);
}
}
}
} }
template<> void ORM::DB<OpenWifi::TokenRecordTuple, template<> void ORM::DB<OpenWifi::TokenRecordTuple,

21
src/storage/orm_tokens.h
View File

@@ -30,12 +30,27 @@ namespace OpenWifi {
uint64_t, // IdleTimeOut = 0; uint64_t, // IdleTimeOut = 0;
uint64_t // RevocationDate = 0; uint64_t // RevocationDate = 0;
> TokenRecordTuple; > TokenRecordTuple;
typedef std::vector <TokenRecordTuple> TokenRecordTupleList; typedef std::vector <TokenRecordTuple> TokenRecordTupleList;
class TokenCache : public ORM::DBCache<SecurityObjects::Token> {
public:
TokenCache(unsigned Size, unsigned TimeOut, bool Users);
void UpdateCache(const SecurityObjects::Token &R) override;
void Create(const SecurityObjects::Token &R) override;
bool GetFromCache(const std::string &FieldName, const std::string &Value, SecurityObjects::Token &R) override;
void Delete(const std::string &FieldName, const std::string &Value) override;
private:
std::mutex Mutex_;
bool UsersOnly_;
std::unique_ptr<Poco::ExpireLRUCache<std::string,SecurityObjects::Token>> CacheByToken_;
};
class BaseTokenDB : public ORM::DB<TokenRecordTuple, SecurityObjects::Token> { class BaseTokenDB : public ORM::DB<TokenRecordTuple, SecurityObjects::Token> {
public: public:
BaseTokenDB( const std::string &name, const std::string &shortname, OpenWifi::DBType T, Poco::Data::SessionPool & P, Poco::Logger &L); BaseTokenDB( const std::string &name, const std::string &shortname, OpenWifi::DBType T, Poco::Data::SessionPool & P, Poco::Logger &L, TokenCache * Cache, bool User);
bool AddToken(std::string &UserId, std::string &Token, std::string &RefreshToken, std::string & TokenType, uint64_t Expires, uint64_t TimeOut); bool AddToken(std::string &UserId, std::string &Token, std::string &RefreshToken, std::string & TokenType, uint64_t Expires, uint64_t TimeOut);
@@ -44,8 +59,8 @@ namespace OpenWifi {
bool CleanExpiredTokens(); bool CleanExpiredTokens();
bool RevokeAllTokens( std::string & UserName ); bool RevokeAllTokens( std::string & UserName );
bool GetToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate); bool GetToken(std::string &Token, SecurityObjects::WebToken &WT, std::string & UserId, uint64_t &RevocationDate);
private: private:
bool UsersOnly_;
}; };
} }

83
src/storage/orm_users.cpp
View File

@@ -88,8 +88,9 @@ namespace OpenWifi {
}; };
} }
BaseUserDB::BaseUserDB(const std::string &Name, const std::string & ShortName, OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L) : BaseUserDB::BaseUserDB(const std::string &Name, const std::string & ShortName, OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L, UserCache * Cache, bool Users) :
DB(T, Name.c_str(), BaseUserDB_Fields, MakeIndices(ShortName), P, L, ShortName.c_str()) { DB(T, Name.c_str(), BaseUserDB_Fields, MakeIndices(ShortName), P, L, ShortName.c_str(), Cache),
UsersOnly_(Users) {
} }
bool BaseUserDB::CreateUser(const std::string & Admin, SecurityObjects::UserInfo & NewUser, bool PasswordHashedAlready ) { bool BaseUserDB::CreateUser(const std::string & Admin, SecurityObjects::UserInfo & NewUser, bool PasswordHashedAlready ) {
@@ -173,7 +174,7 @@ namespace OpenWifi {
return false; return false;
} }
bool BaseUserDB::UpdateUserInfo(const std::string & Admin, USER_ID_TYPE & Id, SecurityObjects::UserInfo &UInfo) { bool BaseUserDB::UpdateUserInfo(const std::string & Admin, SecurityObjects::USER_ID_TYPE & Id, SecurityObjects::UserInfo &UInfo) {
try { try {
return UpdateRecord("id", Id, UInfo); return UpdateRecord("id", Id, UInfo);
} catch (const Poco::Exception &E) { } catch (const Poco::Exception &E) {
@@ -182,22 +183,8 @@ namespace OpenWifi {
return false; return false;
} }
bool BaseUserDB::DeleteUser(const std::string & Admin, USER_ID_TYPE & Id) { bool BaseUserDB::DeleteUser(const std::string & Admin, SecurityObjects::USER_ID_TYPE & Id) {
try { return DeleteRecord("id", Id);
Poco::Data::Session Sess = Pool_.get();
Poco::Data::Statement Delete(Sess);
auto tId{Id};
std::string St1{"delete from " + DBName_ + " where id=?"};
Delete << ConvertParams(St1),
Poco::Data::Keywords::use(tId);
Delete.execute();
return true;
} catch (const Poco::Exception &E) {
Logger().log(E);
}
return false;
} }
bool BaseUserDB::DeleteUsers(const std::string & Admin, std::string & owner) { bool BaseUserDB::DeleteUsers(const std::string & Admin, std::string & owner) {
@@ -224,6 +211,64 @@ namespace OpenWifi {
} }
return false; return false;
} }
UserCache::UserCache(unsigned Size, unsigned TimeOut, bool Users) :
UsersOnly_(Users),
ORM::DBCache<SecurityObjects::UserInfo>(Size,TimeOut) {
CacheById_ = std::make_unique<Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfo>>(Size,TimeOut);
CacheByEMail_ = std::make_unique<Poco::ExpireLRUCache<std::string,std::string>>(Size,TimeOut);
}
void UserCache::UpdateCache(const SecurityObjects::UserInfo &R) {
std::cout << "Update user cache:" << R.Id << std::endl;
CacheById_->update(R.Id,R);
CacheByEMail_->update(R.email,R.Id);
if(UsersOnly_)
StorageService()->UserTokenDB().DeleteRecordsFromCache("userName", R.Id);
else
StorageService()->SubTokenDB().DeleteRecordsFromCache("userName", R.Id);
}
inline void UserCache::Create(const SecurityObjects::UserInfo &R) {
}
inline bool UserCache::GetFromCache(const std::string &FieldName, const std::string &Value, SecurityObjects::UserInfo &R) {
std::lock_guard M(Mutex_);
if(FieldName=="id") {
auto Entry = CacheById_->get(Value);
if(Entry.isNull())
return false;
R = *Entry;
return true;
} else if(FieldName=="email") {
auto Entry = CacheByEMail_->get(Value);
if(Entry.isNull())
return false;
auto Record = CacheById_->get(*Entry);
if(Record.isNull())
return false;
R = *Record;
return true;
}
return false;
}
inline void UserCache::Delete(const std::string &FieldName, const std::string &Value) {
std::lock_guard M(Mutex_);
std::cout << "Delete user cache:" << Value << std::endl;
if(FieldName=="id") {
auto E = CacheById_->get(Value);
if(!E.isNull())
CacheByEMail_->remove(E->email);
CacheById_->remove(Value);
} else if(FieldName=="email") {
auto E = CacheByEMail_->get(Value);
if(!E.isNull()) {
CacheById_->remove(*E);
CacheByEMail_->remove(Value);
}
}
}
} }
template<> void ORM::DB<OpenWifi::UserInfoRecordTuple, template<> void ORM::DB<OpenWifi::UserInfoRecordTuple,

58
src/storage/orm_users.h
View File

@@ -9,41 +9,6 @@
namespace OpenWifi { namespace OpenWifi {
enum USER_TYPE {
UNKNOWN, ROOT, ADMIN, SUBSCRIBER, CSR, SYSTEM, SPECIAL
};
typedef std::string USER_ID_TYPE;
inline USER_TYPE to_userType(const std::string &U) {
if (U=="root")
return ROOT;
else if (U=="admin")
return ADMIN;
else if (U=="subscriber")
return SUBSCRIBER;
else if (U=="csr")
return CSR;
else if (U=="system")
return SYSTEM;
else if (U=="SPECIAL")
return SPECIAL;
return UNKNOWN;
}
inline std::string from_userType(USER_TYPE U) {
switch(U) {
case ROOT: return "root";
case ADMIN: return "admin";
case SUBSCRIBER: return "subscriber";
case CSR: return "csr";
case SYSTEM: return "system";
case SPECIAL: return "special";
case UNKNOWN:
default: return "unknown";
}
}
typedef Poco::Tuple< typedef Poco::Tuple<
std::string, // Id = 0; std::string, // Id = 0;
std::string, // name; std::string, // name;
@@ -79,21 +44,36 @@ namespace OpenWifi {
typedef std::vector <UserInfoRecordTuple> UserInfoRecordTupleList; typedef std::vector <UserInfoRecordTuple> UserInfoRecordTupleList;
class UserCache : public ORM::DBCache<SecurityObjects::UserInfo> {
public:
UserCache(unsigned Size, unsigned TimeOut, bool Users);
void UpdateCache(const SecurityObjects::UserInfo &R) override;
void Create(const SecurityObjects::UserInfo &R) override;
bool GetFromCache(const std::string &FieldName, const std::string &Value, SecurityObjects::UserInfo &R) override;
void Delete(const std::string &FieldName, const std::string &Value) override;
private:
std::mutex Mutex_;
bool UsersOnly_;
std::unique_ptr<Poco::ExpireLRUCache<std::string,SecurityObjects::UserInfo>> CacheById_;
std::unique_ptr<Poco::ExpireLRUCache<std::string,std::string>> CacheByEMail_;
};
class BaseUserDB : public ORM::DB<UserInfoRecordTuple, SecurityObjects::UserInfo> { class BaseUserDB : public ORM::DB<UserInfoRecordTuple, SecurityObjects::UserInfo> {
public: public:
BaseUserDB( const std::string &name, const std::string &shortname, OpenWifi::DBType T, Poco::Data::SessionPool & P, Poco::Logger &L); BaseUserDB( const std::string &name, const std::string &shortname, OpenWifi::DBType T, Poco::Data::SessionPool & P, Poco::Logger &L, UserCache * Cache, bool users);
bool CreateUser(const std::string & Admin, SecurityObjects::UserInfo & NewUser, bool PasswordHashedAlready = false ); bool CreateUser(const std::string & Admin, SecurityObjects::UserInfo & NewUser, bool PasswordHashedAlready = false );
bool GetUserByEmail(const std::string & email, SecurityObjects::UserInfo & User); bool GetUserByEmail(const std::string & email, SecurityObjects::UserInfo & User);
bool GetUserById(const std::string &Id, SecurityObjects::UserInfo &User); bool GetUserById(const std::string &Id, SecurityObjects::UserInfo &User);
bool GetUsers( uint64_t Offset, uint64_t HowMany, SecurityObjects::UserInfoVec & Users, std::string WhereClause=""); bool GetUsers( uint64_t Offset, uint64_t HowMany, SecurityObjects::UserInfoVec & Users, std::string WhereClause="");
bool UpdateUserInfo(const std::string & Admin, USER_ID_TYPE & Id, SecurityObjects::UserInfo &UInfo); bool UpdateUserInfo(const std::string & Admin, SecurityObjects::USER_ID_TYPE & Id, SecurityObjects::UserInfo &UInfo);
bool DeleteUser(const std::string & Admin, USER_ID_TYPE & Id); bool DeleteUser(const std::string & Admin, SecurityObjects::USER_ID_TYPE & Id);
bool DeleteUsers(const std::string & Admin, std::string & owner); bool DeleteUsers(const std::string & Admin, std::string & owner);
bool SetLastLogin(const std::string &Id); bool SetLastLogin(const std::string &Id);
bool SetAvatar(const std::string &Id, const std::string &Value); bool SetAvatar(const std::string &Id, const std::string &Value);
private: bool UsersOnly_;
}; };
} }