cosmetic(ish)

- sensible order of exports / specs / functions - remove unneeded exports - inline some functions
author: Matthias Radestock <matthias@rabbitmq.com> 2014-02-06 12:04:30 +0000
committer: Matthias Radestock <matthias@rabbitmq.com> 2014-02-06 12:04:30 +0000
commit: 93841e81aa3de16e097cf78442d672ce8b6a603d (patch)
tree: 6ece5a3afb0f92a113b0d223ddd94ede503da9ce
parent: 11c5eecf5cdc5140be07db79bf395e122653160b (diff)
download: rabbitmq-server-93841e81aa3de16e097cf78442d672ce8b6a603d.tar.gz
1 files changed, 100 insertions, 101 deletions
diff --git a/src/rabbit_auth_backend_internal.erl b/src/rabbit_auth_backend_internal.erl
index 61919d05..53bb8375 100644
--- a/src/rabbit_auth_backend_internal.erl
+++ b/src/rabbit_auth_backend_internal.erl
@@ -22,15 +22,18 @@
 -export([description/0]).
 -export([check_user_login/2, check_vhost_access/2, check_resource_access/3]).
 
--export([add_user/2, delete_user/1, change_password/2, set_tags/2,
-         list_users/0, user_info_keys/0, lookup_user/1, clear_password/1]).
--export([make_salt/0, check_password/2, change_password_hash/2,
-         hash_password/1]).
--export([set_permissions/5, clear_permissions/2,
-         list_permissions/0, list_vhost_permissions/1, list_user_permissions/1,
-         list_user_vhost_permissions/2, perms_info_keys/0,
-         vhost_perms_info_keys/0, user_perms_info_keys/0,
-         user_vhost_perms_info_keys/0]).
+-export([add_user/2, delete_user/1, lookup_user/1,
+         change_password/2, clear_password/1,
+         hash_password/1, change_password_hash/2,
+         set_tags/2, set_permissions/5, clear_permissions/2]).
+-export([user_info_keys/0, perms_info_keys/0,
+         user_perms_info_keys/0, vhost_perms_info_keys/0,
+         user_vhost_perms_info_keys/0,
+         list_users/0, list_permissions/0,
+         list_user_permissions/1, list_vhost_permissions/1,
+         list_user_vhost_permissions/2]).
+
+%%----------------------------------------------------------------------------
 
 -ifdef(use_specs).
 
@@ -38,45 +41,39 @@
 
 -spec(add_user/2 :: (rabbit_types:username(), rabbit_types:password()) -> 'ok').
 -spec(delete_user/1 :: (rabbit_types:username()) -> 'ok').
+-spec(lookup_user/1 :: (rabbit_types:username())
+                       -> rabbit_types:ok(rabbit_types:internal_user())
+                              | rabbit_types:error('not_found')).
 -spec(change_password/2 :: (rabbit_types:username(), rabbit_types:password())
                            -> 'ok').
 -spec(clear_password/1 :: (rabbit_types:username()) -> 'ok').
--spec(make_salt/0 :: () -> binary()).
--spec(check_password/2 :: (rabbit_types:password(),
-                           rabbit_types:password_hash()) -> boolean()).
--spec(change_password_hash/2 :: (rabbit_types:username(),
-                                 rabbit_types:password_hash()) -> 'ok').
 -spec(hash_password/1 :: (rabbit_types:password())
                          -> rabbit_types:password_hash()).
+-spec(change_password_hash/2 :: (rabbit_types:username(),
+                                 rabbit_types:password_hash()) -> 'ok').
 -spec(set_tags/2 :: (rabbit_types:username(), [atom()]) -> 'ok').
--spec(list_users/0 :: () -> [rabbit_types:infos()]).
--spec(user_info_keys/0 :: () -> rabbit_types:info_keys()).
--spec(lookup_user/1 :: (rabbit_types:username())
-                       -> rabbit_types:ok(rabbit_types:internal_user())
-                              | rabbit_types:error('not_found')).
 -spec(set_permissions/5 ::(rabbit_types:username(), rabbit_types:vhost(),
                            regexp(), regexp(), regexp()) -> 'ok').
 -spec(clear_permissions/2 :: (rabbit_types:username(), rabbit_types:vhost())
                              -> 'ok').
+-spec(user_info_keys/0 :: () -> rabbit_types:info_keys()).
+-spec(perms_info_keys/0 :: () -> rabbit_types:info_keys()).
+-spec(user_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
+-spec(vhost_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
+-spec(user_vhost_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
+-spec(list_users/0 :: () -> [rabbit_types:infos()]).
 -spec(list_permissions/0 :: () -> [rabbit_types:infos()]).
--spec(list_vhost_permissions/1 ::
-        (rabbit_types:vhost()) -> [rabbit_types:infos()]).
 -spec(list_user_permissions/1 ::
         (rabbit_types:username()) -> [rabbit_types:infos()]).
+-spec(list_vhost_permissions/1 ::
+        (rabbit_types:vhost()) -> [rabbit_types:infos()]).
 -spec(list_user_vhost_permissions/2 ::
         (rabbit_types:username(), rabbit_types:vhost())
         -> [rabbit_types:infos()]).
--spec(perms_info_keys/0 :: () -> rabbit_types:info_keys()).
--spec(vhost_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
--spec(user_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
--spec(user_vhost_perms_info_keys/0 :: () -> rabbit_types:info_keys()).
+
 -endif.
 
 %%----------------------------------------------------------------------------
-
--define(PERMS_INFO_KEYS, [configure, write, read]).
--define(USER_INFO_KEYS, [user, tags]).
-
 %% Implementation of rabbit_auth_backend
 
 description() ->
@@ -85,11 +82,14 @@ description() ->
 
 check_user_login(Username, []) ->
     internal_check_user_login(Username, fun(_) -> true end);
-check_user_login(Username, [{password, Password}]) ->
+check_user_login(Username, [{password, Cleartext}]) ->
     internal_check_user_login(
-      Username, fun(#internal_user{password_hash = Hash}) ->
-                        check_password(Password, Hash)
-                end);
+      Username,
+      fun (#internal_user{password_hash = <<Salt:4/binary, Hash/binary>>}) ->
+              Hash =:= salted_md5(Salt, Cleartext);
+          (#internal_user{}) ->
+              false
+      end);
 check_user_login(Username, AuthProps) ->
     exit({unknown_auth_props, Username, AuthProps}).
 
@@ -182,6 +182,9 @@ delete_user(Username) ->
             end)),
     R.
 
+lookup_user(Username) ->
+    rabbit_misc:dirty_read({rabbit_user, Username}).
+
 change_password(Username, Password) ->
     rabbit_log:info("Changing password for '~s'~n", [Username]),
     change_password_hash(Username, hash_password(Password)).
@@ -190,6 +193,14 @@ clear_password(Username) ->
     rabbit_log:info("Clearing password for '~s'~n", [Username]),
     change_password_hash(Username, <<"">>).
 
+hash_password(Cleartext) ->
+    {A1,A2,A3} = now(),
+    random:seed(A1, A2, A3),
+    Salt = random:uniform(16#ffffffff),
+    SaltBin = <<Salt:32>>,
+    Hash = salted_md5(SaltBin, Cleartext),
+    <<SaltBin/binary, Hash/binary>>.
+
 change_password_hash(Username, PasswordHash) ->
     R = update_user(Username, fun(User) ->
                                       User#internal_user{
@@ -197,63 +208,30 @@ change_password_hash(Username, PasswordHash) ->
                               end),
     R.
 
-hash_password(Cleartext) ->
-    Salt = make_salt(),
-    Hash = salted_md5(Salt, Cleartext),
-    <<Salt/binary, Hash/binary>>.
-
-check_password(Cleartext, <<Salt:4/binary, Hash/binary>>) ->
-    Hash =:= salted_md5(Salt, Cleartext);
-check_password(_Cleartext, _Any) ->
-    false.
-
-make_salt() ->
-    {A1,A2,A3} = now(),
-    random:seed(A1, A2, A3),
-    Salt = random:uniform(16#ffffffff),
-    <<Salt:32>>.
-
 salted_md5(Salt, Cleartext) ->
     Salted = <<Salt/binary, Cleartext/binary>>,
     erlang:md5(Salted).
 
 set_tags(Username, Tags) ->
-    rabbit_log:info("Setting user tags for user '~s' to ~p~n", [Username, Tags]),
-    R = update_user(Username, fun(User) ->
-                                      User#internal_user{tags = Tags}
-                              end),
-    R.
-
-update_user(Username, Fun) ->
-    rabbit_misc:execute_mnesia_transaction(
-      rabbit_misc:with_user(
-        Username,
-        fun () ->
-                {ok, User} = lookup_user(Username),
-                ok = mnesia:write(rabbit_user, Fun(User), write)
-        end)).
-
-list_users() ->
-    [[{user, Username}, {tags, Tags}] ||
-        #internal_user{username = Username, tags = Tags} <-
-            mnesia:dirty_match_object(rabbit_user, #internal_user{_ = '_'})].
-
-user_info_keys() -> ?USER_INFO_KEYS.
-
-lookup_user(Username) ->
-    rabbit_misc:dirty_read({rabbit_user, Username}).
-
-validate_regexp(RegexpBin) ->
-    Regexp = binary_to_list(RegexpBin),
-    case re:compile(Regexp) of
-        {ok, _}         -> ok;
-        {error, Reason} -> throw({error, {invalid_regexp, Regexp, Reason}})
-    end.
+    rabbit_log:info("Setting user tags for user '~s' to ~p~n",
+                    [Username, Tags]),
+    update_user(Username, fun(User) ->
+                                  User#internal_user{tags = Tags}
+                          end).
 
 set_permissions(Username, VHostPath, ConfigurePerm, WritePerm, ReadPerm) ->
-    rabbit_log:info("Setting permissions for '~s' in '~s' to '~s', '~s', '~s'~n",
+    rabbit_log:info("Setting permissions for "
+                    "'~s' in '~s' to '~s', '~s', '~s'~n",
                     [Username, VHostPath, ConfigurePerm, WritePerm, ReadPerm]),
-    lists:map(fun validate_regexp/1, [ConfigurePerm, WritePerm, ReadPerm]),
+    lists:map(
+      fun (RegexpBin) ->
+              Regexp = binary_to_list(RegexpBin),
+              case re:compile(Regexp) of
+                  {ok, _}         -> ok;
+                  {error, Reason} -> throw({error, {invalid_regexp,
+                                                    Regexp, Reason}})
+              end
+      end, [ConfigurePerm, WritePerm, ReadPerm]),
     rabbit_misc:execute_mnesia_transaction(
       rabbit_misc:with_user_and_vhost(
         Username, VHostPath,
@@ -269,7 +247,6 @@ set_permissions(Username, VHostPath, ConfigurePerm, WritePerm, ReadPerm) ->
                          write)
         end)).
 
-
 clear_permissions(Username, VHostPath) ->
     rabbit_misc:execute_mnesia_transaction(
       rabbit_misc:with_user_and_vhost(
@@ -280,32 +257,36 @@ clear_permissions(Username, VHostPath) ->
                                                 virtual_host = VHostPath}})
         end)).
 
+update_user(Username, Fun) ->
+    rabbit_misc:execute_mnesia_transaction(
+      rabbit_misc:with_user(
+        Username,
+        fun () ->
+                {ok, User} = lookup_user(Username),
+                ok = mnesia:write(rabbit_user, Fun(User), write)
+        end)).
+
+%%----------------------------------------------------------------------------
+%% Listing
+
+-define(PERMS_INFO_KEYS, [configure, write, read]).
+-define(USER_INFO_KEYS, [user, tags]).
+
+user_info_keys() -> ?USER_INFO_KEYS.
+
 perms_info_keys()            -> [user, vhost | ?PERMS_INFO_KEYS].
 vhost_perms_info_keys()      -> [user | ?PERMS_INFO_KEYS].
 user_perms_info_keys()       -> [vhost | ?PERMS_INFO_KEYS].
 user_vhost_perms_info_keys() -> ?PERMS_INFO_KEYS.
 
+list_users() ->
+    [[{user, Username}, {tags, Tags}] ||
+        #internal_user{username = Username, tags = Tags} <-
+            mnesia:dirty_match_object(rabbit_user, #internal_user{_ = '_'})].
+
 list_permissions() ->
     list_permissions(perms_info_keys(), match_user_vhost('_', '_')).
 
-list_vhost_permissions(VHostPath) ->
-    list_permissions(
-      vhost_perms_info_keys(),
-      rabbit_vhost:with(VHostPath, match_user_vhost('_', VHostPath))).
-
-list_user_permissions(Username) ->
-    list_permissions(
-      user_perms_info_keys(),
-      rabbit_misc:with_user(Username, match_user_vhost(Username, '_'))).
-
-list_user_vhost_permissions(Username, VHostPath) ->
-    list_permissions(
-      user_vhost_perms_info_keys(),
-      rabbit_misc:with_user_and_vhost(
-        Username, VHostPath, match_user_vhost(Username, VHostPath))).
-
-filter_props(Keys, Props) -> [T || T = {K, _} <- Props, lists:member(K, Keys)].
-
 list_permissions(Keys, QueryThunk) ->
     [filter_props(Keys, [{user,      Username},
                          {vhost,     VHostPath},
@@ -320,6 +301,24 @@ list_permissions(Keys, QueryThunk) ->
             %% TODO: use dirty ops instead
             rabbit_misc:execute_mnesia_transaction(QueryThunk)].
 
+filter_props(Keys, Props) -> [T || T = {K, _} <- Props, lists:member(K, Keys)].
+
+list_user_permissions(Username) ->
+    list_permissions(
+      user_perms_info_keys(),
+      rabbit_misc:with_user(Username, match_user_vhost(Username, '_'))).
+
+list_vhost_permissions(VHostPath) ->
+    list_permissions(
+      vhost_perms_info_keys(),
+      rabbit_vhost:with(VHostPath, match_user_vhost('_', VHostPath))).
+
+list_user_vhost_permissions(Username, VHostPath) ->
+    list_permissions(
+      user_vhost_perms_info_keys(),
+      rabbit_misc:with_user_and_vhost(
+        Username, VHostPath, match_user_vhost(Username, VHostPath))).
+
 match_user_vhost(Username, VHostPath) ->
     fun () -> mnesia:match_object(
                 rabbit_user_permission,
author	Matthias Radestock <matthias@rabbitmq.com>	2014-02-06 12:04:30 +0000
committer	Matthias Radestock <matthias@rabbitmq.com>	2014-02-06 12:04:30 +0000
commit	93841e81aa3de16e097cf78442d672ce8b6a603d (patch)
tree	6ece5a3afb0f92a113b0d223ddd94ede503da9ce
parent	11c5eecf5cdc5140be07db79bf395e122653160b (diff)
download	rabbitmq-server-93841e81aa3de16e097cf78442d672ce8b6a603d.tar.gz