2 * Copyright (c) 2001-2002 International Business Machines Corp.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
9 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
10 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
11 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
12 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR
13 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
14 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
15 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
16 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
17 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
18 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
19 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
23 #include "org_openafs_jafs_User.h"
26 #include <afs_ptsAdmin.h>
27 #include <afs_kasAdmin.h>
29 #include <afs_AdminPtsErrors.h>
30 #include <afs_AdminClientErrors.h>
31 #include <afs_AdminCommonErrors.h>
34 ///// definitions in Internal.c ////////////////////
36 extern jclass userCls
;
37 extern jfieldID user_nameField
;
38 extern jfieldID user_ptsField
;
39 extern jfieldID user_kasField
;
41 extern jfieldID user_nameUidField
;
42 extern jfieldID user_ownerUidField
;
43 extern jfieldID user_creatorUidField
;
44 extern jfieldID user_listStatusField
;
45 extern jfieldID user_listGroupsOwnedField
;
46 extern jfieldID user_listMembershipField
;
47 extern jfieldID user_groupCreationQuotaField
;
48 extern jfieldID user_groupMembershipCountField
;
49 extern jfieldID user_ownerField
;
50 extern jfieldID user_creatorField
;
52 extern jfieldID user_adminSettingField
;
53 extern jfieldID user_tgsSettingField
;
54 extern jfieldID user_encSettingField
;
55 extern jfieldID user_cpwSettingField
;
56 extern jfieldID user_rpwSettingField
;
57 extern jfieldID user_userExpirationField
;
58 extern jfieldID user_lastModTimeField
;
59 extern jfieldID user_lastModNameField
;
60 extern jfieldID user_lastChangePasswordTimeField
;
61 extern jfieldID user_maxTicketLifetimeField
;
62 extern jfieldID user_keyVersionField
;
63 extern jfieldID user_encryptionKeyField
;
64 extern jfieldID user_keyCheckSumField
;
65 extern jfieldID user_daysToPasswordExpireField
;
66 extern jfieldID user_failLoginCountField
;
67 extern jfieldID user_lockTimeField
;
68 extern jfieldID user_lockedUntilField
;
70 extern jclass groupCls
;
71 //extern jfieldID group_cellHandleField;
72 extern jfieldID group_nameField
;
73 extern jfieldID group_cachedInfoField
;
75 //////////////////////////////////////////////////////////////////
78 * Creates the kas and pts entries for a new user. Pass in 0 for the uid
79 * if pts is to automatically assign the user id.
81 * env the Java environment
82 * cls the current Java class
83 * cellHandle the handle of the cell to which the user belongs
84 * juserName the name of the user to create
85 * jpassword the password for the new user
86 * uid the user id to assign to the user (0 to have one
87 * automatically assigned)
89 JNIEXPORT
void JNICALL
90 Java_org_openafs_jafs_User_create
91 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring juserName
,
92 jstring jpassword
, jint uid
)
97 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
100 throwAFSException( env
, JAFSADMNOMEM
);
104 // convert java strings
105 if( juserName
!= NULL
) {
106 userName
= (*env
)->GetStringUTFChars(env
, juserName
, 0);
109 throwAFSException( env
, JAFSADMNOMEM
);
115 if( jpassword
!= NULL
) {
116 password
= (*env
)->GetStringUTFChars(env
, jpassword
, 0);
119 if( userName
!= NULL
) {
120 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
122 throwAFSException( env
, JAFSADMNOMEM
);
129 // make sure the name is within the allowed bounds
130 if( userName
!= NULL
&& strlen( userName
) > KAS_MAX_NAME_LEN
) {
132 // release converted java strings
133 if( userName
!= NULL
) {
134 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
136 if( password
!= NULL
) {
137 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
139 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
143 // make sure name doesn't have ":" in it
144 if( userName
!= NULL
&& strchr( userName
, ':' ) != (int) NULL
) {
146 // release converted java strings
147 if( userName
!= NULL
) {
148 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
150 if( password
!= NULL
) {
151 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
153 throwAFSException( env
, PRBADNAM
);
157 // make sure the id isn't negative
160 // release converted java strings
161 if( userName
!= NULL
) {
162 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
164 if( password
!= NULL
) {
165 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
167 // use the "bad arg" error code even though it's an ID exception.
168 // There isn't a bad user ID error code
169 throwAFSException( env
, PRBADARG
);
173 if( userName
!= NULL
) {
174 internal_makeKasIdentity( userName
, who
);
177 // create the kas entry
178 if (!kas_PrincipalCreate( (void *) cellHandle
, NULL
, who
,
181 // release converted java strings
182 if( userName
!= NULL
) {
183 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
185 if( password
!= NULL
) {
186 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
188 throwAFSException( env
, ast
);
192 // create the pts entry - if there's an error, make sure to delete
194 if( !pts_UserCreate( (void *) cellHandle
, userName
, (int *) &uid
, &ast
) ) {
196 kas_PrincipalDelete( (void *) cellHandle
, NULL
, who
, &ast_kd
);
198 // release converted java strings
199 if( userName
!= NULL
) {
200 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
202 if( password
!= NULL
) {
203 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
205 throwAFSException( env
, ast
);
210 // release converted java strings
211 if( userName
!= NULL
) {
212 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
214 if( password
!= NULL
) {
215 (*env
)->ReleaseStringUTFChars(env
, jpassword
, password
);
221 * Deletes the pts and kas entry for a user. Deletes this user from the
222 * membership list of the groups to which it belonged, but does not delete
223 * the groups owned by this user.
225 * env the Java environment
226 * cls the current Java class
227 * cellHandle the handle of the cell to which the user belongs
228 * juserName the name of the user to delete
230 JNIEXPORT
void JNICALL
231 Java_org_openafs_jafs_User_delete
232 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring juserName
)
235 const char *userName
;
236 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
240 throwAFSException( env
, JAFSADMNOMEM
);
244 if( juserName
!= NULL
) {
245 userName
= (*env
)->GetStringUTFChars(env
, juserName
, 0);
248 throwAFSException( env
, JAFSADMNOMEM
);
255 // make sure the name is within the allowed bounds
256 if( userName
!= NULL
&& strlen( userName
) > KAS_MAX_NAME_LEN
) {
258 if( userName
!= NULL
) {
259 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
261 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
265 if( userName
!= NULL
) {
266 internal_makeKasIdentity( userName
, who
);
269 // delete the kas entry
270 if( !kas_PrincipalDelete( (void *) cellHandle
, NULL
, who
, &ast
) ) {
271 if( ast
!= KANOENT
) {
273 if( userName
!= NULL
) {
274 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
276 throwAFSException( env
, ast
);
283 //delete the pts entry
284 if( !pts_UserDelete( (void *) cellHandle
, userName
, &ast
) ) {
285 // throw exception if there was no such pts user only if there was
286 // also no such kas user
287 if( (ast
== ADMPTSFAILEDNAMETRANSLATE
&& !kas
) ||
288 ast
!= ADMPTSFAILEDNAMETRANSLATE
) {
290 if( userName
!= NULL
) {
291 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
293 throwAFSException( env
, ast
);
299 // release converted java strings
300 if( userName
!= NULL
) {
301 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
308 * env the Java environment
309 * cls the current Java class
310 * cellHandle the handle of the cell to which the user belongs
311 * juserName the name of the user to unlock
313 JNIEXPORT
void JNICALL
314 Java_org_openafs_jafs_User_unlock
315 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring juserName
)
318 const char *userName
;
319 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
322 throwAFSException( env
, JAFSADMNOMEM
);
326 // convert java strings
327 if( juserName
!= NULL
) {
328 userName
= (*env
)->GetStringUTFChars(env
, juserName
, 0);
330 throwAFSException( env
, JAFSADMNOMEM
);
337 // make sure the name is within the allowed bounds
338 if( userName
!= NULL
&& strlen( userName
) > KAS_MAX_NAME_LEN
) {
340 if( userName
!= NULL
) {
341 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
343 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
347 if( userName
!= NULL
) {
348 internal_makeKasIdentity( userName
, who
);
351 if( !kas_PrincipalUnlock( (void *) cellHandle
, NULL
, who
, &ast
) ) {
353 if( userName
!= NULL
) {
354 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
356 throwAFSException( env
, ast
);
361 // release converted java strings
362 if( userName
!= NULL
) {
363 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
368 * Retrieve the information for the specified user and populate the
371 * env the Java environment
372 * cellHandle the handle of the cell to which the user belongs
373 * name the name of the user for which to get the info
374 * user the User object to populate with the info
377 (JNIEnv
*env
, void *cellHandle
, const char *name
, jobject user
)
381 jstring jlastModName
;
382 jstring jencryptionKey
;
385 pts_UserEntry_t ptsEntry
;
387 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
388 kas_principalEntry_t kasEntry
;
389 unsigned int lockedUntil
;
392 throwAFSException( env
, JAFSADMNOMEM
);
396 // make sure the name is within the allowed bounds
397 if( name
!= NULL
&& strlen( name
) > KAS_MAX_NAME_LEN
) {
399 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
404 internal_makeKasIdentity( name
, who
);
407 // get all the field ids, if you haven't done so already
409 internal_getUserClass( env
, user
);
413 if ( !pts_UserGet( cellHandle
, name
, &ptsEntry
, &ast
) ) {
414 // if the user has no pts ptsEntry
415 if( ast
== ADMPTSFAILEDNAMETRANSLATE
) {
419 throwAFSException( env
, ast
);
428 if( !kas_PrincipalGet( cellHandle
, NULL
, who
, &kasEntry
, &ast
) ) {
430 if( ast
== KANOENT
) {
433 throwAFSException( env
, ast
);
441 throwAFSException( env
, ast
);
448 // get the lock status
449 if( kas
&& !kas_PrincipalLockStatusGet( cellHandle
, NULL
, who
,
450 &lockedUntil
, &ast
) ) {
452 throwAFSException( env
, ast
);
456 (*env
)->SetBooleanField(env
, user
, user_ptsField
, pts
);
457 (*env
)->SetBooleanField(env
, user
, user_kasField
, kas
);
459 // set the pts fields
461 (*env
)->SetIntField(env
, user
, user_nameUidField
, ptsEntry
.nameUid
);
462 (*env
)->SetIntField(env
, user
, user_ownerUidField
, ptsEntry
.ownerUid
);
463 (*env
)->SetIntField(env
, user
, user_creatorUidField
,
464 ptsEntry
.creatorUid
);
465 (*env
)->SetIntField(env
, user
, user_groupCreationQuotaField
,
466 ptsEntry
.groupCreationQuota
);
467 (*env
)->SetIntField(env
, user
, user_groupMembershipCountField
,
468 ptsEntry
.groupMembershipCount
);
470 if( ptsEntry
.listStatus
== PTS_USER_OWNER_ACCESS
) {
471 (*env
)->SetIntField(env
, user
, user_listStatusField
,
472 org_openafs_jafs_User_USER_OWNER_ACCESS
);
474 (*env
)->SetIntField(env
, user
, user_listStatusField
,
475 org_openafs_jafs_User_USER_ANYUSER_ACCESS
);
477 if( ptsEntry
.listGroupsOwned
== PTS_USER_OWNER_ACCESS
) {
478 (*env
)->SetIntField(env
, user
, user_listGroupsOwnedField
,
479 org_openafs_jafs_User_USER_OWNER_ACCESS
);
481 (*env
)->SetIntField(env
, user
, user_listGroupsOwnedField
,
482 org_openafs_jafs_User_USER_ANYUSER_ACCESS
);
484 if( ptsEntry
.listMembership
== PTS_USER_OWNER_ACCESS
) {
485 (*env
)->SetIntField(env
, user
, user_listMembershipField
,
486 org_openafs_jafs_User_USER_OWNER_ACCESS
);
488 (*env
)->SetIntField(env
, user
, user_listMembershipField
,
489 org_openafs_jafs_User_USER_ANYUSER_ACCESS
);
492 jowner
= (*env
)->NewStringUTF(env
, ptsEntry
.owner
);
493 jcreator
= (*env
)->NewStringUTF(env
, ptsEntry
.creator
);
495 (*env
)->SetObjectField(env
, user
, user_ownerField
, jowner
);
496 (*env
)->SetObjectField(env
, user
, user_creatorField
, jcreator
);
500 // set the kas fields
504 if( kasEntry
.adminSetting
== KAS_ADMIN
) {
505 (*env
)->SetIntField(env
, user
, user_adminSettingField
,
506 org_openafs_jafs_User_ADMIN
);
508 (*env
)->SetIntField(env
, user
, user_adminSettingField
,
509 org_openafs_jafs_User_NO_ADMIN
);
511 if( kasEntry
.tgsSetting
== TGS
) {
512 (*env
)->SetIntField(env
, user
, user_tgsSettingField
,
513 org_openafs_jafs_User_GRANT_TICKETS
);
515 (*env
)->SetIntField(env
, user
, user_tgsSettingField
,
516 org_openafs_jafs_User_NO_GRANT_TICKETS
);
518 if( kasEntry
.encSetting
!= NO_ENCRYPT
) {
519 (*env
)->SetIntField(env
, user
, user_encSettingField
,
520 org_openafs_jafs_User_ENCRYPT
);
522 (*env
)->SetIntField(env
, user
, user_encSettingField
,
523 org_openafs_jafs_User_NO_ENCRYPT
);
525 if( kasEntry
.cpwSetting
== CHANGE_PASSWORD
) {
526 (*env
)->SetIntField(env
, user
, user_cpwSettingField
,
527 org_openafs_jafs_User_CHANGE_PASSWORD
);
529 (*env
)->SetIntField(env
, user
, user_cpwSettingField
,
530 org_openafs_jafs_User_NO_CHANGE_PASSWORD
);
532 if( kasEntry
.rpwSetting
== REUSE_PASSWORD
) {
533 (*env
)->SetIntField(env
, user
, user_rpwSettingField
,
534 org_openafs_jafs_User_REUSE_PASSWORD
);
536 (*env
)->SetIntField(env
, user
, user_rpwSettingField
,
537 org_openafs_jafs_User_NO_REUSE_PASSWORD
);
539 (*env
)->SetIntField(env
, user
, user_userExpirationField
,
540 kasEntry
.userExpiration
);
541 (*env
)->SetIntField(env
, user
, user_lastModTimeField
,
542 kasEntry
.lastModTime
);
543 (*env
)->SetIntField(env
, user
, user_lastChangePasswordTimeField
,
544 kasEntry
.lastChangePasswordTime
);
545 (*env
)->SetIntField(env
, user
, user_maxTicketLifetimeField
,
546 kasEntry
.maxTicketLifetime
);
547 (*env
)->SetIntField(env
, user
, user_keyVersionField
,
548 kasEntry
.keyVersion
);
549 (*env
)->SetLongField(env
, user
, user_keyCheckSumField
,
550 (unsigned int) kasEntry
.keyCheckSum
);
551 (*env
)->SetIntField(env
, user
, user_daysToPasswordExpireField
,
552 kasEntry
.daysToPasswordExpire
);
553 (*env
)->SetIntField(env
, user
, user_failLoginCountField
,
554 kasEntry
.failLoginCount
);
555 (*env
)->SetIntField(env
, user
, user_lockTimeField
, kasEntry
.lockTime
);
556 (*env
)->SetIntField(env
, user
, user_lockedUntilField
, lockedUntil
);
558 jlastModName
= (*env
)->NewStringUTF(env
,
559 kasEntry
.lastModPrincipal
.principal
);
560 (*env
)->SetObjectField(env
, user
, user_lastModNameField
, jlastModName
);
562 convertedKey
= malloc( sizeof(char *) * (sizeof(kasEntry
.key
.key
)*4+1) );
563 if( !convertedKey
) {
564 throwAFSException( env
, JAFSADMNOMEM
);
567 for( i
= 0; i
< sizeof(kasEntry
.key
.key
); i
++ ) {
568 sprintf( &(convertedKey
[i
*4]), "\\%0.3o", kasEntry
.key
.key
[i
] );
570 jencryptionKey
= (*env
)->NewStringUTF(env
, convertedKey
);
571 (*env
)->SetObjectField(env
, user
, user_encryptionKeyField
,
573 free( convertedKey
);
579 * Fills in the information fields of the provided User.
580 * Fills in values based on the current pts and kas information of the user.
582 * env the Java environment
583 * cls the current Java class
584 * cellHandle the handle of the cell to which the user belongs
585 * jname the name of the user for which to get the information
586 * user the User object in which to fill in the
589 JNIEXPORT
void JNICALL
590 Java_org_openafs_jafs_User_getUserInfo
591 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring jname
, jobject user
)
595 if( jname
!= NULL
) {
596 name
= (*env
)->GetStringUTFChars(env
, jname
, 0);
598 throwAFSException( env
, JAFSADMNOMEM
);
605 getUserInfoChar( env
, cellHandle
, name
, user
);
607 // get class fields if need be
609 internal_getUserClass( env
, user
);
612 // set name in case blank object
613 (*env
)->SetObjectField(env
, user
, user_nameField
, jname
);
616 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
621 * Sets the information values of this AFS user to be the parameter values.
622 * Sets both kas and pts fields.
624 * env the Java environment
625 * cls the current Java class
626 * cellHandle the handle of the cell to which the user belongs
627 * jname the name of the user for which to set the information
628 * user the User object containing the desired
631 JNIEXPORT
void JNICALL
632 Java_org_openafs_jafs_User_setUserInfo
633 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring jname
, jobject user
)
636 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
637 pts_UserUpdateEntry_t ptsEntry
;
640 kas_tgs_t grantTickets
;
641 kas_enc_t canEncrypt
;
642 kas_cpw_t canChangePassword
;
643 kas_rpw_t passwordReuse
;
644 unsigned int expirationDate
;
645 unsigned int maxTicketLifetime
;
646 unsigned int passwordExpires
;
647 unsigned int failedPasswordAttempts
;
648 unsigned int failedPasswordLockTime
;
653 throwAFSException( env
, JAFSADMNOMEM
);
657 if( jname
!= NULL
) {
658 name
= (*env
)->GetStringUTFChars(env
, jname
, 0);
660 throwAFSException( env
, JAFSADMNOMEM
);
667 // make sure the name is within the allowed bounds
668 if( name
!= NULL
&& strlen( name
) > KAS_MAX_NAME_LEN
) {
670 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
671 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
676 internal_makeKasIdentity( name
, who
);
679 // get class fields if need be
681 internal_getUserClass( env
, user
);
684 kas
= (*env
)->GetBooleanField(env
, user
, user_kasField
);
685 pts
= (*env
)->GetBooleanField(env
, user
, user_ptsField
);
688 // set the pts fields:
689 ptsEntry
.flag
= PTS_USER_UPDATE_GROUP_CREATE_QUOTA
|
690 PTS_USER_UPDATE_PERMISSIONS
;
691 ptsEntry
.groupCreationQuota
=
692 (*env
)->GetIntField(env
, user
, user_groupCreationQuotaField
);
693 if( (*env
)->GetIntField(env
, user
, user_listStatusField
) ==
694 org_openafs_jafs_User_USER_OWNER_ACCESS
) {
695 ptsEntry
.listStatus
= PTS_USER_OWNER_ACCESS
;
697 ptsEntry
.listStatus
= PTS_USER_ANYUSER_ACCESS
;
699 if( (*env
)->GetIntField(env
, user
, user_listGroupsOwnedField
) ==
700 org_openafs_jafs_User_USER_OWNER_ACCESS
) {
701 ptsEntry
.listGroupsOwned
= PTS_USER_OWNER_ACCESS
;
703 ptsEntry
.listGroupsOwned
= PTS_USER_ANYUSER_ACCESS
;
705 if( (*env
)->GetIntField(env
, user
, user_listMembershipField
) ==
706 org_openafs_jafs_User_USER_OWNER_ACCESS
) {
707 ptsEntry
.listMembership
= PTS_USER_OWNER_ACCESS
;
709 ptsEntry
.listMembership
= PTS_USER_ANYUSER_ACCESS
;
711 if( !pts_UserModify( (void *) cellHandle
, name
, &ptsEntry
, &ast
) ) {
714 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
716 throwAFSException( env
, ast
);
722 // set the kas fields:
723 if( (*env
)->GetIntField(env
, user
, user_adminSettingField
) ==
724 org_openafs_jafs_User_ADMIN
) {
727 isAdmin
= NO_KAS_ADMIN
;
729 if( (*env
)->GetIntField(env
, user
, user_tgsSettingField
) ==
730 org_openafs_jafs_User_GRANT_TICKETS
) {
733 grantTickets
= NO_TGS
;
735 if( (*env
)->GetIntField(env
, user
, user_encSettingField
) ==
736 org_openafs_jafs_User_ENCRYPT
) {
739 canEncrypt
= NO_ENCRYPT
;
741 if( (*env
)->GetIntField(env
, user
, user_cpwSettingField
) ==
742 org_openafs_jafs_User_CHANGE_PASSWORD
) {
743 canChangePassword
= CHANGE_PASSWORD
;
745 canChangePassword
= NO_CHANGE_PASSWORD
;
747 if( (*env
)->GetIntField(env
, user
, user_rpwSettingField
) ==
748 org_openafs_jafs_User_REUSE_PASSWORD
) {
749 passwordReuse
= REUSE_PASSWORD
;
751 passwordReuse
= NO_REUSE_PASSWORD
;
753 expirationDate
= (*env
)->GetIntField(env
, user
,
754 user_userExpirationField
);
755 maxTicketLifetime
= (*env
)->GetIntField(env
, user
,
756 user_maxTicketLifetimeField
);
757 passwordExpires
= (*env
)->GetIntField(env
, user
,
758 user_daysToPasswordExpireField
);
759 failedPasswordAttempts
= (*env
)->GetIntField(env
, user
,
760 user_failLoginCountField
);
761 failedPasswordLockTime
= (*env
)->GetIntField(env
, user
,
764 if( !kas_PrincipalFieldsSet( (void *) cellHandle
, NULL
, who
, &isAdmin
,
765 &grantTickets
, &canEncrypt
,
766 &canChangePassword
, &expirationDate
,
767 &maxTicketLifetime
, &passwordExpires
,
768 &passwordReuse
, &failedPasswordAttempts
,
769 &failedPasswordLockTime
, &ast
) ) {
772 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
774 throwAFSException( env
, ast
);
781 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
786 * Renames the given user. Does not update the info fields of the kas entry
787 * -- the calling code is responsible for that.
789 * env the Java environment
790 * cls the current Java class
791 * cellHandle the handle of the cell to which the user belongs
792 * joldName the name of the user to rename
793 * jnewName the new name for the user
795 JNIEXPORT
void JNICALL
796 Java_org_openafs_jafs_User_rename
797 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring joldName
, jstring jnewName
)
802 kas_identity_p whoOld
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
803 kas_identity_p whoNew
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
804 kas_principalEntry_t kasEntry
;
805 pts_UserEntry_t ptsEntry
;
809 if( !whoOld
|| !whoNew
) {
816 throwAFSException( env
, JAFSADMNOMEM
);
820 if( joldName
!= NULL
) {
821 oldName
= (*env
)->GetStringUTFChars(env
, joldName
, 0);
823 throwAFSException( env
, JAFSADMNOMEM
);
829 if( jnewName
!= NULL
) {
830 newName
= (*env
)->GetStringUTFChars(env
, jnewName
, 0);
832 if( oldName
!= NULL
) {
833 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
835 throwAFSException( env
, JAFSADMNOMEM
);
842 // make sure the names are within the allowed bounds
843 if( oldName
!= NULL
&& strlen( oldName
) > KAS_MAX_NAME_LEN
) {
846 if( oldName
!= NULL
) {
847 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
849 if( newName
!= NULL
) {
850 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
852 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
855 if( newName
!= NULL
&& strlen( newName
) > KAS_MAX_NAME_LEN
) {
858 if( oldName
!= NULL
) {
859 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
861 if( newName
!= NULL
) {
862 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
864 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
868 if( oldName
!= NULL
) {
869 internal_makeKasIdentity( oldName
, whoOld
);
871 if( newName
!= NULL
) {
872 internal_makeKasIdentity( newName
, whoNew
);
875 // retrieve the old kas info
876 if( !kas_PrincipalGet( (void *) cellHandle
, NULL
, whoOld
,
877 &kasEntry
, &ast
) ) {
878 if( ast
!= KANOENT
) {
881 if( oldName
!= NULL
) {
882 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
884 if( newName
!= NULL
) {
885 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
887 throwAFSException( env
, ast
);
897 // create a new kas entry
898 // temporarily set the password equal to the new name
899 if (!kas_PrincipalCreate( (void *) cellHandle
, NULL
, whoNew
,
903 if( oldName
!= NULL
) {
904 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
906 if( newName
!= NULL
) {
907 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
909 throwAFSException( env
, ast
);
915 // For some reason kas_PrincipalKeySet doesn't set the return code
916 // correctly. It always returns 0.
917 // So instead of checking the return code, we see if there's an
918 // error in the status variable.
919 kas_PrincipalKeySet( (void *) cellHandle
, NULL
, whoNew
, 0,
920 &(kasEntry
.key
), &ast
);
923 kas_PrincipalDelete( (void *) cellHandle
, NULL
, whoNew
, &ast_kd
);
926 if( oldName
!= NULL
) {
927 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
929 if( newName
!= NULL
) {
930 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
932 throwAFSException( env
, ast
);
937 // rename the pts entry
938 if( !pts_UserRename( (void *) cellHandle
, oldName
, newName
, &ast
) ) {
939 // throw exception if there was no such pts user only if
940 // there was also no such kas user
941 if( (ast
== ADMPTSFAILEDNAMETRANSLATE
&& !kas
) ||
942 ast
!= ADMPTSFAILEDNAMETRANSLATE
) {
945 kas_PrincipalDelete( (void *) cellHandle
, NULL
, whoNew
,
950 if( oldName
!= NULL
) {
951 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
953 if( newName
!= NULL
) {
954 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
956 throwAFSException( env
, ast
);
962 // delete the old kas entry
963 if( !kas_PrincipalDelete( (void *) cellHandle
, NULL
, whoOld
, &ast
) ) {
966 if( oldName
!= NULL
) {
967 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
969 if( newName
!= NULL
) {
970 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
972 throwAFSException( env
, ast
);
979 if( oldName
!= NULL
) {
980 (*env
)->ReleaseStringUTFChars(env
, joldName
, oldName
);
982 if( newName
!= NULL
) {
983 (*env
)->ReleaseStringUTFChars(env
, jnewName
, newName
);
988 * Sets the password of the given user. Sets the key version to 0.
990 * env the Java environment
991 * cls the current Java class
992 * cellHandle the handle of the cell to which the user belongs
993 * juserName the name of the user for which to set the password
994 * jnewPassword the new password for the user
996 JNIEXPORT
void JNICALL
997 Java_org_openafs_jafs_User_setPassword
998 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring juserName
,
999 jstring jnewPassword
)
1003 const char *userName
;
1004 const char *newPassword
;
1005 kas_encryptionKey_p newKey
=
1006 (kas_encryptionKey_p
) malloc( sizeof(kas_encryptionKey_t
) );
1007 kas_identity_p who
= (kas_identity_p
) malloc( sizeof(kas_identity_t
) );
1009 if( !who
|| !newKey
) {
1016 throwAFSException( env
, JAFSADMNOMEM
);
1020 if( juserName
!= NULL
) {
1021 userName
= (*env
)->GetStringUTFChars(env
, juserName
, 0);
1023 throwAFSException( env
, JAFSADMNOMEM
);
1029 if( jnewPassword
!= NULL
) {
1030 newPassword
= (*env
)->GetStringUTFChars(env
, jnewPassword
, 0);
1031 if( !newPassword
) {
1032 throwAFSException( env
, JAFSADMNOMEM
);
1039 // make sure the name is within the allowed bounds
1040 if( userName
!= NULL
&& strlen( userName
) > KAS_MAX_NAME_LEN
) {
1043 if( userName
!= NULL
) {
1044 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
1046 if( newPassword
!= NULL
) {
1047 (*env
)->ReleaseStringUTFChars(env
, jnewPassword
, newPassword
);
1049 throwAFSException( env
, ADMPTSUSERNAMETOOLONG
);
1053 if( !afsclient_CellNameGet( (void *) cellHandle
, &cellName
, &ast
) ) {
1056 if( userName
!= NULL
) {
1057 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
1059 if( newPassword
!= NULL
) {
1060 (*env
)->ReleaseStringUTFChars(env
, jnewPassword
, newPassword
);
1062 throwAFSException( env
, ast
);
1066 if( !kas_StringToKey( cellName
, newPassword
, newKey
, &ast
) ) {
1069 if( userName
!= NULL
) {
1070 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
1072 if( newPassword
!= NULL
) {
1073 (*env
)->ReleaseStringUTFChars(env
, jnewPassword
, newPassword
);
1075 throwAFSException( env
, ast
);
1079 if( userName
!= NULL
) {
1080 internal_makeKasIdentity( userName
, who
);
1084 // For some reason kas_PrincipalKeySet doesn't set the return code correctly.
1085 // It always returns 0.
1086 // So instead of checking the return code, we see if there's an error
1087 // in the status variable.
1088 kas_PrincipalKeySet( (void *) cellHandle
, NULL
, who
, 0, newKey
, &ast
);
1092 if( userName
!= NULL
) {
1093 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
1095 if( newPassword
!= NULL
) {
1096 (*env
)->ReleaseStringUTFChars(env
, jnewPassword
, newPassword
);
1098 throwAFSException( env
, ast
);
1104 if( userName
!= NULL
) {
1105 (*env
)->ReleaseStringUTFChars(env
, juserName
, userName
);
1107 if( newPassword
!= NULL
) {
1108 (*env
)->ReleaseStringUTFChars(env
, jnewPassword
, newPassword
);
1114 * Begin the process of getting the groups to which the user belongs.
1115 * Returns an iteration ID to be used by subsequent calls to
1116 * getUserGroupsNext and getUserGroupsDone.
1118 * env the Java environment
1119 * cls the current Java class
1120 * cellHandle the handle of the cell to which the user belongs
1121 * jname the name of the user for which to get the groups
1122 * returns an iteration ID
1124 JNIEXPORT jlong JNICALL
1125 Java_org_openafs_jafs_User_getUserGroupsBegin
1126 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring jname
)
1132 if( jname
!= NULL
) {
1133 name
= (*env
)->GetStringUTFChars(env
, jname
, 0);
1135 throwAFSException( env
, JAFSADMNOMEM
);
1142 if( !pts_UserMemberListBegin( (void *) cellHandle
, name
, &iterationId
,
1144 if( name
!= NULL
) {
1145 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
1147 throwAFSException( env
, ast
);
1151 if( name
!= NULL
) {
1152 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
1155 return (jlong
) iterationId
;
1160 * Returns the next group to which the user belongs. Returns
1161 * null if there are no more groups.
1163 * env the Java environment
1164 * cls the current Java class
1165 * iterationId the iteration ID of this iteration
1166 * returns the name of the next group
1168 JNIEXPORT jstring JNICALL
1169 Java_org_openafs_jafs_User_getUserGroupsNextString
1170 (JNIEnv
*env
, jclass cls
, jlong iterationId
)
1173 char *groupName
= malloc( sizeof(char)*PTS_MAX_NAME_LEN
);
1177 throwAFSException( env
, JAFSADMNOMEM
);
1181 if( !pts_UserMemberListNext( (void *) iterationId
, groupName
, &ast
) ) {
1183 if( ast
== ADMITERATORDONE
) {
1186 throwAFSException( env
, ast
);
1191 jgroup
= (*env
)->NewStringUTF(env
, groupName
);
1197 * Fills the next group object of which the user belongs. Returns 0 if there
1198 * are no more groups, != 0 otherwise.
1200 * env the Java environment
1201 * cls the current Java class
1202 * cellHandle the handle of the cell to which the users belong
1203 * iterationId the iteration ID of this iteration
1204 * jgroupObject a Group object to be populated with the values of the
1206 * returns 0 if there are no more users, != 0 otherwise
1208 JNIEXPORT jint JNICALL
1209 Java_org_openafs_jafs_User_getUserGroupsNext
1210 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jlong iterationId
,
1211 jobject jgroupObject
)
1217 groupName
= malloc( sizeof(char)*PTS_MAX_NAME_LEN
);
1220 throwAFSException( env
, JAFSADMNOMEM
);
1224 if( !pts_UserMemberListNext( (void *) iterationId
, groupName
, &ast
) ) {
1226 if( ast
== ADMITERATORDONE
) {
1229 throwAFSException( env
, ast
);
1234 jgroup
= (*env
)->NewStringUTF(env
, groupName
);
1236 if( groupCls
== 0 ) {
1237 internal_getGroupClass( env
, jgroupObject
);
1240 (*env
)->SetObjectField(env
, jgroupObject
, group_nameField
, jgroup
);
1242 getGroupInfoChar( env
, (void *) cellHandle
, groupName
, jgroupObject
);
1243 (*env
)->SetBooleanField( env
, jgroupObject
, group_cachedInfoField
, TRUE
);
1251 * Signals that the iteration is complete and will not be accessed anymore.
1253 * env the Java environment
1254 * cls the current Java class
1255 * iterationId the iteration ID of this iteration
1257 JNIEXPORT
void JNICALL
1258 Java_org_openafs_jafs_User_getUserGroupsDone
1259 (JNIEnv
*env
, jclass cls
, jlong iterationId
)
1263 if( !pts_UserMemberListDone( (void *) iterationId
, &ast
) ) {
1264 throwAFSException( env
, ast
);
1270 * Returns the total number of groups owned by the user.
1272 * env the Java environment
1273 * cls the current Java class
1274 * cellHandle the handle of the cell to which the user belongs
1275 * jname the name of the user for which to get the groups
1276 * returns total number of groups owned by the user
1278 JNIEXPORT jint JNICALL
1279 Java_org_openafs_jafs_User_getGroupsOwnedCount
1280 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring jname
)
1288 (void *) Java_org_openafs_jafs_User_getGroupsOwnedBegin( env
, cls
,
1292 groupName
= malloc( sizeof(char)*PTS_MAX_NAME_LEN
);
1295 throwAFSException( env
, JAFSADMNOMEM
);
1299 while ( pts_OwnedGroupListNext( (void *) iterationId
, groupName
, &ast
) )
1304 if( ast
!= ADMITERATORDONE
) {
1305 throwAFSException( env
, ast
);
1313 * Begin the process of getting the groups that a user or group owns.
1314 * Returns an iteration ID to be used by subsequent calls to
1315 * getGroupsOwnedNext and getGroupsOwnedDone.
1317 * env the Java environment
1318 * cls the current Java class
1319 * cellHandle the handle of the cell to which the user belongs
1320 * jname the name of the user or group for which to get the groups
1321 * returns an iteration ID
1323 JNIEXPORT jlong JNICALL
1324 Java_org_openafs_jafs_User_getGroupsOwnedBegin
1325 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jstring jname
)
1331 if( jname
!= NULL
) {
1332 name
= (*env
)->GetStringUTFChars(env
, jname
, 0);
1334 throwAFSException( env
, JAFSADMNOMEM
);
1341 if( !pts_OwnedGroupListBegin( (void *) cellHandle
, name
,
1342 &iterationId
, &ast
) ) {
1343 if( jname
!= NULL
) {
1344 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
1346 throwAFSException( env
, ast
);
1350 if( jname
!= NULL
) {
1351 (*env
)->ReleaseStringUTFChars(env
, jname
, name
);
1354 return (jlong
) iterationId
;
1359 * Returns the next group the user or group owns. Returns null
1360 * if there are no more groups.
1362 * env the Java environment
1363 * cls the current Java class
1364 * iterationId the iteration ID of this iteration
1365 * returns the name of the next group
1367 JNIEXPORT jstring JNICALL
1368 Java_org_openafs_jafs_User_getGroupsOwnedNextString
1369 (JNIEnv
*env
, jclass cls
, jlong iterationId
)
1372 char *groupName
= malloc( sizeof(char)*PTS_MAX_NAME_LEN
);
1376 throwAFSException( env
, JAFSADMNOMEM
);
1380 if( !pts_OwnedGroupListNext( (void *) iterationId
, groupName
, &ast
) ) {
1382 if( ast
== ADMITERATORDONE
) {
1385 throwAFSException( env
, ast
);
1390 jgroup
= (*env
)->NewStringUTF(env
, groupName
);
1397 * Fills the next group object that the user or group owns. Returns 0 if
1398 * there are no more groups, != 0 otherwise.
1400 * env the Java environment
1401 * cls the current Java class
1402 * cellHandle the handle of the cell to which the users belong
1403 * iterationId the iteration ID of this iteration
1404 * jgroupObject a Group object to be populated with the values of the
1406 * returns 0 if there are no more users, != 0 otherwise
1408 JNIEXPORT jint JNICALL
1409 Java_org_openafs_jafs_User_getGroupsOwnedNext
1410 (JNIEnv
*env
, jclass cls
, jlong cellHandle
, jlong iterationId
,
1411 jobject jgroupObject
)
1417 groupName
= malloc( sizeof(char)*PTS_MAX_NAME_LEN
);
1420 throwAFSException( env
, JAFSADMNOMEM
);
1424 if( !pts_OwnedGroupListNext( (void *) iterationId
, groupName
, &ast
) ) {
1426 if( ast
== ADMITERATORDONE
) {
1429 throwAFSException( env
, ast
);
1434 jgroup
= (*env
)->NewStringUTF(env
, groupName
);
1436 if( groupCls
== 0 ) {
1437 internal_getGroupClass( env
, jgroupObject
);
1440 (*env
)->SetObjectField(env
, jgroupObject
, group_nameField
, jgroup
);
1442 getGroupInfoChar( env
, (void *) cellHandle
, groupName
, jgroupObject
);
1443 (*env
)->SetBooleanField( env
, jgroupObject
, group_cachedInfoField
, TRUE
);
1451 * Signals that the iteration is complete and will not be accessed anymore.
1453 * env the Java environment
1454 * cls the current Java class
1455 * iterationId the iteration ID of this iteration
1457 JNIEXPORT
void JNICALL
1458 Java_org_openafs_jafs_User_getGroupsOwnedDone
1459 (JNIEnv
*env
, jclass cls
, jlong iterationId
)
1463 if( !pts_OwnedGroupListDone( (void *) iterationId
, &ast
) ) {
1464 throwAFSException( env
, ast
);
1470 // reclaim global memory being used by this portion
1471 JNIEXPORT
void JNICALL
1472 Java_org_openafs_jafs_User_reclaimUserMemory
1473 (JNIEnv
*env
, jclass cls
)
1476 (*env
)->DeleteGlobalRef(env
, userCls
);