The Trunk: Network-cbc.234.mcz

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

The Trunk: Network-cbc.234.mcz

commits-2
Marcel Taeumel uploaded a new version of Network to project The Trunk:
http://source.squeak.org/trunk/Network-cbc.234.mcz

==================== Summary ====================

Name: Network-cbc.234
Author: cbc
Time: 7 June 2019, 12:56:17.741581 pm
UUID: a2081791-f54f-40fd-bd59-b8da1d52265d
Ancestors: Network-pre.233

Password was very specific for ServerDirectory.
Re-factor Password into a more generic password holder (usuable in other classes).
Create ServerPassword as a sub-class of Password with necessary specilizations moved down to it.
Make ServcieDirectory point to ServerPassword.

This allows us to use Password generally to store a password in memory (encoded) during a Squeak session, which is cleared out when saving.  The intended use case is to not store passwords in code or in the file system - instead prompt the user at first use and cache it for the rest of the life of the session.

=============== Diff against Network-pre.233 ===============

Item was changed:
  Object subclass: #Password
+ instanceVariableNames: 'cache'
- instanceVariableNames: 'cache sequence'
  classVariableNames: ''
  poolDictionaries: ''
  category: 'Network-Kernel'!
 
+ !Password commentStamp: 'cbc 6/7/2019 11:19' prior: 0!
+ "Hold a password in memory during a run of the app.
- !Password commentStamp: 'pre 12/11/2018 15:53' prior: 0!
- "Hold a password.  There are three ways to get the password.
 
+ After each save (after each startup), when an applicaiton asks for a password, one of two things will happen:
+   1> the user will be prompted for the password
+   2> If the user was previously prompted, return that password
- If there is no password (sequence == nil), ask the user for it.
 
+ Passwords are stored encoded.
+ At shutDown, passwords are cleared (will not be written to disc).
- If the user supplied one during this session, return that.  It is cleared at shutDown.
 
+ The intent for this class is to avoid storing passwords in code or on files on the system.  Instead, prompt the user during the running of the application."!
- If sequence is a number, get the server passwords off the disk.  File 'sqk.info' must be in the same folder 'Squeak.sources' file.  Decode the file.  Return the password indexed by sequence."!

Item was changed:
  ----- Method: Password>>cache: (in category 'accessing') -----
  cache: anObject
+ "if anObject is nil, then clear out cache - don't store values to disc"
+ anObject ifNil: [^cache := nil].
+ "Otherwise, 'encode' (trivially) the password while it resides in memory - no plain text"
+ cache := self decode: anObject!
- cache := anObject!

Item was removed:
- ----- Method: Password>>passwordFor: (in category 'accessing') -----
- passwordFor: serverDir
- "Returned the password from one of many sources.  OK if send in a nil arg."
-
- | sp msg |
- cache ifNotNil: [^ cache].
- sequence ifNotNil: [
- (sp := self serverPasswords) ifNotNil: [
- sequence <= sp size ifTrue: [^ sp at: sequence]]].
- msg := serverDir isRemoteDirectory
- ifTrue: [serverDir moniker]
- ifFalse: ['this directory'].
- (serverDir user = 'anonymous') & (serverDir typeWithDefault == #ftp) ifTrue: [
- ^ cache := UIManager default request: 'Please let this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs
- initialAnswer: '[hidden email]'].
-
- ^ cache := UIManager default requestPassword: 'Password for ', serverDir user, ' at ', msg, ':'.
- "Diff between empty string and abort?"!

Item was added:
+ ----- Method: Password>>passwordForMessage: (in category 'accessing') -----
+ passwordForMessage: msg
+ cache ifNotNil: [^self decode: cache]. "Our stored value is encoded"
+ ^self decode: (cache := self decode: (UIManager default requestPassword: 'Password for ', msg, ':')).!

Item was removed:
- ----- Method: Password>>sequence (in category 'accessing') -----
- sequence
- ^sequence!

Item was removed:
- ----- Method: Password>>sequence: (in category 'accessing') -----
- sequence: anNumber
- sequence := anNumber!

Item was removed:
- ----- Method: Password>>serverPasswords (in category 'accessing') -----
- serverPasswords
- "Get the server passwords off the disk and decode them. The file 'sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory).  (Note: This code works even if you are running with no system sources file.)"
-
- | sfile |
- (sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^ nil].
- "If not there, Caller will ask user for password"
- "If you don't have this file, and you really do want to release an update,
- contact Ted Kaehler."
- ^ (self decode: (sfile contentsOfEntireFile)) lines
- !

Item was changed:
  ----- Method: ServerDirectory>>password (in category 'accessing') -----
  password
 
+ passwordHolder ifNil: [passwordHolder := ServerPassword new].
- passwordHolder ifNil: [passwordHolder := Password new].
  ^ passwordHolder passwordFor: self "may ask the user"!

Item was changed:
  ----- Method: ServerDirectory>>password: (in category 'accessing') -----
  password: pp
 
+ passwordHolder := ServerPassword new.
- passwordHolder := Password new.
  pp isString
  ifTrue: [passwordHolder cache: pp. ^ self].
  pp isInteger
  ifTrue: [passwordHolder sequence: pp]
  ifFalse: [passwordHolder := pp].!

Item was changed:
  ----- Method: ServerDirectory>>passwordSequence: (in category 'accessing') -----
  passwordSequence: aNumber
 
+ passwordHolder ifNil: [passwordHolder := ServerPassword new].
- passwordHolder ifNil: [passwordHolder := Password new].
  passwordHolder sequence: aNumber!

Item was added:
+ Password subclass: #ServerPassword
+ instanceVariableNames: 'sequence'
+ classVariableNames: ''
+ poolDictionaries: ''
+ category: 'Network-Kernel'!
+
+ !ServerPassword commentStamp: 'cbc 6/7/2019 11:15' prior: 0!
+ "Hold a password.  There are three ways to get the password.
+
+ If there is no password (sequence == nil), ask the user for it.
+
+ If the user supplied one during this session, return that.  It is cleared at shutDown.
+
+ If sequence is a number, get the server passwords off the disk.  File 'sqk.info' must be in the same folder 'Squeak.sources' file.  Decode the file.  Return the password indexed by sequence."!

Item was added:
+ ----- Method: ServerPassword>>cache: (in category 'accessing') -----
+ cache: anObject
+ cache := anObject!

Item was added:
+ ----- Method: ServerPassword>>passwordFor: (in category 'accessing') -----
+ passwordFor: serverDir
+ "Returned the password from one of many sources.  OK if send in a nil arg."
+
+ | sp msg |
+ cache ifNotNil: [^ cache].
+ sequence ifNotNil: [
+ (sp := self serverPasswords) ifNotNil: [
+ sequence <= sp size ifTrue: [^ sp at: sequence]]].
+ msg := serverDir isRemoteDirectory
+ ifTrue: [serverDir moniker]
+ ifFalse: ['this directory'].
+ (serverDir user = 'anonymous') & (serverDir typeWithDefault == #ftp) ifTrue: [
+ ^ cache := UIManager default request: 'Please let this anonymous ftp\server know your email address.\This is the polite thing to do.' withCRs
+ initialAnswer: '[hidden email]'].
+
+ ^ cache := UIManager default requestPassword: 'Password for ', serverDir user, ' at ', msg, ':'.
+ "Diff between empty string and abort?"!

Item was added:
+ ----- Method: ServerPassword>>sequence (in category 'accessing') -----
+ sequence
+ ^sequence!

Item was added:
+ ----- Method: ServerPassword>>sequence: (in category 'accessing') -----
+ sequence: anNumber
+ sequence := anNumber!

Item was added:
+ ----- Method: ServerPassword>>serverPasswords (in category 'accessing') -----
+ serverPasswords
+ "Get the server passwords off the disk and decode them. The file 'sqk.info' must be in some folder that Squeak thinks is special (vm folder, or default directory).  (Note: This code works even if you are running with no system sources file.)"
+
+ | sfile |
+ (sfile := FileDirectory lookInUsualPlaces: 'sqk.info') ifNil: [^ nil].
+ "If not there, Caller will ask user for password"
+ "If you don't have this file, and you really do want to release an update,
+ contact Ted Kaehler."
+ ^ (self decode: (sfile contentsOfEntireFile)) lines
+ !