adlib/AD_user.hpp at main · AD-iOS/adlib · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
/*    AD-DEV Public General License
 *       Version 1.0.0, December 2025
 *
 *  Copyright (c) 2025-2026 AD-iOS (ad-ios334@outlook.com) All rights reserved.
 *
 *  (Note: AD, AD-dev, and AD-iOS refer to the same person. Email: ad-ios334@outlook.com)
 *
 *  Hereinafter, the AD-DEV Public General License is referred to as this Agreement or this License. The original source code, executable binaries, and related documentation are collectively referred to as the Software. Use for profit, including sales, leasing, advertising support, etc., is referred to as Commercial Use. Works modified or extended based on the Software are referred to as Derivative Products.
 *
 *  We hereby grant you the following rights, subject to the following conditions, a worldwide, royalty-free, non-exclusive, irrevocable license to:
 *    1. Use, copy, and modify the Software
 *    2. Create derivative works
 *    3. Distribute the Software and derivative works
 *
 *  Conditions:
 *    1. Retain the original author's license and copyright notices
 *    2. The original author assumes no liability
 *    3. Unauthorized commercial use is prohibited
 *    4. All modifications and derivative products based on the Software must use this License and disclose the original source code
 *    5. Disclosure of the original source code is not required when using the Software unmodified (e.g., via APIs, libraries, automatic linkers, etc.)
 *
 *  Anyone may distribute or copy this License file, but may not modify it.
 *  For commercial use, please contact the maintainer of the Software to obtain written and electronic authorization. Note that commercial licensing may involve fees; specific terms shall be negotiated separately.
 *  Violation of this Agreement will automatically terminate the license. Upon termination, all copies of the Software must be destroyed, use of the Software must cease, derivative products must be withdrawn from distribution channels, and distribution of derivative products must stop.
 *
 *  The software is provided "as is", without warranty of any kind, express or implied. In no event shall the authors or copyright holders be liable for any claim, damages, or other liability arising from the use of the software.
 *
 *  If any provision is invalid, it does not affect the validity of the other provisions.
 *  By using, distributing, or modifying the Software, you automatically agree to and intend to comply with this Agreement. If you cannot comply, you must stop using, distributing, or modifying the Software.
 *  This Agreement is governed by and construed in accordance with the laws of the People's Republic of China (without regard to conflict of law principles).
 */
/*
 * AD_user.hpp
 * Created by AD on 30/12/25
 * Copyright (c) 2025-2026 AD All rights reserved.
 */
/*
 * AD_user.hpp
 * Fixed by Assistant
**/

#ifndef _AD_USER_HPP_
#define _AD_USER_HPP_

#include "AD_output.hpp"
#include "ad_system.hpp"
#include <unistd.h>
#include <pwd.h>
#include <grp.h>
#include <getopt.h>
#include <algorithm> // for std::all_of

namespace AD {

namespace user {

    /**
     * @brief parse user name or UID
     */
    inline uid_t parse_uid(const std::string& input) {
        if (input.empty()) {
            AD::cerr << "[Error] User string is empty" << AD::endl;
            exit(EXIT_FAILURE);
        }

        if (std::all_of(input.begin(), input.end(), ::isdigit)) {
            return std::stoi(input);
        }

        struct passwd* pw = getpwnam(input.c_str());
        if (pw == nullptr) {
            AD::cerr << "[Error] User '" << input << "' not found" << AD::endl;
            exit(EXIT_FAILURE);
        }
        return pw->pw_uid;
    }

    /**
     * @brief parse group name or GID
     */
    inline gid_t parse_gid(const std::string& input) {
        if (input.empty()) {
            AD::cerr << "[Error] Group string is empty" << AD::endl;
            exit(EXIT_FAILURE);
        }

        if (std::all_of(input.begin(), input.end(), ::isdigit)) {
            return std::stoi(input);
        }

        struct group* gr = getgrnam(input.c_str());
        if (gr == nullptr) {
            AD::cerr << "[Error] Group '" << input << "' not found" << AD::endl;
            exit(EXIT_FAILURE);
        }
        return gr->gr_gid;
    }

    namespace get {
        inline std::string uidname(uid_t uid) {
            struct passwd* pw = getpwuid(uid);
            if (pw != nullptr) return pw->pw_name;
            return std::to_string(uid);
        }

        inline std::string gidname(gid_t gid) {
            struct group* gr = getgrgid(gid);
            if (gr != nullptr) return gr->gr_name;
            return std::to_string(gid);
        }
    }

    inline std::string get_username(uid_t uid) { return get::uidname(uid); }
    inline std::string get_groupname(gid_t gid) { return get::gidname(gid); }

    /**
     * @brief switch users and groups
     */
    inline bool change(const std::string& username, const std::string& groupname = "", bool verbose = false) {
        uid_t uid = parse_uid(username);
        gid_t gid = groupname.empty() ? getgid() : parse_gid(groupname);

        if (verbose) {
            AD::cout << "Current UID: " << getuid() << " (" << get_username(getuid()) << ")" << AD::endl;
            AD::cout << "Target UID: " << uid << " (" << username << ")" << AD::endl;
        }

        if (setgid(gid) != 0) {
            AD::cerr << "[Error] Failed to set GID: " << strerror(errno) << AD::endl;
            return false;
        }

        struct passwd* pw = getpwuid(uid);
        if (pw != nullptr) {
            initgroups(pw->pw_name, gid);
        }

        if (setuid(uid) != 0) {
            AD::cerr << "[Error] Failed to set UID: " << strerror(errno) << AD::endl;
            return false;
        }

        if (verbose) {
            AD::cout << "[Success] Switched context." << AD::endl;
        }

        return true;
    }

    // 兼容舊接口名
    inline bool switch_user(const std::string& u, const std::string& g, bool v) {
        return change(u, g, v);
    }

    inline int runas(const std::string& username, const std::string& command, const std::string& groupname = "") {
        if (!change(username, groupname, false)) {
            return EXIT_FAILURE;
        }
        return ad_bash_system(command.c_str());
    }

    inline int execute_as_user(const std::string& u, const std::string& c, const std::string& g) {
        return runas(u, c, g);
    }

} // namespace user
} // namespace AD

#endif