]> git.stg.codes - stg.git/blobdiff - projects/stargazer/user_impl.cpp
Use async-radius.
[stg.git] / projects / stargazer / user_impl.cpp
index 7f6ff352f7fb4677cd5947c0ebf9dbde4d12a20e..af94d47743132751ca44c8d21d9ba5077a69561c 100644 (file)
 #include "stg/scriptexecuter.h"
 #include "stg/tariff.h"
 #include "stg/tariffs.h"
+#include "stg/services.h"
+#include "stg/service_conf.h"
 #include "stg/admin.h"
 
 #include <algorithm>
 #include <functional>
+#include <array>
 
 #include <cassert>
 #include <cstdlib>
 #include <pthread.h>
 #include <unistd.h> // access
 
-#ifdef USE_ABSTRACT_SETTINGS
-USER_IMPL::USER_IMPL(const SETTINGS * s,
-           const STORE * st,
-           const TARIFFS * t,
-           const ADMIN * a,
-           const USERS * u)
-    : USER(),
-      users(u),
-      property(s->GetScriptsDir()),
-      WriteServLog(GetStgLogger()),
-      lastScanMessages(0),
-      id(0),
-      __connected(0),
-      connected(__connected),
-      __currIP(0),
-      currIP(__currIP),
-      lastIPForDisconnect(0),
-      pingTime(0),
-      sysAdmin(a),
-      store(st),
-      tariffs(t),
-      tariff(NULL),
-      settings(s),
-      authorizedModificationTime(0),
-      deleted(false),
-      lastWriteStat(0),
-      lastWriteDetailedStat(0),
-      cash(property.cash),
-      up(property.up),
-      down(property.down),
-      lastCashAdd(property.lastCashAdd),
-      passiveTime(property.passiveTime),
-      lastCashAddTime(property.lastCashAddTime),
-      freeMb(property.freeMb),
-      lastActivityTime(property.lastActivityTime),
-      password(property.password),
-      passive(property.passive),
-      disabled(property.disabled),
-      disabledDetailStat(property.disabledDetailStat),
-      alwaysOnline(property.alwaysOnline),
-      tariffName(property.tariffName),
-      nextTariff(property.nextTariff),
-      address(property.address),
-      note(property.note),
-      group(property.group),
-      email(property.email),
-      phone(property.phone),
-      realName(property.realName),
-      credit(property.credit),
-      creditExpire(property.creditExpire),
-      ips(property.ips),
-      userdata0(property.userdata0),
-      userdata1(property.userdata1),
-      userdata2(property.userdata2),
-      userdata3(property.userdata3),
-      userdata4(property.userdata4),
-      userdata5(property.userdata5),
-      userdata6(property.userdata6),
-      userdata7(property.userdata7),
-      userdata8(property.userdata8),
-      userdata9(property.userdata9),
-      passiveNotifier(this),
-      tariffNotifier(this),
-      cashNotifier(this),
-      ipNotifier(this)
+using STG::UserImpl;
+
+namespace
 {
-password = "*_EMPTY_PASSWORD_*";
-tariffName = NO_TARIFF_NAME;
-ips = StrToIPS("*");
-lastWriteStat = stgTime + random() % settings->GetStatWritePeriod();
-lastWriteDetailedStat = stgTime;
 
-property.tariffName.AddBeforeNotifier(&tariffNotifier);
-property.passive.AddBeforeNotifier(&passiveNotifier);
-property.disabled.AddAfterNotifier(&disabledNotifier);
-property.cash.AddBeforeNotifier(&cashNotifier);
-ips.AddAfterNotifier(&ipNotifier);
+std::string dirsToString(const bool * dirs)
+{
+std::string res;
+for (size_t i = 0; i < DIR_NUM; i++)
+    res += dirs[i] ? '1' : '0';
+return res;
+}
 
-pthread_mutexattr_t attr;
-pthread_mutexattr_init(&attr);
-pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);
-pthread_mutex_init(&mutex, &attr);
+void dirsFromBits(bool * dirs, uint32_t bits)
+{
+for (size_t i = 0; i < DIR_NUM; i++)
+    dirs[i] = bits & (1 << i);
 }
-#else
-USER_IMPL::USER_IMPL(const SETTINGS_IMPL * s,
-                     const STORE * st,
-                     const TARIFFS * t,
-                     const ADMIN * a,
-                     const USERS * u)
-    : USER(),
-      users(u),
-      property(s->GetScriptsDir()),
-      WriteServLog(GetStgLogger()),
+
+}
+
+UserImpl::UserImpl(const Settings * s,
+           const Store * st,
+           const Tariffs * t,
+           const Admin * a,
+           const Users * u,
+           const Services & svcs)
+    : users(u),
+      properties(*s),
+      WriteServLog(Logger::get()),
       lastScanMessages(0),
       id(0),
-      __connected(0),
-      connected(__connected),
-      __currIP(0),
-      currIP(__currIP),
       lastIPForDisconnect(0),
       pingTime(0),
       sysAdmin(a),
       store(st),
       tariffs(t),
       tariff(NULL),
+      m_services(svcs),
       settings(s),
       authorizedModificationTime(0),
       deleted(false),
       lastWriteStat(0),
       lastWriteDetailedStat(0),
-      cash(property.cash),
-      up(property.up),
-      down(property.down),
-      lastCashAdd(property.lastCashAdd),
-      passiveTime(property.passiveTime),
-      lastCashAddTime(property.lastCashAddTime),
-      freeMb(property.freeMb),
-      lastActivityTime(property.lastActivityTime),
-      password(property.password),
-      passive(property.passive),
-      disabled(property.disabled),
-      disabledDetailStat(property.disabledDetailStat),
-      alwaysOnline(property.alwaysOnline),
-      tariffName(property.tariffName),
-      nextTariff(property.nextTariff),
-      address(property.address),
-      note(property.note),
-      group(property.group),
-      email(property.email),
-      phone(property.phone),
-      realName(property.realName),
-      credit(property.credit),
-      creditExpire(property.creditExpire),
-      ips(property.ips),
-      userdata0(property.userdata0),
-      userdata1(property.userdata1),
-      userdata2(property.userdata2),
-      userdata3(property.userdata3),
-      userdata4(property.userdata4),
-      userdata5(property.userdata5),
-      userdata6(property.userdata6),
-      userdata7(property.userdata7),
-      userdata8(property.userdata8),
-      userdata9(property.userdata9),
-      passiveNotifier(this),
-      disabledNotifier(this),
-      tariffNotifier(this),
-      cashNotifier(this),
-      ipNotifier(this)
+      cash(properties.cash),
+      up(properties.up),
+      down(properties.down),
+      lastCashAdd(properties.lastCashAdd),
+      passiveTime(properties.passiveTime),
+      lastCashAddTime(properties.lastCashAddTime),
+      freeMb(properties.freeMb),
+      lastActivityTime(properties.lastActivityTime),
+      password(properties.password),
+      passive(properties.passive),
+      disabled(properties.disabled),
+      disabledDetailStat(properties.disabledDetailStat),
+      alwaysOnline(properties.alwaysOnline),
+      tariffName(properties.tariffName),
+      nextTariff(properties.nextTariff),
+      address(properties.address),
+      note(properties.note),
+      group(properties.group),
+      email(properties.email),
+      phone(properties.phone),
+      realName(properties.realName),
+      credit(properties.credit),
+      creditExpire(properties.creditExpire),
+      ips(properties.ips),
+      userdata0(properties.userdata0),
+      userdata1(properties.userdata1),
+      userdata2(properties.userdata2),
+      userdata3(properties.userdata3),
+      userdata4(properties.userdata4),
+      userdata5(properties.userdata5),
+      userdata6(properties.userdata6),
+      userdata7(properties.userdata7),
+      userdata8(properties.userdata8),
+      userdata9(properties.userdata9),
+      sessionUploadModTime(stgTime),
+      sessionDownloadModTime(stgTime)
+{
+    Init();
+}
+//-----------------------------------------------------------------------------
+void UserImpl::Init()
 {
 password = "*_EMPTY_PASSWORD_*";
 tariffName = NO_TARIFF_NAME;
-ips = StrToIPS("*");
+tariff = tariffs->FindByName(tariffName);
+ips = UserIPs::parse("*");
 lastWriteStat = stgTime + random() % settings->GetStatWritePeriod();
 lastWriteDetailedStat = stgTime;
 
-property.tariffName.AddBeforeNotifier(&tariffNotifier);
-property.passive.AddBeforeNotifier(&passiveNotifier);
-property.disabled.AddAfterNotifier(&disabledNotifier);
-property.cash.AddBeforeNotifier(&cashNotifier);
-ips.AddAfterNotifier(&ipNotifier);
-
-pthread_mutexattr_t attr;
-pthread_mutexattr_init(&attr);
-pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);
-pthread_mutex_init(&mutex, &attr);
+m_beforePassiveConn = properties.passive.beforeChange([this](auto oldVal, auto newVal){ onPassiveChange(oldVal, newVal); });
+m_afterDisabledConn = properties.disabled.afterChange([this](auto oldVal, auto newVal){ onDisabledChange(oldVal, newVal); });
+m_beforeTariffConn = properties.tariffName.beforeChange([this](const auto& oldVal, const auto& newVal){ onTariffChange(oldVal, newVal); });
+m_beforeCashConn = properties.cash.beforeChange([this](auto oldVal, auto newVal){ onCashChange(oldVal, newVal); });
+m_afterIPConn = ips.afterChange([this](const auto& oldVal, const auto& newVal){ onIPChange(oldVal, newVal); });
 }
-#endif
 //-----------------------------------------------------------------------------
-USER_IMPL::USER_IMPL(const USER_IMPL & u)
-    : USER(),
-      users(u.users),
-      property(u.settings->GetScriptsDir()),
-      WriteServLog(GetStgLogger()),
+UserImpl::UserImpl(const UserImpl & u)
+    : users(u.users),
+      properties(*u.settings),
+      WriteServLog(Logger::get()),
       lastScanMessages(0),
       login(u.login),
       id(u.id),
-      __connected(0),
-      connected(__connected),
-      userIDGenerator(u.userIDGenerator),
-      __currIP(u.__currIP),
-      currIP(__currIP),
       lastIPForDisconnect(0),
       pingTime(u.pingTime),
       sysAdmin(u.sysAdmin),
       store(u.store),
       tariffs(u.tariffs),
       tariff(u.tariff),
+      m_services(u.m_services),
       traffStat(u.traffStat),
       traffStatSaved(u.traffStatSaved),
       settings(u.settings),
@@ -249,86 +178,70 @@ USER_IMPL::USER_IMPL(const USER_IMPL & u)
       deleted(u.deleted),
       lastWriteStat(u.lastWriteStat),
       lastWriteDetailedStat(u.lastWriteDetailedStat),
-      cash(property.cash),
-      up(property.up),
-      down(property.down),
-      lastCashAdd(property.lastCashAdd),
-      passiveTime(property.passiveTime),
-      lastCashAddTime(property.lastCashAddTime),
-      freeMb(property.freeMb),
-      lastActivityTime(property.lastActivityTime),
-      password(property.password),
-      passive(property.passive),
-      disabled(property.disabled),
-      disabledDetailStat(property.disabledDetailStat),
-      alwaysOnline(property.alwaysOnline),
-      tariffName(property.tariffName),
-      nextTariff(property.nextTariff),
-      address(property.address),
-      note(property.note),
-      group(property.group),
-      email(property.email),
-      phone(property.phone),
-      realName(property.realName),
-      credit(property.credit),
-      creditExpire(property.creditExpire),
-      ips(property.ips),
-      userdata0(property.userdata0),
-      userdata1(property.userdata1),
-      userdata2(property.userdata2),
-      userdata3(property.userdata3),
-      userdata4(property.userdata4),
-      userdata5(property.userdata5),
-      userdata6(property.userdata6),
-      userdata7(property.userdata7),
-      userdata8(property.userdata8),
-      userdata9(property.userdata9),
+      cash(properties.cash),
+      up(properties.up),
+      down(properties.down),
+      lastCashAdd(properties.lastCashAdd),
+      passiveTime(properties.passiveTime),
+      lastCashAddTime(properties.lastCashAddTime),
+      freeMb(properties.freeMb),
+      lastActivityTime(properties.lastActivityTime),
+      password(properties.password),
+      passive(properties.passive),
+      disabled(properties.disabled),
+      disabledDetailStat(properties.disabledDetailStat),
+      alwaysOnline(properties.alwaysOnline),
+      tariffName(properties.tariffName),
+      nextTariff(properties.nextTariff),
+      address(properties.address),
+      note(properties.note),
+      group(properties.group),
+      email(properties.email),
+      phone(properties.phone),
+      realName(properties.realName),
+      credit(properties.credit),
+      creditExpire(properties.creditExpire),
+      ips(properties.ips),
+      userdata0(properties.userdata0),
+      userdata1(properties.userdata1),
+      userdata2(properties.userdata2),
+      userdata3(properties.userdata3),
+      userdata4(properties.userdata4),
+      userdata5(properties.userdata5),
+      userdata6(properties.userdata6),
+      userdata7(properties.userdata7),
+      userdata8(properties.userdata8),
+      userdata9(properties.userdata9),
       sessionUpload(),
       sessionDownload(),
-      passiveNotifier(this),
-      disabledNotifier(this),
-      tariffNotifier(this),
-      cashNotifier(this),
-      ipNotifier(this)
+      sessionUploadModTime(stgTime),
+      sessionDownloadModTime(stgTime)
 {
-if (&u == this)
-    return;
-
-property.tariffName.AddBeforeNotifier(&tariffNotifier);
-property.passive.AddBeforeNotifier(&passiveNotifier);
-property.disabled.AddAfterNotifier(&disabledNotifier);
-property.cash.AddBeforeNotifier(&cashNotifier);
-ips.AddAfterNotifier(&ipNotifier);
+    if (&u == this)
+        return;
 
-property.SetProperties(u.property);
+    m_beforePassiveConn = properties.passive.beforeChange([this](auto oldVal, auto newVal){ onPassiveChange(oldVal, newVal); });
+    m_afterDisabledConn = properties.disabled.afterChange([this](auto oldVal, auto newVal){ onDisabledChange(oldVal, newVal); });
+    m_beforeTariffConn = properties.tariffName.beforeChange([this](const auto& oldVal, const auto& newVal){ onTariffChange(oldVal, newVal); });
+    m_beforeCashConn = properties.cash.beforeChange([this](auto oldVal, auto newVal){ onCashChange(oldVal, newVal); });
+    m_afterIPConn = ips.afterChange([this](const auto& oldVal, const auto& newVal){ onIPChange(oldVal, newVal); });
 
-pthread_mutexattr_t attr;
-pthread_mutexattr_init(&attr);
-pthread_mutexattr_settype(&attr, PTHREAD_MUTEX_RECURSIVE);
-pthread_mutex_init(&mutex, &attr);
-}
-//-----------------------------------------------------------------------------
-USER_IMPL::~USER_IMPL()
-{
-property.tariffName.DelBeforeNotifier(&tariffNotifier);
-property.passive.DelBeforeNotifier(&passiveNotifier);
-property.disabled.DelAfterNotifier(&disabledNotifier);
-property.cash.DelBeforeNotifier(&cashNotifier);
-pthread_mutex_destroy(&mutex);
+    properties.SetProperties(u.properties);
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::SetLogin(const std::string & l)
+void UserImpl::SetLogin(const std::string & l)
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
+static int idGen = 0;
 assert(login.empty() && "Login is already set");
 login = l;
-id = userIDGenerator.GetNextID();
+id = idGen++;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::ReadConf()
+int UserImpl::ReadConf()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-USER_CONF conf;
+std::lock_guard lock(m_mutex);
+UserConf conf;
 
 if (store->RestoreUserConf(&conf, login))
     {
@@ -339,17 +252,17 @@ if (store->RestoreUserConf(&conf, login))
     return -1;
     }
 
-property.SetConf(conf);
+properties.SetConf(conf);
 
 tariff = tariffs->FindByName(tariffName);
 if (tariff == NULL)
     {
     WriteServLog("Cannot read user %s. Tariff %s not exist.",
-                 login.c_str(), property.tariffName.Get().c_str());
+                 login.c_str(), properties.tariffName.Get().c_str());
     return -1;
     }
 
-std::vector<STG_MSG_HDR> hdrsList;
+std::vector<Message::Header> hdrsList;
 
 if (store->GetMessageHdrs(&hdrsList, login))
     {
@@ -360,10 +273,10 @@ if (store->GetMessageHdrs(&hdrsList, login))
     return -1;
     }
 
-std::vector<STG_MSG_HDR>::const_iterator it;
+std::vector<Message::Header>::const_iterator it;
 for (it = hdrsList.begin(); it != hdrsList.end(); ++it)
     {
-    STG_MSG msg;
+    Message msg;
     if (store->GetMessage(it->id, &msg, login) == 0)
         {
         messages.push_back(msg);
@@ -373,10 +286,10 @@ for (it = hdrsList.begin(); it != hdrsList.end(); ++it)
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::ReadStat()
+int UserImpl::ReadStat()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-USER_STAT stat;
+std::lock_guard lock(m_mutex);
+UserStat stat;
 
 if (store->RestoreUserStat(&stat, login))
     {
@@ -387,17 +300,17 @@ if (store->RestoreUserStat(&stat, login))
     return -1;
     }
 
-property.SetStat(stat);
+properties.SetStat(stat);
 
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::WriteConf()
+int UserImpl::WriteConf()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-USER_CONF conf(property.GetConf());
+std::lock_guard lock(m_mutex);
+UserConf conf(properties.GetConf());
 
-printfd(__FILE__, "USER::WriteConf()\n");
+printfd(__FILE__, "UserImpl::WriteConf()\n");
 
 if (store->SaveUserConf(conf, login))
     {
@@ -411,10 +324,10 @@ if (store->SaveUserConf(conf, login))
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::WriteStat()
+int UserImpl::WriteStat()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-USER_STAT stat(property.GetStat());
+std::lock_guard lock(m_mutex);
+UserStat stat(properties.GetStat());
 
 if (store->SaveUserStat(stat, login))
     {
@@ -430,14 +343,14 @@ lastWriteStat = stgTime;
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::WriteMonthStat()
+int UserImpl::WriteMonthStat()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 time_t tt = stgTime - 3600;
 struct tm t1;
 localtime_r(&tt, &t1);
 
-USER_STAT stat(property.GetStat());
+UserStat stat(properties.GetStat());
 if (store->SaveMonthStat(stat, t1.tm_mon, t1.tm_year, login))
     {
     WriteServLog("Cannot write month stat for user %s.", login.c_str());
@@ -450,15 +363,21 @@ if (store->SaveMonthStat(stat, t1.tm_mon, t1.tm_year, login))
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::Authorize(uint32_t ip, uint32_t dirs, const AUTH * auth)
+int UserImpl::Authorize(uint32_t ip, uint32_t dirs, const Auth * auth)
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 /*
  *  Authorize user. It only means that user will be authorized. Nothing more.
  *  User can be connected or disconnected while authorized.
  *  Example: user is authorized but disconnected due to 0 money or blocking
  */
 
+/*
+ * TODO: in fact "authorization" means allowing access to a service. What we
+ * call "authorization" here, int STG, is "authentication". So this should be
+ * fixed in future.
+ */
+
 /*
  * Prevent double authorization by identical authorizers
  */
@@ -468,28 +387,25 @@ if (authorizedBy.find(auth) != authorizedBy.end())
 if (!ip)
     return -1;
 
-for (int i = 0; i < DIR_NUM; i++)
-    {
-    enabledDirs[i] = dirs & (1 << i);
-    }
+dirsFromBits(enabledDirs, dirs);
 
 if (!authorizedBy.empty())
     {
-    if (currIP != ip)
+    if (m_currIP != ip)
         {
-        //  We are already authorized, but with different IP address
+        // We are already authorized, but with different IP address
         errorStr = "User " + login + " already authorized with IP address " + inet_ntostring(ip);
         return -1;
         }
 
-    USER * u = NULL;
+    User * u = NULL;
     if (!users->FindByIPIdx(ip, &u))
         {
-        //  Address is already present in IP-index
-        //  If it's not our IP - throw an error
+        // Address presents in IP-index.
+        // If it's not our IP - report it.
         if (u != this)
             {
-            errorStr = "IP address " + inet_ntostring(ip) + " already in use";
+            errorStr = "IP address " + inet_ntostring(ip) + " is already in use";
             return -1;
             }
         }
@@ -498,20 +414,20 @@ else
     {
     if (users->IsIPInIndex(ip))
         {
-        //  Address is already present in IP-index
-        errorStr = "IP address " + inet_ntostring(ip) + " already in use";
+        // Address is already present in IP-index.
+        errorStr = "IP address " + inet_ntostring(ip) + " is already in use";
         return -1;
         }
 
-    if (ips.ConstData().IsIPInIPS(ip))
+    if (ips.ConstData().find(ip))
         {
-        currIP = ip;
-        lastIPForDisconnect = currIP;
+        m_currIP = ip;
+        lastIPForDisconnect = m_currIP;
         }
     else
         {
-        printfd(__FILE__, " user %s: ips = %s\n", login.c_str(), ips.ConstData().GetIpStr().c_str());
-        errorStr = "IP address " + inet_ntostring(ip) + " not belong user " + login;
+        printfd(__FILE__, " user %s: ips = %s\n", login.c_str(), ips.ConstData().toString().c_str());
+        errorStr = "IP address " + inet_ntostring(ip) + " does not belong to user " + login;
         return -1;
         }
     }
@@ -525,70 +441,66 @@ ScanMessage();
 return 0;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::Unauthorize(const AUTH * auth, const std::string & reason)
+void UserImpl::Unauthorize(const Auth * auth, const std::string & reason)
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 /*
  *  Authorizer tries to unauthorize user, that was not authorized by it
  */
 if (!authorizedBy.erase(auth))
     return;
 
+authorizedModificationTime = stgTime;
+
 if (authorizedBy.empty())
     {
-    authorizedModificationTime = stgTime;
     lastDisconnectReason = reason;
-    lastIPForDisconnect = currIP;
-    currIP = 0; // DelUser in traffcounter
+    lastIPForDisconnect = m_currIP;
+    m_currIP = 0; // DelUser in traffcounter
+    if (m_connected)
+        Disconnect(false, "not authorized");
     return;
     }
 }
 //-----------------------------------------------------------------------------
-bool USER_IMPL::IsAuthorizedBy(const AUTH * auth) const
+bool UserImpl::IsAuthorizedBy(const Auth * auth) const
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-//  Is this user authorized by specified authorizer?
+std::lock_guard lock(m_mutex);
+// Is this user authorized by specified authorizer?
 return authorizedBy.find(auth) != authorizedBy.end();
 }
 //-----------------------------------------------------------------------------
-std::vector<std::string> USER_IMPL::GetAuthorizers() const
+std::vector<std::string> UserImpl::GetAuthorizers() const
 {
+    std::lock_guard lock(m_mutex);
     std::vector<std::string> list;
-    std::transform(authorizedBy.begin(), authorizedBy.end(), std::back_inserter(list), std::mem_fun(&AUTH::GetVersion));
+    std::transform(authorizedBy.begin(), authorizedBy.end(), std::back_inserter(list), [](const auto auth){ return auth->GetVersion(); });
     return list;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::Connect(bool fakeConnect)
+void UserImpl::Connect(bool fakeConnect)
 {
 /*
- *  Connect user to Internet. This function is differ from Authorize() !!!
+ * Connect user to Internet. This function is differ from Authorize() !!!
  */
 
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-
 if (!fakeConnect)
     {
     std::string scriptOnConnect = settings->GetScriptsDir() + "/OnConnect";
 
     if (access(scriptOnConnect.c_str(), X_OK) == 0)
         {
-        char dirsStr[DIR_NUM + 1];
-        dirsStr[DIR_NUM] = 0;
-        for (int i = 0; i < DIR_NUM; i++)
-            {
-            dirsStr[i] = enabledDirs[i] ? '1' : '0';
-            }
+        std::string dirs = dirsToString(enabledDirs);
 
         std::string scriptOnConnectParams;
-
         strprintf(&scriptOnConnectParams,
-                "%s \"%s\" \"%s\" \"%f\" \"%d\" \"%s\"",
-                scriptOnConnect.c_str(),
-                login.c_str(),
-                inet_ntostring(currIP).c_str(),
-                cash.ConstData(),
-                id,
-                dirsStr);
+                  "%s \"%s\" \"%s\" \"%f\" \"%d\" \"%s\"",
+                  scriptOnConnect.c_str(),
+                  login.c_str(),
+                  inet_ntostring(m_currIP).c_str(),
+                  cash.ConstData(),
+                  id,
+                  dirs.c_str());
 
         std::vector<std::string>::const_iterator it(settings->GetScriptParams().begin());
         while (it != settings->GetScriptParams().end())
@@ -604,27 +516,25 @@ if (!fakeConnect)
         WriteServLog("Script %s cannot be executed. File not found.", scriptOnConnect.c_str());
         }
 
-    connected = true;
+    m_connected = true;
     }
 
-if (store->WriteUserConnect(login, currIP))
+if (!settings->GetDisableSessionLog() && store->WriteUserConnect(login, m_currIP))
     {
     WriteServLog("Cannot write connect for user %s.", login.c_str());
     WriteServLog("%s", store->GetStrError().c_str());
     }
 
 if (!fakeConnect)
-    lastIPForDisconnect = currIP;
+    lastIPForDisconnect = m_currIP;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::Disconnect(bool fakeDisconnect, const std::string & reason)
+void UserImpl::Disconnect(bool fakeDisconnect, const std::string & reason)
 {
 /*
  *  Disconnect user from Internet. This function is differ from UnAuthorize() !!!
  */
 
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-
 if (!lastIPForDisconnect)
     {
     printfd(__FILE__, "lastIPForDisconnect\n");
@@ -638,12 +548,7 @@ if (!fakeDisconnect)
 
     if (access(scriptOnDisonnect.c_str(), X_OK) == 0)
         {
-        char dirsStr[DIR_NUM + 1];
-        dirsStr[DIR_NUM] = 0;
-        for (int i = 0; i < DIR_NUM; i++)
-            {
-            dirsStr[i] = enabledDirs[i] ? '1' : '0';
-            }
+        std::string dirs = dirsToString(enabledDirs);
 
         std::string scriptOnDisonnectParams;
         strprintf(&scriptOnDisonnectParams,
@@ -653,7 +558,7 @@ if (!fakeDisconnect)
                 inet_ntostring(lastIPForDisconnect).c_str(),
                 cash.ConstData(),
                 id,
-                dirsStr);
+                dirs.c_str());
 
         std::vector<std::string>::const_iterator it(settings->GetScriptParams().begin());
         while (it != settings->GetScriptParams().end())
@@ -669,15 +574,15 @@ if (!fakeDisconnect)
         WriteServLog("Script OnDisconnect cannot be executed. File not found.");
         }
 
-    connected = false;
+    m_connected = false;
     }
 
 std::string reasonMessage(reason);
 if (!lastDisconnectReason.empty())
     reasonMessage += ": " + lastDisconnectReason;
 
-if (store->WriteUserDisconnect(login, up, down, sessionUpload, sessionDownload,
-                               cash, freeMb, reasonMessage))
+if (!settings->GetDisableSessionLog() && store->WriteUserDisconnect(login, up, down, sessionUpload, sessionDownload,
+                                                                    cash, freeMb, reasonMessage))
     {
     WriteServLog("Cannot write disconnect for user %s.", login.c_str());
     WriteServLog("%s", store->GetStrError().c_str());
@@ -686,56 +591,19 @@ if (store->WriteUserDisconnect(login, up, down, sessionUpload, sessionDownload,
 if (!fakeDisconnect)
     lastIPForDisconnect = 0;
 
-DIR_TRAFF zeroSesssion;
-
-sessionUpload = zeroSesssion;
-sessionDownload = zeroSesssion;
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::PrintUser() const
-{
-//return;
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-std::cout << "============================================================" << std::endl;
-std::cout << "id=" << id << std::endl;
-std::cout << "login=" << login << std::endl;
-std::cout << "password=" << password << std::endl;
-std::cout << "passive=" << passive << std::endl;
-std::cout << "disabled=" << disabled << std::endl;
-std::cout << "disabledDetailStat=" << disabledDetailStat << std::endl;
-std::cout << "alwaysOnline=" << alwaysOnline << std::endl;
-std::cout << "tariffName=" << tariffName << std::endl;
-std::cout << "address=" << address << std::endl;
-std::cout << "phone=" << phone << std::endl;
-std::cout << "email=" << email << std::endl;
-std::cout << "note=" << note << std::endl;
-std::cout << "realName=" <<realName << std::endl;
-std::cout << "group=" << group << std::endl;
-std::cout << "credit=" << credit << std::endl;
-std::cout << "nextTariff=" << nextTariff << std::endl;
-std::cout << "userdata0" << userdata0 << std::endl;
-std::cout << "userdata1" << userdata1 << std::endl;
-std::cout << "creditExpire=" << creditExpire << std::endl;
-std::cout << "ips=" << ips << std::endl;
-std::cout << "------------------------" << std::endl;
-std::cout << "up=" << up << std::endl;
-std::cout << "down=" << down << std::endl;
-std::cout << "cash=" << cash << std::endl;
-std::cout << "freeMb=" << freeMb << std::endl;
-std::cout << "lastCashAdd=" << lastCashAdd << std::endl;
-std::cout << "lastCashAddTime=" << lastCashAddTime << std::endl;
-std::cout << "passiveTime=" << passiveTime << std::endl;
-std::cout << "lastActivityTime=" << lastActivityTime << std::endl;
-std::cout << "============================================================" << std::endl;
+sessionUpload.reset();
+sessionDownload.reset();
+sessionUploadModTime = stgTime;
+sessionDownloadModTime = stgTime;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::Run()
+void UserImpl::Run()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
-if (stgTime > static_cast<time_t>(lastWriteStat + settings->GetStatWritePeriod()))
+if (stgTime > lastWriteStat + settings->GetStatWritePeriod())
     {
-    printfd(__FILE__, "USER::WriteStat user=%s\n", GetLogin().c_str());
+    printfd(__FILE__, "UserImpl::WriteStat user=%s\n", GetLogin().c_str());
     WriteStat();
     }
 if (creditExpire.ConstData() && creditExpire.ConstData() < stgTime)
@@ -756,15 +624,13 @@ if (passive.ConstData()
 
 if (!authorizedBy.empty())
     {
-    if (connected)
-        {
-        property.Stat().lastActivityTime = stgTime;
-        }
-    if (!connected && IsInetable())
-        {
+    if (m_connected)
+        properties.Stat().lastActivityTime = stgTime;
+
+    if (!m_connected && IsInetable())
         Connect();
-        }
-    if (connected && !IsInetable())
+
+    if (m_connected && !IsInetable())
         {
         if (disabled)
             Disconnect(false, "disabled");
@@ -782,28 +648,23 @@ if (!authorizedBy.empty())
     }
 else
     {
-    if (connected)
-        {
+    if (m_connected)
         Disconnect(false, "not authorized");
-        }
     }
 
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::UpdatePingTime(time_t t)
+void UserImpl::UpdatePingTime(time_t t)
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-//printfd(__FILE__, "UpdatePingTime(%d) %s\n", t, login.c_str());
+std::lock_guard lock(m_mutex);
 if (t)
     pingTime = t;
 else
     pingTime = stgTime;
 }
 //-----------------------------------------------------------------------------
-bool USER_IMPL::IsInetable()
+bool UserImpl::IsInetable()
 {
-//STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-
 if (disabled || passive)
     return false;
 
@@ -814,36 +675,29 @@ if (settings->GetFreeMbAllowInet())
     }
 
 if (settings->GetShowFeeInCash() || tariff == NULL)
-    {
     return (cash >= -credit);
-    }
 
 return (cash - tariff->GetFee() >= -credit);
 }
 //-----------------------------------------------------------------------------
-std::string USER_IMPL::GetEnabledDirs() const
+std::string UserImpl::GetEnabledDirs() const
 {
-//STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-
-std::string dirs = "";
-for(int i = 0; i < DIR_NUM; i++)
-    dirs += enabledDirs[i] ? "1" : "0";
-return dirs;
+return dirsToString(enabledDirs);
 }
 //-----------------------------------------------------------------------------
 #ifdef TRAFF_STAT_WITH_PORTS
-void USER_IMPL::AddTraffStatU(int dir, uint32_t ip, uint16_t port, uint32_t len)
+void UserImpl::AddTraffStatU(int dir, uint32_t ip, uint16_t port, uint32_t len)
 #else
-void USER_IMPL::AddTraffStatU(int dir, uint32_t ip, uint32_t len)
+void UserImpl::AddTraffStatU(int dir, uint32_t ip, uint32_t len)
 #endif
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
-if (!connected || tariff == NULL)
+if (!m_connected || tariff == NULL)
     return;
 
 double cost = 0;
-DIR_TRAFF dt(up);
+DirTraff dt(up);
 
 int64_t traff = tariff->GetTraffByType(up.ConstData()[dir], down.ConstData()[dir]);
 int64_t threshold = tariff->GetThreshold(dir) * 1024 * 1024;
@@ -851,10 +705,10 @@ int64_t threshold = tariff->GetThreshold(dir) * 1024 * 1024;
 dt[dir] += len;
 
 int tt = tariff->GetTraffType();
-if (tt == TRAFF_UP ||
-    tt == TRAFF_UP_DOWN ||
+if (tt == Tariff::TRAFF_UP ||
+    tt == Tariff::TRAFF_UP_DOWN ||
     // Check NEW traff data
-    (tt == TRAFF_MAX && dt[dir] > down.ConstData()[dir]))
+    (tt == Tariff::TRAFF_MAX && dt[dir] > down.ConstData()[dir]))
     {
     double dc = 0;
     if (traff < threshold &&
@@ -887,14 +741,15 @@ if (tt == TRAFF_UP ||
         cost = dc - freeMb.ConstData();
 
     // Direct access to internal data structures via friend-specifier
-    property.Stat().freeMb -= dc;
-    property.Stat().cash -= cost;
+    properties.Stat().freeMb -= dc;
+    properties.Stat().cash -= cost;
     cash.ModifyTime();
     freeMb.ModifyTime();
     }
 
 up = dt;
 sessionUpload[dir] += len;
+sessionUploadModTime = stgTime;
 
 //Add detailed stat
 
@@ -903,18 +758,18 @@ if (!settings->GetWriteFreeMbTraffCost() &&
     cost = 0;
 
 #ifdef TRAFF_STAT_WITH_PORTS
-IP_DIR_PAIR idp(ip, dir, port);
+IPDirPair idp(ip, dir, port);
 #else
-IP_DIR_PAIR idp(ip, dir);
+IPDirPair idp(ip, dir);
 #endif
 
-std::map<IP_DIR_PAIR, STAT_NODE>::iterator lb;
+std::map<IPDirPair, StatNode>::iterator lb;
 lb = traffStat.lower_bound(idp);
 if (lb == traffStat.end() || lb->first != idp)
     {
     traffStat.insert(lb,
                      std::make_pair(idp,
-                                    STAT_NODE(len, 0, cost)));
+                                    StatNode(len, 0, cost)));
     }
 else
     {
@@ -924,18 +779,18 @@ else
 }
 //-----------------------------------------------------------------------------
 #ifdef TRAFF_STAT_WITH_PORTS
-void USER_IMPL::AddTraffStatD(int dir, uint32_t ip, uint16_t port, uint32_t len)
+void UserImpl::AddTraffStatD(int dir, uint32_t ip, uint16_t port, uint32_t len)
 #else
-void USER_IMPL::AddTraffStatD(int dir, uint32_t ip, uint32_t len)
+void UserImpl::AddTraffStatD(int dir, uint32_t ip, uint32_t len)
 #endif
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
-if (!connected || tariff == NULL)
+if (!m_connected || tariff == NULL)
     return;
 
 double cost = 0;
-DIR_TRAFF dt(down);
+DirTraff dt(down);
 
 int64_t traff = tariff->GetTraffByType(up.ConstData()[dir], down.ConstData()[dir]);
 int64_t threshold = tariff->GetThreshold(dir) * 1024 * 1024;
@@ -943,10 +798,10 @@ int64_t threshold = tariff->GetThreshold(dir) * 1024 * 1024;
 dt[dir] += len;
 
 int tt = tariff->GetTraffType();
-if (tt == TRAFF_DOWN ||
-    tt == TRAFF_UP_DOWN ||
+if (tt == Tariff::TRAFF_DOWN ||
+    tt == Tariff::TRAFF_UP_DOWN ||
     // Check NEW traff data
-    (tt == TRAFF_MAX && up.ConstData()[dir] <= dt[dir]))
+    (tt == Tariff::TRAFF_MAX && up.ConstData()[dir] <= dt[dir]))
     {
     double dc = 0;
     if (traff < threshold &&
@@ -978,14 +833,15 @@ if (tt == TRAFF_DOWN ||
     else if (freeMb.ConstData() < dc) // FreeMb is partially exhausted
         cost = dc - freeMb.ConstData();
 
-    property.Stat().freeMb -= dc;
-    property.Stat().cash -= cost;
+    properties.Stat().freeMb -= dc;
+    properties.Stat().cash -= cost;
     cash.ModifyTime();
     freeMb.ModifyTime();
     }
 
 down = dt;
 sessionDownload[dir] += len;
+sessionDownloadModTime = stgTime;
 
 //Add detailed stat
 
@@ -994,18 +850,18 @@ if (!settings->GetWriteFreeMbTraffCost() &&
     cost = 0;
 
 #ifdef TRAFF_STAT_WITH_PORTS
-IP_DIR_PAIR idp(ip, dir, port);
+IPDirPair idp(ip, dir, port);
 #else
-IP_DIR_PAIR idp(ip, dir);
+IPDirPair idp(ip, dir);
 #endif
 
-std::map<IP_DIR_PAIR, STAT_NODE>::iterator lb;
+std::map<IPDirPair, StatNode>::iterator lb;
 lb = traffStat.lower_bound(idp);
 if (lb == traffStat.end() || lb->first != idp)
     {
     traffStat.insert(lb,
                      std::make_pair(idp,
-                                    STAT_NODE(0, len, cost)));
+                                    StatNode(0, len, cost)));
     }
 else
     {
@@ -1014,67 +870,15 @@ else
     }
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::AddCurrIPBeforeNotifier(CURR_IP_NOTIFIER * notifier)
+void UserImpl::OnAdd()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-currIP.AddBeforeNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::DelCurrIPBeforeNotifier(const CURR_IP_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-currIP.DelBeforeNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::AddCurrIPAfterNotifier(CURR_IP_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-currIP.AddAfterNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::DelCurrIPAfterNotifier(const CURR_IP_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-currIP.DelAfterNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::AddConnectedBeforeNotifier(CONNECTED_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-connected.AddBeforeNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::DelConnectedBeforeNotifier(const CONNECTED_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-connected.DelBeforeNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::AddConnectedAfterNotifier(CONNECTED_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-connected.AddAfterNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::DelConnectedAfterNotifier(const CONNECTED_NOTIFIER * notifier)
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
-connected.DelAfterNotifier(notifier);
-}
-//-----------------------------------------------------------------------------
-void USER_IMPL::OnAdd()
-{
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 std::string scriptOnAdd = settings->GetScriptsDir() + "/OnUserAdd";
 
 if (access(scriptOnAdd.c_str(), X_OK) == 0)
     {
-    std::string scriptOnAddParams;
-    strprintf(&scriptOnAddParams,
-            "%s \"%s\"",
-            scriptOnAdd.c_str(),
-            login.c_str());
+    std::string scriptOnAddParams = scriptOnAdd + " \"" + login + "\"";
 
     ScriptExec(scriptOnAddParams.c_str());
     }
@@ -1084,19 +888,15 @@ else
     }
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::OnDelete()
+void UserImpl::OnDelete()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 std::string scriptOnDel = settings->GetScriptsDir() + "/OnUserDel";
 
 if (access(scriptOnDel.c_str(), X_OK) == 0)
     {
-    std::string scriptOnDelParams;
-    strprintf(&scriptOnDelParams,
-            "%s \"%s\"",
-            scriptOnDel.c_str(),
-            login.c_str());
+    std::string scriptOnDelParams = scriptOnDel + " \"" + login + "\"";
 
     ScriptExec(scriptOnDelParams.c_str());
     }
@@ -1108,15 +908,15 @@ else
 Run();
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::WriteDetailStat(bool hard)
+int UserImpl::WriteDetailStat(bool hard)
 {
-printfd(__FILE__, "USER::WriteDetailedStat() - saved size = %d\n", traffStatSaved.second.size());
+printfd(__FILE__, "UserImpl::WriteDetailedStat() - saved size = %d\n", traffStatSaved.second.size());
 
 if (!traffStatSaved.second.empty())
     {
     if (store->WriteDetailedStat(traffStatSaved.second, traffStatSaved.first, login))
         {
-        printfd(__FILE__, "USER::WriteDetailStat() - failed to write detail stat from queue\n");
+        printfd(__FILE__, "UserImpl::WriteDetailStat() - failed to write detail stat from queue\n");
         WriteServLog("Cannot write detail stat from queue (of size %d recs) for user %s.", traffStatSaved.second.size(), login.c_str());
         WriteServLog("%s", store->GetStrError().c_str());
         return -1;
@@ -1124,26 +924,26 @@ if (!traffStatSaved.second.empty())
     traffStatSaved.second.erase(traffStatSaved.second.begin(), traffStatSaved.second.end());
     }
 
-TRAFF_STAT ts;
+TraffStat ts;
 
     {
-    STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+    std::lock_guard lock(m_mutex);
     ts.swap(traffStat);
     }
 
-printfd(__FILE__, "USER::WriteDetailedStat() - size = %d\n", ts.size());
+printfd(__FILE__, "UserImpl::WriteDetailedStat() - size = %d\n", ts.size());
 
 if (ts.size() && !disabledDetailStat)
     {
     if (store->WriteDetailedStat(ts, lastWriteDetailedStat, login))
         {
-        printfd(__FILE__, "USER::WriteDetailStat() - failed to write current detail stat\n");
+        printfd(__FILE__, "UserImpl::WriteDetailStat() - failed to write current detail stat\n");
         WriteServLog("Cannot write detail stat for user %s.", login.c_str());
         WriteServLog("%s", store->GetStrError().c_str());
         if (!hard)
             {
-            printfd(__FILE__, "USER::WriteDetailStat() - pushing detail stat to queue\n");
-            STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+            printfd(__FILE__, "UserImpl::WriteDetailStat() - pushing detail stat to queue\n");
+            std::lock_guard lock(m_mutex);
             traffStatSaved.second.swap(ts);
             traffStatSaved.first = lastWriteDetailedStat;
             }
@@ -1154,12 +954,15 @@ lastWriteDetailedStat = stgTime;
 return 0;
 }
 //-----------------------------------------------------------------------------
-double USER_IMPL::GetPassiveTimePart() const
+double UserImpl::GetPassiveTimePart() const
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
+return getPassiveTimePart();
+}
 
-static int daysInMonth[12] =
-{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31};
+double UserImpl::getPassiveTimePart() const
+{
+static const std::array<unsigned, 12> daysInMonth{31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31};
 
 struct tm tms;
 time_t t = stgTime;
@@ -1181,9 +984,9 @@ if (dt < 0)
 return static_cast<double>(dt) / secMonth;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::SetPassiveTimeAsNewUser()
+void UserImpl::SetPassiveTimeAsNewUser()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 time_t t = stgTime;
 struct tm tm;
@@ -1195,65 +998,68 @@ pt /= daysCurrMon;
 passiveTime = static_cast<time_t>(pt * 24 * 3600 * daysCurrMon);
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::MidnightResetSessionStat()
+void UserImpl::MidnightResetSessionStat()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
-if (connected)
+if (m_connected)
     {
     Disconnect(true, "fake");
     Connect(true);
     }
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::ProcessNewMonth()
+void UserImpl::ProcessNewMonth()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 //  Reset traff
-if (connected)
-    {
+if (m_connected)
     Disconnect(true, "fake");
-    }
-DIR_TRAFF zeroTarff;
 
 WriteMonthStat();
 
-up = zeroTarff;
-down = zeroTarff;
+properties.Stat().monthUp.reset();
+properties.Stat().monthDown.reset();
 
-if (connected)
-    {
+if (m_connected)
     Connect(true);
-    }
 
 //  Set new tariff
 if (nextTariff.ConstData() != "")
     {
-    const TARIFF * nt;
-    nt = tariffs->FindByName(nextTariff);
+    const Tariff * nt = tariffs->FindByName(nextTariff);
     if (nt == NULL)
         {
         WriteServLog("Cannot change tariff for user %s. Tariff %s not exist.",
-                     login.c_str(), property.tariffName.Get().c_str());
+                     login.c_str(), properties.tariffName.Get().c_str());
         }
     else
         {
-        property.tariffName.Set(nextTariff, sysAdmin, login, store);
-        //tariff = nt;
+        std::string message = tariff->TariffChangeIsAllowed(*nt, stgTime);
+        if (message.empty())
+            {
+            properties.tariffName.Set(nextTariff, *sysAdmin, login, *store);
+            }
+        else
+            {
+            WriteServLog("Tariff change is prohibited for user %s. %s",
+                         login.c_str(),
+                         message.c_str());
+            }
         }
     ResetNextTariff();
     WriteConf();
     }
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::ProcessDayFeeSpread()
+void UserImpl::ProcessDayFeeSpread()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 if (passive.ConstData() || tariff == NULL)
     return;
 
-if (tariff->GetPeriod() != TARIFF::MONTH)
+if (tariff->GetPeriod() != Tariff::MONTH)
     return;
 
 double fee = tariff->GetFee() / DaysInCurrentMonth();
@@ -1265,38 +1071,38 @@ double c = cash;
 switch (settings->GetFeeChargeType())
     {
     case 0:
-        property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+        properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     case 1:
         if (c + credit >= 0)
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     case 2:
         if (c + credit >= fee)
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     case 3:
         if (c >= 0)
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     }
 ResetPassiveTime();
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::ProcessDayFee()
+void UserImpl::ProcessDayFee()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 if (tariff == NULL)
     return;
 
-if (tariff->GetPeriod() != TARIFF::MONTH)
+if (tariff->GetPeriod() != Tariff::MONTH)
     return;
 
 double passiveTimePart = 1.0;
 if (!settings->GetFullFee())
     {
-    passiveTimePart = GetPassiveTimePart();
+    passiveTimePart = getPassiveTimePart();
     }
 else
     {
@@ -1327,41 +1133,41 @@ printfd(__FILE__, "login: %8s Cash=%f Credit=%f  Fee=%f PassiveTimePart=%f fee=%
 switch (settings->GetFeeChargeType())
     {
     case 0:
-        property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+        properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         SetPrepaidTraff();
         break;
     case 1:
         if (c + credit >= 0)
             {
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
             SetPrepaidTraff();
             }
         break;
     case 2:
         if (c + credit >= fee)
             {
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
             SetPrepaidTraff();
             }
         break;
     case 3:
         if (c >= 0)
             {
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
             SetPrepaidTraff();
             }
         break;
     }
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::ProcessDailyFee()
+void UserImpl::ProcessDailyFee()
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 if (passive.ConstData() || tariff == NULL)
     return;
 
-if (tariff->GetPeriod() != TARIFF::DAY)
+if (tariff->GetPeriod() != Tariff::DAY)
     return;
 
 double fee = tariff->GetFee();
@@ -1373,29 +1179,100 @@ double c = cash;
 switch (settings->GetFeeChargeType())
     {
     case 0:
-        property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+        properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     case 1:
         if (c + credit >= 0)
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     case 2:
         if (c + credit >= fee)
-            property.cash.Set(c - fee, sysAdmin, login, store, "Subscriber fee charge");
+            properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
         break;
     }
 ResetPassiveTime();
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::SetPrepaidTraff()
+void UserImpl::ProcessServices()
+{
+struct tm tms;
+time_t t = stgTime;
+localtime_r(&t, &tms);
+
+std::lock_guard lock(m_mutex);
+
+double passiveTimePart = 1.0;
+if (!settings->GetFullFee())
+    {
+    passiveTimePart = getPassiveTimePart();
+    }
+else
+    {
+    if (passive.ConstData())
+        {
+        printfd(__FILE__, "Don't charge fee `cause we are passive\n");
+        return;
+        }
+    }
+
+for (size_t i = 0; i < properties.Conf().services.size(); ++i)
+    {
+    ServiceConf conf;
+    if (m_services.Find(properties.Conf().services[i], &conf))
+        continue;
+    if (conf.payDay == tms.tm_mday ||
+        (conf.payDay == 0 && tms.tm_mday == DaysInCurrentMonth()))
+        {
+        double c = cash;
+        double fee = conf.cost * passiveTimePart;
+        printfd(__FILE__, "Service fee. login: %8s Cash=%f Credit=%f  Fee=%f PassiveTimePart=%f fee=%f\n",
+                login.c_str(),
+                cash.ConstData(),
+                credit.ConstData(),
+                tariff->GetFee(),
+                passiveTimePart,
+                fee);
+        switch (settings->GetFeeChargeType())
+            {
+            case 0:
+                properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
+                SetPrepaidTraff();
+                break;
+            case 1:
+                if (c + credit >= 0)
+                    {
+                    properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
+                    SetPrepaidTraff();
+                    }
+                break;
+            case 2:
+                if (c + credit >= fee)
+                    {
+                    properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
+                    SetPrepaidTraff();
+                    }
+                break;
+            case 3:
+                if (c >= 0)
+                    {
+                    properties.cash.Set(c - fee, *sysAdmin, login, *store, "Subscriber fee charge");
+                    SetPrepaidTraff();
+                    }
+                break;
+            }
+        }
+    }
+}
+//-----------------------------------------------------------------------------
+void UserImpl::SetPrepaidTraff()
 {
 if (tariff != NULL)
-    property.freeMb.Set(tariff->GetFree(), sysAdmin, login, store, "Prepaid traffic");
+    properties.freeMb.Set(tariff->GetFree(), *sysAdmin, login, *store, "Prepaid traffic");
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::AddMessage(STG_MSG * msg)
+int UserImpl::AddMessage(Message * msg)
 {
-STG_LOCKER lock(&mutex, __FILE__, __LINE__);
+std::lock_guard lock(m_mutex);
 
 if (SendMessage(*msg))
     {
@@ -1432,14 +1309,14 @@ else
 return 0;
 }
 //-----------------------------------------------------------------------------
-int USER_IMPL::SendMessage(STG_MSG & msg) const
+int UserImpl::SendMessage(Message & msg) const
 {
 // No lock `cause we are already locked from caller
 int ret = -1;
-std::set<const AUTH*>::iterator it(authorizedBy.begin());
+std::set<const Auth*>::iterator it(authorizedBy.begin());
 while (it != authorizedBy.end())
     {
-    if (!(*it++)->SendMessage(msg, currIP))
+    if (!(*it++)->SendMessage(msg, m_currIP))
         ret = 0;
     }
 if (!ret)
@@ -1455,12 +1332,12 @@ if (!ret)
 return ret;
 }
 //-----------------------------------------------------------------------------
-void USER_IMPL::ScanMessage()
+void UserImpl::ScanMessage()
 {
 // No lock `cause we are already locked from caller
 // We need not check for the authorizedBy `cause it has already checked by caller
 
-std::list<STG_MSG>::iterator it(messages.begin());
+auto it = messages.begin();
 while (it != messages.end())
     {
     if (settings->GetMessageTimeout() > 0 &&
@@ -1509,19 +1386,21 @@ while (it != messages.end())
     }
 }
 //-----------------------------------------------------------------------------
-std::string USER_IMPL::GetParamValue(const std::string & name) const
+std::string UserImpl::GetParamValue(const std::string & name) const
 {
-    if (name == "id")
+    std::string lowerName = ToLower(name);
+    if (lowerName == "id")
         {
         std::ostringstream stream;
         stream << id;
         return stream.str();
         }
-    if (name == "login")       return login;
-    if (name == "currIP")      return currIP.ToString();
-    if (name == "enabledDirs") return GetEnabledDirs();
-    if (property.Exists(name)) 
-        return property.GetPropertyValue(name);
+    if (lowerName == "login")       return login;
+    if (lowerName == "currip")      return m_currIP.ToString();
+    if (lowerName == "enableddirs") return GetEnabledDirs();
+    if (lowerName == "tariff")      return properties.tariffName;
+    if (properties.Exists(lowerName))
+        return properties.GetPropertyValue(lowerName);
     else
         {
         WriteServLog("User’s parameter '%s' does not exist.", name.c_str());
@@ -1531,52 +1410,55 @@ std::string USER_IMPL::GetParamValue(const std::string & name) const
 //-----------------------------------------------------------------------------
 //-----------------------------------------------------------------------------
 //-----------------------------------------------------------------------------
-void CHG_PASSIVE_NOTIFIER::Notify(const int & oldPassive, const int & newPassive)
+void UserImpl::onPassiveChange(int oldVal, int newVal)
 {
-if (newPassive && !oldPassive && user->tariff != NULL)
-    user->property.cash.Set(user->cash - user->tariff->GetPassiveCost(),
-                            user->sysAdmin,
-                            user->login,
-                            user->store,
+    std::lock_guard lock(m_mutex);
+    if (newVal && !oldVal && tariff != NULL)
+        properties.cash.Set(cash - tariff->GetPassiveCost(),
+                            *sysAdmin,
+                            login,
+                            *store,
                             "Freeze");
 }
 //-----------------------------------------------------------------------------
-void CHG_DISABLED_NOTIFIER::Notify(const int & oldValue, const int & newValue)
+void UserImpl::onDisabledChange(int oldVal, int newVal)
 {
-if (oldValue && !newValue && user->GetConnected())
-    {
-    user->Disconnect(false, "disabled");
-    }
-else if (!oldValue && newValue && user->IsInetable())
-    {
-    user->Connect(false);
-    }
-
+    std::lock_guard lock(m_mutex);
+    if (oldVal && !newVal && GetConnected())
+        Disconnect(false, "disabled");
+    else if (!oldVal && newVal && IsInetable())
+        Connect(false);
 }
 //-----------------------------------------------------------------------------
-void CHG_TARIFF_NOTIFIER::Notify(const std::string &, const std::string & newTariff)
+void UserImpl::onTariffChange(const std::string& /*oldVal*/, const std::string& newVal)
 {
-if (user->settings->GetReconnectOnTariffChange() && user->connected)
-    user->Disconnect(false, "Change tariff");
-user->tariff = user->tariffs->FindByName(newTariff);
-if (user->settings->GetReconnectOnTariffChange() &&
-    !user->authorizedBy.empty() &&
-    user->IsInetable())
-    user->Connect(false);
+    std::lock_guard lock(m_mutex);
+    if (settings->GetReconnectOnTariffChange() && m_connected)
+        Disconnect(false, "Change tariff");
+    tariff = tariffs->FindByName(newVal);
+    if (settings->GetReconnectOnTariffChange() &&
+        !authorizedBy.empty() &&
+        IsInetable())
+    {
+        // This notifier gets called *before* changing the tariff, and in Connect we want to see new tariff name.
+        properties.Conf().tariffName = newVal;
+        Connect(false);
+    }
 }
 //-----------------------------------------------------------------------------
-void CHG_CASH_NOTIFIER::Notify(const double & oldCash, const double & newCash)
+void UserImpl::onCashChange(double oldVal, double newVal)
 {
-user->lastCashAddTime = *const_cast<time_t *>(&stgTime);
-user->lastCashAdd = newCash - oldCash;
+    time_t now = stgTime;
+    lastCashAddTime = now;
+    lastCashAdd = newVal - oldVal;
 }
 //-----------------------------------------------------------------------------
-void CHG_IPS_NOTIFIER::Notify(const USER_IPS & from, const USER_IPS & to)
+void UserImpl::onIPChange(const UserIPs& oldVal, const UserIPs& newVal)
 {
-    printfd(__FILE__, "Change IP from '%s' to '%s'\n", from.GetIpStr().c_str(), to.GetIpStr().c_str());
-    if (user->connected)
-        user->Disconnect(false, "Change IP");
-    if (!user->authorizedBy.empty() && user->IsInetable())
-        user->Connect(false);
+    std::lock_guard lock(m_mutex);
+    printfd(__FILE__, "Change IP from '%s' to '%s'\n", oldVal.toString().c_str(), newVal.toString().c_str());
+    if (m_connected)
+        Disconnect(false, "Change IP");
+    if (!authorizedBy.empty() && IsInetable())
+        Connect(false);
 }
-//-----------------------------------------------------------------------------