Revision 2558
Added by sgarg about 19 years ago
| src/edu/ucsb/nceas/metacat/MetaCatUtil.java | ||
|---|---|---|
| 33 | 33 |
import java.util.Hashtable; |
| 34 | 34 |
import java.util.Stack; |
| 35 | 35 |
import java.util.Vector; |
| 36 |
import java.util.regex.PatternSyntaxException; |
|
| 36 | 37 |
|
| 37 | 38 |
import edu.ucsb.nceas.dbadapter.AbstractDatabase; |
| 38 | 39 |
import edu.ucsb.nceas.utilities.Options; |
| ... | ... | |
| 50 | 51 |
private static Options options = null; |
| 51 | 52 |
|
| 52 | 53 |
private static boolean debug = true; |
| 54 |
|
|
| 55 |
private static String[] administrators; |
|
| 56 |
|
|
| 57 |
private static String[] moderators; |
|
| 53 | 58 |
|
| 54 |
|
|
| 55 |
/** |
|
| 56 |
* Determine our db adapter class and create an instance of that class |
|
| 57 |
*/ |
|
| 58 | 59 |
static {
|
| 60 |
// Determine our db adapter class and create an instance of that class |
|
| 59 | 61 |
try {
|
| 60 | 62 |
dbAdapter = (AbstractDatabase) createObject(getOption("dbAdapter"));
|
| 61 | 63 |
} catch (Exception e) {
|
| 62 | 64 |
System.err.println("Error in MetaCatUtil static block:"
|
| 63 | 65 |
+ e.getMessage()); |
| 64 | 66 |
} |
| 67 |
|
|
| 68 |
// read administrator and moderator lists from metacat.properties |
|
| 69 |
getAdminInfo(); |
|
| 65 | 70 |
} |
| 66 | 71 |
|
| 67 | 72 |
/** |
| ... | ... | |
| 778 | 783 |
|
| 779 | 784 |
}// replaceWhiteSpaceForUR |
| 780 | 785 |
|
| 786 |
/** |
|
| 787 |
* A method to read administrators and moderators list from the metacat.properties |
|
| 788 |
**/ |
|
| 789 |
public static void getAdminInfo(){
|
|
| 790 |
String adminList = MetaCatUtil.getOption("administrators");
|
|
| 791 |
try {
|
|
| 792 |
administrators = adminList.split(":");
|
|
| 793 |
} catch (PatternSyntaxException pse) {
|
|
| 794 |
administrators = null; |
|
| 795 |
MetaCatUtil.debugMessage("Error in MetacatServlet.init: "
|
|
| 796 |
+ pse.getMessage(), 20); |
|
| 797 |
} |
|
| 798 |
|
|
| 799 |
String modList = MetaCatUtil.getOption("moderators");
|
|
| 800 |
try {
|
|
| 801 |
moderators = modList.split(":");
|
|
| 802 |
} catch (PatternSyntaxException pse) {
|
|
| 803 |
moderators = null; |
|
| 804 |
MetaCatUtil.debugMessage("Error in MetacatServlet.init: "
|
|
| 805 |
+ pse.getMessage(), 20); |
|
| 806 |
} |
|
| 807 |
} |
|
| 808 |
|
|
| 809 |
/** |
|
| 810 |
* A method to check if the specified user is part of the administrators list |
|
| 811 |
**/ |
|
| 812 |
public static boolean isAdministrator(String username, String[] groups){
|
|
| 813 |
// Check that the user is authenticated as an administrator account |
|
| 814 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 815 |
// check the given admin dn is a group dn... |
|
| 816 |
if(administrators[i].startsWith("cn=")){
|
|
| 817 |
// is a group dn |
|
| 818 |
for (int j = 0; j < groups.length; j++) {
|
|
| 819 |
if (groups[j].equals(administrators[i])) {
|
|
| 820 |
return true; |
|
| 821 |
} |
|
| 822 |
} |
|
| 823 |
} else {
|
|
| 824 |
// is a user dn |
|
| 825 |
if (username.equals(administrators[i])) {
|
|
| 826 |
return true; |
|
| 827 |
} |
|
| 828 |
} |
|
| 829 |
} |
|
| 830 |
|
|
| 831 |
return false; |
|
| 832 |
} |
|
| 833 |
|
|
| 834 |
/** |
|
| 835 |
* A method to check if the specified user is part of the moderators list |
|
| 836 |
**/ |
|
| 837 |
public static boolean isModerator(String username, String[] groups){
|
|
| 838 |
// Check that the user is authenticated as an administrator account |
|
| 839 |
for (int i = 0; i < moderators.length; i++) {
|
|
| 840 |
// check the given admin dn is a group dn... |
|
| 841 |
if(moderators[i].startsWith("cn=")){
|
|
| 842 |
// is a group dn |
|
| 843 |
for (int j = 0; j < groups.length; j++) {
|
|
| 844 |
if (groups[j].equals(moderators[i])) {
|
|
| 845 |
return true; |
|
| 846 |
} |
|
| 847 |
} |
|
| 848 |
} else {
|
|
| 849 |
// is a user dn |
|
| 850 |
if (username.equals(moderators[i])) {
|
|
| 851 |
return true; |
|
| 852 |
} |
|
| 853 |
} |
|
| 854 |
} |
|
| 855 |
|
|
| 856 |
return false; |
|
| 857 |
} |
|
| 781 | 858 |
} |
| src/edu/ucsb/nceas/metacat/MetaCatServlet.java | ||
|---|---|---|
| 133 | 133 |
|
| 134 | 134 |
private String htmlpath = null; |
| 135 | 135 |
|
| 136 |
private String[] administrators = null; |
|
| 137 |
|
|
| 138 | 136 |
private PropertyResourceBundle options = null; |
| 139 | 137 |
|
| 140 | 138 |
private MetaCatUtil util = null; |
| ... | ... | |
| 201 | 199 |
dataDirectory = new File(datafilepath); |
| 202 | 200 |
servletpath = MetaCatUtil.getOption("servletpath");
|
| 203 | 201 |
htmlpath = MetaCatUtil.getOption("htmlpath");
|
| 204 |
String adminList = MetaCatUtil.getOption("administrators");
|
|
| 205 |
try {
|
|
| 206 |
administrators = adminList.split(":");
|
|
| 207 |
} catch (PatternSyntaxException pse) {
|
|
| 208 |
administrators = null; |
|
| 209 |
MetaCatUtil.debugMessage("Error in MetacatServlet.init: "
|
|
| 210 |
+ pse.getMessage(), 20); |
|
| 211 |
} |
|
| 212 | 202 |
|
| 213 | 203 |
// Index the paths specified in the metacat.properties |
| 214 | 204 |
checkIndexPaths(); |
| ... | ... | |
| 645 | 635 |
out.println(Version.getVersionAsXml()); |
| 646 | 636 |
out.close(); |
| 647 | 637 |
} else if (action.equals("getlog")) {
|
| 648 |
handleGetLogAction(params, request, response, username); |
|
| 638 |
handleGetLogAction(params, request, response, username, groupnames);
|
|
| 649 | 639 |
} else if (action.equals("buildindex")) {
|
| 650 |
handleBuildIndexAction(params, request, response, username); |
|
| 640 |
handleBuildIndexAction(params, request, response, username, groupnames);
|
|
| 651 | 641 |
} else if (action.equals("login") || action.equals("logout")) {
|
| 652 | 642 |
/* |
| 653 | 643 |
} else if (action.equals("protocoltest")) {
|
| ... | ... | |
| 2260 | 2250 |
* @param response the http response object for writing output |
| 2261 | 2251 |
*/ |
| 2262 | 2252 |
private void handleGetLogAction(Hashtable params, HttpServletRequest request, |
| 2263 |
HttpServletResponse response, String username) |
|
| 2253 |
HttpServletResponse response, String username, String[] groups)
|
|
| 2264 | 2254 |
{
|
| 2265 | 2255 |
try {
|
| 2266 | 2256 |
response.setContentType("text/xml");
|
| 2267 | 2257 |
PrintWriter out = response.getWriter(); |
| 2268 | 2258 |
|
| 2269 | 2259 |
// Check that the user is authenticated as an administrator account |
| 2270 |
boolean adminIsAuthenticated = false; |
|
| 2271 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 2272 |
if (username.equals(administrators[i])) {
|
|
| 2273 |
adminIsAuthenticated = true; |
|
| 2274 |
} |
|
| 2275 |
} |
|
| 2276 |
if (!adminIsAuthenticated) {
|
|
| 2260 |
if (!MetaCatUtil.isAdministrator(username, groups)) {
|
|
| 2277 | 2261 |
out.print("<error>");
|
| 2278 | 2262 |
out.print("The user \"" + username +
|
| 2279 | 2263 |
"\" is not authorized for this action."); |
| ... | ... | |
| 2333 | 2317 |
*/ |
| 2334 | 2318 |
private void handleBuildIndexAction(Hashtable params, |
| 2335 | 2319 |
HttpServletRequest request, HttpServletResponse response, |
| 2336 |
String username) |
|
| 2320 |
String username, String[] groups)
|
|
| 2337 | 2321 |
{
|
| 2338 | 2322 |
// Get all of the parameters in the correct formats |
| 2339 | 2323 |
String[] docid = (String[])params.get("docid");
|
| ... | ... | |
| 2344 | 2328 |
PrintWriter out = response.getWriter(); |
| 2345 | 2329 |
|
| 2346 | 2330 |
// Check that the user is authenticated as an administrator account |
| 2347 |
boolean adminIsAuthenticated = false; |
|
| 2348 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 2349 |
if (username.equals(administrators[i])) {
|
|
| 2350 |
adminIsAuthenticated = true; |
|
| 2351 |
} |
|
| 2352 |
} |
|
| 2353 |
if (!adminIsAuthenticated) {
|
|
| 2331 |
if (!MetaCatUtil.isAdministrator(username, groups)) {
|
|
| 2354 | 2332 |
out.print("<error>");
|
| 2355 | 2333 |
out.print("The user \"" + username +
|
| 2356 | 2334 |
"\" is not authorized for this action."); |
| src/edu/ucsb/nceas/metacat/DocumentImpl.java | ||
|---|---|---|
| 2520 | 2520 |
MetaCatUtil.debugMessage("Start deleting doc " + docid + "...", 20);
|
| 2521 | 2521 |
// check for 'write' permission for 'user' to delete this document |
| 2522 | 2522 |
if (!hasAllPermission(user, groups, accnum)) {
|
| 2523 |
boolean adminIsAuthenticated = false; |
|
| 2524 |
String[] administrators = null; |
|
| 2525 |
String adminList = MetaCatUtil.getOption("administrators");
|
|
| 2526 |
try {
|
|
| 2527 |
administrators = adminList.split(":");
|
|
| 2528 |
} catch (Exception pse) {
|
|
| 2529 |
administrators = null; |
|
| 2530 |
MetaCatUtil.debugMessage("Error in DocumentImpl.delete: "
|
|
| 2531 |
+ pse.getMessage(), 20); |
|
| 2532 |
} |
|
| 2533 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 2534 |
if (user.equals(administrators[i])) {
|
|
| 2535 |
adminIsAuthenticated = true; |
|
| 2536 |
} |
|
| 2537 |
} |
|
| 2538 |
|
|
| 2539 |
if(!adminIsAuthenticated){
|
|
| 2523 |
if(!MetaCatUtil.isAdministrator(user, groups)){
|
|
| 2540 | 2524 |
throw new Exception( |
| 2541 | 2525 |
"User " + user |
| 2542 | 2526 |
+ " does not have permission to delete XML Document #" |
Also available in: Unified diff
Added new methods to MetaCatUtil: isAdministrator and isModerator.
These methods are used to check if a given username is part of the admin and moderator list specified in metacat.properties
Modified DocumentImpl and MetaCatServlet to use these functions.