Revision 2558
Added by sgarg over 18 years ago
MetaCatServlet.java | ||
---|---|---|
133 | 133 |
|
134 | 134 |
private String htmlpath = null; |
135 | 135 |
|
136 |
private String[] administrators = null; |
|
137 |
|
|
138 | 136 |
private PropertyResourceBundle options = null; |
139 | 137 |
|
140 | 138 |
private MetaCatUtil util = null; |
... | ... | |
201 | 199 |
dataDirectory = new File(datafilepath); |
202 | 200 |
servletpath = MetaCatUtil.getOption("servletpath"); |
203 | 201 |
htmlpath = MetaCatUtil.getOption("htmlpath"); |
204 |
String adminList = MetaCatUtil.getOption("administrators"); |
|
205 |
try { |
|
206 |
administrators = adminList.split(":"); |
|
207 |
} catch (PatternSyntaxException pse) { |
|
208 |
administrators = null; |
|
209 |
MetaCatUtil.debugMessage("Error in MetacatServlet.init: " |
|
210 |
+ pse.getMessage(), 20); |
|
211 |
} |
|
212 | 202 |
|
213 | 203 |
// Index the paths specified in the metacat.properties |
214 | 204 |
checkIndexPaths(); |
... | ... | |
645 | 635 |
out.println(Version.getVersionAsXml()); |
646 | 636 |
out.close(); |
647 | 637 |
} else if (action.equals("getlog")) { |
648 |
handleGetLogAction(params, request, response, username); |
|
638 |
handleGetLogAction(params, request, response, username, groupnames);
|
|
649 | 639 |
} else if (action.equals("buildindex")) { |
650 |
handleBuildIndexAction(params, request, response, username); |
|
640 |
handleBuildIndexAction(params, request, response, username, groupnames);
|
|
651 | 641 |
} else if (action.equals("login") || action.equals("logout")) { |
652 | 642 |
/* |
653 | 643 |
} else if (action.equals("protocoltest")) { |
... | ... | |
2260 | 2250 |
* @param response the http response object for writing output |
2261 | 2251 |
*/ |
2262 | 2252 |
private void handleGetLogAction(Hashtable params, HttpServletRequest request, |
2263 |
HttpServletResponse response, String username) |
|
2253 |
HttpServletResponse response, String username, String[] groups)
|
|
2264 | 2254 |
{ |
2265 | 2255 |
try { |
2266 | 2256 |
response.setContentType("text/xml"); |
2267 | 2257 |
PrintWriter out = response.getWriter(); |
2268 | 2258 |
|
2269 | 2259 |
// Check that the user is authenticated as an administrator account |
2270 |
boolean adminIsAuthenticated = false; |
|
2271 |
for (int i = 0; i < administrators.length; i++) { |
|
2272 |
if (username.equals(administrators[i])) { |
|
2273 |
adminIsAuthenticated = true; |
|
2274 |
} |
|
2275 |
} |
|
2276 |
if (!adminIsAuthenticated) { |
|
2260 |
if (!MetaCatUtil.isAdministrator(username, groups)) { |
|
2277 | 2261 |
out.print("<error>"); |
2278 | 2262 |
out.print("The user \"" + username + |
2279 | 2263 |
"\" is not authorized for this action."); |
... | ... | |
2333 | 2317 |
*/ |
2334 | 2318 |
private void handleBuildIndexAction(Hashtable params, |
2335 | 2319 |
HttpServletRequest request, HttpServletResponse response, |
2336 |
String username) |
|
2320 |
String username, String[] groups)
|
|
2337 | 2321 |
{ |
2338 | 2322 |
// Get all of the parameters in the correct formats |
2339 | 2323 |
String[] docid = (String[])params.get("docid"); |
... | ... | |
2344 | 2328 |
PrintWriter out = response.getWriter(); |
2345 | 2329 |
|
2346 | 2330 |
// Check that the user is authenticated as an administrator account |
2347 |
boolean adminIsAuthenticated = false; |
|
2348 |
for (int i = 0; i < administrators.length; i++) { |
|
2349 |
if (username.equals(administrators[i])) { |
|
2350 |
adminIsAuthenticated = true; |
|
2351 |
} |
|
2352 |
} |
|
2353 |
if (!adminIsAuthenticated) { |
|
2331 |
if (!MetaCatUtil.isAdministrator(username, groups)) { |
|
2354 | 2332 |
out.print("<error>"); |
2355 | 2333 |
out.print("The user \"" + username + |
2356 | 2334 |
"\" is not authorized for this action."); |
Also available in: Unified diff
Added new methods to MetaCatUtil: isAdministrator and isModerator.
These methods are used to check if a given username is part of the admin and moderator list specified in metacat.properties
Modified DocumentImpl and MetaCatServlet to use these functions.