Revision 2558
Added by sgarg over 18 years ago
| MetaCatServlet.java | ||
|---|---|---|
| 133 | 133 |
|
| 134 | 134 |
private String htmlpath = null; |
| 135 | 135 |
|
| 136 |
private String[] administrators = null; |
|
| 137 |
|
|
| 138 | 136 |
private PropertyResourceBundle options = null; |
| 139 | 137 |
|
| 140 | 138 |
private MetaCatUtil util = null; |
| ... | ... | |
| 201 | 199 |
dataDirectory = new File(datafilepath); |
| 202 | 200 |
servletpath = MetaCatUtil.getOption("servletpath");
|
| 203 | 201 |
htmlpath = MetaCatUtil.getOption("htmlpath");
|
| 204 |
String adminList = MetaCatUtil.getOption("administrators");
|
|
| 205 |
try {
|
|
| 206 |
administrators = adminList.split(":");
|
|
| 207 |
} catch (PatternSyntaxException pse) {
|
|
| 208 |
administrators = null; |
|
| 209 |
MetaCatUtil.debugMessage("Error in MetacatServlet.init: "
|
|
| 210 |
+ pse.getMessage(), 20); |
|
| 211 |
} |
|
| 212 | 202 |
|
| 213 | 203 |
// Index the paths specified in the metacat.properties |
| 214 | 204 |
checkIndexPaths(); |
| ... | ... | |
| 645 | 635 |
out.println(Version.getVersionAsXml()); |
| 646 | 636 |
out.close(); |
| 647 | 637 |
} else if (action.equals("getlog")) {
|
| 648 |
handleGetLogAction(params, request, response, username); |
|
| 638 |
handleGetLogAction(params, request, response, username, groupnames);
|
|
| 649 | 639 |
} else if (action.equals("buildindex")) {
|
| 650 |
handleBuildIndexAction(params, request, response, username); |
|
| 640 |
handleBuildIndexAction(params, request, response, username, groupnames);
|
|
| 651 | 641 |
} else if (action.equals("login") || action.equals("logout")) {
|
| 652 | 642 |
/* |
| 653 | 643 |
} else if (action.equals("protocoltest")) {
|
| ... | ... | |
| 2260 | 2250 |
* @param response the http response object for writing output |
| 2261 | 2251 |
*/ |
| 2262 | 2252 |
private void handleGetLogAction(Hashtable params, HttpServletRequest request, |
| 2263 |
HttpServletResponse response, String username) |
|
| 2253 |
HttpServletResponse response, String username, String[] groups)
|
|
| 2264 | 2254 |
{
|
| 2265 | 2255 |
try {
|
| 2266 | 2256 |
response.setContentType("text/xml");
|
| 2267 | 2257 |
PrintWriter out = response.getWriter(); |
| 2268 | 2258 |
|
| 2269 | 2259 |
// Check that the user is authenticated as an administrator account |
| 2270 |
boolean adminIsAuthenticated = false; |
|
| 2271 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 2272 |
if (username.equals(administrators[i])) {
|
|
| 2273 |
adminIsAuthenticated = true; |
|
| 2274 |
} |
|
| 2275 |
} |
|
| 2276 |
if (!adminIsAuthenticated) {
|
|
| 2260 |
if (!MetaCatUtil.isAdministrator(username, groups)) {
|
|
| 2277 | 2261 |
out.print("<error>");
|
| 2278 | 2262 |
out.print("The user \"" + username +
|
| 2279 | 2263 |
"\" is not authorized for this action."); |
| ... | ... | |
| 2333 | 2317 |
*/ |
| 2334 | 2318 |
private void handleBuildIndexAction(Hashtable params, |
| 2335 | 2319 |
HttpServletRequest request, HttpServletResponse response, |
| 2336 |
String username) |
|
| 2320 |
String username, String[] groups)
|
|
| 2337 | 2321 |
{
|
| 2338 | 2322 |
// Get all of the parameters in the correct formats |
| 2339 | 2323 |
String[] docid = (String[])params.get("docid");
|
| ... | ... | |
| 2344 | 2328 |
PrintWriter out = response.getWriter(); |
| 2345 | 2329 |
|
| 2346 | 2330 |
// Check that the user is authenticated as an administrator account |
| 2347 |
boolean adminIsAuthenticated = false; |
|
| 2348 |
for (int i = 0; i < administrators.length; i++) {
|
|
| 2349 |
if (username.equals(administrators[i])) {
|
|
| 2350 |
adminIsAuthenticated = true; |
|
| 2351 |
} |
|
| 2352 |
} |
|
| 2353 |
if (!adminIsAuthenticated) {
|
|
| 2331 |
if (!MetaCatUtil.isAdministrator(username, groups)) {
|
|
| 2354 | 2332 |
out.print("<error>");
|
| 2355 | 2333 |
out.print("The user \"" + username +
|
| 2356 | 2334 |
"\" is not authorized for this action."); |
Also available in: Unified diff
Added new methods to MetaCatUtil: isAdministrator and isModerator.
These methods are used to check if a given username is part of the admin and moderator list specified in metacat.properties
Modified DocumentImpl and MetaCatServlet to use these functions.