1 | package org.greenstone.gsdl3.action;
|
---|
2 |
|
---|
3 | import org.greenstone.gsdl3.util.*;
|
---|
4 |
|
---|
5 | // XML classes
|
---|
6 | import org.w3c.dom.Document;
|
---|
7 | import org.w3c.dom.Node;
|
---|
8 | import org.w3c.dom.Element;
|
---|
9 |
|
---|
10 | // other java stuff
|
---|
11 | import java.util.*;
|
---|
12 |
|
---|
13 | import java.io.Serializable;
|
---|
14 |
|
---|
15 | import java.io.PrintWriter;
|
---|
16 | import java.io.Serializable;
|
---|
17 | import java.io.StringWriter;
|
---|
18 |
|
---|
19 | import org.apache.log4j.*;
|
---|
20 |
|
---|
21 | public class SystemAction extends Action
|
---|
22 | {
|
---|
23 |
|
---|
24 | static Logger logger = Logger.getLogger(org.greenstone.gsdl3.action.SystemAction.class.getName());
|
---|
25 |
|
---|
26 | String tempVal = "";
|
---|
27 | protected static final String SYSTEM_ACTION = "SystemAction";
|
---|
28 |
|
---|
29 | /** process a request */
|
---|
30 | public Node process(Node message_node)
|
---|
31 | {
|
---|
32 | Element message = GSXML.nodeToElement(message_node);
|
---|
33 | Document doc = message.getOwnerDocument();
|
---|
34 |
|
---|
35 | // assume only one request
|
---|
36 | Element request = (Element) GSXML.getChildByTagName(message, GSXML.REQUEST_ELEM);
|
---|
37 |
|
---|
38 | String subaction = request.getAttribute(GSXML.SUBACTION_ATT);
|
---|
39 | UserContext userContext = new UserContext(request);
|
---|
40 | // get the param list
|
---|
41 | Element cgi_param_list = (Element) GSXML.getChildByTagName(request, GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER);
|
---|
42 | HashMap<String, Serializable> params = GSXML.extractParams(cgi_param_list, false);
|
---|
43 |
|
---|
44 | Element result = doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
45 |
|
---|
46 | String coll = (String) params.get(GSParams.SYSTEM_CLUSTER);
|
---|
47 |
|
---|
48 | String to = "";
|
---|
49 | if (coll != null && !coll.equals(""))
|
---|
50 | {
|
---|
51 | to = coll;
|
---|
52 | }
|
---|
53 | else if(subaction.equals("authenticated-ping")) {
|
---|
54 | to = "RemoteAuthentication"; // not "Authentication/RemoteAuthentication": MessageRouter knows to map the RemoteAuthentication service to the Authentication module
|
---|
55 | }
|
---|
56 | else if(subaction.equals("get-groups-from-session")) {
|
---|
57 | String msg = "";
|
---|
58 |
|
---|
59 | String suppliedUsername = (String) params.get(GSParams.UN);
|
---|
60 | if(!suppliedUsername.equals(userContext.getUsername())) {
|
---|
61 | msg = "Authentication failed: incorrect username for current session.";
|
---|
62 | } else {
|
---|
63 | String groups = userContext.getGroupsString();
|
---|
64 | String suppliedCollection = params.containsKey("col") ? suppliedCollection = (String) params.get("col") : "";
|
---|
65 |
|
---|
66 | if(suppliedCollection.equals("")) {
|
---|
67 | msg = groups;
|
---|
68 | } else {
|
---|
69 |
|
---|
70 | if(groups.indexOf("all-collections-editor") != -1) { // Does this user have access to all collections?
|
---|
71 | msg = groups;
|
---|
72 | } else if(groups.indexOf("personal-collections-editor") != -1 && suppliedCollection.startsWith(suppliedUsername+"-")) { // Does this user have access to personal collections, and is this one?
|
---|
73 | msg = groups;
|
---|
74 | } else if(groups.indexOf(suppliedCollection+"-collection-editor") != -1) { // Does this user have access to this collection?
|
---|
75 | msg = groups;
|
---|
76 | }
|
---|
77 | else {
|
---|
78 | msg = "Authentication failed: user is not in the required group.";
|
---|
79 | //logger.error("*** Remote login failed. Groups did not match for the collection specified");
|
---|
80 | }
|
---|
81 | }
|
---|
82 | }
|
---|
83 |
|
---|
84 | Element response = doc.createElement(GSXML.RESPONSE_ELEM);
|
---|
85 | response.setAttribute(GSXML.FROM_ATT, SYSTEM_ACTION);
|
---|
86 | response.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_PROCESS);
|
---|
87 | Element s = GSXML.createTextElement(doc, GSXML.STATUS_ELEM, msg);
|
---|
88 | response.appendChild(s);
|
---|
89 |
|
---|
90 | addSiteMetadata(response, userContext);
|
---|
91 | addInterfaceOptions(response);
|
---|
92 |
|
---|
93 | result.appendChild(response);
|
---|
94 | return result; // done, no need to call a service
|
---|
95 | }
|
---|
96 |
|
---|
97 | Element mr_request_message = doc.createElement(GSXML.MESSAGE_ELEM);
|
---|
98 | Element mr_request = GSXML.createBasicRequest(doc, GSXML.REQUEST_TYPE_SYSTEM, to, userContext);
|
---|
99 | mr_request_message.appendChild(mr_request);
|
---|
100 |
|
---|
101 | Element system = doc.createElement(GSXML.SYSTEM_ELEM);
|
---|
102 | mr_request.appendChild(system);
|
---|
103 |
|
---|
104 | // will need to change the following if can do more than one system request at once
|
---|
105 | if (subaction.equals("c"))
|
---|
106 | { // configure
|
---|
107 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_CONFIGURE);
|
---|
108 | String info = (String) params.get(GSParams.SYSTEM_SUBSET);
|
---|
109 | system.setAttribute(GSXML.SYSTEM_SUBSET_ATT, info);
|
---|
110 | }
|
---|
111 | else if (subaction.equals("ping")) { // can ping the server or a collection
|
---|
112 | String name = (String) params.get(GSParams.SYSTEM_MODULE_NAME);
|
---|
113 |
|
---|
114 | if(name != null && !name.equals("")) {
|
---|
115 | // Pinging a collection (or module) with ?a=s&sa=ping&st=collection&sn=<colName>
|
---|
116 | // is a collection-level (servicecluster/module level) ping
|
---|
117 |
|
---|
118 | String type = (String) params.get(GSParams.SYSTEM_MODULE_TYPE);
|
---|
119 | if(type == null || type.equals("")) {
|
---|
120 | type = "collection"; // if the st=collection was omitted, assume collection
|
---|
121 | }
|
---|
122 | // ping action set to moduleType=Collection and moduleName=colName
|
---|
123 | system.setAttribute(GSXML.SYSTEM_MODULE_NAME_ATT, name);
|
---|
124 | system.setAttribute(GSXML.SYSTEM_MODULE_TYPE_ATT, type);
|
---|
125 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_PING);
|
---|
126 | } // else SYSTEM_MODULE_NAME given by the "sn" GSParam is null or empty
|
---|
127 | // meaning server-level ping: ?a=s&sa=ping
|
---|
128 |
|
---|
129 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_PING);
|
---|
130 | }
|
---|
131 | else if (subaction.equals("authenticated-ping")) { // can check whether a given username and password authenticates
|
---|
132 |
|
---|
133 | String username = (String) params.get(GSParams.UN);
|
---|
134 | String password = (String) params.get(GSParams.PW);
|
---|
135 |
|
---|
136 |
|
---|
137 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_AUTHENTICATED_PING);
|
---|
138 | system.setAttribute(GSXML.USERNAME_ATT, username);
|
---|
139 | system.setAttribute(GSXML.PASSWORD_ATT, password);
|
---|
140 |
|
---|
141 | if(params.containsKey("col")) {//params.containsKey(GSParams.COLLECTION)) {
|
---|
142 | String collection = (String) params.get("col");//(String) params.get(GSParams.COLLECTION);
|
---|
143 | system.setAttribute(GSXML.COLLECTION_ATT, collection);
|
---|
144 | }
|
---|
145 |
|
---|
146 | }
|
---|
147 |
|
---|
148 | //else if (subaction.equals("is-persistent")){
|
---|
149 | // system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_ISPERSISTENT);
|
---|
150 | //}
|
---|
151 | else
|
---|
152 | {
|
---|
153 | String name = (String) params.get(GSParams.SYSTEM_MODULE_NAME);
|
---|
154 | String type = (String) params.get(GSParams.SYSTEM_MODULE_TYPE);
|
---|
155 |
|
---|
156 | system.setAttribute(GSXML.SYSTEM_MODULE_NAME_ATT, name);
|
---|
157 | system.setAttribute(GSXML.SYSTEM_MODULE_TYPE_ATT, type);
|
---|
158 |
|
---|
159 | if (subaction.equals("d"))
|
---|
160 | { // delete
|
---|
161 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_DEACTIVATE);
|
---|
162 |
|
---|
163 | }
|
---|
164 | else if (subaction.equals("a"))
|
---|
165 | { // add
|
---|
166 | system.setAttribute(GSXML.TYPE_ATT, GSXML.SYSTEM_TYPE_ACTIVATE);
|
---|
167 | }
|
---|
168 | else
|
---|
169 | {
|
---|
170 | // create the default response
|
---|
171 | // for now just have an error
|
---|
172 | logger.error("bad subaction type");
|
---|
173 | Element page_response = doc.createElement(GSXML.RESPONSE_ELEM);
|
---|
174 | result.appendChild(page_response);
|
---|
175 |
|
---|
176 | return result;
|
---|
177 | }
|
---|
178 | }
|
---|
179 |
|
---|
180 | Node response_message = this.mr.process(mr_request_message);
|
---|
181 | Element response = doc.createElement(GSXML.RESPONSE_ELEM);
|
---|
182 | if (processErrorElements((Element)response_message, response)) {
|
---|
183 | } else {
|
---|
184 | response = GSXML.duplicateWithNewName(doc, (Element) GSXML.getChildByTagName(response_message, GSXML.RESPONSE_ELEM), GSXML.RESPONSE_ELEM, true);
|
---|
185 | }
|
---|
186 | addSiteMetadata(response, userContext);
|
---|
187 | addInterfaceOptions(response);
|
---|
188 |
|
---|
189 | result.appendChild(response);
|
---|
190 | return result;
|
---|
191 |
|
---|
192 | }
|
---|
193 |
|
---|
194 | }
|
---|