source: main/trunk/greenstone3/src/java/org/greenstone/gsdl3/util/ModifyUsersDB.java

Last change on this file was 38769, checked in by anupama, 2 months ago

Following Dr Bainbridge's task description and with his fixes: changes to get the Networked Derby Driver that we now use to use the shorter URL to the usersDB of the form jdbc:derby://derbyserver:derbyport/usersDB, instead of the full path to usersDB after the protocol. It needed setting derby.system.home JAVA_OPT when starting up the derby server in build.xml, then the tomcat greenstone3.xml file needed to refer to the shorter URL. Then classes that used to pass the full path need to pass the shorter form. And those classes called from the comandline with full usersDB path, like ModifyUsersDB, needed to now pass the shorter path. So build.xml needed further updating when calling ModifyUsersDB. The full path still works (for example, you can connect to both the original jdbc:derby URL and the shorter URL now from Squirrel SQL Client now), but the code now uses the shorter path.
File size: 10.1 KB
Line 
1/*
2 * ModifyUsersDB.java
3 * Copyright (C) 2008 New Zealand Digital Library, http://www.nzdl.org
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
18 */
19package org.greenstone.gsdl3.util;
20
21import java.sql.SQLException;
22import java.util.Iterator;
23import org.greenstone.gsdl3.service.Authentication;
24//import org.greenstone.admin.guiext.PropertiesStep;
25
26/**
27 To run this from the command-line, first make sure that the networked derby server is running (ant start-derby),
28 then run:
29
30 java -Dgsdl3.writablehome=/Scratch/ak19/gs3-svn-2Sep2015/web -cp web/WEB-INF/lib/gsdl3.jar:web/WEB-INF/lib/gutil.jar:web/WEB-INF/lib/derby.jar:web/WEB-INF/lib/derbyclient.jar:web/WEB-INF/lib/log4j-1.2.8.jar:web/WEB-INF/lib/commons-codec-1.7.jar:web/WEB-INF/classes org.greenstone.gsdl3.util.ModifyUsersDB usersDB <username or 'ALL'> [options specifying user fields to change, e.g.: password=me!]
31
32 Now just pass in "usersDB" for networked derby server, previously web/etc/usersDB/ was needed.
33
34 Don't forget to stop the networked derby server again at the end, if you had started it: ant stop-derby
35 [[ OLD METHOD ]]
36 or if using embedded derby, ensure that tomcat is stopped, then run:
37 java -cp /full/path/to/GS3/web/WEB-INF/lib/gsdl3.jar:/full/path/to/GS3/web/WEB-INF/lib/derby.jar org.greenstone.gsdl3.util.ModifyUsersDB web/etc/usersDB/
38*/
39public class ModifyUsersDB
40{
41 public static int PWD_MIN_LENGTH = 3;
42 public static int PWD_MAX_LENGTH = 20;
43
44 public static void main(String[] args) throws SQLException
45 {
46
47 if (args.length < 3)
48 { // at minimum one field belonging to a username has to be changed
49 System.out.println("Usage: java org.greenstone.gsdl3.ModifyUsersDB <full_path_of_the_usersDB> <username|ALL> [-noAdd] [password=pwd] [groups=grp] [addgroups=grp] [accounstatus=status] [comment=cmt] [email=address]");
50 System.exit(0);
51 }
52
53 String usersDB = args[0];
54 String username = args[1];
55
56 String password = null;
57 String groups = null;
58 String addgroups = null;
59 String accountstatus = null;
60 String comment = null;
61 String email = null;
62
63 boolean noAdd = false;
64
65 // If the user specifically sets any of the fields on the cmdline, they'll be overwritten in the db,
66 // even if the user had set them to empty. Except the password which must be between PWD_MIN_LENGTH and PWD_MAX_LENGTH characters.
67 for (int i = 2; i < args.length; i++)
68 {
69 if (args[i].startsWith("password="))
70 {
71 password = args[i].substring("password=".length());
72
73 if (password.length() < PWD_MIN_LENGTH || password.length() > PWD_MAX_LENGTH)
74 {
75 System.out.println("Password not updated. It should be between " + PWD_MIN_LENGTH + " and " + PWD_MAX_LENGTH + " characters (inclusive).");
76
77 password = null;
78 }
79 else
80 {
81 // Use the same encryption technique used by the Admin Authentication page
82 // This ensures that the password generated for a string remains consistent
83 //System.err.println("**** Password entered was: " + password);
84 password = Authentication.hashPassword(password);
85 }
86
87 }
88 else if (args[i].startsWith("groups="))
89 {
90 groups = args[i].substring("groups=".length());
91 groups = UserTermInfo.expandGroups(groups);
92 }
93 else if (args[i].startsWith("addgroups="))
94 {
95 addgroups = args[i].substring("addgroups=".length());
96 addgroups = UserTermInfo.expandGroups(addgroups);
97 }
98 else if (args[i].startsWith("accountstatus="))
99 {
100 accountstatus = args[i].substring("accountstatus=".length());
101 }
102 else if (args[i].startsWith("status="))
103 {
104 accountstatus = args[i].substring("status=".length());
105 }
106 else if (args[i].startsWith("comment="))
107 {
108 comment = args[i].substring("comment=".length());
109 }
110 else if (args[i].startsWith("email="))
111 {
112 email = args[i].substring("email=".length());
113 }
114 else if (args[i].equals("-noAdd"))
115 {
116 noAdd = true;
117 }
118 }
119
120 if (groups != null && addgroups != null) {
121 System.err.println("You can't use groups and addgroup at the same time");
122 System.exit(0);
123 }
124 // find the user to modify
125 DerbyWrapper dw = new DerbyWrapper(usersDB);
126 if (username.equals("ALL")) {
127 // modify all users
128 UserQueryResult findUserResult = dw.findUser(null, null);// this returns all users
129 Iterator<UserTermInfo> it = findUserResult.getUserTerms().iterator();
130 while (it.hasNext()) {
131 UserTermInfo uti = it.next();
132 String un = uti.getUsername();
133 modifyUser(dw, uti, un, password, groups, addgroups, accountstatus, comment, email);
134 }
135 } else {
136 UserQueryResult findUserResult = dw.findUser(username, null);
137
138 if (findUserResult == null)
139 {
140 if (noAdd)
141 {
142 System.out.println("Failed to update user. Cannot find user " + username + " in " + usersDB + " database.");
143 }
144 else
145 { // add new user
146
147 //System.err.println("**** Trying to add user: ");
148 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email);
149
150 if (password == null) {
151 System.err.println("cannot add a user without a password");
152
153 } else {
154 if (groups == null) {
155 if (addgroups != null) {
156 groups = addgroups;
157 } else {
158 groups = "";
159 }
160 }
161 if (accountstatus == null) {
162 accountstatus = "true";
163 }
164 if (comment == null) {
165 comment = "";
166 }
167 if (email == null) {
168 email = "";
169 }
170 System.out.println("Adding new user: un=" + username + ", pw=" + password + ", groups=" + groups + ", status=" + accountstatus + ", comment=" + comment + ", email=" + email);
171 dw.addUser(username, password, groups, accountstatus, comment, email);
172 }
173 }
174 }
175 else
176 { // modify existing user data
177 UserTermInfo user = findUserResult.getUserTerms().get(0);
178 modifyUser(dw, user, username, password, groups, addgroups, accountstatus, comment, email);
179 }
180
181 }
182
183 dw.closeDatabase();
184
185 }
186
187 private static void modifyUser(DerbyWrapper dw, UserTermInfo user, String username, String password, String groups, String addgroups, String accountstatus, String comment, String email) {
188
189 // Copied code back from svn rev=35298 into this function, as without it, modifying users/admin pwd
190 // wiped out rest of its details from userdb. Notably groups, as groups below now needs to be null
191 // for code to read groups' values back in from db
192 if (groups.equals(""))
193 {
194 // groups should be expandedGroups because we no longer store the groups in userDB
195 // as user-entered or compacted, but as programmatically expanded.
196 // This allows HttpServletRequest.isUserInRole() to now automatically retrieve the
197 // expandedGroups list of a user to check collectionConfig.xml security elements against.
198
199 groups = user.getExpandedGroups(); // get from database
200 } //else {
201 //groups = UserTermInfo.expandGroups(groups); // ensure groups are stored expanded in userDB
202 //} // Covered: groups var comes in expanded when called from ModifyUsersDB.java::main()
203 // Only should be done if anyone else can call this modifyUser() function and if they don't ensure
204 // groups expanded first
205 // in case any of fields other than username are not specified, get fallbacks from the database
206
207
208 // groups can never be null at this point if called by ModifyUsersDB.java::main() above,
209 // as main() does groups=expandGroups() which never returns null, only "" at minimum.
210 if (groups == null && addgroups != null) {
211 groups = user.getExpandedGroups(); // get the groups from db, as we want to add on to what is already there
212 }
213
214 if (password.equals(""))
215 {
216 password = user.getPassword(); // already stored hashed-and-hexed in DB
217 }
218
219 if (accountstatus.equals(""))
220 {
221 accountstatus = user.getAccountStatus().equals("") ? "true" : user.getAccountStatus();
222 }
223 if (comment.equals(""))
224 {
225 comment = user.getComment();
226 }
227 if (email.equals(""))
228 {
229 email = user.getEmail();
230 }
231
232 if (addgroups != null) {
233 if (!groups.equals("")) {
234 groups += ",";
235 }
236 groups += addgroups;
237 }
238 System.out.println("Modifying existing user: un=" + username + ", pw=" + password + ", groups=" + groups + ", status=" + accountstatus + ", comment=" + comment + ", email=" + email);
239 dw.modifyUserInfo(username, password, groups, accountstatus, comment, email);
240 }
241}
242
243
Note: See TracBrowser for help on using the repository browser.