1 | /*
|
---|
2 | * ModifyUsersDB.java
|
---|
3 | * Copyright (C) 2008 New Zealand Digital Library, http://www.nzdl.org
|
---|
4 | *
|
---|
5 | * This program is free software; you can redistribute it and/or modify
|
---|
6 | * it under the terms of the GNU General Public License as published by
|
---|
7 | * the Free Software Foundation; either version 2 of the License, or
|
---|
8 | * (at your option) any later version.
|
---|
9 | *
|
---|
10 | * This program is distributed in the hope that it will be useful,
|
---|
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of
|
---|
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
---|
13 | * GNU General Public License for more details.
|
---|
14 | *
|
---|
15 | * You should have received a copy of the GNU General Public License
|
---|
16 | * along with this program; if not, write to the Free Software
|
---|
17 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
|
---|
18 | */
|
---|
19 | package org.greenstone.gsdl3.util;
|
---|
20 |
|
---|
21 | import java.sql.SQLException;
|
---|
22 | import java.util.Iterator;
|
---|
23 | import org.greenstone.gsdl3.service.Authentication;
|
---|
24 | //import org.greenstone.admin.guiext.PropertiesStep;
|
---|
25 |
|
---|
26 | /**
|
---|
27 | To run this from the command-line, first make sure that the networked derby server is running (ant start-derby),
|
---|
28 | then run:
|
---|
29 |
|
---|
30 | java -Dgsdl3.writablehome=/Scratch/ak19/gs3-svn-2Sep2015/web -cp web/WEB-INF/lib/gsdl3.jar:web/WEB-INF/lib/gutil.jar:web/WEB-INF/lib/derby.jar:web/WEB-INF/lib/derbyclient.jar:web/WEB-INF/lib/log4j-1.2.8.jar:web/WEB-INF/lib/commons-codec-1.7.jar:web/WEB-INF/classes org.greenstone.gsdl3.util.ModifyUsersDB usersDB <username or 'ALL'> [options specifying user fields to change, e.g.: password=me!]
|
---|
31 |
|
---|
32 | Now just pass in "usersDB" for networked derby server, previously web/etc/usersDB/ was needed.
|
---|
33 |
|
---|
34 | Don't forget to stop the networked derby server again at the end, if you had started it: ant stop-derby
|
---|
35 | [[ OLD METHOD ]]
|
---|
36 | or if using embedded derby, ensure that tomcat is stopped, then run:
|
---|
37 | java -cp /full/path/to/GS3/web/WEB-INF/lib/gsdl3.jar:/full/path/to/GS3/web/WEB-INF/lib/derby.jar org.greenstone.gsdl3.util.ModifyUsersDB web/etc/usersDB/
|
---|
38 | */
|
---|
39 | public class ModifyUsersDB
|
---|
40 | {
|
---|
41 | public static int PWD_MIN_LENGTH = 3;
|
---|
42 | public static int PWD_MAX_LENGTH = 20;
|
---|
43 |
|
---|
44 | public static void main(String[] args) throws SQLException
|
---|
45 | {
|
---|
46 |
|
---|
47 | if (args.length < 3)
|
---|
48 | { // at minimum one field belonging to a username has to be changed
|
---|
49 | System.out.println("Usage: java org.greenstone.gsdl3.ModifyUsersDB <full_path_of_the_usersDB> <username|ALL> [-noAdd] [password=pwd] [groups=grp] [addgroups=grp] [accounstatus=status] [comment=cmt] [email=address]");
|
---|
50 | System.exit(0);
|
---|
51 | }
|
---|
52 |
|
---|
53 | String usersDB = args[0];
|
---|
54 | String username = args[1];
|
---|
55 |
|
---|
56 | String password = null;
|
---|
57 | String groups = null;
|
---|
58 | String addgroups = null;
|
---|
59 | String accountstatus = null;
|
---|
60 | String comment = null;
|
---|
61 | String email = null;
|
---|
62 |
|
---|
63 | boolean noAdd = false;
|
---|
64 |
|
---|
65 | // If the user specifically sets any of the fields on the cmdline, they'll be overwritten in the db,
|
---|
66 | // even if the user had set them to empty. Except the password which must be between PWD_MIN_LENGTH and PWD_MAX_LENGTH characters.
|
---|
67 | for (int i = 2; i < args.length; i++)
|
---|
68 | {
|
---|
69 | if (args[i].startsWith("password="))
|
---|
70 | {
|
---|
71 | password = args[i].substring("password=".length());
|
---|
72 |
|
---|
73 | if (password.length() < PWD_MIN_LENGTH || password.length() > PWD_MAX_LENGTH)
|
---|
74 | {
|
---|
75 | System.out.println("Password not updated. It should be between " + PWD_MIN_LENGTH + " and " + PWD_MAX_LENGTH + " characters (inclusive).");
|
---|
76 |
|
---|
77 | password = null;
|
---|
78 | }
|
---|
79 | else
|
---|
80 | {
|
---|
81 | // Use the same encryption technique used by the Admin Authentication page
|
---|
82 | // This ensures that the password generated for a string remains consistent
|
---|
83 | //System.err.println("**** Password entered was: " + password);
|
---|
84 | password = Authentication.hashPassword(password);
|
---|
85 | }
|
---|
86 |
|
---|
87 | }
|
---|
88 | else if (args[i].startsWith("groups="))
|
---|
89 | {
|
---|
90 | groups = args[i].substring("groups=".length());
|
---|
91 | groups = UserTermInfo.expandGroups(groups);
|
---|
92 | }
|
---|
93 | else if (args[i].startsWith("addgroups="))
|
---|
94 | {
|
---|
95 | addgroups = args[i].substring("addgroups=".length());
|
---|
96 | addgroups = UserTermInfo.expandGroups(addgroups);
|
---|
97 | }
|
---|
98 | else if (args[i].startsWith("accountstatus="))
|
---|
99 | {
|
---|
100 | accountstatus = args[i].substring("accountstatus=".length());
|
---|
101 | }
|
---|
102 | else if (args[i].startsWith("status="))
|
---|
103 | {
|
---|
104 | accountstatus = args[i].substring("status=".length());
|
---|
105 | }
|
---|
106 | else if (args[i].startsWith("comment="))
|
---|
107 | {
|
---|
108 | comment = args[i].substring("comment=".length());
|
---|
109 | }
|
---|
110 | else if (args[i].startsWith("email="))
|
---|
111 | {
|
---|
112 | email = args[i].substring("email=".length());
|
---|
113 | }
|
---|
114 | else if (args[i].equals("-noAdd"))
|
---|
115 | {
|
---|
116 | noAdd = true;
|
---|
117 | }
|
---|
118 | }
|
---|
119 |
|
---|
120 | if (groups != null && addgroups != null) {
|
---|
121 | System.err.println("You can't use groups and addgroup at the same time");
|
---|
122 | System.exit(0);
|
---|
123 | }
|
---|
124 | // find the user to modify
|
---|
125 | DerbyWrapper dw = new DerbyWrapper(usersDB);
|
---|
126 | if (username.equals("ALL")) {
|
---|
127 | // modify all users
|
---|
128 | UserQueryResult findUserResult = dw.findUser(null, null);// this returns all users
|
---|
129 | Iterator<UserTermInfo> it = findUserResult.getUserTerms().iterator();
|
---|
130 | while (it.hasNext()) {
|
---|
131 | UserTermInfo uti = it.next();
|
---|
132 | String un = uti.getUsername();
|
---|
133 | modifyUser(dw, uti, un, password, groups, addgroups, accountstatus, comment, email);
|
---|
134 | }
|
---|
135 | } else {
|
---|
136 | UserQueryResult findUserResult = dw.findUser(username, null);
|
---|
137 |
|
---|
138 | if (findUserResult == null)
|
---|
139 | {
|
---|
140 | if (noAdd)
|
---|
141 | {
|
---|
142 | System.out.println("Failed to update user. Cannot find user " + username + " in " + usersDB + " database.");
|
---|
143 | }
|
---|
144 | else
|
---|
145 | { // add new user
|
---|
146 |
|
---|
147 | //System.err.println("**** Trying to add user: ");
|
---|
148 | //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email);
|
---|
149 |
|
---|
150 | if (password == null) {
|
---|
151 | System.err.println("cannot add a user without a password");
|
---|
152 |
|
---|
153 | } else {
|
---|
154 | if (groups == null) {
|
---|
155 | if (addgroups != null) {
|
---|
156 | groups = addgroups;
|
---|
157 | } else {
|
---|
158 | groups = "";
|
---|
159 | }
|
---|
160 | }
|
---|
161 | if (accountstatus == null) {
|
---|
162 | accountstatus = "true";
|
---|
163 | }
|
---|
164 | if (comment == null) {
|
---|
165 | comment = "";
|
---|
166 | }
|
---|
167 | if (email == null) {
|
---|
168 | email = "";
|
---|
169 | }
|
---|
170 | System.out.println("Adding new user: un=" + username + ", pw=" + password + ", groups=" + groups + ", status=" + accountstatus + ", comment=" + comment + ", email=" + email);
|
---|
171 | dw.addUser(username, password, groups, accountstatus, comment, email);
|
---|
172 | }
|
---|
173 | }
|
---|
174 | }
|
---|
175 | else
|
---|
176 | { // modify existing user data
|
---|
177 | UserTermInfo user = findUserResult.getUserTerms().get(0);
|
---|
178 | modifyUser(dw, user, username, password, groups, addgroups, accountstatus, comment, email);
|
---|
179 | }
|
---|
180 |
|
---|
181 | }
|
---|
182 |
|
---|
183 | dw.closeDatabase();
|
---|
184 |
|
---|
185 | }
|
---|
186 |
|
---|
187 | private static void modifyUser(DerbyWrapper dw, UserTermInfo user, String username, String password, String groups, String addgroups, String accountstatus, String comment, String email) {
|
---|
188 |
|
---|
189 | // Copied code back from svn rev=35298 into this function, as without it, modifying users/admin pwd
|
---|
190 | // wiped out rest of its details from userdb. Notably groups, as groups below now needs to be null
|
---|
191 | // for code to read groups' values back in from db
|
---|
192 | if (groups.equals(""))
|
---|
193 | {
|
---|
194 | // groups should be expandedGroups because we no longer store the groups in userDB
|
---|
195 | // as user-entered or compacted, but as programmatically expanded.
|
---|
196 | // This allows HttpServletRequest.isUserInRole() to now automatically retrieve the
|
---|
197 | // expandedGroups list of a user to check collectionConfig.xml security elements against.
|
---|
198 |
|
---|
199 | groups = user.getExpandedGroups(); // get from database
|
---|
200 | } //else {
|
---|
201 | //groups = UserTermInfo.expandGroups(groups); // ensure groups are stored expanded in userDB
|
---|
202 | //} // Covered: groups var comes in expanded when called from ModifyUsersDB.java::main()
|
---|
203 | // Only should be done if anyone else can call this modifyUser() function and if they don't ensure
|
---|
204 | // groups expanded first
|
---|
205 | // in case any of fields other than username are not specified, get fallbacks from the database
|
---|
206 |
|
---|
207 |
|
---|
208 | // groups can never be null at this point if called by ModifyUsersDB.java::main() above,
|
---|
209 | // as main() does groups=expandGroups() which never returns null, only "" at minimum.
|
---|
210 | if (groups == null && addgroups != null) {
|
---|
211 | groups = user.getExpandedGroups(); // get the groups from db, as we want to add on to what is already there
|
---|
212 | }
|
---|
213 |
|
---|
214 | if (password.equals(""))
|
---|
215 | {
|
---|
216 | password = user.getPassword(); // already stored hashed-and-hexed in DB
|
---|
217 | }
|
---|
218 |
|
---|
219 | if (accountstatus.equals(""))
|
---|
220 | {
|
---|
221 | accountstatus = user.getAccountStatus().equals("") ? "true" : user.getAccountStatus();
|
---|
222 | }
|
---|
223 | if (comment.equals(""))
|
---|
224 | {
|
---|
225 | comment = user.getComment();
|
---|
226 | }
|
---|
227 | if (email.equals(""))
|
---|
228 | {
|
---|
229 | email = user.getEmail();
|
---|
230 | }
|
---|
231 |
|
---|
232 | if (addgroups != null) {
|
---|
233 | if (!groups.equals("")) {
|
---|
234 | groups += ",";
|
---|
235 | }
|
---|
236 | groups += addgroups;
|
---|
237 | }
|
---|
238 | System.out.println("Modifying existing user: un=" + username + ", pw=" + password + ", groups=" + groups + ", status=" + accountstatus + ", comment=" + comment + ", email=" + email);
|
---|
239 | dw.modifyUserInfo(username, password, groups, accountstatus, comment, email);
|
---|
240 | }
|
---|
241 | }
|
---|
242 |
|
---|
243 |
|
---|