Changeset 14349 for greenstone3


Ignore:
Timestamp:
2007-08-09T09:04:51+12:00 (17 years ago)
Author:
qq6
Message:

put some comments

File:
1 edited

Legend:

Unmodified
Added
Removed

  • greenstone3/trunk/src/java/org/greenstone/gsdl3/service/Authentication.java

    r14347 r14349  
    175175    Element service_node = this.doc.createElement(GSXML.SERVICE_ELEM);
    176176    authen_node.appendChild(service_node);
    177     // add the authentication procedure to the service node
    178177    service_node.setAttribute("aup",aup);
    179     // the user recordes got from the users table
     178    // user's info
    180179    UserQueryResult userQueryResult=null;
    181180
    182     // check the usersDb database, if it isn't existing, create one and add a "admin" user
     181    // check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the  user database and add a "admin" user
    183182    String usersDB_dir = this.site_home + File.separatorChar + "etc" + File.separatorChar + "usersDB";
    184183    DerbyWrapper derbyWrapper=new DerbyWrapper();
     
    202201    // Action: login
    203202    if (aup.equals("Login")){
    204         if (uan.equals("")){
    205         service_node.setAttribute("info","Login");
    206         derbyWrapper.closeDatabase();
    207         return result;
    208         }
    209    
    210     // if the current procedure requires authentication(uan=1),but the user hasn't been authenticated(asn=0),will ask the user to login first
     203        if (uan.equals("")){ //return a login page, if the user's name is not given
     204        service_node.setAttribute("info","Login");
     205        derbyWrapper.closeDatabase();
     206        return result;
     207        }
     208   
     209    // if the authentication(uan=1) is required,but the user hasn't been authenticated(asn=0),the user is asked to login first
    211210        if ((uan.equals("1") && asn.equals("0"))) {
    212211        if ((un.length()==0) && (pw.length()==0)){
    213212            service_node.setAttribute("asn","0");
    214213            service_node.setAttribute("info","Login");
    215              derbyWrapper.closeDatabase();
     214            derbyWrapper.closeDatabase();
    216215            return result;
    217216        }
     
    223222            return result;
    224223        }else{ 
    225             userQueryResult=derbyWrapper.findUser(un,pw);
    226             derbyWrapper.closeDatabase();
     224            userQueryResult=derbyWrapper.findUser(un,pw);//looking for the user from the users table
    227225            service_node.setAttribute(GSXML.NAME_ATT,"Authentication");
    228            
    229226            service_node.setAttribute("un",un);
    230             //  service_node.setAttribute("asn",asn);
    231227            if (userQueryResult==null){
    232             asn="0";//the user isn't a vaild user
    233             service_node.setAttribute("asn","0");// either unsername or password is wrong
    234             service_node.setAttribute("err","un-pw-err");
     228            //the user isn't a vaild user
     229            service_node.setAttribute("asn","0");
     230            service_node.setAttribute("err","un-pw-err");// either unsername or password is wrong
    235231            service_node.setAttribute("info","Login");
    236232            derbyWrapper.closeDatabase();
     
    241237            String groups=((UserTermInfo)userInfo.get(0)).groups_;
    242238            String accountstatus=((UserTermInfo)userInfo.get(0)).accountstatus_;
     239            if (accountstatus.trim().equals("false")){
     240                service_node.setAttribute("asn","0");
     241                service_node.setAttribute("err","as-false");//the account status is false
     242                service_node.setAttribute("info","Login");
     243                derbyWrapper.closeDatabase();
     244                return result;
     245            }
    243246            String[] groups_array=groups.split(",");
    244247            for (int i=0; i<groups_array.length;i++){
    245                 if ((groups_array[i].trim().toLowerCase()).equals("administrator")){
    246                 if (accountstatus.trim().equals("true")){
    247                     asn="1";
    248                     service_node.setAttribute("asn","1");
    249                     break;
    250                 }
     248                if ((groups_array[i].trim().toLowerCase()).equals("administrator")){// check whether the user is in the administrator group
     249                asn="1";
     250                service_node.setAttribute("asn","1");
     251                break;
    251252                }
    252253            }
     
    258259        }
    259260        }
    260         //asn=0 couldn't find the user
    261         if (asn.equals("0")){
    262         service_node.setAttribute("info","Login");
    263         service_node.setAttribute("err","not-authen");
    264         derbyWrapper.closeDatabase();
    265         return result;
    266         }
     261
    267262        //asn!=0 This is a valid user
    268263        if (!asn.equals("0")){
     
    283278        }
    284279
    285        //valid users can't list all users because they aren't in the administrator group(asn=2)
     280       //valid users but not in the administrator group(asn=2), they cannot list all users
    286281        if (asn.equals("2")){
    287282        service_node.setAttribute("info","Login");
     
    292287        return result;
    293288        }
    294         //valid users are in the administrator group, they can list all users(asn=1)
     289        //valid users belong to the administrator group(asn=1), they can list all users
    295290        if (asn.equals("1")){
    296291        userQueryResult=derbyWrapper.findUser(null,null);
     
    316311    //Action : adduder
    317312    if (aup.equals("AddUser")){
     313        if (asn.equals("") && un.equals("")){
     314        service_node.setAttribute("info","Login");
     315        derbyWrapper.closeDatabase();
     316        return result;
     317        }
    318318        //valid users can't add a new user because they aren't in the administrator group(asn=2)
    319319        if (asn.equals("2")){
     
    541541        }
    542542
    543          if (!pw.equals(umpw) && umpw.length()>0){
    544          service_node.setAttribute("info","modify_interface");
    545          service_node.setAttribute("err","pw-umpw-nm-err");//if the original password is not match
    546          derbyWrapper.closeDatabase();
    547          return result;
    548          }
     543        if (!pw.equals(umpw) && umpw.length()>0){
     544        service_node.setAttribute("info","modify_interface");
     545        service_node.setAttribute("err","pw-umpw-nm-err");//if the original password is not match
     546        derbyWrapper.closeDatabase();
     547        return result;
     548        }
    549549         
    550          if ((umpw1.length()==0) || (umpw2.length()==0)){
    551          service_node.setAttribute("info","modify_interface");
    552          service_node.setAttribute("err","umpw1-umpw2-null-err");//if one of the password strings is none,return the err info back
    553          derbyWrapper.closeDatabase();
    554          return result;
    555          }
    556 
    557          if(!umpw1.equals(umpw2)){
    558          service_node.setAttribute("info","modify_interface");
    559          service_node.setAttribute("err","umpw1-umpw2-nm-err");//if one of the password strings is none,return the err info back
    560          derbyWrapper.closeDatabase();
    561          return result;
    562          }
    563 
    564          if (umpw.length()==0){
    565          service_node.setAttribute("info","modify_interface");
    566          service_node.setAttribute("err","umpw-null-err");//if one of the password strings is none,return the err info back
    567          derbyWrapper.closeDatabase();
    568          return result;
    569          }
    570          //check the new password and the retyped password
    571          if ((umpw1==null) || (umpw1.length()<3) || (umpw1.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw1)))){
    572          service_node.setAttribute("info","modify_interface");
    573          service_node.setAttribute("err","umpw1-err");// the new password is illegal
    574          derbyWrapper.closeDatabase();
    575          return result;
     550        if ((umpw1.length()==0) || (umpw2.length()==0)){
     551        service_node.setAttribute("info","modify_interface");
     552        service_node.setAttribute("err","umpw1-umpw2-null-err");//if one of the password strings is none,return the err info back
     553        derbyWrapper.closeDatabase();
     554        return result;
     555        }
     556
     557        if(!umpw1.equals(umpw2)){
     558        service_node.setAttribute("info","modify_interface");
     559        service_node.setAttribute("err","umpw1-umpw2-nm-err");//if one of the password strings is none,return the err info back
     560        derbyWrapper.closeDatabase();
     561        return result;
     562        }
     563       
     564        if (umpw.length()==0){
     565        service_node.setAttribute("info","modify_interface");
     566        service_node.setAttribute("err","umpw-null-err");//if one of the password strings is none,return the err info back
     567        derbyWrapper.closeDatabase();
     568        return result;
     569        }
     570        //check the new password and the retyped password
     571        if ((umpw1==null) || (umpw1.length()<3) || (umpw1.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw1)))){
     572        service_node.setAttribute("info","modify_interface");
     573        service_node.setAttribute("err","umpw1-err");// the new password is illegal
     574        derbyWrapper.closeDatabase();
     575        return result;
     576        } 
     577       
     578        if ((umpw2==null) || (umpw2.length()<3) || (umpw2.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw2)))){
     579        service_node.setAttribute("info","modify_interface");
     580        service_node.setAttribute("err","umpw2-err"); // the retyped password is illegal
     581        derbyWrapper.closeDatabase();
     582        return result;
    576583         } 
    577 
    578          if ((umpw2==null) || (umpw2.length()<3) || (umpw2.length()>8) || (!(Pattern.matches("[\\p{ASCII}]+",umpw2)))){
    579          service_node.setAttribute("info","modify_interface");
    580          service_node.setAttribute("err","umpw2-err"); // the retyped password is illegal
    581          derbyWrapper.closeDatabase();
    582          return result;
    583          } 
    584          String modify_user_info=derbyWrapper.modifyUserInfo(un,umpw1,null,null,null);
    585          if (modify_user_info.equals("succeed")){
    586          service_node.setAttribute("err","");// the passsword has been changed successfully
    587          derbyWrapper.closeDatabase();
    588          return result;
    589          }else{
    590          service_node.setAttribute("err",modify_user_info);// return the error message of the pasword couldn't be modified
    591          derbyWrapper.closeDatabase();
    592          return result;
    593          }
    594 
     584        String modify_user_info=derbyWrapper.modifyUserInfo(un,umpw1,null,null,null);
     585        if (modify_user_info.equals("succeed")){
     586        service_node.setAttribute("err","");// the passsword has been changed successfully
     587        derbyWrapper.closeDatabase();
     588        return result;
     589        }else{
     590        service_node.setAttribute("err",modify_user_info);// return the error message of the pasword couldn't be modified
     591        derbyWrapper.closeDatabase();
     592        return result;
     593        }
    595594    }
    596595
Note: See TracChangeset for help on using the changeset viewer.