Changeset 25092 for main/trunk
- Timestamp:
- 2012-02-15T15:14:09+13:00 (12 years ago)
- Location:
- main/trunk/greenstone3/src/java/org/greenstone/gsdl3
- Files:
-
- 5 edited
-
LibraryServlet.java (modified) (5 diffs)
-
collection/Collection.java (modified) (10 diffs)
-
core/Receptionist.java (modified) (3 diffs)
-
util/DerbyWrapper.java (modified) (12 diffs)
-
util/GSXML.java (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/LibraryServlet.java
r25054 r25092 13 13 import javax.servlet.*; 14 14 import javax.servlet.http.*; 15 16 import java.security.Principal; 17 import java.util.Collection; 15 18 import java.util.Enumeration; 16 19 import java.util.ArrayList; … … 96 99 */ 97 100 protected Hashtable session_ids_table = new Hashtable(); 98 101 99 102 /** 100 103 * the maximum interval that the cached info remains in session_ids_table … … 356 359 { 357 360 logUsageInfo(request); 358 359 Map<String, String[]> queryMap = request.getParameterMap();361 362 Map<String, String[]> queryMap = request.getParameterMap(); 360 363 if (queryMap != null) 361 364 { … … 473 476 String subaction = request.getParameter(GSParams.SUBACTION); 474 477 String collection = request.getParameter(GSParams.COLLECTION); 478 String document = request.getParameter(GSParams.DOCUMENT); 475 479 String service = request.getParameter(GSParams.SERVICE); 476 480 … … 695 699 response.setHeader(name, value); 696 700 } 701 } 702 } 703 } 704 705 //Check if we need to login or logout 706 Map<String, String[]> params = request.getParameterMap(); 707 String[] username = params.get("username"); 708 String[] password = params.get("password"); 709 String[] logout = params.get("logout"); 710 711 if (logout != null) 712 { 713 request.logout(); 714 } 715 716 if (username != null && password != null) 717 { 718 if (request.getAuthType() != null) 719 { 720 request.logout(); 721 } 722 request.login(username[0], password[0]); 723 } 724 725 if(request.getAuthType() != null) 726 { 727 Element userInformation = this.doc.createElement("userInformation"); 728 xml_request.appendChild(userInformation); 729 userInformation.setAttribute("username", request.getUserPrincipal().getName()); 730 } 731 732 733 //If we are in a collection-related page then make sure this user is allowed to access it 734 if (collection != null && !collection.equals("")) 735 { 736 //Get the security info for this collection 737 Element securityMessage = this.doc.createElement(GSXML.MESSAGE_ELEM); 738 Element securityRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_SECURITY, collection, userContext); 739 securityMessage.appendChild(securityRequest); 740 if (document != null && !document.equals("")) 741 { 742 securityRequest.setAttribute("oid", document); 743 } 744 745 Element securityResponse = (Element) GSXML.getChildByTagName(this.recept.process(securityMessage), GSXML.RESPONSE_ELEM); 746 ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse); 747 748 //If guests are not allowed to access this page then check to see if the user is in a group that is allowed to access the page 749 if (!groups.contains("")) 750 { 751 boolean found = false; 752 for (String group : groups) 753 { 754 if (request.isUserInRole(group)) 755 { 756 found = true; 757 break; 758 } 759 } 760 761 //The current user is not allowed to access the page so produce a login page 762 if (!found) 763 { 764 Element loginPageMessage = this.doc.createElement(GSXML.MESSAGE_ELEM); 765 Element loginPageRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PAGE, "", userContext); 766 loginPageRequest.setAttribute(GSXML.ACTION_ATT, "p"); 767 loginPageRequest.setAttribute(GSXML.SUBACTION_ATT, "login"); 768 loginPageRequest.setAttribute(GSXML.OUTPUT_ATT, "html"); 769 loginPageMessage.appendChild(loginPageRequest); 770 771 Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER); 772 loginPageRequest.appendChild(paramList); 773 774 Element messageParam = this.doc.createElement(GSXML.PARAM_ELEM); 775 messageParam.setAttribute(GSXML.NAME_ATT, "loginMessage"); 776 if(request.getAuthType() == null) 777 { 778 messageParam.setAttribute(GSXML.VALUE_ATT, "Please log in to view this page"); 779 } 780 else 781 { 782 messageParam.setAttribute(GSXML.VALUE_ATT, "You are not in the correct group to view this page"); 783 } 784 paramList.appendChild(messageParam); 785 786 Element urlParam = this.doc.createElement(GSXML.PARAM_ELEM); 787 urlParam.setAttribute(GSXML.NAME_ATT, "redirectURL"); 788 urlParam.setAttribute(GSXML.VALUE_ATT, this.getServletName() + "?" + request.getQueryString().replace("&", "&")); 789 paramList.appendChild(urlParam); 790 791 Node loginPageResponse = this.recept.process(loginPageMessage); 792 out.println(this.converter.getPrettyString(loginPageResponse)); 793 794 return; 697 795 } 698 796 } -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/collection/Collection.java
r24583 r25092 30 30 31 31 import java.io.*; 32 import java.io.File;33 import java.util.HashMap;34 32 import java.util.*; 35 33 … … 70 68 /** earliestDatestamp of this collection. Necessary for OAI */ 71 69 protected long earliestDatestamp = 0; 70 71 /** Stores the default accessibility of guest users */ 72 protected boolean _publicAccess = true; 73 /** Stores the scope of any security rules (either collection or document) */ 74 protected boolean _securityScopeCollection = true; 75 76 protected HashMap<String, ArrayList<Element>> _documentSets = new HashMap<String, ArrayList<Element>>(); 77 78 protected ArrayList<HashMap<String, ArrayList<String>>> _securityExceptions = new ArrayList<HashMap<String, ArrayList<String>>>(); 72 79 73 80 /** … … 125 132 col_type = search.getAttribute(GSXML.TYPE_ATT); 126 133 } 127 134 128 135 Element browse = (Element) GSXML.getChildByTagName(coll_config_xml, GSXML.INFODB_ELEM); 129 136 if (browse != null) … … 138 145 // process the metadata and display items 139 146 findAndLoadInfo(coll_config_xml, build_config_xml); 147 148 loadSecurityInformation(coll_config_xml); 140 149 141 150 // now do the services … … 207 216 protected Element loadBuildConfigFile() 208 217 { 209 210 218 File build_config_file = new File(GSFile.collectionBuildConfigFile(this.site_home, this.cluster_name)); 211 219 if (!build_config_file.exists()) … … 232 240 protected boolean findAndLoadInfo(Element coll_config_xml, Element build_config_xml) 233 241 { 234 235 // metadata236 242 Element meta_list = (Element) GSXML.getChildByTagName(coll_config_xml, GSXML.METADATA_ELEM + GSXML.LIST_MODIFIER); 237 243 addMetadata(meta_list); … … 293 299 return true; 294 300 301 } 302 303 protected void loadSecurityInformation(Element coll_config_xml) 304 { 305 Element securityBlock = (Element) GSXML.getChildByTagName(coll_config_xml, GSXML.SECURITY_ELEM); 306 307 if(securityBlock == null) 308 { 309 return; 310 } 311 312 String scope = securityBlock.getAttribute(GSXML.SCOPE_ATT); 313 String defaultAccess = securityBlock.getAttribute(GSXML.DEFAULT_ACCESS_ATT); 314 315 if (defaultAccess.toLowerCase().equals("public")) 316 { 317 _publicAccess = true; 318 } 319 else if (defaultAccess.toLowerCase().equals("private")) 320 { 321 _publicAccess = false; 322 } 323 else 324 { 325 logger.warn("Default access for collection " + this.cluster_name + " is neither public or private, assuming public"); 326 } 327 328 if (scope.toLowerCase().equals("collection")) 329 { 330 _securityScopeCollection = true; 331 } 332 else if (scope.toLowerCase().equals("documents") || scope.toLowerCase().equals("document")) 333 { 334 _securityScopeCollection = false; 335 } 336 else 337 { 338 logger.warn("Security scope is neither collection or document, assuming collection"); 339 } 340 341 NodeList exceptions = GSXML.getChildrenByTagName(securityBlock, GSXML.EXCEPTION_ELEM); 342 343 if (exceptions.getLength() > 0) 344 { 345 if (!_securityScopeCollection) 346 { 347 NodeList documentSetElems = GSXML.getChildrenByTagName(securityBlock, GSXML.DOCUMENT_SET_ELEM); 348 for (int i = 0; i < documentSetElems.getLength(); i++) 349 { 350 Element documentSet = (Element) documentSetElems.item(i); 351 String setName = documentSet.getAttribute(GSXML.NAME_ATT); 352 NodeList matchStatements = GSXML.getChildrenByTagName(documentSet, GSXML.MATCH_ELEM); 353 ArrayList<Element> matchStatementList = new ArrayList<Element>(); 354 for (int j = 0; j < matchStatements.getLength(); j++) 355 { 356 matchStatementList.add((Element) matchStatements.item(j)); 357 } 358 _documentSets.put(setName, matchStatementList); 359 } 360 } 361 362 for (int i = 0; i < exceptions.getLength(); i++) 363 { 364 HashMap<String, ArrayList<String>> securityException = new HashMap<String, ArrayList<String>>(); 365 ArrayList<String> exceptionGroups = new ArrayList<String>(); 366 ArrayList<String> exceptionSets = new ArrayList<String>(); 367 368 Element exception = (Element) exceptions.item(i); 369 NodeList groups = GSXML.getChildrenByTagName(exception, GSXML.GROUP_ELEM); 370 for (int j = 0; j < groups.getLength(); j++) 371 { 372 Element group = (Element) groups.item(j); 373 String groupName = group.getAttribute(GSXML.NAME_ATT); 374 exceptionGroups.add(groupName); 375 } 376 NodeList docSets = GSXML.getChildrenByTagName(exception, GSXML.DOCUMENT_SET_ELEM); 377 for (int j = 0; j < docSets.getLength(); j++) 378 { 379 Element docSet = (Element) docSets.item(j); 380 String docSetName = docSet.getAttribute(GSXML.NAME_ATT); 381 exceptionSets.add(docSetName); 382 } 383 384 securityException.put("groups", exceptionGroups); 385 securityException.put("sets", exceptionSets); 386 _securityExceptions.add(securityException); 387 } 388 } 295 389 } 296 390 … … 431 525 classifier = request.getAttribute("classifier"); 432 526 } 433 527 434 528 // check for version file 435 529 String directory = new File(GSFile.collectionConfigFile(this.site_home, this.cluster_name)).getParent() + File.separator; … … 661 755 } 662 756 } 757 else if (type.equals(GSXML.REQUEST_TYPE_SECURITY)) 758 { 759 String oid = request.getAttribute("oid"); 760 ArrayList<String> groups = getPermittedGroups(oid); 761 762 Element groupList = this.doc.createElement(GSXML.GROUP_ELEM + GSXML.LIST_MODIFIER); 763 response.appendChild(groupList); 764 765 for(String groupName : groups) 766 { 767 Element group = this.doc.createElement(GSXML.GROUP_ELEM); 768 groupList.appendChild(group); 769 group.setAttribute(GSXML.NAME_ATT, groupName); 770 } 771 } 663 772 else 664 773 { // unknown type … … 669 778 } 670 779 780 protected ArrayList<String> getPermittedGroups(String oid) 781 { 782 ArrayList<String> groups = new ArrayList<String>(); 783 784 if (_securityScopeCollection) 785 { 786 if (_publicAccess) 787 { 788 groups.add(""); 789 } 790 else 791 { 792 for (HashMap<String, ArrayList<String>> exception : _securityExceptions) 793 { 794 for (String group : exception.get("groups")) 795 { 796 groups.add(group); 797 } 798 } 799 } 800 } 801 else 802 { 803 if(oid != null && !oid.equals("")) 804 { 805 boolean inSet = false; 806 for (HashMap<String, ArrayList<String>> exception : _securityExceptions) 807 { 808 for (String setName : exception.get("sets")) 809 { 810 if (documentIsInSet(oid, setName)) 811 { 812 inSet = true; 813 for (String group : exception.get("groups")) 814 { 815 groups.add(group); 816 } 817 } 818 } 819 } 820 821 if(!inSet && _publicAccess) 822 { 823 groups.add(""); 824 } 825 } 826 else 827 { 828 groups.add(""); 829 } 830 } 831 832 return groups; 833 } 834 835 protected boolean documentIsInSet(String oid, String setName) 836 { 837 ArrayList<Element> matchStatements = _documentSets.get(setName); 838 if (matchStatements == null || matchStatements.size() == 0) 839 { 840 return false; 841 } 842 843 for (Element currentMatchStatement : matchStatements) 844 { 845 String fieldName = currentMatchStatement.getAttribute(GSXML.FIELD_ATT); 846 if (fieldName == null || fieldName.equals("")) 847 { 848 fieldName = "oid"; 849 } 850 851 String type = currentMatchStatement.getAttribute(GSXML.TYPE_ATT); 852 if (type == null || type.equals("")) 853 { 854 type = "match"; 855 } 856 857 String fieldValue = ""; 858 if (!fieldName.equals("oid")) 859 { 860 fieldValue = getFieldValue(oid, fieldName); 861 if(fieldValue == null) 862 { 863 return false; 864 } 865 } 866 else 867 { 868 fieldValue = oid; 869 } 870 871 String matchValue = GSXML.getNodeText(currentMatchStatement); 872 if (type.equals("match")) 873 { 874 if(matchValue.equals(fieldValue)) 875 { 876 return true; 877 } 878 } 879 else if (type.equals("regex")) 880 { 881 if(fieldValue.matches(matchValue)) 882 { 883 return true; 884 } 885 } 886 else 887 { 888 logger.warn("Unknown type of match specified in security block of collection " + this.cluster_name + "."); 889 } 890 } 891 892 return false; 893 } 894 895 protected String getFieldValue(String oid, String fieldName) 896 { 897 Element metadataMessage = this.doc.createElement(GSXML.MESSAGE_ELEM); 898 Element metadataRequest = GSXML.createBasicRequest(this.doc, GSXML.REQUEST_TYPE_PROCESS, this.cluster_name + "/DocumentMetadataRetrieve", new UserContext()); 899 metadataMessage.appendChild(metadataRequest); 900 901 Element paramList = this.doc.createElement(GSXML.PARAM_ELEM + GSXML.LIST_MODIFIER); 902 metadataRequest.appendChild(paramList); 903 904 Element param = this.doc.createElement(GSXML.PARAM_ELEM); 905 paramList.appendChild(param); 906 907 param.setAttribute(GSXML.NAME_ATT, "metadata"); 908 param.setAttribute(GSXML.VALUE_ATT, fieldName); 909 910 Element docList = this.doc.createElement(GSXML.DOC_NODE_ELEM + GSXML.LIST_MODIFIER); 911 metadataRequest.appendChild(docList); 912 913 Element doc = this.doc.createElement(GSXML.DOC_NODE_ELEM); 914 docList.appendChild(doc); 915 916 doc.setAttribute(GSXML.NODE_ID_ATT, oid); 917 918 Element response = (Element) this.router.process(metadataMessage); 919 NodeList metadataElems = response.getElementsByTagName(GSXML.METADATA_ELEM); 920 921 if(metadataElems.getLength() > 0) 922 { 923 Element metadata = (Element) metadataElems.item(0); 924 return GSXML.getNodeText(metadata); 925 } 926 927 return null; 928 } 671 929 } -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/Receptionist.java
r25090 r25092 170 170 public Node process(Node message_node) 171 171 { 172 173 172 Element message = this.converter.nodeToElement(message_node); 174 173 … … 182 181 // check the request type 183 182 String type = request.getAttribute(GSXML.TYPE_ATT); // returns "" if no att of this name 183 if(type.equals(GSXML.REQUEST_TYPE_SECURITY)) 184 { 185 return this.mr.process(message); 186 } 187 184 188 if (!type.equals(GSXML.REQUEST_TYPE_PAGE)) 185 189 { … … 235 239 //logger.info(a+" mesa=" + this.converter.getPrettyString(message)); 236 240 // get the page data from the action 241 237 242 Node action_response = a.process(message); 238 243 -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/util/DerbyWrapper.java
r24983 r25092 27 27 import java.sql.SQLWarning; 28 28 import java.sql.Statement; 29 import java.util.ArrayList; 30 import java.util.HashMap; 29 31 import java.util.Properties; 30 32 … … 35 37 static final String USERSDB = "usersDB"; 36 38 static final String USERS = "users"; 39 static final String ROLES = "roles"; 37 40 private Connection conn = null; 38 41 private Statement state = null; … … 98 101 } 99 102 100 public void createDatabase() throws SQLException 101 { 102 conn.setAutoCommit(false); 103 state.execute("create table users (username varchar(40) not null, password varchar(40) not null, groups varchar(500), accountstatus varchar(10), comment varchar(100), primary key(username))"); 104 //ystem.out.println("table users created successfully!"); 105 state.execute("insert into " + USERS + " values ('admin', 'admin', 'administrator,all-collections-editor', 'true', 'change the password for this account as soon as possible')"); 106 conn.commit(); 103 public void createDatabase() 104 { 105 try 106 { 107 conn.setAutoCommit(false); 108 state.execute("create table users (username varchar(40) not null, password varchar(40) not null, accountstatus varchar(10), comment varchar(100), primary key(username))"); 109 state.execute("create table roles (username varchar(40) not null, role varchar(40) not null, primary key (username, role))"); 110 //ystem.out.println("table users created successfully!"); 111 state.execute("insert into " + USERS + " values ('admin', 'admin', 'true', 'change the password for this account as soon as possible')"); 112 state.execute("insert into " + ROLES + " values ('admin', 'administrator')"); 113 state.execute("insert into " + ROLES + " values ('admin', 'all-collections-editor')"); 114 conn.commit(); 115 } 116 catch(Exception ex) 117 { 118 ex.printStackTrace(); 119 } 107 120 } 108 121 … … 110 123 { 111 124 UserQueryResult userQueryResult = new UserQueryResult(); 112 String sql_list_all_user = "select username, password, groups, accountstatus, comment from " + USERS; 113 125 String sql_list_all_user = "SELECT username, password, accountstatus, comment FROM " + USERS; 126 127 ArrayList<HashMap<String, String>> users = new ArrayList<HashMap<String,String>>(); 114 128 ResultSet rs = state.executeQuery(sql_list_all_user); 115 129 while (rs.next()) 116 130 { 117 String returned_username = rs.getString("username"); 118 String returned_password = rs.getString("password"); 119 String returned_groups = rs.getString("groups"); 120 String returned_accountstatus = rs.getString("accountstatus"); 121 String returned_comment = rs.getString("comment"); 122 userQueryResult.addUserTerm(returned_username, returned_password, returned_groups, returned_accountstatus, returned_comment); 123 } 131 HashMap<String, String> user = new HashMap<String, String>(); 132 user.put("username", rs.getString("username")); 133 user.put("password", rs.getString("password")); 134 user.put("as", rs.getString("accountstatus")); 135 user.put("comment", rs.getString("comment")); 136 137 users.add(user); 138 } 139 140 for(HashMap<String, String> user : users) 141 { 142 ResultSet gs = state.executeQuery("SELECT role FROM roles WHERE username = '" + user.get("username") + "'"); 143 String group = ""; 144 while(gs.next()) 145 { 146 if(!group.equals("")) 147 { 148 group += ","; 149 } 150 group += gs.getString("role"); 151 } 152 userQueryResult.addUserTerm(user.get("username"), user.get("password"), group, user.get("as"), user.get("comment")); 153 } 154 124 155 if (userQueryResult.getSize() == 0) 125 156 { … … 133 164 } 134 165 135 public String addUser(String username, String password, String groups, String accountstatus, String comment) throws SQLException136 { 137 conn.setAutoCommit(false);138 String sql_insert_user = "insert into " + USERS + " values ('" + username + "', '" + password + "', '" + groups + "', '" + accountstatus + "', '" + comment + "')";139 try140 {166 public String addUser(String username, String password, String groups, String accountstatus, String comment) 167 { 168 try 169 { 170 conn.setAutoCommit(false); 171 String sql_insert_user = "insert into " + USERS + " values ('" + username + "', '" + password + "', '" + accountstatus + "', '" + comment + "')"; 141 172 state.execute(sql_insert_user); 173 174 String[] groupArray = groups.split(","); 175 for(String g : groupArray) 176 { 177 String sql_insert_group = "insert into " + ROLES + " values ('" + username + "', '" + g + "')"; 178 state.execute(sql_insert_group); 179 } 180 142 181 conn.commit(); 143 182 } … … 157 196 return "Error:" + e.getMessage(); 158 197 } 198 159 199 return "succeed"; 160 200 } 161 201 162 public String deleteUser(String del_username) throws SQLException 163 { 164 conn.setAutoCommit(false); 165 String sql_delete_user = "delete from " + USERS + " where username='" + del_username + "'"; 166 try 167 { 202 public String deleteUser(String del_username) 203 { 204 try 205 { 206 conn.setAutoCommit(false); 207 String sql_delete_user = "delete from " + USERS + " where username='" + del_username + "'"; 208 String sql_delete_groups = "delete from " + ROLES + " where username='" + del_username + "'"; 168 209 state.execute(sql_delete_user); 210 state.execute(sql_delete_groups); 169 211 conn.commit(); 170 212 } … … 192 234 { 193 235 state.execute("delete from " + USERS); 236 state.execute("delete from " + ROLES); 194 237 conn.commit(); 195 238 } … … 216 259 217 260 conn.setAutoCommit(false); 218 String sql_find_user = "SELECT username, password, groups,accountstatus, comment FROM " + USERS;261 String sql_find_user = "SELECT username, password, accountstatus, comment FROM " + USERS; 219 262 String append_sql = ""; 220 263 … … 238 281 sql_find_user += append_sql; 239 282 } 283 284 ArrayList<HashMap<String, String>> users = new ArrayList<HashMap<String,String>>(); 240 285 ResultSet rs = state.executeQuery(sql_find_user); 241 286 while (rs.next()) 242 287 { 243 String returned_username = rs.getString("username"); 244 //System.out.println("returned_username :" + returned_username); 245 String returned_password = rs.getString("password"); 246 //System.out.println("returned_password :" + returned_password); 247 String returned_groups = rs.getString("groups"); 248 //System.out.println("returned_groups :" + returned_groups); 249 String returned_accountstatus = rs.getString("accountstatus"); 250 //System.out.println("returned_accountstatus :" + returned_accountstatus); 251 String returned_comment = rs.getString("comment"); 252 //System.out.println("returned_comment :" + returned_comment); 253 userQueryResult.addUserTerm(returned_username, returned_password, returned_groups, returned_accountstatus, returned_comment); 254 //System.out.println(userQueryResult.toString()); 288 HashMap<String, String> user = new HashMap<String, String>(); 289 user.put("username", rs.getString("username")); 290 user.put("password", rs.getString("password")); 291 user.put("as", rs.getString("accountstatus")); 292 user.put("comment", rs.getString("comment")); 293 294 users.add(user); 255 295 } 256 296 conn.commit(); 297 298 for(HashMap<String, String> user : users) 299 { 300 ResultSet gs = state.executeQuery("SELECT role FROM " + ROLES + " WHERE username = '" + user.get("username") + "'"); 301 302 String group = ""; 303 while(gs.next()) 304 { 305 if(!group.equals("")) 306 { 307 group += ","; 308 } 309 group += gs.getString("role"); 310 } 311 312 System.out.println("GROUP = " + group); 313 314 userQueryResult.addUserTerm(user.get("username"), user.get("password"), group, user.get("as"), user.get("comment")); 315 } 316 257 317 if (userQueryResult.getSize() > 0) 258 318 { … … 266 326 } 267 327 268 public String modifyUserInfo(String username, String new_password, String groups, String accountstatus, String comment) throws SQLException 269 { 270 conn.setAutoCommit(false); 271 String sql_modify_user_info = "update " + USERS + " set "; 272 if (new_password != null && !new_password.equals("")) 273 { 274 sql_modify_user_info += "password='" + new_password + "'"; 275 } 276 277 if (groups != null && accountstatus != null && comment != null) 278 { 279 sql_modify_user_info += ", groups='" + groups + "'" + ", accountstatus='" + accountstatus + "'" + ", comment='" + comment + "'"; 280 } 281 sql_modify_user_info += " where username='" + username + "'"; 282 283 try 284 { 328 public String modifyUserInfo(String username, String new_password, String groups, String accountstatus, String comment) 329 { 330 try 331 { 332 conn.setAutoCommit(false); 333 String sql_modify_user_info = "update " + USERS + " set "; 334 if (new_password != null && !new_password.equals("")) 335 { 336 sql_modify_user_info += "password='" + new_password + "'"; 337 } 338 339 if (accountstatus != null && comment != null) 340 { 341 sql_modify_user_info += ", accountstatus='" + accountstatus + "'" + ", comment='" + comment + "'"; 342 } 343 sql_modify_user_info += " where username='" + username + "'"; 285 344 System.out.println(sql_modify_user_info); 286 345 state.execute(sql_modify_user_info); 346 347 String sql_delete_groups = "delete from " + ROLES + " where username='" + username + "'"; 348 state.execute(sql_delete_groups); 349 350 String[] groupsArray = groups.split(","); 351 for(String g : groupsArray) 352 { 353 String sql_insert_group = "insert into " + ROLES + " values ('" + username + "', '" + g + "')"; 354 state.execute(sql_insert_group); 355 } 356 287 357 conn.commit(); 288 358 } … … 307 377 { 308 378 UserQueryResult userQueryResult = new UserQueryResult(); 309 String sql_list_all_user = "select username, password, groups,accountstatus, comment from " + USERS;379 String sql_list_all_user = "select username, password, accountstatus, comment from " + USERS; 310 380 ResultSet rs = state.executeQuery(sql_list_all_user); 311 381 … … 318 388 String returned_accountstatus = rs.getString("accountstatus"); 319 389 System.out.println("<enabled>" + returned_accountstatus); 320 String returned_groups = rs.getString("groups"); 390 ResultSet groupsSet = state.executeQuery("SELECT role FROM " + ROLES + " WHERE username = '" + returned_username + "'"); 391 String returned_groups = ""; 392 while(groupsSet.next()) 393 { 394 if(!returned_groups.equals("")) 395 { 396 returned_groups += ","; 397 } 398 returned_groups += groupsSet.getString("role"); 399 } 321 400 System.out.println("<groups>" + returned_groups); 322 401 String returned_password = rot13(rs.getString("password")); -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/util/GSXML.java
r24993 r25092 209 209 // save the format string 210 210 public static final String REQUEST_TYPE_FORMAT_STRING = "formatString"; 211 // check credentials 212 public static final String REQUEST_TYPE_SECURITY = "security"; 211 213 212 214 // service types … … 254 256 public static final String ERROR = "error"; 255 257 258 //security tags and attributes 259 public static final String SECURITY_ELEM = "security"; 260 public static final String SCOPE_ATT = "scope"; 261 public static final String DEFAULT_ACCESS_ATT = "default_access"; 262 public static final String EXCEPTION_ELEM = "exception"; 263 public static final String DOCUMENT_SET_ELEM = "documentSet"; 264 public static final String GROUP_ELEM = "group"; 265 public static final String MATCH_ELEM = "match"; 266 public static final String FIELD_ATT = "field"; 267 256 268 /** 257 269 * takes a list of elements, and returns an array of strings of the values … … 1090 1102 private static void xmlNodeToString(StringBuffer sb, Node e, int depth, boolean printText) 1091 1103 { 1092 1104 if(e == null) 1105 { 1106 return; 1107 } 1108 1093 1109 for (int i = 0; i < depth; i++) 1094 1110 sb.append(' '); … … 1224 1240 } 1225 1241 } 1242 1243 public static ArrayList<String> getGroupsFromSecurityResponse(Element securityResponse) 1244 { 1245 ArrayList<String> groups = new ArrayList<String>(); 1246 1247 Element groupList = (Element) GSXML.getChildByTagName(securityResponse, GSXML.GROUP_ELEM + GSXML.LIST_MODIFIER); 1248 if(groupList == null) 1249 { 1250 return groups; 1251 } 1252 1253 NodeList groupElems = GSXML.getChildrenByTagName(groupList, GSXML.GROUP_ELEM); 1254 1255 for(int i = 0; i < groupElems.getLength(); i++) 1256 { 1257 Element groupElem = (Element) groupElems.item(i); 1258 groups.add(groupElem.getAttribute(GSXML.NAME_ATT)); 1259 } 1260 1261 return groups; 1262 } 1226 1263 }
Note:
See TracChangeset
for help on using the changeset viewer.
