Changeset 27172 for main/trunk/greenstone2/runtime-src/src/recpt
- Timestamp:
- 2013-04-11T12:43:36+12:00 (11 years ago)
- Location:
- main/trunk/greenstone2/runtime-src/src/recpt
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone2/runtime-src/src/recpt/cgiwrapper.cpp
r25560 r27172 544 544 545 545 queryaction *aqueryaction = new queryaction(); 546 aqueryaction->set_userdb(udb); 546 547 aqueryaction->set_receptionist (&recpt); 547 548 recpt.add_action (aqueryaction); -
main/trunk/greenstone2/runtime-src/src/recpt/queryaction.cpp
r23420 r27172 831 831 } 832 832 833 bool queryaction::user_groups_match(const text_t &collection_groups, const text_t &user_groups) { 834 835 text_tset splitgrps; 836 text_t::const_iterator split_here = collection_groups.begin(); 837 text_t::const_iterator split_end = collection_groups.end(); 838 839 splitchar(split_here,split_end,',',splitgrps); 840 841 text_t::const_iterator ugroup_here = user_groups.begin(); 842 text_t::const_iterator ugroup_end = user_groups.end(); 843 text_t thisugroup; 844 while (ugroup_here != ugroup_end) { 845 ugroup_here = getdelimitstr (ugroup_here, ugroup_end, ',', thisugroup); 846 if (splitgrps.find(thisugroup) != splitgrps.end() ) 847 { // we have permission! 848 return true; 849 } 850 } 851 return false; 852 } 853 854 // If we are currently authenticated to be in this collection, then check all 855 // collections in the list against the groups of the current user - if there is an overlap of groups, then add the collection into ccs list 856 // If there had been no authentication needed to get to this collection, then 857 // we'll ignore any collections that have collection level authentication 858 void queryaction::validate_ccs_collection_list(cgiargsclass &args, recptprotolistclass *protos, ostream &logout) { 859 860 text_tarray collections; 861 text_t arg_cc = args["cc"]; 862 text_t arg_c = args["c"]; 863 decode_cgi_arg (arg_cc); 864 splitchar (arg_cc.begin(), arg_cc.end(), ',', collections); 865 bool currently_authenticated = false; 866 if (!args["uan"].empty()) { 867 // uan=1 means needs authentication. We'll only get here if we have passed authentication, otherwise the page would have been redirected to login page 868 currently_authenticated = true; 869 } 870 args["cc"] = ""; // we will add colls in one by one if they are valid 871 text_tarray::iterator col_here = collections.begin(); 872 text_tarray::iterator col_end = collections.end(); 873 bool first = true; 874 text_t current_user_name = args["un"]; 875 userinfo_t thisuser; 876 if (currently_authenticated) { 877 int status = user_database->get_user_info (current_user_name, thisuser); 878 if (status != ERRNO_SUCCEED) { // something has gone wrong, so assume not 879 // authenticated 880 currently_authenticated = false; 881 } 882 } 883 884 while (col_here != col_end) { 885 bool include_coll = false; 886 if (*col_here == arg_c) { 887 // current collection must be accessible otherwise we wouldn't be here. 888 include_coll = true; 889 } else { 890 recptproto *collectproto = protos->getrecptproto (*col_here, logout); 891 if (collectproto != NULL) { 892 ColInfoResponse_t *cinfo = recpt->get_collectinfo_ptr (collectproto, *col_here, logout); 893 text_t authenticate = cinfo->authenticate; 894 if (authenticate == "collection") { 895 if (currently_authenticated) { 896 text_t collection_groups = cinfo->auth_group; 897 if (user_groups_match(collection_groups, thisuser.groups)) { 898 include_coll = true; 899 } 900 } // else we'll not include it 901 } else { // not authenticated, or document level authentication - can include in the list 902 include_coll = true; 903 } 904 } 905 } 906 if (include_coll) { 907 if (!first) args["cc"].push_back (','); 908 args["cc"] += *col_here; 909 first = false; 910 } 911 912 ++col_here; 913 } 914 915 } 916 833 917 bool queryaction::do_action (cgiargsclass &args, recptprotolistclass *protos, 834 918 browsermapclass *browsers, displayclass &disp, … … 845 929 if (args["ccs"] == "1") { 846 930 if (!args["cc"].empty()) { 931 validate_ccs_collection_list(args, protos, logout); // include only those which current user has access to 847 932 // query the selected collections 848 933 text_t::const_iterator b = args["cc"].begin(); -
main/trunk/greenstone2/runtime-src/src/recpt/queryaction.h
r23378 r27172 30 30 #include "gsdlconf.h" 31 31 #include "basequeryaction.h" 32 #include "userdb.h" 32 33 #include "receptionist.h" 33 34 … … 41 42 int num_phrases; 42 43 44 userdbclass *user_database; // for checking user groups in ccs 43 45 virtual text_t query_filter_name () {return "QueryFilter";} 44 46 … … 91 93 virtual bool save_search_history(cgiargsclass &args, int numdocs, 92 94 isapprox isApprox); 93 95 bool user_groups_match(const text_t &collection_groups, const text_t &user_groups); 96 void validate_ccs_collection_list(cgiargsclass &args, recptprotolistclass *protos, ostream &logout); 94 97 public: 95 98 queryaction (); … … 99 102 bool init (ostream &logout); 100 103 104 void set_userdb(userdbclass *udb) {user_database = udb;} 101 105 virtual text_t get_action_name () {return "q";} 102 106 103 107 virtual bool check_cgiargs (cgiargsinfoclass &argsinfo, cgiargsclass &args, 104 108 recptprotolistclass *protos, ostream &logout); 105 106 109 virtual void define_internal_macros (displayclass &disp, cgiargsclass &args, 107 110 recptprotolistclass *protos, ostream &logout);
Note:
See TracChangeset
for help on using the changeset viewer.