Changeset 27295

Show
Ignore:
Timestamp:
03.05.2013 18:25:10 (6 years ago)
Author:
ak19
Message:

This commit contains bugfixes for authentication within metadata-server.pl and related perl code, and is committed separately before changes in gsajaxapi.js start to make use of it. Another important change is that for adding user comments, a user need not be in the collection's group, so checking the group shouldn't be performed. The bugfixes are to get the authentication to work and are in addition to an earlier commit that corrected the name of the authentication_enable variable in baseaction.pm. The bugfixes are: users.gdb instead of users.db, metadata-server.pl needs to call gsdlCGI's encrypt_password otherwise the password check will fail because it won't match with what's in the db. Also, the calls to authenticate_user had to be through the self variable, since its a method not a function and failed to work correctly otherwise.

Location:
main/trunk/greenstone2
Files:
3 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/common-src/cgi-bin/metadata-server.pl

    r24872 r27295  
    5555    $gsdl_cgi->checked_chdir($gsdlhome); 
    5656 
     57    # Encrypt the password 
     58    $gsdl_cgi->encrypt_password(); 
     59 
    5760    require cgiactions::metadataaction; 
    5861     
  • main/trunk/greenstone2/perllib/cgiactions/baseaction.pm

    r27277 r27295  
    3131use inexport; 
    3232 
    33 our $authentication_enabled = 0; 
     33our $authentication_enabled = 0; # debugging flag (can debug without authentication when set to 0) 
    3434our $mail_enabled = 0; 
    3535 
     
    237237    my $gsdlhome = $ENV{'GSDLHOME'}; 
    238238    my $etc_directory = &util::filename_cat($gsdlhome, "etc"); 
    239     my $users_db_file_path = &util::filename_cat($etc_directory, "users.db"); 
     239    my $users_db_file_path = &util::filename_cat($etc_directory, "users.gdb"); 
    240240 
    241241    # Use db2txt to get the user accounts information 
     
    246246    } 
    247247 
    248     # Get the user account information from the users.db database 
     248    # Get the user account information from the users.gdb database 
    249249    my %users_db_data = (); 
    250250    foreach my $users_db_entry (split(/-{70}/, $users_db_content)) { 
     
    266266    } 
    267267 
     268    # The following code which tests whether the user is in the required group  
     269    # seems to have been copied over from gliserver.pl. 
     270    # But for metadata-server.pl, when user comments are added through the set-metadata functions, 
     271    # the user doesn't need to be a specific collection's editor in order to add comments to that collection. 
     272    # So we no longer check the user is in the group here. 
     273 
    268274    # Check group 
    269     my ($user_groups) = ($user_data =~ /\<groups\>(.*)/); 
    270     if ($collection eq "") { 
    271     # If we're not editing a collection then the user doesn't need to be in a particular group 
    272     return $user_groups;  # Authentication successful 
    273     } 
    274     foreach my $user_group (split(/\,/, $user_groups)) { 
     275#    my ($user_groups) = ($user_data =~ /\<groups\>(.*)/); 
     276#    if ($collection eq "") { 
     277#   # If we're not editing a collection then the user doesn't need to be in a particular group 
     278#   return $user_groups;  # Authentication successful 
     279#    } 
     280#    foreach my $user_group (split(/\,/, $user_groups)) { 
    275281    # Does this user have access to all collections? 
    276     if ($user_group eq "all-collections-editor") { 
    277         return $user_groups;  # Authentication successful 
    278     } 
     282#   if ($user_group eq "all-collections-editor") { 
     283#       return $user_groups;  # Authentication successful 
     284#   } 
    279285    # Does this user have access to personal collections, and is this one? 
    280     if ($user_group eq "personal-collections-editor" && $collection =~ /^$username\-/) { 
    281         return $user_groups;  # Authentication successful 
    282     } 
     286#   if ($user_group eq "personal-collections-editor" && $collection =~ /^$username\-/) { 
     287#       return $user_groups;  # Authentication successful 
     288#   } 
    283289    # Does this user have access to this collection 
    284     if ($user_group eq "$collection-collection-editor") { 
    285         return $user_groups;  # Authentication successful 
    286     } 
    287     } 
    288  
    289     $gsdl_cgi->generate_error("Authentication failed: user is not in the required group."); 
     290#   if ($user_group eq "$collection-collection-editor") { 
     291#       return $user_groups;  # Authentication successful 
     292#   } 
     293#    } 
     294# 
     295#    $gsdl_cgi->generate_error("Authentication failed: user is not in the required group."); 
    290296} 
    291297 
  • main/trunk/greenstone2/perllib/cgiactions/metadataaction.pm

    r27261 r27295  
    250250    # Authenticate user if it is enabled 
    251251    if ($baseaction::authentication_enabled) { 
    252     # Ensure the user is allowed to edit this collection 
    253     &authenticate_user($gsdl_cgi, $username, $collect); 
     252    # Ensure the user is allowed to edit this collection     
     253    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    254254    } 
    255255 
     
    309309    # Authenticate user if it is enabled 
    310310    if ($baseaction::authentication_enabled) { 
    311         # Ensure the user is allowed to edit this collection 
    312         &authenticate_user($gsdl_cgi, $username, $collect); 
     311        # Ensure the user is allowed to edit this collection 
     312        $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    313313    } 
    314314 
     
    444444    # Authenticate user if it is enabled 
    445445    if ($baseaction::authentication_enabled) { 
    446         # Ensure the user is allowed to edit this collection 
    447         &authenticate_user($gsdl_cgi, $username, $collect); 
     446        # Ensure the user is allowed to edit this collection         
     447        $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    448448    } 
    449449 
     
    614614   
    615615    if ($baseaction::authentication_enabled) { 
    616     # Ensure the user is allowed to edit this collection 
    617     &authenticate_user($gsdl_cgi, $username, $collect); 
     616    # Ensure the user is allowed to edit this collection     
     617    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    618618    } 
    619619 
     
    847847 
    848848    if ($baseaction::authentication_enabled) { 
    849     # Ensure the user is allowed to edit this collection 
    850     &authenticate_user($gsdl_cgi, $username, $collect); 
     849    # Ensure the user is allowed to edit this collection     
     850    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    851851    } 
    852852 
     
    889889     
    890890    if ($baseaction::authentication_enabled) { 
    891     # Ensure the user is allowed to edit this collection 
    892     #&authenticate_user($gsdl_cgi, $username, $collect); 
    893     $self->authenticate_user($username, $collect); 
     891    # Ensure the user is allowed to edit this collection     
     892    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    894893    } 
    895894     
     
    963962    if ($baseaction::authentication_enabled) { 
    964963    # Ensure the user is allowed to edit this collection 
    965     &authenticate_user($gsdl_cgi, $username, $collect); 
     964    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    966965    } 
    967966 
     
    10791078 
    10801079    if ($baseaction::authentication_enabled) { 
    1081     # Ensure the user is allowed to edit this collection 
    1082     &authenticate_user($gsdl_cgi, $username, $collect); 
     1080    # Ensure the user is allowed to edit this collection     
     1081    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    10831082    } 
    10841083 
     
    11921191 
    11931192    if ($baseaction::authentication_enabled) { 
    1194     # Ensure the user is allowed to edit this collection 
    1195     &authenticate_user($gsdl_cgi, $username, $collect); 
     1193    # Ensure the user is allowed to edit this collection     
     1194    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    11961195    } 
    11971196 
     
    16851684 
    16861685    if ($baseaction::authentication_enabled) { 
    1687     # Ensure the user is allowed to edit this collection 
    1688     &authenticate_user($gsdl_cgi, $username, $collect); 
     1686    # Ensure the user is allowed to edit this collection     
     1687    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    16891688    } 
    16901689 
     
    17821781    if ($baseaction::authentication_enabled)  
    17831782    { 
    1784         # Ensure the user is allowed to edit this collection 
    1785         &authenticate_user($gsdl_cgi, $username, $collect); 
     1783        # Ensure the user is allowed to edit this collection         
     1784        $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect);  
    17861785    } 
    17871786 
     
    22202219     
    22212220    if ($baseaction::authentication_enabled) { 
    2222         # Ensure the user is allowed to edit this collection 
    2223         $self->authenticate_user($username, $collect); 
     2221    # Ensure the user is allowed to edit this collection 
     2222    $self->authenticate_user($username, $collect); 
    22242223    } 
    22252224 
     
    22442243 
    22452244    if ($baseaction::authentication_enabled) { 
    2246     # Ensure the user is allowed to edit this collection 
    2247     &authenticate_user($gsdl_cgi, $username, $collect); 
     2245    # Ensure the user is allowed to edit this collection     
     2246    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    22482247    } 
    22492248 
     
    25272526     
    25282527    if ($baseaction::authentication_enabled) { 
    2529         # Ensure the user is allowed to edit this collection 
    2530         &authenticate_user($gsdl_cgi, $username, $collect); 
     2528        # Ensure the user is allowed to edit this collection         
     2529        $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    25312530    } 
    25322531 
     
    26952694     
    26962695    if ($baseaction::authentication_enabled) { 
    2697     # Ensure the user is allowed to edit this collection 
    2698     &authenticate_user($gsdl_cgi, $username, $collect); 
     2696    # Ensure the user is allowed to edit this collection     
     2697    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    26992698    } 
    27002699 
     
    27222721 
    27232722    if ($baseaction::authentication_enabled) { 
    2724     # Ensure the user is allowed to edit this collection 
    2725     &authenticate_user($gsdl_cgi, $username, $collect); 
     2723    # Ensure the user is allowed to edit this collection     
     2724    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    27262725    } 
    27272726 
     
    28422841     
    28432842    if ($baseaction::authentication_enabled) { 
    2844     # Ensure the user is allowed to edit this collection 
    2845     &authenticate_user($gsdl_cgi, $username, $collect); 
     2843    # Ensure the user is allowed to edit this collection     
     2844    $self->authenticate_user($username, $collect); #&authenticate_user($gsdl_cgi, $username, $collect); 
    28462845    } 
    28472846