Changeset 32413 for main/trunk
- Timestamp:
- 2018-09-03T12:24:44+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r32391 r32413 66 66 protected static final int ERROR_NOT_AUTHORISED = -19; 67 67 protected static final int ERROR_MISSING_PARAMS = -20; 68 protected static final int ERROR_SOMETHING_WRONG = -21; 68 69 69 70 protected static final HashMap<Integer, String> _errorKeyMap; … … 91 92 errorKeyMap.put(ERROR_NOT_AUTHORISED, "auth.error.not_authorised"); 92 93 errorKeyMap.put(ERROR_MISSING_PARAMS, "auth.error.missing_params"); // ??? 94 errorKeyMap.put(ERROR_SOMETHING_WRONG, "auth.error.something_wrong"); 93 95 _errorKeyMap = errorKeyMap; 94 96 } … … 521 523 if (param_list == null) 522 524 { 523 serviceNode.setAttribute(OPERATION, LOGIN);525 serviceNode.setAttribute(OPERATION, BLANK); 524 526 logger.error("Authentication request has no param list"); 525 527 return result; // Return the empty result … … 543 545 // its an operation that requires the user to be logged on - direct them to login page 544 546 serviceNode.setAttribute(OPERATION, LOGIN); 547 if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) { 548 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 549 } 545 550 GSXML.addError(result, getErrorTextString(ERROR_NOT_LOGGED_IN, lang)); 546 551 return result; … … 551 556 // actually, the user needs to be an admin user and they are not 552 557 serviceNode.setAttribute(OPERATION, LOGIN); 558 if (_recaptchaOpList != null && _recaptchaOpList.contains(LOGIN)) { 559 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 560 } 553 561 GSXML.addError(result, getErrorTextString(ERROR_ADMIN_NOT_LOGGED_IN, lang)); 554 562 return result; … … 585 593 //Check the given user name 586 594 int error; 587 if ((error = checkUsername(newUsername)) != NO_ERROR) 595 if (checkUserExists(newUsername)) { 596 error = ERROR_USER_ALREADY_EXISTS; 597 } else { 598 error = checkUsername(newUsername); 599 } 600 if (error != NO_ERROR) 601 { 602 serviceNode.setAttribute(OPERATION, ADD_USER); 603 GSXML.addError(result, getErrorTextString(error, lang)); 604 return result; 605 } 606 607 //Check the given password 608 if ((error = checkPassword(newPassword)) != NO_ERROR) 588 609 { 589 610 serviceNode.setAttribute(OPERATION, ADD_USER); … … 592 613 } 593 614 594 //Check the given password595 if ((error = checkPassword(newPassword)) != NO_ERROR)596 {597 serviceNode.setAttribute(OPERATION, ADD_USER);598 GSXML.addError(result, getErrorTextString(error, lang));599 return result;600 }601 602 615 newPassword = hashPassword(newPassword); 603 616 … … 628 641 //Check the given details 629 642 int error; 630 if ((error = checkUsername(newUsername)) == NO_ERROR) { 643 if (checkUserExists(newUsername)) { 644 error = ERROR_USER_ALREADY_EXISTS; 645 } else { 646 error = checkUsername(newUsername); 647 } 648 if (error == NO_ERROR) { 631 649 if ((error = checkPassword(newPassword)) == NO_ERROR) { 632 650 newPassword = hashPassword(newPassword); 633 if (_recaptchaSiteKey != null && _recaptchaSecretKey != null) { 634 651 if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) { 635 652 String user_response = (String) paramMap.get("g-recaptcha-response"); 636 653 if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) == NO_ERROR) { … … 652 669 return result; 653 670 } 654 655 if (op.equals(PERFORM_EDIT)) 656 { 657 String previousUsername = (String) paramMap.get(PREV_USERNAME); 658 String newUsername = (String) paramMap.get(NEW_USERNAME); 659 String newPassword = (String) paramMap.get(PASSWORD); 660 String newGroups = (String) paramMap.get(GROUPS); 661 String newStatus = (String) paramMap.get(STATUS); 662 String newComment = (String) paramMap.get(COMMENT); 663 String newEmail = (String) paramMap.get(NEW_EMAIL); 664 665 //Check the given user name 666 int error; 667 if ((error = checkUsername(newUsername)) != NO_ERROR) 668 { 669 GSXML.addError(result, getErrorTextString(error, lang)); 670 return result; 671 } 672 673 if (newPassword == null) 674 { 675 newPassword = retrieveDataForUser(previousUsername, PASSWORD); 676 } 677 else 678 { 679 //Check the given password 680 if ((error = checkPassword(newPassword)) != NO_ERROR) 681 { 682 GSXML.addError(result, getErrorTextString(error, lang)); 683 return result; 684 } 685 686 newPassword = hashPassword(newPassword); 687 } 688 689 error = removeUser(previousUsername); 690 if (error != NO_ERROR) 691 { 692 if (error == ERROR_USERNAME_NOT_SPECIFIED) 693 { 694 addUserInformationToNode(null, serviceNode); 695 serviceNode.setAttribute(OPERATION, LIST_USERS); 696 } 697 else 698 { 699 serviceNode.setAttribute(OPERATION, EDIT_USER); 700 GSXML.addError(result, getErrorTextString(error, lang)); 701 } 702 return result; 703 } 704 705 error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail); 706 if (error != NO_ERROR) 707 { 708 serviceNode.setAttribute(OPERATION, EDIT_USER); 709 GSXML.addError(result, getErrorTextString(error, lang)); 710 } 711 else 712 { 713 addUserInformationToNode(null, serviceNode); 714 serviceNode.setAttribute(OPERATION, LIST_USERS); 715 } 671 672 // PERFORM_EDIT is caled when admin is running EditUser, and PERFORM_ACCOUNT_EDIT is called when a user is running AccountSettings to change their own details 673 if (op.equals(PERFORM_EDIT) || op.equals(PERFORM_ACCOUNT_EDIT)) { 674 675 String parent_op = EDIT_USER; 676 if (op.equals(PERFORM_ACCOUNT_EDIT)) { 677 parent_op = ACCOUNT_SETTINGS; 678 } 679 String previousUsername = (String) paramMap.get(PREV_USERNAME); 680 String newUsername = (String) paramMap.get(NEW_USERNAME); 681 int error; 682 // Has the user name been changed? Make sure it doesn't already exist and is a valid username 683 if (previousUsername == null) { 684 // we have ended up here by mistake (via s1.authpage which is no longer valid) 685 serviceNode.setAttribute(OPERATION, BLANK); 686 GSXML.addError(result, getErrorTextString(ERROR_SOMETHING_WRONG, lang)); 687 return result; 688 } 689 690 if (!previousUsername.equals(newUsername)) { 691 692 error = NO_ERROR; 693 if (checkUserExists(newUsername)) { 694 error = ERROR_USER_ALREADY_EXISTS; 695 } else { 696 error = checkUsername(newUsername); 697 } 698 if (error != NO_ERROR) { 699 addUserInformationToNode(previousUsername, serviceNode); 700 serviceNode.setAttribute(OPERATION, parent_op); 701 GSXML.addError(result, getErrorTextString(error, lang)); 702 return result; 703 } 704 } 705 706 // password checking 707 String newPassword; 708 if (op.equals(PERFORM_EDIT)) { 709 newPassword = (String) paramMap.get(PASSWORD); 710 } else { 711 newPassword = (String) paramMap.get(NEW_PASSWORD); 712 } 713 if (newPassword == null) { 714 // we are not changing the password 715 newPassword = retrieveDataForUser(previousUsername, PASSWORD); 716 } else { 717 // we need to check the old one 718 if (op.equals(PERFORM_ACCOUNT_EDIT)) { 719 // check that they entered their old password correctly 720 String prevPassword = retrieveDataForUser(previousUsername, PASSWORD); 721 String oldPassword = (String) paramMap.get(OLD_PASSWORD); 722 oldPassword = hashPassword(oldPassword); 723 if (oldPassword == null || !oldPassword.equals(prevPassword)) { 724 725 addUserInformationToNode(previousUsername, serviceNode); 726 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 727 GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD"); 716 728 return result; 717 } 718 // this operation is done by a user when editing their own details. Should not return userNode info. 719 if (op.equals(PERFORM_ACCOUNT_EDIT)) 720 { 721 String previousUsername = (String) paramMap.get(PREV_USERNAME); 722 String newUsername = (String) paramMap.get(NEW_USERNAME); 723 String oldPassword = (String) paramMap.get(OLD_PASSWORD); 724 String newPassword = (String) paramMap.get(NEW_PASSWORD); 725 String newEmail = (String) paramMap.get(NEW_EMAIL); 726 727 //Make sure the user name does not already exist 728 if (!previousUsername.equals(newUsername) && checkUserExists(newUsername)) 729 { 730 addUserInformationToNode(previousUsername, serviceNode); 731 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 732 GSXML.addError(result, getErrorTextString(ERROR_USER_ALREADY_EXISTS, lang)); 733 return result; 734 } 735 736 String prevPassword = retrieveDataForUser(previousUsername, PASSWORD); 737 738 if (newPassword != null) 739 { 740 oldPassword = hashPassword(oldPassword); 741 742 if (oldPassword == null || !oldPassword.equals(prevPassword)) 743 { 744 addUserInformationToNode(previousUsername, serviceNode); 745 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 746 GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD"); 747 return result; 748 } 749 750 //Check the given password 751 int error; 752 if ((error = checkPassword(newPassword)) != NO_ERROR) 753 { 754 addUserInformationToNode(previousUsername, serviceNode); 755 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 756 GSXML.addError(result, getErrorTextString(error, lang)); 757 return result; 758 } 759 760 newPassword = hashPassword(newPassword); 761 } 762 else 763 { 764 newPassword = prevPassword; 765 } 766 767 //Check the given user name 768 int error; 769 if ((error = checkUsername(newUsername)) != NO_ERROR) 770 { 771 addUserInformationToNode(previousUsername, serviceNode); 772 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 773 GSXML.addError(result, getErrorTextString(error, lang)); 774 return result; 775 } 776 777 String prevGroups = retrieveDataForUser(previousUsername, GROUPS); 778 String prevStatus = retrieveDataForUser(previousUsername, STATUS); 779 String prevComment = retrieveDataForUser(previousUsername, COMMENT); 780 781 error = removeUser(previousUsername); 782 if (error != NO_ERROR) 783 { 784 addUserInformationToNode(previousUsername, serviceNode); 785 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 786 GSXML.addError(result, getErrorTextString(error, lang)); 787 return result; 788 } 789 790 error = addUser(newUsername, newPassword, prevGroups, prevStatus, prevComment, newEmail); 791 if (error != NO_ERROR) 792 { 793 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 794 GSXML.addError(result, getErrorTextString(error, lang)); 795 } 796 797 addUserInformationToNode(newUsername, serviceNode); 798 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 799 GSXML.addError(result, getTextString("auth.success.account_settings", lang)); 800 return result; 729 } 730 } 731 // need to make sure the new password is a valid password 732 if ((error = checkPassword(newPassword)) != NO_ERROR) { 733 734 addUserInformationToNode(previousUsername, serviceNode); 735 serviceNode.setAttribute(OPERATION, parent_op); 736 GSXML.addError(result, getErrorTextString(error, lang)); 737 return result; 738 } 739 newPassword = hashPassword(newPassword); 740 741 } 742 743 // are we using recaptcha for AccountSettings or EditUser? 744 if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) { 745 String user_response = (String) paramMap.get("g-recaptcha-response"); 746 if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) != NO_ERROR) { 747 addUserInformationToNode(previousUsername, serviceNode); 748 serviceNode.setAttribute(OPERATION, parent_op); 749 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 750 GSXML.addError(result, getErrorTextString(error, lang)); 751 return result; 752 } 753 } 754 755 groups = null; 756 String status = null; 757 String comment = null; 758 String email = (String) paramMap.get(NEW_EMAIL); 759 if (op.equals(PERFORM_EDIT)) { 760 groups = (String) paramMap.get(GROUPS); 761 status = (String) paramMap.get(STATUS); 762 comment = (String) paramMap.get(COMMENT); 763 764 } else { 765 groups = retrieveDataForUser(previousUsername, GROUPS); 766 status = retrieveDataForUser(previousUsername, STATUS); 767 comment = retrieveDataForUser(previousUsername, COMMENT); 768 } 769 770 771 error = removeUser(previousUsername); 772 if (error != NO_ERROR) { 773 addUserInformationToNode(previousUsername, serviceNode); 774 serviceNode.setAttribute(OPERATION, parent_op); 775 GSXML.addError(result, getErrorTextString(error, lang)); 776 return result; 777 } 778 779 error = addUser(newUsername, newPassword, groups, status, comment, email); 780 if (error != NO_ERROR) { 781 782 // oh dear. we have removed previous data, but were unable to add new data. The user is now gone :-( 783 serviceNode.setAttribute(OPERATION, BLANK); 784 GSXML.addError(result, getErrorTextString(error, lang)); 785 } 786 else { 787 if (op.equals(PERFORM_ACCOUNT_EDIT)) { 788 addUserInformationToNode(newUsername, serviceNode); 789 serviceNode.setAttribute(OPERATION, parent_op); 790 if (_recaptchaOpList != null && _recaptchaOpList.contains(parent_op)) { 791 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 792 } 793 GSXML.addError(result, getTextString("auth.success.account_settings", lang)); 794 795 } else { 796 797 addUserInformationToNode(null, serviceNode); 798 serviceNode.setAttribute(OPERATION, LIST_USERS); 799 String [] args = {newUsername}; 800 GSXML.addError(result, getTextString("auth.success.edit_user", lang, args)); 801 } 802 803 } 804 return result; 801 805 } 802 806 if (op.equals(PERFORM_RETRIEVE_PASSWORD)) … … 902 906 addUserInformationToNode(null, serviceNode); 903 907 serviceNode.setAttribute(OPERATION, LIST_USERS); 908 String[] args = {usernameToDelete}; 909 GSXML.addError(result, getTextString("auth.success.delete_user", lang, args)); 904 910 return result; 905 911 }
Note:
See TracChangeset
for help on using the changeset viewer.