Changeset 32988

Timestamp:

2019-04-05T14:52:41+13:00 (5 years ago)

Author:

kjdon

Message:

1. added code to match document/HASHxxx/print - goes to a=d&sa=print, for a print version of the doc. 2. added code for humanverify. if humanverify is set for a colleciton, then any links to source docs (and currently any assocfiles - need to fix that) will go via a verify page, where user has to accvept terms and conditions and do a recaptcha

File:

• main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java (modified) (6 diffs)

main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java

@@ -19 +19 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletRequestWrapper;
+import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.io.FileUtils;
@@ -28 +29 @@
 import org.greenstone.gsdl3.util.UserContext;
 import org.greenstone.gsdl3.util.XMLConverter;
+import org.greenstone.gsdl3.service.Authentication;
 import org.w3c.dom.Document;
 import org.w3c.dom.Element;
@@ -52 +54 @@
     protected static final String DOCUMENT_PATH = "document";
     protected static final String COLLECTION_PATH = "collection";
-  protected static final String GROUP_PATH = "group";
+        protected static final String GROUP_PATH = "group";
     protected static final String PAGE_PATH = "page";
     protected static final String SYSTEM_PATH = "system";
-  protected static final String BROWSE_PATH = "browse";
-  protected static final String SEARCH_PATH = "search";
+        protected static final String BROWSE_PATH = "browse";
+        protected static final String SEARCH_PATH = "search";
 
     protected static final String METADATA_RETRIEVAL_SERVICE = "DocumentMetadataRetrieve";
@@ -187 +189 @@
                     Element securityResponse = (Element) GSXML.getChildByTagName(gsRouter.process(securityMessage), GSXML.RESPONSE_ELEM);
                     ArrayList<String> groups = GSXML.getGroupsFromSecurityResponse(securityResponse);
+                    _logger.debug("security response = "+XMLConverter.getPrettyString(securityResponse));
 
                     if (!groups.contains(""))
@@ -202 +205 @@
                         if (!found)
                         {
+                          // this just returns nothing to the browser - get no error or anything, just an empty document
+                          // can we return an error page??
+                          String new_url = context.getContextPath()+"/"+ context.getAttribute("LibraryName")+"?a=p&sa=error&c="+collection+"&ec=wrong_group";
+                          ((HttpServletResponse)response).sendRedirect(new_url);
                             return;
                         }
+                    }
+                    // if got here have no groups.
+                    // do we have human verify thing?
+                    boolean human_verify = false;
+                    
+                    if (!securityResponse.getAttribute("humanVerify").equals("")) {
+                      // have we already done the test?
+                      String hmvf_response = gRequest.getParameter("hmvf");
+                      // hmvf param will be set by form
+                      if (hmvf_response != null) {
+                        if (!securityResponse.getAttribute("siteKey").equals("")) {
+                          String recaptcha_response = gRequest.getParameter("g-recaptcha-response");
+                          String secret_key = securityResponse.getAttribute("secretKey");
+                          int result = Authentication.verifyRecaptcha(secret_key, recaptcha_response);
+                          _logger.debug("recaptcha result code = "+result);
+                          if (result == Authentication.NO_ERROR) {
+                        _logger.debug("RECAPTCHA SUCCESS, hopefully going to the document");
+                        
+                          } else {
+                        _logger.error("something went wrong with recaptcha, error="+result);
+                        _logger.error(Authentication.getErrorKey(result));
+                        // display error page
+                        String new_url = context.getContextPath()+"/"+ context.getAttribute("LibraryName")+"?a=p&sa=error&c="+collection+"&ec=recap_fail";
+                        ((HttpServletResponse)response).sendRedirect(new_url);
+                        
+                        return;
+                          }
+                        }
+                        
+                      } else {
+                        // hmvf param is not set - we haven't shown them the form yet
+                        // we need to display the verify page
+                        String new_url = context.getContextPath()+"/"+ context.getAttribute("LibraryName")+"?a=p&sa=verify&c="+collection+"&url="+url;
+                        ((HttpServletResponse)response).sendRedirect(new_url);
+                        return;
+                      }
                     }
                 }
@@ -294 +337 @@
                     {
                         gRequest.setParameter(GSParams.DOCUMENT, segments[i + 1]);
-
+                        
                         additionalParameters = new String[] { GSParams.ACTION };
                         defaultParamValues = new String[] { "d" };
+                        if ((i+2) < segments.length && segments[i+2].equals("print")) {
+                          gRequest.setParameter(GSParams.SUBACTION, "print");
+                          gRequest.setParameter("ed", "1");
+                          
+                        }
+                    
                     }
                     //PAGE