Changeset 11937


Ignore:
Timestamp:
2006-06-19T17:06:58+12:00 (18 years ago)
Author:
mdewsnip
Message:

Changed the way authenticate_user works, in preparation for the new user groups stuff.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/gsdl/cgi-bin/gliserver.pl

    r11936 r11937  
    9999    my $gsdl_cgi = shift(@_);
    100100    my $username = shift(@_);
    101     my $user_group_required = shift(@_);
     101    my $collection = shift(@_);
    102102
    103103    # Even if we're not authenticating remove the un and pw arguments, since these can mess up other scripts
     
    146146    my ($user_groups) = ($user_data =~ /\<groups\>(.*)/);
    147147    foreach my $user_group (split(/\,/, $user_groups)) {
    148     if ($user_group eq $user_group_required || $user_group eq "remote-superuser") {
     148    if ($collection eq "" || $user_group eq "$collection-maintainer" || $user_group eq "remote-superuser") {
    149149        # Authentication successful!
    150150        return;
     
    226226    }
    227227
    228     # Users must be in the <collection>-maintainer group to perform this action
    229     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     228    # Ensure the user is allowed to edit this collection
     229    &authenticate_user($gsdl_cgi, $username, $collection);
    230230
    231231    my $gsdlhome = $ENV{'GSDLHOME'};
     
    272272    }
    273273
    274     # Users must be in the <collection>-maintainer group to perform this action
    275     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     274    # Ensure the user is allowed to edit this collection
     275    &authenticate_user($gsdl_cgi, $username, $collection);
    276276
    277277    my $gsdlhome = $ENV{'GSDLHOME'};
     
    306306    }
    307307
    308     # Users must be in the <collection>-maintainer group to perform this action
    309     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     308    # Ensure the user is allowed to edit this collection
     309    &authenticate_user($gsdl_cgi, $username, $collection);
    310310
    311311    my $gsdlhome = $ENV{'GSDLHOME'};
     
    353353    }
    354354
    355     # Users must be in the <collection>-maintainer group to perform this action
    356     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     355    # Ensure the user is allowed to edit this collection
     356    &authenticate_user($gsdl_cgi, $username, $collection);
    357357
    358358    my $gsdlhome = $ENV{'GSDLHOME'};
     
    396396    my ($gsdl_cgi, $username) = @_;
    397397
    398     # Users must be in the remote-collection-builder group to perform this action
    399     &authenticate_user($gsdl_cgi, $username, "remote-collection-builder");
     398    # Users can be in any group to perform this action
     399    &authenticate_user($gsdl_cgi, $username, "");
    400400
    401401    my $gsdlhome = $ENV{'GSDLHOME'};
     
    445445    }
    446446
    447     # Users must be in the <collection>-maintainer group to perform this action
    448     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     447    # Ensure the user is allowed to edit this collection
     448    &authenticate_user($gsdl_cgi, $username, $collection);
    449449
    450450    my $gsdlhome = $ENV{'GSDLHOME'};
     
    494494    $gsdl_cgi->delete("script");
    495495
    496     # Users must be in the remote-collection-builder group to perform this action
    497     &authenticate_user($gsdl_cgi, $username, "remote-collection-builder");
     496    # Users can be in any group to perform this action
     497    &authenticate_user($gsdl_cgi, $username, "");
    498498
    499499    my $perl_args = "";
     
    553553    }
    554554
    555     # Users must be in the <collection>-maintainer group to perform this action
    556     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     555    # Ensure the user is allowed to edit this collection
     556    &authenticate_user($gsdl_cgi, $username, $collection);
    557557
    558558    my $gsdlhome = $ENV{'GSDLHOME'};
     
    598598    }
    599599
    600     # Users must be in the <collection>-maintainer group to perform this action
    601     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     600    # Ensure the user is allowed to edit this collection
     601    &authenticate_user($gsdl_cgi, $username, $collection);
    602602
    603603    my $gsdlhome = $ENV{'GSDLHOME'};
     
    639639    $gsdl_cgi->delete("c");
    640640
    641     # Users must be in the <collection>-maintainer group to perform this action
    642     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     641    # Ensure the user is allowed to edit this collection
     642    &authenticate_user($gsdl_cgi, $username, $collection);
    643643
    644644    # Make sure the collection isn't locked by someone else (unless we're running mkcol.pl, of course)
     
    703703    }
    704704
    705     # Users must be in the <collection>-maintainer group to perform this action
    706     &authenticate_user($gsdl_cgi, $username, "$collection-maintainer");
     705    # Ensure the user is allowed to edit this collection
     706    &authenticate_user($gsdl_cgi, $username, $collection);
    707707
    708708    my $gsdlhome = $ENV{'GSDLHOME'};
Note: See TracChangeset for help on using the changeset viewer.