- Timestamp:
- 2012-05-14T14:28:38+12:00 (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java
r25536 r25591 31 31 //Restricted URLs 32 32 protected static final String SITECONFIG_URL = "sites/[^/]+/siteConfig.xml"; 33 34 33 protected static final ArrayList<String> _restrictedURLs; 35 34 static … … 40 39 } 41 40 41 //Constants 42 protected static final String DOCUMENT_PATH = "document"; 43 protected static final String COLLECTION_PATH = "collection"; 44 protected static final String PAGE_PATH = "page"; 45 protected static final String SYSTEM_PATH = "system"; 46 47 protected static final String METADATA_RETRIEVAL_SERVICE = "DocumentMetadataRetrieve"; 48 protected static final String ASSOCIATED_FILE_PATH = "/index/assoc/"; 49 protected static final String COLLECTION_FILE_PATH = "/collect/"; 50 51 protected static final String SYSTEM_SUBACTION_CONFIGURE = "configure"; 52 protected static final String SYSTEM_SUBACTION_RECONFIGURE = "reconfigure"; 53 protected static final String SYSTEM_SUBACTION_ACTIVATE = "activate"; 54 protected static final String SYSTEM_SUBACTION_DEACTIVATE = "deactivate"; 55 42 56 public void init(FilterConfig filterConfig) throws ServletException 43 57 { … … 65 79 } 66 80 67 if (url.contains("/index/assoc/")) 81 //If the user is trying to access a collection file we need to run a security check 82 if (url.contains(ASSOCIATED_FILE_PATH)) 68 83 { 69 84 String dir = null; 70 int dirStart = url.indexOf( "/index/assoc/") + "/index/assoc/".length();85 int dirStart = url.indexOf(ASSOCIATED_FILE_PATH) + ASSOCIATED_FILE_PATH.length(); 71 86 int dirEnd = -1; 72 87 if (dirStart < url.length() && url.indexOf("/", dirStart) != -1) … … 84 99 85 100 String collection = null; 86 int colStart = url.indexOf( "/collect/") + "/collect/".length();101 int colStart = url.indexOf(COLLECTION_FILE_PATH) + COLLECTION_FILE_PATH.length(); 87 102 int colEnd = -1; 88 103 if (colStart < url.length() && url.indexOf("/", colStart) != -1) … … 114 129 115 130 Element metaMessage = gsDoc.createElement(GSXML.MESSAGE_ELEM); 116 Element metaRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, collection + "/ DocumentMetadataRetrieve", new UserContext());131 Element metaRequest = GSXML.createBasicRequest(gsDoc, GSXML.REQUEST_TYPE_PROCESS, collection + "/" + METADATA_RETRIEVAL_SERVICE, new UserContext()); 117 132 metaMessage.appendChild(metaRequest); 118 133 … … 179 194 else 180 195 { 196 //If we have a jsessionid on the end of our URL we want to ignore it 181 197 int index; 182 if ((index = url.indexOf(";jsessionid")) != -1)198 if ((index = url.indexOf(";jsessionid")) != -1) 183 199 { 184 200 url = url.substring(0, index); … … 191 207 192 208 //COLLECTION 193 if (segments[i].equals( "collection") && (i + 1) < segments.length)209 if (segments[i].equals(COLLECTION_PATH) && (i + 1) < segments.length) 194 210 { 195 211 gRequest.setParameter(GSParams.COLLECTION, segments[i + 1]); 196 212 } 197 213 //DOCUMENT 198 else if (segments[i].equals( "document") && (i + 1) < segments.length)214 else if (segments[i].equals(DOCUMENT_PATH) && (i + 1) < segments.length) 199 215 { 200 216 gRequest.setParameter(GSParams.DOCUMENT, segments[i + 1]); … … 204 220 } 205 221 //PAGE 206 else if (segments[i].equals( "page") && (i + 1) < segments.length)222 else if (segments[i].equals(PAGE_PATH) && (i + 1) < segments.length) 207 223 { 208 224 gRequest.setParameter(GSParams.SUBACTION, segments[i + 1]); … … 211 227 defaultParamValues = new String[] { "p" }; 212 228 } 229 //SYSTEM 230 else if (segments[i].equals(SYSTEM_PATH) && (i + 1) < segments.length) 231 { 232 String sa = segments[i + 1]; 233 if (sa.equals(SYSTEM_SUBACTION_CONFIGURE) || sa.equals(SYSTEM_SUBACTION_RECONFIGURE)) 234 { 235 sa = "c"; 236 } 237 else if (sa.equals(SYSTEM_SUBACTION_ACTIVATE)) 238 { 239 sa = "a"; 240 } 241 else if (sa.equals(SYSTEM_SUBACTION_DEACTIVATE)) 242 { 243 sa = "d"; 244 } 245 246 if (sa.equals("c") && (i + 2) < segments.length) 247 { 248 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]); 249 } 250 251 if (sa.equals("a") && (i + 2) < segments.length) 252 { 253 gRequest.setParameter(GSParams.SYSTEM_MODULE_TYPE, "collection"); 254 gRequest.setParameter(GSParams.SYSTEM_MODULE_NAME, segments[i + 2]); 255 } 256 257 if (sa.equals("d") && (i + 2) < segments.length) 258 { 259 gRequest.setParameter(GSParams.SYSTEM_CLUSTER, segments[i + 2]); 260 } 261 262 gRequest.setParameter(GSParams.SUBACTION, sa); 263 264 additionalParameters = new String[] { GSParams.ACTION }; 265 defaultParamValues = new String[] { "s" }; 266 } 213 267 //ADMIN 214 268 else if (segments[i].equals("admin") && (i + 1) < segments.length) … … 253 307 serviceName = segments[i + 1]; 254 308 gRequest.setParameter("s", serviceName); 255 309 256 310 additionalParameters = new String[] { GSParams.ACTION, GSParams.SUBACTION, GSParams.REQUEST_TYPE }; 257 311 defaultParamValues = new String[] { "q", "", "d" }; 258 312 } 259 if((i + 2) < segments.length) 260 { 261 System.err.println("HUH??"); 313 if ((i + 2) < segments.length) 314 { 262 315 if (serviceName.equals("TextQuery") || serviceName.equals("RawQuery")) 263 316 {
Note:
See TracChangeset
for help on using the changeset viewer.