Changeset 28202
- Timestamp:
- 2013-09-03T12:30:35+12:00 (11 years ago)
- Location:
- main/trunk/greenstone3/src/java/org/greenstone/gsdl3
- Files:
-
- 1 added
- 5 edited
-
action/DepositorAction.java (modified) (2 diffs)
-
action/GeneralAction.java (modified) (3 diffs)
-
service/Authentication.java (modified) (3 diffs)
-
service/UserTracker.java (added)
-
util/ModifyUsersDB.java (modified) (1 diff)
-
util/txt2usersDB.java (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/action/DepositorAction.java
r27908 r28202 78 78 } 79 79 80 DerbyWrapper database = new DerbyWrapper(); 81 database.connectDatabase(GlobalProperties.getGSDL3Home() + File.separator + "sites" + File.separator + this.config_params.get(GSConstants.SITE_NAME) + File.separatorChar + "etc" + File.separatorChar + "usersDB", false); 80 DerbyWrapper database = new DerbyWrapper(GlobalProperties.getGSDL3Home() + File.separatorChar + "etc" + File.separatorChar + "usersDB"); 82 81 if (pageNumParseFail) 83 82 { … … 361 360 { 362 361 database.clearUserData(); 362 database.clearTrackerData(); 363 363 } 364 364 else -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/action/GeneralAction.java
r25635 r28202 1 1 package org.greenstone.gsdl3.action; 2 3 import org.greenstone.gsdl3.util.*;4 import org.greenstone.util.GlobalProperties;5 // XML classes6 import org.w3c.dom.Document;7 import org.w3c.dom.Node;8 import org.w3c.dom.Element;9 import org.w3c.dom.NodeList;10 2 11 3 import java.io.File; … … 21 13 import javax.xml.transform.stream.StreamResult; 22 14 15 import org.greenstone.gsdl3.util.GSFile; 16 import org.greenstone.gsdl3.util.GSParams; 17 import org.greenstone.gsdl3.util.GSPath; 18 import org.greenstone.gsdl3.util.GSXML; 19 import org.greenstone.gsdl3.util.UserContext; 20 import org.greenstone.util.GlobalProperties; 21 import org.w3c.dom.Document; 22 import org.w3c.dom.Element; 23 import org.w3c.dom.Node; 24 import org.w3c.dom.NodeList; 25 23 26 public class GeneralAction extends Action 24 27 { … … 81 84 } 82 85 83 if (request_type.equals("r") || request_type.equals("s") )86 if (request_type.equals("r") || request_type.equals("s") || request_type.equals("ro")) 84 87 { 85 88 //do the request -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r28161 r28202 17 17 import org.greenstone.gsdl3.util.DerbyWrapper; 18 18 import org.greenstone.gsdl3.util.GSXML; 19 import org.greenstone.gsdl3.util.UserContext;20 19 import org.greenstone.gsdl3.util.UserQueryResult; 21 20 import org.greenstone.gsdl3.util.UserTermInfo; … … 851 850 if (_derbyWrapper == null) 852 851 { 853 _derbyWrapper = new DerbyWrapper();854 855 852 // check the usersDb database, if it isn't existing, check the etc dir, create the etc dir if it isn't existing, then create the user database and add a "admin" user 856 853 String usersDB_dir = GlobalProperties.getGSDL3Home() + File.separatorChar + "etc" + File.separatorChar + "usersDB"; 854 855 _derbyWrapper = new DerbyWrapper(usersDB_dir); 856 857 857 File usersDB_file = new File(usersDB_dir); 858 858 if (!usersDB_file.exists()) … … 869 869 } 870 870 } 871 _derbyWrapper.connectDatabase(usersDB_dir, true);872 871 _derbyWrapper.createDatabase(); 873 872 } 874 else 875 { 876 _derbyWrapper.connectDatabase(usersDB_dir, false); 877 } 878 } 873 } 874 879 875 return true; 880 876 } -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/util/ModifyUsersDB.java
r27924 r28202 25 25 // To run this from the command-line, first make sure that the tomcat server is stopped, then run: 26 26 // java -cp /full/path/to/GS3/web/WEB-INF/lib/gsdl3.jar:/full/path/to/GS3/web/WEB-INF/lib/derby.jar org.greenstone.gsdl3.util.usersDB2txt web/etc/usersDB/ 27 public class ModifyUsersDB { 28 29 public static void main(String[] args) throws SQLException { 30 31 if (args.length < 3) { // at minimum one field belonging to a username has to be changed 32 System.out.println("Usage: java org.greenstone.gsdl3.ModifyUsersDB <full_path_of_the_usersDB> <username> [-noAdd] [password=pwd] [groups=grp] [accounstatus=status] [comment=cmt] [email=address]"); 33 System.exit(0); 27 public class ModifyUsersDB 28 { 29 30 public static void main(String[] args) throws SQLException 31 { 32 33 if (args.length < 3) 34 { // at minimum one field belonging to a username has to be changed 35 System.out.println("Usage: java org.greenstone.gsdl3.ModifyUsersDB <full_path_of_the_usersDB> <username> [-noAdd] [password=pwd] [groups=grp] [accounstatus=status] [comment=cmt] [email=address]"); 36 System.exit(0); 37 } 38 39 String usersDB = args[0]; 40 String username = args[1]; 41 42 String password = ""; 43 String groups = ""; 44 String accountstatus = "true"; 45 String comment = ""; 46 String email = ""; 47 48 boolean noAdd = false; 49 50 // If the user specifically sets any of the fields on the cmdline, they'll be overwritten in the db, 51 // even if the user had set them to empty. Except the password which must be between 3 and 8 characters. 52 for (int i = 2; i < args.length; i++) 53 { 54 if (args[i].startsWith("password=")) 55 { 56 password = args[i].substring("password=".length()); 57 58 if (password.length() < 3 || password.length() > 8) 59 { 60 if (!password.equals("")) 61 { 62 System.out.println("Password not updated. It should be between 3 and 8 characters (inclusive)."); 63 } 64 } 65 else 66 { 67 // Use the same encryption technique used by the Admin Authentication page 68 // This ensures that the password generated for a string remains consistent 69 //System.err.println("**** Password entered was: " + password); 70 password = Authentication.hashPassword(password); 71 } 72 73 } 74 else if (args[i].startsWith("groups=")) 75 { 76 groups = args[i].substring("groups=".length()); 77 } 78 else if (args[i].startsWith("accountstatus=")) 79 { 80 accountstatus = args[i].substring("accountstatus=".length()); 81 } 82 else if (args[i].startsWith("comment=")) 83 { 84 comment = args[i].substring("comment=".length()); 85 } 86 else if (args[i].startsWith("email=")) 87 { 88 email = args[i].substring("email=".length()); 89 } 90 else if (args[i].equals("-noAdd")) 91 { 92 noAdd = true; 93 } 94 } 95 96 // find the user to modify 97 DerbyWrapper dw = new DerbyWrapper(usersDB); 98 UserQueryResult findUserResult = dw.findUser(username); 99 100 if (findUserResult == null) 101 { 102 if (noAdd) 103 { 104 System.out.println("Failed to update user. Cannot find user " + username + " in " + usersDB + " database."); 105 } 106 else 107 { // add new user 108 //System.err.println("**** Trying to add user: "); 109 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email); 110 dw.addUser(username, password, groups, accountstatus, comment, email); 111 } 112 } 113 else 114 { // modify existing user data 115 116 // in case any of the other fields are not specified, get fallbacks from the database 117 UserTermInfo user = findUserResult.getUserTerms().get(0); 118 119 if (password.equals("")) 120 { 121 password = user.password; // already stored hashed-and-hexed in DB 122 } 123 if (groups.equals("")) 124 { 125 groups = user.groups; 126 } 127 if (accountstatus.equals("")) 128 { 129 accountstatus = user.accountstatus.equals("") ? "true" : user.accountstatus; 130 } 131 if (comment.equals("")) 132 { 133 comment = user.comment; 134 } 135 if (email.equals("")) 136 { 137 email = user.email; 138 } 139 140 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email); 141 dw.modifyUserInfo(username, password, groups, accountstatus, comment, email); // other than username and pwd, remaining fields are allowed to be "" 142 } 143 144 dw.closeDatabase(); 145 34 146 } 35 36 DerbyWrapper dw=new DerbyWrapper();37 38 String usersDB = args[0];39 String username = args[1];40 41 String password = "";42 String groups = "";43 String accountstatus = "true";44 String comment = "";45 String email = "";46 47 boolean noAdd = false;48 49 // If the user specifically sets any of the fields on the cmdline, they'll be overwritten in the db,50 // even if the user had set them to empty. Except the password which must be between 3 and 8 characters.51 for(int i = 2; i < args.length; i++) {52 if(args[i].startsWith("password=")) {53 password = args[i].substring("password=".length());54 55 if(password.length() < 3 || password.length() > 8) {56 if(!password.equals("")) {57 System.out.println("Password not updated. It should be between 3 and 8 characters (inclusive).");58 }59 } else {60 // Use the same encryption technique used by the Admin Authentication page61 // This ensures that the password generated for a string remains consistent62 //System.err.println("**** Password entered was: " + password);63 password = Authentication.hashPassword(password);64 }65 66 } else if(args[i].startsWith("groups=")) {67 groups = args[i].substring("groups=".length());68 } else if(args[i].startsWith("accountstatus=")) {69 accountstatus = args[i].substring("accountstatus=".length());70 } else if(args[i].startsWith("comment=")) {71 comment = args[i].substring("comment=".length());72 } else if(args[i].startsWith("email=")) {73 email = args[i].substring("email=".length());74 } else if(args[i].equals("-noAdd")) {75 noAdd = true;76 }77 }78 79 80 // find the user to modify81 dw.connectDatabase(usersDB,false);82 UserQueryResult findUserResult = dw.findUser(username);83 84 if(findUserResult == null) {85 if(noAdd) {86 System.out.println("Failed to update user. Cannot find user " + username + " in " + usersDB + " database.");87 } else { // add new user88 //System.err.println("**** Trying to add user: ");89 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email);90 dw.addUser(username, password, groups, accountstatus, comment, email);91 }92 }93 else { // modify existing user data94 95 // in case any of the other fields are not specified, get fallbacks from the database96 UserTermInfo user = findUserResult.getUserTerms().get(0);97 98 if(password.equals("")) {99 password = user.password; // already stored hashed-and-hexed in DB100 }101 if(groups.equals("")) {102 groups = user.groups;103 }104 if(accountstatus.equals("")) {105 accountstatus = user.accountstatus.equals("") ? "true" : user.accountstatus;106 }107 if(comment.equals("")) {108 comment = user.comment;109 }110 if(email.equals("")) {111 email = user.email;112 }113 114 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email);115 dw.modifyUserInfo(username, password, groups, accountstatus, comment, email); // other than username and pwd, remaining fields are allowed to be ""116 }117 118 dw.closeDatabase();119 120 }121 147 } -
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/util/txt2usersDB.java
r25338 r28202 27 27 import org.greenstone.gsdl3.service.Authentication; 28 28 29 public class txt2usersDB { 30 31 public static void main(String[] args) throws SQLException{ 32 boolean appending = false; 33 34 String usage = "Usage: java org.greenstone.gsdl3.txt2usersDB full_path_of_the_text_file full_path_of_the_usersDB [-append]"; 35 if (args.length < 2){ 36 System.out.println(usage); 37 System.exit(0); 29 public class txt2usersDB 30 { 31 32 public static void main(String[] args) throws SQLException 33 { 34 boolean appending = false; 35 36 String usage = "Usage: java org.greenstone.gsdl3.txt2usersDB full_path_of_the_text_file full_path_of_the_usersDB [-append]"; 37 if (args.length < 2) 38 { 39 System.out.println(usage); 40 System.exit(0); 41 } 42 File txtfile = new File(args[0]); 43 if (!txtfile.exists()) 44 { 45 System.out.println("File " + args[0] + " does not exist."); 46 System.out.println(usage); 47 System.exit(0); 48 } 49 50 try 51 { 52 BufferedReader in = new BufferedReader(new FileReader(args[0])); 53 String str; 54 DerbyWrapper dw = new DerbyWrapper(args[1]); 55 56 if (args.length > 2 && args[2].equals("-append")) 57 { 58 appending = true; 59 } 60 else 61 { 62 // no appending, replace existing database: the text file 63 // represents the new database, so delete the existing DB first 64 boolean delete_rows = dw.deleteAllUser(); 65 dw.closeDatabase(); 66 if (!delete_rows) 67 { 68 System.out.println("Couldn't delete rows of the users table"); 69 System.exit(0); 70 } 71 } 72 73 String username = null; 74 String password = null; 75 String groups = null; 76 String accountstatus = null; 77 String comment = null; 78 String email = null; 79 80 while ((str = in.readLine()) != null) 81 { 82 //ystem.out.println(str); 83 84 if (str.indexOf(" = ") != -1) 85 { // works with DerbyWrapper.db2txt() and usersDB2txt.java. Fields listed as: USERNAME = admin 86 String field = str.substring(0, str.indexOf(" = ")); 87 if (field.equalsIgnoreCase("email")) 88 { 89 email = str.substring(str.indexOf(" = ") + 3, str.length()); 90 } 91 if (field.equalsIgnoreCase("comment")) 92 { 93 comment = str.substring(str.indexOf(" = ") + 3, str.length()); 94 } 95 if (field.equalsIgnoreCase("status")) 96 { 97 accountstatus = str.substring(str.indexOf(" = ") + 3, str.length()); 98 } 99 if (field.equalsIgnoreCase("groups")) 100 { 101 groups = str.substring(str.indexOf(" = ") + 3, str.length()); 102 } 103 if (field.equalsIgnoreCase("password")) 104 { 105 //password=dw.rot13(str.substring(str.indexOf(">")+1,str.length())); 106 password = str.substring(str.indexOf(" = ") + 3, str.length()); 107 } 108 if (field.equalsIgnoreCase("username")) 109 { 110 username = str.substring(str.indexOf(" = ") + 3, str.length()); 111 } 112 } 113 else if (str.startsWith("<")) 114 { // fields listed as: <username>admin 115 String field = str.substring(1, str.indexOf(">")); 116 if (field.equals("email")) 117 { 118 email = str.substring(str.indexOf(">") + 1, str.length()); 119 } 120 if (field.equals("comment")) 121 { 122 comment = str.substring(str.indexOf(">") + 1, str.length()); 123 } 124 if (field.equals("enabled") || field.equals("status")) 125 { 126 accountstatus = str.substring(str.indexOf(">") + 1, str.length()); 127 } 128 if (field.equals("groups")) 129 { 130 groups = str.substring(str.indexOf(">") + 1, str.length()); 131 } 132 if (field.equals("password")) 133 { 134 password = str.substring(str.indexOf(">") + 1, str.length()); 135 } 136 if (field.equals("username")) 137 { 138 username = str.substring(str.indexOf(">") + 1, str.length()); 139 } 140 } 141 else if (str.equals("----------------------------------------------------------------------") || str.equals("-------------------------------------")) 142 { 143 144 if ((username != null) && (password != null) && (groups != null) && (accountstatus != null) && (comment != null)) 145 { 146 dw.connectDatabase(args[1], false); 147 148 // check if it's a new user or already exists in the database 149 UserQueryResult findUserResult = dw.findUser(username); 150 151 if (findUserResult == null) 152 { // add new user 153 if (password.length() >= 3 && password.length() <= 8) 154 { // if not yet encrypted, encrypt first 155 password = Authentication.hashPassword(password); 156 } // if > 8 chars, password for user being added was already encrypted (hashed-and-hexed) 157 dw.addUser(username, password, groups, accountstatus, comment, email); 158 } 159 160 else 161 { // modify existing user 162 // if any of the other fields are not specified, get them from the database 163 UserTermInfo user = findUserResult.getUserTerms().get(0); 164 165 if (password.length() < 3 || password.length() > 8) 166 { // includes empty string case 167 password = user.password; 168 } 169 else 170 { // need to first encrypt (hash-and-hex) the user-entered password 171 // Use the same encryption technique used by the Admin Authentication page 172 // This ensures that the password generated for a string remains consistent 173 password = Authentication.hashPassword(password); 174 } 175 groups = groups.equals("") ? user.groups : groups; 176 accountstatus = accountstatus.equals("") ? user.accountstatus : accountstatus; 177 comment = comment.equals("") ? user.comment : comment; 178 179 if (email == null) 180 { // special checking for backwards compatibility since old DB did not have email field 181 email = ""; 182 } 183 if (user.email == null) 184 { 185 user.email = ""; 186 } 187 if (email.equals("")) 188 { 189 email = user.email; 190 } 191 192 //System.err.println("**** Password: " + password); 193 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email); 194 dw.modifyUserInfo(username, password, groups, accountstatus, comment, email); 195 } 196 197 username = null; 198 password = null; 199 groups = null; 200 accountstatus = null; 201 comment = null; 202 email = null; 203 //dw.connectDatabase(args[1],false); // should this be closeDatabase()???? 204 dw.closeDatabase(); 205 } 206 } 207 208 // only true back when when hashed passwords weren't being converted to hex 209 //else { // encrypted passwords can span multiple lines for some reason 210 // assume that is the case here 211 //if(password != null) { 212 // password = password + "\n" + str; 213 // } 214 //} 215 216 } 217 //dw.closeDatabase(); 218 in.close(); 219 } 220 catch (IOException e) 221 { 222 } 38 223 } 39 File txtfile = new File(args[0]);40 if(!txtfile.exists()) {41 System.out.println("File " + args[0] + " does not exist.");42 System.out.println(usage);43 System.exit(0);44 }45 46 try {47 BufferedReader in = new BufferedReader(new FileReader(args[0]));48 String str;49 DerbyWrapper dw=new DerbyWrapper();50 dw.connectDatabase(args[1],false);51 52 if(args.length > 2 && args[2].equals("-append")) {53 appending = true;54 } else {55 // no appending, replace existing database: the text file56 // represents the new database, so delete the existing DB first57 boolean delete_rows = dw.deleteAllUser();58 dw.closeDatabase();59 if (!delete_rows){60 System.out.println("Couldn't delete rows of the users table");61 System.exit(0);62 }63 }64 65 String username=null;66 String password=null;67 String groups=null;68 String accountstatus=null;69 String comment=null;70 String email=null;71 72 while ((str = in.readLine()) != null) {73 //ystem.out.println(str);74 75 if(str.indexOf(" = ") != -1) { // works with DerbyWrapper.db2txt() and usersDB2txt.java. Fields listed as: USERNAME = admin76 String field=str.substring(0,str.indexOf(" = "));77 if (field.equalsIgnoreCase("email")){78 email=str.substring(str.indexOf(" = ")+3,str.length());79 }80 if (field.equalsIgnoreCase("comment")){81 comment=str.substring(str.indexOf(" = ")+3,str.length());82 }83 if (field.equalsIgnoreCase("status")){84 accountstatus=str.substring(str.indexOf(" = ")+3,str.length());85 }86 if (field.equalsIgnoreCase("groups")){87 groups=str.substring(str.indexOf(" = ")+3,str.length());88 }89 if (field.equalsIgnoreCase("password")){90 //password=dw.rot13(str.substring(str.indexOf(">")+1,str.length()));91 password=str.substring(str.indexOf(" = ")+3,str.length());92 }93 if (field.equalsIgnoreCase("username")){94 username=str.substring(str.indexOf(" = ")+3,str.length());95 }96 }97 else if (str.startsWith("<")){ // fields listed as: <username>admin98 String field=str.substring(1,str.indexOf(">"));99 if (field.equals("email")){100 email=str.substring(str.indexOf(">")+1,str.length());101 }102 if (field.equals("comment")){103 comment=str.substring(str.indexOf(">")+1,str.length());104 }105 if (field.equals("enabled") || field.equals("status")){106 accountstatus=str.substring(str.indexOf(">")+1,str.length());107 }108 if (field.equals("groups")){109 groups=str.substring(str.indexOf(">")+1,str.length());110 }111 if (field.equals("password")){112 password=str.substring(str.indexOf(">")+1,str.length());113 }114 if (field.equals("username")){115 username=str.substring(str.indexOf(">")+1,str.length());116 }117 }118 else if (str.equals("----------------------------------------------------------------------")119 || str.equals("-------------------------------------")) {120 121 if ((username!=null) && (password!=null) && (groups!=null) && (accountstatus!=null) && (comment!=null)) {122 dw.connectDatabase(args[1],false);123 124 // check if it's a new user or already exists in the database125 UserQueryResult findUserResult = dw.findUser(username);126 127 if(findUserResult == null) { // add new user128 if(password.length() >= 3 && password.length() <= 8) { // if not yet encrypted, encrypt first129 password = Authentication.hashPassword(password);130 } // if > 8 chars, password for user being added was already encrypted (hashed-and-hexed)131 dw.addUser(username, password, groups, accountstatus, comment, email);132 }133 134 else { // modify existing user135 // if any of the other fields are not specified, get them from the database136 UserTermInfo user = findUserResult.getUserTerms().get(0);137 138 if(password.length() < 3 || password.length() > 8) { // includes empty string case139 password = user.password;140 } else { // need to first encrypt (hash-and-hex) the user-entered password141 // Use the same encryption technique used by the Admin Authentication page142 // This ensures that the password generated for a string remains consistent143 password = Authentication.hashPassword(password);144 }145 groups = groups.equals("") ? user.groups : groups;146 accountstatus = accountstatus.equals("") ? user.accountstatus : accountstatus;147 comment = comment.equals("") ? user.comment : comment;148 149 if (email == null) { // special checking for backwards compatibility since old DB did not have email field150 email = "";151 }152 if(user.email == null) {153 user.email = "";154 }155 if(email.equals("")) {156 email = user.email;157 }158 159 //System.err.println("**** Password: " + password);160 //System.err.println("**** " + username + " " + password + " " + groups + " " + accountstatus + " " + comment + " " + email);161 dw.modifyUserInfo(username, password, groups, accountstatus, comment, email);162 }163 164 username=null;165 password=null;166 groups=null;167 accountstatus=null;168 comment=null;169 email=null;170 //dw.connectDatabase(args[1],false); // should this be closeDatabase()????171 dw.closeDatabase();172 }173 }174 175 // only true back when when hashed passwords weren't being converted to hex176 //else { // encrypted passwords can span multiple lines for some reason177 // assume that is the case here178 //if(password != null) {179 // password = password + "\n" + str;180 // }181 //}182 183 }184 //dw.closeDatabase();185 in.close();186 } catch (IOException e) {187 }188 }189 224 }
Note:
See TracChangeset
for help on using the changeset viewer.
