Changeset 33347 for main/trunk/greenstone3

Timestamp:

2019-07-23T13:45:16+12:00 (5 years ago)

Author:

kjdon

Message:

made it optional whether the user gets shown the terms and conditions (verify) every time, or just once. In collectionConfig.xml, in security element, set humanVerify=once to make it show the verify page only once (per session), otherwise set to 'true' or 'always', which will show the page everytime.

Location:

main/trunk/greenstone3/src/java/org/greenstone/gsdl3

Files:

• collection/Collection.java (modified) (3 diffs)
• core/URLFilter.java (modified) (4 diffs)

main/trunk/greenstone3/src/java/org/greenstone/gsdl3/collection/Collection.java

@@ -81 +81 @@
     /** Stores the scope of any security rules (either collection or document) */
     protected boolean _securityScopeCollection = true;
-        protected boolean _humanVerify = false;
+        protected String _humanVerify = null;
         protected boolean _useRecaptcha = false; // for human verify
         protected String _siteKey = null; // for recaptcha
@@ -340 +340 @@
 
         String humanVerify = securityBlock.getAttribute(GSXML.VERIFY_ATT);
-        if (humanVerify.equals("true")) {
-          _humanVerify = true;
+        if (!humanVerify.equals("") && !humanVerify.equals("false")) {
+          _humanVerify = humanVerify;
         }
 
@@ -519 +519 @@
         response.setAttribute(GSXML.TYPE_ATT, GSXML.REQUEST_TYPE_SECURITY);
 
-        if (_humanVerify) {
-          response.setAttribute("humanVerify", "true");
+        if (_humanVerify != null) {
+          response.setAttribute("humanVerify", _humanVerify);
           if (_useRecaptcha) {
             response.setAttribute("siteKey", _siteKey);

main/trunk/greenstone3/src/java/org/greenstone/gsdl3/core/URLFilter.java

@@ -534 +534 @@
     // if got here have no groups that we need to belong to
     // do we have human verify thing?
-    if (verifiable_file && !securityResponse.getAttribute(GSXML.VERIFY_ATT).equals("") ) {
+    if (verifiable_file) {
+      String verify = securityResponse.getAttribute(GSXML.VERIFY_ATT);
+      if (!verify.equals("")) {
       // we are asking for the main document, and we have been asked to verify the user 
       logger.error("KATH verifiable file is true");
-      
+
       // have we done the test previously?
       boolean already_verified = false;
       String hmvf_response = request.getParameter(GSParams.VERIFIED);
       if (hmvf_response != null && hmvf_response.equals("0")) {
-        // force the t&c
-      } else {
+        // manually force the t&c (user has added hmvf=0 to url)
+      } else if (verify.equals("once")) {
+        // lets check whether they have done it already
+
         if (verifiedUserMap == null) {
           // we haven't done this at all, set up the map
@@ -555 +559 @@
         }
         logger.error("KATH already verified = "+already_verified);
-          
-        if (!already_verified) {
+      }
+      
+      if (!already_verified) {
           // have we just  done the test?
           //String hmvf_response = request.getParameter(GSParams.VERIFIED);
@@ -585 +590 @@
         }
         already_verified = true;
-        // store the fact that user has verified
-        UserTimer timer = new UserTimer(verifiedUserTimeout, session_id);
-        verifiedUserMap.put(session_id, timer);
-        timer.start();
-        
+        if (verify.equals("once")) {
+          // store the fact that user has verified
+          UserTimer timer = new UserTimer(verifiedUserTimeout, session_id);
+          verifiedUserMap.put(session_id, timer);
+          timer.start();
+        }
           } // hmvf = 1
-        }
-      }
+      }
+      
       if (!already_verified) {
         // hmvf param is not set - we haven't shown them the form yet
@@ -603 +609 @@
         return;
       }
-    } // end if verifiable file && need to verify
+      } // end verify is set
+    }// end if verifiable file