Changeset 37236 for main

Timestamp:

2023-02-01T16:38:58+13:00 (15 months ago)

Author:

kjdon

Message:

first stab at doing some authentication in webswing gli. firstly, library_url must be passed in as an arg. we prompt for a username and password very early on. If no collection editing groups, or invalid user, then the gli won't start. open collection dialog only shows collections that the user has permission for

Location:

main/trunk/gli/src/org/greenstone/gatherer

Files:

• Gatherer.java (modified) (3 diffs)
• gui/OpenCollectionDialog.java (modified) (2 diffs)

main/trunk/gli/src/org/greenstone/gatherer/Gatherer.java

@@ -92 +92 @@
     static private Dimension size = new Dimension(800, 540);
     static public RemoteGreenstoneServer remoteGreenstoneServer = null;
+    static public WebswingAuthenticator webswingAuthenticator = null;
+    
 
     /** Has the exit flag been set? */
@@ -273 +275 @@
     {
     
-
+        if (isWebswing) {
+        // library_url must be defined in the options
+        if (library_url_string == null) {
+            System.err.println("Please set library_url option as a webswing option");
+            System.exit(0);
+        }
+        // we need to authenticate the user
+        webswingAuthenticator = new WebswingAuthenticator();
+        if (!webswingAuthenticator.authenticate(library_url_string)) {
+            System.err.println("authentication error");
+            System.exit(0);
+        }
+        }
         // Create the debug stream if required
         if (debug_enabled) {
@@ -1947 +1961 @@
     }
     
+
+    static public class WebswingAuthenticator
+        extends GAuthenticator
+    {
+        static protected String username;
+        static protected HashSet<String> groups;
+
+        public boolean authenticate(String library_url_string) {
+        PasswordAuthentication pa = getPasswordAuthentication();
+        if (pa == null) {
+            // user cancelled - how do we show error?
+            System.err.println("Authentication cancelled. You cannot access webswing gli without Greenstone user account");
+            return false;
+
+        }
+        username = pa.getUserName();
+        
+        String password = new String(pa.getPassword());
+        String result;
+        try {
+            String new_url = library_url_string+"?a=s&sa=authenticated-ping&excerptid=gs_content&un="+username+"&pw="+password;
+            URL authenticationURL = new URL(new_url);
+            HttpURLConnection conn = (HttpURLConnection)authenticationURL.openConnection();     
+            BufferedReader reader = new BufferedReader(new InputStreamReader(conn.getInputStream()));
+            result = "";
+            String line = null;
+            
+            while((line = reader.readLine()) != null) {
+            result += line;
+            }
+        } catch (Exception e) {
+            System.err.println("There was an exception "+e.getMessage());
+            return false;
+        }
+        // Parse out the content nested inside <div ... id="gs_content"> </div>
+        int start = result.indexOf("id=\"gs_content\"");
+        if(start != -1) {
+            start = result.indexOf(">", start);
+            int end = result.indexOf("<", start);
+            result = result.substring(start+1, end);
+            result = result.trim();
+        }       
+        if (result.startsWith("Authentication failed:")) {
+            System.err.println("Authentication Error: "+result);
+            return false;
+        }
+        groups = new HashSet<String>();
+        String[] contents = result.split(",");
+        for (int i=0; i<contents.length; i++) {
+            String g = contents[i];
+            if (g.equals("all-collections-editor") || g.equals("personal-collections-editor") || g.endsWith("-collection-editor")) {
+            groups.add(g);
+            }
+        }
+        if (groups.size()==0) {
+            return false; // user has no editing priveleges
+        }
+        return true;
+        }
+        
+        public boolean canEditCollection(String collection) {
+        if (groups.contains("all-collections-editor")) {
+            return true;
+        }
+        if (groups.contains("personal-collections-editor") && collection.startsWith(username+"-")) {
+            return true;
+        }
+        if (groups.contains(collection+"-collection-editor")) {
+            return true;
+        }
+        return false;
+        }
+        
+        
+        
+        public PasswordAuthentication getAuthentication(String username, String password)
+        {
+        return getPasswordAuthentication(username,password);
+        }
+
+        public PasswordAuthentication getAuthentication()
+        {
+        return getPasswordAuthentication();
+        }
+
+        
+        protected String getMessageString()
+        {
+        return Dictionary.get("RemoteGreenstoneServer.Authentication_Message");
+        }
+
+        
+    }
+
+    
 }

main/trunk/gli/src/org/greenstone/gatherer/gui/OpenCollectionDialog.java

@@ -324 +324 @@
 
         if(collection_folder.isDirectory() && !collection_foldername.equals(StaticStrings.MODEL_COLLECTION_NAME)) {
+            
             // this 'file_name' has already been prefixed by 'etc'
             String file_name;
@@ -345 +346 @@
             else {
               // add this collection. We want to allow non gli collections, so add anything that has a config file.
-              data.add(collection_configuration);
+                // webswing - check whether we are allowed to edit this coll
+                if (Gatherer.isWebswing) {
+                if (Gatherer.webswingAuthenticator.canEditCollection(collection_foldername)) {
+                    data.add(collection_configuration);
+                }
+                }
+                else {
+                data.add(collection_configuration);
+                }
             }
             }