Changeset 4974
- Timestamp:
- 2003-07-18T10:02:55+12:00 (21 years ago)
- Location:
- trunk/gsdl/src
- Files:
-
- 6 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/gsdl/src/colservr/collectserver.cpp
r4774 r4974 99 99 collectinfo.searchTypes = cfgline; 100 100 } 101 102 // What have we set in our collect.cfg file : document or collection ? 103 else if (key == "auth_collection") collectinfo.auth_collection = value; 104 105 // What have we set for our group list 106 else if (key == "auth_group") 107 { 108 // use the joinchar helper function from 109 // text_t.h, it takes in the whole cfgline 110 // array and a separator aka a comma in our 111 // case and returns a sting separated by a 112 // comma like this: 113 // 114 // Rene,Kolla,Crystal,Stefan,Aly,Ian 115 116 joinchar(cfgline,',',collectinfo.auth_group); 117 // outconvertclass t; 118 //cerr << t << collectinfo.auth_group << "\n"; 119 } 120 121 // Have we set our security switch for use of acl to ON ? 122 123 else if (key == "allow_acls") 124 { 125 if(value=="true") 126 collectinfo.allow_acls = true; 127 else 128 collectinfo.allow_acls = false; 129 } 130 131 // In the map the key-value pair contain the same 132 // data 133 134 // What have we set for our allowallexcept ACL 135 else if (key == "allowallexcept") 136 { 137 text_tarray::const_iterator begin = cfgline.begin(); 138 text_tarray::const_iterator end = cfgline.end(); 139 while(begin != end) 140 { 141 collectinfo.allowallexcept[*begin] = *begin; 142 begin++; 143 } 144 } 145 146 // What have we set for our group list 147 else if (key == "denyallexcept") 148 { 149 text_tarray::const_iterator begin = cfgline.begin(); 150 text_tarray::const_iterator end = cfgline.end(); 151 while(begin != end) 152 { 153 collectinfo.denyallexcept[*begin] = *begin; 154 begin++; 155 } 156 } 101 157 } 102 158 -
trunk/gsdl/src/recpt/authenaction.cpp
r3546 r4974 200 200 if (thisuser.enabled) { 201 201 bool haspermission = true; 202 202 203 // check to make sure the user is in the required group 204 // one group is available only at the moment. 205 // this is what we are changing ! 206 203 207 if (!args_ug.empty()) { 204 haspermission = false; 205 text_t::const_iterator group_here = thisuser.groups.begin(); 206 text_t::const_iterator group_end = thisuser.groups.end(); 207 text_t thisgroup; 208 209 // Since we recieve a comma seperated list 210 // of groups like mygroup,yourgroup,ourgroup 211 // we want to split them into individual groups 212 // and examine them. This is what is done here. 213 214 text_tset splitgrps; 215 text_t::const_iterator split_here = args_ug.begin(); 216 text_t::const_iterator split_end = args_ug.end(); 217 218 splitchar(split_here,split_end,',',splitgrps); 219 220 haspermission = false; 221 222 // This examines the current user to be authenticated and 223 // tries to see if he or she is in the group that we have in 224 // thisuser structure. We compare args_ua contents with that 225 // of the user database. 226 227 text_t::const_iterator group_here = thisuser.groups.begin(); 228 text_t::const_iterator group_end = thisuser.groups.end(); 229 text_t thisgroup; 208 230 while (group_here != group_end) { 209 group_here = getdelimitstr (group_here, group_end, ',', thisgroup); 210 if (thisgroup == args_ug) { 211 haspermission = true; 212 break; 213 } 231 group_here = getdelimitstr (group_here, group_end, ',', thisgroup); 232 if (splitgrps.find(thisgroup) != splitgrps.end() ) 233 { 234 haspermission = true; 235 break; 236 } 214 237 } 215 238 } 216 239 217 240 if (haspermission) { 218 // succeeded, get info about this user219 // note: we don't need to set "ug" as it is already set to what it needs to be220 args_us = "enabled";241 // succeeded, get info about this user 242 // note: we don't need to set "ug" as it is already set to what it needs to be 243 args_us = "enabled"; 221 244 args_ky = generate_key (keyfile, args_un); // new key 222 245 223 246 // delete old keys around every 50 accesses 224 247 if (rand()%50 == 1) remove_old_keys (keyfile, keydecay); … … 226 249 } else { 227 250 // succeeded, however, the user is not in the correct group 228 args_ua.clear();229 args_us = "permissiondenied";230 args_ky.clear();251 args_ua.clear(); 252 args_us = "permissiondenied"; 253 args_ky.clear(); 231 254 } 232 255 233 256 } else { 234 // succeeded, however, the account is disabled257 // succeeded, however, the account is disabled 235 258 args_ua.clear(); 236 259 args_us = "disabled"; -
trunk/gsdl/src/recpt/comtypes.cpp
r4753 r4974 44 44 } 45 45 46 /* isPublic now defaults to true */ 46 /* 47 isPublic now defaults to true most values are default 48 similar to a constructor in a class to make some initializations 49 */ 50 47 51 void ColInfoResponse_t::clear () { 48 52 shortInfo.clear(); … … 63 67 httpprefix.clear(); 64 68 receptionist.clear(); 69 auth_collection.clear(); // turned off by default 70 auth_group.clear(); // turned off by default 71 allow_acls= false; // turned off by default 72 allowallexcept.clear(); // turned off by default 73 denyallexcept.clear(); // turned off by default 74 65 75 } 66 76 -
trunk/gsdl/src/recpt/comtypes.h
r4753 r4974 84 84 // } 85 85 struct ColInfoResponse_t { 86 void clear (); 87 ColInfoResponse_t () {clear();} 88 89 ShortColInfo_t shortInfo; 90 bool isPublic; 91 bool isBeta; 92 unsigned long buildDate; 93 text_tarray ccsCols; // empty if collection does not use cross-collection searching 94 text_tarray languages; 95 unsigned long numDocs; // 0 if not known 96 unsigned long numSections; // 0 if not known 97 unsigned long numWords; // 0 if not known 98 unsigned long numBytes; // 0 if not known 99 text_tmap collectionmeta; 100 text_tmap format; 101 text_tmap building; 102 text_t httpdomain; // GRB: could these two http items need removing 103 text_t httpprefix; 104 text_t receptionist; 105 text_t buildType; // 'mg' or 'mgpp' 106 text_tarray searchTypes; // form, plain, empty if collection uses mg, or has no searching facility 86 void clear (); 87 ColInfoResponse_t () {clear();} 88 89 ShortColInfo_t shortInfo; 90 bool isPublic; 91 bool isBeta; 92 unsigned long buildDate; 93 text_tarray ccsCols; // empty if collection does not use cross-collection searching 94 text_tarray languages; 95 unsigned long numDocs; // 0 if not known 96 unsigned long numSections; // 0 if not known 97 unsigned long numWords; // 0 if not known 98 unsigned long numBytes; // 0 if not known 99 text_tmap collectionmeta; 100 text_tmap format; 101 text_tmap building; 102 text_t httpdomain; // GRB: could these two http items need removing 103 text_t httpprefix; 104 text_t receptionist; 105 text_t buildType; // 'mg' or 'mgpp' 106 text_t auth_collection; // 'document' or 'collection' 107 text_t auth_group; // 'mygroup' 'yourgroup' 108 bool allow_acls; // to make sure that the user wants to use this ACL feature 109 text_tmap allowallexcept; // the acl to allow stuff or deny things 110 text_tmap denyallexcept; // the opposite of the one above 111 text_tarray searchTypes; // form, plain, empty if collection uses mg, or has no searching facility 107 112 }; 108 113 -
trunk/gsdl/src/recpt/documentaction.cpp
r4972 r4974 166 166 167 167 bool documentaction::check_cgiargs (cgiargsinfoclass &argsinfo, cgiargsclass &args, 168 recptprotolistclass * /*protos*/, ostream &logout) { 169 170 // check gc argument 171 int arg_gc = args.getintarg("gc"); 168 recptprotolistclass *protos, ostream &logout) { 169 170 if(!args["d"].empty()) 171 { 172 recptproto* collectproto = protos->getrecptproto (args["c"], logout); 173 if (collectproto != NULL) 174 { 175 ColInfoResponse_t *cinfo = recpt->get_collectinfo_ptr (collectproto, args["c"], logout); 176 177 if(cinfo->auth_collection == "document" && cinfo->allow_acls) 178 { 179 // both are either commented out or uncomment and are empty 180 if (cinfo->allowallexcept.empty() && cinfo->denyallexcept.empty()) 181 { 182 //deny everything 183 args["uan"] = "1"; 184 args["ug"] = cinfo->auth_group; 185 } 186 187 // both allowallexcept and denyallexcept are turned on ! 188 else if (!cinfo->allowallexcept.empty() && !cinfo->denyallexcept.empty()) 189 { 190 //deny everything 191 args["uan"] = "1"; 192 args["ug"] = cinfo->auth_group; 193 } 194 195 // only allowallexcept is set, so ask to authenticate for that article/doc 196 else if (cinfo->allowallexcept.find(args["d"]) != cinfo->allowallexcept.end() ) 197 { 198 199 args["uan"] = "1"; 200 args["ug"] = cinfo->auth_group; 201 } 202 203 // only denyallexcept is set, so ask to authenticate for that article/doc 204 else if (cinfo->denyallexcept.find(args["d"]) == cinfo->denyallexcept.end() ) 205 { 206 args["uan"] = "1"; 207 args["ug"] = cinfo->auth_group; 208 } 209 210 } 211 } 212 } 213 // check gc argument 214 int arg_gc = args.getintarg("gc"); 172 215 if (arg_gc < 0 || arg_gc > 2) { 173 216 logout << "Warning: \"gc\" argument out of range (" << arg_gc << ")\n"; -
trunk/gsdl/src/recpt/receptionist.cpp
r4905 r4974 1078 1078 // error is found it will return false and no cgi page should 1079 1079 // be created using the arguments. 1080 1080 1081 bool receptionist::check_mainargs (cgiargsclass &args, ostream &logout) { 1081 1082 // if this receptionist is running in collection dependant mode … … 1099 1100 } else { 1100 1101 1101 ColInfoResponse_t *cinfo = get_collectinfo_ptr (collectproto, arg_c, logout); 1102 1102 ColInfoResponse_t *cinfo = get_collectinfo_ptr (collectproto, arg_c, logout); 1103 1104 if(cinfo->auth_collection == "collection") 1105 { 1106 args["uan"] = "1"; 1107 args["ug"] = cinfo->auth_group; 1108 } 1109 1110 1103 1111 if (cinfo != NULL) { 1104 1112 if (!cinfo->ccsCols.empty()) {
Note:
See TracChangeset
for help on using the changeset viewer.