fixed apicall call method parameters

and verification in transaction manager
which did not have and exception for localhost/basic authentication

bin/clearall.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 cd "`dirname $0`"
-./apicall.sh "IndexControlURLs_p.html" "deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=on" > /dev/null
+./apicall.sh "IndexControlURLs_p.html?deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=on" > /dev/null

bin/clearcache.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 cd "`dirname $0`"
-./apicall.sh "IndexControlURLs_p.html" "deleteIndex=off&deleteSolr=off&deleteCache=on&deleteCrawlQueues=off&deleteRobots=on&deleteSearchFl=on&deletecomplete=" > /dev/null
+./apicall.sh "IndexControlURLs_p.html?deleteIndex=off&deleteSolr=off&deleteCache=on&deleteCrawlQueues=off&deleteRobots=on&deleteSearchFl=on&deletecomplete=" > /dev/null

bin/clearindex.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 cd "`dirname $0`"
-./apicall.sh "IndexControlURLs_p.html" "deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=off" > /dev/null
+./apicall.sh "IndexControlURLs_p.html?deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=off" > /dev/null

bin/deleteurl.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 cd "`dirname $0`"
-./apicall.sh "IndexControlURLs_p.html" "urlhashdeleteall=&urlstring=$1" > /dev/null
+./apicall.sh "IndexControlURLs_p.html?urlhashdeleteall=&urlstring=$1" > /dev/null

bin/importmediawiki.sh

@@ -1,3 +1,3 @@
 #!/usr/bin/env sh
 cd "`dirname $0`"
-./apicall.sh "IndexImportMediawiki_p.html" "file=$1" > /dev/null
+./apicall.sh "IndexImportMediawiki_p.html?file=$1" > /dev/null

bin/passwd.sh

@@ -38,7 +38,7 @@ if [ -f "$YACY_DATA_PATH/yacy.running" ]; then
 	echo "YaCy server appears to be running. Calling the ConfigAccounts_p API..." 
 	# When the server is running we can not directly modify the yacy.conf file so we use the ConfigAccounts_p API.
 	# Otherwise the new password provided here could be overwritten by the server when it saves its in-memory configuration to the yacy.conf file 
-	(./apicall.sh "ConfigAccounts_p.html" "setAdmin=&adminuser=$YACY_ADMIN_USER_NAME&adminpw1=$YACY_ADMIN_PASSWORD&adminpw2=$YACY_ADMIN_PASSWORD&access=" && \
+	(./apicall.sh "ConfigAccounts_p.html?setAdmin=&adminuser=$YACY_ADMIN_USER_NAME&adminpw1=$YACY_ADMIN_PASSWORD&adminpw2=$YACY_ADMIN_PASSWORD&access=" > /dev/null && \
 	echo "Password successfully changed for User Name '$YACY_ADMIN_USER_NAME'.") || \
 	(echo "Password setting failed." && exit 1)
 else

source/net/yacy/data/TransactionManager.java

@@ -61,7 +61,7 @@ public class TransactionManager {
 	 * @throws NullPointerException
 	 *             when header parameter is null.
 	 */
-    private static String getCurrentUserName(final RequestHeader header) {
+    private static String getUserName(final RequestHeader header) {
         String userName = header.getRemoteUser();
         
 		if (userName == null && header.accessFromLocalhost() && Switchboard.getSwitchboard() != null) {
@@ -124,7 +124,7 @@ public class TransactionManager {
         }
         
         /* Check this comes from an authenticated user */
-        final String userName = getCurrentUserName(header);
+        final String userName = getUserName(header);
 		if (userName == null) {
 			throw new IllegalArgumentException("User is not authenticated");
 		}
@@ -152,23 +152,24 @@ public class TransactionManager {
      * @throws BadTransactionException when a condition for valid transaction is not met.
      */
 	public static void checkPostTransaction(final RequestHeader header, final serverObjects post) {
-        if (header == null || post == null) {
-        	throw new IllegalArgumentException("Missing required parameters.");
-        }
+        if (header == null)
+            throw new IllegalArgumentException("Missing required header parameters.");
+        
+        if (header.accessFromLocalhost()) return; // this is one exception that we accept if basc authentication is gven
         
-		if(!HeaderFramework.METHOD_POST.equals(header.getMethod())) {
+        if (post == null) // non-local requests must use POST parameters
+            throw new IllegalArgumentException("Missing required post parameters.");
+        
+		if (!HeaderFramework.METHOD_POST.equals(header.getMethod())) // non-local users must use POST protocol
 			throw new DisallowedMethodException("HTTP POST method is the only one authorized.");
-		}
 		
-        String userName = getCurrentUserName(header);
-		if (userName == null) {
+        String userName = getUserName(header);
+		if (userName == null)
 			throw new BadTransactionException("User is not authenticated.");
-		}
 		
 		final String transactionToken = post.get(TRANSACTION_TOKEN_PARAM);
-		if(transactionToken == null) {
+		if (transactionToken == null)
 			throw new TemplateMissingParameterException("Missing transaction token.");
-		}
 		
 		final String token = new HmacUtils(HmacAlgorithms.HMAC_SHA_1, SIGNING_KEY)
 				.hmacHex(TOKEN_SEED + userName + header.getPathInfo());

stopYACY.sh

@@ -20,7 +20,7 @@ if [ ! -f "$YACY_DATA_PATH/yacy.running" ]; then
 	exit 1
 fi
 
-(bin/apicall.sh "Steering.html" "shutdown=true" && \
+(bin/apicall.sh "Steering.html?shutdown=true" > /dev/null && \
 echo "Please wait until the YaCy daemon process terminates [wget]" && \
 echo "You can monitor this with 'tail -f $YACY_DATA_PATH/LOG/yacy00.log' and 'fuser $YACY_DATA_PATH/LOG/yacy00.log'") || \
 exit $?

updateYACY.sh

@@ -3,7 +3,7 @@ cd `dirname $0`
 
 if [ -x `which wget` ]
 then
-	bin/apicall.sh "ConfigUpdate_p.html?autoUpdate="
+	bin/apicall.sh "ConfigUpdate_p.html?autoUpdate=" > /dev/null
 
 elif [ -x `which java` ]
 then