userDB.hasAdminrights to check adminRights.

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@1245 6c8d7289-2bf4-0310-a012-ef5d649a1542
19 years ago · 0f1212feb9
parent f1643228f5
commit 0f1212feb9
3 changed files with 24 additions and 17 deletions
--- a/htroot/IndexMonitor.java
+++ b/htroot/IndexMonitor.java
@ -43,10 +43,8 @@
 // javac -classpath .:../Classes Settings_p.java
 // if the shell's current path is HTROOT

-import de.anomic.data.userDB;
 import de.anomic.http.httpHeader;
 import de.anomic.plasma.plasmaSwitchboard;
-import de.anomic.server.serverCodings;
 import de.anomic.server.serverObjects;
 import de.anomic.server.serverSwitch;

@ -81,15 +79,11 @@ public class IndexMonitor {
            (post.containsKey("clearlist")) ||
            (post.containsKey("deleteentry"))) {
            String authorization = ((String) header.get("Authorization", "xxxxxx")).trim().substring(6);
-            userDB.Entry entry = switchboard.userDB.proxyAuth(authorization);
            if (authorization.length() == 0) {
                // force log-in
                prop.put("AUTHENTICATE", "admin log-in");
                return prop;
-            }
-            String adminAccountBase64MD5 = switchboard.getConfig("adminAccountBase64MD5", "");
-            boolean authenticated = (adminAccountBase64MD5.equals(serverCodings.encodeMD5Hex(authorization)));
-            if (!authenticated && !entry.hasAdminRight()) {
+            }else if (switchboard.userDB.hasAdminRight(authorization)) {
                // force log-in (again, because wrong password was given)
                prop.put("AUTHENTICATE", "admin log-in");
                return prop;
--- a/source/de/anomic/data/userDB.java
+++ b/source/de/anomic/data/userDB.java
@ -47,17 +47,17 @@ package de.anomic.data;

 import java.io.File;
 import java.io.IOException;
+import java.util.Calendar;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Iterator;
 import java.util.Map;
-import java.util.Date;
-import java.util.Calendar;
-import java.lang.NumberFormatException;

 import de.anomic.kelondro.kelondroDyn;
 import de.anomic.kelondro.kelondroException;
 import de.anomic.kelondro.kelondroMap;
+import de.anomic.plasma.plasmaSwitchboard;
 import de.anomic.server.serverCodings;

 public final class userDB {
@ -184,6 +184,22 @@ public final class userDB {
 		}
 		return null;
 	}
+    /*
+     * determinate, if a user has Adminrights from a authorisation http-headerfield
+     * it tests both userDB and oldstyle adminpw.
+     * @param auth the http-headerline for authorisation
+     */
+    public boolean hasAdminRight(String auth){
+        plasmaSwitchboard sb=plasmaSwitchboard.getSwitchboard();
+        String adminAccountBase64MD5 = sb.getConfig("adminAccountBase64MD5", "");
+        userDB.Entry entry = sb.userDB.proxyAuth(auth);
+        if (adminAccountBase64MD5.equals(serverCodings.encodeMD5Hex(auth.trim().substring(6)))) {
+            return true;
+        } else if(entry != null && entry.hasAdminRight()){
+            return true;
+        }
+        return false;
+    }
 	/*
 	 * use a ProxyAuth String to authenticate a user and save the ip/username for ipAuth
 	 * @param auth a base64 Encoded String, which contains "username:pw".
--- a/source/de/anomic/http/httpdFileHandler.java
+++ b/source/de/anomic/http/httpdFileHandler.java
@ -96,10 +96,11 @@ import java.util.Properties;
 import java.util.logging.Level;
 import java.util.zip.GZIPInputStream;
 import java.util.zip.GZIPOutputStream;
+
 import javax.imageio.ImageIO;

-import de.anomic.plasma.plasmaSwitchboard;
 import de.anomic.plasma.plasmaParser;
+import de.anomic.plasma.plasmaSwitchboard;
 import de.anomic.server.serverByteBuffer;
 import de.anomic.server.serverClassLoader;
 import de.anomic.server.serverCodings;
@ -108,10 +109,9 @@ import de.anomic.server.serverFileUtils;
 import de.anomic.server.serverObjects;
 import de.anomic.server.serverSwitch;
 import de.anomic.server.logging.serverLog;
-import de.anomic.data.userDB;
-import de.anomic.ymage.ymagePainter;
 import de.anomic.ymage.ymageMatrixPainter;
 import de.anomic.ymage.ymagePNGEncoderAWT;
+import de.anomic.ymage.ymagePainter;

 public final class httpdFileHandler extends httpdAbstractHandler implements httpdHandler {
    
@ -313,12 +313,9 @@ public final class httpdFileHandler extends httpdAbstractHandler implements http
            }
            
            // authorization is given
-            userDB.Entry entry = sb.userDB.proxyAuth(authorization);
-            if (adminAccountBase64MD5.equals(serverCodings.encodeMD5Hex(authorization.trim().substring(6)))) {
+            if (sb.userDB.hasAdminRight(authorization)) {
                // Authentication successfull. remove brute-force flag
                serverCore.bfHost.remove(conProp.getProperty("CLIENTIP"));
-            } else if(entry != null && entry.hasAdminRight()){
-                serverCore.bfHost.remove(conProp.getProperty("CLIENTIP"));
            } else {
                // a wrong authentication was given. Ask again
                String clientIP = conProp.getProperty("CLIENTIP", "unknown-host");