|
|
|
@ -70,6 +70,7 @@ import de.anomic.server.serverSwitch;
|
|
|
|
import de.anomic.server.logging.serverLog;
|
|
|
|
import de.anomic.server.logging.serverLog;
|
|
|
|
import de.anomic.yacy.yacyCore;
|
|
|
|
import de.anomic.yacy.yacyCore;
|
|
|
|
import de.anomic.yacy.yacySeed;
|
|
|
|
import de.anomic.yacy.yacySeed;
|
|
|
|
|
|
|
|
import de.anomic.data.userDB;
|
|
|
|
|
|
|
|
|
|
|
|
public class dir {
|
|
|
|
public class dir {
|
|
|
|
|
|
|
|
|
|
|
|
@ -112,15 +113,20 @@ public class dir {
|
|
|
|
final String downloadAccountBase64MD5 = switchboard.getConfig("downloadAccountBase64MD5", "");
|
|
|
|
final String downloadAccountBase64MD5 = switchboard.getConfig("downloadAccountBase64MD5", "");
|
|
|
|
|
|
|
|
|
|
|
|
final String logoutAccountBase64MD5 = de.anomic.server.serverCodings.encodeMD5Hex(serverCodings.standardCoder.encodeBase64String(":"));
|
|
|
|
final String logoutAccountBase64MD5 = de.anomic.server.serverCodings.encodeMD5Hex(serverCodings.standardCoder.encodeBase64String(":"));
|
|
|
|
final String authorizationMD5 = de.anomic.server.serverCodings.encodeMD5Hex(((String) header.get("Authorization", "xxxxxx")).trim().substring(6));
|
|
|
|
|
|
|
|
// if (logoutAccountBase64.equals(authorization))
|
|
|
|
userDB.Entry entry = switchboard.userDB.proxyAuth((String)header.get("Authorization", "xxxxxx"));
|
|
|
|
final boolean adminAuthorization = (adminAccountBase64MD5.length() != 0 &&
|
|
|
|
boolean adminAuthorization, downloadAuthorization, uploadAuthorization;
|
|
|
|
adminAccountBase64MD5.equals(authorizationMD5));
|
|
|
|
if(entry == null){
|
|
|
|
final boolean uploadAuthorization = (adminAuthorization ||(uploadAccountBase64MD5.length() != 0 &&
|
|
|
|
final String authorizationMD5 = de.anomic.server.serverCodings.encodeMD5Hex(((String) header.get("Authorization", "xxxxxx")).trim().substring(6));
|
|
|
|
uploadAccountBase64MD5.equals(authorizationMD5)));
|
|
|
|
// if (logoutAccountBase64.equals(authorization))
|
|
|
|
final boolean downloadAuthorization = (adminAuthorization || uploadAuthorization ||
|
|
|
|
adminAuthorization = (adminAccountBase64MD5.length() != 0 && adminAccountBase64MD5.equals(authorizationMD5));
|
|
|
|
downloadAccountBase64MD5.length() == 0 ||
|
|
|
|
uploadAuthorization = (adminAuthorization ||(uploadAccountBase64MD5.length() != 0 && uploadAccountBase64MD5.equals(authorizationMD5)));
|
|
|
|
downloadAccountBase64MD5.equals(authorizationMD5));
|
|
|
|
downloadAuthorization = (adminAuthorization || uploadAuthorization || downloadAccountBase64MD5.length() == 0 || downloadAccountBase64MD5.equals(authorizationMD5));
|
|
|
|
|
|
|
|
}else{ //userDB
|
|
|
|
|
|
|
|
adminAuthorization=entry.hasAdminRight();
|
|
|
|
|
|
|
|
uploadAuthorization=entry.hasUploadRight();
|
|
|
|
|
|
|
|
downloadAuthorization=entry.hasDownloadRight();
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// do authentitcate processes by triggering the http authenticate method
|
|
|
|
// do authentitcate processes by triggering the http authenticate method
|
|
|
|
if (action.equals("authenticateAdmin") && !adminAuthorization) {
|
|
|
|
if (action.equals("authenticateAdmin") && !adminAuthorization) {
|
|
|
|
|
allo
20 years ago