From 4e2bc644cb66d9c1ce3b2a258848d3e9b87f5c76 Mon Sep 17 00:00:00 2001 From: luccioman Date: Mon, 23 Jan 2017 14:49:02 +0100 Subject: [PATCH] Display Index Browser links requiring auth only when authenticated. In the /HostBrowser.html page "only hosts with urls pending in the crawler", "only with load errors" and "Administration Options" all require administration credentials. But they were displayed even to unauthenticated users, and clicking them did nothing and returned the /HostBrowser.html page empty. --- htroot/HostBrowser.html | 6 +++++- htroot/HostBrowser.java | 8 +++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/htroot/HostBrowser.html b/htroot/HostBrowser.html index 5a56c69c2..489f4dfb7 100644 --- a/htroot/HostBrowser.html +++ b/htroot/HostBrowser.html @@ -77,7 +77,7 @@ function updatepage(str) { #%env/templates/submenuWebStructure.template%# #(/topmenu)#

Index Browser

-

Browse the index of #[ucount]# documents. Enter a host or an URL for a file list or view a list of all hosts, only hosts with urls pending in the crawler or only with load errors.

+

Browse the index of #[ucount]# documents. Enter a host or an URL for a file list or view a list of all hosts#(authorized)#::, only hosts with urls pending in the crawler or only with load errors#(/authorized)#.

@@ -108,9 +108,11 @@ function updatepage(str) {
Count Colors:
   Documents without Errors
+ #(authorized)#::
   Pending in Crawler
   Crawler Excludes
   Load Errors
+ #(/authorized)#
@@ -251,9 +253,11 @@ var solr= $.getJSON("solr/collection1/select?q=*:*&defType=edismax&start=0&rows= #(/inbound)# + #(authorized)#:: #(admin)#:: #%HostBrowserAdmin_p.html%# #(/admin)# + #(/authorized)# #%env/templates/footer.template%# diff --git a/htroot/HostBrowser.java b/htroot/HostBrowser.java index 5e80d5fdd..5f002f209 100644 --- a/htroot/HostBrowser.java +++ b/htroot/HostBrowser.java @@ -79,7 +79,8 @@ public class HostBrowser { /** *

Retrieve local index entries for a path, or for hosts with the most references. Also allow some maintaining operations on entries with load errors.

- *

Some parameters need administrator authentication or unauthenticated local host requests to be allowed : load, deleteLoadErrors, delete and reload404. + *

Some parameters need administrator authentication or unauthenticated local host requests to be allowed : load, deleteLoadErrors, delete, reload404, + * hosts="crawling" and hosts="error". * The "load" parameter can also be applied without authentication when "browser.load4everyone" configuration setting is true.

* @param header servlet request header * @param post request parameters. Supported keys :