From ee8e45ecf7d3e883a98e130eec6c44a12d21d1c0 Mon Sep 17 00:00:00 2001
From: jrandom <jrandom>
Date: Sun, 4 Sep 2005 21:51:17 +0000
Subject: [PATCH] allow web based control of who gets to access remote
repositories. if the prop "syndie.remotePassword" is set, users can enter it
while viewing their metadata
---
.../java/src/net/i2p/syndie/BlogManager.java | 27 +++++++++++++++++++
apps/syndie/jsp/viewmetadata.jsp | 17 +++++++++++-
2 files changed, 43 insertions(+), 1 deletion(-)
diff --git a/apps/syndie/java/src/net/i2p/syndie/BlogManager.java b/apps/syndie/java/src/net/i2p/syndie/BlogManager.java
index c0c2d13b45..708e3996be 100644
--- a/apps/syndie/java/src/net/i2p/syndie/BlogManager.java
+++ b/apps/syndie/java/src/net/i2p/syndie/BlogManager.java
@@ -72,10 +72,13 @@ public class BlogManager {
for (Iterator iter = p.keySet().iterator(); iter.hasNext(); ) {
String key = (String)iter.next();
System.setProperty(key, p.getProperty(key));
+ System.out.println("Read config prop [" + key + "] = [" + p.getProperty(key) + "]");
}
} catch (IOException ioe) {
ioe.printStackTrace();
}
+ } else {
+ System.out.println("Config doesn't exist: " + config.getPath());
}
}
@@ -217,6 +220,30 @@ public class BlogManager {
return pass;
}
+ /** Password required to access the remote syndication functinoality (null means no password required) */
+ public String getRemotePassword() {
+ String pass = _context.getProperty("syndie.remotePassword");
+
+ System.out.println("Remote password? [" + pass + "]");
+ if ( (pass == null) || (pass.trim().length() <= 0) ) return null;
+ return pass;
+ }
+
+ public String authorizeRemoteAccess(User user, String password) {
+ if (!user.getAuthenticated()) return "Not logged in";
+ String remPass = getRemotePassword();
+ if (remPass == null)
+ return "Remote access password not configured - please specify 'syndie.remotePassword' in your syndie.config";
+
+ if (remPass.equals(password)) {
+ user.setAllowAccessRemote(true);
+ saveUser(user);
+ return "Remote access authorized";
+ } else {
+ return "Remote access denied";
+ }
+ }
+
public void saveUser(User user) {
if (!user.getAuthenticated()) return;
String userHash = Base64.encode(_context.sha().calculateHash(DataHelper.getUTF8(user.getUsername())).getData());
diff --git a/apps/syndie/jsp/viewmetadata.jsp b/apps/syndie/jsp/viewmetadata.jsp
index 0734eeba0b..750b46ff81 100644
--- a/apps/syndie/jsp/viewmetadata.jsp
+++ b/apps/syndie/jsp/viewmetadata.jsp
@@ -1,5 +1,6 @@
-<%@page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" import="net.i2p.syndie.web.*" %>
+<%@page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" import="net.i2p.syndie.web.*, net.i2p.syndie.*" %>
<% request.setCharacterEncoding("UTF-8"); %>
+<jsp:useBean scope="session" class="net.i2p.syndie.User" id="user" />
<html>
<head>
<title>SyndieMedia</title>
@@ -13,6 +14,20 @@
<td valign="top" align="left" rowspan="2"><jsp:include page="_rightnav.jsp" /></td></tr>
<tr><td valign="top" align="left" colspan="3"><%
ArchiveViewerBean.renderMetadata(request.getParameterMap(), out);
+if (user.getAuthenticated()) {
+ if ("Authorize".equals(request.getParameter("action"))) {
+ %><b><%=BlogManager.instance().authorizeRemoteAccess(user, request.getParameter("password"))%></b><%
+ }
+ if (!user.getAllowAccessRemote()) {
+ if (user.getBlog().toBase64().equals(request.getParameter("blog"))) {
+ %><hr /><form action="viewmetadata.jsp" method="POST">
+<input type="hidden" name="blog" value="<%=request.getParameter("blog")%>" />
+To access remote instances from this instance, please supply the Syndie administration password: <input type="password" name="password" />
+<input type="submit" name="action" value="Authorize" />
+</form><%
+ }
+ }
+}
%></td></tr>
</table>
</body>
\ No newline at end of file
--
GitLab