2005-11-11 jrandom

* Default Syndie to single user mode, and automatically log into a default user account (additional accounts can be logged into with the 'switch' or login pages, and new accounts can be created with the register page). * Disable the 'automated' column on the Syndie addressbook unless the user is appropriately authorized (good idea Polecat!)

2005-11-11 jrandom
49564a38 · jrandom · zzz · 12ddaff0 · 49564a38 · 49564a38
Commit 49564a38 authored 19 years ago by jrandom Committed by zzz 19 years ago
--- a/apps/syndie/java/src/net/i2p/syndie/BlogManager.java
+++ b/apps/syndie/java/src/net/i2p/syndie/BlogManager.java
@@ -232,7 +232,7 @@ public class BlogManager {
                Properties userProps = loadUserProps(files[i]);
                if (userProps == null)
                    continue;
-                User user = new User();
+                User user = new User(_context);
                user.load(userProps);
                if (blog.equals(user.getBlog()))
                    return user;
@@ -252,7 +252,7 @@ public class BlogManager {
                Properties userProps = loadUserProps(files[i]);
                if (userProps == null)
                    continue;
-                User user = new User();
+                User user = new User(_context);
                user.load(userProps);
                rv.add(user);
            }
@@ -281,6 +281,15 @@ public class BlogManager {
        }
    }
    
+    public User login(String login, String pass) {
+        User u = new User(_context);
+        String ok = login(u, login, pass);
+        if (User.LOGIN_OK.equals(ok))
+            return u;
+        else
+            return new User(_context);
+    }
+    
    public String login(User user, String login, String pass) {
        if ( (login == null) || (pass == null) ) return "<span class=\"b_loginMsgErr\">Login not specified</span>";
        Hash userHash = _context.sha().calculateHash(DataHelper.getUTF8(login));
@@ -331,12 +340,15 @@ public class BlogManager {
        return true;
    }
    
+    private static final boolean DEFAULT_IS_SINGLEUSER = true;
+    
    /**
     * If true, this syndie instance is meant for just one local user, so we don't need
     * to password protect registration, remote.jsp, or admin.jsp
     *
     */
    public boolean isSingleUser() {
+        if (!isConfigured()) return DEFAULT_IS_SINGLEUSER;
        String isSingle = _context.getProperty("syndie.singleUser");
        return ( (isSingle != null) && (Boolean.valueOf(isSingle).booleanValue()) );
    }
@@ -417,6 +429,51 @@ public class BlogManager {
        return true;
    }
     
+    private static final String DEFAULT_LOGIN = "default";
+    private static final String DEFAULT_PASS = "";
+    
+    public User getDefaultUser() {
+        User user = new User(_context);
+        getDefaultUser(user);
+        return user;
+    }
+    public void getDefaultUser(User user) {
+        if (isSingleUser()) {
+            Hash userHash = _context.sha().calculateHash(DataHelper.getUTF8(DEFAULT_LOGIN));
+            File userFile = new File(_userDir, Base64.encode(userHash.getData()));
+            if (_log.shouldLog(Log.INFO))
+                _log.info("Attempting to login to the default user: " + userFile.getAbsolutePath());
+            
+            if (userFile.exists()) {
+                Properties props = loadUserProps(userFile);
+                if (props == null) {
+                    user.invalidate();
+                    _log.error("Error reading the default user file: " + userFile);
+                    return;
+                }
+                String ok = user.login(DEFAULT_LOGIN, DEFAULT_PASS, props);
+                if (User.LOGIN_OK.equals(ok)) {
+                    return;
+                } else {
+                    user.invalidate();
+                    _log.error("Error logging into the default user: " + ok);
+                    return;
+                }
+            } else {
+                String ok = register(user, DEFAULT_LOGIN, DEFAULT_PASS, "", "default", "Default Syndie blog", "");
+                if (User.LOGIN_OK.equals(ok)) {
+                    _log.info("Default user created: " + user);
+                    return;
+                } else {
+                    user.invalidate();
+                    _log.error("Error registering the default user: " + ok);
+                    return;
+                }
+            }
+        } else {
+            return;
+        }
+    }
    
    public boolean authorizeAdmin(String pass) {
        if (isSingleUser()) return true;

--- a/apps/syndie/java/src/net/i2p/syndie/User.java
+++ b/apps/syndie/java/src/net/i2p/syndie/User.java
@@ -43,9 +43,24 @@ public class User {
    private boolean _importAddresses;

    static final String PROP_USERHASH = "__userHash";
-    
+
+    /**
+     * Ugly hack to fetch the default User instance - this is the default
+     * constructor so it can be used as a bean on the web interface.  If
+     * the Syndie instance isn't in single user mode, the default User 
+     * is an empty unauthenticated User.  If the instance IS in single user
+     * mode, this will contain the logged in 'default' user (creating a new
+     * one as necessary).  If you just want to create a User object, use the
+     * new User(I2PAppContext ctx) constructor.
+     *
+     */
    public User() {
-        _context = I2PAppContext.getGlobalContext();
+        this(I2PAppContext.getGlobalContext());
+        BlogManager.instance().getDefaultUser(this);
+    }
+    
+    public User(I2PAppContext ctx) {
+        _context = ctx;
        init();
    }
    private void init() {

--- a/apps/syndie/java/src/net/i2p/syndie/web/RSSServlet.java
+++ b/apps/syndie/java/src/net/i2p/syndie/web/RSSServlet.java
@@ -28,8 +28,7 @@ public class RSSServlet extends HttpServlet {
        if (user == null) {
            String login = req.getParameter("login");
            String pass = req.getParameter("password");
-            user = new User();
-            BlogManager.instance().login(user, login, pass); // ignore failures - user will just be unauthorized
+            user = BlogManager.instance().login(login, pass); // ignore failures - user will just be unauthorized
            if (!user.getAuthenticated())
                user.invalidate();
        }

--- a/apps/syndie/java/src/net/i2p/syndie/web/ViewThreadedServlet.java
+++ b/apps/syndie/java/src/net/i2p/syndie/web/ViewThreadedServlet.java
@@ -35,20 +35,18 @@ public class ViewThreadedServlet extends HttpServlet {
        
        if (user == null) {
            if ("Login".equals(action)) {
-                user = new User();
-                BlogManager.instance().login(user, login, pass); // ignore failures - user will just be unauthorized
+                user = BlogManager.instance().login(login, pass); // ignore failures - user will just be unauthorized
                if (!user.getAuthenticated())
                    user.invalidate();
            } else {
                user = new User();
-                BlogManager.instance().login(user, login, pass); // ignore failures - user will just be unauthorized
            }
            forceNewIndex = true;
        } else if ("Login".equals(action)) {
+            user = BlogManager.instance().login(login, pass); // ignore failures - user will just be unauthorized
+            forceNewIndex = true;
+        } else if ("Logout".equals(action)) {
            user = new User();
-            BlogManager.instance().login(user, login, pass); // ignore failures - user will just be unauthorized
-            if (!user.getAuthenticated())
-                user.invalidate();
            forceNewIndex = true;
        }
        

--- a/apps/syndie/jsp/addresses.jsp
+++ b/apps/syndie/jsp/addresses.jsp
@@ -166,10 +166,14 @@ if (!user.getAuthenticated()) {
        if (name.getIsPublic())
            buf.append("checked=\"true\" ");
        buf.append(" /></td>");
-        buf.append("<td class=\"b_scheduled\"><input class=\"b_scheduled\" type=\"checkbox\" name=\"scheduleSyndication\" value=\"true\" ");
-        if (BlogManager.instance().syndicationScheduled(name.getLocation()))
-          buf.append("checked=\"true\" ");
-        buf.append(" /></td>");
+        if (BlogManager.instance().authorizeRemote(user)) {
+            buf.append("<td class=\"b_scheduled\"><input class=\"b_scheduled\" type=\"checkbox\" name=\"scheduleSyndication\" value=\"true\" ");
+            if (BlogManager.instance().syndicationScheduled(name.getLocation()))
+              buf.append("checked=\"true\" ");
+            buf.append(" /></td>");
+        } else {
+          buf.append("<td class=\"b_scheduled\"><input class=\"b_scheduled\" type=\"checkbox\" name=\"scheduleSyndication\" value=\"false\" disabled=\"true\" /></td>\n");
+        }
        buf.append("<td class=\"b_addrGroup\"><input class=\"b_addrGroup\" type=\"text\" name=\"groups\" size=\"10\" value=\"");
        for (int j = 0; j < name.getGroupCount(); j++) {
            buf.append(HTMLRenderer.sanitizeTagParam(name.getGroup(j)));

--- a/apps/syndie/jsp/switchuser.jsp
+++ b/apps/syndie/jsp/switchuser.jsp
@@ -12,5 +12,6 @@ Syndie login: <input type="text" name="login" /><br />
 Password: <input type="password" name="password" /><br />
 <input type="submit" name="action" value="Login" />
 <input type="submit" name="action" value="Cancel" />
+<input type="submit" name="action" value="Logout" />
 </form>
 </body>
\ No newline at end of file
--- a/history.txt
+++ b/history.txt
-$Id: history.txt,v 1.316 2005/11/06 17:25:18 jrandom Exp $
+$Id: history.txt,v 1.317 2005/11/10 22:46:36 jrandom Exp $
+
+2005-11-11  jrandom
+    * Default Syndie to single user mode, and automatically log into a default
+      user account (additional accounts can be logged into with the 'switch'
+      or login pages, and new accounts can be created with the register page).
+    * Disable the 'automated' column on the Syndie addressbook unless the user
+      is appropriately authorized (good idea Polecat!)

 2005-11-10  jrandom
    * First pass to a new threaded Syndie interface, which isn't enabled by