projects
/
Sone.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
a887d9b
)
Enhance JSON page to optionally require a form password.
author
David ‘Bombe’ Roden
<bombe@pterodactylus.net>
Fri, 22 Oct 2010 14:05:39 +0000
(16:05 +0200)
committer
David ‘Bombe’ Roden
<bombe@pterodactylus.net>
Fri, 22 Oct 2010 14:05:39 +0000
(16:05 +0200)
src/main/java/net/pterodactylus/sone/web/WebInterface.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/ajax/GetSoneStatusPage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/ajax/GetTranslationPage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
patch
|
blob
|
history
diff --git
a/src/main/java/net/pterodactylus/sone/web/WebInterface.java
b/src/main/java/net/pterodactylus/sone/web/WebInterface.java
index
ec20785
..
0f6e21a
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/WebInterface.java
+++ b/
src/main/java/net/pterodactylus/sone/web/WebInterface.java
@@
-225,7
+225,7
@@
public class WebInterface extends AbstractService {
pageToadlets.add(pageToadletFactory.createPageToadlet(new StaticPage("javascript/", "/static/javascript/", "text/javascript")));
pageToadlets.add(pageToadletFactory.createPageToadlet(new StaticPage("images/", "/static/images/", "image/png")));
pageToadlets.add(pageToadletFactory.createPageToadlet(new GetTranslationPage(this)));
pageToadlets.add(pageToadletFactory.createPageToadlet(new StaticPage("javascript/", "/static/javascript/", "text/javascript")));
pageToadlets.add(pageToadletFactory.createPageToadlet(new StaticPage("images/", "/static/images/", "image/png")));
pageToadlets.add(pageToadletFactory.createPageToadlet(new GetTranslationPage(this)));
- pageToadlets.add(pageToadletFactory.createPageToadlet(new GetSoneStatusPage(
core()
)));
+ pageToadlets.add(pageToadletFactory.createPageToadlet(new GetSoneStatusPage(
this
)));
ToadletContainer toadletContainer = sonePlugin.pluginRespirator().getToadletContainer();
toadletContainer.getPageMaker().addNavigationCategory("/Sone/index.html", "Navigation.Menu.Name", "Navigation.Menu.Tooltip", sonePlugin);
ToadletContainer toadletContainer = sonePlugin.pluginRespirator().getToadletContainer();
toadletContainer.getPageMaker().addNavigationCategory("/Sone/index.html", "Navigation.Menu.Name", "Navigation.Menu.Tooltip", sonePlugin);
diff --git
a/src/main/java/net/pterodactylus/sone/web/ajax/GetSoneStatusPage.java
b/src/main/java/net/pterodactylus/sone/web/ajax/GetSoneStatusPage.java
index
3f1bbca
..
3b619cc
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/ajax/GetSoneStatusPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/ajax/GetSoneStatusPage.java
@@
-20,9
+20,9
@@
package net.pterodactylus.sone.web.ajax;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.text.SimpleDateFormat;
import java.util.Date;
-import net.pterodactylus.sone.core.Core;
import net.pterodactylus.sone.core.Core.SoneStatus;
import net.pterodactylus.sone.data.Sone;
import net.pterodactylus.sone.core.Core.SoneStatus;
import net.pterodactylus.sone.data.Sone;
+import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.util.json.JsonObject;
/**
import net.pterodactylus.util.json.JsonObject;
/**
@@
-33,29
+33,37
@@
import net.pterodactylus.util.json.JsonObject;
*/
public class GetSoneStatusPage extends JsonPage {
*/
public class GetSoneStatusPage extends JsonPage {
- /** The Sone core. */
- private final Core core;
-
/**
* Creates a new AJAX sone status handler.
*
/**
* Creates a new AJAX sone status handler.
*
- * @param
cor
e
- * The Sone
cor
e
+ * @param
webInterfac
e
+ * The Sone
web interfac
e
*/
*/
- public GetSoneStatusPage(Core core) {
- super("ajax/getSoneStatus.ajax");
- this.core = core;
+ public GetSoneStatusPage(WebInterface webInterface) {
+ super("ajax/getSoneStatus.ajax", webInterface);
}
}
+ //
+ // JSONPAGE METHODS
+ //
+
/**
* {@inheritDoc}
*/
@Override
protected JsonObject createJsonObject(Request request) {
String soneId = request.getHttpRequest().getParam("sone");
/**
* {@inheritDoc}
*/
@Override
protected JsonObject createJsonObject(Request request) {
String soneId = request.getHttpRequest().getParam("sone");
- Sone sone =
core
.getSone(soneId);
- SoneStatus soneStatus =
core
.getSoneStatus(sone);
+ Sone sone =
webInterface.core()
.getSone(soneId);
+ SoneStatus soneStatus =
webInterface.core()
.getSoneStatus(sone);
return new JsonObject().put("status", soneStatus.name()).put("modified", sone.getModificationCounter() > 0).put("lastUpdated", new SimpleDateFormat("MMM d, yyyy, HH:mm:ss").format(new Date(sone.getTime()))).put("age", (System.currentTimeMillis() - sone.getTime()) / 1000);
}
return new JsonObject().put("status", soneStatus.name()).put("modified", sone.getModificationCounter() > 0).put("lastUpdated", new SimpleDateFormat("MMM d, yyyy, HH:mm:ss").format(new Date(sone.getTime()))).put("age", (System.currentTimeMillis() - sone.getTime()) / 1000);
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ protected boolean needsFormPassword() {
+ return false;
+ }
+
}
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/ajax/GetTranslationPage.java
b/src/main/java/net/pterodactylus/sone/web/ajax/GetTranslationPage.java
index
21ec083
..
68f1777
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/ajax/GetTranslationPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/ajax/GetTranslationPage.java
@@
-27,9
+27,6
@@
import net.pterodactylus.util.json.JsonObject;
*/
public class GetTranslationPage extends JsonPage {
*/
public class GetTranslationPage extends JsonPage {
- /** The Sone web interface. */
- private WebInterface webInterface;
-
/**
* Creates a new translation page.
*
/**
* Creates a new translation page.
*
@@
-37,10
+34,13
@@
public class GetTranslationPage extends JsonPage {
* The Sone web interface
*/
public GetTranslationPage(WebInterface webInterface) {
* The Sone web interface
*/
public GetTranslationPage(WebInterface webInterface) {
- super("ajax/getTranslation.ajax");
- this.webInterface = webInterface;
+ super("ajax/getTranslation.ajax", webInterface);
}
}
+ //
+ // JSONPAGE METHODS
+ //
+
/**
* {@inheritDoc}
*/
/**
* {@inheritDoc}
*/
@@
-51,4
+51,12
@@
public class GetTranslationPage extends JsonPage {
return new JsonObject().put("value", translation);
}
return new JsonObject().put("value", translation);
}
+ /**
+ * {@inheritDoc}
+ */
+ @Override
+ protected boolean needsFormPassword() {
+ return false;
+ }
+
}
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
index
20ddfc6
..
6b5d614
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
@@
-17,6
+17,7
@@
package net.pterodactylus.sone.web.ajax;
package net.pterodactylus.sone.web.ajax;
+import net.pterodactylus.sone.web.WebInterface;
import net.pterodactylus.sone.web.page.Page;
import net.pterodactylus.util.json.JsonObject;
import net.pterodactylus.util.json.JsonUtils;
import net.pterodactylus.sone.web.page.Page;
import net.pterodactylus.util.json.JsonObject;
import net.pterodactylus.util.json.JsonUtils;
@@
-32,14
+33,20
@@
public abstract class JsonPage implements Page {
/** The path of the page. */
private final String path;
/** The path of the page. */
private final String path;
+ /** The Sone web interface. */
+ protected final WebInterface webInterface;
+
/**
* Creates a new JSON page at the given path.
*
* @param path
* The path of the page
/**
* Creates a new JSON page at the given path.
*
* @param path
* The path of the page
+ * @param webInterface
+ * The Sone web interface
*/
*/
- public JsonPage(String path) {
+ public JsonPage(String path
, WebInterface webInterface
) {
this.path = path;
this.path = path;
+ this.webInterface = webInterface;
}
//
}
//
@@
-56,6
+63,17
@@
public abstract class JsonPage implements Page {
*/
protected abstract JsonObject createJsonObject(Request request);
*/
protected abstract JsonObject createJsonObject(Request request);
+ /**
+ * Returns whether this command needs the form password for authentication
+ * and to prevent abuse.
+ *
+ * @return {@code true} if the form password (given as “formPassword”) is
+ * required, {@code false} otherwise
+ */
+ protected boolean needsFormPassword() {
+ return true;
+ }
+
//
// PAGE METHODS
//
//
// PAGE METHODS
//
@@
-73,6
+91,12
@@
public abstract class JsonPage implements Page {
*/
@Override
public Response handleRequest(Request request) {
*/
@Override
public Response handleRequest(Request request) {
+ if (needsFormPassword()) {
+ String formPassword = request.getHttpRequest().getParam("formPassword");
+ if (!webInterface.formPassword().equals(formPassword)) {
+ return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false)));
+ }
+ }
JsonObject jsonObject = createJsonObject(request);
return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
}
JsonObject jsonObject = createJsonObject(request);
return new Response(200, "OK", "application/json", JsonUtils.format(jsonObject));
}