projects
/
Sone.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
8dc44b0
)
Implement full access requirement in all pages.
author
David ‘Bombe’ Roden
<bombe@pterodactylus.net>
Sat, 7 May 2011 00:13:38 +0000
(
02:13
+0200)
committer
David ‘Bombe’ Roden
<bombe@pterodactylus.net>
Sat, 7 May 2011 00:13:38 +0000
(
02:13
+0200)
src/main/java/net/pterodactylus/sone/web/CreateSonePage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/LoginPage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/LogoutPage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/SoneTemplatePage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
patch
|
blob
|
history
src/main/java/net/pterodactylus/sone/web/page/FreenetTemplatePage.java
patch
|
blob
|
history
diff --git
a/src/main/java/net/pterodactylus/sone/web/CreateSonePage.java
b/src/main/java/net/pterodactylus/sone/web/CreateSonePage.java
index
2e2fc41
..
3f940a3
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/CreateSonePage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/CreateSonePage.java
@@
-129,6
+129,9
@@
public class CreateSonePage extends SoneTemplatePage {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !toadletContext.isAllowedFullAccess()) {
+ return false;
+ }
return (getCurrentSone(toadletContext, false) == null) || (webInterface.getCore().getLocalSones().size() == 1);
}
return (getCurrentSone(toadletContext, false) == null) || (webInterface.getCore().getLocalSones().size() == 1);
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/LoginPage.java
b/src/main/java/net/pterodactylus/sone/web/LoginPage.java
index
321193b
..
8e612ea
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/LoginPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/LoginPage.java
@@
-103,6
+103,9
@@
public class LoginPage extends SoneTemplatePage {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !toadletContext.isAllowedFullAccess()) {
+ return false;
+ }
return getCurrentSone(toadletContext, false) == null;
}
return getCurrentSone(toadletContext, false) == null;
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/LogoutPage.java
b/src/main/java/net/pterodactylus/sone/web/LogoutPage.java
index
4510bc1
..
7cd0587
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/LogoutPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/LogoutPage.java
@@
-57,6
+57,9
@@
public class LogoutPage extends SoneTemplatePage {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !toadletContext.isAllowedFullAccess()) {
+ return false;
+ }
return (getCurrentSone(toadletContext, false) != null) && (webInterface.getCore().getLocalSones().size() != 1);
}
return (getCurrentSone(toadletContext, false) != null) && (webInterface.getCore().getLocalSones().size() != 1);
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/SoneTemplatePage.java
b/src/main/java/net/pterodactylus/sone/web/SoneTemplatePage.java
index
7392de4
..
42c0129
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/SoneTemplatePage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/SoneTemplatePage.java
@@
-296,7
+296,18
@@
public class SoneTemplatePage extends FreenetTemplatePage {
* {@inheritDoc}
*/
@Override
* {@inheritDoc}
*/
@Override
+ protected boolean isFullAccessOnly() {
+ return webInterface.getCore().getPreferences().isRequireFullAccess();
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ @Override
public boolean isEnabled(ToadletContext toadletContext) {
public boolean isEnabled(ToadletContext toadletContext) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !toadletContext.isAllowedFullAccess()) {
+ return false;
+ }
if (requiresLogin()) {
return getCurrentSone(toadletContext, false) != null;
}
if (requiresLogin()) {
return getCurrentSone(toadletContext, false) != null;
}
diff --git
a/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
b/src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
index
8d48bce
..
893b7ae
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/ajax/JsonPage.java
@@
-188,6
+188,9
@@
public abstract class JsonPage implements Page {
*/
@Override
public Response handleRequest(Request request) {
*/
@Override
public Response handleRequest(Request request) {
+ if (webInterface.getCore().getPreferences().isRequireFullAccess() && !request.getToadletContext().isAllowedFullAccess()) {
+ return new Response(401, "Not authorized", "application/json", JsonUtils.format(new JsonObject().put("success", false).put("error", "auth-required")));
+ }
if (needsFormPassword()) {
String formPassword = request.getHttpRequest().getParam("formPassword");
if (!webInterface.getFormPassword().equals(formPassword)) {
if (needsFormPassword()) {
String formPassword = request.getHttpRequest().getParam("formPassword");
if (!webInterface.getFormPassword().equals(formPassword)) {
diff --git
a/src/main/java/net/pterodactylus/sone/web/page/FreenetTemplatePage.java
b/src/main/java/net/pterodactylus/sone/web/page/FreenetTemplatePage.java
index
6e7812f
..
5831a1b
100644
(file)
--- a/
src/main/java/net/pterodactylus/sone/web/page/FreenetTemplatePage.java
+++ b/
src/main/java/net/pterodactylus/sone/web/page/FreenetTemplatePage.java
@@
-109,6
+109,9
@@
public class FreenetTemplatePage implements Page, LinkEnabledCallback {
return new RedirectResponse(redirectTarget);
}
return new RedirectResponse(redirectTarget);
}
+ if (isFullAccessOnly() && !request.getToadletContext().isAllowedFullAccess()) {
+ return new Response(401, "Not authorized", "text/html", "Not authorized");
+ }
ToadletContext toadletContext = request.getToadletContext();
if (request.getMethod() == Method.POST) {
/* require form password. */
ToadletContext toadletContext = request.getToadletContext();
if (request.getMethod() == Method.POST) {
/* require form password. */
@@
-227,6
+230,17
@@
public class FreenetTemplatePage implements Page, LinkEnabledCallback {
return Collections.emptyList();
}
return Collections.emptyList();
}
+ /**
+ * Returns whether this page should only be allowed for requests from hosts
+ * with full access.
+ *
+ * @return {@code true} if this page should only be allowed for hosts with
+ * full access, {@code false} to allow this page for any host
+ */
+ protected boolean isFullAccessOnly() {
+ return false;
+ }
+
//
// INTERFACE LinkEnabledCallback
//
//
// INTERFACE LinkEnabledCallback
//
@@
-236,7
+250,7
@@
public class FreenetTemplatePage implements Page, LinkEnabledCallback {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
*/
@Override
public boolean isEnabled(ToadletContext toadletContext) {
- return
true
;
+ return
!isFullAccessOnly()
;
}
/**
}
/**