mirror of
https://github.com/yacy/yacy_search_server.git
synced 2024-09-19 00:01:41 +02:00
fixed apicall call method parameters
and verification in transaction manager which did not have and exception for localhost/basic authentication
This commit is contained in:
parent
d0abb0cedb
commit
01cc32217f
|
@ -1,3 +1,3 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
cd "`dirname $0`"
|
cd "`dirname $0`"
|
||||||
./apicall.sh "IndexControlURLs_p.html" "deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=on" > /dev/null
|
./apicall.sh "IndexControlURLs_p.html?deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=on" > /dev/null
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
cd "`dirname $0`"
|
cd "`dirname $0`"
|
||||||
./apicall.sh "IndexControlURLs_p.html" "deleteIndex=off&deleteSolr=off&deleteCache=on&deleteCrawlQueues=off&deleteRobots=on&deleteSearchFl=on&deletecomplete=" > /dev/null
|
./apicall.sh "IndexControlURLs_p.html?deleteIndex=off&deleteSolr=off&deleteCache=on&deleteCrawlQueues=off&deleteRobots=on&deleteSearchFl=on&deletecomplete=" > /dev/null
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
cd "`dirname $0`"
|
cd "`dirname $0`"
|
||||||
./apicall.sh "IndexControlURLs_p.html" "deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=off" > /dev/null
|
./apicall.sh "IndexControlURLs_p.html?deletecomplete=&deleteIndex=on&deleteSolr=on&deleteCrawlQueues=on&deleteRobots=on&deleteSearchFl=on&deleteCache=off" > /dev/null
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
cd "`dirname $0`"
|
cd "`dirname $0`"
|
||||||
./apicall.sh "IndexControlURLs_p.html" "urlhashdeleteall=&urlstring=$1" > /dev/null
|
./apicall.sh "IndexControlURLs_p.html?urlhashdeleteall=&urlstring=$1" > /dev/null
|
||||||
|
|
|
@ -1,3 +1,3 @@
|
||||||
#!/usr/bin/env sh
|
#!/usr/bin/env sh
|
||||||
cd "`dirname $0`"
|
cd "`dirname $0`"
|
||||||
./apicall.sh "IndexImportMediawiki_p.html" "file=$1" > /dev/null
|
./apicall.sh "IndexImportMediawiki_p.html?file=$1" > /dev/null
|
||||||
|
|
|
@ -38,7 +38,7 @@ if [ -f "$YACY_DATA_PATH/yacy.running" ]; then
|
||||||
echo "YaCy server appears to be running. Calling the ConfigAccounts_p API..."
|
echo "YaCy server appears to be running. Calling the ConfigAccounts_p API..."
|
||||||
# When the server is running we can not directly modify the yacy.conf file so we use the ConfigAccounts_p API.
|
# When the server is running we can not directly modify the yacy.conf file so we use the ConfigAccounts_p API.
|
||||||
# Otherwise the new password provided here could be overwritten by the server when it saves its in-memory configuration to the yacy.conf file
|
# Otherwise the new password provided here could be overwritten by the server when it saves its in-memory configuration to the yacy.conf file
|
||||||
(./apicall.sh "ConfigAccounts_p.html" "setAdmin=&adminuser=$YACY_ADMIN_USER_NAME&adminpw1=$YACY_ADMIN_PASSWORD&adminpw2=$YACY_ADMIN_PASSWORD&access=" && \
|
(./apicall.sh "ConfigAccounts_p.html?setAdmin=&adminuser=$YACY_ADMIN_USER_NAME&adminpw1=$YACY_ADMIN_PASSWORD&adminpw2=$YACY_ADMIN_PASSWORD&access=" > /dev/null && \
|
||||||
echo "Password successfully changed for User Name '$YACY_ADMIN_USER_NAME'.") || \
|
echo "Password successfully changed for User Name '$YACY_ADMIN_USER_NAME'.") || \
|
||||||
(echo "Password setting failed." && exit 1)
|
(echo "Password setting failed." && exit 1)
|
||||||
else
|
else
|
||||||
|
|
|
@ -61,7 +61,7 @@ public class TransactionManager {
|
||||||
* @throws NullPointerException
|
* @throws NullPointerException
|
||||||
* when header parameter is null.
|
* when header parameter is null.
|
||||||
*/
|
*/
|
||||||
private static String getCurrentUserName(final RequestHeader header) {
|
private static String getUserName(final RequestHeader header) {
|
||||||
String userName = header.getRemoteUser();
|
String userName = header.getRemoteUser();
|
||||||
|
|
||||||
if (userName == null && header.accessFromLocalhost() && Switchboard.getSwitchboard() != null) {
|
if (userName == null && header.accessFromLocalhost() && Switchboard.getSwitchboard() != null) {
|
||||||
|
@ -124,7 +124,7 @@ public class TransactionManager {
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Check this comes from an authenticated user */
|
/* Check this comes from an authenticated user */
|
||||||
final String userName = getCurrentUserName(header);
|
final String userName = getUserName(header);
|
||||||
if (userName == null) {
|
if (userName == null) {
|
||||||
throw new IllegalArgumentException("User is not authenticated");
|
throw new IllegalArgumentException("User is not authenticated");
|
||||||
}
|
}
|
||||||
|
@ -152,23 +152,24 @@ public class TransactionManager {
|
||||||
* @throws BadTransactionException when a condition for valid transaction is not met.
|
* @throws BadTransactionException when a condition for valid transaction is not met.
|
||||||
*/
|
*/
|
||||||
public static void checkPostTransaction(final RequestHeader header, final serverObjects post) {
|
public static void checkPostTransaction(final RequestHeader header, final serverObjects post) {
|
||||||
if (header == null || post == null) {
|
if (header == null)
|
||||||
throw new IllegalArgumentException("Missing required parameters.");
|
throw new IllegalArgumentException("Missing required header parameters.");
|
||||||
}
|
|
||||||
|
|
||||||
if(!HeaderFramework.METHOD_POST.equals(header.getMethod())) {
|
if (header.accessFromLocalhost()) return; // this is one exception that we accept if basc authentication is gven
|
||||||
|
|
||||||
|
if (post == null) // non-local requests must use POST parameters
|
||||||
|
throw new IllegalArgumentException("Missing required post parameters.");
|
||||||
|
|
||||||
|
if (!HeaderFramework.METHOD_POST.equals(header.getMethod())) // non-local users must use POST protocol
|
||||||
throw new DisallowedMethodException("HTTP POST method is the only one authorized.");
|
throw new DisallowedMethodException("HTTP POST method is the only one authorized.");
|
||||||
}
|
|
||||||
|
|
||||||
String userName = getCurrentUserName(header);
|
String userName = getUserName(header);
|
||||||
if (userName == null) {
|
if (userName == null)
|
||||||
throw new BadTransactionException("User is not authenticated.");
|
throw new BadTransactionException("User is not authenticated.");
|
||||||
}
|
|
||||||
|
|
||||||
final String transactionToken = post.get(TRANSACTION_TOKEN_PARAM);
|
final String transactionToken = post.get(TRANSACTION_TOKEN_PARAM);
|
||||||
if(transactionToken == null) {
|
if (transactionToken == null)
|
||||||
throw new TemplateMissingParameterException("Missing transaction token.");
|
throw new TemplateMissingParameterException("Missing transaction token.");
|
||||||
}
|
|
||||||
|
|
||||||
final String token = new HmacUtils(HmacAlgorithms.HMAC_SHA_1, SIGNING_KEY)
|
final String token = new HmacUtils(HmacAlgorithms.HMAC_SHA_1, SIGNING_KEY)
|
||||||
.hmacHex(TOKEN_SEED + userName + header.getPathInfo());
|
.hmacHex(TOKEN_SEED + userName + header.getPathInfo());
|
||||||
|
|
|
@ -20,7 +20,7 @@ if [ ! -f "$YACY_DATA_PATH/yacy.running" ]; then
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
(bin/apicall.sh "Steering.html" "shutdown=true" && \
|
(bin/apicall.sh "Steering.html?shutdown=true" > /dev/null && \
|
||||||
echo "Please wait until the YaCy daemon process terminates [wget]" && \
|
echo "Please wait until the YaCy daemon process terminates [wget]" && \
|
||||||
echo "You can monitor this with 'tail -f $YACY_DATA_PATH/LOG/yacy00.log' and 'fuser $YACY_DATA_PATH/LOG/yacy00.log'") || \
|
echo "You can monitor this with 'tail -f $YACY_DATA_PATH/LOG/yacy00.log' and 'fuser $YACY_DATA_PATH/LOG/yacy00.log'") || \
|
||||||
exit $?
|
exit $?
|
||||||
|
|
|
@ -3,7 +3,7 @@ cd `dirname $0`
|
||||||
|
|
||||||
if [ -x `which wget` ]
|
if [ -x `which wget` ]
|
||||||
then
|
then
|
||||||
bin/apicall.sh "ConfigUpdate_p.html?autoUpdate="
|
bin/apicall.sh "ConfigUpdate_p.html?autoUpdate=" > /dev/null
|
||||||
|
|
||||||
elif [ -x `which java` ]
|
elif [ -x `which java` ]
|
||||||
then
|
then
|
||||||
|
|
Loading…
Reference in New Issue
Block a user