Marown/yacy_search_server
1
0
Fork 0
mirror of https://github.com/yacy/yacy_search_server.git synced 2024-09-19 00:01:41 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

added access right control to wiki and changed access policy

Browse Source 
- by default, only the admin is allowed to make changes to wiki pages
- the admin may allow changes to everybody

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@3019 6c8d7289-2bf4-0310-a012-ef5d649a1542
This commit is contained in:
orbiter 2006-11-29 01:50:10 +00:00
parent 86394e7a56
commit 816698ad21
3 changed files with 40 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htroot/Wiki.html
View File

@ -16,10 +16,10 @@
#[page]#
</div>
<p class="PostInfo">
last edited by #[author]# | change date #[date]# | <a href="Wiki.html?page=#[pagename]#&amp;edit=Edit">Edit</a>
last edited by #[author]# | change date #[date]# | <a href="Wiki.html?page=#[pagename]#&amp;edit=Edit">Edit</a> #(access)#(only granted to admin)::#(/access)#
</p>
</div>
<p class="Navigation"><a href="Wiki.html">Start Page</a> - <a href="Wiki.html?index=Index">Index</a></p>
<p class="Navigation"><a href="Wiki.html">Start Page</a> - <a href="Wiki.html?index=Index">Index</a> - #(access)#<a href="Wiki.html?access=all">Grant Write Access to Everybody</a>::<a href="Wiki.html?access=admin">Grant Write Access to Admin only</a>#(/access)#</p>
::
<!-- 1: edit -->
<form action="Wiki.html" method="post" enctype="multipart/form-data" accept-charset="UTF-8">

30
htroot/Wiki.java
View File

@ -81,6 +81,7 @@ public class Wiki {
post.put("page", "start");
}
String access = switchboard.getConfig("WikiAccess", "admin");
String pagename = post.get("page", "start");
String ip = post.get("CLIENTIP", "127.0.0.1");
String author = post.get("author", "anonymous");
@ -91,8 +92,29 @@ public class Wiki {
else author = de.anomic.yacy.yacyCore.seedDB.mySeed.get("Name", "anonymous");
}
}
if (post.containsKey("access")) {
// only the administrator may change the access right
if (!switchboard.verifyAuthentication(header, true)) {
// check access right for admin
prop.put("AUTHENTICATE", "admin log-in"); // force log-in
return prop;
}
access = post.get("access", "admin");
switchboard.setConfig("WikiAccess", access);
}
if (access.equals("admin")) prop.put("mode_access", 0);
if (access.equals("all")) prop.put("mode_access", 1);
if (post.containsKey("submit")) {
if ((access.equals("admin") && (!switchboard.verifyAuthentication(header, true)))) {
// check access right for admin
prop.put("AUTHENTICATE", "admin log-in"); // force log-in
return prop;
}
// store a new page
byte[] content;
try {
@ -111,6 +133,12 @@ public class Wiki {
wikiBoard.entry page = switchboard.wikiDB.read(pagename);
if (post.containsKey("edit")) {
if ((access.equals("admin") && (!switchboard.verifyAuthentication(header, true)))) {
// check access right for admin
prop.put("AUTHENTICATE", "admin log-in"); // force log-in
return prop;
}
// edit the page
try {
prop.put("mode", 1); //edit

9
yacy.init
View File

@ -846,3 +846,12 @@ showSurftipps = true
# http://localhost:8080/soap/test?wsdl
#
soap.serviceDeploymentList =
# Wiki access rights
# the built - in wiki system allowes by default only that the administration is allowed to make changes
# this can be changed. There are three options:
# admin - only the admin has write right
# all - everybody has write right
# user - the admin and every user registered in the user db has write right
WikiAccess = admin