added option to block the search function against unauthorized users

git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@3754 6c8d7289-2bf4-0310-a012-ef5d649a1542

htroot/Surftips.java

@@ -57,6 +57,7 @@ public class Surftips {
         
         boolean showScore = ((post != null) && (post.containsKey("score")));
         
+        // access control
         boolean publicPage = sb.getConfigBool("publicSurftips", true);
         boolean authorizedAccess = sb.verifyAuthentication(header, false);
         if ((post != null) && (post.containsKey("publicPage"))) {

htroot/index.html

@@ -111,7 +111,20 @@
       #(/searchoptions)#
       <p>This peer holds #[links]# URLs of #[total-links]# in the known network.</p>
     </form>
-    
+    #(searchoptions)#::
+    <p>
+    <form action="index.html" method="get" class="search">
+      <button type="submit" name="publicPage" value="0">
+        <img src="/env/grafics/lock.gif" alt="authentication required" />
+          Disable search function for users without autorization
+      </button>
+      <button type="submit" name="publicPage" value="1">
+        <img src="/env/grafics/lock.gif" alt="authentication required" />
+          Enable web search to everyone
+      </button>
+    </form>
+    </p>
+    #(/searchoptions)#
     #(display)#
     #%env/templates/simplefooter.template%#
     ::

htroot/index.java

@@ -49,6 +49,18 @@ public class index {
         final plasmaSwitchboard sb = (plasmaSwitchboard) env;
         final serverObjects prop = new serverObjects();
         
+        // access control
+        boolean publicPage = sb.getConfigBool("publicSearchpage", true);
+        boolean authorizedAccess = sb.verifyAuthentication(header, false);
+        if ((post != null) && (post.containsKey("publicPage"))) {
+            if (!authorizedAccess) {
+                prop.put("AUTHENTICATE", "admin log-in"); // force log-in
+                return prop;
+            }
+            publicPage = post.get("publicPage", "0").equals("1");
+            sb.setConfig("publicSearchpage", publicPage);
+        }
+        
         boolean global = (post == null) ? true : post.get("resource", "global").equals("global");
         final boolean authenticated = sb.adminAuthenticated(header) >= 2;
         final int display = ((post == null) || (!authenticated)) ? 0 : post.getInt("display", 0);

htroot/yacysearch.html

@@ -117,6 +117,8 @@ document.getElementById("Enter").value = "search again - catch up more links";
     <p>No Results. &quot;<strong>#[wrong_regex]#</strong>&quot; is no valid regular expression. Please go back to the previous page and make sure to enter a valid regular expressions for URL mask and Prefer mask.</p>
     ::
 	<p><strong>#[linkcount]#</strong> results from <strong>#[orderedcount]#</strong> ordered links from <strong>#[filteredcount]#</strong> filtered links of a total number of <strong>#[totalcount]#</strong> known.</p>
+	::
+	<p>Searching the web with this peer is disabled for unauthorized users. Please <a href="Status.html?login=">log in</a> as administrator to use the search function</p>
 #(/num-results)#
 
 <!-- view the result list -->

htroot/yacysearch.java

@@ -90,6 +90,8 @@ public class yacysearch {
     public static serverObjects respond(httpHeader header, serverObjects post, serverSwitch env) {
         final plasmaSwitchboard sb = (plasmaSwitchboard) env;
 
+        boolean searchAllowed = sb.getConfigBool("publicSearchpage", true) || sb.verifyAuthentication(header, false);
+        
         boolean authenticated = sb.adminAuthenticated(header) >= 2;
         int display = (post == null) ? 0 : post.getInt("display", 0);
         if ((display == 1) && (!authenticated)) display = 0;
@@ -101,7 +103,7 @@ public class yacysearch {
         final String referer = (String) header.get("Referer");
         String querystring = (post == null) ? "" : post.get("search", "").trim();
         
-        if ((post == null) || (env == null) || (querystring.length() == 0)) {
+        if ((post == null) || (env == null) || (querystring.length() == 0) || (!searchAllowed)) {
 
             // save referrer
             // System.out.println("HEADER=" + header.toString());
@@ -145,10 +147,11 @@ public class yacysearch {
             prop.put("input_contentdomCheckApp", 0);
             prop.put("type", 0);
             prop.put("type_excluded", 0);
-            prop.put("type_num-results", 0);
             prop.put("type_combine", 0);
             prop.put("type_resultbottomline", 0);
             prop.put("type_results", "");
+            prop.put("num-results", (searchAllowed) ? 0 : 6);
+            
             return prop;
         }
 

yacy.init

@@ -852,8 +852,10 @@ currentSkin=
 # table-types: RAM = 0, TREE = 1, FLEX = 2;
 tableTypeForPreNURL=0
 
-# flag to show surftips on Surftips.html page for non-administrator users
+# flag to show if pages shall be usable for non-admin users
+# this can be applied to the Surftips.html and yacysearch.html page
 publicSurftips = true
+publicSearchpage = true
 
 # a Java Properties file containig a list of SOAP services that should deployed
 # additionally to the default services. E.g.