Exemple #1
0
 private boolean initialize(HttpServletRequest request, ModelAndView next, WikiPageInfo pageInfo)
     throws Exception {
   setProperties(request, next);
   WikiUser user = setAdminUser(request);
   List<WikiMessage> errors = validate(request, user);
   if (!errors.isEmpty()) {
     this.view(request, next, pageInfo);
     next.addObject("errors", errors);
     next.addObject("username", user.getUsername());
     next.addObject("newPassword", request.getParameter("newPassword"));
     next.addObject("confirmPassword", request.getParameter("confirmPassword"));
     return false;
   }
   if (previousInstall() && request.getParameter("override") == null) {
     // user is trying to do a new install when a previous installation exists
     next.addObject("upgrade", "true");
     next.addObject("username", user.getUsername());
     next.addObject("newPassword", request.getParameter("newPassword"));
     next.addObject("confirmPassword", request.getParameter("confirmPassword"));
     return false;
   }
   Environment.setBooleanValue(Environment.PROP_BASE_INITIALIZED, true);
   Environment.setValue(Environment.PROP_BASE_WIKI_VERSION, WikiVersion.CURRENT_WIKI_VERSION);
   String username = request.getParameter("username");
   String newPassword = request.getParameter("newPassword");
   String encryptedPassword = Encryption.encrypt(newPassword);
   WikiBase.reset(request.getLocale(), user, username, encryptedPassword);
   JAMWikiAuthenticationConfiguration.resetJamwikiAnonymousAuthorities();
   JAMWikiAuthenticationConfiguration.resetDefaultGroupRoles();
   Environment.saveProperties();
   // the setup process does not add new topics to the index (currently)
   // TODO - remove this once setup uses safe connection handling
   WikiBase.getSearchEngine().refreshIndex();
   // force current user credentials to be removed and re-validated.
   SecurityContextHolder.clearContext();
   return true;
 }
Exemple #2
0
 /**
  * Build a map of links and the corresponding link text to be used as the user menu links for the
  * WikiPageInfo object.
  */
 private static LinkedHashMap buildUserMenu() {
   LinkedHashMap links = new LinkedHashMap();
   WikiUser user = Utilities.currentUser();
   if (user.hasRole(Role.ROLE_ANONYMOUS) && !user.hasRole(Role.ROLE_EMBEDDED)) {
     links.put("Special:Login", new WikiMessage("common.login"));
     links.put("Special:Account", new WikiMessage("usermenu.register"));
   }
   if (user.hasRole(Role.ROLE_USER)) {
     String userPage =
         NamespaceHandler.NAMESPACE_USER
             + NamespaceHandler.NAMESPACE_SEPARATOR
             + user.getUsername();
     String userCommentsPage =
         NamespaceHandler.NAMESPACE_USER_COMMENTS
             + NamespaceHandler.NAMESPACE_SEPARATOR
             + user.getUsername();
     String username = user.getUsername();
     if (StringUtils.hasText(user.getDisplayName())) {
       username = user.getDisplayName();
     }
     links.put(userPage, new WikiMessage("usermenu.user", username));
     links.put(userCommentsPage, new WikiMessage("usermenu.usercomments"));
     links.put("Special:Watchlist", new WikiMessage("usermenu.watchlist"));
   }
   if (user.hasRole(Role.ROLE_USER) && !user.hasRole(Role.ROLE_NO_ACCOUNT)) {
     links.put("Special:Account", new WikiMessage("usermenu.account"));
   }
   if (user.hasRole(Role.ROLE_USER) && !user.hasRole(Role.ROLE_EMBEDDED)) {
     links.put("Special:Logout", new WikiMessage("common.logout"));
   }
   if (user.hasRole(Role.ROLE_SYSADMIN)) {
     links.put("Special:Admin", new WikiMessage("usermenu.admin"));
   } else if (user.hasRole(Role.ROLE_TRANSLATE)) {
     links.put("Special:Translation", new WikiMessage("tab.admin.translations"));
   }
   return links;
 }
Exemple #3
0
 private static void setupAdminUser(WikiUser user, Connection conn) throws Exception {
   if (user == null) {
     throw new Exception("Admin user not specified");
   }
   if (WikiBase.getDataHandler().lookupWikiUser(user.getUserId(), conn) != null) {
     logger.warning("Admin user already exists");
   }
   WikiUserInfo userInfo = null;
   if (WikiBase.getUserHandler().isWriteable()) {
     userInfo = new WikiUserInfo();
     userInfo.setEncodedPassword(user.getPassword());
     userInfo.setUsername(user.getUsername());
     userInfo.setUserId(user.getUserId());
   }
   WikiBase.getDataHandler().writeWikiUser(user, userInfo, conn);
 }
Exemple #4
0
 private List<WikiMessage> validate(HttpServletRequest request, WikiUser user) throws Exception {
   List<WikiMessage> errors = ServletUtil.validateSystemSettings(Environment.getInstance());
   if (StringUtils.isBlank(user.getUsername())) {
     errors.add(new WikiMessage("error.loginempty"));
   }
   String newPassword = request.getParameter("newPassword");
   String confirmPassword = request.getParameter("confirmPassword");
   if (newPassword != null || confirmPassword != null) {
     if (newPassword == null) {
       errors.add(new WikiMessage("error.newpasswordempty"));
     } else if (confirmPassword == null) {
       errors.add(new WikiMessage("error.passwordconfirm"));
     } else if (!newPassword.equals(confirmPassword)) {
       errors.add(new WikiMessage("admin.message.passwordsnomatch"));
     }
   }
   return errors;
 }
Exemple #5
0
 /** Override the parent method to update the last login date on successful authentication. */
 protected void successfulAuthentication(
     HttpServletRequest request,
     HttpServletResponse response,
     FilterChain chain,
     Authentication auth)
     throws IOException, ServletException {
   super.successfulAuthentication(request, response, chain, auth);
   Object principal = auth.getPrincipal();
   // find authenticated username
   String username = null;
   if (principal instanceof UserDetails) {
     // using custom authentication with Spring Security UserDetail service
     username = ((UserDetails) principal).getUsername();
   } else if (principal instanceof String) {
     // external authentication returns only username
     username = String.valueOf(principal);
   }
   if (username != null) {
     try {
       WikiUser wikiUser = WikiBase.getDataHandler().lookupWikiUser(username);
       if (wikiUser != null) {
         wikiUser.setLastLoginDate(new Timestamp(System.currentTimeMillis()));
         WikiBase.getDataHandler().writeWikiUser(wikiUser, wikiUser.getUsername(), "");
         // update password reset challenge fields, just in case
         wikiUser.setChallengeValue(null);
         wikiUser.setChallengeDate(null);
         wikiUser.setChallengeIp(null);
         wikiUser.setChallengeTries(0);
         WikiBase.getDataHandler().updatePwResetChallengeData(wikiUser);
       }
     } catch (WikiException e) {
       // log but do not throw - failure to update last login date is non-fatal
       logger.error("Failure while updating last login date for " + username, e);
     }
   }
 }
Exemple #6
0
 private void writePages(
     Writer writer, String virtualWiki, List<String> topicNames, boolean excludeHistory)
     throws DataAccessException, IOException, MigrationException {
   // note that effort is being made to re-use temporary objects as this
   // code can generate an OOM "GC overhead limit exceeded" with HUGE (500MB) topics
   // since the garbage collector ends up being invoked excessively.
   TopicVersion topicVersion;
   Topic topic;
   WikiUser user;
   // choose 100,000 as an arbitrary max
   Pagination pagination = new Pagination(100000, 0);
   List<Integer> topicVersionIds;
   Map<String, String> textAttributes = new HashMap<String, String>();
   textAttributes.put("xml:space", "preserve");
   for (String topicName : topicNames) {
     topicVersionIds = new ArrayList<Integer>();
     topic = WikiBase.getDataHandler().lookupTopic(virtualWiki, topicName, false);
     if (topic == null) {
       throw new MigrationException(
           "Failure while exporting: topic " + topicName + " does not exist");
     }
     writer.append("\n<page>");
     writer.append('\n');
     XMLUtil.buildTag(writer, "title", topic.getName(), true);
     writer.append('\n');
     XMLUtil.buildTag(writer, "id", topic.getTopicId());
     if (excludeHistory) {
       // only include the most recent version
       topicVersionIds.add(topic.getCurrentVersionId());
     } else {
       // FIXME - changes sorted newest-to-oldest, should be reverse
       List<RecentChange> changes =
           WikiBase.getDataHandler().getTopicHistory(topic, pagination, true);
       for (int i = (changes.size() - 1); i >= 0; i--) {
         topicVersionIds.add(changes.get(i).getTopicVersionId());
       }
     }
     for (int topicVersionId : topicVersionIds) {
       topicVersion = WikiBase.getDataHandler().lookupTopicVersion(topicVersionId);
       writer.append("\n<revision>");
       writer.append('\n');
       XMLUtil.buildTag(writer, "id", topicVersion.getTopicVersionId());
       writer.append('\n');
       XMLUtil.buildTag(
           writer, "timestamp", this.parseJAMWikiTimestamp(topicVersion.getEditDate()), true);
       writer.append("\n<contributor>");
       user =
           (topicVersion.getAuthorId() != null)
               ? WikiBase.getDataHandler().lookupWikiUser(topicVersion.getAuthorId())
               : null;
       if (user != null) {
         writer.append('\n');
         XMLUtil.buildTag(writer, "username", user.getUsername(), true);
         writer.append('\n');
         XMLUtil.buildTag(writer, "id", user.getUserId());
       } else if (Utilities.isIpAddress(topicVersion.getAuthorDisplay())) {
         writer.append('\n');
         XMLUtil.buildTag(writer, "ip", topicVersion.getAuthorDisplay(), true);
       } else {
         writer.append('\n');
         XMLUtil.buildTag(writer, "username", topicVersion.getAuthorDisplay(), true);
       }
       writer.append("\n</contributor>");
       writer.append('\n');
       XMLUtil.buildTag(writer, "comment", topicVersion.getEditComment(), true);
       writer.append('\n');
       XMLUtil.buildTag(writer, "text", topicVersion.getVersionContent(), textAttributes, true);
       writer.append("\n</revision>");
       // explicitly null out temp variables to improve garbage collection and
       // avoid OOM "GC overhead limit exceeded" errors on HUGE (500MB) topics
       topicVersion = null;
       user = null;
     }
     writer.append("\n</page>");
   }
 }