fix #369 : check if user is admin

src/main/java/org/codelibs/fess/app/web/base/login/FessLoginAssist.java

@@ -68,9 +68,11 @@ public class FessLoginAssist extends TypicalLoginAssist<String, FessUserBean, Fe
 
     @Override
     public OptionalEntity<FessUser> findLoginUser(final String username, final String password) {
-        final OptionalEntity<FessUser> ldapUser = ComponentUtil.getLdapManager().login(username, password);
-        if (ldapUser.isPresent()) {
-            return ldapUser;
+        if (!fessConfig.isAdminUser(username)) {
+            final OptionalEntity<FessUser> ldapUser = ComponentUtil.getLdapManager().login(username, password);
+            if (ldapUser.isPresent()) {
+                return ldapUser;
+            }
         }
         return doFindLoginUser(username, encryptPassword(password));
     }

src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java

@@ -386,6 +386,9 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     /** The key of the configuration. e.g. .fess_config,.fess_user */
     String INDEX_BACKUP_TARGETS = "index.backup.targets";
 
+    /** The key of the configuration. e.g. admin */
+    String AUTHENTICATION_ADMIN_USERS = "authentication.admin.users";
+
     /** The key of the configuration. e.g. admin */
     String AUTHENTICATION_ADMIN_ROLES = "authentication.admin.roles";
 
@@ -1726,11 +1729,18 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
     String getIndexBackupTargets();
 
     /**
-     * Get the value for the key 'authentication.admin.roles'. <br>
+     * Get the value for the key 'authentication.admin.users'. <br>
      * The value is, e.g. admin <br>
      * comment: ------
      * @return The value of found property. (NotNull: if not found, exception but basically no way)
      */
+    String getAuthenticationAdminUsers();
+
+    /**
+     * Get the value for the key 'authentication.admin.roles'. <br>
+     * The value is, e.g. admin <br>
+     * @return The value of found property. (NotNull: if not found, exception but basically no way)
+     */
     String getAuthenticationAdminRoles();
 
     /**
@@ -3236,6 +3246,10 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction
             return get(FessConfig.INDEX_BACKUP_TARGETS);
         }
 
+        public String getAuthenticationAdminUsers() {
+            return get(FessConfig.AUTHENTICATION_ADMIN_USERS);
+        }
+
         public String getAuthenticationAdminRoles() {
             return get(FessConfig.AUTHENTICATION_ADMIN_ROLES);
         }

src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java

@@ -496,4 +496,11 @@ public interface FessProp {
         }
         return buf.toString();
     }
+
+    String getAuthenticationAdminUsers();
+
+    public default boolean isAdminUser(String username) {
+        return StreamUtil.of(getAuthenticationAdminUsers().split(",")).anyMatch(s -> s.equals(username));
+    }
+
 }

src/main/resources/fess_config.properties

@@ -223,6 +223,7 @@ index.backup.targets=.fess_config,.fess_user
 # ----------------------------------------------------------
 #                                                 Permission
 #                                                     ------
+authentication.admin.users=admin
 authentication.admin.roles=admin
 
 search.default.roles=guest