diff --git a/src/main/config/es/fess_config.json b/src/main/config/es/fess_config.json index 0d9dc056f..044c50de9 100644 --- a/src/main/config/es/fess_config.json +++ b/src/main/config/es/fess_config.json @@ -22,6 +22,9 @@ "type": "string", "index": "not_analyzed" }, + "expiredTime" : { + "type" : "long" + }, "createdBy": { "type": "string", "index": "not_analyzed" diff --git a/src/main/java/org/codelibs/fess/Constants.java b/src/main/java/org/codelibs/fess/Constants.java index 35254ff45..008e4dc1e 100644 --- a/src/main/java/org/codelibs/fess/Constants.java +++ b/src/main/java/org/codelibs/fess/Constants.java @@ -363,6 +363,10 @@ public class Constants extends CoreLibConstants { public static final String LDAP_SECURITY_PRINCIPAL = "ldap.security.principal"; + public static final String LDAP_ADMIN_SECURITY_PRINCIPAL = "ldap.admin.security.principal"; + + public static final String LDAP_ADMIN_SECURITY_CREDENTIALS = "ldap.admin.security.credentials"; + public static final String LDAP_PROVIDER_URL = "ldap.provider.url"; public static final String LDAP_SECURITY_AUTHENTICATION = "ldap.security.authentication"; @@ -396,4 +400,6 @@ public class Constants extends CoreLibConstants { public static final String GSA_API_VERSION = "3.2"; public static final String PERMISSIONS = "permissions"; + + public static final String CIPHER_PREFIX = "{cipher}"; } diff --git a/src/main/java/org/codelibs/fess/api/gsa/GsaApiManager.java b/src/main/java/org/codelibs/fess/api/gsa/GsaApiManager.java index cd41f8a3f..e82f3b3ae 100644 --- a/src/main/java/org/codelibs/fess/api/gsa/GsaApiManager.java +++ b/src/main/java/org/codelibs/fess/api/gsa/GsaApiManager.java @@ -49,6 +49,7 @@ import org.codelibs.fess.entity.FacetInfo; import org.codelibs.fess.entity.GeoInfo; import org.codelibs.fess.entity.SearchRenderData; import org.codelibs.fess.entity.SearchRequestParams; +import org.codelibs.fess.exception.InvalidAccessTokenException; import org.codelibs.fess.mylasta.direction.FessConfig; import org.codelibs.fess.util.ComponentUtil; import org.dbflute.optional.OptionalThing; @@ -264,6 +265,11 @@ public class GsaApiManager extends BaseApiManager implements WebApiManager { if (logger.isDebugEnabled()) { logger.debug("Failed to process a search request.", e); } + if (e instanceof InvalidAccessTokenException) { + final InvalidAccessTokenException iate = (InvalidAccessTokenException) e; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setHeader("WWW-Authenticate", "Bearer error=\"" + iate.getType() + "\""); + } } writeXmlResponse(status, xmlDtd, buf.toString(), errMsg); diff --git a/src/main/java/org/codelibs/fess/api/json/JsonApiManager.java b/src/main/java/org/codelibs/fess/api/json/JsonApiManager.java index 999867682..daddba777 100644 --- a/src/main/java/org/codelibs/fess/api/json/JsonApiManager.java +++ b/src/main/java/org/codelibs/fess/api/json/JsonApiManager.java @@ -45,6 +45,7 @@ import org.codelibs.fess.entity.SearchRenderData; import org.codelibs.fess.entity.SearchRequestParams; import org.codelibs.fess.entity.SearchRequestParams.SearchRequestType; import org.codelibs.fess.es.client.FessEsClient; +import org.codelibs.fess.exception.InvalidAccessTokenException; import org.codelibs.fess.exception.WebApiException; import org.codelibs.fess.helper.LabelTypeHelper; import org.codelibs.fess.helper.PopularWordHelper; @@ -62,6 +63,7 @@ import org.elasticsearch.common.xcontent.XContentBuilder; import org.elasticsearch.common.xcontent.XContentFactory; import org.elasticsearch.script.Script; import org.lastaflute.web.util.LaRequestUtil; +import org.lastaflute.web.util.LaResponseUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -538,6 +540,13 @@ public class JsonApiManager extends BaseApiManager { return; } + if (t instanceof InvalidAccessTokenException) { + final InvalidAccessTokenException e = (InvalidAccessTokenException) t; + final HttpServletResponse response = LaResponseUtil.getResponse(); + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setHeader("WWW-Authenticate", "Bearer error=\"" + e.getType() + "\""); + } + final StringBuilder sb = new StringBuilder(); if (StringUtil.isBlank(t.getMessage())) { sb.append(t.getClass().getName()); diff --git a/src/main/java/org/codelibs/fess/api/suggest/SuggestApiManager.java b/src/main/java/org/codelibs/fess/api/suggest/SuggestApiManager.java index 634df0464..0fdf945f2 100644 --- a/src/main/java/org/codelibs/fess/api/suggest/SuggestApiManager.java +++ b/src/main/java/org/codelibs/fess/api/suggest/SuggestApiManager.java @@ -35,6 +35,7 @@ import org.codelibs.fess.entity.FacetInfo; import org.codelibs.fess.entity.GeoInfo; import org.codelibs.fess.entity.SearchRequestParams; import org.codelibs.fess.entity.SearchRequestParams.SearchRequestType; +import org.codelibs.fess.exception.InvalidAccessTokenException; import org.codelibs.fess.helper.RoleQueryHelper; import org.codelibs.fess.helper.SuggestHelper; import org.codelibs.fess.suggest.entity.SuggestItem; @@ -148,6 +149,11 @@ public class SuggestApiManager extends BaseApiManager { if (logger.isDebugEnabled()) { logger.debug("Failed to process a suggest request.", e); } + if (e instanceof InvalidAccessTokenException) { + final InvalidAccessTokenException iate = (InvalidAccessTokenException) e; + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + response.setHeader("WWW-Authenticate", "Bearer error=\"" + iate.getType() + "\""); + } } JsonApiManager.writeJsonResponse(status, buf.toString(), errMsg); diff --git a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java index ba9f30d3f..8a3fa84bc 100644 --- a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java +++ b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/AdminAccesstokenAction.java @@ -15,14 +15,22 @@ */ package org.codelibs.fess.app.web.admin.accesstoken; +import static org.codelibs.core.stream.StreamUtil.split; +import static org.codelibs.core.stream.StreamUtil.stream; + +import java.util.stream.Collectors; + import javax.annotation.Resource; +import org.codelibs.core.lang.StringUtil; import org.codelibs.fess.Constants; import org.codelibs.fess.app.pager.AccessTokenPager; import org.codelibs.fess.app.service.AccessTokenService; import org.codelibs.fess.app.web.CrudMode; import org.codelibs.fess.app.web.base.FessAdminAction; import org.codelibs.fess.es.config.exentity.AccessToken; +import org.codelibs.fess.helper.PermissionHelper; +import org.codelibs.fess.util.ComponentUtil; import org.codelibs.fess.util.RenderDataUtil; import org.dbflute.optional.OptionalEntity; import org.dbflute.optional.OptionalThing; @@ -36,6 +44,12 @@ import org.lastaflute.web.ruts.process.ActionRuntime; */ public class AdminAccesstokenAction extends FessAdminAction { + private static final String TOKEN = "token"; + + private static final String EXPIRES = "expires"; + + private static final String EXPIRED_TIME = "expiredTime"; + // =================================================================================== // Attribute // ========= @@ -120,18 +134,61 @@ public class AdminAccesstokenAction extends FessAdminAction { public HtmlResponse details(final int crudMode, final String id) { verifyCrudMode(crudMode, CrudMode.DETAILS); saveToken(); - return asDetailsHtml().useForm(EditForm.class, op -> { - op.setup(form -> { - accessTokenService.getAccessToken(id).ifPresent(entity -> { - copyBeanToBean(entity, form, copyOp -> { - copyOp.excludeNull(); + return asDetailsHtml().useForm( + EditForm.class, + op -> { + op.setup(form -> { + accessTokenService + .getAccessToken(id) + .ifPresent( + entity -> { + copyBeanToBean(entity, form, copyOp -> copyOp.exclude(Constants.PERMISSIONS, EXPIRED_TIME) + .excludeNull().dateConverter(Constants.DEFAULT_DATETIME_FORMAT, EXPIRES)); + final PermissionHelper permissionHelper = ComponentUtil.getPermissionHelper(); + form.permissions = + stream(entity.getPermissions()).get( + stream -> stream.map(permissionHelper::decode).filter(StringUtil::isNotBlank) + .distinct().collect(Collectors.joining("\n"))); + form.crudMode = crudMode; + }) + .orElse(() -> { + throwValidationError(messages -> messages.addErrorsCrudCouldNotFindCrudTable(GLOBAL, id), + () -> asListHtml()); + }); }); - form.crudMode = crudMode; - }).orElse(() -> { + }); + } + + @Execute + public HtmlResponse edit(final EditForm form) { + validate(form, messages -> {}, () -> asListHtml()); + final String id = form.id; + accessTokenService + .getAccessToken(id) + .ifPresent( + entity -> { + copyBeanToBean( + entity, + form, + op -> op.exclude(Constants.PERMISSIONS, EXPIRED_TIME).dateConverter(Constants.DEFAULT_DATETIME_FORMAT, + EXPIRES)); + final PermissionHelper permissionHelper = ComponentUtil.getPermissionHelper(); + form.permissions = + stream(entity.getPermissions()).get( + stream -> stream.map(permissionHelper::decode).filter(StringUtil::isNotBlank).distinct() + .collect(Collectors.joining("\n"))); + }).orElse(() -> { throwValidationError(messages -> messages.addErrorsCrudCouldNotFindCrudTable(GLOBAL, id), () -> asListHtml()); }); - }); - }); + saveToken(); + if (form.crudMode.intValue() == CrudMode.EDIT) { + // back + form.crudMode = CrudMode.DETAILS; + return asDetailsHtml(); + } else { + form.crudMode = CrudMode.EDIT; + return asEditHtml(); + } } // ----------------------------------------------------- @@ -158,6 +215,26 @@ public class AdminAccesstokenAction extends FessAdminAction { return redirect(getClass()); } + @Execute + public HtmlResponse update(final EditForm form) { + verifyCrudMode(form.crudMode, CrudMode.EDIT); + validate(form, messages -> {}, () -> asEditHtml()); + verifyToken(() -> asEditHtml()); + getAccessToken(form).ifPresent( + entity -> { + try { + accessTokenService.store(entity); + saveInfo(messages -> messages.addSuccessCrudUpdateCrudTable(GLOBAL)); + } catch (final Exception e) { + throwValidationError(messages -> messages.addErrorsCrudFailedToUpdateCrudTable(GLOBAL, buildThrowableMessage(e)), + () -> asEditHtml()); + } + }).orElse(() -> { + throwValidationError(messages -> messages.addErrorsCrudCouldNotFindCrudTable(GLOBAL, form.id), () -> asEditHtml()); + }); + return redirect(getClass()); + } + @Execute public HtmlResponse delete(final EditForm form) { verifyCrudMode(form.crudMode, CrudMode.DETAILS); @@ -208,12 +285,19 @@ public class AdminAccesstokenAction extends FessAdminAction { protected OptionalEntity getAccessToken(final CreateForm form) { final String username = systemHelper.getUsername(); final long currentTime = systemHelper.getCurrentTimeAsLong(); - return getEntity(form, username, currentTime).map(entity -> { - entity.setUpdatedBy(username); - entity.setUpdatedTime(currentTime); - copyBeanToBean(form, entity, op -> op.exclude(Constants.COMMON_CONVERSION_RULE)); - return entity; - }); + return getEntity(form, username, currentTime).map( + entity -> { + entity.setUpdatedBy(username); + entity.setUpdatedTime(currentTime); + copyBeanToBean(form, entity, + op -> op.exclude(Constants.COMMON_CONVERSION_RULE).exclude(TOKEN, Constants.PERMISSIONS, EXPIRED_TIME) + .dateConverter(Constants.DEFAULT_DATETIME_FORMAT, EXPIRES)); + final PermissionHelper permissionHelper = ComponentUtil.getPermissionHelper(); + entity.setPermissions(split(form.permissions, "\n").get( + stream -> stream.map(s -> permissionHelper.encode(s)).filter(StringUtil::isNotBlank).distinct() + .toArray(n -> new String[n]))); + return entity; + }); } // =================================================================================== diff --git a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/CreateForm.java b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/CreateForm.java index e5dd2c5d1..a5b6a5991 100644 --- a/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/CreateForm.java +++ b/src/main/java/org/codelibs/fess/app/web/admin/accesstoken/CreateForm.java @@ -15,6 +15,7 @@ */ package org.codelibs.fess.app.web.admin.accesstoken; +import javax.validation.constraints.Pattern; import javax.validation.constraints.Size; import org.codelibs.fess.app.web.CrudMode; @@ -28,12 +29,21 @@ public class CreateForm { public Integer crudMode; @Required - @Size(max = 10000) + @Size(max = 1000) public String name; @Size(max = 10000) public String token; + @Size(max = 4000) + public String permissions; + + @Size(max = 10000) + public String parameterName; + + @Pattern(regexp = "[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]T[0-9][0-9]:[0-9][0-9]:[0-9][0-9]") + public String expires; + @Required @Size(max = 1000) public String createdBy; diff --git a/src/main/java/org/codelibs/fess/app/web/admin/general/AdminGeneralAction.java b/src/main/java/org/codelibs/fess/app/web/admin/general/AdminGeneralAction.java index ee619a0c8..e6a8bfd9d 100644 --- a/src/main/java/org/codelibs/fess/app/web/admin/general/AdminGeneralAction.java +++ b/src/main/java/org/codelibs/fess/app/web/admin/general/AdminGeneralAction.java @@ -45,6 +45,8 @@ import org.slf4j.LoggerFactory; */ public class AdminGeneralAction extends FessAdminAction { + private static final String DUMMY_PASSWORD = "**********"; + private static final Logger logger = LoggerFactory.getLogger(AdminGeneralAction.class); // =================================================================================== @@ -144,6 +146,10 @@ public class AdminGeneralAction extends FessAdminAction { fessConfig.setPurgeSuggestSearchLogDay(form.purgeSuggestSearchLogDay); fessConfig.setLdapProviderUrl(form.ldapProviderUrl); fessConfig.setLdapSecurityPrincipal(form.ldapSecurityPrincipal); + fessConfig.setLdapAdminSecurityPrincipal(form.ldapAdminSecurityPrincipal); + if (form.ldapAdminSecurityCredentials != null && StringUtil.isNotBlank(form.ldapAdminSecurityCredentials.replace("*", " "))) { + fessConfig.setLdapAdminSecurityCredentials(form.ldapAdminSecurityCredentials); + } fessConfig.setLdapBaseDn(form.ldapBaseDn); fessConfig.setLdapAccountFilter(form.ldapAccountFilter); fessConfig.setNotificationLogin(form.notificationLogin); @@ -182,6 +188,8 @@ public class AdminGeneralAction extends FessAdminAction { form.purgeSuggestSearchLogDay = fessConfig.getPurgeSuggestSearchLogDay(); form.ldapProviderUrl = fessConfig.getLdapProviderUrl(); form.ldapSecurityPrincipal = fessConfig.getLdapSecurityPrincipal(); + form.ldapAdminSecurityPrincipal = fessConfig.getLdapAdminSecurityPrincipal(); + form.ldapAdminSecurityCredentials = DUMMY_PASSWORD;//fessConfig.getLdapAdminSecurityCredentials(); form.ldapBaseDn = fessConfig.getLdapBaseDn(); form.ldapAccountFilter = fessConfig.getLdapAccountFilter(); form.notificationLogin = fessConfig.getNotificationLogin(); diff --git a/src/main/java/org/codelibs/fess/app/web/admin/general/EditForm.java b/src/main/java/org/codelibs/fess/app/web/admin/general/EditForm.java index 27bf70992..b679344b9 100644 --- a/src/main/java/org/codelibs/fess/app/web/admin/general/EditForm.java +++ b/src/main/java/org/codelibs/fess/app/web/admin/general/EditForm.java @@ -127,6 +127,12 @@ public class EditForm { @Size(max = 1000) public String ldapSecurityPrincipal; + @Size(max = 1000) + public String ldapAdminSecurityPrincipal; + + @Size(max = 1000) + public String ldapAdminSecurityCredentials; + @Size(max = 1000) public String ldapBaseDn; diff --git a/src/main/java/org/codelibs/fess/ds/impl/GitBucketDataStoreImpl.java b/src/main/java/org/codelibs/fess/ds/impl/GitBucketDataStoreImpl.java index cb2891db9..b1447b15f 100644 --- a/src/main/java/org/codelibs/fess/ds/impl/GitBucketDataStoreImpl.java +++ b/src/main/java/org/codelibs/fess/ds/impl/GitBucketDataStoreImpl.java @@ -17,16 +17,24 @@ package org.codelibs.fess.ds.impl; import java.io.InputStream; import java.util.ArrayList; +import java.util.Base64; import java.util.Collections; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.function.Consumer; +import java.util.stream.Collectors; import org.apache.commons.io.FilenameUtils; import org.codelibs.core.lang.StringUtil; import org.codelibs.elasticsearch.runner.net.Curl; import org.codelibs.elasticsearch.runner.net.CurlResponse; +import org.codelibs.fess.crawler.client.CrawlerClientFactory; +import org.codelibs.fess.crawler.client.http.HcHttpClient; +import org.codelibs.fess.crawler.client.http.RequestHeader; import org.codelibs.fess.ds.IndexUpdateCallback; +import org.codelibs.fess.es.config.exentity.CrawlingConfig; +import org.codelibs.fess.es.config.exentity.CrawlingConfigWrapper; import org.codelibs.fess.es.config.exentity.DataConfig; import org.elasticsearch.common.xcontent.json.JsonXContent; import org.slf4j.Logger; @@ -42,6 +50,8 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { protected static final String TOKEN_PARAM = "token"; protected static final String GITBUCKET_URL_PARAM = "url"; + protected static final String PRIVATE_REPOSITORY_PARAM = "is_private"; + protected static final String COLLABORATORS_PARAM = "collaborators"; @Override protected void storeData(final DataConfig dataConfig, final IndexUpdateCallback callback, final Map paramMap, @@ -62,19 +72,43 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { return; } + final CrawlingConfig crawlingConfig = new CrawlingConfigWrapper(dataConfig) { + @Override + public Map initializeClientFactory(CrawlerClientFactory crawlerClientFactory) { + final Map paramMap = super.initializeClientFactory(crawlerClientFactory); + List headerList = new ArrayList<>(); + RequestHeader[] headers = (RequestHeader[]) paramMap.get(HcHttpClient.REQUERT_HEADERS_PROPERTY); + if (headers != null) { + for (RequestHeader header : headers) { + headerList.add(header); + } + } + headerList.add(new RequestHeader("Authorization", "token " + authToken)); + paramMap.put(HcHttpClient.REQUERT_HEADERS_PROPERTY, headerList.toArray(new RequestHeader[headerList.size()])); + return paramMap; + } + }; for (final Map repository : repositoryList) { try { final String name = (String) repository.get("name"); final String owner = (String) repository.get("owner"); - repository.get("is_private"); + final List roleList = createRoleList(owner, repository); - final List pathList = collectFileNames(rootURL, authToken, owner, name, "", 0, readInterval); - for (final String path : pathList) { - storeFileContent(rootURL, authToken, owner, name, path, dataConfig, callback, paramMap, scriptMap, defaultDataMap); - if (readInterval > 0) { - sleep(readInterval); - } - } + collectFileNames( + rootURL, + authToken, + owner, + name, + StringUtil.EMPTY, + 0, + readInterval, + path -> { + storeFileContent(rootURL, authToken, owner, name, roleList, path, crawlingConfig, callback, paramMap, + scriptMap, defaultDataMap); + if (readInterval > 0) { + sleep(readInterval); + } + }); } catch (final Exception e) { logger.warn("Failed to access to " + repository, e); } @@ -84,9 +118,9 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { protected String getRootURL(final Map paramMap) { if (paramMap.containsKey(GITBUCKET_URL_PARAM)) { - String url = paramMap.get(GITBUCKET_URL_PARAM); - if (url.charAt(url.length() - 1) != '/') { - url += "/"; + final String url = paramMap.get(GITBUCKET_URL_PARAM); + if (!url.endsWith("/")) { + return url + "/"; } return url; } @@ -103,9 +137,9 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { protected List> getRepositoryList(final String rootURL, final String authToken) { final String url = rootURL + "api/v3/fess/repos"; try (CurlResponse curlResponse = Curl.get(url).header("Authorization", "token " + authToken).execute()) { - curlResponse.getContentAsString(); final Map map = curlResponse.getContentAsMap(); assert (map.containsKey("repositories")); + @SuppressWarnings("unchecked") final List> repoList = (List>) map.get("repositories"); return repoList; } catch (final Exception e) { @@ -114,47 +148,92 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { } } + private List createRoleList(final String owner, final Map repository) { + Boolean isPrivate = true; + if (repository.containsKey(PRIVATE_REPOSITORY_PARAM)) { + isPrivate = (Boolean) repository.get(PRIVATE_REPOSITORY_PARAM); + } + if (!isPrivate) { + return Collections.singletonList("Rguest"); + } + @SuppressWarnings("unchecked") + final List collaboratorList = (List) repository.get(COLLABORATORS_PARAM); + collaboratorList.add(owner); + return collaboratorList.stream().map(user -> "1" + user).collect(Collectors.toList()); + } + + private List createLabelList(final String owner, final String name) { + final List labelList = new ArrayList(); + Collections.addAll(labelList, "GitBucket", owner + "/" + name); + return labelList; + } + private List parseList(final InputStream is) { // TODO This function should be moved to CurlResponse try { return JsonXContent.jsonXContent.createParser(is).list(); } catch (final Exception e) { + logger.warn("Failed to parse a list.", e); return Collections.emptyList(); } } - private void storeFileContent(final String rootURL, final String authToken, final String owner, final String name, final String path, - final DataConfig dataConfig, final IndexUpdateCallback callback, final Map paramMap, - final Map scriptMap, final Map defaultDataMap) { - final String url = rootURL + owner + "/" + name + "/blob/master/" + path; - final String filename = FilenameUtils.getName(url); + private void storeFileContent(final String rootURL, final String authToken, final String owner, final String name, + List roleList, final String path, final CrawlingConfig crawlingConfig, final IndexUpdateCallback callback, + final Map paramMap, final Map scriptMap, final Map defaultDataMap) { + final String apiUrl = rootURL + "api/v3/repos/" + owner + "/" + name + "/contents/" + path; + final String viewUrl = rootURL + owner + "/" + name + "/blob/master/" + path; - try (CurlResponse curlResponse = Curl.get(url).param("raw", "true").header("Authorization", "token " + authToken).execute()) { - logger.info("Get a content from " + url); - // TODO Use DoucmentHelper#processRequest and scriptMap - final Map dataMap = new HashMap<>(); - dataMap.putAll(defaultDataMap); - dataMap.put("title", owner + "/" + name + " : " + filename); - dataMap.put("url", url); - dataMap.put("content", curlResponse.getContentAsString()); - dataMap.put("label", "GitBucket"); // TODO role - - callback.store(paramMap, dataMap); - - } catch (final Exception e) { - // TODO CrawlingAccessException? - logger.warn("Failed to parse " + url, e); + if (logger.isInfoEnabled()) { + logger.info("Get a content from " + apiUrl); } + final Map dataMap = new HashMap<>(); + dataMap.putAll(defaultDataMap); + // FIXME Use DocumentHelper + // dataMap.putAll(ComponentUtil.getDocumentHelper().processRequest(crawlingConfig, paramMap.get("crawlingInfoId"), url)); + dataMap.putAll(processContentRequest(authToken, apiUrl, viewUrl)); + + dataMap.put("role", roleList); + dataMap.put("label", createLabelList(owner, name)); + + // TODO scriptMap + + callback.store(paramMap, dataMap); + return; } - protected List collectFileNames(final String rootURL, final String authToken, final String owner, final String name, - final String path, final int depth, final long readInterval) { + private Map processContentRequest(final String authToken, final String apiUrl, final String viewUrl) { // FIXME should be replaced by DocumentHelper + final Map dataMap = new HashMap<>(); + try (CurlResponse curlResponse = Curl.get(apiUrl).header("Authorization", "token " + authToken).execute()) { + final Map map = curlResponse.getContentAsMap(); + String content = StringUtil.EMPTY; + ; + if (map.containsKey("content")) { + content = (String) map.get("content"); + } + + if (map.containsKey("encoding") && map.get("encoding").equals("base64")) { + content = new String(Base64.getDecoder().decode(content)); + } + + dataMap.put("title", FilenameUtils.getName(apiUrl)); + dataMap.put("url", viewUrl); + dataMap.put("content", content); + + return dataMap; + } catch (final Exception e) { + logger.warn("Failed to get " + apiUrl, e); + return Collections.emptyMap(); + } + } + + protected void collectFileNames(final String rootURL, final String authToken, final String owner, final String name, final String path, + final int depth, final long readInterval, Consumer consumer) { if (MAX_DEPTH <= depth) { - return Collections.emptyList(); + return; } - final List resultList = new ArrayList<>(); final String url = rootURL + "api/v3/repos/" + owner + "/" + name + "/contents/" + path; try (CurlResponse curlResponse = Curl.get(url).header("Authorization", "token " + authToken).execute()) { @@ -162,24 +241,24 @@ public class GitBucketDataStoreImpl extends AbstractDataStoreImpl { final List fileList = parseList(iStream); for (int i = 0; i < fileList.size(); ++i) { + @SuppressWarnings("unchecked") final Map file = (Map) fileList.get(i); final String newPath = path.isEmpty() ? file.get("name") : path + "/" + file.get("name"); switch (file.get("type")) { case "file": - resultList.add(newPath); + consumer.accept(newPath); break; case "dir": if (readInterval > 0) { sleep(readInterval); } - resultList.addAll(collectFileNames(rootURL, authToken, owner, name, newPath, depth + 1, readInterval)); + collectFileNames(rootURL, authToken, owner, name, newPath, depth + 1, readInterval, consumer); break; } } } catch (final Exception e) { logger.warn("Failed to access to " + url, e); } - return resultList; } } diff --git a/src/main/java/org/codelibs/fess/es/config/bsbhv/BsAccessTokenBhv.java b/src/main/java/org/codelibs/fess/es/config/bsbhv/BsAccessTokenBhv.java index 38e6740c1..d15aae8b8 100644 --- a/src/main/java/org/codelibs/fess/es/config/bsbhv/BsAccessTokenBhv.java +++ b/src/main/java/org/codelibs/fess/es/config/bsbhv/BsAccessTokenBhv.java @@ -77,6 +77,7 @@ public abstract class BsAccessTokenBhv extends EsAbstractBehavior ((AccessToken) et).getParameterName(), (et, vl) -> ((AccessToken) et).setParameterName(DfTypeUtil.toString(vl)), "parameterName"); + setupEpg(_epgMap, et -> ((AccessToken) et).getExpiredTime(), (et, vl) -> ((AccessToken) et).setExpiredTime(DfTypeUtil.toLong(vl)), + "expiredTime"); setupEpg(_epgMap, et -> ((AccessToken) et).getCreatedBy(), (et, vl) -> ((AccessToken) et).setCreatedBy(DfTypeUtil.toString(vl)), "createdBy"); setupEpg(_epgMap, et -> ((AccessToken) et).getCreatedTime(), (et, vl) -> ((AccessToken) et).setCreatedTime(DfTypeUtil.toLong(vl)), @@ -137,6 +139,8 @@ public class AccessTokenDbm extends AbstractDBMeta { false, false, false, "String", 0, 0, null, false, null, null, null, null, null, false); protected final ColumnInfo _columnParameterName = cci("parameter_name", "parameter_name", null, null, String.class, "parameterName", null, false, false, false, "String", 0, 0, null, false, null, null, null, null, null, false); + protected final ColumnInfo _columnExpiredTime = cci("expiredTime", "expiredTime", null, null, Long.class, "expiredTime", null, false, + false, false, "Long", 0, 0, null, false, null, null, null, null, null, false); protected final ColumnInfo _columnCreatedBy = cci("createdBy", "createdBy", null, null, String.class, "createdBy", null, false, false, false, "String", 0, 0, null, false, null, null, null, null, null, false); protected final ColumnInfo _columnCreatedTime = cci("createdTime", "createdTime", null, null, Long.class, "createdTime", null, false, @@ -162,6 +166,10 @@ public class AccessTokenDbm extends AbstractDBMeta { return _columnParameterName; } + public ColumnInfo columnExpiredTime() { + return _columnExpiredTime; + } + public ColumnInfo columnCreatedBy() { return _columnCreatedBy; } @@ -184,6 +192,7 @@ public class AccessTokenDbm extends AbstractDBMeta { ls.add(columnToken()); ls.add(columnPermissions()); ls.add(columnParameterName()); + ls.add(columnExpiredTime()); ls.add(columnCreatedBy()); ls.add(columnCreatedTime()); ls.add(columnUpdatedBy()); diff --git a/src/main/java/org/codelibs/fess/es/config/cbean/bs/BsAccessTokenCB.java b/src/main/java/org/codelibs/fess/es/config/cbean/bs/BsAccessTokenCB.java index 148f076a0..276f21bc7 100644 --- a/src/main/java/org/codelibs/fess/es/config/cbean/bs/BsAccessTokenCB.java +++ b/src/main/java/org/codelibs/fess/es/config/cbean/bs/BsAccessTokenCB.java @@ -163,6 +163,10 @@ public class BsAccessTokenCB extends EsAbstractConditionBean { doColumn("parameter_name"); } + public void columnExpiredTime() { + doColumn("expiredTime"); + } + public void columnCreatedBy() { doColumn("createdBy"); } diff --git a/src/main/java/org/codelibs/fess/es/config/cbean/cq/bs/BsAccessTokenCQ.java b/src/main/java/org/codelibs/fess/es/config/cbean/cq/bs/BsAccessTokenCQ.java index da0e1a5eb..2af556a77 100644 --- a/src/main/java/org/codelibs/fess/es/config/cbean/cq/bs/BsAccessTokenCQ.java +++ b/src/main/java/org/codelibs/fess/es/config/cbean/cq/bs/BsAccessTokenCQ.java @@ -990,6 +990,180 @@ public abstract class BsAccessTokenCQ extends EsAbstractConditionQuery { return this; } + public void setExpiredTime_Equal(Long expiredTime) { + setExpiredTime_Term(expiredTime, null); + } + + public void setExpiredTime_Equal(Long expiredTime, ConditionOptionCall opLambda) { + setExpiredTime_Term(expiredTime, opLambda); + } + + public void setExpiredTime_Term(Long expiredTime) { + setExpiredTime_Term(expiredTime, null); + } + + public void setExpiredTime_Term(Long expiredTime, ConditionOptionCall opLambda) { + TermQueryBuilder builder = regTermQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_NotEqual(Long expiredTime) { + setExpiredTime_NotTerm(expiredTime, null); + } + + public void setExpiredTime_NotTerm(Long expiredTime) { + setExpiredTime_NotTerm(expiredTime, null); + } + + public void setExpiredTime_NotEqual(Long expiredTime, ConditionOptionCall opLambda) { + setExpiredTime_NotTerm(expiredTime, opLambda); + } + + public void setExpiredTime_NotTerm(Long expiredTime, ConditionOptionCall opLambda) { + not(not -> not.setExpiredTime_Term(expiredTime), opLambda); + } + + public void setExpiredTime_Terms(Collection expiredTimeList) { + setExpiredTime_Terms(expiredTimeList, null); + } + + public void setExpiredTime_Terms(Collection expiredTimeList, ConditionOptionCall opLambda) { + TermsQueryBuilder builder = regTermsQ("expiredTime", expiredTimeList); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_InScope(Collection expiredTimeList) { + setExpiredTime_Terms(expiredTimeList, null); + } + + public void setExpiredTime_InScope(Collection expiredTimeList, ConditionOptionCall opLambda) { + setExpiredTime_Terms(expiredTimeList, opLambda); + } + + public void setExpiredTime_Match(Long expiredTime) { + setExpiredTime_Match(expiredTime, null); + } + + public void setExpiredTime_Match(Long expiredTime, ConditionOptionCall opLambda) { + MatchQueryBuilder builder = regMatchQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_MatchPhrase(Long expiredTime) { + setExpiredTime_MatchPhrase(expiredTime, null); + } + + public void setExpiredTime_MatchPhrase(Long expiredTime, ConditionOptionCall opLambda) { + MatchQueryBuilder builder = regMatchPhraseQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_MatchPhrasePrefix(Long expiredTime) { + setExpiredTime_MatchPhrasePrefix(expiredTime, null); + } + + public void setExpiredTime_MatchPhrasePrefix(Long expiredTime, ConditionOptionCall opLambda) { + MatchQueryBuilder builder = regMatchPhrasePrefixQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_Fuzzy(Long expiredTime) { + setExpiredTime_Fuzzy(expiredTime, null); + } + + public void setExpiredTime_Fuzzy(Long expiredTime, ConditionOptionCall opLambda) { + FuzzyQueryBuilder builder = regFuzzyQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_GreaterThan(Long expiredTime) { + setExpiredTime_GreaterThan(expiredTime, null); + } + + public void setExpiredTime_GreaterThan(Long expiredTime, ConditionOptionCall opLambda) { + RangeQueryBuilder builder = regRangeQ("expiredTime", ConditionKey.CK_GREATER_THAN, expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_LessThan(Long expiredTime) { + setExpiredTime_LessThan(expiredTime, null); + } + + public void setExpiredTime_LessThan(Long expiredTime, ConditionOptionCall opLambda) { + RangeQueryBuilder builder = regRangeQ("expiredTime", ConditionKey.CK_LESS_THAN, expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_GreaterEqual(Long expiredTime) { + setExpiredTime_GreaterEqual(expiredTime, null); + } + + public void setExpiredTime_GreaterEqual(Long expiredTime, ConditionOptionCall opLambda) { + RangeQueryBuilder builder = regRangeQ("expiredTime", ConditionKey.CK_GREATER_EQUAL, expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_LessEqual(Long expiredTime) { + setExpiredTime_LessEqual(expiredTime, null); + } + + public void setExpiredTime_LessEqual(Long expiredTime, ConditionOptionCall opLambda) { + RangeQueryBuilder builder = regRangeQ("expiredTime", ConditionKey.CK_LESS_EQUAL, expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_Exists() { + setExpiredTime_Exists(null); + } + + public void setExpiredTime_Exists(ConditionOptionCall opLambda) { + ExistsQueryBuilder builder = regExistsQ("expiredTime"); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public void setExpiredTime_CommonTerms(Long expiredTime) { + setExpiredTime_CommonTerms(expiredTime, null); + } + + public void setExpiredTime_CommonTerms(Long expiredTime, ConditionOptionCall opLambda) { + CommonTermsQueryBuilder builder = regCommonTermsQ("expiredTime", expiredTime); + if (opLambda != null) { + opLambda.callback(builder); + } + } + + public BsAccessTokenCQ addOrderBy_ExpiredTime_Asc() { + regOBA("expiredTime"); + return this; + } + + public BsAccessTokenCQ addOrderBy_ExpiredTime_Desc() { + regOBD("expiredTime"); + return this; + } + public void setCreatedBy_Equal(String createdBy) { setCreatedBy_Term(createdBy, null); } diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/AccessToken.java b/src/main/java/org/codelibs/fess/es/config/exentity/AccessToken.java index 316108a45..42a2acdc5 100644 --- a/src/main/java/org/codelibs/fess/es/config/exentity/AccessToken.java +++ b/src/main/java/org/codelibs/fess/es/config/exentity/AccessToken.java @@ -16,6 +16,7 @@ package org.codelibs.fess.es.config.exentity; import java.util.Arrays; +import java.util.Date; import org.codelibs.fess.es.config.bsentity.BsAccessToken; @@ -42,6 +43,17 @@ public class AccessToken extends BsAccessToken { asDocMeta().version(version); } + public Date getExpires() { + if (getExpiredTime() == null) { + return null; + } + return new Date(getExpiredTime().longValue()); + } + + public void setExpires(Date date) { + setExpiredTime(date != null ? date.getTime() : null); + } + @Override public String toString() { return "AccessToken [name=" + name + ", token=" + token + ", permissions=" + Arrays.toString(permissions) + ", parameterName=" diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfig.java b/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfig.java index e1376506f..c55d1186a 100644 --- a/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfig.java +++ b/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfig.java @@ -37,7 +37,7 @@ public interface CrawlingConfig { Integer getTimeToLive(); - void initializeClientFactory(CrawlerClientFactory crawlerClientFactory); + Map initializeClientFactory(CrawlerClientFactory crawlerClientFactory); Map getConfigParameterMap(ConfigName name); diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfigWrapper.java b/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfigWrapper.java new file mode 100644 index 000000000..b2be78c86 --- /dev/null +++ b/src/main/java/org/codelibs/fess/es/config/exentity/CrawlingConfigWrapper.java @@ -0,0 +1,69 @@ +/* + * Copyright 2012-2016 CodeLibs Project and the Others. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific language + * governing permissions and limitations under the License. + */ +package org.codelibs.fess.es.config.exentity; + +import java.util.Map; + +import org.codelibs.fess.crawler.client.CrawlerClientFactory; + +public class CrawlingConfigWrapper implements CrawlingConfig { + + private CrawlingConfig crawlingConfig; + + public CrawlingConfigWrapper(final CrawlingConfig crawlingConfig) { + this.crawlingConfig = crawlingConfig; + } + + public String getId() { + return crawlingConfig.getId(); + } + + public String getName() { + return crawlingConfig.getName(); + } + + public String[] getPermissions() { + return crawlingConfig.getPermissions(); + } + + public String[] getLabelTypeValues() { + return crawlingConfig.getLabelTypeValues(); + } + + public String getDocumentBoost() { + return crawlingConfig.getDocumentBoost(); + } + + public String getIndexingTarget(String input) { + return crawlingConfig.getIndexingTarget(input); + } + + public String getConfigId() { + return crawlingConfig.getConfigId(); + } + + public Integer getTimeToLive() { + return crawlingConfig.getTimeToLive(); + } + + public Map initializeClientFactory(CrawlerClientFactory crawlerClientFactory) { + return crawlingConfig.initializeClientFactory(crawlerClientFactory); + } + + public Map getConfigParameterMap(ConfigName name) { + return crawlingConfig.getConfigParameterMap(name); + } +} diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/DataConfig.java b/src/main/java/org/codelibs/fess/es/config/exentity/DataConfig.java index b52c5edc1..d65b21f5e 100644 --- a/src/main/java/org/codelibs/fess/es/config/exentity/DataConfig.java +++ b/src/main/java/org/codelibs/fess/es/config/exentity/DataConfig.java @@ -182,7 +182,7 @@ public class DataConfig extends BsDataConfig implements CrawlingConfig { } @Override - public void initializeClientFactory(final CrawlerClientFactory crawlerClientFactory) { + public Map initializeClientFactory(final CrawlerClientFactory crawlerClientFactory) { final Map paramMap = getHandlerParameterMap(); final Map factoryParamMap = new HashMap<>(); @@ -353,6 +353,7 @@ public class DataConfig extends BsDataConfig implements CrawlingConfig { } } + return factoryParamMap; } @Override diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/FileConfig.java b/src/main/java/org/codelibs/fess/es/config/exentity/FileConfig.java index 6541deef1..5a3feab68 100644 --- a/src/main/java/org/codelibs/fess/es/config/exentity/FileConfig.java +++ b/src/main/java/org/codelibs/fess/es/config/exentity/FileConfig.java @@ -198,7 +198,7 @@ public class FileConfig extends BsFileConfig implements CrawlingConfig { } @Override - public void initializeClientFactory(final CrawlerClientFactory clientFactory) { + public Map initializeClientFactory(final CrawlerClientFactory clientFactory) { final FileAuthenticationService fileAuthenticationService = ComponentUtil.getComponent(FileAuthenticationService.class); // Parameters @@ -237,6 +237,7 @@ public class FileConfig extends BsFileConfig implements CrawlingConfig { paramMap.put(SmbClient.SMB_AUTHENTICATIONS_PROPERTY, smbAuthList.toArray(new SmbAuthentication[smbAuthList.size()])); paramMap.put(FtpClient.FTP_AUTHENTICATIONS_PROPERTY, ftpAuthList.toArray(new FtpAuthentication[ftpAuthList.size()])); + return paramMap; } @Override diff --git a/src/main/java/org/codelibs/fess/es/config/exentity/WebConfig.java b/src/main/java/org/codelibs/fess/es/config/exentity/WebConfig.java index 0d5a59958..41c6fdfc8 100644 --- a/src/main/java/org/codelibs/fess/es/config/exentity/WebConfig.java +++ b/src/main/java/org/codelibs/fess/es/config/exentity/WebConfig.java @@ -197,7 +197,7 @@ public class WebConfig extends BsWebConfig implements CrawlingConfig { } @Override - public void initializeClientFactory(final CrawlerClientFactory clientFactory) { + public Map initializeClientFactory(final CrawlerClientFactory clientFactory) { final WebAuthenticationService webAuthenticationService = ComponentUtil.getComponent(WebAuthenticationService.class); final RequestHeaderService requestHeaderService = ComponentUtil.getComponent(RequestHeaderService.class); final FessConfig fessConfig = ComponentUtil.getFessConfig(); @@ -237,6 +237,7 @@ public class WebConfig extends BsWebConfig implements CrawlingConfig { paramMap.put(HcHttpClient.REQUERT_HEADERS_PROPERTY, rhList.toArray(new org.codelibs.fess.crawler.client.http.RequestHeader[rhList.size()])); + return paramMap; } @Override diff --git a/src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java b/src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java index 76a6c3ff3..5f0677431 100644 --- a/src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java +++ b/src/main/java/org/codelibs/fess/helper/RoleQueryHelper.java @@ -35,6 +35,7 @@ import org.codelibs.fess.entity.SearchRequestParams.SearchRequestType; import org.codelibs.fess.exception.InvalidAccessTokenException; import org.codelibs.fess.mylasta.action.FessUserBean; import org.codelibs.fess.mylasta.direction.FessConfig; +import org.codelibs.fess.taglib.FessFunctions; import org.codelibs.fess.util.ComponentUtil; import org.lastaflute.web.servlet.request.RequestManager; import org.lastaflute.web.util.LaRequestUtil; @@ -156,13 +157,23 @@ public class RoleQueryHelper { final String token = request.getHeader("Authorization"); if (StringUtil.isNotBlank(token)) { final AccessTokenService accessTokenService = ComponentUtil.getComponent(AccessTokenService.class); - accessTokenService.getAccessTokenByToken(token).ifPresent(accessToken -> { - stream(accessToken.getPermissions()).of(stream -> stream.forEach(roleSet::add)); - final String name = accessToken.getParameterName(); - stream(request.getParameterValues(name)).of(stream -> stream.filter(StringUtil::isNotBlank).forEach(roleSet::add)); - }).orElse(() -> { - throw new InvalidAccessTokenException("invalid_token", "Invalid token: " + token); - }); + accessTokenService + .getAccessTokenByToken(token) + .ifPresent( + accessToken -> { + final Long expiredTime = accessToken.getExpiredTime(); + if (expiredTime != null && expiredTime.longValue() > 0 + && expiredTime.longValue() < ComponentUtil.getSystemHelper().getCurrentTimeAsLong()) { + throw new InvalidAccessTokenException("invalid_token", "The token is expired(" + + FessFunctions.formatDate(FessFunctions.date(expiredTime)) + ")."); + } + stream(accessToken.getPermissions()).of(stream -> stream.forEach(roleSet::add)); + final String name = accessToken.getParameterName(); + stream(request.getParameterValues(name)).of( + stream -> stream.filter(StringUtil::isNotBlank).forEach(roleSet::add)); + }).orElse(() -> { + throw new InvalidAccessTokenException("invalid_token", "Invalid token: " + token); + }); } } diff --git a/src/main/java/org/codelibs/fess/ldap/LdapManager.java b/src/main/java/org/codelibs/fess/ldap/LdapManager.java index c2e078708..a894b8918 100644 --- a/src/main/java/org/codelibs/fess/ldap/LdapManager.java +++ b/src/main/java/org/codelibs/fess/ldap/LdapManager.java @@ -75,8 +75,8 @@ public class LdapManager { protected Hashtable createAdminEnv() { final FessConfig fessConfig = ComponentUtil.getFessConfig(); return createEnvironment(// - fessConfig.getLdapAdminInitialContextFactory(), // - fessConfig.getLdapAdminSecurityAuthentication(), fessConfig.getLdapAdminProviderUrl(), // + fessConfig.getLdapInitialContextFactory(), // + fessConfig.getLdapSecurityAuthentication(), fessConfig.getLdapProviderUrl(), // fessConfig.getLdapAdminSecurityPrincipal(), // fessConfig.getLdapAdminSecurityCredentials()); } @@ -93,8 +93,8 @@ public class LdapManager { protected Hashtable createSearchEnv() { final FessConfig fessConfig = ComponentUtil.getFessConfig(); return createEnvironment(// - fessConfig.getLdapAdminInitialContextFactory(), // - fessConfig.getLdapAdminSecurityAuthentication(), fessConfig.getLdapAdminProviderUrl(), // + fessConfig.getLdapInitialContextFactory(), // + fessConfig.getLdapSecurityAuthentication(), fessConfig.getLdapProviderUrl(), // fessConfig.getLdapAdminSecurityPrincipal(), // fessConfig.getLdapAdminSecurityCredentials()); } diff --git a/src/main/java/org/codelibs/fess/mylasta/action/FessLabels.java b/src/main/java/org/codelibs/fess/mylasta/action/FessLabels.java index f1fb5540d..8a025f824 100644 --- a/src/main/java/org/codelibs/fess/mylasta/action/FessLabels.java +++ b/src/main/java/org/codelibs/fess/mylasta/action/FessLabels.java @@ -197,6 +197,9 @@ public class FessLabels extends UserMessages { /** The key of the message: Expired */ public static final String LABELS_EXPIRED_TIME = "{labels.expiredTime}"; + /** The key of the message: Expired */ + public static final String LABELS_EXPIRES = "{labels.expires}"; + /** The key of the message: Failure Count */ public static final String LABELS_FAILURE_COUNT_THRESHOLD = "{labels.failureCountThreshold}"; @@ -440,9 +443,15 @@ public class FessLabels extends UserMessages { /** The key of the message: LDAP URL */ public static final String LABELS_LDAP_PROVIDER_URL = "{labels.ldapProviderUrl}"; - /** The key of the message: Bind DN */ + /** The key of the message: User DN */ public static final String LABELS_LDAP_SECURITY_PRINCIPAL = "{labels.ldapSecurityPrincipal}"; + /** The key of the message: Bind DN */ + public static final String LABELS_LDAP_ADMIN_SECURITY_PRINCIPAL = "{labels.ldapAdminSecurityPrincipal}"; + + /** The key of the message: Password */ + public static final String LABELS_LDAP_ADMIN_SECURITY_CREDENTIALS = "{labels.ldapAdminSecurityCredentials}"; + /** The key of the message: Base DN */ public static final String LABELS_LDAP_BASE_DN = "{labels.ldapBaseDn}"; @@ -2097,6 +2106,12 @@ public class FessLabels extends UserMessages { /** The key of the message: Token */ public static final String LABELS_access_token_token = "{labels.access_token_token}"; + /** The key of the message: Expired */ + public static final String LABELS_access_token_expires = "{labels.access_token_expires}"; + + /** The key of the message: Parameter Name */ + public static final String LABELS_access_token_parameter_name = "{labels.access_token_parameter_name}"; + /** The key of the message: Created */ public static final String LABELS_access_token_updated_time = "{labels.access_token_updated_time}"; @@ -2319,9 +2334,15 @@ public class FessLabels extends UserMessages { /** The key of the message: LDAP URL */ public static final String LABELS_ldap_provider_url = "{labels.ldap_provider_url}"; - /** The key of the message: Bind DN */ + /** The key of the message: User DN */ public static final String LABELS_ldap_security_principal = "{labels.ldap_security_principal}"; + /** The key of the message: Bind DN */ + public static final String LABELS_ldap_admin_security_principal = "{labels.ldap_admin_security_principal}"; + + /** The key of the message: Password */ + public static final String LABELS_ldap_admin_security_credentials = "{labels.ldap_admin_security_credentials}"; + /** The key of the message: Base DN */ public static final String LABELS_ldap_base_dn = "{labels.ldap_base_dn}"; diff --git a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java index d11839be5..e05bf1b8e 100644 --- a/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java +++ b/src/main/java/org/codelibs/fess/mylasta/direction/FessConfig.java @@ -34,7 +34,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction /** The key of the configuration. e.g. aes */ String APP_CIPHER_ALGORISM = "app.cipher.algorism"; - /** The key of the configuration. e.g. __change_me__ */ + /** The key of the configuration. e.g. ___change__me___ */ String APP_CIPHER_KEY = "app.cipher.key"; /** The key of the configuration. e.g. sha256 */ @@ -835,21 +835,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction /** The key of the configuration. e.g. false */ String LDAP_ADMIN_ENABLED = "ldap.admin.enabled"; - /** The key of the configuration. e.g. com.sun.jndi.ldap.LdapCtxFactory */ - String LDAP_ADMIN_INITIAL_CONTEXT_FACTORY = "ldap.admin.initial.context.factory"; - - /** The key of the configuration. e.g. simple */ - String LDAP_ADMIN_SECURITY_AUTHENTICATION = "ldap.admin.security.authentication"; - - /** The key of the configuration. e.g. ldap://localhost:1389 */ - String LDAP_ADMIN_PROVIDER_URL = "ldap.admin.provider.url"; - - /** The key of the configuration. e.g. cn=Directory Manager */ - String LDAP_ADMIN_SECURITY_PRINCIPAL = "ldap.admin.security.principal"; - - /** The key of the configuration. e.g. password */ - String LDAP_ADMIN_SECURITY_CREDENTIALS = "ldap.admin.security.credentials"; - /** The key of the configuration. e.g. uid=%s */ String LDAP_ADMIN_USER_FILTER = "ldap.admin.user.filter"; @@ -1115,7 +1100,7 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction /** * Get the value for the key 'app.cipher.key'.
- * The value is, e.g. __change_me__
+ * The value is, e.g. ___change__me___
* @return The value of found property. (NotNull: if not found, exception but basically no way) */ String getAppCipherKey(); @@ -3716,41 +3701,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction */ boolean isLdapAdminEnabled(); - /** - * Get the value for the key 'ldap.admin.initial.context.factory'.
- * The value is, e.g. com.sun.jndi.ldap.LdapCtxFactory
- * @return The value of found property. (NotNull: if not found, exception but basically no way) - */ - String getLdapAdminInitialContextFactory(); - - /** - * Get the value for the key 'ldap.admin.security.authentication'.
- * The value is, e.g. simple
- * @return The value of found property. (NotNull: if not found, exception but basically no way) - */ - String getLdapAdminSecurityAuthentication(); - - /** - * Get the value for the key 'ldap.admin.provider.url'.
- * The value is, e.g. ldap://localhost:1389
- * @return The value of found property. (NotNull: if not found, exception but basically no way) - */ - String getLdapAdminProviderUrl(); - - /** - * Get the value for the key 'ldap.admin.security.principal'.
- * The value is, e.g. cn=Directory Manager
- * @return The value of found property. (NotNull: if not found, exception but basically no way) - */ - String getLdapAdminSecurityPrincipal(); - - /** - * Get the value for the key 'ldap.admin.security.credentials'.
- * The value is, e.g. password
- * @return The value of found property. (NotNull: if not found, exception but basically no way) - */ - String getLdapAdminSecurityCredentials(); - /** * Get the value for the key 'ldap.admin.user.filter'.
* The value is, e.g. uid=%s
@@ -5737,26 +5687,6 @@ public interface FessConfig extends FessEnv, org.codelibs.fess.mylasta.direction return is(FessConfig.LDAP_ADMIN_ENABLED); } - public String getLdapAdminInitialContextFactory() { - return get(FessConfig.LDAP_ADMIN_INITIAL_CONTEXT_FACTORY); - } - - public String getLdapAdminSecurityAuthentication() { - return get(FessConfig.LDAP_ADMIN_SECURITY_AUTHENTICATION); - } - - public String getLdapAdminProviderUrl() { - return get(FessConfig.LDAP_ADMIN_PROVIDER_URL); - } - - public String getLdapAdminSecurityPrincipal() { - return get(FessConfig.LDAP_ADMIN_SECURITY_PRINCIPAL); - } - - public String getLdapAdminSecurityCredentials() { - return get(FessConfig.LDAP_ADMIN_SECURITY_CREDENTIALS); - } - public String getLdapAdminUserFilter() { return get(FessConfig.LDAP_ADMIN_USER_FILTER); } diff --git a/src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java b/src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java index f2b180855..ba8d94e2f 100644 --- a/src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java +++ b/src/main/java/org/codelibs/fess/mylasta/direction/FessProp.java @@ -492,6 +492,27 @@ public interface FessProp { return getSystemProperty(Constants.LDAP_SECURITY_PRINCIPAL); } + public default void setLdapAdminSecurityPrincipal(final String value) { + setSystemProperty(Constants.LDAP_ADMIN_SECURITY_PRINCIPAL, value); + } + + public default String getLdapAdminSecurityPrincipal() { + return getSystemProperty(Constants.LDAP_ADMIN_SECURITY_PRINCIPAL); + } + + public default void setLdapAdminSecurityCredentials(final String value) { + setSystemProperty(Constants.LDAP_ADMIN_SECURITY_CREDENTIALS, + Constants.CIPHER_PREFIX + ComponentUtil.getPrimaryCipher().encrypt(value)); + } + + public default String getLdapAdminSecurityCredentials() { + final String value = getSystemProperty(Constants.LDAP_ADMIN_SECURITY_CREDENTIALS); + if (StringUtil.isNotBlank(value) && value.startsWith(Constants.CIPHER_PREFIX)) { + return ComponentUtil.getPrimaryCipher().decrypt(value.substring(Constants.CIPHER_PREFIX.length())); + } + return value; + } + public default void setLdapBaseDn(final String value) { setSystemProperty(Constants.LDAP_BASE_DN, value); } diff --git a/src/main/java/org/codelibs/fess/util/ComponentUtil.java b/src/main/java/org/codelibs/fess/util/ComponentUtil.java index 7c9680641..6d56abe79 100644 --- a/src/main/java/org/codelibs/fess/util/ComponentUtil.java +++ b/src/main/java/org/codelibs/fess/util/ComponentUtil.java @@ -62,6 +62,7 @@ import org.codelibs.fess.mylasta.direction.FessConfig; import org.codelibs.fess.sso.SsoManager; import org.codelibs.fess.thumbnail.ThumbnailManager; import org.lastaflute.core.message.MessageManager; +import org.lastaflute.core.security.PrimaryCipher; import org.lastaflute.di.core.SingletonLaContainer; import org.lastaflute.di.core.factory.SingletonLaContainerFactory; import org.lastaflute.di.core.smart.hot.HotdeployUtil; @@ -376,6 +377,10 @@ public final class ComponentUtil { return getComponent(THUMBNAIL_MANAGER); } + public static PrimaryCipher getPrimaryCipher() { + return getComponent(PrimaryCipher.class); + } + public static CrawlerClientFactory getCrawlerClientFactory() { return getComponent(CrawlerClientFactory.class); } diff --git a/src/main/resources/fess_config.properties b/src/main/resources/fess_config.properties index eb749e02c..c0d308d6f 100644 --- a/src/main/resources/fess_config.properties +++ b/src/main/resources/fess_config.properties @@ -14,7 +14,7 @@ elasticsearch.http.url=http://localhost:9201 # Cryptographer app.cipher.algorism=aes -app.cipher.key=__change_me__ +app.cipher.key=___change__me___ app.digest.algorism=sha256 # JVM options @@ -434,11 +434,6 @@ suggest.search.log.permissions={user}guest,{role}guest # ------ ldap.admin.enabled=false -ldap.admin.initial.context.factory=com.sun.jndi.ldap.LdapCtxFactory -ldap.admin.security.authentication=simple -ldap.admin.provider.url=ldap\://localhost\:1389 -ldap.admin.security.principal=cn\=Directory Manager -ldap.admin.security.credentials=password ldap.admin.user.filter=uid\=%s ldap.admin.user.base.dn=ou\=People,dc\=fess,dc\=codelibs,dc\=org ldap.admin.user.object.classes=organizationalPerson,top,person,inetOrgPerson diff --git a/src/main/resources/fess_indices/.fess_config/access_token.json b/src/main/resources/fess_indices/.fess_config/access_token.json index ae83f10a0..fc9efebb0 100644 --- a/src/main/resources/fess_indices/.fess_config/access_token.json +++ b/src/main/resources/fess_indices/.fess_config/access_token.json @@ -23,6 +23,9 @@ "type": "string", "index": "not_analyzed" }, + "expiredTime": { + "type": "long" + }, "createdBy": { "type": "string", "index": "not_analyzed" diff --git a/src/main/resources/fess_label.properties b/src/main/resources/fess_label.properties index 716c11fea..40eebe4b5 100644 --- a/src/main/resources/fess_label.properties +++ b/src/main/resources/fess_label.properties @@ -55,6 +55,7 @@ labels.errorCount=Error Count labels.errorLog=Error Log labels.errorName=Error Name labels.expiredTime=Expired +labels.expires=Expired labels.failureCountThreshold=Failure Count labels.fileConfigName=File System Config Name labels.fileName=File name @@ -136,7 +137,9 @@ labels.searchParams=Search Parameters labels.fields=Fields labels.ex_q=Extended Query labels.ldapProviderUrl=LDAP URL -labels.ldapSecurityPrincipal=Bind DN +labels.ldapSecurityPrincipal=User DN +labels.ldapAdminSecurityPrincipal=Bind DN +labels.ldapAdminSecurityCredentials=Password labels.ldapBaseDn=Base DN labels.ldapAccountFilter=Account Filter labels.oldPassword=Current Password @@ -689,6 +692,8 @@ labels.access_token_title_details=Access Token labels.access_token_list_name=Name labels.access_token_name=Name labels.access_token_token=Token +labels.access_token_expires=Expired +labels.access_token_parameter_name=Parameter Name labels.access_token_updated_time=Created labels.elevate_word_configuration=Additional Word labels.elevate_word_title_details=Additional Word @@ -763,7 +768,9 @@ labels.general_menu_suggest=Suggest labels.general_menu_ldap=LDAP labels.general_menu_notification=Notification labels.ldap_provider_url=LDAP URL -labels.ldap_security_principal=Bind DN +labels.ldap_security_principal=User DN +labels.ldap_admin_security_principal=Bind DN +labels.ldap_admin_security_credentials=Password labels.ldap_base_dn=Base DN labels.ldap_account_filter=Account Filter labels.notification_login=Login page diff --git a/src/main/resources/fess_label_en.properties b/src/main/resources/fess_label_en.properties index 2a379e1fb..f5c0ef4f3 100644 --- a/src/main/resources/fess_label_en.properties +++ b/src/main/resources/fess_label_en.properties @@ -55,6 +55,7 @@ labels.errorCount=Error Count labels.errorLog=Error Log labels.errorName=Error Name labels.expiredTime=Expired +labels.expires=Expired labels.failureCountThreshold=Failure Count labels.fileConfigName=File System Config Name labels.fileName=File name @@ -136,7 +137,9 @@ labels.searchParams=Search Parameters labels.fields=Fields labels.ex_q=Extended Query labels.ldapProviderUrl=LDAP URL -labels.ldapSecurityPrincipal=Bind DN +labels.ldapSecurityPrincipal=User DN +labels.ldapAdminSecurityPrincipal=Bind DN +labels.ldapAdminSecurityCredentials=Password labels.ldapBaseDn=Base DN labels.ldapAccountFilter=Account Filter labels.oldPassword=Current Password @@ -689,6 +692,8 @@ labels.access_token_title_details=Access Token labels.access_token_list_name=Name labels.access_token_name=Name labels.access_token_token=Token +labels.access_token_expires=Expired +labels.access_token_parameter_name=Parameter Name labels.access_token_updated_time=Created labels.elevate_word_configuration=Additional Word labels.elevate_word_title_details=Additional Word @@ -763,7 +768,9 @@ labels.general_menu_suggest=Suggest labels.general_menu_ldap=LDAP labels.general_menu_notification=Notification labels.ldap_provider_url=LDAP URL -labels.ldap_security_principal=Bind DN +labels.ldap_security_principal=User DN +labels.ldap_admin_security_principal=Bind DN +labels.ldap_admin_security_credentials=Password labels.ldap_base_dn=Base DN labels.ldap_account_filter=Account Filter labels.notification_login=Login page diff --git a/src/main/resources/fess_label_ja.properties b/src/main/resources/fess_label_ja.properties index 35610c91b..d8ba241fb 100644 --- a/src/main/resources/fess_label_ja.properties +++ b/src/main/resources/fess_label_ja.properties @@ -55,6 +55,7 @@ labels.errorCount=\u30a8\u30e9\u30fc\u56de\u6570 labels.errorLog=\u30a8\u30e9\u30fc\u30ed\u30b0 labels.errorName=\u30a8\u30e9\u30fc\u540d labels.expiredTime=\u6709\u52b9\u671f\u9650 +labels.expires=\u6709\u52b9\u671f\u9650 labels.failureCountThreshold=\u969c\u5bb3\u6570 labels.fileConfigName=\u30d5\u30a1\u30a4\u30eb\u30af\u30ed\u30fc\u30eb\u8a2d\u5b9a\u540d labels.fileName=\u30d5\u30a1\u30a4\u30eb\u540d @@ -687,6 +688,8 @@ labels.access_token_title_details=\u30a2\u30af\u30bb\u30b9\u30c8\u30fc\u30af\u30 labels.access_token_list_name=\u540d\u524d labels.access_token_name=\u540d\u524d labels.access_token_token=\u30c8\u30fc\u30af\u30f3 +labels.access_token_expires=\u6709\u52b9\u671f\u9650 +labels.access_token_parameter_name=\u30d1\u30e9\u30e1\u30fc\u30bf\u30fc\u540d labels.access_token_updated_time=\u4f5c\u6210\u65e5 labels.elevate_word_configuration=\u8ffd\u52a0\u306e\u5358\u8a9e labels.elevate_word_title_details=\u8ffd\u52a0\u306e\u5358\u8a9e @@ -761,10 +764,14 @@ labels.general_menu_suggest=\u30b5\u30b8\u30a7\u30b9\u30c8 labels.general_menu_ldap=LDAP labels.general_menu_notification=\u304a\u77e5\u3089\u305b\u8868\u793a labels.ldapProviderUrl=LDAP URL -labels.ldapSecurityPrincipal=Bind DN +labels.ldapSecurityPrincipal=User DN +labels.ldapAdminSecurityPrincipal=Bind DN +labels.ldapAdminSecurityCredentials=\u30d1\u30b9\u30ef\u30fc\u30c9 labels.ldapBaseDn=Base DN labels.ldap_provider_url=LDAP URL -labels.ldap_security_principal=Bind DN +labels.ldap_security_principal=User DN +labels.ldap_admin_security_principal=Bind DN +labels.ldap_admin_security_credentials=\u30d1\u30b9\u30ef\u30fc\u30c9 labels.ldap_base_dn=Base DN labels.ldapAccountFilter=\u30a2\u30ab\u30a6\u30f3\u30c8\u30d5\u30a3\u30eb\u30bf labels.ldap_account_filter=\u30a2\u30ab\u30a6\u30f3\u30c8\u30d5\u30a3\u30eb\u30bf diff --git a/src/main/resources/fess_label_ko.properties b/src/main/resources/fess_label_ko.properties index 233cd9fd1..71330d891 100644 --- a/src/main/resources/fess_label_ko.properties +++ b/src/main/resources/fess_label_ko.properties @@ -743,10 +743,14 @@ labels.general_menu_suggest = \uc11c\uc81c\uc2a4\ud2b8 labels.general_menu_ldap = LDAP labels.general_menu_notification = \ud45c\uc2dc\ub4f1 labels.ldapProviderUrl = LDAP URL -labels.ldapSecurityPrincipal = Bind DN +labels.ldapSecurityPrincipal=User DN +labels.ldapAdminSecurityPrincipal=Bind DN +labels.ldapAdminSecurityCredentials=Password labels.ldapBaseDn = Base DN labels.ldap_provider_url = LDAP URL -labels.ldap_security_principal = Bind DN +labels.ldap_security_principal=User DN +labels.ldap_admin_security_principal=Bind DN +labels.ldap_admin_security_credentials=Password labels.ldap_base_dn = Base DN labels.ldapAccountFilter = \uacc4\uc815 \ud544\ud130 labels.ldap_account_filter = \uacc4\uc815 \ud544\ud130 diff --git a/src/main/resources/fess_label_ru.properties b/src/main/resources/fess_label_ru.properties index 0ad440324..950cbb8c2 100644 --- a/src/main/resources/fess_label_ru.properties +++ b/src/main/resources/fess_label_ru.properties @@ -136,7 +136,9 @@ labels.searchParams=\u041f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u044b \u043 labels.fields=\u041f\u043e\u043b\u044f labels.ex_q=\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 labels.ldapProviderUrl=LDAP URL -labels.ldapSecurityPrincipal=\u041f\u0440\u0438\u0432\u044f\u0437\u0430\u0442\u044c DN +labels.ldapSecurityPrincipal=User DN +labels.ldapAdminSecurityPrincipal=\u041f\u0440\u0438\u0432\u044f\u0437\u0430\u0442\u044c DN +labels.ldapAdminSecurityCredentials=Password labels.ldapBaseDn=\u0411\u0430\u0437\u043e\u0432\u044b\u0439 DN labels.ldapAccountFilter=\u0424\u0438\u043b\u044c\u0442\u0440 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430 labels.oldPassword=\u0422\u0435\u043a\u0443\u0449\u0438\u0439 \u043f\u0430\u0440\u043e\u043b\u044c @@ -754,7 +756,9 @@ labels.general_menu_suggest=Suggest labels.general_menu_ldap=LDAP labels.general_menu_notification=\u0423\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u0438\u0435 labels.ldap_provider_url=LDAP URL -labels.ldap_security_principal=Bind DN +labels.ldap_security_principal=User DN +labels.ldap_admin_security_principal=Bind DN +labels.ldap_admin_security_credentials=Password labels.ldap_base_dn=Base DN labels.ldap_account_filter=Account Filter labels.notification_login=\u0421\u0442\u0440\u0430\u043d\u0438\u0446\u0430 \u0432\u0445\u043e\u0434\u0430 diff --git a/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_details.jsp b/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_details.jsp index bff473eee..ecf2b4877 100644 --- a/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_details.jsp +++ b/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_details.jsp @@ -59,66 +59,32 @@ key="labels.access_token_token" /> ${f:h(token)} + + + ${f:br(f:h(permissions))} + + + + ${f:h(parameterName)} + + + + ${f:h(expires)} + - ${fe:date(updatedTime)} +
- - <%-- - - --%> - - +
diff --git a/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_edit.jsp b/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_edit.jsp index 1459e25d0..4e3102ec5 100644 --- a/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_edit.jsp +++ b/src/main/webapp/WEB-INF/view/admin/accesstoken/admin_accesstoken_edit.jsp @@ -52,6 +52,40 @@ + +
+ +
+ ${f:h(token)} +
+
+ +
+ +
+ + +
+
+
+ +
+ + +
+
+
+ +
+ + +
+
diff --git a/src/main/webapp/WEB-INF/view/admin/general/admin_general.jsp b/src/main/webapp/WEB-INF/view/admin/general/admin_general.jsp index 94649b67a..80725d0c6 100644 --- a/src/main/webapp/WEB-INF/view/admin/general/admin_general.jsp +++ b/src/main/webapp/WEB-INF/view/admin/general/admin_general.jsp @@ -332,16 +332,6 @@ styleClass="form-control" />
-
- -
- - -
-
+
+ +
+ + +
+
+
+ +
+ + +
+
+
+ +
+ + +
+