Skip to content

Commit 76f68a1

Browse files
added anonymous user access controls and config file
1 parent 3db9fa3 commit 76f68a1

File tree

5 files changed

+66
-18
lines changed

5 files changed

+66
-18
lines changed

Roadmap.txt

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,8 +4,7 @@
44
Release 0.4 (4/27/12)
55
- virtual nodes
66
- data set mirroring
7-
- config file
8-
- install script
7+
- config file: Done
98
- logging
109
- feature file format: Done
1110
- web UI (upload, view, download)

conf/conf.go

Lines changed: 14 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,10 +22,15 @@ var (
2222
// Config File
2323
CONFIGFILE = ""
2424

25-
// Shock
25+
// Ports
2626
SITEPORT = 0
2727
APIPORT = 0
2828

29+
// Anonymous-Access-Control
30+
ANONWRITE = false
31+
ANONREAD = true
32+
ANONCREATEUSER = false
33+
2934
// Admin
3035
ADMINEMAIL = ""
3136
SECRETKEY = ""
@@ -52,9 +57,14 @@ func init() {
5257
os.Exit(1)
5358
}
5459

55-
// Shock
56-
SITEPORT, _ = c.Int("Shock", "site-port")
57-
APIPORT, _ = c.Int("Shock", "api-port")
60+
// Ports
61+
SITEPORT, _ = c.Int("Ports", "site-port")
62+
APIPORT, _ = c.Int("Ports", "api-port")
63+
64+
// Access-Control
65+
ANONWRITE, _ = c.Bool("Anonymous", "write")
66+
ANONREAD, _ = c.Bool("Anonymous", "read")
67+
ANONCREATEUSER, _ = c.Bool("Anonymous", "create-user")
5868

5969
// Admin
6070
ADMINEMAIL, _ = c.String("Admin", "email")

shock-server/nodeController.go

Lines changed: 20 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package main
22

33
import (
44
"fmt"
5+
"github.com/MG-RAST/Shock/conf"
56
e "github.com/MG-RAST/Shock/errors"
67
"github.com/MG-RAST/Shock/store"
78
"github.com/MG-RAST/Shock/store/filter"
@@ -38,7 +39,12 @@ func (cr *NodeController) Create(cx *goweb.Context) {
3839

3940
// Fake public user
4041
if u == nil {
41-
u = &user.User{Uuid: ""}
42+
if conf.ANONWRITE {
43+
u = &user.User{Uuid: ""}
44+
} else {
45+
cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized)
46+
return
47+
}
4248
}
4349

4450
// Parse uploaded form
@@ -117,7 +123,12 @@ func (cr *NodeController) Read(id string, cx *goweb.Context) {
117123

118124
// Fake public user
119125
if u == nil {
120-
u = &user.User{Uuid: ""}
126+
if conf.ANONREAD {
127+
u = &user.User{Uuid: ""}
128+
} else {
129+
cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized)
130+
return
131+
}
121132
}
122133

123134
// Gather query params
@@ -268,8 +279,13 @@ func (cr *NodeController) ReadMany(cx *goweb.Context) {
268279
q["$or"] = []bson.M{bson.M{"acl.read": []string{}}, bson.M{"acl.read": u.Uuid}}
269280
}
270281
} else {
271-
// select on only nodes with no read rights set
272-
q["acl.read"] = []string{}
282+
if conf.ANONREAD {
283+
// select on only nodes with no read rights set
284+
q["acl.read"] = []string{}
285+
} else {
286+
cx.RespondWithErrorMessage(e.NoAuth, http.StatusUnauthorized)
287+
return
288+
}
273289
}
274290

275291
// Gather params to make db query. Do not include the

shock-server/userController.go

Lines changed: 16 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,11 +35,25 @@ func (cr *UserController) Create(cx *goweb.Context) {
3535
}
3636

3737
authValuesArray := strings.Split(string(authValues), ":")
38+
if conf.ANONCREATEUSER == false && len(authValuesArray) != 4 {
39+
if len(authValuesArray) == 2 {
40+
cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized)
41+
return
42+
} else {
43+
cx.RespondWithError(http.StatusBadRequest)
44+
return
45+
}
46+
}
3847
name := authValuesArray[0]
3948
passwd := authValuesArray[1]
4049
admin := false
41-
if len(authValuesArray) > 2 && authValuesArray[2] == fmt.Sprint(conf.SECRETKEY) {
42-
admin = true
50+
if len(authValuesArray) == 4 {
51+
if authValuesArray[2] != fmt.Sprint(conf.SECRETKEY) {
52+
cx.RespondWithErrorMessage(e.UnAuth, http.StatusUnauthorized)
53+
return
54+
} else if authValuesArray[3] == "true" {
55+
admin = true
56+
}
4357
}
4458
u, err := user.New(name, passwd, admin)
4559
if err != nil {

shock.cfg.template

Lines changed: 15 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,13 @@
1-
[Shock]
1+
[Anonymous]
2+
# Controls weither an anonymous user can read/write
3+
# values: true/false
4+
read=true
5+
write=false
6+
create-user=false
7+
8+
[Ports]
9+
# Ports for site/api
10+
# Note: use of port 80 may require root access
211
site-port=80
312
api-port=8000
413

@@ -7,17 +16,17 @@ [email protected]
716
secretkey=supersecretkey
817

918
[Directories]
19+
# See documentation for details of deploying Shock
1020
site=/local/shock/site
1121
data=/local/shock
1222
logs=/var/log/shock
1323

1424
[Mongodb]
15-
# Pattern:
16-
# hosts=host1[,host2,...,hostN]
25+
# Mongodb configuration:
26+
# Hostnames and ports hosts=host1[,host2:port,...,hostN]
1727
hosts=localhost
1828

19-
[Node-Indices]
29+
[Mongodb-Node-Indices]
2030
# See http://www.mongodb.org/display/DOCS/Indexes#Indexes-CreationOptions for more info on mongodb index options.
21-
# Pattern:
22-
# key=unique:true/false[,dropDups:true/false][,sparse:true/false]
31+
# key=unique:true/false[,dropDups:true/false][,sparse:true/false]
2332
id=unique:true

0 commit comments

Comments
 (0)