litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adding email/pw auth to sparql query page

Browse source
This commit is contained in:
Brian Caruso 2013-09-27 16:04:06 -04:00
parent 86156aaad4
commit 1658d7784a
1 changed files with 14 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/SparqlQueryServlet.java
View file

@ -41,8 +41,8 @@ import com.hp.hpl.jena.vocabulary.XSD;
import edu.cornell.mannlib.vedit.controller.BaseEditController;
import edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission;
import edu.cornell.mannlib.vitro.webapp.auth.policy.PolicyHelper;
import edu.cornell.mannlib.vitro.webapp.beans.Ontology;
import edu.cornell.mannlib.vitro.webapp.controller.individual.IndividualController;
import edu.cornell.mannlib.vitro.webapp.dao.OntologyDao;
import edu.cornell.mannlib.vitro.webapp.rdfservice.RDFService;
import edu.cornell.mannlib.vitro.webapp.rdfservice.RDFService.ModelSerializationFormat;
@ -92,13 +92,21 @@ public class SparqlQueryServlet extends BaseEditController {
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException
{
if (!isAuthorizedToDisplayPage(request, response,
SimplePermission.USE_SPARQL_QUERY_PAGE.ACTIONS)) {
return;
}
VitroRequest vreq = new VitroRequest(request);
//first check if the email and password are just in the request
String email = vreq.getParameter("email");
String password = vreq.getParameter("password");
boolean isAuth = PolicyHelper.isAuthorizedForActions(vreq,
email, password, SimplePermission.USE_SPARQL_QUERY_PAGE.ACTIONS);
//otherwise use the normal auth mechanism
if( ! isAuth &&
!isAuthorizedToDisplayPage(request, response,
SimplePermission.USE_SPARQL_QUERY_PAGE.ACTIONS)) {
return;
}
Model model = vreq.getJenaOntModel();
if( model == null ){
doNoModelInContext(response);