Merge e4c34b0bed into 83648481c3

2025-05-09 08:25:00 -04:00 · 2012-04-26 08:14:49 -07:00 · 2012-04-26 08:14:49 -07:00 · dbf21bf021
commit dbf21bf021
parent 83648481c3 e4c34b0bed
4 changed files with 36 additions and 33 deletions
--- a/settings.json.template
+++ b/settings.json.template
@ -51,8 +51,6 @@
     Note: /admin always requires authentication. */
  "requireAuthentication": false,

-  /* Require authorization by a module, or a user with is_admin set, see below. */
-  "requireAuthorization": false,

  /* Users for basic authentication. is_admin = true gives access to /admin.
     If you do not uncomment this, /admin will not be available! */
--- a/src/node/hooks/express/webaccess.js
+++ b/src/node/hooks/express/webaccess.js
@ -8,19 +8,24 @@ var hooks = require('ep_etherpad-lite/static/js/pluginfw/hooks');

 //checks for basic http auth
 exports.basicAuth = function (req, res, next) {
+  
  var hookResultMangle = function (cb) {
    return function (err, data) {
-      return cb(!err && data.length && data[0]);
+      // If data has 1 or more element, use the first one to decide if a user
+      // is authenticated, if its empty or undefined, no plugin gave its 'ok'
+      return cb(!err && data !== undefined && data.length < 1 && data[0]);
    }
  }

  var authorize = function (cb) {
    // Do not require auth for static paths...this could be a bit brittle
    if (req.path.match(/^\/(static|javascripts|pluginfw)/)) return cb(true);
+    
+    var requirePluginAuthorization = hooks.registeredCallbacks('authorize').length > 0;

    if (req.path.indexOf('/admin') != 0) {
      if (!settings.requireAuthentication) return cb(true);
-      if (!settings.requireAuthorization && req.session && req.session.user) return cb(true);
+      if (!requirePluginAuthorization && req.session && req.session.user) return cb(true);
    }

    if (req.session && req.session.user && req.session.user.is_admin) return cb(true);
@ -40,7 +45,7 @@ exports.basicAuth = function (req, res, next) {
        req.session.user = settings.users[username];
        return cb(true);
      }
-        return hooks.aCallFirst("authenticate", {req: req, res:res, next:next, username: username, password: password}, hookResultMangle(cb));
+      return hooks.aCallFirst("authenticate", {req: req, res:res, next:next, username: username, password: password}, hookResultMangle(cb));
    }
    hooks.aCallFirst("authenticate", {req: req, res:res, next:next}, hookResultMangle(cb));
  }
--- a/src/node/utils/Settings.js
+++ b/src/node/utils/Settings.js
@ -80,11 +80,11 @@ exports.abiword = null;
 */
 exports.loglevel = "INFO";

-/* This setting is used if you need authentication and/or
- * authorization. Note: /admin always requires authentication, and
- * either authorization by a module, or a user with is_admin set */
+/* This setting is used if you need authentication.
+ * Note: /admin always requires authentication, and
+ * either authorization by a module, or a user with is_admin set.
+ * Plugins may override this behavior */
 exports.requireAuthentication = false;
-exports.requireAuthorization = false;
 exports.users = {};

 //checks if abiword is avaiable
--- a/src/static/js/pluginfw/hooks.js
+++ b/src/static/js/pluginfw/hooks.js
@ -62,35 +62,32 @@ exports.mapFirst = function (lst, fn, cb) {
 }


-/* Don't use Array.concat as it flatterns arrays within the array */
-exports.flatten = function (lst) {
-  var res = [];
-  if (lst != undefined && lst != null) {
-    for (var i = 0; i < lst.length; i++) {
-      if (lst[i] != undefined && lst[i] != null) {
-        for (var j = 0; j < lst[i].length; j++) {
-          res.push(lst[i][j]);
-	}
-      }
-    }
-  }
-  return res;
+/*
+  Returns all registered callbacks of a hook
+  @param string hook_name the hook to retrieve the callbacks for.
+  @return an array of callback functions, an empty array if no callbacks are registered
+*/
+exports.registeredCallbacks = function (hook_name){
+  return (plugins.hooks[hook_name] !== undefined) ? plugins.hooks[hook_name] : [];
 }

 exports.callAll = function (hook_name, args) {
  if (!args) args = {};
-  if (plugins.hooks[hook_name] === undefined) return [];
-  return _.flatten(_.map(plugins.hooks[hook_name], function (hook) {
-    return hookCallWrapper(hook, hook_name, args);
-  }), true);
+  var callbacks = exports.registeredCallbacks(hook_name);
+  
+  return _.flatten(
+    _.map(callbacks, function (hook) {
+      return hookCallWrapper(hook, hook_name, args);
+    }), true);
 }

 exports.aCallAll = function (hook_name, args, cb) {
  if (!args) args = {};
  if (!cb) cb = function () {};
-  if (plugins.hooks[hook_name] === undefined) return cb(null, []);
+  var callbacks = exports.registeredCallbacks(hook_name);
+  
  async.map(
-    plugins.hooks[hook_name],
+    callbacks,
    function (hook, cb) {
      hookCallWrapper(hook, hook_name, args, function (res) { cb(null, res); });
    },
@ -102,18 +99,21 @@ exports.aCallAll = function (hook_name, args, cb) {

 exports.callFirst = function (hook_name, args) {
  if (!args) args = {};
-  if (plugins.hooks[hook_name][0] === undefined) return [];
-  return exports.syncMapFirst(plugins.hooks[hook_name], function (hook) {
-    return hookCallWrapper(hook, hook_name, args);
+  var callbacks = exports.registeredCallbacks(hook_name);
+  
+  return exports.syncMapFirst(callbacks, function (hook) {
+    var res = hookCallWrapper(hook, hook_name, args);
+    return res !== undefined ? res : [];
  });
 }

 exports.aCallFirst = function (hook_name, args, cb) {
  if (!args) args = {};
  if (!cb) cb = function () {};
-  if (plugins.hooks[hook_name] === undefined) return cb(null, []);
+  var callbacks = exports.registeredCallbacks(hook_name);
+  
  exports.mapFirst(
-    plugins.hooks[hook_name],
+    callbacks,
    function (hook, cb) {
      hookCallWrapper(hook, hook_name, args, function (res) { cb(null, res); });
    },