Mercurial > gemma
annotate pkg/middleware/modifyquery.go @ 942:912d016275ee
client: add arrow to drawn linesegment
* Add styling function that will place an icon png image at the end
of each drawn line segment, in the right rotation.
Note that this does not look perfectly centered, see comment in the
code.
author | Bernhard Reiter <bernhard@intevation.de> |
---|---|
date | Tue, 09 Oct 2018 18:39:01 +0200 |
parents | 1b08432a0e5d |
children | a244b18cb916 |
rev | line source |
---|---|
419
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
1 package middleware |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
2 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
3 import ( |
467
73c7b2d6246e
Used hex-encoded usernames and a stored procedure to decode them to impersonate with the metamorph user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
438
diff
changeset
|
4 "encoding/hex" |
419
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
5 "log" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
6 "net/http" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
7 "net/url" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
8 "strings" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
9 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
10 "gemma.intevation.de/gemma/pkg/auth" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
11 ) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
12 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
13 // ParseQuery is a modified version of the internal query |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
14 // parser of the url.parseQuery of the standard library. |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
15 func ParseQuery( |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
16 m url.Values, |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
17 query string, |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
18 keySep, valueSep string, |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
19 unescape func(string) (string, error), |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
20 ) error { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
21 if unescape == nil { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
22 unescape = url.QueryUnescape |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
23 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
24 for query != "" { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
25 key := query |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
26 if i := strings.Index(key, keySep); i >= 0 { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
27 key, query = key[:i], key[i+1:] |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
28 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
29 } else { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
30 query = "" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
31 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
32 if key == "" { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
33 continue |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
34 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
35 value := "" |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
36 if i := strings.Index(key, valueSep); i >= 0 { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
37 key, value = key[:i], key[i+1:] |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
38 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
39 key, err := unescape(key) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
40 if err != nil { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
41 return err |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
42 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
43 value, err = unescape(value) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
44 if err != nil { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
45 return err |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
46 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
47 m[key] = append(m[key], value) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
48 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
49 return nil |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
50 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
51 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
52 func ModifyQuery(next http.Handler, modify func(*http.Request, url.Values) error) http.Handler { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
53 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
54 return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
55 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
56 // GeoServer query parameters contain ';' as sub key separators. |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
57 // If we would use req.URL.Query() this would be split |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
58 // at the wrong level resulting in broken key/value pairs. |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
59 // So we do the splitting ourselves. |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
60 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
61 parameters := make(url.Values) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
62 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
63 if err := ParseQuery(parameters, req.URL.RawQuery, "&", "=", nil); err != nil { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
64 log.Printf("parsing query failed: %v\n", err) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
65 http.Error(rw, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
66 return |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
67 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
68 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
69 if err := modify(req, parameters); err != nil { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
70 log.Printf("modifying query parameters failed: %v\n", err) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
71 http.Error(rw, http.StatusText(http.StatusBadRequest), http.StatusBadRequest) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
72 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
73 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
74 req.URL.RawQuery = parameters.Encode() |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
75 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
76 next.ServeHTTP(rw, req) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
77 }) |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
78 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
79 |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
80 func InjectUser(req *http.Request, parameters url.Values) error { |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
81 // To prevent SQL injections |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
82 parameters.Del("env") |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
83 |
471
1b08432a0e5d
Cosmetics.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
467
diff
changeset
|
84 if session, ok := auth.GetSession(req); ok { |
419
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
85 log.Printf("Injecting user %s\n", session.User) |
467
73c7b2d6246e
Used hex-encoded usernames and a stored procedure to decode them to impersonate with the metamorph user.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
438
diff
changeset
|
86 parameters.Set("env", "user:"+hex.EncodeToString([]byte(session.User))) |
419
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
87 } |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
88 return nil |
6627c48363a0
First attempt for user injection of proxy for using GeoServer with role based security.
Sascha L. Teichmann <sascha.teichmann@intevation.de>
parents:
diff
changeset
|
89 } |