提交 3dca6783 authored 作者: Evgenij Ryazanov's avatar Evgenij Ryazanov

Allow transparent access to settings and tools of H2 Console

上级 950698bd
...@@ -281,6 +281,10 @@ public class WebApp { ...@@ -281,6 +281,10 @@ public class WebApp {
if (b != null && b) { if (b != null && b) {
return true; return true;
} }
String key = server.getKey();
if (key != null && key.equals(session.get("key"))) {
return true;
}
session.put("adminBack", file); session.put("adminBack", file);
return false; return false;
} }
......
...@@ -169,6 +169,7 @@ public class WebServer implements Service { ...@@ -169,6 +169,7 @@ public class WebServer implements Service {
private Thread listenerThread; private Thread listenerThread;
private boolean ifExists = true; private boolean ifExists = true;
private String key; private String key;
private boolean allowSecureCreation;
private boolean trace; private boolean trace;
private TranslateThread translateThread; private TranslateThread translateThread;
private boolean allowChunked = true; private boolean allowChunked = true;
...@@ -267,6 +268,15 @@ public class WebServer implements Service { ...@@ -267,6 +268,15 @@ public class WebServer implements Service {
return startDateTime; return startDateTime;
} }
/**
* Returns the key for privileged connections.
*
* @return key key, or null
*/
String getKey() {
return key;
}
/** /**
* Sets the key for privileged connections. * Sets the key for privileged connections.
* *
...@@ -278,6 +288,16 @@ public class WebServer implements Service { ...@@ -278,6 +288,16 @@ public class WebServer implements Service {
} }
} }
/**
* @param allowSecureCreation
* whether creation of databases using the key should be allowed
*/
public void setAllowSecureCreation(boolean allowSecureCreation) {
if (!allowOthers) {
this.allowSecureCreation = allowSecureCreation;
}
}
@Override @Override
public void init(String... args) { public void init(String... args) {
// set the serverPropertiesDir, because it's used in loadProperties() // set the serverPropertiesDir, because it's used in loadProperties()
...@@ -750,7 +770,7 @@ public class WebServer implements Service { ...@@ -750,7 +770,7 @@ public class WebServer implements Service {
// encrypted H2 database with empty user password doesn't work // encrypted H2 database with empty user password doesn't work
p.setProperty("password", password); p.setProperty("password", password);
if (databaseUrl.startsWith("jdbc:h2:")) { if (databaseUrl.startsWith("jdbc:h2:")) {
if (key == null || !key.equals(userKey)) { if (!allowSecureCreation || key == null || !key.equals(userKey)) {
if (ifExists) { if (ifExists) {
databaseUrl += ";IFEXISTS=TRUE"; databaseUrl += ";IFEXISTS=TRUE";
} }
......
...@@ -201,9 +201,9 @@ public class Console extends Tool implements ShutdownHandler { ...@@ -201,9 +201,9 @@ public class Console extends Tool implements ShutdownHandler {
if (webStart) { if (webStart) {
try { try {
String webKey = ifExists || webAllowOthers ? null String webKey = webAllowOthers ? null
: StringUtils.convertBytesToHex(MathUtils.secureRandomBytes(32)); : StringUtils.convertBytesToHex(MathUtils.secureRandomBytes(32));
web = Server.createWebServer(args, webKey); web = Server.createWebServer(args, webKey, !ifExists);
web.setShutdownHandler(this); web.setShutdownHandler(this);
web.start(); web.start();
if (printStatus) { if (printStatus) {
......
...@@ -426,19 +426,24 @@ public class Server extends Tool implements Runnable, ShutdownHandler { ...@@ -426,19 +426,24 @@ public class Server extends Tool implements Runnable, ShutdownHandler {
* @return the server * @return the server
*/ */
public static Server createWebServer(String... args) throws SQLException { public static Server createWebServer(String... args) throws SQLException {
return createWebServer(args, null); return createWebServer(args, null, false);
} }
/** /**
* Create a new web server, but does not start it yet. * Create a new web server, but does not start it yet.
* *
* @param args the argument list * @param args
* @param key key, or null * the argument list
* @param key
* key, or null
* @param allowSecureCreation
* whether creation of databases using the key should be allowed
* @return the server * @return the server
*/ */
static Server createWebServer(String[] args, String key) throws SQLException { static Server createWebServer(String[] args, String key, boolean allowSecureCreation) throws SQLException {
WebServer service = new WebServer(); WebServer service = new WebServer();
service.setKey(key); service.setKey(key);
service.setAllowSecureCreation(allowSecureCreation);
Server server = new Server(service, args); Server server = new Server(service, args);
service.setShutdownHandler(server); service.setShutdownHandler(server);
return server; return server;
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论