Allow transparent access to settings and tools of H2 Console

h2/src/main/org/h2/server/web/WebApp.java

@@ -281,6 +281,10 @@ public class WebApp {
         if (b != null && b) {
             return true;
         }
+        String key = server.getKey();
+        if (key != null && key.equals(session.get("key"))) {
+            return true;
+        }
         session.put("adminBack", file);
         return false;
     }

h2/src/main/org/h2/server/web/WebServer.java

@@ -169,6 +169,7 @@ public class WebServer implements Service {
     private Thread listenerThread;
     private boolean ifExists = true;
     private String key;
+    private boolean allowSecureCreation;
     private boolean trace;
     private TranslateThread translateThread;
     private boolean allowChunked = true;
@@ -267,6 +268,15 @@ public class WebServer implements Service {
         return startDateTime;
     }
 
+    /**
+     * Returns the key for privileged connections.
+     *
+     * @return key key, or null
+     */
+    String getKey() {
+        return key;
+    }
+
     /**
      * Sets the key for privileged connections.
      *
@@ -278,6 +288,16 @@ public class WebServer implements Service {
         }
     }
 
+    /**
+     * @param allowSecureCreation
+     *            whether creation of databases using the key should be allowed
+     */
+    public void setAllowSecureCreation(boolean allowSecureCreation) {
+        if (!allowOthers) {
+            this.allowSecureCreation = allowSecureCreation;
+        }
+    }
+
     @Override
     public void init(String... args) {
         // set the serverPropertiesDir, because it's used in loadProperties()
@@ -750,7 +770,7 @@ public class WebServer implements Service {
         // encrypted H2 database with empty user password doesn't work
         p.setProperty("password", password);
         if (databaseUrl.startsWith("jdbc:h2:")) {
-            if (key == null || !key.equals(userKey)) {
+            if (!allowSecureCreation || key == null || !key.equals(userKey)) {
                 if (ifExists) {
                     databaseUrl += ";IFEXISTS=TRUE";
                 }

h2/src/main/org/h2/tools/Console.java

@@ -201,9 +201,9 @@ public class Console extends Tool implements ShutdownHandler {
 
         if (webStart) {
             try {
-                String webKey = ifExists || webAllowOthers ? null
+                String webKey = webAllowOthers ? null
                         : StringUtils.convertBytesToHex(MathUtils.secureRandomBytes(32));
-                web = Server.createWebServer(args, webKey);
+                web = Server.createWebServer(args, webKey, !ifExists);
                 web.setShutdownHandler(this);
                 web.start();
                 if (printStatus) {

h2/src/main/org/h2/tools/Server.java

@@ -426,19 +426,24 @@ public class Server extends Tool implements Runnable, ShutdownHandler {
      * @return the server
      */
     public static Server createWebServer(String... args) throws SQLException {
-        return createWebServer(args, null);
+        return createWebServer(args, null, false);
     }
 
     /**
      * Create a new web server, but does not start it yet.
      *
-     * @param args the argument list
-     * @param key key, or null
+     * @param args
+     *            the argument list
+     * @param key
+     *            key, or null
+     * @param allowSecureCreation
+     *            whether creation of databases using the key should be allowed
      * @return the server
      */
-    static Server createWebServer(String[] args, String key) throws SQLException {
+    static Server createWebServer(String[] args, String key, boolean allowSecureCreation) throws SQLException {
         WebServer service = new WebServer();
         service.setKey(key);
+        service.setAllowSecureCreation(allowSecureCreation);
         Server server = new Server(service, args);
         service.setShutdownHandler(server);
         return server;