Hand on authorization header in dispatcher and planner action.

2014-02-28 16:26:34 +01:00 · 2014-02-28 16:26:34 +01:00 · 1c2858f80a
parent 75890f183a
commit 1c2858f80a
1 changed files with 51 additions and 0 deletions
--- a/js/actions/api-cluster.js
+++ b/js/actions/api-cluster.js
@ -254,6 +254,21 @@ actions.defineHttp({
  }
 });

+////////////////////////////////////////////////////////////////////////////////
+/// @brief function to parse an authorization header
+////////////////////////////////////////////////////////////////////////////////
+
+function parseAuthorization (authorization) {
+  var auth = require("internal").base64Decode(authorization.substr(6));
+  var pos = auth.indexOf(":");
+  if (pos === -1) {
+    return {username:"root", passwd:""};
+  }
+  return { username: auth.substr(0, pos),
+           passwd: auth.substr(pos+1) || "" };
+}
+
+
 ////////////////////////////////////////////////////////////////////////////////
 /// @fn JSF_cluster_planner_POST
 /// @brief exposes the cluster planning functionality
@ -295,6 +310,24 @@ actions.defineHttp({
                          "Posted body was not valid JSON.");
      return;
    }
+    // Did we get an HTTP authorization header?
+    if (req.headers.hasOwnProperty("authorization")) {
+      var userpwd = parseAuthorization(req.headers.authorization);
+      var d;
+      // Now let's forward it to the planner:
+      if (userconfig.hasOwnProperty("dispatchers")) {
+        for (d in userconfig.dispatchers) {
+          if (userconfig.dispatchers.hasOwnProperty(d)) {
+            var dd = userconfig.dispatchers[d];
+            if (!dd.hasOwnProperty("username") || 
+                !dd.hasOwnProperty("passwd")) {
+              dd.username = userpwd.username;
+              dd.passwd = userpwd.passwd;
+            }
+          }
+        }
+      }
+    }
    var Planner = require("org/arangodb/cluster/planner").Planner;
    try {
      var p = new Planner(userconfig);
@ -389,6 +422,24 @@ actions.defineHttp({
                          'Posted body needs a "myname" property.');
      return;
    }
+    // Did we get an HTTP authorization header?
+    if (req.headers.hasOwnProperty("authorization")) {
+      var userpwd = parseAuthorization(req.headers.authorization);
+      var d;
+      // Now let's forward it to the kickstarter:
+      if (input.clusterPlan.hasOwnProperty("dispatchers")) {
+        for (d in input.clusterPlan.dispatchers) {
+          if (input.clusterPlan.dispatchers.hasOwnProperty(d)) {
+            var dd = input.clusterPlan.dispatchers[d];
+            if (!dd.hasOwnProperty("username") || 
+                !dd.hasOwnProperty("passwd")) {
+              dd.username = userpwd.username;
+              dd.passwd = userpwd.passwd;
+            }
+          }
+        }
+      }
+    }
    var action = input.action;
    var Kickstarter, k, r;
    if (action === "launch") {