projects
/
pithos
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
f4b8642
)
Limit user searches by appending @.
author
pastith
<devnull@localhost>
Mon, 30 Mar 2009 11:25:15 +0000
(11:25 +0000)
committer
pastith
<devnull@localhost>
Mon, 30 Mar 2009 11:25:15 +0000
(11:25 +0000)
gss/src/gr/ebs/gss/server/rest/UserSearchHandler.java
patch
|
blob
|
history
diff --git
a/gss/src/gr/ebs/gss/server/rest/UserSearchHandler.java
b/gss/src/gr/ebs/gss/server/rest/UserSearchHandler.java
index
ebc8bed
..
20d25ff
100644
(file)
--- a/
gss/src/gr/ebs/gss/server/rest/UserSearchHandler.java
+++ b/
gss/src/gr/ebs/gss/server/rest/UserSearchHandler.java
@@
-46,6
+46,12
@@
public class UserSearchHandler extends RequestHandler {
private static Log logger = LogFactory.getLog(UserSearchHandler.class);
/**
private static Log logger = LogFactory.getLog(UserSearchHandler.class);
/**
+ * A flag that will force all queries to end in a @ character, mitigating privacy
+ * concerns about user accounts.
+ */
+ private static final boolean mustEndWithAt = true;
+
+ /**
* Serve the 'user search' namespace that contains results in queries to find users.
*
* @param req The servlet request we are processing
* Serve the 'user search' namespace that contains results in queries to find users.
*
* @param req The servlet request we are processing
@@
-62,6
+68,8
@@
public class UserSearchHandler extends RequestHandler {
try {
JSONArray json = new JSONArray();
try {
JSONArray json = new JSONArray();
+ if (mustEndWithAt)
+ path += '@';
List<UserDTO> users = getService().getUsersByUserNameLike(path.substring(1));
for (UserDTO u: users) {
// Build the proper parent URL
List<UserDTO> users = getService().getUsersByUserNameLike(path.substring(1));
for (UserDTO u: users) {
// Build the proper parent URL