#
# This file is part of Koha.
#
-# Koha is free software; you can redistribute it and/or modify it under the
-# terms of the GNU General Public License as published by the Free Software
-# Foundation; either version 2 of the License, or (at your option) any later
-# version.
+# Koha is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
#
-# Koha is distributed in the hope that it will be useful, but WITHOUT ANY
-# WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
-# A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+# Koha is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
#
-# You should have received a copy of the GNU General Public License along
-# with Koha; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+# You should have received a copy of the GNU General Public License
+# along with Koha; if not, see <http://www.gnu.org/licenses>.
use strict;
use warnings;
-use Getopt::Long;
+use Getopt::Long qw( GetOptions );
my ($help, $config, $daemon);
add_only_for_matches, add_only_for_new or ignore
import_mode - stage or direct
framework - to be used if import_mode is direct
+ connexion_user - User sent from connexion client
+ connexion_password - Password sent from connexion client
+
+ Note: If connexion parameters are not defined request authentication will not be checked
+ You should specify a different user for connexion to protect the Koha credentials
All process related parameters (all but ip and port) have default values as
per Koha import process.
{
package ImportProxyServer;
-use Carp;
-use IO::Socket::INET;
+use Carp qw( croak );
+use IO::Socket::INET qw( SOCK_STREAM );
# use IO::Socket::IP;
use IO::Select;
-use POSIX;
-use HTTP::Status qw(:constants);
+use POSIX qw( close exit fork localtime open printf sprintf );
+use HTTP::Status qw( HTTP_FORBIDDEN HTTP_UNAUTHORIZED );
use strict;
use warnings;
use LWP::UserAgent;
-use XML::Simple;
+use XML::Simple qw( XMLin );
use MARC::Record;
use MARC::File::XML;
die "Invalid config line $line: $_" unless defined $v;
$param{$p} = $v;
}
+ close($conf_fh);
$self->{koha} = delete( $param{koha} )
or die "No koha base url in config file";
$self->{password} = delete( $param{password} )
or die "No koha user password in config file";
+ if( defined $param{connexion_user} || defined $param{connexion_password}){
+ # If either is defined we expect both
+ $self->{connexion_user} = delete( $param{connexion_user} )
+ or die "No koha connexion_user in config file";
+ $self->{connexion_password} = delete( $param{connexion_password} )
+ or die "No koha user connexion_password in config file";
+ }
+
$self->{host} = delete( $param{host} );
$self->{port} = delete( $param{port} )
or die "Port not specified";
}
$in = join '', @in_arr;
-
$in =~ m/(.)$/;
my $lastchar = $1;
my ($xml, $user, $password, $local_user);
$self->log("Invalid request", $in, @details);
return;
}
+ $user = $local_user if !$user && $local_user;
$self->log("Request", @details);
$self->log($in) if $self->{debug};
sub handle_request {
my ( $self, $io ) = @_;
-
my ($data, $user, $password) = $self->read_request($io)
or return $self->error_response("Bad request");
+ unless(
+ !(defined $self->{connexion_user}) ||
+ ($user eq $self->{connexion_user} && $password eq $self->{connexion_password})
+ ){
+ return $self->error_response("Unauthorized request");
+ }
+
my $ua;
if ($self->{user}) {
$user = $self->{user};