31 #include <BESCatalog.h>
32 #include <BESCatalogList.h>
33 #include <BESCatalogUtils.h>
35 #include <TheBESKeys.h>
36 #include <BESInternalError.h>
37 #include <BESSyntaxUserError.h>
39 #include <BESNotFoundError.h>
40 #include <BESForbiddenError.h>
42 #include "WhiteList.h"
55 WhiteList::get_white_list()
57 if (d_instance)
return d_instance;
62 WhiteList::WhiteList()
65 string key = REMOTE_ACCESS_WHITELIST;
68 throw BESInternalError(
string(
"The remote access whitelist, '")+REMOTE_ACCESS_WHITELIST
69 +
"' has not been configured.", __FILE__, __LINE__);
87 bool WhiteList::is_white_listed(
const std::string &url)
89 bool whitelisted =
false;
90 const string file_url(
"file://");
91 const string http_url(
"http://");
92 const string https_url(
"https://");
96 if (url.compare(0, file_url.size(), file_url) == 0 ) {
99 string file_path = url.substr(file_url.size());
100 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - file_path: "<< file_path << endl);
104 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - Found catalog: "<< bcat->
get_catalog_name() << endl);
107 string msg =
"OUCH! Unable to locate default catalog!";
108 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - " << msg << endl);
112 string catalog_root = bcat->
get_root();
113 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - Catalog root: "<< catalog_root << endl);
122 string relative_path;
123 if(file_path[0] ==
'/'){
124 if(file_path.length() < catalog_root.length()) {
128 int ret = file_path.compare(0, catalog_root.npos, catalog_root) == 0;
129 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - file_path.compare(): " << ret << endl);
130 whitelisted = (ret==0);
131 relative_path = file_path.substr(catalog_root.length());
135 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - relative path detected");
136 relative_path = file_path;
159 BESDEBUG(
"bes",
"WhiteList::Is_Whitelisted() - Is_Whitelisted: "<< (whitelisted?
"true ":
"false ") << endl);
163 if (url.compare(0, http_url.size(), http_url) == 0
164 || url.compare(0, https_url.size(), https_url) == 0 ) {
166 vector<string>::const_iterator i = d_white_list.begin();
167 vector<string>::const_iterator e = d_white_list.end();
168 for (; i != e && !whitelisted; i++) {
169 if ((*i).length() <= url.length()) {
170 if (url.substr(0, (*i).length()) == (*i)) {
178 msg =
"WhiteList - ERROR! Unknown URL protocol! Only " + http_url +
", " + https_url +
", and " + file_url +
" are supported.";
179 BESDEBUG(
"bes", msg << endl);
static BESCatalogList * TheCatalogList()
Get the singleton BESCatalogList instance.
Catalogs provide a hierarchical organization for data.
virtual std::string get_root() const =0
virtual std::string get_catalog_name() const
Get the name for this catalog.
virtual BESCatalogUtils * get_catalog_utils() const
Get a pointer to the utilities, customized for this catalog.
error thrown if the BES is not allowed to access the resource requested
exception thrown if internal error encountered
error thrown if the resource requested cannot be found
static void check_path(const std::string &path, const std::string &root, bool follow_sym_links)
Check if the specified path is valid.
static TheBESKeys * TheKeys()
void get_values(const std::string &s, std::vector< std::string > &vals, bool &found)
Retrieve the values of a given key, if set.
Can a given URL be dereferenced given the BES's configuration?