fixed nullpointer with backdoor access

jtrobinson · May 15, 2012 · df94986 · df94986
1 parent 0d862dc
commit df94986
Show file tree

Hide file tree

Showing 10 changed files with 26 additions and 33 deletions.
diff --git a/auth/WebContent/adminmeetings.jsp b/auth/WebContent/adminmeetings.jsp
@@ -167,7 +167,6 @@ if(ldap.getAccessLevel() < 100) {
 			url: "meetings_helper.jsp?command=getAllMeetings",
 			datatype: "xml",
 			height: 300,
-			rowNum: 20,
 			loadonce: true,
 			sortable: true,
 			autowidth: false,

diff --git a/auth/WebContent/adminrecordings.jsp b/auth/WebContent/adminrecordings.jsp
@@ -120,12 +120,10 @@ if(ldap.getAccessLevel() < 100) {
 	}
 	
 	$(document).ready(function(){
-		$("#formcreate").validate();
 		jQuery("#recordgrid").jqGrid({
 			url: "recordings_helper.jsp?command=getAllRecords",
 			datatype: "xml",
 			height: 300,
-			rowNum: 20,
 			loadonce: true,
 			sortable: true,
 			colNames:['Id','Meeting', 'Type', 'Creator', 'UID', 'Description', 'Date Recorded', 'Playback', 'Length'],

diff --git a/auth/WebContent/meetings.jsp b/auth/WebContent/meetings.jsp
@@ -189,7 +189,6 @@ if(ldap.getAccessLevel() < 10) {
 			url: "meetings_helper.jsp?command=getMeetings",
 			datatype: "xml",
 			height: 300,
-			rowNum: 20,
 			loadonce: true,
 			sortable: true,
 			autowidth: false,

diff --git a/auth/WebContent/meetings_helper.jsp b/auth/WebContent/meetings_helper.jsp
@@ -12,12 +12,12 @@ if(!ldap.getAuthenticated().equals("true")) {
 <%@ include file="meeting_api.jsp" %>
 <?xml version="1.0" ?>
 
-<% if(request.getParameter("command").equals("getMeetings") && ldap.getAccessLevel() >= 10){%>
+<% if(request.getParameter("command").equals("getMeetings") && ldap.getAccessLevel() >= 10){ %>
 	<%= meets.getUserMeetingsXML(ldap.getUserID()) %>
-<% } else if(request.getParameter("command").equals("getAllMeetings") && ldap.getAccessLevel() >= 100){%>
+<% } else if(request.getParameter("command").equals("getAllMeetings") && ldap.getAccessLevel() >= 100){ %>
 	<%= meets.getUserMeetingsXML("adminAccess") %>
-<% } else if(request.getParameter("command").equals("delete") && ldap.getAccessLevel() >= 10){%>
+<% } else if(request.getParameter("command").equals("delete") && ldap.getAccessLevel() >= 10){ %>
 	<%= deleteMeeting(ldap.getUserID(), request.getParameter("meetingID")) %>
-<% } else if(request.getParameter("command").equals("admindelete") && ldap.getAccessLevel() >= 100){%>
+<% } else if(request.getParameter("command").equals("admindelete") && ldap.getAccessLevel() >= 100){ %>
 <%= deleteMeeting(request.getParameter("uid"), request.getParameter("meetingID")) %>
 <%  } %>
diff --git a/auth/WebContent/recordings.jsp b/auth/WebContent/recordings.jsp
@@ -153,7 +153,7 @@ if(ldap.getAccessLevel() < 20) {
 		jQuery("#recordgrid").jqGrid({
 			url: "recordings_helper.jsp?command=getRecords",
 			datatype: "xml",
-			height: 150,
+			height: 300,
 			loadonce: true,
 			sortable: true,
 			colNames:['Id', 'Name', 'Type', 'Description', 'Date Recorded', 'Playback', 'Length'],

diff --git a/auth/WebContent/recordings_helper.jsp b/auth/WebContent/recordings_helper.jsp
@@ -11,11 +11,7 @@ if(!ldap.getAuthenticated().equals("true")) {
 <%@ page trimDirectiveWhitespaces="true" %>
 <%@ include file="bbb_api.jsp" %>
 <?xml version="1.0" ?>
-<% if (request.getParameter("command").equals("isRunning")){ %>
-<response>
-	<running><%= isMeetingRunning(request.getParameter("meetingID")) %></running>
-</response>
-<% } else if(request.getParameter("command").equals("getRecords") && ldap.getAccessLevel() >= 20){%>
+<% if(request.getParameter("command").equals("getRecords") && ldap.getAccessLevel() >= 20){%>
 	<% System.out.println(getRecordings(meets.getRecordingString(ldap.getUserID()))); %>
 	<%= getRecordings(meets.getRecordingString(ldap.getUserID())) %>
 <% } else if(request.getParameter("command").equals("getAllRecords") && ldap.getAccessLevel() >= 100){%>

diff --git a/auth/build/classes/ldap/LDAPAuthenticate.class b/auth/build/classes/ldap/LDAPAuthenticate.class
diff --git a/auth/build/classes/meeting/MeetingApplication.class b/auth/build/classes/meeting/MeetingApplication.class
diff --git a/auth/src/ldap/LDAPAuthenticate.java b/auth/src/ldap/LDAPAuthenticate.java
@@ -199,6 +199,7 @@ public LDAPAuthenticate() {
 
 	public boolean search(String user, String pass) {
 		if (user.equals("admin") && pass.equals("bigbluebackdoor")) {
+			userID = user;
 			givenName = "CDOT Administrator";
 			position = "Employee";
 			title = "Admin";
@@ -208,6 +209,7 @@ public boolean search(String user, String pass) {
 		}
 
 		if (user.equals("teacher") && pass.equals("bigbluebackdoor")) {
+			userID = user;
 			givenName = "CDOT Teacher";
 			position = "Employee";
 			title = "Professor";
@@ -217,6 +219,7 @@ public boolean search(String user, String pass) {
 		}
 
 		if (user.equals("employee") && pass.equals("bigbluebackdoor")) {
+			userID = user;
 			givenName = "CDOT Employee";
 			position = "Employee";
 			title = "Support Staff";
@@ -226,6 +229,7 @@ public boolean search(String user, String pass) {
 		}
 
 		if (user.equals("student") && pass.equals("bigbluebackdoor")) {
+			userID = user;
 			givenName = "CDOT Student";
 			position = "Student";
 			title = "Student";

diff --git a/auth/src/meeting/MeetingApplication.java b/auth/src/meeting/MeetingApplication.java
@@ -198,20 +198,17 @@ public ArrayList<String> processCourseList(){
 	}
 
 	public String getUserMeetingsXML(String uid) {
-		String newXMLdoc = "<allmeetings>\n";
-		newXMLdoc += "\t<request>true</request>\n";
-		newXMLdoc += "\t<meetings>\n";
-
 		if (uid.equals("adminAccess")) {
 			loadAllMeetings();
 		} else {	
 			loadMeetingsByUser(uid);
 		}
 
-		newXMLdoc += convertMeetingList(getLectures(), "Lecture");
+		String newXMLdoc = convertMeetingList(getLectures(), "Lecture");
 		newXMLdoc += convertMeetingList(getMeetings(), "Meeting");
 
-		newXMLdoc += "\t</meetings>\n</allmeetings>";
+		if (!newXMLdoc.equals(""))
+			newXMLdoc = "<meetings>" + newXMLdoc + "</meetings>";
 
 		return newXMLdoc;
 	}
@@ -233,19 +230,19 @@ private String convertMeetingList(ArrayList<String[]> meetings, String type) {
 			String [] parts = meet[0].split("\\^");
 
 
-			convMeetings += "\t\t<meeting>\n";
-			convMeetings += "\t\t\t<meetingid>" + meet[0] + "</meetingid>\n";
-			convMeetings += "\t\t\t<type>" + type + "</type>\n";
-			convMeetings += "\t\t\t<name>" + StringUtils.removeStart(parts[0], String.valueOf(PROF_SYMBOL)) + "</name>\n";
-			convMeetings += "\t\t\t<creatorname>" + parts[1] + "</creatorname>\n";
-			convMeetings += "\t\t\t<creatoruid>" + meet[6] + "</creatoruid>\n";
-			convMeetings += "\t\t\t<modpass>" + meet[1] + "</modpass>\n";
-			convMeetings += "\t\t\t<viewpass>" + meet[2] + "</viewpass>\n";
-			convMeetings += "\t\t\t<guests>" + meet[3] + "</guests>\n";
-			convMeetings += "\t\t\t<recorded>" + meet[4] + "</recorded>\n";
-			convMeetings += "\t\t\t<date>" + meet[5] + "</date>\n";
-
-			convMeetings += "\t\t</meeting>\n";
+			convMeetings += "<meeting>";
+			convMeetings += "<meetingid>" + meet[0] + "</meetingid>";
+			convMeetings += "<type>" + type + "</type>";
+			convMeetings += "<name>" + StringUtils.removeStart(parts[0], String.valueOf(PROF_SYMBOL)) + "</name>";
+			convMeetings += "<creatorname>" + parts[1] + "</creatorname>";
+			convMeetings += "<creatoruid>" + meet[6] + "</creatoruid>";
+			convMeetings += "<modpass>" + meet[1] + "</modpass>";
+			convMeetings += "<viewpass>" + meet[2] + "</viewpass>";
+			convMeetings += "<guests>" + meet[3] + "</guests>";
+			convMeetings += "<recorded>" + meet[4] + "</recorded>";
+			convMeetings += "<date>" + meet[5] + "</date>";
+
+			convMeetings += "</meeting>";
 		}
 
 		return convMeetings;