add switches to disable injections or querying

from the master controls, for all collections.
2024-10-04 12:17:35 +03:00 · 2015-03-04 10:49:37 -08:00 · 2015-03-04 10:49:37 -08:00 · 38caa517f2
commit 38caa517f2
parent 3fc9abe222
7 changed files with 63 additions and 6 deletions
--- a/Conf.h
+++ b/Conf.h
@ -287,7 +287,8 @@ class Conf {
 	//bool  m_stubHubSpideringEnabled;
 	//bool  m_eventBriteSpideringEnabled;
 	//bool  m_refreshFacebookUsersEnabled;
-	bool  m_injectionEnabled     ;
+	bool  m_injectionsEnabled     ;
+	bool  m_queryingEnabled ;
 	// qa testing loop going on? uses "test" subdir
 	bool  m_testParserEnabled     ;
 	bool  m_testSpiderEnabled     ;
--- a/Errno.cpp
+++ b/Errno.cpp
@ -138,7 +138,7 @@ case	ERESTRICTEDPAGE  : return "Page is /admin or /master and restricted";
 //case	ESPIDERRECDUP    : return "Duplicate spiderdb record";
 case	EDOCISERRPG      : return "Doc is error page";
 case	EFORCED          : return "Doc was force respidered";
-case	EDISABLED        : return "Injection is disabled in Master Controls";
+case	EINJECTIONSDISABLED: return "Injection is disabled in Master Controls";
 case	ETAGBREACH       : return "Sections parser ran out of tag stack space";
 case	EDISKSTUCK       : return "Disk is stuck";
 case	EDOCHIJACKED     : return "Doc is hijacked";
@ -189,6 +189,7 @@ case EPROXYSSLCONNECTFAILED: return "SSL tunnel through HTTP proxy failed";
 case EINLINESECTIONS: return "Error generating section votes";
 case EREADONLYMODE: return "In read only mode. Failed.";
 case ENOTITLEREC: return "No title rec found when recycling content";
+case EQUERYINGDISABLED: return "Querying is disabled in the master controls";
 	}
 	// if the remote error bit is clear it must be a regulare errno
 	//if ( ! ( errnum & REMOTE_ERROR_BIT ) ) return strerror ( errnum );
--- a/Errno.h
+++ b/Errno.h
@ -142,7 +142,7 @@ enum {
 	//ESPIDERRECDUP    , // duplicate spiderdb record
 	EDOCISERRPG      , // Doc is error page
 	EFORCED          , // Doc was force re-spidered
-	EDISABLED        , // injection is disabled
+	EINJECTIONSDISABLED        , // injection is disabled
 	ETAGBREACH       , // Sections.cpp ran out of stack space
 	EDISKSTUCK       ,
 	EDOCHIJACKED     ,
@ -193,6 +193,7 @@ enum {
 	EPROXYSSLCONNECTFAILED,
 	EINLINESECTIONS,
 	EREADONLYMODE,
-	ENOTITLEREC
+	ENOTITLEREC,
+	EQUERYINGDISABLED
 };
 #endif
--- a/PageInject.cpp
+++ b/PageInject.cpp
@ -31,8 +31,8 @@ static void sendReplyWrapper ( void *state ) {
 //   HttpServer::sendReply() so we gotta copy it here
 bool sendPageInject ( TcpSocket *sock , HttpRequest *hr ) {

-	if ( ! g_conf.m_injectionEnabled ) {
-		g_errno = EBADENGINEER;
+	if ( ! g_conf.m_injectionsEnabled ) {
+		g_errno = EINJECTIONSDISABLED;//BADENGINEER;
 		log("inject: injection disabled");
 		return g_httpServer.sendErrorReply(sock,500,"injection is "
 						   "disabled by "
--- a/PageResults.cpp
+++ b/PageResults.cpp
@ -629,6 +629,13 @@ bool sendPageResults ( TcpSocket *s , HttpRequest *hr ) {
 		return sendReply(st,NULL);
 	}

+	// for now disable queries
+	if ( ! g_conf.m_queryingEnabled ) {
+		g_errno = EQUERYINGDISABLED;
+		return sendReply(st,NULL);
+	}
+
+
 	// LAUNCH ADS
 	// . now get the ad space for this query
 	// . don't get ads if we're not on the first page of results
--- a/Pages.cpp
+++ b/Pages.cpp
@ -4033,6 +4033,30 @@ bool printRedBox ( SafeBuf *mb , TcpSocket *sock , HttpRequest *hr ) {
 		mb->safePrintf("%s",boxEnd);
 	}

+	// injections disabled?
+	if ( ! g_conf.m_injectionsEnabled ) {
+		if ( adds ) mb->safePrintf("<br>");
+		adds++;
+		mb->safePrintf("%s",box);
+		mb->safePrintf("Injections are disabled in the "
+			       "<a href=/admin/hosts?c=%s>"
+			       "master controls</a>."
+			       ,coll);
+		mb->safePrintf("%s",boxEnd);
+	}
+
+	// querying disabled?
+	if ( ! g_conf.m_queryingEnabled ) {
+		if ( adds ) mb->safePrintf("<br>");
+		adds++;
+		mb->safePrintf("%s",box);
+		mb->safePrintf("Querying is disabled in the "
+			       "<a href=/admin/hosts?c=%s>"
+			       "master controls</a>."
+			       ,coll);
+		mb->safePrintf("%s",boxEnd);
+	}
+

 	bool sameVersions = true;
 	for ( int32_t i = 1 ; i < g_hostdb.getNumHosts() ; i++ ) {
--- a/Parms.cpp
+++ b/Parms.cpp
@ -9844,6 +9844,27 @@ void Parms::init ( ) {
 	m->m_page  = PAGE_MASTER;
 	m->m_obj   = OBJ_CONF;
 	m++;
+
+	m->m_title = "injections enabled";
+	m->m_desc  = "Allows injecting for all collections";
+	m->m_cgi   = "se";
+	m->m_off   = (char *)&g_conf.m_injectionsEnabled - g;
+	m->m_type  = TYPE_BOOL;
+	m->m_def   = "1";
+	m->m_page  = PAGE_MASTER;
+	m->m_obj   = OBJ_CONF;
+	m++;
+
+	m->m_title = "querying enabled";
+	m->m_desc  = "Controls querying for all collections";
+	m->m_cgi   = "se";
+	m->m_off   = (char *)&g_conf.m_queryingEnabled - g;
+	m->m_type  = TYPE_BOOL;
+	m->m_def   = "1";
+	m->m_page  = PAGE_MASTER;
+	m->m_obj   = OBJ_CONF;
+	m++;
+
 	
 	m->m_title = "max total spiders";
 	m->m_desc  = "What is the maximum number of web "
@ -9982,6 +10003,7 @@ void Parms::init ( ) {
 	m->m_obj   = OBJ_CONF;
        m++;

+	/*
 	m->m_title = "url injection enabled";
 	m->m_desc  = "If enabled you can directly inject URLs into the index.";
 	m->m_cgi   = "ie";
@ -9992,6 +10014,7 @@ void Parms::init ( ) {
 	m->m_obj   = OBJ_CONF;
 	m->m_def   = "1";
 	m++;
+	*/

 	m->m_title = "init QA tests";
 	m->m_desc  = "If initiated gb performs some integrity tests "