allow web based control of who gets to access remote repositories.

if the prop "syndie.remotePassword" is set, users can enter it while viewing their metadata

apps/syndie/java/src/net/i2p/syndie/BlogManager.java

@@ -72,10 +72,13 @@ public class BlogManager {
                 for (Iterator iter = p.keySet().iterator(); iter.hasNext(); ) {
                     String key = (String)iter.next();
                     System.setProperty(key, p.getProperty(key));
+                    System.out.println("Read config prop [" + key + "] = [" + p.getProperty(key) + "]");
                 }
             } catch (IOException ioe) {
                 ioe.printStackTrace();
             }
+        } else {
+            System.out.println("Config doesn't exist: " + config.getPath());
         }
     }
     
@@ -217,6 +220,30 @@ public class BlogManager {
         return pass; 
     }
     
+    /** Password required to access the remote syndication functinoality (null means no password required) */
+    public String getRemotePassword() { 
+        String pass = _context.getProperty("syndie.remotePassword");
+        
+        System.out.println("Remote password? [" + pass + "]");
+        if ( (pass == null) || (pass.trim().length() <= 0) ) return null;
+        return pass;
+    }
+    
+    public String authorizeRemoteAccess(User user, String password) {
+        if (!user.getAuthenticated()) return "Not logged in";
+        String remPass = getRemotePassword();
+        if (remPass == null)
+            return "Remote access password not configured - please specify 'syndie.remotePassword' in your syndie.config";
+        
+        if (remPass.equals(password)) {
+            user.setAllowAccessRemote(true);
+            saveUser(user);
+            return "Remote access authorized";
+        } else {
+            return "Remote access denied";
+        }
+    }
+    
     public void saveUser(User user) {
         if (!user.getAuthenticated()) return;
         String userHash = Base64.encode(_context.sha().calculateHash(DataHelper.getUTF8(user.getUsername())).getData());

apps/syndie/jsp/viewmetadata.jsp

@@ -1,5 +1,6 @@
-<%@page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" import="net.i2p.syndie.web.*" %>
+<%@page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" import="net.i2p.syndie.web.*, net.i2p.syndie.*" %>
 <% request.setCharacterEncoding("UTF-8"); %>
+<jsp:useBean scope="session" class="net.i2p.syndie.User" id="user" />
 <html>
 <head>
 <title>SyndieMedia</title>
@@ -13,6 +14,20 @@
     <td valign="top" align="left" rowspan="2"><jsp:include page="_rightnav.jsp" /></td></tr>
 <tr><td valign="top" align="left" colspan="3"><%
 ArchiveViewerBean.renderMetadata(request.getParameterMap(), out); 
+if (user.getAuthenticated()) {
+  if ("Authorize".equals(request.getParameter("action"))) {
+    %><b><%=BlogManager.instance().authorizeRemoteAccess(user, request.getParameter("password"))%></b><%
+  }
+  if (!user.getAllowAccessRemote()) { 
+    if (user.getBlog().toBase64().equals(request.getParameter("blog"))) {
+  %><hr /><form action="viewmetadata.jsp" method="POST">
+<input type="hidden" name="blog" value="<%=request.getParameter("blog")%>" />
+To access remote instances from this instance, please supply the Syndie administration password: <input type="password" name="password" />
+<input type="submit" name="action" value="Authorize" />
+</form><%
+    }
+  }
+}
 %></td></tr>
 </table>
 </body>