security options for unknownUsers, fixes

Author: nikitaeverywhere

%WebTerminal/Engine.cls.xml

@@ -9,7 +9,7 @@ All operations with opened WebSocket placed here.</Description>
 
 <UDLText name="T">
 <Content><![CDATA[
-// USER CONSTANTS START
+// USER CONSTANTS BEGIN
 
 ]]></Content>
 </UDLText>
@@ -20,6 +20,20 @@ How long to wait for authorization key when connection established</Description>
 <Default>5</Default>
 </Parameter>
 
+<Parameter name="authorizeUsers">
+<Description>
+Use user privileges and require authorization for them</Description>
+<Default>1</Default>
+</Parameter>
+
+<Parameter name="allowUnknownUser">
+<Description>
+Allow accessing terminal for unregistered users (unknownUser).
+Anyway, changing this constant to 1 can make a big hole in security,
+so change it at your own risk!</Description>
+<Default>0</Default>
+</Parameter>
+
 <UDLText name="T">
 <Content><![CDATA[
 // USER CONSTANTS END
@@ -757,15 +771,25 @@ the client - it includes authorization key.</Description>
 	    		ZNSPACE $LISTGET(lb, 7) // namespace
 	    		
 	    		set user = $LISTGET($LISTGET(lb, 16), 1) // user
-	    		set loginStatus = ##class(%SYSTEM.Security).Login($LISTGET($LISTGET(lb, 16), 1))
+	    		if (user = "UnknownUser") && (..#allowUnknownUser '= 1) {
+		    		set ok = 0
+		    		do ..SendData("!UnknownUser disallowed.", ..ConstClientAuthorizationStatus)
+		    		QUIT
+	    		}
+	    		
+	    		if (..#authorizeUsers = 1) {
+		    		set loginStatus = ##class(%SYSTEM.Security).Login($LISTGET($LISTGET(lb, 16), 1))
+	    		} else {
+		    		set loginStatus = 1
+	    		}
 	    		if ($$$ISOK(loginStatus)) {
 					do ..SendData(user,..ConstClientLoginInfo)
 	    		} else {
 		    		do ..SendData("!",..ConstClientLoginInfo)
 	    		}
 	    		
 	    		set ok = loginStatus
-	    		BREAK
+	    		QUIT
 	    		
     		}
     	}

csp/webTerminal/js/application.js.xml

@@ -6,7 +6,7 @@
  */
 var application = new function() {
 
-    var version = "0.9.9.5 beta"; // link to language.js
+    var version = "0.9.9.6 beta"; // link to language.js
     this.debug = false; // remove for release
     this.debugUrlPart = "172.27.25.133:57772"; // in-debug mode
 

csp/webTerminal/js/language.js.xml

@@ -29,7 +29,7 @@ var lang = new function() {
             0: parser.highlightHTML("/help"),
             1: parser.highlightHTML("/tip"),
             2: parser.highlightHTML("/connect"),
-            3: "0.9.9.5 beta",
+            3: "0.9.9.6 beta",
             4: 1,
             5: parser.highlightHTML("set test = 12"),
             6: parser.highlightHTML("write test"),

csp/webTerminal/js/terminal.js.xml

@@ -313,7 +313,9 @@ var terminal = new function() {
                     server.requestAutocompleteFile(data || terminal.namespace.getCorrectFileName());
                 } break;
                 case terminal.clientActions.AUTHORIZATION_STATUS: {
-                    if (!settings.get_cleanStartup()) {
+                    if (data.charAt(0) === "!") {
+	                	terminal.output.write(data.substr(1))
+                    } else if (!settings.get_cleanStartup()) {
                         terminal.output.write((data == "1")?lang.get(3):lang.get(5));
                     }
                     terminal.ready = true; // TERMINAL READY