[Bibdesk-commit] SF.net SVN: bibdesk:[27930] trunk/bibdesk

hofman--- via Bibdesk-commit Sun, 25 Sep 2022 15:07:19 -0700

Revision: 27930
          http://sourceforge.net/p/bibdesk/svn/27930
Author:   hofman
Date:     2022-09-25 22:07:11 +0000 (Sun, 25 Sep 2022)
Log Message:
-----------
Don't make password accessible from accessors or from the ivar through KVC, 
except for the edited mutable server info. It should be inaccessible to 
templating. Search servers get password and user by reference.


Modified Paths:
--------------
    trunk/bibdesk/BDSKISIGroupServer.m
    trunk/bibdesk/BDSKServerInfo+Scripting.m
    trunk/bibdesk/BDSKServerInfo.h
    trunk/bibdesk/BDSKServerInfo.m
    trunk/bibdesk/BDSKZoomGroupServer.m

Modified: trunk/bibdesk/BDSKISIGroupServer.m
===================================================================
--- trunk/bibdesk/BDSKISIGroupServer.m  2022-09-25 21:19:05 UTC (rev 27929)
+++ trunk/bibdesk/BDSKISIGroupServer.m  2022-09-25 22:07:11 UTC (rev 27930)
@@ -273,8 +273,12 @@
         
         WOKMWSAuthenticateService *binding = [WOKMWSAuthenticateService 
soapBinding];
         //binding.logXMLInOut = YES;
-        [binding setAuthUsername:[serverInfo username]];
-        [binding setAuthPassword:[serverInfo password]];
+        NSString *user = nil;
+        NSString *password = nil;
+        if ([serverInfo getUsername:&user password:&password]) {
+            [binding setAuthUsername:user];
+            [binding setAuthPassword:password];
+        }
         
         WOKMWSAuthenticateService_authenticate *authRequest = 
[[[WOKMWSAuthenticateService_authenticate alloc] init] autorelease];
         

Modified: trunk/bibdesk/BDSKServerInfo+Scripting.m
===================================================================
--- trunk/bibdesk/BDSKServerInfo+Scripting.m    2022-09-25 21:19:05 UTC (rev 
27929)
+++ trunk/bibdesk/BDSKServerInfo+Scripting.m    2022-09-25 22:07:11 UTC (rev 
27930)
@@ -64,13 +64,11 @@
         [info setValue:[self host] forKey:@"host"];
         [info setValue:[self port] forKey:@"port"];
         [info setValue:[self username] forKey:@"username"];
-        //[info setValue:[self password] forKey:@"password"];
         [info setValue:[self recordSyntax] forKey:@"recordSyntax"];
         [info setValue:[self resultEncoding] forKey:@"resultEncoding"];
         [info setValue:[NSNumber numberWithBool:[self removeDiacritics]] 
forKey:@"removeDiacritics"];
     } else if ([self isISI]) {
         [info setValue:[self username] forKey:@"username"];
-        //[info setValue:[self password] forKey:@"password"];
         [info setValue:[NSNumber numberWithBool:[self isLite]] forKey:@"lite"];
     }
     

Modified: trunk/bibdesk/BDSKServerInfo.h
===================================================================
--- trunk/bibdesk/BDSKServerInfo.h      2022-09-25 21:19:05 UTC (rev 27929)
+++ trunk/bibdesk/BDSKServerInfo.h      2022-09-25 22:07:11 UTC (rev 27930)
@@ -71,6 +71,7 @@
 @property (nonatomic, readonly) NSString *username;
 @property (nonatomic, readonly) NSString *recordSyntax;
 @property (nonatomic, readonly) NSString *resultEncoding;
+@property (nonatomic, readonly) NSString *queryConfig;
 @property (nonatomic, readonly) BOOL removeDiacritics;
 @property (nonatomic, readonly, getter=isLite) BOOL lite;
 @property (nonatomic, readonly) NSDictionary *options;
@@ -80,8 +81,10 @@
 @property (nonatomic, readonly, getter=isISI) BOOL ISI;
 @property (nonatomic, readonly, getter=isDBLP) BOOL DBLP;
 
-- (BDSKServerType)serverType;
+@property (nonatomic, readonly) BDSKServerType serverType;
 
+- (BOOL)getUsername:(NSString **)username password:(NSString **)password;
+
 @end
 
 @interface BDSKMutableServerInfo : BDSKServerInfo

Modified: trunk/bibdesk/BDSKServerInfo.m
===================================================================
--- trunk/bibdesk/BDSKServerInfo.m      2022-09-25 21:19:05 UTC (rev 27929)
+++ trunk/bibdesk/BDSKServerInfo.m      2022-09-25 22:07:11 UTC (rev 27930)
@@ -52,6 +52,7 @@
 #define USERNAME_KEY         @"username"
 #define RECORDSYNTAX_KEY     @"recordSyntax"
 #define RESULTENCODING_KEY   @"resultEncoding"
+#define QUERYCONFIG_KEY      @"queryConfig"
 #define REMOVEDIACRITICS_KEY @"removeDiacritics"
 #define LITE_KEY             @"lite"
 
@@ -69,7 +70,6 @@
 // Also when other validations are necessary, changing the type must make sure 
that the data validates properly for the new type, if necessary adding missing 
values.
 
 @interface BDSKServerInfo ()
-@property (nonatomic, readonly) NSDictionary *optionsWithoutPassword;
 @property (nonatomic, readonly) NSString *passwordFromKeychain;
 @end
 
@@ -80,8 +80,10 @@
 @implementation BDSKServerInfo
 
 @synthesize type, name, database;
-@dynamic dictionaryValue, host, port, password, username, recordSyntax, 
resultEncoding, removeDiacritics, lite, options, optionsWithoutPassword, 
entrez, zoom, ISI, DBLP, passwordFromKeychain;
+@dynamic dictionaryValue, host, port, password, username, recordSyntax, 
resultEncoding, queryConfig, removeDiacritics, lite, options, entrez, zoom, 
ISI, DBLP, passwordFromKeychain, serverType;
 
++ (BOOL)accessInstanceVariablesDirectly { return NO; }
+
 + (id)defaultServerInfoWithType:(NSString *)aType;
 {
     BOOL isZoom = [aType isEqualToString:BDSKSearchGroupZoom];
@@ -151,12 +153,12 @@
 }
 
 - (id)copyWithZone:(NSZone *)aZone {
-    id copy = [[BDSKServerInfo allocWithZone:aZone] initWithType:[self type] 
name:[self name] database:[self database] host:[self host] port:[self port] 
options:[self options]];
+    id copy = [[BDSKServerInfo allocWithZone:aZone] initWithType:[self type] 
name:[self name] database:[self database] host:[self host] port:[self port] 
options:options];
     return copy;
 }
 
 - (id)mutableCopyWithZone:(NSZone *)aZone {
-    id copy = [[BDSKMutableServerInfo allocWithZone:aZone] initWithType:[self 
type] name:[self name] database:[self database] host:[self host] port:[self 
port] options:[self options]];
+    id copy = [[BDSKMutableServerInfo allocWithZone:aZone] initWithType:[self 
type] name:[self name] database:[self database] host:[self host] port:[self 
port] options:options];
     return copy;
 }
 
@@ -188,9 +190,9 @@
     else if ([self isZoom])
         isEqual = isEqualOrBothNil([self host], [other host]) && 
                   isEqualOrBothNil([self port], [(BDSKServerInfo *)other 
port]) && 
-                  isEqualOrBothEmpty([self optionsWithoutPassword], 
[(BDSKServerInfo *)other optionsWithoutPassword]);
+                  isEqualOrBothEmpty([self options], [(BDSKServerInfo *)other 
options]);
     else if ([self isISI])
-        isEqual = isEqualOrBothEmpty([self optionsWithoutPassword], 
[(BDSKServerInfo *)other optionsWithoutPassword]);
+        isEqual = isEqualOrBothEmpty([self options], [(BDSKServerInfo *)other 
options]);
     return isEqual;
 }
 
@@ -202,7 +204,7 @@
         hash = prime * hash + [[self port] hash];
     }
     if ([self isZoom] || [self isISI]) {
-        NSDictionary *opts = [self optionsWithoutPassword];
+        NSDictionary *opts = [self options];
         if ([opts count])
             hash = prime * hash + [opts hash];
     }
@@ -217,9 +219,9 @@
     if ([self isZoom]) {
         [info setValue:[self host] forKey:HOST_KEY];
         [info setValue:[self port] forKey:PORT_KEY];
-        [info setValue:[self optionsWithoutPassword] forKey:OPTIONS_KEY];
-    } else if ([self isISI] && [[self options] count] > 0) {
-        [info setValue:[self optionsWithoutPassword] forKey:OPTIONS_KEY];
+        [info setValue:[self options] forKey:OPTIONS_KEY];
+    } else if ([self isISI] && [options count] > 0) {
+        [info setValue:[self options] forKey:OPTIONS_KEY];
     }
     return info;
 }
@@ -229,25 +231,23 @@
 - (NSString *)port { return [self isZoom] ? port : nil; }
 
 - (NSString *)password {
-    NSString *password = [[self options] objectForKey:PASSWORD_KEY];
-    if (password == nil && (password = [self passwordFromKeychain]))
-        [options setObject:password forKey:PASSWORD_KEY];
-    return password;
+    // don't return password to make it inaccvessible by templates
+    return nil;
 }
 
-- (NSString *)username { return [[self options] objectForKey:USERNAME_KEY]; }
+- (NSString *)username { return [options objectForKey:USERNAME_KEY]; }
 
-- (NSString *)recordSyntax { return [[self options] 
objectForKey:RECORDSYNTAX_KEY]; }
+- (NSString *)recordSyntax { return [options objectForKey:RECORDSYNTAX_KEY]; }
 
-- (NSString *)resultEncoding { return [[self options] 
objectForKey:RESULTENCODING_KEY]; }
+- (NSString *)resultEncoding { return [options 
objectForKey:RESULTENCODING_KEY]; }
 
-- (BOOL)removeDiacritics { return [[[self options] 
objectForKey:REMOVEDIACRITICS_KEY] boolValue]; }
+- (NSString *)queryConfig { return [options objectForKey:QUERYCONFIG_KEY]; }
 
-- (BOOL)isLite { return [[[self options] objectForKey:LITE_KEY] boolValue]; }
+- (BOOL)removeDiacritics { return [[options objectForKey:REMOVEDIACRITICS_KEY] 
boolValue]; }
 
-- (NSDictionary *)options { return [self isZoom] || [options count] > 0 ? 
options : nil; }
+- (BOOL)isLite { return [[options objectForKey:LITE_KEY] boolValue]; }
 
-- (NSDictionary *)optionsWithoutPassword {
+- (NSDictionary *)options {
     if ([self isZoom] == NO && [options count] == 0)
         return nil;
     NSMutableDictionary *opts = [[options mutableCopy] autorelease];
@@ -273,6 +273,29 @@
     return BDSKServerTypeEntrez;
 }
 
+- (BOOL)getUsername:(NSString **)username password:(NSString **)password {
+    if ([self isZoom] == NO && [self isISI] == NO)
+        return NO;
+    NSString *user = [self username];
+    if (user == nil)
+        return NO;
+    if (username)
+        *username = user;
+    if (password) {
+        *password = [options objectForKey:PASSWORD_KEY];
+        if (*password == nil) {
+            NSString *server = [self isISI] ? ISI_SERVER : [self host];
+            if (server == nil)
+                return NO;
+            *password = [BDSKPasswordController 
passwordForKeychainServer:server port:[[self port] integerValue] account:user];
+            if (*password == nil)
+                return YES;
+            [options setObject:*password forKey:PASSWORD_KEY];
+        }
+    }
+    return YES;
+}
+
 - (NSString *)passwordFromKeychain {
     if ([self isZoom] == NO && [self isISI] == NO)
         return nil;
@@ -371,6 +394,12 @@
         options = [[NSMutableDictionary alloc] initWithObjectsAndKeys:value, 
key, nil];
 }
 
+- (NSString *)password {
+    NSString *password = nil;
+    [self getUsername:NULL password:&password];
+    return password;
+}
+
 - (void)setPassword:(NSString *)newPassword;
 {
     [self setOptionValue:newPassword forKey:PASSWORD_KEY];
@@ -457,7 +486,7 @@
     if ([self isZoom] == NO && [self isISI] == NO)
         return;
     // don't get the password from the keychain
-    NSString *password = [[self options] objectForKey:PASSWORD_KEY];
+    NSString *password = [options objectForKey:PASSWORD_KEY];
     if (password == nil)
         return;
     NSString *account = [self username];

Modified: trunk/bibdesk/BDSKZoomGroupServer.m
===================================================================
--- trunk/bibdesk/BDSKZoomGroupServer.m 2022-09-25 21:19:05 UTC (rev 27929)
+++ trunk/bibdesk/BDSKZoomGroupServer.m 2022-09-25 22:07:11 UTC (rev 27930)
@@ -194,7 +194,7 @@
     }
 }
 
-- (NSFormatter *)searchStringFormatter { return [[[ZOOMCCLQueryFormatter 
alloc] initWithConfigString:[[[self serverInfo] options] 
objectForKey:@"queryConfig"]] autorelease]; }
+- (NSFormatter *)searchStringFormatter { return [[[ZOOMCCLQueryFormatter 
alloc] initWithConfigString:[[self serverInfo] queryConfig]] autorelease]; }
 
 #pragma mark Main thread 
 
@@ -258,8 +258,12 @@
     BDSKDESTROY(connection);
     if ([info host] != nil) {
         connection = [[ZOOMConnection alloc] initWithHost:[info host] 
port:[[info port] integerValue] database:[info database]];
-        [connection setPassword:[info password]];
-        [connection setUsername:[info username]];
+        NSString *user = nil;
+        NSString *password = nil;
+        if ([serverInfo getUsername:&user password:&password]) {
+            [connection setPassword:password];
+            [connection setUsername:user];
+        }
         ZOOMSyntaxType syntax = [[self class] 
zoomRecordSyntaxForRecordSyntaxString:[info recordSyntax]];
         if(syntax != UNKNOWN)
             [connection setPreferredRecordSyntax:syntax];    
@@ -309,7 +313,7 @@
         BOOL isOPAC = [[info recordSyntax] isEqualToString:OPAC_STRING];
         
         // the resultSet is cached for each searchTerm, so we have no overhead 
calling it for retrieving more results
-        ZOOMQuery *query = [ZOOMQuery queryWithCCLString:searchTerm 
config:[[info options] objectForKey:@"queryConfig"]];
+        ZOOMQuery *query = [ZOOMQuery queryWithCCLString:searchTerm 
config:[info queryConfig]];
         
         ZOOMResultSet *resultSet = query ? [connection resultsForQuery:query] 
: nil;
         

This was sent by the SourceForge.net collaborative development platform, the 
world's largest Open Source development site.



_______________________________________________
Bibdesk-commit mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bibdesk-commit

[Bibdesk-commit] SF.net SVN: bibdesk:[27930] trunk/bibdesk

Reply via email to