4 files changed, 106 insertions, 42 deletions
diff --git a/ChangeLog b/ChangeLog
index becab98e3..4b32c34bf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2004-03-04  Alexey Shchepin  <alexey@sevcom.net>
+
+	* src/web/: Updated
+
 2004-03-03  Alexey Shchepin  <alexey@sevcom.net>
 
 	* src/web/: Minor update
diff --git a/src/web/ejabberd_http.erl b/src/web/ejabberd_http.erl
index 8735bffae..04aa91306 100644
--- a/src/web/ejabberd_http.erl
+++ b/src/web/ejabberd_http.erl
@@ -17,6 +17,7 @@
 
 -include("ejabberd.hrl").
 -include("jlib.hrl").
+-include("ejabberd_http.hrl").
 
 -record(state, {sockmod,
 		socket,
@@ -81,20 +82,29 @@ receive_headers(State) ->
     end.
 
 
-process_request(#state{request_method = 'GET',
-		       request_path = {abs_path, Path},
-		       request_auth = undefined}) ->
-    make_xhtml_output(
-      401,
-      [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
-      ejabberd_web:make_xhtml([{xmlelement, "h1", [],
-				[{xmlcdata, "401 Unauthorized"}]}]));
 
 process_request(#state{request_method = 'GET',
 		       request_path = {abs_path, Path},
-		       request_auth = {User, Pass}}) ->
-    case ejabberd_auth:check_password(User, Pass) of
-	true ->
+		       request_auth = Auth}) ->
+    User = case Auth of
+	       {U, P} ->
+		   case ejabberd_auth:check_password(U, P) of
+		       true ->
+			   U;
+		       false ->
+			   unauthorized
+		   end;
+	       _ ->
+		   undefined
+	   end,
+    case User of
+	unauthorized ->
+	    make_xhtml_output(
+	      401,
+	      [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
+	      ejabberd_web:make_xhtml([{xmlelement, "h1", [],
+					[{xmlcdata, "401 Unauthorized"}]}]));
+	_ ->
 	    case (catch url_decode_q_split(Path)) of
 		{'EXIT', _} ->
 		    process_request(false);
@@ -102,30 +112,45 @@ process_request(#state{request_method = 'GET',
 		    LQuery = parse_urlencoded(Query),
 		    ?INFO_MSG("path: ~p, query: ~p~n", [NPath, LQuery]),
 		    LPath = string:tokens(NPath, "/"),
-		    case ejabberd_web:process_get(User, LPath, LQuery, "") of
+		    Request = #request{method = 'GET',
+				       path = LPath,
+				       q = LQuery,
+				       user = User},
+		    case ejabberd_web:process_get(Request) of
 			El when element(1, El) == xmlelement ->
 			    make_xhtml_output(200, [], El);
 			{Status, Headers, El} ->
 			    make_xhtml_output(Status, Headers, El)
 		    end
-	    end;
-	_ ->
-	    make_xhtml_output(
-	      401,
-	      [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
-	      ejabberd_web:make_xhtml([{xmlelement, "h1", [],
-					[{xmlcdata, "401 Unauthorized"}]}]))
+	    end
     end;
 
 process_request(#state{request_method = 'POST',
 		       request_path = {abs_path, Path},
-		       request_auth = {User, Pass},
+		       request_auth = Auth,
 		       request_content_length = Len,
 		       sockmod = SockMod,
 		       socket = Socket} = State) when is_integer(Len) ->
-    case ejabberd_auth:check_password(User, Pass) of
-	true ->
-	    case SockMod of
+    User = case Auth of
+	       {U, P} ->
+		   case ejabberd_auth:check_password(U, P) of
+		       true ->
+			   U;
+		       false ->
+			   unauthorized
+		   end;
+	       _ ->
+		   undefined
+	   end,
+    case User of
+	unauthorized ->
+	    make_xhtml_output(
+	      401,
+	      [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
+	      ejabberd_web:make_xhtml([{xmlelement, "h1", [],
+					[{xmlcdata, "401 Unauthorized"}]}]));
+	_ ->
+    	    case SockMod of
 		gen_tcp ->
 		    inet:setopts(Socket, [{packet, 0}]);
 		ssl ->
@@ -141,19 +166,18 @@ process_request(#state{request_method = 'POST',
 		    LPath = string:tokens(NPath, "/"),
 		    LQuery = parse_urlencoded(Data),
 		    ?INFO_MSG("client query: ~p~n", [LQuery]),
-		    case ejabberd_web:process_get(User, LPath, LQuery, "") of
+		    Request = #request{method = 'POST',
+				       path = LPath,
+				       q = LQuery,
+				       user = User,
+				       data = Data},
+		    case ejabberd_web:process_get(Request) of
 			El when element(1, El) == xmlelement ->
 			    make_xhtml_output(200, [], El);
 			{Status, Headers, El} ->
 			    make_xhtml_output(Status, Headers, El)
 		    end
-	    end;
-	_ ->
-	    make_xhtml_output(
-	      401,
-	      [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
-	      ejabberd_web:make_xhtml([{xmlelement, "h1", [],
-					[{xmlcdata, "401 Unauthorized"}]}]))
+	    end
     end;
 
 process_request(State) ->
diff --git a/src/web/ejabberd_http.hrl b/src/web/ejabberd_http.hrl
new file mode 100644
index 000000000..f5af2e9af
--- /dev/null
+++ b/src/web/ejabberd_http.hrl
@@ -0,0 +1,17 @@
+%%%----------------------------------------------------------------------
+%%% File    : ejabberd_http.hrl
+%%% Author  : Alexey Shchepin <alexey@sevcom.net>
+%%% Purpose : 
+%%% Created :  4 Mar 2004 by Alexey Shchepin <alexey@sevcom.net>
+%%% Id      : $Id$
+%%%----------------------------------------------------------------------
+
+-record(request, {method,
+		  path,
+		  q = [],
+		  user,
+		  lang = "",
+		  data = ""
+		 }).
+
+
diff --git a/src/web/ejabberd_web.erl b/src/web/ejabberd_web.erl
index 1bda488bc..4de9d067b 100644
--- a/src/web/ejabberd_web.erl
+++ b/src/web/ejabberd_web.erl
@@ -12,10 +12,11 @@
 
 %% External exports
 -export([make_xhtml/1,
-	 process_get/4]).
+	 process_get/1]).
 
 -include("ejabberd.hrl").
 -include("jlib.hrl").
+-include("ejabberd_http.hrl").
 
 
 make_xhtml(Els) ->
@@ -44,20 +45,35 @@ make_xhtml(Els) ->
 -define(BR, ?X("br")).
 
 
-process_get(User, ["config" | RPath], Query, Lang) ->
-    case acl:match_rule(configure, jlib:make_jid(User, ?MYNAME, "")) of
-	deny ->
-	    {401, [], make_xhtml([?XC("h1", "Not Allowed")])};
-	allow ->
-	    process_config(User, RPath, Query, Lang)
+
+process_get(#request{user = User,
+		     path = ["config" | RPath],
+		     q = Query,
+		     lang = Lang} = Request) ->
+    if
+	User /= undefined ->
+	    case acl:match_rule(configure, jlib:make_jid(User, ?MYNAME, "")) of
+		deny ->
+		    {401, [], make_xhtml([?XC("h1", "Not Allowed")])};
+		allow ->
+		    process_config(Request#request{path = RPath})
+	    end;
+	true ->
+	    {401,
+	     [{"WWW-Authenticate", "basic realm=\"ejabberd\""}],
+	     ejabberd_web:make_xhtml([{xmlelement, "h1", [],
+				       [{xmlcdata, "401 Unauthorized"}]}])}
     end;
 
-process_get(User, Path, Query, Lang) ->
+process_get(_Request) ->
     {404, [], make_xhtml([?XC("h1", "Not found")])}.
 
 
 
-process_config(User, [], Query, Lang) ->
+process_config(#request{user = User,
+			path = [],
+			q = Query,
+			lang = Lang} = Request) ->
     make_xhtml([?XC("h1", "ejabberd configuration"),
 		?XE("ul",
 		    [?LI([?AC("acls/", "Access Control Lists")]),
@@ -67,7 +83,10 @@ process_config(User, [], Query, Lang) ->
 		    ])
 	       ]);
 
-process_config(User, ["acls"], Query, Lang) ->
+process_config(#request{user = User,
+			path = ["acls"],
+			q = Query,
+			lang = Lang} = Request) ->
     case acl:match_rule(configure, jlib:make_jid(User, ?MYNAME, "")) of
 	deny ->
 	    {401, [], make_xhtml([?XC("h1", "Not Allowed")])};
@@ -111,7 +130,7 @@ process_config(User, ["acls"], Query, Lang) ->
 		       ])
     end;
 
-process_config(User, Path, Query, Lang) ->
+process_config(_Request) ->
     {404, [], make_xhtml([?XC("h1", "Not found")])}.