diff options
| author | Ted Trask <ttrask01@yahoo.com> | 2008-09-30 19:10:58 +0000 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2008-09-30 19:10:58 +0000 |
| commit | 7f1797c3d84e067112cbf6d19182994d700c6543 (patch) | |
| tree | 2ea6ecea88f6a16febc805222324108c8d8a637c | |
| parent | 06f12e51f6a31a06008a482058107f1511ba2ebf (diff) | |
| download | acf-core-7f1797c3d84e067112cbf6d19182994d700c6543.tar.bz2 acf-core-7f1797c3d84e067112cbf6d19182994d700c6543.tar.xz | |
Modified authenticator to make sub-authenticator visible rather that redefining the functions twice. Modified roles and tinydns to reflect change.
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1537 ab2d0c66-481e-0410-8bed-d214d4d58bed
| -rw-r--r-- | lib/authenticator.lua | 122 | ||||
| -rw-r--r-- | lib/roles.lua | 10 |
2 files changed, 17 insertions, 115 deletions
diff --git a/lib/authenticator.lua b/lib/authenticator.lua index 74dfdad..1b55150 100644 --- a/lib/authenticator.lua +++ b/lib/authenticator.lua @@ -6,8 +6,15 @@ module (..., package.seeall) require("modelfunctions") require("format") --- This will be the sub-authenticator -local auth +-- This is the sub-authenticator +-- In the future, this will be set based upon configuration +-- This is a public variable to allow other controllers (ie tinydns) to do their own permissions +auth = require("authenticator-plaintext") + +-- Publicly define the pre-defined tables +usertable = "passwd" +roletable = "roles" + -- This will hold the auth structure from the database local authstruct -- This is a list of fields in the database that we are allowed to use. @@ -18,18 +25,10 @@ local availablefields = { ['username']=true, ['roles']=true, } -local passwdtable = "passwd" -local roletable = "roles" - -local load_auth = function(self) - -- For now, just loads the plaintext version - auth = auth or require("authenticator-plaintext") -end local load_database = function(self) - load_auth(self) if not authstruct then - local authtable = auth.read_field(self, passwdtable, "") + local authtable = auth.read_field(self, usertable, "") authstruct = {} for i,value in ipairs(authtable) do if value.id ~= "" then @@ -80,7 +79,7 @@ local write_settings = function(self, settings, id) if settings.value.password then id.password = format.md5sum_string(settings.value.password.value) end if settings.value.roles then id.roles = table.concat(settings.value.roles.value, ",") end - return auth.write_entry(self, passwdtable, "", id.userid, (id.password or "")..":"..(id.username or "")..":"..(id.roles or "")) + return auth.write_entry(self, usertable, "", id.userid, (id.password or "")..":"..(id.username or "")..":"..(id.roles or "")) end -- validate the settings (ignore password if it's nil) @@ -243,106 +242,9 @@ new_settings = function (self, settings) end delete_user = function (self, userid) - load_auth(self) local cmdresult = "Failed to delete user" - if auth.delete_entry(self, passwdtable, "", userid) then + if auth.delete_entry(self, usertable, "", userid) then cmdresult = "User deleted" end return cfe({ value=cmdresult, label="Delete user result" }) end - -list_userfields = function(self) - load_auth(self) - if auth then - return auth.list_fields(self, passwdtable) - end - return nil -end - -read_userfield = function(self, name) - load_auth(self) - if auth and name ~= "" then - return auth.read_field(self, passwdtable, name) - end - return nil -end - -delete_userfield = function(self, name) - load_auth(self) - if auth and name ~= "" then - return auth.delete_field(self, passwdtable, name) - end - return false -end - -write_userentry = function(self, name, userid, entry) - load_auth(self) - if auth and name ~= "" then - return auth.write_entry(self, passwdtable, name, userid, entry) - end - return false -end - -read_userentry = function(self, name, userid) - load_auth(self) - if auth and name ~= "" then - return auth.read_entry(self, passwdtable, name, userid) - end - return nil -end - -delete_userentry = function (self, name, userid) - load_auth(self) - if auth and name ~= "" then - return auth.delete_entry(self, passwdtable, name, userid) - end - return false -end - -list_rolefields = function(self) - load_auth(self) - if auth then - return auth.list_fields(self, roletable) - end - return nil -end - -read_rolefield = function(self, name) - load_auth(self) - if auth then - return auth.read_field(self, roletable, name) - end - return nil -end - -delete_rolefield = function(self, name) - load_auth(self) - if auth then - return auth.delete_field(self, roletable, name) - end - return false -end - -write_roleentry = function(self, name, role, entry) - load_auth(self) - if auth then - return auth.write_entry(self, roletable, name, role, entry) - end - return false -end - -read_roleentry = function(self, name, role) - load_auth(self) - if auth then - return auth.read_entry(self, roletable, name, role) - end - return nil -end - -delete_roleentry = function (self, name, role) - load_auth(self) - if auth then - return auth.delete_entry(self, roletable, name, role) - end - return false -end diff --git a/lib/roles.lua b/lib/roles.lua index 86efe4b..ecd9798 100644 --- a/lib/roles.lua +++ b/lib/roles.lua @@ -93,7 +93,7 @@ list_roles = function(self) end -- Open the roles file and parse for defined roles - local entries = authenticator.read_rolefield(self, "") or {} + local entries = authenticator.auth.read_field(self, authenticator.roletable, "") or {} for x,entry in ipairs(entries) do if not reverseroles[entry.id] then defined_roles[#defined_roles + 1] = entry.id @@ -146,7 +146,7 @@ get_roles_perm = function(self,roles) end end - local entries = authenticator.read_rolefield(self, "") or {} + local entries = authenticator.auth.read_field(self, authenticator.roletable, "") or {} for x,entry in ipairs(entries) do if reverseroles[entry.id] then temp = format.string_to_table(entry.entry, ",") @@ -197,7 +197,7 @@ get_role_perm = function(self,role) end end - local entry = authenticator.read_roleentry(self, "", role) + local entry = authenticator.auth.read_entry(self, authenticator.roletable, "", role) if entry then temp = format.string_to_table(entry, ",") for z,perm in pairs(temp) do @@ -225,7 +225,7 @@ delete_role = function(self, role) end end - local result = authenticator.delete_roleentry(self, "", role) + local result = authenticator.auth.delete_entry(self, authenticator.roletable, "", role) local cmdresult = "Role entry not found" if result then cmdresult = "Role deleted" end @@ -257,5 +257,5 @@ set_role_perm = function(self, role, permissions, permissions_array) return false, "No permissions set" end - return authenticator.write_roleentry(self, "", role, table.concat(permissions_array,",")) + return authenticator.auth.write_entry(self, authenticator.roletable, "", role, table.concat(permissions_array,",")) end |