diff options
author | Mika Havela <mika.havela@gmail.com> | 2008-02-20 18:35:22 +0000 |
---|---|---|
committer | Mika Havela <mika.havela@gmail.com> | 2008-02-20 18:35:22 +0000 |
commit | 094b3d75f80d73a08dcbdddaa32ea90052383ec3 (patch) | |
tree | eeea53dd87b5222eb9922dc9233ed4d728fd1ffa | |
parent | 20fff1f88b819c5c8aea4fb2d3ca752091c18a66 (diff) | |
download | acf-core-094b3d75f80d73a08dcbdddaa32ea90052383ec3.tar.bz2 acf-core-094b3d75f80d73a08dcbdddaa32ea90052383ec3.tar.xz |
Password administration now works!
Logon as alpine and you can edit others. All other users can only edit them selves.
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@761 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rwxr-xr-x | app/acf-util/password-controller.lua | 206 | ||||
-rwxr-xr-x | app/acf-util/password-html.lsp | 15 | ||||
-rwxr-xr-x | app/acf-util/password-status-html.lsp | 17 |
3 files changed, 175 insertions, 63 deletions
diff --git a/app/acf-util/password-controller.lua b/app/acf-util/password-controller.lua index 3cbc98a..333786a 100755 --- a/app/acf-util/password-controller.lua +++ b/app/acf-util/password-controller.lua @@ -23,20 +23,20 @@ local function admin_permission() end end -local function config(self,userid) +local function get_config(self,userid) local config = {} local userinfo = {} - if (userid) then + if (#userid > 0) then userinfo=auth.get_userinfo(self,userid) - else - userinfo.userid = "" - userinfo.username = "" - userinfo.roles = {} - end + if not (userinfo) then + userinfo = {userid = "", username = "", roles = {} } + end + + -- Get list of available roles local avail_roles=auth.list_roles() - config.debug = userid +-- config.debug = userid -- Debug info config.userid = cfe({ name="userid", @@ -48,7 +48,6 @@ local function config(self,userid) value=(userinfo.userid or ""), type="hidden", }) - config.username = cfe({ name="username", label="User name", @@ -65,13 +64,11 @@ local function config(self,userid) name="password", label="Password", type="passwd", - disabled="yes", }) config.password_confirm = cfe({ name="password_confirm", label="Password (confirm)", type="passwd", - disabled="yes", }) config.availableroles = cfe({ @@ -109,7 +106,7 @@ function status(self) status.users[k] = cfe({ name=v, label=v, --- debug=userinfo, +-- debug=userinfo, -- Debug info value={ userid=cfe ({ name="userid", label="User ID", @@ -130,6 +127,23 @@ function status(self) }, }) + local errormessage = "" + -- Check if this user has got any errors in the config + if (userinfo.password == "") or (userinfo.password == nil) then + errormessage = "This user has no password! ".. errormessage + end + -- Check if user has no roles + if (table.maxn(userinfo.roles) == 0) then + errormessage = "This user has no roles! " .. errormessage + end + -- If there where any errormessages, then present them + if (#errormessage > 0) then + status.users[k].value.errors = cfe ({ + name="errors", + label="Attention", + value=errormessage, + }) + end end --Create a button for 'New user account' @@ -149,13 +163,14 @@ function administrator(self) -- Check for admin persmissions - else redirect to personal options if not (admin_permission()) then self.conf.action = "edit_me" + self.conf.type = "redir" return edit_me(self) end -- Output userinfo - output = config(self,self.clientdata.userid) + output = get_config(self,(self.clientdata.orguserid or self.clientdata.userid or "")) - --Clear password-field + -- Clear password-field output.password.value = "" -- Add some buttons @@ -164,14 +179,12 @@ function administrator(self) type="submit", label="Save changes", value="Save", --- disabled="yes", }) output.cmddelete = cfe ({ name="cmddelete", type="submit", label="Delete this account", value="Delete", - disabled="yes", }) return {config=output} @@ -179,72 +192,161 @@ end function edit_me(self) - --FIXME: Redirect to Welcome or logon if user is not logged on --- if not ( self.sessiondata.userinfo) then --- self.conf.action = "" --- self.conf.type = "redir" --- end + -- FIXME: Redirect to Welcome or logon if user is not logged on -- Output userinfo - local output = config(self,sessiondata.userinfo.userid) + local output = get_config(self,sessiondata.userinfo.userid) - --Hide roles/cmddelete for current the user + -- Hide roles/cmddelete for current the user output.roles = nil output.cmddelete = nil - --Disable userid + -- Disable userid output.userid.disabled = "yes" - --Add save-button + -- Set userid + output.orguserid.value = self.sessiondata.userinfo.userid + + -- Add save-button output.cmdsave = cfe ({ name="cmdsave", type="submit", label="Save changes", value="Save", - disabled="yes", }) return {config=output} end +clientdata_from_roles = function(self) + local output = {} + + for k,v in pairs(auth.list_roles()) do + if (self.clientdata[v]) then + table.insert(output, v) + end + end + + return output +end + function save(self) + local errormessage = {} + local cmdresult = {} - --FIXME: Check if user is allowed to save settings + -- FIXME: Check if user is allowed to save settings + -- FIXME: If user has little priviliges, then see to that he only can change hes own settings + -- At the moment... the user could send self.clientdata.orguserid = 'someoneelseid' and change hes settings. + -- This field is hidden for user... but advanced users could probably workaround somehow. + + -- Delete selected user + if (clientdata.cmddelete) then + cmdresult["delete"],errormessage["delete"] = auth.delete_user(self,self.clientdata.orguserid) + end + + -- If userid-filed is disabled, then use orguserid instead (hidden filed) + if not (self.clientdata.userid) then + self.clientdata.userid = self.clientdata.orguserid + end -- We start changing things based on input - local cmdresult = {} - cmdresult.debug = {} if (clientdata.cmdsave) then - if (#clientdata.orguserid > 0) then - local variables="username userid" - cmdresult.debugs = self.clientdata.orguserid - for var in string.gmatch(variables, "%S+") do - if (self.clientdata[var]) then - cmdresult[var],cmdresult.debug[var] = auth.change_settings( - self, - self.clientdata.orguserid, - var, self.clientdata[var] - ) + -- Check if password is written correct + if (self.clientdata.password == self.clientdata.password_confirm) and + (#self.clientdata.userid > 0) then + -- Check if we are editing a existing user or creating a new one + if (#clientdata.orguserid > 0) then + local variables="username userid roles" + -- Change password if user entered any values + if (#self.clientdata.password > 0) then + variables = variables .. " password" + end + -- Concate roles into one chunk of data (needed by the model) + self.clientdata.roles = table.concat(clientdata_from_roles(self), ",") + +-- cmdresult.debugs = self.clientdata.orguserid -- Debug information + for var in string.gmatch(variables, "%S+") do + if (self.clientdata[var]) then + cmdresult["cmdtype"] = "change" + cmdresult[var],errormessage[var] = auth.change_settings( + self, + self.clientdata.orguserid, + var, self.clientdata[var] + ) + end end + else + -- We are about to create a new user + cmdresult["cmdtype"] = "new" + cmdresult["new"],errormessage["new"] = auth.new_settings( + self, + self.clientdata.userid, + self.clientdata.username, + self.clientdata.password, + self.clientdata.password_confirm, + clientdata_from_roles(self) + ) end - else - cmdresult["new"],cmdresult.debug["new"] = auth.new_settings( - self, - self.clientdata.userid, - self.clientdata.username, - self.clientdata.password, - self.clientdata.password_confirm ) + elseif (self.clientdata.password ~= self.clientdata.password_confirm) then + errormessage.none = {password_confirm = "You entered wrong password/confirmation"} + elseif (#self.clientdata.userid == 0) then + errormessage.none = {userid = "Userid can not be blank!"} end end - cmdresult.clientdata = self.clientdata + -- Fetch saved values + local output = administrator(self) - return cmdresult ---[[ - --FIXME: Redirect somewhere when changed settings + -- Report errors from previously entered values (present this error for the user) + if (cmdresult["cmdtype"] == "new") then + -- Report where the user entered som errors + for k,v in pairs(errormessage["new"]) do + output.config[k].errtxt = v + end + else + -- Report where the user entered som errors + for k,v in pairs(errormessage) do + for kk,vv in pairs(v) do + output.config[kk].errtxt = vv + end + end + end + + -- If there was any errormessage then return to previous page and present the errormessage + for k,v in pairs(errormessage) do + for kk,vv in pairs(v) do + + -- Incase we entered some invalid options, but entered correct Password (and it has been changed) + -- then inform the user that the password has been changed + if (cmdresult.password) then + output.config.password.descr = "* Password has been changed!" + end + + -- Write the previously entered information on the screen. + for k,v in pairs(self.clientdata) do + if (output.config[k]) and (k == roles) then + table.insert(output.config[k].option, v) + elseif (output.config[k]) then + output.config[k].value = v + end + end + + -- Because something went wrong... clear the password and let the user re-enter the password/confirmation + output.config.password.value = "" + output.config.password_confirm.value = "" + + -- Debug information +-- output.config.debugcmdresult = cmdresult -- Debug information + + -- Redirect page + self.conf.action = "administrator" + self.conf.type = "redir" + return output + end + end + + --If everything went OK then redirect to main page self.conf.action = "status" self.conf.type = "redir" - return status(self) ---]] end diff --git a/app/acf-util/password-html.lsp b/app/acf-util/password-html.lsp index 861b793..5d4d488 100755 --- a/app/acf-util/password-html.lsp +++ b/app/acf-util/password-html.lsp @@ -25,17 +25,20 @@ function displayinfo(myform,tags,viewtype) elseif (viewtype == "roles") then for k,v in pairs(form.config.availableroles.option) do local checked = "" - for kk,vv in pairs(form.config.roles.option) do - if (v == vv) then - checked = "checked='yes'" - break + if (type(form.config.roles.option) == "table") then + for kk,vv in pairs(form.config.roles.option) do + if (v == vv) then + checked = "checked='yes'" + break + end end end - io.write("\n\t\t\t" ..v .. ":<input class='checkbox' type='checkbox' name='roles' value='' " .. checked .. " disabled> ") + io.write("\n\t\t\t" ..v .. ":<input class='checkbox' type='checkbox' name='"..v.."' value='"..v.."' " .. checked .. " > ") end else io.write(html.form[val.type](val)) end + if (val.descr) and (#val.descr > 0) then io.write("\t\t<P CLASS='descr'>" .. string.gsub(val.descr, "\n", "<BR>") .. "</P>\n") end if (#val.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>") end io.write("\n\t\t</DD>") else @@ -66,7 +69,7 @@ displayinfo(myform,tags) </form> <? ----[[ DEBUG INFORMATION +--[[ DEBUG INFORMATION io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>") io.write(html.cfe_unpack(form)) io.write("</span>") diff --git a/app/acf-util/password-status-html.lsp b/app/acf-util/password-status-html.lsp index 35e2027..e6d15b0 100755 --- a/app/acf-util/password-status-html.lsp +++ b/app/acf-util/password-status-html.lsp @@ -58,11 +58,18 @@ if (type(myform) == "table") then end io.write("><IMG SRC='/static/tango/16x16/apps/system-users.png' HEIGHT='16' WIDTH='16'> " .. myform.label .. "</DT>\n") io.write("\t\t<DD>\n\t\t<TABLE>") - io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.userid.label .."</B></TD>\n\t\t\t\t<TD WIDTH='90%'>" .. myform.value.userid.value .. "</TD>\n\t\t\t</TR>") - io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.username.label .."</B></TD>\n\t\t\t\t<TD>" .. myform.value.username.value .. "</TD>\n\t\t\t</TR>") - io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.roles.label .."</B></TD>\n\t\t\t\t<TD>" .. myform.value.roles.value .. "</TD>\n\t\t\t</TR>") + io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.userid.label .. + "</B></TD>\n\t\t\t\t<TD WIDTH='90%'>" .. myform.value.userid.value .. "</TD>\n\t\t\t</TR>") + io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.username.label .. + "</B></TD>\n\t\t\t\t<TD>" .. myform.value.username.value .. "</TD>\n\t\t\t</TR>") + io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>".. myform.value.roles.label .. + "</B></TD>\n\t\t\t\t<TD>" .. myform.value.roles.value .. "</TD>\n\t\t\t</TR>") + if (myform.value.errors) then + io.write("\n\t\t\t<TR>\n\t\t\t\t<TD CLASS='error'><B>".. myform.value.errors.label .. + "</B></TD>\n\t\t\t\t<TD CLASS='error'>" .. myform.value.errors.value .. "</TD>\n\t\t\t</TR>") + end io.write("</TD>\n\t\t\t</TR>") - io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Option</B></TD>\n\t\t\t\t<TD>[<A HREF='administrator?userid=".. myform.value.userid.value .. "'>Edit this account</A>]</TD>\n\t\t\t</TR>") + io.write("\n\t\t\t<TR>\n\t\t\t\t<TD><B>Option</B></TD>\n\t\t\t\t<TD>[<A HREF='administrator?orguserid=".. myform.value.userid.value .. "'>Edit this account</A>]</TD>\n\t\t\t</TR>") io.write("\n\t\t</TABLE>\n") if (#myform.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(myform.errtxt, "\n", "<BR>") .. "</P>\n") end io.write("\t\t</DD>\n") @@ -73,7 +80,7 @@ io.write("</DL>") <? ----[[ DEBUG INFORMATION +--[[ DEBUG INFORMATION io.write("<H1>DEBUGGING</H1><span style='color:red'><H2>DEBUG INFO: CFE</H2>") io.write(html.cfe_unpack(form)) io.write("</span>") |