diff options
author | Ted Trask <ttrask01@yahoo.com> | 2008-05-02 21:07:27 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2008-05-02 21:07:27 +0000 |
commit | 3eecd1d2d435332a27e1712cdb352391ffaa0b9d (patch) | |
tree | ecd89bf4194ef4a4d1deeec559a84cd744a9c58b /app/acf-util/roles-controller.lua | |
parent | 8e78bcd38414770922d8fb77d534e9b65b8bab1c (diff) | |
download | acf-core-3eecd1d2d435332a27e1712cdb352391ffaa0b9d.tar.bz2 acf-core-3eecd1d2d435332a27e1712cdb352391ffaa0b9d.tar.xz |
Updated roles
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1099 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'app/acf-util/roles-controller.lua')
-rw-r--r-- | app/acf-util/roles-controller.lua | 113 |
1 files changed, 109 insertions, 4 deletions
diff --git a/app/acf-util/roles-controller.lua b/app/acf-util/roles-controller.lua index 4363cb6..1d69b8b 100644 --- a/app/acf-util/roles-controller.lua +++ b/app/acf-util/roles-controller.lua @@ -5,6 +5,25 @@ module (..., package.seeall) auth = require("authenticator-plaintext") roll = require("roles") +local get_all_permissions = function(self) + -- need to get a list of all the controllers + controllers = roles.get_controllers(self) + local table_perm = {} + local array_perm = {} + for a,b in pairs(controllers) do + if nil == table_perm[b.sname] then + table_perm[b.sname] = {} + end + temp = roles.get_controllers_func(self,b) + for x,y in ipairs(temp) do + table_perm[b.sname][y] = {} + array_perm[#array_perm + 1] = b.sname .. ":" .. y + end + end + + return table_perm, array_perm +end + default_action = "read" -- Return your own roles/permissions @@ -16,7 +35,7 @@ read = function(self) end -- Return roles/permissions for specified user -viewroles = function(self) +viewuserroles = function(self) if not (self.clientdata.userid) then redirect(self) end @@ -27,7 +46,7 @@ viewroles = function(self) end -- Return permissions for specified role -viewperms = function(self) +viewroleperms = function(self) if not (self.clientdata.role) then redirect(self, "getlist") end @@ -37,6 +56,92 @@ viewperms = function(self) end -- Return list of all permissions -getlist = function(self) - return cfe({ type="group", value={permissions=self.model:getcont(self)} }) +getpermslist = function(self) + permissions = cfe({ type="table", value=get_all_permissions(self), label="All Permissions" }) + return cfe({ type="group", value={permissions=permissions} }) +end + +viewroles = function(self) + -- Get command result out of session data + local cmdresult = self.sessiondata.cmdresult + self.sessiondata.cmdresult = nil + + local defined_roles, default_roles = roll.list_roles() + local defined_roles_cfe=cfe({ type="list", value=defined_roles, label="Locally-defined roles" }) + local default_roles_cfe=cfe({ type="list", value=default_roles, label="System-defined roles" }) + + return cfe({ type="group", value={defined_roles=defined_roles_cfe, default_roles=default_roles_cfe, cmdresult=cmdresult} }) +end + +local setpermissions = function(self, role, permissions, newrole) + local errtxt + local my_perms = {} + if permissions then + -- we're changing permissions + local result = true + if newrole then + -- make sure not overwriting role + for x,ro in ipairs(roles.list_roles()) do + if role==ro then + result = false + errtxt = "Role already exists" + break + end + end + end + if result==true then + result, errtxt = roles.set_role_perm(role, nil, permissions) + end + my_perms = self.clientdata.permissions + else + if role then + tmp, my_perms = roles.get_role_perm(self.conf.appdir, role) + else + role = "" + end + end + + local tmp, all_perms = get_all_permissions(self) + table.sort(all_perms) + + local permissions_cfe = cfe({ type="multi", value=my_perms, option=all_perms, label="Role permissions" }) + local role_cfe = cfe({ value=role, label="Role", errtxt=errtxt }) + + return cfe({ type="table", value={role=role_cfe, permissions=permissions_cfe} }) +end + +newrole = function(self) + local form = setpermissions(self, self.clientdata.role, self.clientdata.permissions, true) + form.type = "form" + form.label = "Edit new role" + if form.value.role.errtxt then + form.errtxt = "Failed to create role" + elseif self.clientdata.permissions then + -- If we have permissions, we tried to set + local cmdresult = cfe({ value="New role created" }) + self.sessiondata.cmdresult = cmdresult + redirect(self, "viewroles") + end + return form +end + +editrole = function(self) + local form = setpermissions(self, self.clientdata.role, self.clientdata.permissions, false) + form.type = "form" + form.label = "Edit role" + if form.value.role.errtxt then + form.errtxt = "Failed to save role" + elseif self.clientdata.permissions then + -- If we have permissions, we tried to set + local cmdresult = cfe({ value="Role saved" }) + self.sessiondata.cmdresult = cmdresult + redirect(self, "viewroles") + end + return form +end + +deleterole = function(self) + local result, cmdresult = roles.delete_role(self.clientdata.role) + self.sessiondata.cmdresult = cfe({ value=cmdresult }) + redirect(self, "viewroles") end |