Adding the beingings of the authorization items. Also adding some of the updates to the Autentication.

git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@689 ab2d0c66-481e-0410-8bed-d214d4d58bed

4 files changed, 75 insertions, 5 deletions

diff --git a/lib/authenticator-plaintext.lua b/lib/authenticator-plaintext.lua
index af2ab87..57bbf35 100644
--- a/lib/authenticator-plaintext.lua
+++ b/lib/authenticator-plaintext.lua
@@ -29,7 +29,7 @@ pvt.parse_authfile = function(filename)
 				string.match(l, "([^:]*):([^:]*):([^:]*):(.*)")
 			local r = {}
 			roles=roles or ""
-			for x in string.gmatch(roles, "([^,]*),?") do
+			for x in string.gmatch(roles, "([^,]%w+),?") do
 				table.insert (r, x )
 			end
 				
diff --git a/lib/format.lua b/lib/format.lua
index 1fa5fc6..2865756 100644
--- a/lib/format.lua
+++ b/lib/format.lua
@@ -31,7 +31,8 @@ function remove_blanks_comments ( path )
 	end	
 	local lines = {}
 	for a,b in ipairs(f) do
-	local c = string.match(b, "^$") or string.match(b, "^%#")
+	local c = string.match(b, "^$") or string.match(b, "^%#") 
+	--this does not take care of lua comments with -- or --[[
 	if c == nil then lines[#lines + 1] = b end
 	end
 -- returns a table to iterate over without the blank or commented lines
@@ -148,3 +149,13 @@ function string_to_table ( text, delimiter)
 	return list
 end
 
+function md5sum_string ( str)
+	cmd = "/bin/echo -n " .. str .. "|/usr/bin/md5sum|cut -f 1 -d \" \" "
+	f = io.popen(cmd)
+	local checksum =  {}
+	for line in f:lines() do
+		checksum[#checksum + 1] = line
+		end
+	f:close()
+	return checksum[1]
+end
diff --git a/lib/roles.lua b/lib/roles.lua
new file mode 100644
index 0000000..808aa95
--- /dev/null
+++ b/lib/roles.lua
@@ -0,0 +1,57 @@
+--this module is for authorization help and group/role management
+
+
+require ("posix")
+require ("format")
+
+module (..., package.seeall)
+
+list_controllers = function(self)
+local list = {}
+local f = io.popen("/usr/bin/find /usr/share/acf/ |/bin/grep \"controller.lua$\" ")
+       for a in f:lines() do
+       list[#list + 1 ] = a
+       end
+f:close()
+return list
+end
+
+get_controllers = function(self,controller)
+	--we get all the controllers
+	local list = roles.list_controllers()
+	--we need to grab the directory and name of file
+	local temp = {}
+	for k,v in pairs(list) do
+	path = string.match(v,"[/%w-]+/")
+	filename = string.match(v,"[^/]*.lua")
+	name = string.match(filename,"[^.]*")
+	sname = string.match(filename,"[^-]*")
+	temp[sname] = {path=path,filename=filename,name=name,sname=sname}
+	end
+ if controller then
+ return temp[controller]
+ else
+ return temp
+ end
+
+end
+
+get_controllers_func = function(self,controller_info)
+	if controller_info == nil then
+	return "Could not be processed"
+	else
+	package.path=package.path .. ";" .. controller_info.path .. "?.lua"
+	temp = require (controller_info.name)
+	temp1 = {}
+	for a,b in pairs(temp) do 
+	local c = string.match(a,"mvc") or string.match(a,"^_") 
+	if c == nil then
+	temp1[#temp1 +1] = a
+	end
+end
+	--require (controller_info.name)
+	--we need to go through bobo and take out the mvc func and locals and --
+	return temp1
+	end
+end
+
diff --git a/lib/session.lua b/lib/session.lua
index ef7c596..751b693 100644
--- a/lib/session.lua
+++ b/lib/session.lua
@@ -149,7 +149,7 @@ unlink_session = function (sessionpath, session)
 end
 
 --need to see if this is a "real"-user session or just a temp one. 
-check_session = function (sessionpath, session)
+check_session = function (sessionpath, session )
 	if session == nil then return "an unknown user" end
 
 	local fullpath = sessionpath .. "/session." .. session
@@ -163,17 +163,19 @@ check_session = function (sessionpath, session)
 	return "an unknown user"
 	else
 	local c = dofile(fullpath).userinfo.userid
-	return c	
+	local d = dofile(fullpath).userinfo.roles
+	return c,d
 	end
 		
 
 end
+
 -- Record an invalid login event 
 -- ID would typically be an ip address or username
 -- the format is lockevent.id.datetime.processid
 record_event = function( sessionpath, id_u, id_ip )
 	local x = io.open (string.format ("%s/lockevent.%s.%s.%s.%s",
-		 sessionpath or "/", id_u or "", id_ip, os.time(), 
+		 sessionpath or "/", id_u or "", id_ip or "", os.time(), 
 		 (posix.getpid("pid")) or "" ), "w")
 	io.close(x)
 end