Modified cfe, removing option, errtxt, and name, and adding label - This may break things.

Rewrote password module, adding model Modified authenticator to make password module work git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1052 ab2d0c66-481e-0410-8bed-d214d4d58bed
author: Ted Trask <ttrask01@yahoo.com> 2008-04-30 20:36:02 +0000
committer: Ted Trask <ttrask01@yahoo.com> 2008-04-30 20:36:02 +0000
commit: 378e53f20a0f11c36afffbaef78f47a5303df9ce (patch)
tree: a39e3c216dc10f919ef272c53b67a8f01f001be0 /lib
parent: 82fd96bdcc5b721d8fc208fe4edba54f4dc6fdb7 (diff)
download: acf-core-378e53f20a0f11c36afffbaef78f47a5303df9ce.tar.bz2
acf-core-378e53f20a0f11c36afffbaef78f47a5303df9ce.tar.xz
3 files changed, 216 insertions, 63 deletions
diff --git a/lib/authenticator-plaintext.lua b/lib/authenticator-plaintext.lua
index 4c9bf08..b8cf598 100644
--- a/lib/authenticator-plaintext.lua
+++ b/lib/authenticator-plaintext.lua
@@ -47,12 +47,14 @@ pvt.parse_authfile = function(filename)
 end
 
 pvt.get_id = function(userid, authstruct)
-	if authstruct == nil then return nil end
-	for x = 1,#authstruct do
-		if authstruct[x].userid == userid then
-			return authstruct[x]
+	if authstruct ~= nil then
+		for x = 1,#authstruct do
+			if authstruct[x].userid == userid then
+				return authstruct[x]
+			end
 		end
 	end
+	return nil
 end
 
 --- public methods
@@ -111,6 +113,42 @@ pvt.availablefields = function (field)
 		}
 	return availablefileds[field]
 end
+
+-- validate the settings (ignore password if it's nil)
+local validate_settings = function (self, userid, username, password, password_confirm, roles)
+	local errormessage = {}
+
+	-- Set errormessages when entering invalid values
+	if (#userid == 0) then errormessage.userid = "You need to enter a valid userid!" end
+	if password then
+		if (#password == 0) then
+			errormessage.password = "Password cannot be blank!"
+		elseif (password ~= password_confirm) then 
+			errormessage.password_confirm = "You entered wrong password/confirmation"
+		else
+			local weak_password_result, weak_password_errormessage = pvt.weak_password(password)
+			if (weak_password_result) then errormessage.password = weak_password_errormessage end
+		end
+	end
+	local reverseroles = {}
+	for x,role in pairs(list_roles(self)) do
+		reverseroles[role] = x
+	end
+	for x,role in pairs(roles) do
+		if reverseroles[role] == nil then
+			errormessage.roles = "Invalid role"
+			break
+		end
+	end
+
+	-- Return false if any errormessages are set
+	for k,v in pairs(errormessage) do
+		return false, errormessage
+	end
+
+	return true, errormessage
+end
+
 -- This function returns the username and roles 
 -- or false on an error 
 get_userinfo = function ( self, userid )
@@ -150,7 +188,7 @@ list_roles = function (self)
 	return output
 end
 
-change_settings = function (self, userid,parameter,value) 
+change_settings = function (self, userid, parameter, value) 
 	local errormessage = {}
 	local passwd_path = self.conf.confdir .. "/passwd"
 
@@ -212,60 +250,102 @@ change_settings = function (self, userid,parameter,value)
 	return true
 end
 
-new_settings = function ( self, userid, username, password, password_confirm, roles)
+-- For an existing user, change the settings that are non-nil
+change_settings = function (self, userid, username, password, password_confirm, roles)
+	local result = true
 	local errormessage = {}
-	-- We start by checking if user is allowed to do changes
-	if not (pvt.permission_to_change) then
-		errormessage.permissions = "No permission to change!"
+
+	-- Get the current user info
+	local userinfo = get_userinfo(self, userid)
+	if userinfo == nil then
+		errormessage.userid = "This userid does not exist!"
+		result = false
 	end
 
-	-- Set path to passwordfile
-	local passwd_path = self.conf.confdir .. "/passwd"
+	local change = username or password or password_confirm or roles
+	if change then
+		-- Validate the inputs
+		if (result == true) then
+			-- Use the current settings if new ones are nil, except for password
+			result, errormessage = validate_settings(self, userid, username or userinfo.username, password, password_confirm, roles or userinfo.roles)
+		end
+
+		-- Update all the fields
+		if (result == true) then
+			userinfo.username = username or userinfo.username
+			if password then
+				userinfo.password = fs.md5sum_string(password)
+			end
+			userinfo.roles = roles or userinfo.roles
+
+			-- write the updated user
+			delete_user(self, userid)
+
+			-- Set path to passwordfile
+			local passwd_path = self.conf.confdir .. "/passwd"
+			-- Write the newline into the file
+			fs.write_line_file(passwd_path, userid .. ":" .. userinfo.password .. ":" .. userinfo.username .. ":" .. table.concat(userinfo.roles,",") )
+		end
+	end
+
+	return result, errormessage
+end
+
+new_settings = function (self, userid, username, password, password_confirm, roles)
+	local result = true
+	local errormessage = {}
+	-- make sure to check all fields
+	userid = userid or ""
+	username = username or ""
+	password = password or ""
+	password_confirm = password_confirm or ""
+	roles = roles or {}
 
-	-- Set errormessages when entering invalid values
-	if (#userid == 0) then errormessage.userid = "You need to enter a valid userid!" end
-	if (password ~= password_confirm) then errormessage.password_confirm = "You entered wrong password/confirmation" end
-	if not (password) or (#password == 0) then errormessage.password = "Password cant be blank!" end
---	if not (roles) or (#roles == 0) then errormessage.roles = "You need to enter some roles!" end
-	local weak_password_result, weak_password_errormessage = pvt.weak_password(password)
-	if (weak_password_result) then errormessage.password = weak_password_errormessage end
 	-- Check if userid already used
 	for k,v in pairs(list_users(self)) do
 		if (v == userid) then
 			errormessage.userid = "This userid already exists!"
+			result = false
 		end
 	end
 	
-	-- Return false if some errormessages is set
-	for k,v in pairs(errormessage) do
-		return false, errormessage
+	-- validate the settings
+	if (result == true) then
+		result, errormessage = validate_settings(self, userid, username, password, password_confirm, roles)
 	end
 
-	-- Write the newline into the file
-	fs.write_line_file(passwd_path, userid .. ":" .. fs.md5sum_string(password) .. ":" .. username .. ":" .. table.concat(roles,",") )
+	-- write the new user
+	if (result == true) then
+		-- Set path to passwordfile
+		local passwd_path = self.conf.confdir .. "/passwd"
 
-	return true, errormessage
+		-- Write the newline into the file
+		fs.write_line_file(passwd_path, userid .. ":" .. fs.md5sum_string(password) .. ":" .. username .. ":" .. table.concat(roles,",") )
+	end
+
+	return result, errormessage
 end
 
-delete_user = function( self, userid)
-	local errormessage = {}
-	local passwd_path = self.conf.confdir .. "/passwd"
-
-	-- We start by checking if user is allowed to do changes
-	if not (pvt.permission_to_change) then
-		errormessage.permissions = "No permission to change!"
-	end
+delete_user = function (self, userid)
+	local result = false
+	local errormessage = {userid="User not found"}
 
+	local passwd_path = self.conf.confdir .. "/passwd"
 	local passwdfilecontent = fs.read_file_as_array(passwd_path)
 	local output = {}
 	for k,v in pairs(passwdfilecontent) do
 		if not ( string.match(v, "^".. userid .. ":") ) then
 			table.insert(output, v)
+		else
+			result = true
+			errormessage = {}
 		end
 	end
 	
 	--Save the updated table
-	fs.write_file(passwd_path, table.concat(output,"\n"))
+	if result == true then
+		fs.write_file(passwd_path, table.concat(output,"\n"))
+	end
 
-	return true, errormessage
+	return result, errormessage
 end
diff --git a/lib/html.lua b/lib/html.lua
index 136ce2b..0a23184 100644
--- a/lib/html.lua
+++ b/lib/html.lua
@@ -92,7 +92,7 @@ local generic_input = function ( field_type, v )
 	for i,k in ipairs ( {
 			"name", "size", "checked", "maxlength", 
 			"value", "length",   "class", "id", "src",
-			"align", "alt", 
+			"align", "alt", "contenteditable", 
 			"tabindex", "accesskey", "onfocus", "onblur"
 			} ) do
 		str = str .. nv_pair ( k, v[k] )
@@ -129,7 +129,7 @@ form.longtext = function ( v )
 end
 
 
-function form.passwd ( v )
+function form.password ( v )
 	return generic_input ( "password", v )
 end
 
@@ -156,7 +156,7 @@ function form.image ( v )
 end
 
 
--- v.value is the selected item
+-- v.value is the selected item (or an array if multiple)
 -- v.option is an array of valid options
 -- NOTE use of value and values (plural)
 function form.select ( v )
@@ -177,6 +177,12 @@ function form.select ( v )
 	end
 	str = str .. ">"
 	-- now the options
+	local reverseval = {}
+	if type(v.value) == "table" then
+		for x,val in ipairs(v.value) do
+			reverseval[val]=x
+		end
+	end
 	for i, k in ipairs ( v.option ) do
 		local val = k
 		local txt = nil
@@ -184,9 +190,13 @@ function form.select ( v )
 			txt=val[1]
 			val=val[0]
 		end
-		str = str .. "<option " 
-		if ( v.value == val ) then
-			str = str .. " selected "
+		str = str .. "<option "
+		if type(v.value) == "table" then
+			if reverseval[val] then
+				str = str .. " selected"
+			end
+		elseif ( v.value == val ) then
+			str = str .. " selected"
 		end
 		str = str .. nv_pair("value", val) .. ">" .. k .. "</option>"
 	end 
diff --git a/lib/viewfunctions.lua b/lib/viewfunctions.lua
index d69f2cc..c7aa53f 100644
--- a/lib/viewfunctions.lua
+++ b/lib/viewfunctions.lua
@@ -4,14 +4,14 @@ function displayinfo(myform,tags,viewtype)
 		if (myform[v]) and (myform[v]["value"]) then
 			local val = myform[v] 
 			io.write("\n\t<DT")
-			if (#val.errtxt > 0) then 
+			if (val.errtxt) then 
 				val.class = "error"
 				io.write(" class='error'")
 			end
 			io.write(">" .. val.label .. "</DT>")
 			io.write("\n\t\t<DD>")
 			if (viewtype == "viewonly") then
-				if (val.value == "") and (val.errtxt == "") and ((val.descr) and (val.descr == "")) then val.value = "&nbsp;" end
+				if (val.value == "") and (val.errtxt == nil) and ((val.descr) and (val.descr == "")) then val.value = "&nbsp;" end
 				io.write(val.value)
 			elseif (val.type == "radio") and (type(val.option) == "table") and (#val.option > 0) then
 				io.write("<span style='display:inline' class='" .. ( val.class or "") .. "'>")
@@ -26,7 +26,7 @@ function displayinfo(myform,tags,viewtype)
 				io.write(html.form[val.type](val))
 			end
 			if (val.descr) and (#val.descr > 0) then io.write("\n\t\t<P CLASS='descr'>" .. string.gsub(val.descr, "\n", "<BR>") .. "</P>") end
-			if (#val.errtxt > 0) then io.write("\n\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>") end
+			if (val.errtxt) then io.write("\n\t\t<P CLASS='error'>" .. string.gsub(val.errtxt, "\n", "<BR>") .. "</P>") end
 			io.write("\n\t\t</DD>\n")
 		end
 	end
@@ -46,31 +46,94 @@ function displaymanagement (myform,tags)
 	end
 
 	if (myform) and (myform[tags[1]]) then
-	io.write('<dt>' .. (myform[tags[1]]["label"] or myform[tags[1]]["name"]) .. '</dt>')
-	io.write('<dd>')
-	--Show buttons
-	for k,v in pairs(tags) do
-		if (myform[v]) then
-			io.write(html.form[myform[v].type](myform[v]))
+		io.write('<dt>' .. (myform[tags[1]]["label"] or myform[tags[1]]["name"]) .. '</dt>')
+		io.write('<dd>')
+		--Show buttons
+		for k,v in pairs(tags) do
+			if (myform[v]) then
+				io.write(html.form[myform[v].type](myform[v]))
+			end
+		end
+		if (descriptions) and (#descriptions > 0) then 
+			io.write("\n\t\t<P CLASS='descr'>" .. string.gsub(descriptions, "\n", "<BR>") .. "</P>")
+		end
+		if (errors) and (#errors > 0) then 
+			io.write("\n\t\t<P CLASS='error'>" .. string.gsub(errors, "\n", "<BR>") .. "</P>") 
 		end
+		io.write('</dd>')
+
+		-- Display the result of previous action
+		if (myform) and (myform['actionresult']) then
+			if (myform['actionresult']['errtxt']) and (#myform['actionresult']['errtxt'] > 0) then
+				io.write('<dt class="error">' .. myform['actionresult']['label'] .. '</dt>')
+				io.write('<dd><pre class="error">' .. (myform['actionresult']['errtxt'] or "") .. '</pre></dd>')
+			elseif (myform['actionresult']['descr']) and (#myform['actionresult']['descr'] > 0) then
+				io.write('<dt>' .. myform['actionresult']['label'] .. '</dt>')
+				io.write('<dd><pre>' .. (myform['actionresult']['descr'] or "") .. '</pre></dd>')
+			end
+		end
+	end
+end
+
+function displayitem(myitem, viewtype)
+	io.write("<DT")
+	if myitem.errtxt then 
+		myitem.class = "error"
+		io.write(" class='error'")
 	end
-	if (descriptions) and (#descriptions > 0) then 
-		io.write("\n\t\t<P CLASS='descr'>" .. string.gsub(descriptions, "\n", "<BR>") .. "</P>")
+	io.write(">" .. myitem.label .. "</DT>\n")
+	io.write("<DD>")
+	if (viewtype == "viewonly") then
+		myitem.disabled = "true"
 	end
-	if (errors) and (#errors > 0) then 
-		io.write("\n\t\t<P CLASS='error'>" .. string.gsub(errors, "\n", "<BR>") .. "</P>") 
+	if myitem.type == "multi" then
+		-- FIXME multiple select doesn't work in haserl, so use series of checkboxes
+		--myitem.type = "select"
+		--myitem.multiple = "true"
+		local tempname = myitem.name
+		local tempval = myitem.value
+		local reverseval = {}
+		for x,val in ipairs(tempval) do
+			reverseval[val] = x
+		end
+		for x,val in ipairs(myitem.option) do
+			myitem.value = val
+			myitem.checked = reverseval[val]
+			myitem.name = tempname .. "." .. val
+			io.write(html.form.checkbox(myitem) .. val .. "<br>\n")
+		end
+		myitem.name = tempname
+		myitem.value = tempval
+	else
+		io.write(html.form[myitem.type](myitem) .. "\n")
 	end
-	io.write('</dd>')
+	if myitem.descr then io.write("<P CLASS='descr'>" .. string.gsub(myitem.descr, "\n", "<BR>") .. "</P>\n") end
+	if myitem.errtxt then io.write("<P CLASS='error'>" .. string.gsub(myitem.errtxt, "\n", "<BR>") .. "</P>\n") end
+	io.write("</DD>\n")
+end
 
-	-- Display the result of previous action
-	if (myform) and (myform['actionresult']) then
-		if (myform['actionresult']['errtxt']) and (#myform['actionresult']['errtxt'] > 0) then
-			io.write('<dt class="error">' .. myform['actionresult']['label'] .. '</dt>')
-			io.write('<dd><pre class="error">' .. (myform['actionresult']['errtxt'] or "") .. '</pre></dd>')
-		elseif (myform['actionresult']['descr']) and (#myform['actionresult']['descr'] > 0) then
-			io.write('<dt>' .. myform['actionresult']['label'] .. '</dt>')
-			io.write('<dd><pre>' .. (myform['actionresult']['descr'] or "") .. '</pre></dd>')
+function displayform(myform, order)
+	if myform.descr then io.write("<P CLASS='descr'>" .. string.gsub(myform.descr, "\n", "<BR>") .. "</P>\n") end
+	if myform.errtxt then io.write("<P CLASS='error'>" .. string.gsub(myform.errtxt, "\n", "<BR>") .. "</P>\n") end
+	io.write('<form action="' .. myform.action .. '" method="POST">\n')
+	io.write('<DL>\n')
+	local reverseorder= {}
+	if order then
+		for x,name in ipairs(order) do
+			reverseorder[name] = x
+			if myform.value[name] then
+				myform.value[name].name = name
+				displayitem(myform.value[name])
+			end
 		end
 	end
-end
+	for name,item in pairs(myform.value) do
+		if nil == reverseorder[name] then
+			item.name = name
+			displayitem(item)
+		end
+	end
+	io.write('<DT><input class="submit" type="submit"  value="' .. myform.submit .. '"></DT>\n')
+	io.write('</DL>\n')
+	io.write('</FORM>')
 end
author	Ted Trask <ttrask01@yahoo.com>	2008-04-30 20:36:02 +0000
committer	Ted Trask <ttrask01@yahoo.com>	2008-04-30 20:36:02 +0000
commit	378e53f20a0f11c36afffbaef78f47a5303df9ce (patch)
tree	a39e3c216dc10f919ef272c53b67a8f01f001be0 /lib
parent	82fd96bdcc5b721d8fc208fe4edba54f4dc6fdb7 (diff)
download	acf-core-378e53f20a0f11c36afffbaef78f47a5303df9ce.tar.bz2 acf-core-378e53f20a0f11c36afffbaef78f47a5303df9ce.tar.xz