diff options
Diffstat (limited to 'app/acf-util')
-rwxr-xr-x | app/acf-util/password-status-html.lsp | 1 | ||||
-rw-r--r-- | app/acf-util/roles-controller.lua | 84 | ||||
-rw-r--r-- | app/acf-util/roles-editrole-html.lsp | 2 | ||||
-rw-r--r-- | app/acf-util/roles-model.lua | 91 | ||||
-rw-r--r-- | app/acf-util/roles-newrole-html.lsp | 23 | ||||
-rwxr-xr-x | app/acf-util/roles.menu | 2 |
6 files changed, 99 insertions, 104 deletions
diff --git a/app/acf-util/password-status-html.lsp b/app/acf-util/password-status-html.lsp index b7c9b05..f544884 100755 --- a/app/acf-util/password-status-html.lsp +++ b/app/acf-util/password-status-html.lsp @@ -31,6 +31,7 @@ io.write("</span>") <TD> [<A HREF='edituser?userid=<?= name ?>'>Edit this account</A>] [<A HREF='deleteuser?userid=<?= name ?>'>Delete this account</A>] + [<A HREF='<?= ENV.SCRIPT_NAME ?>/acf-util/roles/viewuserroles?userid=<?= name ?>'>View roles for this account</A>] </TD> </TR> </TABLE></DD> diff --git a/app/acf-util/roles-controller.lua b/app/acf-util/roles-controller.lua index 1d69b8b..aa3e6bd 100644 --- a/app/acf-util/roles-controller.lua +++ b/app/acf-util/roles-controller.lua @@ -2,28 +2,6 @@ module (..., package.seeall) -auth = require("authenticator-plaintext") -roll = require("roles") - -local get_all_permissions = function(self) - -- need to get a list of all the controllers - controllers = roles.get_controllers(self) - local table_perm = {} - local array_perm = {} - for a,b in pairs(controllers) do - if nil == table_perm[b.sname] then - table_perm[b.sname] = {} - end - temp = roles.get_controllers_func(self,b) - for x,y in ipairs(temp) do - table_perm[b.sname][y] = {} - array_perm[#array_perm + 1] = b.sname .. ":" .. y - end - end - - return table_perm, array_perm -end - default_action = "read" -- Return your own roles/permissions @@ -40,9 +18,9 @@ viewuserroles = function(self) redirect(self) end userid = cfe({ value=self.clientdata.userid, label="User Id" }) - roles = cfe({ type="list", value=auth.get_userinfo_roles(self, userid.value), label="Roles" }) - permissions = cfe({ type="table", value=roll.get_roles_perm(self.conf.appdir, roles.value), label="Permissions" }) - return cfe({ type="group", value={userid=userid, roles=roles, permissions=permissions} }) + roles = self.model.get_user_roles(self, userid.value) + roles.value.userid = userid + return roles end -- Return permissions for specified role @@ -51,14 +29,13 @@ viewroleperms = function(self) redirect(self, "getlist") end role = cfe({ value=self.clientdata.role, label="Role" }) - permissions = cfe({ type="table", value=roll.get_role_perm(self.conf.appdir, role.value), label="Permissions" }) + permissions = self.model.get_role_perms(self, role.value) return cfe({ type="group", value={role=role, permissions=permissions} }) end -- Return list of all permissions getpermslist = function(self) - permissions = cfe({ type="table", value=get_all_permissions(self), label="All Permissions" }) - return cfe({ type="group", value={permissions=permissions} }) + return cfe({ type="group", value={permissions=self.model.get_perms_list()} }) end viewroles = function(self) @@ -66,52 +43,14 @@ viewroles = function(self) local cmdresult = self.sessiondata.cmdresult self.sessiondata.cmdresult = nil - local defined_roles, default_roles = roll.list_roles() - local defined_roles_cfe=cfe({ type="list", value=defined_roles, label="Locally-defined roles" }) - local default_roles_cfe=cfe({ type="list", value=default_roles, label="System-defined roles" }) - - return cfe({ type="group", value={defined_roles=defined_roles_cfe, default_roles=default_roles_cfe, cmdresult=cmdresult} }) -end - -local setpermissions = function(self, role, permissions, newrole) - local errtxt - local my_perms = {} - if permissions then - -- we're changing permissions - local result = true - if newrole then - -- make sure not overwriting role - for x,ro in ipairs(roles.list_roles()) do - if role==ro then - result = false - errtxt = "Role already exists" - break - end - end - end - if result==true then - result, errtxt = roles.set_role_perm(role, nil, permissions) - end - my_perms = self.clientdata.permissions - else - if role then - tmp, my_perms = roles.get_role_perm(self.conf.appdir, role) - else - role = "" - end - end - - local tmp, all_perms = get_all_permissions(self) - table.sort(all_perms) - - local permissions_cfe = cfe({ type="multi", value=my_perms, option=all_perms, label="Role permissions" }) - local role_cfe = cfe({ value=role, label="Role", errtxt=errtxt }) + local roles = self.model.view_roles() + roles.value.cmdresult = cmdresult - return cfe({ type="table", value={role=role_cfe, permissions=permissions_cfe} }) + return roles end newrole = function(self) - local form = setpermissions(self, self.clientdata.role, self.clientdata.permissions, true) + local form = self.model.setpermissions(self, self.clientdata.role, self.clientdata.permissions, true) form.type = "form" form.label = "Edit new role" if form.value.role.errtxt then @@ -126,7 +65,7 @@ newrole = function(self) end editrole = function(self) - local form = setpermissions(self, self.clientdata.role, self.clientdata.permissions, false) + local form = self.model.setpermissions(self, self.clientdata.role, self.clientdata.permissions, false) form.type = "form" form.label = "Edit role" if form.value.role.errtxt then @@ -141,7 +80,6 @@ editrole = function(self) end deleterole = function(self) - local result, cmdresult = roles.delete_role(self.clientdata.role) - self.sessiondata.cmdresult = cfe({ value=cmdresult }) + self.sessiondata.cmdresult = self.model.delete_role(self.clientdata.role) redirect(self, "viewroles") end diff --git a/app/acf-util/roles-editrole-html.lsp b/app/acf-util/roles-editrole-html.lsp index bf42f28..d96ac56 100644 --- a/app/acf-util/roles-editrole-html.lsp +++ b/app/acf-util/roles-editrole-html.lsp @@ -11,7 +11,7 @@ form.action = "" form.submit = "Save" -- If editing existing role, disable role - if form.value.role and "GET" == ENV["REQUEST_METHOD"] then + if nil == string.find(ENV.PATH_INFO, "/newrole") then form.value.role.contenteditable = false end local order = { "role", "permissions" } diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua index b6e95fd..4fe3cbf 100644 --- a/app/acf-util/roles-model.lua +++ b/app/acf-util/roles-model.lua @@ -1,20 +1,91 @@ --- Roles/Group model functions - -require ("roles") - +-- Roles/Group functions module (..., package.seeall) -getcont = function(self) - --need to get a list of all the controllers +auth = require("authenticator-plaintext") +require("roles") + +local get_all_permissions = function(self) + -- need to get a list of all the controllers controllers = roles.get_controllers(self) - local table_m = {} + local table_perm = {} + local array_perm = {} for a,b in pairs(controllers) do - table_m[b.sname] = {} + if nil == table_perm[b.sname] then + table_perm[b.sname] = {} + end temp = roles.get_controllers_func(self,b) for x,y in ipairs(temp) do - table_m[b.sname][y] = {} + table_perm[b.sname][y] = {} + array_perm[#array_perm + 1] = b.sname .. ":" .. y + end + end + + return table_perm, array_perm +end + +-- Return roles/permissions for specified user +get_user_roles = function(self, userid) + rls = cfe({ type="list", value=auth.get_userinfo_roles(self, userid), label="Roles" }) + permissions = cfe({ type="table", value=roles.get_roles_perm(self.conf.appdir, rls.value), label="Permissions" }) + return cfe({ type="group", value={roles=rls, permissions=permissions} }) +end + +-- Return permissions for specified role +get_role_perms = function(self, role) + return cfe({ type="table", value=roles.get_role_perm(self.conf.appdir, role), label="Permissions" }) +end + +-- Return list of all permissions +get_perms_list = function() + return cfe({ type="table", value=get_all_permissions(self), label="All Permissions" }) +end + +view_roles = function() + local defined_roles, default_roles = roles.list_roles() + local defined_roles_cfe=cfe({ type="list", value=defined_roles, label="Locally-defined roles" }) + local default_roles_cfe=cfe({ type="list", value=default_roles, label="System-defined roles" }) + + return cfe({ type="group", value={defined_roles=defined_roles_cfe, default_roles=default_roles_cfe} }) +end + +setpermissions = function(self, role, permissions, newrole) + local errtxt + local my_perms = {} + if permissions then + -- we're changing permissions + local result = true + if newrole then + -- make sure not overwriting role + for x,ro in ipairs(roles.list_roles()) do + if role==ro then + result = false + errtxt = "Role already exists" + break + end + end + end + if result==true then + result, errtxt = roles.set_role_perm(role, nil, permissions) + end + my_perms = self.clientdata.permissions + else + if role then + tmp, my_perms = roles.get_role_perm(self.conf.appdir, role) + else + role = "" end end - return cfe({ type="table", value=table_m, label="All permissions" }) + local tmp, all_perms = get_all_permissions(self) + table.sort(all_perms) + + local permissions_cfe = cfe({ type="multi", value=my_perms, option=all_perms, label="Role permissions" }) + local role_cfe = cfe({ value=role, label="Role", errtxt=errtxt }) + + return cfe({ type="table", value={role=role_cfe, permissions=permissions_cfe} }) +end + +delete_role = function(role) + local result, cmdresult = roles.delete_role(role) + return cfe({ value=cmdresult }) end diff --git a/app/acf-util/roles-newrole-html.lsp b/app/acf-util/roles-newrole-html.lsp index bf42f28..7de6181 100644 --- a/app/acf-util/roles-newrole-html.lsp +++ b/app/acf-util/roles-newrole-html.lsp @@ -1,20 +1,5 @@ -<? local form= ... ?> -<? --[[ - io.write(html.cfe_unpack(form)) - io.write(html.cfe_unpack(FORM)) +<? ---[[ +-- FIXME - this is temp until symlinks are fixed +local funk = haserl.loadfile("/usr/share/acf/app/acf-util/roles-editrole-html.lsp") +funk(...) --]] ?> - -<? ---[[ ?> -<H1><?= form.label ?></H1> -<? - require("viewfunctions") - form.action = "" - form.submit = "Save" - -- If editing existing role, disable role - if form.value.role and "GET" == ENV["REQUEST_METHOD"] then - form.value.role.contenteditable = false - end - local order = { "role", "permissions" } - displayform(form, order) -?> -<? --]] ?> diff --git a/app/acf-util/roles.menu b/app/acf-util/roles.menu index 7bcca30..d72e8df 100755 --- a/app/acf-util/roles.menu +++ b/app/acf-util/roles.menu @@ -1,4 +1,4 @@ #CAT GROUP/DESC TAB ACTION System 02Roles_management Administration viewroles System 02Roles_management My_Roles read - +System 02Roles_management Permissions_List getpermslist |