diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/Makefile | 4 | ||||
| -rw-r--r-- | app/acf-util/acf-util.roles | 6 | ||||
| -rw-r--r-- | app/acf-util/logon-controller.lua | 8 | ||||
| -rw-r--r-- | app/acf-util/roles-editrole-html.lsp | 4 | ||||
| -rw-r--r-- | app/acf-util/roles-html.lsp | 57 | ||||
| -rw-r--r-- | app/acf-util/roles-model.lua | 17 | ||||
| -rw-r--r-- | app/acf-util/roles-viewroles-html.lsp | 10 | ||||
| -rw-r--r-- | app/acf-util/welcome-controller.lua (renamed from app/welcome-controller.lua) | 0 | ||||
| -rw-r--r-- | app/acf-util/welcome-html.lsp (renamed from app/welcome-html.lsp) | 0 | ||||
| -rw-r--r-- | app/acf_cli-controller.lua | 1 | ||||
| -rw-r--r-- | app/acf_www-controller.lua | 24 | ||||
| -rw-r--r-- | app/template-html.lsp | 4 |
12 files changed, 69 insertions, 66 deletions
diff --git a/app/Makefile b/app/Makefile index ba4258a..4c5a7aa 100644 --- a/app/Makefile +++ b/app/Makefile @@ -18,13 +18,13 @@ APP_DIST= \ acf-util/password-model.lua \ acf-util/password-status-html.lsp \ acf-util/password.menu \ + acf-util/welcome-controller.lua\ + acf-util/welcome-html.lsp\ acf_www-controller.lua\ acf_cli-controller.lua\ menuhints.menu\ template-html.lsp\ template-stream.lsp\ - welcome-controller.lua\ - welcome-html.lsp\ dispatcherror-html.lsp\ exception-html.lsp\ status-html.lsp\ diff --git a/app/acf-util/acf-util.roles b/app/acf-util/acf-util.roles index b31297c..7433fcc 100644 --- a/app/acf-util/acf-util.roles +++ b/app/acf-util/acf-util.roles @@ -1,4 +1,4 @@ -GUEST=logon:logon,logon:logout,logon:status,welcome:read -USER=password:editme,roles:read +GUEST=logon/logon,logon/logout,logon/status,welcome/read +USER=password/editme,roles/read EXPERT= -ADMIN=logon:logon,logon:logout,logon:status,password:editme,password:status,password:edituser,password:newuser,password:deleteuser,roles:read,roles:getpermslist,roles:viewuserroles,roles:viewroleperms,roles:viewroles,roles:editrole,roles:deleterole,roles:newrole,welcome:read,password:status,password:edituser,password:newuser,password:deleteuser,roles:getpermslist,roles:viewuserroles,roles:viewroleperms,roles:viewroles,roles:editrole,roles:deleterole,roles:newrole +ADMIN=logon/logon,logon/logout,logon/status,password/editme,password/status,password/edituser,password/newuser,password/deleteuser,roles/read,roles/getpermslist,roles/viewuserroles,roles/viewroleperms,roles/viewroles,roles/editrole,roles/deleterole,roles/newrole,welcome/read,password/status,password/edituser,password/newuser,password/deleteuser,roles/getpermslist,roles/viewuserroles,roles/viewroleperms,roles/viewroles,roles/editrole,roles/deleterole,roles/newrole diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua index d71d257..f1fa93d 100644 --- a/app/acf-util/logon-controller.lua +++ b/app/acf-util/logon-controller.lua @@ -9,17 +9,17 @@ logon = function(self) -- If there are no users defined, add privileges and dispatch password/newuser local users = self.model:list_users() if #users.value == 0 then - self.sessiondata.permissions.password = {} - self.sessiondata.permissions.password.newuser = {"temp"} + self.sessiondata.permissions[self.conf.prefix].password = {} + self.sessiondata.permissions[self.conf.prefix].password.newuser = {"temp"} self:dispatch(self.conf.prefix, "password", "newuser") - self.sessiondata.permissions.password = nil + self.sessiondata.permissions[self.conf.prefix].password = nil self.conf.suppress_view = true return end local userid = cfe({ value=clientdata.userid or "", label="User ID" }) local password = cfe({ label="Password" }) - local redir = cfe({ value=clientdata.redir or "/welcome/read", label="" }) + local redir = cfe({ value=clientdata.redir or "welcome/read", label="" }) local cmdresult = cfe({ type="form", value={userid=userid, password=password, redir=redir}, label="Logon", option="Logon" }) if clientdata.Logon then local logonredirect = self.sessiondata.logonredirect diff --git a/app/acf-util/roles-editrole-html.lsp b/app/acf-util/roles-editrole-html.lsp index cec9af0..5d1582f 100644 --- a/app/acf-util/roles-editrole-html.lsp +++ b/app/acf-util/roles-editrole-html.lsp @@ -1,10 +1,6 @@ <% local form, viewtable, page_info = ... %> <% require("viewfunctions") %> -<% --[[ - io.write(html.cfe_unpack(form)) ---]] %> - <H1><%= html.html_escape(form.label) %></H1> <% displayformstart(form, page_info) diff --git a/app/acf-util/roles-html.lsp b/app/acf-util/roles-html.lsp index 090421f..32000af 100644 --- a/app/acf-util/roles-html.lsp +++ b/app/acf-util/roles-html.lsp @@ -1,9 +1,5 @@ <% local view= ... %> -<% --[[ - io.write(html.cfe_unpack(view)) ---]] %> -<% ---[[ %> <% if view.value.userid then %> <H1>Roles/Permission list for <%= html.html_escape(view.value.userid.value) %>:</H1> <% elseif view.value.role then %> @@ -20,9 +16,7 @@ end %> </DL> <% end %> -<% --]] %> -<% ---[[ %> <% if view.value.permissions then %> <% if view.value.userid then %> <H2><%= html.html_escape(view.value.userid.value) %>'s full permissions are</H2> @@ -30,29 +24,36 @@ <H2><%= html.html_escape(view.value.role.value) %>'s full permissions are</H2> <% end %> <DL> - <% local controllers = {} - -- It's nice to have it in alphabetical order - for cont in pairs(view.value.permissions.value) do - controllers[#controllers + 1] = cont - end - table.sort(controllers) - io.write("<TABLE>") - io.write("<TR><TD CLASS='header'>Controller</TD><TD CLASS='header'>Action(s)</TD>") - for x,cont in ipairs(controllers) do - print("<TR><TD STYLE='font-weight:bold;'>",html.html_escape(cont),"</TD><TD>") - -- Again, alphabetical order - local actions = {} - for act in pairs(view.value.permissions.value[cont]) do - actions[#actions + 1] = act + <TABLE> + <TR><TD CLASS='header'>Controller</TD><TD CLASS='header'>Action(s)</TD></TR> + <% local prefixes = {} + -- It's nice to have it in alphabetical order + for pref in pairs(view.value.permissions.value) do + prefixes[#prefixes + 1] = pref end - table.sort(actions) - for y,act in pairs(actions) do - print((html.html_escape(act))) + table.sort(prefixes) + for w,pref in ipairs(prefixes) do + local controllers = {} + -- Again, alphabetical order + for cont in pairs(view.value.permissions.value[pref]) do + controllers[#controllers + 1] = cont + end + table.sort(controllers) + for x,cont in ipairs(controllers) do + print("<TR><TD STYLE='font-weight:bold;'>",html.html_escape(pref..cont),"</TD><TD>") + -- Again, alphabetical order + local actions = {} + for act in pairs(view.value.permissions.value[pref][cont]) do + actions[#actions + 1] = act + end + table.sort(actions) + for y,act in pairs(actions) do + print((html.html_escape(act))) + end + io.write("<TD></TR>") + end end - io.write("<TD></TR>") - end - io.write("</TABLE>") - %> + %> + </TABLE> </DL> <% end %> -<% --]] %> diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua index 79c1b14..6b12dd9 100644 --- a/app/acf-util/roles-model.lua +++ b/app/acf-util/roles-model.lua @@ -11,19 +11,22 @@ local get_all_permissions = function(self) local table_perm = {} local array_perm = {} for a,b in pairs(controllers) do - if nil == table_perm[b.sname] then - table_perm[b.sname] = {} + if nil == table_perm[b.prefix] then + table_perm[b.prefix] = {} + end + if nil == table_perm[b.prefix][b.sname] then + table_perm[b.prefix][b.sname] = {} end local temp = roles.get_controllers_func(self,b) for x,y in ipairs(temp) do - table_perm[b.sname][y] = {} - array_perm[#array_perm + 1] = b.sname .. ":" .. y + table_perm[b.prefix][b.sname][y] = {} + array_perm[#array_perm + 1] = b.prefix .. b.sname .. "/" .. y end temp = roles.get_controllers_view(self,b) for x,y in ipairs(temp) do - if not table_perm[b.sname][y] then - table_perm[b.sname][y] = {} - array_perm[#array_perm + 1] = b.sname .. ":" .. y + if not table_perm[b.prefix][b.sname][y] then + table_perm[b.prefix][b.sname][y] = {} + array_perm[#array_perm + 1] = b.prefix .. b.sname .. "/" .. y end end end diff --git a/app/acf-util/roles-viewroles-html.lsp b/app/acf-util/roles-viewroles-html.lsp index 3e818fb..68aac01 100644 --- a/app/acf-util/roles-viewroles-html.lsp +++ b/app/acf-util/roles-viewroles-html.lsp @@ -16,24 +16,26 @@ <H2>Existing roles</H2> <DL> +<TABLE> <% if view.value.default_roles then %> <% for x,role in pairs(view.value.default_roles.value) do %> - <dt><img src='/skins/static/tango/16x16/categories/applications-system.png' height='16' width='16'> <%= html.html_escape(role) %></dt> + <TR><TD><dt><img src='/skins/static/tango/16x16/categories/applications-system.png' height='16' width='16'> <%= html.html_escape(role) %></dt> <dd> [<a href='viewroleperms?role=<%= html.html_escape(role) %>'>View this role</a>] [<a href='editrole?role=<%= html.html_escape(role) %>&redir=<%= html.html_escape(page_info.orig_action) %>'>Edit this role</a>] - </dd> + </dd></TD></TR> <% end %> <% end %> <% if view.value.defined_roles then %> <% table.sort(view.value.defined_roles.value) %> <% for x,role in pairs(view.value.defined_roles.value) do %> - <dt><img src='/skins/static/tango/16x16/apps/system-users.png' height='16' width='16'> <%= html.html_escape(role) %></dt> + <TR><TD><dt><img src='/skins/static/tango/16x16/apps/system-users.png' height='16' width='16'> <%= html.html_escape(role) %></dt> <dd> [<a href='viewroleperms?role=<%= html.html_escape(role) %>'>View this role</a>] [<a href='editrole?role=<%= html.html_escape(role) %>&redir=<%= html.html_escape(page_info.orig_action) %>'>Edit this role</a>] [<a href='deleterole?role=<%= html.html_escape(role) %>'>Delete this role</a>] - </dd> + </dd></TD></TR> <% end %> <% end %> +</TABLE> </DL> diff --git a/app/welcome-controller.lua b/app/acf-util/welcome-controller.lua index 77735ec..77735ec 100644 --- a/app/welcome-controller.lua +++ b/app/acf-util/welcome-controller.lua diff --git a/app/welcome-html.lsp b/app/acf-util/welcome-html.lsp index 88bc934..88bc934 100644 --- a/app/welcome-html.lsp +++ b/app/acf-util/welcome-html.lsp diff --git a/app/acf_cli-controller.lua b/app/acf_cli-controller.lua index e3f160d..d2b57e2 100644 --- a/app/acf_cli-controller.lua +++ b/app/acf_cli-controller.lua @@ -9,6 +9,7 @@ mvc.on_load = function (self, parent) self.conf.libdir = self.conf.libdir or ( self.conf.appdir .. "/lib/" ) self.conf.sessiondir = self.conf.sessiondir or "/tmp/" self.conf.script = "" + self.conf.default_prefix = "/acf-util/" self.conf.default_controller = "welcome" parent_exception_handler = parent.exception_handler diff --git a/app/acf_www-controller.lua b/app/acf_www-controller.lua index e71ba4f..12a7a43 100644 --- a/app/acf_www-controller.lua +++ b/app/acf_www-controller.lua @@ -34,12 +34,12 @@ local function build_menus(self) local cat = cats[x] for y = #cat.groups,1,-1 do local group = cat.groups[y] - if nil == permissions[group.controller] then + if nil == permissions[group.prefix] or nil == permissions[group.prefix][group.controller] then table.remove(cat.groups, y) else for z = #group.tabs,1,-1 do local tab = group.tabs[z] - if nil == permissions[group.controller][tab.action] then + if nil == permissions[group.prefix][group.controller][tab.action] then table.remove(group.tabs, z) end end @@ -59,12 +59,12 @@ local function build_menus(self) self.sessiondata.menu.timestamp = {tab="Menu_created: " .. os.date(),action="Menu_created: " .. os.date(),} end -local check_permission = function(self, controller, action) - --logevent("Trying " .. (controller or "nil") .. ":" .. (action or "nil")) +local check_permission = function(self, prefix, controller, action) + --logevent("Trying "..(prefix or "/")..(controller or "nil").."/"..(action or "nil")) if nil == self.sessiondata.permissions then return false end - if controller then - if nil == self.sessiondata.permissions[controller] then return false end - if action and nil == self.sessiondata.permissions[controller][action] then return false end + if prefix and controller then + if nil == self.sessiondata.permissions[prefix] or nil == self.sessiondata.permissions[prefix][controller] then return false end + if action and nil == self.sessiondata.permissions[prefix][controller][action] then return false end end return true end @@ -77,7 +77,7 @@ local check_permission_string = function (self, str) if "" == action then action = rawget(self.worker, "default_action") or "" end - return check_permission(self, controller, action) + return check_permission(self, prefix, controller, action) end -- look for a template @@ -231,7 +231,7 @@ mvc.on_load = function (self, parent) self.conf.libdir = self.conf.libdir or ( self.conf.appdir .. "/lib/" ) self.conf.sessiondir = self.conf.sessiondir or "/tmp/" self.conf.script = ENV.SCRIPT_NAME - self.conf.default_prefix = "/" + self.conf.default_prefix = "/acf-util/" self.conf.default_controller = self.conf.default_controller or "welcome" self.clientdata = FORM self.conf.clientip = ENV.REMOTE_ADDR @@ -394,7 +394,7 @@ dispatch = function (self, userprefix, userctlr, useraction) end if "" ~= self.conf.controller then -- We now know the controller / action combo, check if we're allowed to do it - local perm = check_permission(self, self.conf.controller) + local perm = check_permission(self, self.conf.prefix, self.conf.controller) local worker_loaded = false if perm then @@ -404,7 +404,7 @@ dispatch = function (self, userprefix, userctlr, useraction) local default_action = rawget(controller.worker, "default_action") or "" if self.conf.action == "" then self.conf.action = default_action end if "" ~= self.conf.action then - local perm = check_permission(controller, self.conf.controller, self.conf.action) + local perm = check_permission(controller, self.conf.prefix, self.conf.controller, self.conf.action) -- Because of the inheritance, normally the -- controller.worker.action will flow up, so that all children have -- actions of all parents. We use rawget to make sure that only @@ -428,7 +428,7 @@ dispatch = function (self, userprefix, userctlr, useraction) -- If the controller or action are missing, display an error view if nil == controller then -- If we have a view w/o an action, just display the view (passing in the clientdata) - if (not self.conf.suppress_view) and has_view(self) and check_permission(self, self.conf.controller, self.conf.action) then + if (not self.conf.suppress_view) and has_view(self) and check_permission(self, self.conf.prefix, self.conf.controller, self.conf.action) then viewtable = self.clientdata else origconf.type = "dispatch" diff --git a/app/template-html.lsp b/app/template-html.lsp index 5af16c7..c1aeafd 100644 --- a/app/template-html.lsp +++ b/app/template-html.lsp @@ -74,13 +74,13 @@ end for x,cat in ipairs(session.menu.cats) do io.write (string.format("\n\t\t\t\t<li>%s\n\t\t\t\t\t<ul>\n", html.html_escape(cat.name))) --start row for y,group in ipairs(cat.groups) do - if pageinfo.prefix == group.prefix .. '/' and pageinfo.controller == group.controller then + if pageinfo.prefix == group.prefix and pageinfo.controller == group.controller then class="class='selected'" tabs = group.tabs else class="" end - io.write (string.format("\t\t\t\t\t\t<li %s><a href=\"%s%s/%s/%s\">%s</a></li>\n", + io.write (string.format("\t\t\t\t\t\t<li %s><a href=\"%s%s%s/%s\">%s</a></li>\n", class,html.html_escape(pageinfo.script),html.html_escape(group.prefix), html.html_escape(group.controller), html.html_escape(group.tabs[1].action), html.html_escape(group.name) )) end io.write ( "\t\t\t\t\t</ul>" ) |