diff options
Diffstat (limited to 'app')
| -rw-r--r-- | app/Makefile | 1 | ||||
| -rw-r--r-- | app/acf-util/logon-controller.lua | 42 | ||||
| -rw-r--r-- | app/acf-util/logon-html.lsp | 34 | ||||
| -rw-r--r-- | app/acf-util/logon-model.lua | 138 | ||||
| -rw-r--r-- | app/acf-util/logon-status-html.lsp | 7 | ||||
| -rwxr-xr-x | app/acf-util/password-controller.lua | 12 | ||||
| -rw-r--r-- | app/acf-util/roles-controller.lua | 12 | ||||
| -rw-r--r-- | app/acf-util/roles-getlist-html.lsp | 16 | ||||
| -rw-r--r-- | app/acf-util/roles-model.lua | 16 | ||||
| -rw-r--r-- | app/acf-util/roles-read-html.lsp | 33 | ||||
| -rw-r--r-- | app/acf_www-controller.lua | 206 | ||||
| -rw-r--r-- | app/template-html.lsp | 54 | ||||
| -rw-r--r-- | app/welcome-controller.lua | 21 | ||||
| -rw-r--r-- | app/welcome-html.lsp | 2 |
14 files changed, 234 insertions, 360 deletions
diff --git a/app/Makefile b/app/Makefile index 062832d..b71b10f 100644 --- a/app/Makefile +++ b/app/Makefile @@ -5,7 +5,6 @@ APP_DIST= \ acf-util/logon-html.lsp \ acf-util/logon-model.lua \ acf-util/logon-status-html.lsp \ - acf-util/logon-logout-html.lsp\ acf-util/roles-controller.lua \ acf-util/roles-getlist-html.lsp \ acf-util/roles-model.lua \ diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua index 75915fc..61b4864 100644 --- a/app/acf-util/logon-controller.lua +++ b/app/acf-util/logon-controller.lua @@ -2,30 +2,38 @@ module (..., package.seeall) ---require ("session") - +mvc = {} mvc.on_load = function(self, parent) - if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then - self.worker[self.conf.action] = list_redir(self) - end - --logit ("logon.mvc.on_load activated") - end + self.conf.default_action = "status" +end +-- Logon a new user based upon id and password in clientdata logon = function(self) - return ( {logon=self.model.logon(self, clientdata.userid, clientdata.password,clientdata.sessionid) }) + local cmdresult + if clientdata.userid and clientdata.password then + local logon = self.model:logon(clientdata, conf.clientip, conf.sessiondir, sessiondata) + -- If successful logon, redirect to status, otherwise try again + if logon then + self.conf.action = "status" + self.conf.type = "redir" + error(self.conf) + else + cmdresult = "Logon Attempt Failed" + end + end + return ({ cmdresult = cmdresult }) end +-- Log out current user and go to login screen logout = function(self) - local logout = self.model:logoff(clientdata.sessionid) - if (logout) and (logout[1]) and (logout[1]["value"]) and (string.lower(logout[1]["value"]) == "successful") then - self.conf.action = "logon" - self.conf.type = "redir" - error (self.conf) - end - - return { logout = logout } + local logout = self.model.logoff(conf.sessiondir, sessiondata) + -- We have to redirect so a new session / menu is created + self.conf.action = "logon" + self.conf.type = "redir" + error (self.conf) end +-- Report the login status status = function(self) - return( {stats= self.model:status(clientdata.sessionid) }) + return self.model.status(sessiondata) end diff --git a/app/acf-util/logon-html.lsp b/app/acf-util/logon-html.lsp index 9a930a2..c1b4500 100644 --- a/app/acf-util/logon-html.lsp +++ b/app/acf-util/logon-html.lsp @@ -1,24 +1,20 @@ <? local form = ... ?> -<h1>Logon</h1> -<? --[[ ?> -<?= html.cfe_unpack(form) ?> -<? --]] ?> +<? --[[ + io.write(html.cfe_unpack(form)) + --]] ?> -<form action="<?= form.logon.option.script .. form.logon.option.prefix .. - form.logon.option.controller .. "/" .. form.logon.option.action ?>" method="POST"> -<DL> -<? -local myform = form.logon.value -for k,v in pairs(myform) do - io.write("\t<DT") - if (#v.errtxt > 0) then io.write(" class='error'") end - io.write(">" .. v.label .. "</DT>\n") +<? if form.cmdresult then ?> +<h1>Command Result</h1> +<p class='error'> <?= form.cmdresult ?></p> +<? end ?> - io.write("\t\t<DD>" .. html.form[v.type](v) .. "\n") - if (v.descr) and (#v.descr > 0) then io.write("\t\t<P CLASS='descr'>" .. string.gsub(v.descr, "\n", "<BR>") .. "</P>\n") end - if (#v.errtxt > 0) then io.write("\t\t<P CLASS='error'>" .. string.gsub(v.errtxt, "\n", "<BR>") .. "</P>\n") end - io.write("\t\t</DD>\n") -end -?> +<h1>Logon</h1> +<form action="logon" method="POST"> +<DL> + <DT>User id</DT> + <DD><input class="text" type="text" name="userid" value=""></DD> + <DT>Password</DT> + <DD><input class="password" type="password" name="password" value=""></DD> + <DT><input class="submit" type="submit" name="Logon" value="Logon"></DD> </DL> </form> diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua index 33ffd56..cd840f7 100644 --- a/app/acf-util/logon-model.lua +++ b/app/acf-util/logon-model.lua @@ -19,113 +19,59 @@ else auth = require ("authenticator-plaintext") end -logon = function (self, id_user, password_user,sessdata ) -local userid=cfe({ name="userid",label="User id", type="text" }) -local password=cfe({ name="password" ,label="Password", type="passwd"}) -local logon=cfe({ name="Logon", label="Logon", value="Logon", type="submit"}) -local s = "" +-- Logoff the user by deleting session data +logoff = function (sessiondir, sessiondata) + -- Unlink / delete the current session + local result = session.unlink_session(sessiondir, sessiondata.id) + -- Clear the current session data + for a,b in pairs(sessiondata) do + sessiondata[a] = nil + end -local csess = session.check_session(conf.sessiondir, sessdata) -if csess ~= "an unknown user" then -session.unlink_session(conf.sessiondir, sessdata) -for a,b in pairs(sessiondata) do -if a ~= "menu" then -sessiondata[a] = nil -end + return (result) end -sessiondata.id = session.random_hash(512) -build_menus(self) -end - -local counteven = session.count_events(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"])) -if counteven then -userid.errtxt="Information not recognized" -return (cfe {type="form", - option={script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller=self.conf.controller, - action="logon" }, - value={userid,password,logon},testme={counteven} - }) -end +-- Log on new user if possible and set up userinfo in session +-- if we fail, we leave the session alone (don't log out) +logon = function (self, clientdata, ip_addr, sessiondir, sessiondata) + -- Check to see if we can login this user id / ip addr + local countevent = session.count_events(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr)) + if countevent then + session.record_event(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr)) + return (false) + end -session.expired_events(conf.sessiondir) - if id_user and password_user then - local password_user_md5 = fs.md5sum_string(password_user) - if auth.authenticate (self, id_user, password_user_md5) then - local t = auth.get_userinfo (self, id_user) + if clientdata.userid and clientdata.password then + local password_user_md5 = fs.md5sum_string(clientdata.password) + if auth.authenticate (self, clientdata.userid, password_user_md5) then + -- We have a successful login, change sessiondata + -- for some reason, can't call this function or it skips rest of logon + -- logout(sessiondir, sessiondata) + ---[[ so, do this instead + session.unlink_session(sessiondir, sessiondata.id) + -- Clear the current session data + for a,b in pairs(sessiondata) do + if a ~= "id" then sessiondata[a] = nil end + end + --]] sessiondata.id = session.random_hash(512) + local t = auth.get_userinfo (self, clientdata.userid) sessiondata.userinfo = t or {} - sessiondata.userinfo.perm = roles.get_roles_perm(self,auth.get_userinfo_roles(self,id_user)) - self.conf.prefix="/acf-util/" - self.conf.action="status" - self.conf.type="redir" - self.conf.controller="logon" - error(self.conf) + return (true) else - userid.errtxt = "Information not recognized" - session.record_event(conf.sessiondir, id_user, session.hash_ip_addr(ENV["REMOTE_ADDR"])) - return (cfe {type="form", - option={script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller=self.conf.controller, - action="logon" }, - value={userid,password,logon},testme={counteven} - }) + -- We have a bad login, log the event + session.record_event(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr)) end - else - return ( cfe{ type="form", - option={script=ENV["SCRIPT_NAME"], - prefix=self.conf.prefix, - controller=self.conf.controller, - action="logon" } , - value={userid,password,logon},testme={counteven} - }) end + return (false) end - - -- logged on? - -- record event and ignore the attempt - -- too many attempts for this ip? - -- record event and ignore the attempt - -- too many attempts for this user? - -- record event and ignore the attempt - -- uname/passwd invalid? - -- record event and ignore the attempt - -- All ok? - -- look up their role, issue new session - - --this goes through and will return true or false if limit reached -logoff = function (self, sessdata) - -- sessionid invalid? - -- record event, ignore the attempt - -- else - -- unlink session - -- issue new sessionid - - --made it so that we get a new sessionid then try to delete it - --need to make the whole sessiondata table go bye bye - delsess = session.unlink_session(conf.sessiondir, sessdata) - if delsess == true then - logoff = "Successful" - else - logoff = "Incomplete or Unsuccessful logoff" - end - for a,b in pairs(sessiondata) do - if a ~= "menu" then - sessiondata[a] = nil +-- Return the session id and username +status = function(sessiondata) + local name = "unknown" + if sessiondata.userinfo and sessiondata.userinfo.username then + name = sessiondata.userinfo.username end - end - sessiondata.id = session.random_hash(512) - build_menus(self) - return ( cfe{ {value=logoff,name="logoff"},{value=sessiondata,name="sessiondata"} }) -end - -status = function(self, sessdata) - sessid = sessdata - checkme = session.check_session(self.conf.sessiondir,sessdata) - return ( cfe { checkme={value=checkme,name="checkme"}, sessid={value=sessid,name="sessid" } }) + return ( { sessionid = sessiondata.id, username = name } ) end diff --git a/app/acf-util/logon-status-html.lsp b/app/acf-util/logon-status-html.lsp index 3524716..072051d 100644 --- a/app/acf-util/logon-status-html.lsp +++ b/app/acf-util/logon-status-html.lsp @@ -1,5 +1,8 @@ <? local view= ... ?> +<? --[[ + io.write(html.cfe_unpack(view)) +--]] ?> <h1>User Status </h1> <p> Below is your current Session id <p> -<?= view.stats.sessid.value ?> -<p>You are currently known to the system as <?= view.stats.checkme.value ?>.</p> +<?= view.sessionid ?> +<p>You are currently known to the system as <?= view.username ?>.</p> diff --git a/app/acf-util/password-controller.lua b/app/acf-util/password-controller.lua index 185c3e4..f891c58 100755 --- a/app/acf-util/password-controller.lua +++ b/app/acf-util/password-controller.lua @@ -1,18 +1,10 @@ module(..., package.seeall) -auth=require("authenticator-plaintext") - -local list_redir = function (self) - self.conf.action = "status" - self.conf.type = "redir" - error (self.conf) -end +local auth=require("authenticator-plaintext") mvc = {} mvc.on_load = function(self, parent) - if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then - self.worker[self.conf.action] = list_redir(self) - end + self.conf.default_action = "status" end local function admin_permission() diff --git a/app/acf-util/roles-controller.lua b/app/acf-util/roles-controller.lua index b8fa7f4..4cf1937 100644 --- a/app/acf-util/roles-controller.lua +++ b/app/acf-util/roles-controller.lua @@ -2,17 +2,9 @@ module (..., package.seeall) ---require ("session") - -mvc.on_load = function(self, parent) - if (self.worker[self.conf.action] == nil ) or ( self.conf.action == "init" ) then - self.worker[self.conf.action] = list_redir(self) - end - --logit ("logon.mvc.on_load activated") - end - read = function(self) - return( {read= self.model:read(clientdata.sessionid)}) + --return( {read= self.model:read(clientdata.sessionid)}) + return ( { userid = self.sessiondata.userinfo.userid, roles = self.sessiondata.userinfo.roles, permissions = self.sessiondata.permissions } ) end getlist = function(self) diff --git a/app/acf-util/roles-getlist-html.lsp b/app/acf-util/roles-getlist-html.lsp index 48c2aba..25d8d62 100644 --- a/app/acf-util/roles-getlist-html.lsp +++ b/app/acf-util/roles-getlist-html.lsp @@ -1,7 +1,13 @@ <? local view= ... ?> +<? --[[ + io.write(html.cfe_unpack(view)) +--]] ?> + <h1>Controller Status</h1> -<? for a,b in pairs(view.contlist.value) do -print("<b>",a,"</b>") -for k,v in pairs(b) do print(v) end -print("<br>") -end ?> +<? ---[[ +for a,b in pairs(view.contlist) do + print("<b>",a,"</b>") + for k,v in pairs(b) do print(v) end + print("<br>") +end +--]] ?> diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua index 95f28d1..c3ce2c7 100644 --- a/app/acf-util/roles-model.lua +++ b/app/acf-util/roles-model.lua @@ -1,27 +1,17 @@ -- Roles/Group model functions -require ("session") require ("roles") module (..., package.seeall) -read = function(self,sessionid) - useid , theroles = session.check_session(conf.sessiondir,sessionid,"roles") ---we need to expand roles to give us real perm list - perm = roles.get_roles_perm(self,theroles) - return ( cfe { userid={value=useid,name="userid"},roles={ value=theroles,name="roles"}, perm={value=perm,name="perm"},{value=self.conf,name="self"},{value=sessiondata.userinfo.perm,name="perm2"} }) -end - getcont = function(self) --need to get a list of all the controllers - --t = roles.get_controllers(self,"skins") - bobo = roles.get_controllers(self) + controllers = roles.get_controllers(self) local table_m = {} - for a,b in pairs(bobo) do + for a,b in pairs(controllers) do temp = roles.get_controllers_func(self,b) table_m[b.sname] = temp end - return (cfe {value=table_m,name="mtable"}) - + return (table_m) end diff --git a/app/acf-util/roles-read-html.lsp b/app/acf-util/roles-read-html.lsp index c5ea541..ddda93a 100644 --- a/app/acf-util/roles-read-html.lsp +++ b/app/acf-util/roles-read-html.lsp @@ -1,11 +1,28 @@ <? local view= ... ?> -<h1>Role Views</h1> -<p>Roles/Permission list for <?= view.read.userid.value ?>:<p> +<? --[[ + io.write(html.cfe_unpack(view)) +--]] ?> -<p>You are valid in these role <p> -<? for a,b in pairs(view.read.roles.value) do -print("<li>",b) end ?> +<? ---[[ ?> +<H1>Roles/Permission list for <?= view.userid ?>:</H1> -<p>Your full permissions are<p> -<?= view.read.perm.value ?> -<?= html.cfe_unpack(view) ?> +<? if view.roles then ?> + <H2>You are valid in these roles</H2> + <? for a,b in pairs(view.roles) do + print("<li>",b,"</li>") + end ?> +<? end ?> +<? --]] ?> + +<? ---[[ ?> +<? if view.permissions then ?> + <H2>Your full permissions are</H2> + <? for x,cont in pairs(view.permissions) do + print("<b>",x,"</b>") + for y,act in pairs(cont) do + print(y) + end + print("<br>") + end ?> +<? end ?> +<? --]] ?> diff --git a/app/acf_www-controller.lua b/app/acf_www-controller.lua index 59c3f72..0dfbea7 100644 --- a/app/acf_www-controller.lua +++ b/app/acf_www-controller.lua @@ -15,82 +15,47 @@ require "posix" -- We use the parent exception handler in a last-case situation local parent_exception_handler -function build_menus(self) - --Build the menu +local function build_menus(self) m=require("menubuilder") roll = require ("roles") - form = require ("format") - sessiondata.menu = {} - sessiondata.menu.mainmenu = m.get_menuitems(self.conf.appdir) - sessiondata.menu.submenu = m.get_submenuitems(self.conf.appdir) - -local temp -if sessiondata.userinfo == nil then - --we are dealing with an unknown user -p = {"ANONYMOUS"} - --this will be whatever the "UNKNOWN" role is ... right now it is ANONYMOUS - --temp should be the -temp = format.string_to_table(roll.get_roles_perm(self,p),",") -else - --we don't need to figure out what permission have it is in sessiondata -temp = format.string_to_table(sessiondata.userinfo.perm,",") -end - --lets apply permissions - for a,b in pairs(sessiondata.menu.mainmenu) do - for k,v in pairs(temp) do - local control,acti = string.match(v,"(%a+):(%a+)") - if sessiondata.menu.mainmenu[a].controller == control then - if sessiondata.menu.mainmenu[a].action == acti then - sessiondata.menu.mainmenu[a].match = "yes" - break - else - sessiondata.menu.mainmenu[a].match = "no" - end - else - sessiondata.menu.mainmenu[a].match = "no" - end - if sessiondata.menu.mainmenu[a].controller == "menuhints" then - sessiondata.menu.mainmenu[a].match = "yes" - end - end + -- Build the permissions table + local roles = {} + if sessiondata.userinfo and sessiondata.userinfo.roles then + roles = sessiondata.userinfo.roles end - --also need to do the submenu tabs... this is only for appearence - --will have to make sure somewhere else they can't run them :) - for a,b in pairs(sessiondata.menu.submenu) do - for c,d in pairs(sessiondata.menu.submenu[a]) do - for k,v in pairs(temp) do - local control,acti = string.match(v,"(%a+):(%a+)") - if (a == control) then - if sessiondata.menu.submenu[a][c].action == acti then - sessiondata.menu.submenu[a][c].match = "yes" - break + local permissions = roll.get_roles_perm(self.conf.appdir,roles) + sessiondata.permissions = permissions + + --Build the menu + local cats = m.get_menuitems(self.conf.appdir) + -- now, loop through menu and remove actions without permission + -- go in reverse so we can remove entries while looping + for x = #cats,1,-1 do + local cat = cats[x] + for y = #cat.groups,1,-1 do + local group = cat.groups[y] + if nil == permissions[group.controller] then + table.remove(cat.groups, y) else - sessiondata.menu.submenu[a][c].match = "no" - end + for z = #group.tabs,1,-1 do + local tab = group.tabs[z] + if nil == permissions[group.controller][tab.action] then + table.remove(group.tabs, z) + end + end + if 0 == #group.tabs then + table.remove(cat.groups, y) + end end - end - end - end - - local temptab = {} - for a,b in pairs(sessiondata.menu.mainmenu) do - if sessiondata.menu.mainmenu[a].match ~= "no" then - temptab[#temptab +1 ] = sessiondata.menu.mainmenu[a] - end - end - - sessiondata.menu.mainmenu = temptab - local tempsub = {} - for c,d in pairs(sessiondata.menu.submenu) do - for e,f in pairs(sessiondata.menu.submenu[c]) do - if sessiondata.menu.submenu[c][e].match ~= "no" then - if not (tempsub[c]) then tempsub[c] = {} end - tempsub[c][#tempsub[c] +1] = sessiondata.menu.submenu[c][e] end - end + if 0 == #cat.groups then + table.remove(cats, x) + end end - sessiondata.menu.submenu = tempsub + sessiondata.menu = {} + sessiondata.menu.cats = cats + -- Debug: Timestamp on menu creation sessiondata.menu.timestamp = {tab="Menu_created: " .. os.date(),action="Menu_created: " .. os.date(),} end @@ -104,7 +69,8 @@ mvc.on_load = function (self, parent) self.conf.libdir = self.conf.libdir or ( self.conf.appdir .. "/lib/" ) self.conf.sessiondir = self.conf.sessiondir or "/tmp/" self.conf.appuri = "https://" .. ENV.HTTP_HOST .. ENV.SCRIPT_NAME - self.conf.default_controller = "welcome" + self.conf.default_controller = "welcome" + self.conf.default_action = "read" self.clientdata = FORM self.conf.clientip = ENV.REMOTE_ADDR @@ -115,68 +81,66 @@ mvc.on_load = function (self, parent) sessionlib=require ("session") + -- before we look at sessions, remove old sessions and events + -- this prevents us from giving a "session timeout" message, but I'm ok with that + sessionlib.expired_events(self.conf.sessiondir) + -- Load the session data + self.sessiondata = nil self.sessiondata = {} - - local tempid = "" - if self.clientdata.sessionid == nil then - self.sessiondata.id = sessionlib.random_hash(512) - tempid = self.sessiondata.id - if not (self.sessiondata.menu) then - build_menus(self) - end - - else + if nil ~= self.clientdata.sessionid then + logevent("Found session id = " .. self.clientdata.sessionid) + -- Load existing session data local timestamp - tempid = self.clientdata.sessionid timestamp, self.sessiondata = sessionlib.load_session(self.conf.sessiondir, self.clientdata.sessionid) - build_menus(self) if timestamp == nil then - self.sessiondata.id = tempid + -- invalid session id, report event and create new one sessionlib.record_event(self.conf.sessiondir, sessionlib.hash_ip_addr(self.conf.clientip)) - build_menus(self) + logevent("Didn't find session") else - - -- FIXME: This is probably wrong place to generate the menus - - local now = os.time() - local minutes_ago = now - (sessionlib.minutes_expired_events * 60) - if timestamp < minutes_ago then - sessionlib.unlink_session(self.conf.sessiondir, self.clientdata.sessionid) - sessiondata.id = sessionlib.random_hash(512) - sessionlib.count_events(self.conf.sessiondir,self.conf.userid or "", sessionlib.hash_ip_addr(self.conf.clientip),sessionlib.limit_count_events) - --[[ - FIXME --- need to write this function - if too many bad events for this ip invaidate the session - - if (timestamp is > 10 minutes old) - sessionlib.unlink.session (self.conf.sessiondir, - self.sessiondata.id) - self.sessiondata = {} - self.sessiondata.id = sessionlib.random_hash(512) - generate flash message "Inactivity logout" - end - ]]-- - sessionlib.expired_events(self.conf.sessiondir,sessionlib.minutes_expired_events) - build_menus(self) + logevent("Found session") + -- We read in a valid session, check if it's ok + if sessionlib.count_events(self.conf.sessiondir,self.conf.userid or "", sessionlib.hash_ip_addr(self.conf.clientip)) then + logevent("Bad session, erasing") + -- Too many events on this id / ip, kill the session + sessionlib.unlink_session(self.conf.sessiondir, self.clientdata.sessionid) + self.sessiondata.id = nil end end end + + if nil == self.sessiondata.id then + self.sessiondata = {} + self.sessiondata.id = sessionlib.random_hash(512) + logevent("New session = " .. self.sessiondata.id) + end + if nil == self.sessiondata.permissions or nil == self.sessiondata.menu then + logevent("Build menus") + build_menus(self) + end end +mvc.check_permission = function(self, controller, action) + logevent("Trying " .. (controller or "nil") .. ":" .. (action or "nil")) + if nil == self.sessiondata.permissions then return false end + if controller then + if nil == self.sessiondata.permissions[controller] then return false end + if action and nil == self.sessiondata.permissions[controller][action] then return false end + end + return true +end mvc.post_exec = function (self) sessionlib=require ("session") -- sessionlib.serialize("s", sessiondata)) if sessiondata.id then - sessionlib.save_session(conf.sessiondir, - sessiondata.id, sessiondata) + sessionlib.save_session(conf.sessiondir, sessiondata) end -- Close the logfile - conf.logfile:close() + conf.logfile:close() end @@ -249,15 +213,13 @@ view_resolver = function(self) local m,worker_loaded,model_loaded = self:new("alpine-baselayout/hostname") local alpineversion = self:new("alpine-baselayout/alpineversion") - -- FIXME - this is ugly, but it puts the hostname the expected - -- format if the controller doesn't load correctly - local h = {} - -- If the worker and model loaded correctly, then -- use the sub-controller + local h if worker_loaded and model_loaded then h = m.worker.read(m) else + h = {} h.hostname = { value = "unknown" } end @@ -273,18 +235,9 @@ view_resolver = function(self) skin = self.conf.skin or "" } - -- Fetch the menu's from sessiondata (filter out what's needed) - local menu = self.sessiondata.menu.mainmenu - local submenu = self.sessiondata.menu.submenu[pageinfo.controller] - ---[[ -- DEBUG: Next row's is to display when the menu was created (see function build_menus(self) in BOF) - if (submenu) then - submenu[99] = sessiondata.menu.timestamp - end ---]] return function (viewtable) local template = haserl.loadfile (template) - return template ( pageinfo, menu, submenu, viewtable, self.sessiondata ) + return template ( pageinfo, viewtable, self.sessiondata ) end end @@ -298,7 +251,10 @@ end exception_handler = function (self, message ) local html = require ("html") - mvc.post_exec (self) + pcall(function() + if sessiondata.id then logevent("Redirecting " .. sessiondata.id) end + mvc.post_exec (self) + end) -- don't want exceptions from this if type(message) == "table" then if message.type == "redir" then io.write ("Status: 302 Moved\n") @@ -315,7 +271,7 @@ exception_handler = function (self, message ) elseif message.type == "dispatch" then parent_exception_handler(self, message) end - else + else parent_exception_handler( self, message) end end diff --git a/app/template-html.lsp b/app/template-html.lsp index 473674a..cbb5c29 100644 --- a/app/template-html.lsp +++ b/app/template-html.lsp @@ -1,6 +1,5 @@ -<? local pageinfo , mainmenu, submenu, viewtable, session = ... - html=require("html") - sess=require("session") ?> +<? local pageinfo , viewtable, session = ... + html=require("html") ?> Status: 200 OK Content-Type: text/html <? if (session.id) then @@ -38,11 +37,10 @@ Content-Type: text/html <p> <? local ctlr = pageinfo.script .. "/acf-util/logon/" - sname = sess.check_session("/tmp", session.id) - if sname == "an unknown user" then - io.write ( string.format("\t\t\t\t\t\t<a href=\"%s\">Log in</a>\n", ctlr .. "logon" ) ) + if session.userinfo and session.userinfo.userid then + io.write ( string.format("\t\t\t\t\t\t<a href=\"%s\">Log out as '" .. session.userinfo.userid .. "'</a>\n", ctlr .. "logout" ) ) else - io.write ( string.format("\t\t\t\t\t\t<a href=\"%s\">Log out as '" .. sname .. "'</a>\n", ctlr .. "logout" ) ) + io.write ( string.format("\t\t\t\t\t\t<a href=\"%s\">Log in</a>\n", ctlr .. "logon" ) ) end ?> | <a href="/">home</a> | @@ -61,37 +59,25 @@ Content-Type: text/html </div> <? - -- FIXME: This needs to go in a library function somewhere (menubuilder?) + local class + local tabs io.write ( "<ul>") - - local cat, group - local class - for k,v in ipairs(mainmenu) do - if v.cat ~= cat then - if not (cat == nil) and not (cat == "") then - io.write ("\t\t\t\t\t</ul>") - end - cat = v.cat - if (cat ~= "") then -- Filter out empty categories - io.write (string.format("\n\t\t\t\t<li>%s\n\t\t\t\t\t<ul>\n", cat)) --start row - end - group = "" - end - if v.group ~= group then - group = v.group - if pageinfo.prefix == v.prefix .. "/" and - pageinfo.controller == v.controller then + for x,cat in ipairs(session.menu.cats) do + io.write (string.format("\n\t\t\t\t<li>%s\n\t\t\t\t\t<ul>\n", cat.name)) --start row + for y,group in ipairs(cat.groups) do + if pageinfo.prefix == group.prefix .. '/' and pageinfo.controller == group.controller then class="class='selected'" + tabs = group.tabs else class="" end io.write (string.format("\t\t\t\t\t\t<li %s><a href=\"%s%s/%s/%s\">%s</a></li>\n", - class,ENV.SCRIPT_NAME,v.prefix, v.controller, v.action, v.group )) + class,ENV.SCRIPT_NAME,group.prefix, group.controller, group.tabs[1].action, group.name )) end - end ?> - </ul> - </li> - </ul> + io.write ( "\t\t\t\t\t</ul>" ) + end + io.write ( "\n\t\t\t\t</li>\n\t\t\t</ul>\n") + ?> <div class="tailer"> </div> @@ -116,13 +102,13 @@ Content-Type: text/html </div> <? local class="" ?> - <? for k,v in pairs(submenu or {}) do - if submenu[k]["action"] == pageinfo.action then + <? for x,tab in pairs(tabs or {}) do + if tab.action == pageinfo.action then class="class='selected'" else class="" end - io.write (string.format('\t\t\t<a %s href="%s">%s</a>\n',class,submenu[k]["action"],submenu[k]["tab"] )) + io.write (string.format('\t\t\t<a %s href="%s">%s</a>\n',class,tab.action,tab.name )) end ?> diff --git a/app/welcome-controller.lua b/app/welcome-controller.lua index 450952c..3ff5cc5 100644 --- a/app/welcome-controller.lua +++ b/app/welcome-controller.lua @@ -1,27 +1,8 @@ -- A standin controller for testing - module (..., package.seeall) --- Cause an http redirect to our "read" action --- We use the self.conf table because it already has prefix,controller,etc --- The redir code is defined in the application error handler (acf-controller) -local list_redir = function (self) - self.conf.action = "read" - self.conf.type = "redir" - error (self.conf) -end - -mvc = {} -mvc.on_load = function(self, parent) - -- It doesn't matter what action they choose - we only support read - if ( self.conf.action ~= "read") then - list_redir(self) - end -end - - read = function (self ) - return ( { } ) + return ( {self = self} ) end diff --git a/app/welcome-html.lsp b/app/welcome-html.lsp index 7f205fe..b961a83 100644 --- a/app/welcome-html.lsp +++ b/app/welcome-html.lsp @@ -1,3 +1,5 @@ <? view = ... ?> <h1>Alpine Configuration Framework</h1> <p>Welcome.</p> + +<? io.write(html.cfe_unpack(view)) ?> |