From 378e53f20a0f11c36afffbaef78f47a5303df9ce Mon Sep 17 00:00:00 2001 From: Ted Trask Date: Wed, 30 Apr 2008 20:36:02 +0000 Subject: Modified cfe, removing option, errtxt, and name, and adding label - This may break things. Rewrote password module, adding model Modified authenticator to make password module work git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1052 ab2d0c66-481e-0410-8bed-d214d4d58bed --- app/acf-util/logon-controller.lua | 8 +- app/acf-util/logon-html.lsp | 21 +- app/acf-util/logon-model.lua | 6 +- app/acf-util/password-controller.lua | 382 +++++----------------------------- app/acf-util/password-html.lsp | 74 ++----- app/acf-util/password-status-html.lsp | 92 +++----- 6 files changed, 109 insertions(+), 474 deletions(-) (limited to 'app/acf-util') diff --git a/app/acf-util/logon-controller.lua b/app/acf-util/logon-controller.lua index 7d4447b..1dc3360 100644 --- a/app/acf-util/logon-controller.lua +++ b/app/acf-util/logon-controller.lua @@ -6,7 +6,9 @@ default_action = "status" -- Logon a new user based upon id and password in clientdata logon = function(self) - local cmdresult = cfe({ value=clientdata.userid or "", name="User ID" }) + local userid = cfe({ value=clientdata.userid or "", label="User ID" }) + local password = cfe({ label="Password" }) + local cmdresult = cfe({ type="form", value={userid=userid, password=password}, label="Logon" }) if clientdata.userid and clientdata.password then local logon = self.model:logon(clientdata, conf.clientip, conf.sessiondir, sessiondata) -- If successful logon, redirect to status, otherwise try again @@ -28,8 +30,8 @@ end -- Report the login status status = function(self) - local name = cfe({ name="User Name" }) - local sessionid = cfe({ value=self.sessiondata.id or "", name="Session ID" }) + local name = cfe({ label="User Name" }) + local sessionid = cfe({ value=self.sessiondata.id or "", label="Session ID" }) if self.sessiondata.userinfo then name.value = self.sessiondata.userinfo.username or "" end diff --git a/app/acf-util/logon-html.lsp b/app/acf-util/logon-html.lsp index 20aa0ee..f503a9b 100644 --- a/app/acf-util/logon-html.lsp +++ b/app/acf-util/logon-html.lsp @@ -1,20 +1,19 @@ + - +

Command Result

-

Logon

-
-
-
User id
-
-
Password
-
-
-
-
+

+ diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua index 7e8a21e..16e9f7f 100644 --- a/app/acf-util/logon-model.lua +++ b/app/acf-util/logon-model.lua @@ -29,7 +29,7 @@ logoff = function (sessiondir, sessiondata) sessiondata[a] = nil end - return cfe({ type="boolean", value=success, name="Logoff Success" }) + return cfe({ type="boolean", value=success, label="Logoff Success" }) end -- Log on new user if possible and set up userinfo in session @@ -57,12 +57,12 @@ logon = function (self, clientdata, ip_addr, sessiondir, sessiondata) sessiondata.id = session.random_hash(512) local t = auth.get_userinfo (self, clientdata.userid) sessiondata.userinfo = t or {} - return cfe({ type="boolean", value=true, name="Logon Success" }) + return cfe({ type="boolean", value=true, label="Logon Success" }) else -- We have a bad login, log the event session.record_event(sessiondir, clientdata.userid, session.hash_ip_addr(ip_addr)) end end - return cfe({ type="boolean", value=false, name="Logon Success" }) + return cfe({ type="boolean", value=false, label="Logon Success" }) end diff --git a/app/acf-util/password-controller.lua b/app/acf-util/password-controller.lua index 4dbe1eb..1d3aa7a 100755 --- a/app/acf-util/password-controller.lua +++ b/app/acf-util/password-controller.lua @@ -1,360 +1,78 @@ module(..., package.seeall) -local auth=require("authenticator-plaintext") - -default_action = "status" - -local function admin_permission() --- if (sessiondata.userinfo) and (sessiondata.userinfo.userid == "alpine") then - return true --- else --- return false --- end -end - -local function check_logonstatus(self) - -- Redirect the user if he's not logged in. - if not (self.sessiondata.userinfo) then - redirect(self, "logon", "logon") - end -end - -local function get_config(self,userid) - local config = {} - local userinfo = {} - if (#userid > 0) then - userinfo=auth.get_userinfo(self,userid) - end - if not (userinfo) then - userinfo = {userid = "", username = "", roles = {} } - end - - -- Get list of available roles - local avail_roles=auth.list_roles() - --- config.debug = userid -- Debug info - - config.userid = cfe({ - name="userid", - label="User id", - value=(userinfo.userid or ""), - }) - config.orguserid = cfe({ - name="orguserid", - value=(userinfo.userid or ""), - type="hidden", - }) - config.username = cfe({ - name="username", - label="Real name", - value=userinfo.username, - }) - config.roles = cfe({ - name="roles", - label="Roles", - option=userinfo.roles, - type="select", - size=#avail_roles, - }) - config.password = cfe({ - name="password", - label="Password", - type="passwd", - }) - config.password_confirm = cfe({ - name="password_confirm", - label="Password (confirm)", - type="passwd", - }) - - config.availableroles = cfe({ - name="availableroles", - label="Available roles", - type="select", - option=avail_roles, - }) - - return config -end +default_action = "editme" function status(self) - - -- Redirect the user if he's not logged in. - check_logonstatus(self) - - local status = {} - - -- Check for admin persmissions - else redirect to personal options - if not (admin_permission()) then - self.conf.action = "editme" - return editme(self) - end - - -- Redirect when creating a new account - if (clientdata.cmdnew) then - self.conf.action = "administrator" - self.conf.type = "redir" - - return administrator(self) - end - - --List all users and their userinfo - status.users = {} - local userlist = auth.list_users(self) - for k,v in pairs(userlist) do - local userinfo = auth.get_userinfo(self,v) - status.users[k] = cfe({ - name=v, - label=v, --- debug=userinfo, -- Debug info - value={ userid=cfe ({ - name="userid", - label="User ID", - value=userinfo.userid, - }), - username=cfe ({ - name="username", - label="Real name", - value=userinfo.username, - }), - roles=cfe ({ - name="roles", - label="Roles", - value=table.concat(userinfo.roles," / "), - option=userinfo.roles, - type="select", - }), - }, - - }) - local errormessage = "" - -- Check if this user has got any errors in the config - if (userinfo.password == "") or (userinfo.password == nil) then - errormessage = "This user has no password! ".. errormessage - end - -- Check if user has no roles - if (table.maxn(userinfo.roles) == 0) then - errormessage = "This user has no roles! " .. errormessage - end - -- If there where any errormessages, then present them - if (#errormessage > 0) then - status.users[k].value.errors = cfe ({ - name="errors", - label="Attention", - value=errormessage, - }) - end - end - - --Create a button for 'New user account' - status.cmdnew = cfe ({ - name="cmdnew", - type="submit", - label="Create new account", - value="Create", --- disabled="yes", - }) - return { status=status } -end - -function administrator(self) - - -- Redirect the user if he's not logged in. - check_logonstatus(self) - - local output = {} - - -- Check for admin persmissions - else redirect to personal options - if not (admin_permission()) then - self.conf.action = "editme" - self.conf.type = "redir" - return editme(self) - end - - -- Output userinfo - output = get_config(self,(self.clientdata.orguserid or self.clientdata.userid or "")) - - -- Clear password-field - output.password.value = "" - - -- Add some buttons - output.cmdsave = cfe ({ - name="cmdsave", - type="submit", - label="Save changes", - value="Save", - }) - output.cmddelete = cfe ({ - name="cmddelete", - type="submit", - label="Delete this account", - value="Delete", - }) - - return {config=output} + return self.model.get_users(self) end function editme(self) + -- just to make sure can't modify any other user from this action + self.clientdata.userid = sessiondata.userinfo.userid + self.clientdata.roles = nil + -- if password is blank, don't update it or require it + if self.clientdata.password == "" then self.clientdata.password = nil end + if self.clientdata.password_confirm == "" then self.clientdata.password_confirm = nil end - -- Redirect the user if he's not logged in. - check_logonstatus(self) - - -- Output userinfo - local output = get_config(self,sessiondata.userinfo.userid) + -- Update userinfo + local output = self.model.update_user(self, self.clientdata, false) - -- Hide roles/cmddelete for current the user - output.roles = nil - output.cmddelete = nil + -- Don't allow changing of roles for yourself + output.value.roles = nil - -- Disable userid - output.userid.disabled = "yes" - - -- Set userid - output.orguserid.value = self.sessiondata.userinfo.userid - - -- Add save-button - output.cmdsave = cfe ({ - name="cmdsave", - type="submit", - label="Save changes", - value="Save", - }) - - return {config=output} + output.label = "Edit My Settings" + return output end -local clientdata_from_roles = function(self) - local output = {} +function edituser(self) + -- if password is blank, don't update it or require it + if self.clientdata.password == "" then self.clientdata.password = nil end + if self.clientdata.password_confirm == "" then self.clientdata.password_confirm = nil end - for k,v in pairs(auth.list_roles()) do - if (self.clientdata[v]) then - table.insert(output, v) + -- FIXME this is because multi selects don't work in haserl + if self.clientdata.roles then + local newroles = {} + for x,role in pairs(self.clientdata.roles) do + newroles[#newroles + 1] = role end + self.clientdata.roles = newroles end - - return output -end - -function save(self) - -- Redirect the user if he's not logged in. - check_logonstatus(self) - - local errormessage = {} - local cmdresult = {} - -- FIXME: Check if user is allowed to save settings - -- FIXME: If user has little priviliges, then see to that he only can change hes own settings - -- At the moment... the user could send self.clientdata.orguserid = 'someoneelseid' and change hes settings. - -- This field is hidden for user... but advanced users could probably workaround somehow. + -- Update userinfo + local output = self.model.update_user(self, self.clientdata, false) - -- Delete selected user - if (clientdata.cmddelete) then - cmdresult["delete"],errormessage["delete"] = auth.delete_user(self,self.clientdata.orguserid) + -- result + if output.descr and output.errtxt == nil then + redirect(self, "status") end - -- If userid-filed is disabled, then use orguserid instead (hidden filed) - if not (self.clientdata.userid) then - self.clientdata.userid = self.clientdata.orguserid - end - - -- We start changing things based on input - if (clientdata.cmdsave) then - -- Check if password is written correct - if (self.clientdata.password == self.clientdata.password_confirm) and - (#self.clientdata.userid > 0) then - -- Check if we are editing a existing user or creating a new one - if (#clientdata.orguserid > 0) then - local variables="username userid roles" - -- Change password if user entered any values - if (#self.clientdata.password > 0) then - variables = variables .. " password" - end - -- Concate roles into one chunk of data (needed by the model) - self.clientdata.roles = table.concat(clientdata_from_roles(self), ",") + output.label = "Edit User Settings" + return output +end --- cmdresult.debugs = self.clientdata.orguserid -- Debug information - for var in string.gmatch(variables, "%S+") do - if (self.clientdata[var]) then - cmdresult["cmdtype"] = "change" - cmdresult[var],errormessage[var] = auth.change_settings( - self, - self.clientdata.orguserid, - var, self.clientdata[var] - ) - end - end - else - -- We are about to create a new user - cmdresult["cmdtype"] = "new" - cmdresult["new"],errormessage["new"] = auth.new_settings( - self, - self.clientdata.userid, - self.clientdata.username, - self.clientdata.password, - self.clientdata.password_confirm, - clientdata_from_roles(self) - ) - end - elseif (self.clientdata.password ~= self.clientdata.password_confirm) then - errormessage.none = {password_confirm = "You entered wrong password/confirmation"} - elseif (#self.clientdata.userid == 0) then - errormessage.none = {userid = "Userid can not be blank!"} +function newuser(self) + -- FIXME this is because multi selects don't work in haserl + if self.clientdata.roles then + local newroles = {} + for x,role in pairs(self.clientdata.roles) do + newroles[#newroles + 1] = role end + self.clientdata.roles = newroles end - -- Fetch saved values - local output = administrator(self) + -- Update userinfo + local output = self.model.update_user(self, self.clientdata, true) - -- Report errors from previously entered values (present this error for the user) - if (cmdresult["cmdtype"] == "new") then - -- Report where the user entered som errors - for k,v in pairs(errormessage["new"]) do - output.config[k].errtxt = v - end - else - -- Report where the user entered som errors - for k,v in pairs(errormessage) do - for kk,vv in pairs(v) do - output.config[kk].errtxt = vv - end - end + -- result + if output.descr and output.errtxt == nil then + redirect(self, "status") end - -- If there was any errormessage then return to previous page and present the errormessage - for k,v in pairs(errormessage) do - for kk,vv in pairs(v) do - - -- Incase we entered some invalid options, but entered correct Password (and it has been changed) - -- then inform the user that the password has been changed - if (cmdresult.password) then - output.config.password.descr = "* Password has been changed!" - end - - -- Write the previously entered information on the screen. - for k,v in pairs(self.clientdata) do - if (output.config[k]) and (k == roles) then - table.insert(output.config[k].option, v) - elseif (output.config[k]) then - output.config[k].value = v - end - end - - -- Because something went wrong... clear the password and let the user re-enter the password/confirmation - output.config.password.value = "" - output.config.password_confirm.value = "" - - -- Debug information --- output.config.debugcmdresult = cmdresult -- Debug information - - -- Redirect page - self.conf.action = "administrator" - self.conf.type = "redir" - return output - end - end + output.label = "New User Settings" + return output +end - --If everything went OK then redirect to main page - self.conf.action = "status" - self.conf.type = "redir" - return status(self) +function deleteuser(self) + self.model.delete_user(self, self.clientdata.userid) + redirect(self, "status") end diff --git a/app/acf-util/password-html.lsp b/app/acf-util/password-html.lsp index 5d4d488..a11d9e3 100755 --- a/app/acf-util/password-html.lsp +++ b/app/acf-util/password-html.lsp @@ -1,72 +1,30 @@ + DEBUGGING

DEBUG INFO: CFE

") io.write(html.cfe_unpack(form)) +io.write(html.cfe_unpack(ENV)) +io.write(html.cfe_unpack(FORM)) io.write("") --]] ?> -") - for k,v in pairs(tags) do - if (myform) and (myform[v]) and (myform[v]["value"]) then - local val = myform[v] - if (val.type) and not (val.type == "hidden") then - io.write("\n\t 0) then - val.class = "error" - io.write(" class='error'") - end - io.write(">" .. val.label .. "") - io.write("\n\t\t
") - if (viewtype == "viewonly") then - io.write(val.value) - elseif (viewtype == "roles") then - for k,v in pairs(form.config.availableroles.option) do - local checked = "" - if (type(form.config.roles.option) == "table") then - for kk,vv in pairs(form.config.roles.option) do - if (v == vv) then - checked = "checked='yes'" - break - end - end - end - io.write("\n\t\t\t" ..v .. ": ") - end - else - io.write(html.form[val.type](val)) - end - if (val.descr) and (#val.descr > 0) then io.write("\t\t

" .. string.gsub(val.descr, "\n", "
") .. "

\n") end - if (#val.errtxt > 0) then io.write("\t\t

" .. string.gsub(val.errtxt, "\n", "
") .. "

") end - io.write("\n\t\t
") - else - io.write(html.form[val.type](val)) - end - end - end - io.write("\n") -end -?> - -

CONFIG

-

Settings

-
- -

Actions

+

-
") --]] ?> -") - for k,v in pairs(tags) do - if (myform[v]) and (myform[v]["value"]) then - local val = myform[v] - io.write("\t 0) then - val.class = "error" - io.write(" class='error'") - end - io.write(">" .. val.label .. "\n") - if (viewonly) then - io.write("\t\t
" .. val.value .. "\n") - else - io.write("\t\t
" .. html.form[val.type](val) .. "\n") - end - if (val.descr) and (#val.descr > 0) then io.write("\t\t

" .. string.gsub(val.descr, "\n", "
") .. "

\n") end - if (#val.errtxt > 0) then io.write("\t\t

" .. string.gsub(val.errtxt, "\n", "
") .. "

\n") end - io.write("\t\t
\n") - end - end - io.write("") -end -?> -

USER ACCOUNTS

Create new account

-
- + +

Existing account

-") -if (type(myform) == "table") then - for k,v in pairs(myform) do - local myform = myform[k] - io.write("\t 0) then - myform.class = "error" - io.write(" class='error'") - end - io.write("> " .. myform.label .. "\n") - io.write("\t\t
\n\t\t") - io.write("\n\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t") - io.write("\n\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t") - io.write("\n\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t") - if (myform.value.errors) then - io.write("\n\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t") - end - io.write("\n\t\t\t") - io.write("\n\t\t\t\n\t\t\t\t\n\t\t\t\t\n\t\t\t") - io.write("\n\t\t
".. myform.value.userid.label .. - "" .. myform.value.userid.value .. "
".. myform.value.username.label .. - "" .. myform.value.username.value .. "
".. myform.value.roles.label .. - "" .. myform.value.roles.value .. "
".. myform.value.errors.label .. - "" .. myform.value.errors.value .. "
Option[Edit this account]
\n") - if (#myform.errtxt > 0) then io.write("\t\t

" .. string.gsub(myform.errtxt, "\n", "
") .. "

\n") end - io.write("\t\t
\n") - end -end -io.write("") -?> - +
+ +
+
+ + + + + + + + + + + + + +
Option + [Edit this account] + [Delete this account] +
+ +