summaryrefslogtreecommitdiffstats
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/acf-util/logon-model.lua22
-rwxr-xr-xapp/acf-util/password-controller.lua132
-rwxr-xr-xapp/acf-util/password-model.lua112
-rwxr-xr-xapp/acf-util/password-status-html.lsp3
-rw-r--r--app/acf-util/roles-model.lua4
5 files changed, 69 insertions, 204 deletions
diff --git a/app/acf-util/logon-model.lua b/app/acf-util/logon-model.lua
index 3644a09..b817cf9 100644
--- a/app/acf-util/logon-model.lua
+++ b/app/acf-util/logon-model.lua
@@ -6,18 +6,7 @@ require ("session")
require ("html")
require ("fs")
require ("roles")
-
---varibles for time in case of logons,expired,lockouts
-
--- load an authenticator
--- FIXME: use an "always true" as default?
-
-local auth
-if authenticator then
- auth = require ("authenticator-" .. conf.authenticator)
-else
- auth = require ("authenticator-plaintext")
-end
+require ("authenticator")
-- Logoff the user by deleting session data
logoff = function (sessiondir, sessiondata)
@@ -42,7 +31,7 @@ logon = function (self, userid, password, ip_addr, sessiondir, sessiondata)
end
if false == countevent and userid and password then
- if auth.authenticate (self, userid, password) then
+ if authenticator.authenticate (self, userid, password) then
-- We have a successful login, change sessiondata
-- for some reason, can't call this function or it skips rest of logon
-- logout(sessiondir, sessiondata)
@@ -54,8 +43,11 @@ logon = function (self, userid, password, ip_addr, sessiondir, sessiondata)
end
--]]
sessiondata.id = session.random_hash(512)
- local t = auth.get_userinfo (self, userid)
- sessiondata.userinfo = t or {}
+ local t = authenticator.get_userinfo (self, userid)
+ sessiondata.userinfo = {}
+ for name,value in pairs(t.value) do
+ sessiondata.userinfo[name] = value.value
+ end
return cfe({ type="boolean", value=true, label="Logon Success" })
else
-- We have a bad login, log the event
diff --git a/app/acf-util/password-controller.lua b/app/acf-util/password-controller.lua
index 20f04ef..bea4480 100755
--- a/app/acf-util/password-controller.lua
+++ b/app/acf-util/password-controller.lua
@@ -8,97 +8,59 @@ function status(self)
end
function editme(self)
- local output = self.model.read_user(self, self.sessiondata.userinfo.userid)
-
- if clientdata.Save then
- -- just to make sure can't modify any other user from this action
- self.clientdata.userid = self.sessiondata.userinfo.userid
-
- -- As a special case for update_user, settings that don't change are nil
- self.clientdata.roles = nil
- output.value.roles.value = nil
- -- if password is blank, don't update it or require it
- if not self.clientdata.password or self.clientdata.password == "" then
- self.clientdata.password = nil
- output.value.password.value = nil
- end
- if not self.clientdata.password_confirm or self.clientdata.password_confirm == "" then
- self.clientdata.password_confirm = nil
- output.value.password_confirm.value = nil
- end
-
- controllerfunctions.handle_clientdata(output, clientdata)
-
- -- Update userinfo
- output = self.model.update_user(self, output)
- if not output.errtxt then
- output.descr = "Saved user"
- end
- output = self:redirect_to_referrer(output)
- else
- output = self:redirect_to_referrer() or output
- end
-
- -- Don't allow changing of roles for yourself
- output.value.roles = nil
-
- output.type = "form"
- output.label = "Edit My Settings"
- output.option = "Save"
- return output
+ -- just to make sure can't modify any other user from this action
+ self.clientdata.userid = self.sessiondata.userinfo.userid
+ return controllerfunctions.handle_form(self, function()
+ local value = self.model.read_user(self, self.sessiondata.userinfo.userid)
+ -- We don't allow a user to modify his own roles or dnsfiles
+ value.value.roles = nil
+ value.value.dnsfiles = nil
+ return value
+ end, function(value)
+ -- If password and password_confirm are blank, don't set them
+ local pw, pwc
+ if value.value.password.value == "" and value.value.password_confirm.value == "" then
+ pw = value.value.password
+ pwc = value.value.password_confirm
+ value.value.password = nil
+ value.value.password_confirm = nil
+ end
+ value = self.model.update_user(self, value)
+ if pw then
+ value.value.password = pw
+ value.value.password_confirm = pwc
+ end
+ return value
+ end, self.clientdata, "Save", "Edit My Settings", "Saved user")
end
function edituser(self)
- local output = self.model.read_user(self, self.clientdata.userid)
- if self.clientdata.Save then
- -- As a special case for update_user, settings that don't change are nil
- -- if password is blank, don't update it or require it
- if not self.clientdata.password or self.clientdata.password == "" then
- self.clientdata.password = nil
- output.value.password.value = nil
- end
- if not self.clientdata.password_confirm or self.clientdata.password_confirm == "" then
- self.clientdata.password_confirm = nil
- output.value.password_confirm.value = nil
- end
-
- controllerfunctions.handle_clientdata(output, clientdata)
-
- -- Update userinfo
- output = self.model.update_user(self, output)
- if not output.errtxt then
- redirect(self, "status")
- end
- output = self:redirect_to_referrer(output)
- else
- output = self:redirect_to_referrer() or output
- end
-
- output.type = "form"
- output.label = "Edit User Settings"
- output.option = "Save"
- return output
+ return controllerfunctions.handle_form(self, function()
+ return self.model.read_user(self, self.clientdata.userid)
+ end, function(value)
+ -- If password and password_confirm are blank, don't set them
+ local pw, pwc
+ if value.value.password.value == "" and value.value.password_confirm.value == "" then
+ pw = value.value.password
+ pwc = value.value.password_confirm
+ value.value.password = nil
+ value.value.password_confirm = nil
+ end
+ value = self.model.update_user(self, value)
+ if pw then
+ value.value.password = pw
+ value.value.password_confirm = pwc
+ end
+ return value
+ end, self.clientdata, "Save", "Edit User Settings", "Saved user")
end
function newuser(self)
- local output = self.model.read_user(self)
- if self.clientdata.Save then
- controllerfunctions.handle_clientdata(output, clientdata)
-
- -- Update userinfo
- output = self.model.create_user(self, output)
- if not output.errtxt then
- redirect(self, "status")
- end
- output = self:redirect_to_referrer(output)
- else
- output = self:redirect_to_referrer() or output
- end
-
- output.type = "form"
- output.label = "New User Settings"
- output.option = "Save"
- return output
+ return controllerfunctions.handle_form(self, function()
+ return self.model.read_user(self)
+ end, function(value)
+ return self.model.create_user(self, value)
+ end, self.clientdata, "Save", "New User Settings", "Saved user", "status")
end
function deleteuser(self)
diff --git a/app/acf-util/password-model.lua b/app/acf-util/password-model.lua
index 1e78e5d..87c2e6f 100755
--- a/app/acf-util/password-model.lua
+++ b/app/acf-util/password-model.lua
@@ -1,125 +1,33 @@
module(..., package.seeall)
-local auth=require("authenticator-plaintext")
+require("authenticator")
function create_user(self, userdata)
- return update_user(self, userdata, true)
+ return authenticator.new_settings(self, userdata)
end
function read_user(self, user)
- local config = {}
- local errtxt
-
- -- Read the user data
- local userinfo
- if user and (#user > 0) then
- userinfo = auth.get_userinfo(self,user)
- if not userinfo then
- errtxt = "User does not exist"
- end
- end
- userinfo = userinfo or {}
-
- config.userid = cfe({
- label="User id",
- value=(userinfo.userid or user or ""),
- errtxt = errtxt
- })
- config.username = cfe({
- label="Real name",
- value=(userinfo.username or ""),
- })
- config.roles = cfe({
- label="Roles",
- value=(userinfo.roles or {}),
- type="multi",
- option=auth.list_roles(),
- })
- config.password = cfe({
- label="Password",
- })
- config.password_confirm = cfe({
- label="Password (confirm)",
- })
-
- return cfe({ type="group", value=config, errtxt = errtxt, label="User Config" })
+ return authenticator.get_userinfo(self, user)
end
-function update_user(self, userdata, newuser)
- local result
- local errormessage = {}
-
- -- Try to write new or update existing data
- if newuser == true then
- result, errormessage = auth.new_settings(self, userdata.value.userid.value, userdata.value.username.value, userdata.value.password.value, userdata.value.password_confirm.value, userdata.value.roles.value)
- if result == false then
- userdata.errtxt = "Failed to create new user"
- end
- else
- -- As a special case, settings that don't change are nil
- result, errormessage = auth.change_settings(self, userdata.value.userid.value, userdata.value.username.value, userdata.value.password.value, userdata.value.password_confirm.value, userdata.value.roles.value)
- if result == false then
- userdata.errtxt = "Failed to save changes"
- end
- -- We can't return any nil values, so set then
- local olduserdata = read_user(self, userdata.value.userid.value)
- for name,value in pairs(userdata.value) do
- if value.value == nil then
- value.value = olduserdata.value[name].value
- end
- end
- end
-
- userdata.value.password.value = ""
- userdata.value.password_confirm.value = ""
-
- if result == false then
- -- now, copy in the errors
- for name,value in pairs(userdata.value) do
- value.errtxt = errormessage[name]
- end
- end
-
- return userdata
+function update_user(self, userdata)
+ return authenticator.change_settings(self, userdata)
end
function get_users(self)
--List all users and their userinfo
local users = {}
- local userlist = auth.list_users(self)
+ local userlist = authenticator.list_users(self)
for x,user in pairs(userlist) do
- local userinfo = auth.get_userinfo(self,user)
- users[user] = cfe({
- type="group",
- label=user,
- value={ userid=cfe ({
- label="User ID",
- value=userinfo.userid,
- }),
- username=cfe ({
- label="Real name",
- value=userinfo.username,
- }),
- roles=cfe ({
- label="Roles",
- value=userinfo.roles,
- option=auth.list_roles(),
- type="multi",
- }),
- },
-
- })
+ users[user] = read_user(self, user)
+ users[user].value.password = nil
+ users[user].value.password_confirm = nil
end
return cfe({ type="group", value=users, label="User Configs" })
end
function delete_user(self, userid)
- local result, errmessages = auth.delete_user(self, userid)
- local value
- if result then value = "User Deleted" else value = "Failed to Delete User" end
- local errtxt
- if #errmessages > 0 then errtxt = errmessages:concat("\n") end
- return cfe({ value=value, errtxt=errtxt, label="Delete User Result" })
+ return authenticator.delete_user(self, userid)
end
diff --git a/app/acf-util/password-status-html.lsp b/app/acf-util/password-status-html.lsp
index c16e0d6..8091316 100755
--- a/app/acf-util/password-status-html.lsp
+++ b/app/acf-util/password-status-html.lsp
@@ -30,6 +30,9 @@ io.write("</span>")
<TD STYLE='border:none;'><B><?= user.value.roles.label ?></B></TD>
<TD STYLE='border:none;'><?= table.concat(user.value.roles.value, " / ") ?></TD>
</TR><TR>
+ <TD STYLE='border:none;'><B><?= user.value.dnsfiles.label ?></B></TD>
+ <TD STYLE='border:none;'><?= table.concat(user.value.dnsfiles.value, "<br>") ?></TD>
+ </TR><TR>
<TD STYLE='border:none;'><B>Option</B></TD>
<TD STYLE='border:none;'>
[<A HREF='edituser?userid=<?= name ?>'>Edit this account</A>]
diff --git a/app/acf-util/roles-model.lua b/app/acf-util/roles-model.lua
index b2db9db..f064536 100644
--- a/app/acf-util/roles-model.lua
+++ b/app/acf-util/roles-model.lua
@@ -2,7 +2,7 @@
module (..., package.seeall)
require("modelfunctions")
-auth = require("authenticator-plaintext")
+require("authenticator")
require("roles")
local get_all_permissions = function(self)
@@ -26,7 +26,7 @@ end
-- Return roles/permissions for specified user
get_user_roles = function(self, userid)
- rls = cfe({ type="list", value=auth.get_userinfo_roles(self, userid), label="Roles" })
+ rls = cfe({ type="list", value=authenticator.get_userinfo_roles(self, userid).value, label="Roles" })
permissions = cfe({ type="table", value=roles.get_roles_perm(self.conf.appdir, rls.value), label="Permissions" })
return cfe({ type="group", value={roles=rls, permissions=permissions} })
end
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-18 10:23:05 +0000