From 0ca336d467a228abb651e24ba7cf90c0bf4623fd Mon Sep 17 00:00:00 2001 From: jvelilla Date: Wed, 6 Jan 2016 21:29:21 -0300 Subject: [PATCH] Updated templates Replaced hardcoded name "ROC CMS" for placeholder $sitename, and missing href's with $host. Renamed database script and database table for temporal users. Renamed CMS_AUTH_API AS CMS_USER_TEMP_API. Revert design to use CMS_TEMPORAL_USER and clean CMS_USER. Refactor rename cms_auth_storage_* classes to CMS_TEMPORAL_USER_STORAGE_* Added Pending Registrations to the admin menu to show the list of pending registrarions added CSS to display temporal users --- .../demo/site/modules/auth/files/css/auth.css | 22 +++ .../mail_templates/account_activation.html | 4 +- .../account_activation_confirmation.html | 6 +- .../mail_templates/account_new_password.html | 4 +- .../mail_templates/account_re_activation.html | 4 +- .../auth/mail_templates/account_rejected.html | 6 +- .../auth/mail_templates/account_welcome.html | 4 +- ...ion.html => admin_account_evaluation.html} | 8 +- .../modules/auth/scripts/auth_temp_users.tpl | 13 ++ .../auth/templates/block_post_reactivate.tpl | 2 +- .../auth/templates/block_post_register.tpl | 2 +- .../modules/auth/templates/block_register.tpl | 6 +- library/model/src/user/cms_user.e | 24 --- modules/auth/cms_auth_api.e | 93 --------- ..._authentication_email_service_parameters.e | 48 ++--- modules/auth/cms_authentication_module.e | 143 +++++++++++--- .../auth/cms_authenticaton_email_service.e | 42 +++-- modules/auth/cms_user_temp_api.e | 127 +++++++++++++ modules/auth/model/cms_temporal_user.e | 44 +++++ ...rage_i.e => cms_temporal_user_storage_i.e} | 33 +++- ...ull.e => cms_temporal_user_storage_null.e} | 30 ++- ..._sql.e => cms_temporal_user_storage_sql.e} | 177 +++++++++++++++--- modules/auth/site/files/css/auth.css | 22 +++ modules/auth/site/files/scss/auth.css | 22 +++ modules/auth/site/files/scss/auth.css.map | 7 + modules/auth/site/files/scss/auth.scss | 37 ++++ .../mail_templates/account_activation.html | 4 +- .../account_activation_confirmation.html | 6 +- .../mail_templates/account_new_password.html | 4 +- .../mail_templates/account_re_activation.html | 4 +- .../site/mail_templates/account_rejected.html | 6 +- .../site/mail_templates/account_welcome.html | 4 +- ...ion.html => admin_account_evaluation.html} | 8 +- modules/auth/site/scripts/auth_temp_users.tpl | 2 +- .../auth/site/templates/block_register.tpl | 6 +- modules/oauth20/cms_oauth_20_module.e | 2 +- modules/openid/cms_openid_module.e | 2 +- src/persistence/user/cms_user_storage_i.e | 6 - src/persistence/user/cms_user_storage_sql_i.e | 39 ---- src/service/user/cms_user_api.e | 20 -- 40 files changed, 717 insertions(+), 326 deletions(-) create mode 100644 examples/demo/site/modules/auth/files/css/auth.css rename examples/demo/site/modules/auth/mail_templates/{account_evaluation.html => admin_account_evaluation.html} (75%) create mode 100644 examples/demo/site/modules/auth/scripts/auth_temp_users.tpl delete mode 100644 modules/auth/cms_auth_api.e create mode 100644 modules/auth/cms_user_temp_api.e create mode 100644 modules/auth/model/cms_temporal_user.e rename modules/auth/persistence/{cms_auth_storage_i.e => cms_temporal_user_storage_i.e} (66%) rename modules/auth/persistence/{cms_auth_storage_null.e => cms_temporal_user_storage_null.e} (57%) rename modules/auth/persistence/{cms_auth_storage_sql.e => cms_temporal_user_storage_sql.e} (54%) create mode 100644 modules/auth/site/files/css/auth.css create mode 100644 modules/auth/site/files/scss/auth.css create mode 100644 modules/auth/site/files/scss/auth.css.map create mode 100644 modules/auth/site/files/scss/auth.scss rename modules/auth/site/mail_templates/{account_evaluation.html => admin_account_evaluation.html} (75%) diff --git a/examples/demo/site/modules/auth/files/css/auth.css b/examples/demo/site/modules/auth/files/css/auth.css new file mode 100644 index 0000000..27984a9 --- /dev/null +++ b/examples/demo/site/modules/auth/files/css/auth.css @@ -0,0 +1,22 @@ +ul.cms-temp-users { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before { + content: "[personal information] "; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before { + content: "[email] "; } + +/*# sourceMappingURL=auth.css.map */ diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation.html b/examples/demo/site/modules/auth/mail_templates/account_activation.html index 0d404a0..f85597a 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_activation.html +++ b/examples/demo/site/modules/auth/mail_templates/account_activation.html @@ -4,11 +4,11 @@ Activation - + -

Thank you for applying to ROC CMS $user

+

Thank you for applying to $sitename $user

We will review your application and send you a resolution

\ No newline at end of file diff --git a/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html index efc5087..b185ad5 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html +++ b/examples/demo/site/modules/auth/mail_templates/account_activation_confirmation.html @@ -2,13 +2,13 @@ - Activation + Activation Confirmation - + -

Your account has been confirmed ROC CMS

+

Your account has been confirmed $sitename $email

Thank you for joining us.

\ No newline at end of file diff --git a/examples/demo/site/modules/auth/mail_templates/account_new_password.html b/examples/demo/site/modules/auth/mail_templates/account_new_password.html index ad2792d..0ad6560 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_new_password.html +++ b/examples/demo/site/modules/auth/mail_templates/account_new_password.html @@ -4,11 +4,11 @@ New Password - + -

You have required a new password at ROC CMS

+

You have required a new password at $sitename

To complete your request, please click on this link to genereate a new password:

diff --git a/examples/demo/site/modules/auth/mail_templates/account_re_activation.html b/examples/demo/site/modules/auth/mail_templates/account_re_activation.html index 3590804..fe3403c 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_re_activation.html +++ b/examples/demo/site/modules/auth/mail_templates/account_re_activation.html @@ -4,11 +4,11 @@ New Activation - + -

You have request a new activation token at ROC CMS

+

You have request a new activation token at $sitename

To complete your registration, please click on this link to activate your account:

diff --git a/examples/demo/site/modules/auth/mail_templates/account_rejected.html b/examples/demo/site/modules/auth/mail_templates/account_rejected.html index 9cefb80..e4811a2 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_rejected.html +++ b/examples/demo/site/modules/auth/mail_templates/account_rejected.html @@ -2,12 +2,12 @@ - New Activation + Application Rejected - + -

You requested has been rejected, your application does not conform our rules ROC CMS

+

You requested has been rejected, your application does not conform our rules $sitename

\ No newline at end of file diff --git a/examples/demo/site/modules/auth/mail_templates/account_welcome.html b/examples/demo/site/modules/auth/mail_templates/account_welcome.html index facecee..b2b8d04 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_welcome.html +++ b/examples/demo/site/modules/auth/mail_templates/account_welcome.html @@ -4,10 +4,10 @@ Welcome - + -

Welcome toROC CMS

+

Welcome to$sitename

Thank you for joining us.

diff --git a/examples/demo/site/modules/auth/mail_templates/account_evaluation.html b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html similarity index 75% rename from examples/demo/site/modules/auth/mail_templates/account_evaluation.html rename to examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html index 002292d..e626446 100644 --- a/examples/demo/site/modules/auth/mail_templates/account_evaluation.html +++ b/examples/demo/site/modules/auth/mail_templates/admin_account_evaluation.html @@ -4,12 +4,12 @@ Account Evaluation - +

Account Evaluation

-

The user $user ($email) wants to register to the site ROC CMS

+

The user $user ($email) wants to register to the site $sitename

This is his/her application.

$application

@@ -17,10 +17,10 @@

To complete the registration, please click on the following link to activate the user account:

-

$activate

+

$activation_url

To reject the registration, please click on the following link

-

$reject

+

$rejection_url

diff --git a/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl b/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl new file mode 100644 index 0000000..d06c641 --- /dev/null +++ b/examples/demo/site/modules/auth/scripts/auth_temp_users.tpl @@ -0,0 +1,13 @@ + +DROP TABLE IF EXISTS "auth_temp_users"; +CREATE TABLE `auth_temp_users` ( + `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL, + `name` VARCHAR(100) NOT NULL, + `password` VARCHAR(100) NOT NULL, + `salt` VARCHAR(100) NOT NULL, + `email` VARCHAR(250) NOT NULL, + `application` TEXT NOT NULL, + CONSTRAINT `name` + UNIQUE(`name`) +); + diff --git a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl index 4142cd3..c76cbb5 100644 --- a/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl +++ b/examples/demo/site/modules/auth/templates/block_post_reactivate.tpl @@ -1,3 +1,3 @@
-

We have send an email to the administrator, with a new activation code to activate the user account.

+

Thanks for your application, we will review it to activate your account.

diff --git a/examples/demo/site/modules/auth/templates/block_post_register.tpl b/examples/demo/site/modules/auth/templates/block_post_register.tpl index 390c6b4..c76cbb5 100644 --- a/examples/demo/site/modules/auth/templates/block_post_register.tpl +++ b/examples/demo/site/modules/auth/templates/block_post_register.tpl @@ -1,3 +1,3 @@
-

You have requested an account, we will let you know when you application is approved or rejected.

+

Thanks for your application, we will review it to activate your account.

diff --git a/examples/demo/site/modules/auth/templates/block_register.tpl b/examples/demo/site/modules/auth/templates/block_register.tpl index e55b7b1..39104ef 100644 --- a/examples/demo/site/modules/auth/templates/block_register.tpl +++ b/examples/demo/site/modules/auth/templates/block_register.tpl @@ -21,10 +21,10 @@ {/if}
- - + {if isset="$error_application"} {$error_application/}
{/if} diff --git a/library/model/src/user/cms_user.e b/library/model/src/user/cms_user.e index 7879fcc..1a57cdd 100644 --- a/library/model/src/user/cms_user.e +++ b/library/model/src/user/cms_user.e @@ -80,12 +80,6 @@ feature -- Access -- active -- trashed - application: detachable STRING_32 - -- User application - - salt: detachable STRING_32 - -- User's password salt. - feature -- Access: helper utf_8_name: STRING_8 @@ -225,24 +219,6 @@ feature -- Change element set_last_login_date (create {DATE_TIME}.make_now_utc) end - feature -- Element change - - set_application (an_application: like application) - -- Assign `application' with `an_application'. - do - application := an_application - ensure - application_assigned: application = an_application - end - - set_salt (a_salt: like salt) - -- Assign `salt' with `a_salt'. - do - salt := a_salt - ensure - salt_assigned: salt = a_salt - end - feature -- Element change: roles set_roles (lst: like roles) diff --git a/modules/auth/cms_auth_api.e b/modules/auth/cms_auth_api.e deleted file mode 100644 index f4420c8..0000000 --- a/modules/auth/cms_auth_api.e +++ /dev/null @@ -1,93 +0,0 @@ -note - description: "Summary description for {CMS_AUTH_API}." - author: "" - date: "$Date$" - revision: "$Revision$" - -class - CMS_AUTH_API - -inherit - CMS_MODULE_API - - REFACTORING_HELPER - -create {CMS_AUTHENTICATION_MODULE} - make_with_storage - -feature {NONE} -- Initialization - - make_with_storage (a_api: CMS_API; a_auth_storage: CMS_AUTH_STORAGE_I) - -- Create an object with api `a_api' and storage `a_auth_storage'. - do - auth_storage := a_auth_storage - make (a_api) - ensure - auht_storage_set: auth_storage = a_auth_storage - end - -feature -- Access - - user_by_name (a_username: READABLE_STRING_32): detachable CMS_USER - -- User by name `a_user_name', if any. - do - Result := auth_storage.user_by_name (a_username) - end - - user_by_email (a_email: READABLE_STRING_32): detachable CMS_USER - -- User by email `a_email', if any. - do - Result := auth_storage.user_by_email (a_email) - end - - user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER - -- User by activation token `a_token'. - do - Result := auth_storage.user_by_activation_token (a_token) - end - - -feature -- Temp User - - new_temp_user (a_user: CMS_USER) - -- Add a new user `a_user'. - require - no_id: not a_user.has_id - no_hashed_password: a_user.hashed_password = Void - do - reset_error - if - attached a_user.password as l_password and then - attached a_user.email as l_email - then - auth_storage.new_temp_user (a_user) - error_handler.append (storage.error_handler) - else - error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!") - end - end - - remove_activation (a_token: READABLE_STRING_32) - -- Remove activation token `a_token', from the storage. - do - auth_storage.remove_activation (a_token) - end - - delete_user (a_user: CMS_USER) - -- Delete user `a_user'. - require - has_id: a_user.has_id - do - reset_error - auth_storage.delete_user (a_user) - error_handler.append (storage.error_handler) - end - -feature {CMS_MODULE} -- Access: User auth storage. - - auth_storage: CMS_AUTH_STORAGE_I - -- storage interface. - -feature -- Access: User Temp - -end diff --git a/modules/auth/cms_authentication_email_service_parameters.e b/modules/auth/cms_authentication_email_service_parameters.e index d340cf5..efcf557 100644 --- a/modules/auth/cms_authentication_email_service_parameters.e +++ b/modules/auth/cms_authentication_email_service_parameters.e @@ -17,18 +17,17 @@ feature {NONE} -- Initialization make (a_cms_api: CMS_API) local utf: UTF_CONVERTER - l_site_name: READABLE_STRING_8 s: detachable READABLE_STRING_32 l_contact_email, l_subject_register, l_subject_activate, l_subject_password, l_subject_oauth: detachable READABLE_STRING_8 do cms_api := a_cms_api -- Use global smtp setting if any, otherwise "localhost" smtp_server := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.text_item_or_default ("smtp", "localhost")) - l_site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name) + site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name) admin_email := a_cms_api.setup.site_email if not admin_email.has ('<') then - admin_email := l_site_name + " <" + admin_email +">" + admin_email := site_name + " <" + admin_email +">" end if attached {CONFIG_READER} a_cms_api.module_configuration_by_name ({CMS_AUTHENTICATION_MODULE}.name, Void) as cfg then @@ -60,7 +59,7 @@ feature {NONE} -- Initialization end if l_contact_email /= Void then if not l_contact_email.has ('<') then - l_contact_email := l_site_name + " <" + l_contact_email + ">" + l_contact_email := site_name + " <" + l_contact_email + ">" end contact_email := l_contact_email else @@ -95,6 +94,8 @@ feature {NONE} -- Initialization contact_subject_activated := "Your account was activated" end + + feature -- Access cms_api: CMS_API @@ -106,6 +107,9 @@ feature -- Access contact_email: IMMUTABLE_STRING_8 -- Contact email. + site_name: IMMUTABLE_STRING_8 + -- Site name. + contact_subject_account_evaluation: IMMUTABLE_STRING_8 contact_subject_register: IMMUTABLE_STRING_8 contact_subject_activate: IMMUTABLE_STRING_8 @@ -118,7 +122,7 @@ feature -- Access account_evaluation: STRING -- Account evaluation template email message. do - Result := template_string ("account_evaluation.html", default_template_account_evaluation) + Result := template_string ("admin_account_evaluation.html", default_template_account_evaluation) end account_activation: STRING @@ -211,12 +215,12 @@ feature {NONE} -- Message email Account Evaluation - +

Account Evaluation

-

The user $user ($email) wants to register to the site

+

The user $user ($email) wants to register to the site $sitename

This is his/her application.

$application

@@ -224,11 +228,11 @@ feature {NONE} -- Message email

To complete the registration, please click on the following link to activate the user account:

-

$activate

+

$activation_url

To reject the registration, please click on the following link

-

$reject

+

$rejection_url

]" @@ -241,11 +245,11 @@ feature {NONE} -- Message email Activation - + -

Thank you for applying to ROC CMS $user

+

Thank you for applying to $sitename $user

We will review your application and send you an email

Thank you for joining us.

@@ -261,11 +265,11 @@ feature {NONE} -- Message email Activation - + -

Your account has been confirmed ROC CMS $email

+

Your account has been confirmed $sitename $email

Thank you for joining us.

@@ -277,13 +281,13 @@ feature {NONE} -- Message email - New Activation + Application Rejected - + -

You requested has been rejected, your application does not conform our rules ROC CMS

+

You requested has been rejected, your application does not conform our rules $sitename

]" @@ -295,11 +299,11 @@ feature {NONE} -- Message email New Activation - + -

You have requested a new activation token at ROC CMS

+

You have requested a new activation token at $sitename

To complete your registration, please click on the following link to activate your account:

@@ -318,11 +322,11 @@ feature {NONE} -- Message email New Password - + -

You have required a new password at ROC CMS

+

You have required a new password at $sitename

To complete your request, please click on this link to generate a new password:

@@ -339,11 +343,11 @@ feature {NONE} -- Message email Welcome - + -

Welcome toROC CMS

+

Welcome to$sitename

Thank you for joining us.

diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e index 156b0ef..76cd1d5 100644 --- a/modules/auth/cms_authentication_module.e +++ b/modules/auth/cms_authentication_module.e @@ -91,16 +91,16 @@ feature {CMS_API} -- Module Initialization -- local l_auth_api: like auth_api - l_user_auth_storage: CMS_AUTH_STORAGE_I + l_user_auth_storage: CMS_TEMPORAL_USER_STORAGE_I do Precursor (a_api) -- Storage initialization if attached a_api.storage.as_sql_storage as l_storage_sql then - create {CMS_AUTH_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql) + create {CMS_TEMPORAL_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql) else -- FIXME: in case of NULL storage, should Current be disabled? - create {CMS_AUTH_STORAGE_NULL} l_user_auth_storage + create {CMS_TEMPORAL_USER_STORAGE_NULL} l_user_auth_storage end -- API initialization @@ -114,7 +114,7 @@ feature {CMS_API} -- Module Initialization do -- Schema if attached api.storage.as_sql_storage as l_sql_storage then - if not l_sql_storage.sql_table_exists ("auth_temp_user") then + if not l_sql_storage.sql_table_exists ("auth_temp_users") then --| Schema l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void) if l_sql_storage.has_error then @@ -128,7 +128,7 @@ feature {CMS_API} -- Module Initialization feature {CMS_API} -- Access: API - auth_api: detachable CMS_AUTH_API + auth_api: detachable CMS_USER_TEMP_API -- feature -- Router @@ -252,7 +252,7 @@ feature -- Handler local r: CMS_RESPONSE l_user_api: CMS_USER_API - u: CMS_USER + u: CMS_TEMPORAL_USER l_exist: BOOLEAN es: CMS_AUTHENTICATON_EMAIL_SERVICE l_url_activate: STRING @@ -263,7 +263,7 @@ feature -- Handler create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) if r.has_permission ("account register") and then attached auth_api as l_auth_api then if req.is_post_request_method then - if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("application") as l_application then + if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("personal_information") as l_personal_information then l_user_api := api.user_api if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then -- Username already exist. @@ -292,7 +292,7 @@ feature -- Handler create u.make (l_name.value) u.set_email (l_email.value) u.set_password (l_password.value) - u.set_application (l_application.value) + u.set_personal_information (l_personal_information.value) l_auth_api.new_temp_user (u) -- Create activation token @@ -304,16 +304,16 @@ feature -- Handler -- Send Email to webmaster create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_register_email") - es.send_account_evaluation (u, l_application.value, l_url_activate, l_url_reject) + es.send_account_evaluation (u, l_personal_information.value, l_url_activate, l_url_reject, req.absolute_script_url ("")) -- Send Email to user create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_contact_email") - es.send_contact_email (l_email.value, l_name.value) + es.send_contact_email (l_email.value, l_name.value, req.absolute_script_url ("")) else r.set_value (l_name.value, "name") r.set_value (l_email.value, "email") - r.set_value (l_application.value, "application") + r.set_value (l_personal_information.value, "personal_information") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -337,21 +337,26 @@ feature -- Handler create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) if r.has_permission ("account activate") then if attached {WSF_STRING} req.path_parameter ("token") as l_token then - if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then + if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then + + -- TODO copy the personal information + --! to CMS_USER_PROFILE and persist data + --! check also CMS_USER.data_items + -- Delete temporal User - l_auth_api.delete_user (l_user) + l_auth_api.delete_temporary_user (l_user) -- Valid user_id l_user.set_id (0) l_user.mark_active - l_user_api.new_user_from_temporal_user (l_user) + l_auth_api.new_user_from_temporal_user (l_user) l_auth_api.remove_activation (l_token.value) r.set_main_content ("

The account " + l_user.name + " has been activated

") -- Send Email if attached l_user.email as l_email then create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email") - es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url ("")) + es.send_contact_activation_confirmation_email (l_email, "", req.absolute_script_url ("")) end else -- the token does not exist, or it was already used. @@ -376,7 +381,6 @@ feature -- Handler handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) local r: CMS_RESPONSE - l_user_api: CMS_USER_API l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE es: CMS_AUTHENTICATON_EMAIL_SERVICE do @@ -385,13 +389,13 @@ feature -- Handler if r.has_permission ("account reject") then if attached {WSF_STRING} req.path_parameter ("token") as l_token then if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then - l_auth_api.delete_user (l_user) + l_auth_api.delete_temporary_user (l_user) r.set_main_content ("

The temporal account for " + l_user.name + " has been removed

") -- Send Email if attached l_user.email as l_email then create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_contact_activation_reject_email") - es.send_contact_activation_reject_email (l_email, req.absolute_script_url ("")) + es.send_contact_activation_reject_email (l_email, "", req.absolute_script_url ("")) end else -- the token does not exist, or it was already used. @@ -428,7 +432,7 @@ feature -- Handler if req.is_post_request_method then if attached {WSF_STRING} req.form_parameter ("email") as l_email then l_user_api := api.user_api - if attached {CMS_USER} l_auth_api.user_by_email (l_email.value) as l_user then + if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then -- User exist create a new token and send a new email. if l_user.is_active then r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active") @@ -440,10 +444,10 @@ feature -- Handler l_url_reject := req.absolute_script_url ("/account/reject/" + l_token) -- Send Email to webmaster - if attached l_user.application as l_application then + if attached l_user.personal_information as l_personal_information then create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_register_email") - es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject) + es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url ("")) end end else @@ -484,7 +488,7 @@ feature -- Handler -- Send Email create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_contact_password_email") - es.send_contact_password_email (l_email.value, l_url) + es.send_contact_password_email (l_email.value, l_url, req.absolute_script_url ("")) else r.set_value ("The email does not exist !", "error_email") r.set_value (l_email.value, "email") @@ -500,7 +504,7 @@ feature -- Handler -- Send Email create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle register: send_contact_password_email") - es.send_contact_password_email (l_email, l_url) + es.send_contact_password_email (l_email, l_url, req.absolute_script_url ("")) else r.set_value ("The username does not exist !", "error_username") r.set_value (l_username.value, "username") @@ -587,13 +591,95 @@ feature -- Handler handle_admin_pending_registrations (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API) local - l_page: CMS_RESPONSE - lnk: CMS_LOCAL_LINK + l_response: CMS_RESPONSE + s: STRING + u: CMS_TEMPORAL_USER + l_page_helper: CMS_PAGINATION_GENERATOR + s_pager: STRING + l_count: INTEGER do - create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api) - l_page.execute + -- At the moment the template are hardcoded, but we can + -- get them from the configuration file and load them into + -- the setup class. + + create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api) + if + l_response.has_permission ("admin registration") and then + attached auth_api as l_auth_api + then + + l_count := l_auth_api.users_count + + create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api) + + create s.make_empty + if l_count > 1 then + l_response.set_title ("Listing " + l_count.out + " Pending Registrations") + else + l_response.set_title ("Listing " + l_count.out + " Pending Registration") + end + + create s_pager.make_empty + create l_page_helper.make ("admin/pending-registrations/?page={page}&size={size}", l_auth_api.users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings + l_page_helper.get_setting_from_request (req) + if l_page_helper.has_upper_limit and then l_page_helper.pages_count > 1 then + l_page_helper.append_to_html (l_response, s_pager) + if l_page_helper.page_size > 25 then + s.append (s_pager) + end + end + + if attached l_auth_api.recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then + s.append ("
    %N") + across + lst as ic + loop + u := ic.item + s.append ("
  • ") + s.append ("User:" + u.name) + s.append ("%N") + s.append ("
    • %N") + end + s.append ("
%N") + end + -- Again the pager at the bottom, if needed + s.append (s_pager) + + l_response.set_main_content (s) + l_response.execute + else + l_response.execute + end end + block_list: ITERABLE [like {CMS_BLOCK}.name] local l_string: STRING @@ -821,7 +907,6 @@ feature {NONE} -- Block views get_block_view_registration (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) do - -- TODO finish end feature -- Recaptcha @@ -855,8 +940,8 @@ feature -- Response Alter response_alter (a_response: CMS_RESPONSE) do a_response.add_javascript_url ("https://www.google.com/recaptcha/api.js") + a_response.add_style (a_response.url ("/module/" + name + "/files/css/auth.css", Void), Void) end - feature {NONE} -- Implementation is_captcha_verified (a_secret, a_response: READABLE_STRING_8): BOOLEAN diff --git a/modules/auth/cms_authenticaton_email_service.e b/modules/auth/cms_authenticaton_email_service.e index bd28c4f..ea4fd0b 100644 --- a/modules/auth/cms_authenticaton_email_service.e +++ b/modules/auth/cms_authenticaton_email_service.e @@ -34,12 +34,14 @@ feature -- Access feature -- Basic Operations - send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject: READABLE_STRING_8) + send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject, a_host: READABLE_STRING_8) -- Send new user register to webmaster to confirm or reject itt. local l_message: STRING do create l_message.make_from_string (parameters.account_evaluation) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$user", a_user.name) if attached a_user.email as l_email then l_message.replace_substring_all ("$email", l_email) @@ -47,13 +49,13 @@ feature -- Basic Operations l_message.replace_substring_all ("$email", "unknown email") end l_message.replace_substring_all ("$application", a_application) - l_message.replace_substring_all ("$activate", a_url_activate) - l_message.replace_substring_all ("$reject", a_url_reject) + l_message.replace_substring_all ("$activation_url", a_url_activate) + l_message.replace_substring_all ("$rejection_url", a_url_reject) send_message (contact_email, contact_email, parameters.contact_subject_account_evaluation, l_message) end - send_contact_email (a_to, a_user: READABLE_STRING_8) + send_contact_email (a_to, a_user, a_host: READABLE_STRING_8) -- Send successful contact message to `a_to'. require attached_to: a_to /= Void @@ -61,71 +63,83 @@ feature -- Basic Operations l_message: STRING do create l_message.make_from_string (parameters.account_activation) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$user", a_user) send_message (contact_email, a_to, parameters.contact_subject_register, l_message) end - send_contact_activation_email (a_to, a_content: READABLE_STRING_8) - -- Send successful contact message `a_token' to `a_to'. + send_contact_activation_email (a_to, a_content, a_host: READABLE_STRING_8) + -- Send successful contact activation message to `a_to'. require attached_to: a_to /= Void local l_message: STRING do create l_message.make_from_string (parameters.account_re_activation) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$link", a_content) send_message (contact_email, a_to, parameters.contact_subject_activate, l_message) end - send_contact_activation_confirmation_email (a_to, a_content: READABLE_STRING_8) - -- Send successful contact activation to a_to. + send_contact_activation_confirmation_email (a_to, a_content, a_host: READABLE_STRING_8) + -- Send successful message activation to a_to. require attached_to: a_to /= Void local l_message: STRING do create l_message.make_from_string (parameters.account_activation_confirmation) + l_message.replace_substring_all ("$hot", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$email", a_content) send_message (contact_email, a_to, parameters.contact_subject_activated, l_message) end - send_contact_activation_reject_email (a_to, a_content: READABLE_STRING_8) - -- Send successful contact activation reject to `a_to'. + send_contact_activation_reject_email (a_to, a_content, a_host: READABLE_STRING_8) + -- Send successful contact activation reject message to `a_to'. require attached_to: a_to /= Void local l_message: STRING do create l_message.make_from_string (parameters.account_rejected) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$link", a_content) send_message (contact_email, a_to, parameters.contact_subject_rejected, l_message) end - send_contact_password_email (a_to, a_content: READABLE_STRING_8) - -- Send successful contact message `a_token' to `a_to'. + send_contact_password_email (a_to, a_content, a_host: READABLE_STRING_8) + -- Send successful new account password message to `a_to'. require attached_to: a_to /= Void local l_message: STRING do create l_message.make_from_string (parameters.account_password) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitename", parameters.site_name) l_message.replace_substring_all ("$link", a_content) send_message (contact_email, a_to, parameters.contact_subject_password, l_message) end - send_contact_welcome_email (a_to, a_content: READABLE_STRING_8) - -- Send successful contact message `a_token' to `a_to'. + send_contact_welcome_email (a_to, a_content, a_host: READABLE_STRING_8) + -- Send successful welcome message to `a_to'. require attached_to: a_to /= Void local l_message: STRING do create l_message.make_from_string (parameters.account_welcome) + l_message.replace_substring_all ("$host", a_host) + l_message.replace_substring_all ("$sitenme", parameters.site_name) l_message.replace_substring_all ("$link", a_content) send_message (contact_email, a_to, parameters.contact_subject_oauth, l_message) end diff --git a/modules/auth/cms_user_temp_api.e b/modules/auth/cms_user_temp_api.e new file mode 100644 index 0000000..94831a6 --- /dev/null +++ b/modules/auth/cms_user_temp_api.e @@ -0,0 +1,127 @@ +note + description: "API to handle temporal users" + date: "$Date$" + revision: "$Revision$" + +class + CMS_USER_TEMP_API + +inherit + CMS_MODULE_API + + REFACTORING_HELPER + +create {CMS_AUTHENTICATION_MODULE} + make_with_storage + +feature {NONE} -- Initialization + + make_with_storage (a_api: CMS_API; a_auth_storage: CMS_TEMPORAL_USER_STORAGE_I) + -- Create an object with api `a_api' and storage `a_auth_storage'. + do + auth_storage := a_auth_storage + make (a_api) + ensure + auth_storage_set: auth_storage = a_auth_storage + end + +feature -- Access + + users_count: INTEGER + -- Number of pending users. + --! to be accepted or rehected + do + Result := auth_storage.users_count + end + + user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_USER + -- User by name `a_user_name', if any. + do + Result := auth_storage.user_by_name (a_username.as_string_32) + end + + user_by_email (a_email: READABLE_STRING_8): detachable CMS_USER + -- User by email `a_email', if any. + do + Result := auth_storage.user_by_email (a_email) + end + + user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER + -- User by activation token `a_token'. + do + Result := auth_storage.user_by_activation_token (a_token) + end + + recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_TEMPORAL_USER] + -- List of the `a_rows' most recent users starting from `a_offset'. + do + Result := auth_storage.recent_users (params.offset.to_integer_32, params.size.to_integer_32) + end + + token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING + do + Result := auth_storage.token_by_user_id (a_id) + end + +feature -- Temp User + + new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER) + -- Add a new user `a_user'. + require + no_id: not a_user.has_id + has_hashed_password: a_user.hashed_password /= Void + has_sal: a_user.salt /= Void + do + reset_error + if + attached a_user.hashed_password as l_password and then + attached a_user.salt as l_salt and then + attached a_user.email as l_email + then + auth_storage.new_user_from_temporal_user (a_user) + error_handler.append (storage.error_handler) + else + error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!") + end + end + + new_temp_user (a_user: CMS_TEMPORAL_USER) + -- Add a new user `a_user'. + require + no_id: not a_user.has_id + no_hashed_password: a_user.hashed_password = Void + do + reset_error + if + attached a_user.password as l_password and then + attached a_user.email as l_email + then + auth_storage.new_temp_user (a_user) + error_handler.append (storage.error_handler) + else + error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!") + end + end + + remove_activation (a_token: READABLE_STRING_32) + -- Remove activation token `a_token', from the storage. + do + auth_storage.remove_activation (a_token) + end + + delete_temporary_user (a_user: CMS_USER) + -- Delete user `a_user'. + require + has_id: a_user.has_id + do + reset_error + auth_storage.delete_user (a_user) + error_handler.append (storage.error_handler) + end + +feature {CMS_MODULE} -- Access: User auth storage. + + auth_storage: CMS_TEMPORAL_USER_STORAGE_I + -- storage interface. + +end diff --git a/modules/auth/model/cms_temporal_user.e b/modules/auth/model/cms_temporal_user.e new file mode 100644 index 0000000..b2605a3 --- /dev/null +++ b/modules/auth/model/cms_temporal_user.e @@ -0,0 +1,44 @@ +note + description: "Summary description for {CMS_TEMPORAL_USER}." + date: "$Date$" + revision: "$Revision$" + +class + CMS_TEMPORAL_USER + +inherit + + CMS_USER + +create + make, + make_with_id + +feature -- Access + + personal_information: detachable STRING_32 + -- User personal information. + + salt: detachable STRING_32 + -- User's password salt. + + +feature -- Element change + + set_personal_information (an_personal_information: like personal_information) + -- Assign `personal_information' with `an_personal_information'. + do + personal_information := an_personal_information + ensure + personal_information_assigned: personal_information = an_personal_information + end + + set_salt (a_salt: like salt) + -- Assign `salt' with `a_salt'. + do + salt := a_salt + ensure + salt_assigned: salt = a_salt + end + +end diff --git a/modules/auth/persistence/cms_auth_storage_i.e b/modules/auth/persistence/cms_temporal_user_storage_i.e similarity index 66% rename from modules/auth/persistence/cms_auth_storage_i.e rename to modules/auth/persistence/cms_temporal_user_storage_i.e index e6ba77e..6b2f43a 100644 --- a/modules/auth/persistence/cms_auth_storage_i.e +++ b/modules/auth/persistence/cms_temporal_user_storage_i.e @@ -1,12 +1,12 @@ note description: "[ - API to handle OAUTH storage + API to handle temporal User storage ]" date: "$Date$" revision: "$Revision$" deferred class - CMS_AUTH_STORAGE_I + CMS_TEMPORAL_USER_STORAGE_I inherit SHARED_LOGGER @@ -20,8 +20,14 @@ feature -- Error Handling feature -- Access: Users + users_count: INTEGER + -- Number of pending users + --! to be accepted or rejected + deferred + end + user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER - -- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby. + -- Retrieve a temporal user by id `a_uid' for the consumer `a_consumer', if aby. deferred end @@ -51,14 +57,33 @@ feature -- Access: Users password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void) end + recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER] + -- List of recent `a_count' temporal users with an offset of `lower'. + deferred + end + + + token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING + -- Retrieve activation token for user identified with id `a_id', if any. + deferred + end + + feature -- New Temp User + new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER) + -- new user from temporal user `a_user' + require + no_id: not a_user.has_id + deferred + end + remove_activation (a_token: READABLE_STRING_32) -- Remove activation by token `a_token'. deferred end - new_temp_user (a_user: CMS_USER) + new_temp_user (a_user: CMS_TEMPORAL_USER) -- New temp user `a_user'. require no_id: not a_user.has_id diff --git a/modules/auth/persistence/cms_auth_storage_null.e b/modules/auth/persistence/cms_temporal_user_storage_null.e similarity index 57% rename from modules/auth/persistence/cms_auth_storage_null.e rename to modules/auth/persistence/cms_temporal_user_storage_null.e index 18abc06..39292ca 100644 --- a/modules/auth/persistence/cms_auth_storage_null.e +++ b/modules/auth/persistence/cms_temporal_user_storage_null.e @@ -1,14 +1,14 @@ note - description: "Summary description for {CMS_AUTH_STORAGE_NULL}." + description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_NULL}." date: "$Date$" revision: "$Revision$" class - CMS_AUTH_STORAGE_NULL + CMS_TEMPORAL_USER_STORAGE_NULL inherit - CMS_AUTH_STORAGE_I + CMS_TEMPORAL_USER_STORAGE_I feature -- Error handler @@ -21,6 +21,11 @@ feature -- Error handler feature -- Access: Users + users_count: INTEGER + -- + do + end + user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER -- do @@ -41,14 +46,31 @@ feature -- Access: Users do end + recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER] + -- List of recent `a_count' temporal users with an offset of `lower'. + do + create {ARRAYED_LIST[CMS_TEMPORAL_USER]} Result.make (0) + end + + token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING + -- + do + end + feature -- Temp Users + new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER) + -- + do + end + + remove_activation (a_token: READABLE_STRING_32) -- . do end - new_temp_user (a_user: CMS_USER) + new_temp_user (a_user: CMS_TEMPORAL_USER) -- do end diff --git a/modules/auth/persistence/cms_auth_storage_sql.e b/modules/auth/persistence/cms_temporal_user_storage_sql.e similarity index 54% rename from modules/auth/persistence/cms_auth_storage_sql.e rename to modules/auth/persistence/cms_temporal_user_storage_sql.e index 4707972..a6244ff 100644 --- a/modules/auth/persistence/cms_auth_storage_sql.e +++ b/modules/auth/persistence/cms_temporal_user_storage_sql.e @@ -1,13 +1,13 @@ note - description: "Summary description for {CMS_AUTH_STORAGE_SQL}." + description: "Summary description for {CMS_TEMPORAL_USER_STORAGE_SQL}." date: "$Date$" revision: "$Revision$" class - CMS_AUTH_STORAGE_SQL + CMS_TEMPORAL_USER_STORAGE_SQL inherit - CMS_AUTH_STORAGE_I + CMS_TEMPORAL_USER_STORAGE_I CMS_PROXY_STORAGE_SQL @@ -18,7 +18,22 @@ inherit create make -feature -- Access User Outh +feature -- Access User + + users_count: INTEGER + -- Number of items users. + do + error_handler.reset + write_information_log (generator + ".user_count") + + sql_query (select_temporal_users_count, Void) + if not has_error and then not sql_after then + Result := sql_read_integer_64 (1).to_integer_32 + sql_forth + check one_row: sql_after end + end + sql_finalize + end user_temp_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER @@ -98,10 +113,56 @@ feature -- Access User Outh sql_finalize end + recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMPORAL_USER] + -- + local + l_parameters: STRING_TABLE [detachable ANY] + do + create {ARRAYED_LIST [CMS_TEMPORAL_USER]} Result.make (0) + + error_handler.reset + write_information_log (generator + ".recent_users") + + from + create l_parameters.make (2) + l_parameters.put (a_count, "rows") + l_parameters.put (a_lower, "offset") + sql_query (sql_select_recent_users, l_parameters) + sql_start + until + sql_after + loop + if attached fetch_user as l_user then + Result.force (l_user) + end + sql_forth + end + sql_finalize + end + + token_by_user_id (a_id: like {CMS_USER}.id): detachable STRING + -- Number of items users. + local + l_parameters: STRING_TABLE [detachable ANY] + do + error_handler.reset + write_information_log (generator + ".token_by_user_id") + create l_parameters.make (1) + l_parameters.put (a_id, "uid") + + + sql_query (select_token_activation_by_user_id, l_parameters) + if not has_error and then not sql_after then + Result := sql_read_string (1) + sql_forth + check one_row: sql_after end + end + sql_finalize + end feature {NONE} -- Implementation: User - fetch_user: detachable CMS_USER + fetch_user: detachable CMS_TEMPORAL_USER local l_id: INTEGER_64 l_name: detachable READABLE_STRING_32 @@ -124,17 +185,16 @@ feature {NONE} -- Implementation: User if Result /= Void then if attached sql_read_string (3) as l_password then - -- FIXME: should we return the password here ??? Result.set_hashed_password (l_password) end if attached sql_read_string (4) as l_salt then - Result.set_email (l_salt) + Result.set_salt (l_salt) end if attached sql_read_string (5) as l_email then Result.set_email (l_email) end if attached sql_read_string (6) as l_application then - Result.set_application (l_application) + Result.set_personal_information (l_application) end else check expected_valid_user: False end @@ -142,9 +202,47 @@ feature {NONE} -- Implementation: User end -feature -- New Temp User +feature -- New Temp User - new_temp_user (a_user: CMS_USER) + new_user_from_temporal_user (a_user: CMS_TEMPORAL_USER) + -- + local + l_parameters: STRING_TABLE [detachable ANY] + do + error_handler.reset + if + attached a_user.hashed_password as l_password_hash and then + attached a_user.email as l_email and then + attached a_user.salt as l_password_salt + then + sql_begin_transaction + + write_information_log (generator + ".new_user") + create l_parameters.make (4) + l_parameters.put (a_user.name, "name") + l_parameters.put (l_password_hash, "password") + l_parameters.put (l_password_salt, "salt") + l_parameters.put (l_email, "email") + l_parameters.put (create {DATE_TIME}.make_now_utc, "created") + l_parameters.put (a_user.status, "status") + + sql_insert (sql_insert_user, l_parameters) + if not error_handler.has_error then + a_user.set_id (last_inserted_user_id) + end + if not error_handler.has_error then + sql_commit_transaction + else + sql_rollback_transaction + end + sql_finalize + else + -- set error + error_handler.add_custom_error (-1, "bad request" , "Missing password or email") + end + end + + new_temp_user (a_user: CMS_TEMPORAL_USER) -- Add a new temp_user `a_user'. local l_parameters: STRING_TABLE [detachable ANY] @@ -155,7 +253,7 @@ feature -- New Temp User if attached a_user.password as l_password and then attached a_user.email as l_email and then - attached a_user.application as l_application + attached a_user.personal_information as l_personal_information then create l_security @@ -168,12 +266,12 @@ feature -- New Temp User l_parameters.put (l_password_hash, "password") l_parameters.put (l_password_salt, "salt") l_parameters.put (l_email, "email") - l_parameters.put (l_application, "application") + l_parameters.put (l_personal_information, "application") sql_begin_transaction - sql_insert (sql_insert_user, l_parameters) + sql_insert (sql_insert_temp_user, l_parameters) if not error_handler.has_error then - a_user.set_id (last_inserted_user_id) + a_user.set_id (last_inserted_temp_user_id) sql_commit_transaction else sql_rollback_transaction @@ -213,18 +311,32 @@ feature -- Remove Activation write_information_log (generator + ".delete_user") create l_parameters.make (1) l_parameters.put (a_user.id, "uid") - sql_modify (sql_delete_user, l_parameters) + sql_modify (sql_delete_temp_user, l_parameters) sql_commit_transaction sql_finalize end feature {NONE} -- Implementation + last_inserted_temp_user_id: INTEGER_64 + -- Last insert user id. + do + error_handler.reset + write_information_log (generator + ".last_inserted_temp_user_id") + sql_query (sql_last_insert_temp_user_id, Void) + if not sql_after then + Result := sql_read_integer_64 (1) + sql_forth + check one_row: sql_after end + end + sql_finalize + end + last_inserted_user_id: INTEGER_64 -- Last insert user id. do error_handler.reset write_information_log (generator + ".last_inserted_user_id") - sql_query (Sql_last_insert_user_id, Void) + sql_query (sql_last_insert_user_id, Void) if not sql_after then Result := sql_read_integer_64 (1) sql_forth @@ -235,25 +347,42 @@ feature {NONE} -- Implementation feature {NONE} -- SQL select - Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_user;" - - Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user as u where uid=:uid;" + sql_last_insert_temp_user_id: STRING = "SELECT MAX(uid) FROM auth_temp_users;" - sql_insert_user: STRING = "INSERT INTO auth_temp_user (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);" + Select_user_auth_temp_by_id: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users as u where uid=:uid;" + + + sql_insert_temp_user: STRING = "INSERT INTO auth_temp_users (name, password, salt, email, application) VALUES (:name, :password, :salt, :email, :application);" -- SQL Insert to add a new user. - Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE name =:name;" + Select_user_by_name: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE name =:name;" -- Retrieve user by name if exists. - Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_user WHERE email =:email;" + Select_user_by_email: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users WHERE email =:email;" -- Retrieve user by email if exists. - Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_user as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;" + Select_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_users as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;" -- Retrieve user by activation token if exist. Sql_remove_activation: STRING = "DELETE FROM users_activations WHERE token = :token;" -- Remove activation token. - Sql_delete_user: STRING = "DELETE FROM auth_temp_user WHERE uid=:uid;" + sql_delete_temp_user: STRING = "DELETE FROM auth_temp_users WHERE uid=:uid;" + + + Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM users;" + + sql_insert_user: STRING = "INSERT INTO users (name, password, salt, email, created, status) VALUES (:name, :password, :salt, :email, :created, :status);" + -- SQL Insert to add a new user. + + + Select_temporal_users_count: STRING = "SELECT count(*) FROM auth_temp_users;" + -- Number of temporal users. + + Sql_select_recent_users: STRING = "SELECT uid, name, password, salt, email, application FROM auth_temp_users ORDER BY uid DESC LIMIT :rows OFFSET :offset ;" + -- Retrieve recent users + + select_token_activation_by_user_id: STRING = "SELECT token FROM users_activations WHERE uid = :uid;" + end diff --git a/modules/auth/site/files/css/auth.css b/modules/auth/site/files/css/auth.css new file mode 100644 index 0000000..27984a9 --- /dev/null +++ b/modules/auth/site/files/css/auth.css @@ -0,0 +1,22 @@ +ul.cms-temp-users { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before { + content: "[personal information] "; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before { + content: "[email] "; } + +/*# sourceMappingURL=auth.css.map */ diff --git a/modules/auth/site/files/scss/auth.css b/modules/auth/site/files/scss/auth.css new file mode 100644 index 0000000..27984a9 --- /dev/null +++ b/modules/auth/site/files/scss/auth.css @@ -0,0 +1,22 @@ +ul.cms-temp-users { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li { + border-top: dotted 1px #ccc; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li:first-child { + border-top: none; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_information::before { + content: "[personal information] "; } + ul.cms-temp-users li.cms_temp_user ul.cms_temp_user_details li.cms_temp_user_detail_email::before { + content: "[email] "; } + +/*# sourceMappingURL=auth.css.map */ diff --git a/modules/auth/site/files/scss/auth.css.map b/modules/auth/site/files/scss/auth.css.map new file mode 100644 index 0000000..670235d --- /dev/null +++ b/modules/auth/site/files/scss/auth.css.map @@ -0,0 +1,7 @@ +{ +"version": 3, +"mappings": "AAAA,iBAAkB;EAEjB,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,oBAAE;IACD,UAAU,EAAE,eAAe;IAC3B,gCAAc;MACb,UAAU,EAAE,IAAI;EAMjB,2DAAyB;IACxB,eAAe,EAAE,IAAI;IACrB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,cAAc;IAEtB,8DAAE;MACD,UAAU,EAAE,eAAe;MAC3B,0EAAc;QACb,UAAU,EAAE,IAAI;IAGlB,uGAA2C;MAC1C,OAAO,EAAE,yBAAyB;IAEnC,iGAAqC;MACpC,OAAO,EAAE,UAAU", +"sources": ["auth.scss"], +"names": [], +"file": "auth.css" +} diff --git a/modules/auth/site/files/scss/auth.scss b/modules/auth/site/files/scss/auth.scss new file mode 100644 index 0000000..38fe7b5 --- /dev/null +++ b/modules/auth/site/files/scss/auth.scss @@ -0,0 +1,37 @@ +ul.cms-temp-users { + + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; + + li{ + border-top: dotted 1px #ccc; + &:first-child { + border-top: none; + } + } + + li.cms_temp_user { + + ul.cms_temp_user_details { + list-style-type: none; + padding: 3px 3px 3px 3px; + border: solid 1px #ccc; + + li{ + border-top: dotted 1px #ccc; + &:first-child { + border-top: none; + } + } + li.cms_temp_user_detail_information::before{ + content: "[personal information] " + } + li.cms_temp_user_detail_email::before{ + content: "[email] " + } + } + } +} + + diff --git a/modules/auth/site/mail_templates/account_activation.html b/modules/auth/site/mail_templates/account_activation.html index 0d404a0..f85597a 100644 --- a/modules/auth/site/mail_templates/account_activation.html +++ b/modules/auth/site/mail_templates/account_activation.html @@ -4,11 +4,11 @@ Activation - + -

Thank you for applying to ROC CMS $user

+

Thank you for applying to $sitename $user

We will review your application and send you a resolution

\ No newline at end of file diff --git a/modules/auth/site/mail_templates/account_activation_confirmation.html b/modules/auth/site/mail_templates/account_activation_confirmation.html index 950fccf..b185ad5 100644 --- a/modules/auth/site/mail_templates/account_activation_confirmation.html +++ b/modules/auth/site/mail_templates/account_activation_confirmation.html @@ -2,13 +2,13 @@ - Activation + Activation Confirmation - + -

Your account has been confirmed ROC CMS $email

+

Your account has been confirmed $sitename $email

Thank you for joining us.

\ No newline at end of file diff --git a/modules/auth/site/mail_templates/account_new_password.html b/modules/auth/site/mail_templates/account_new_password.html index ad2792d..0ad6560 100644 --- a/modules/auth/site/mail_templates/account_new_password.html +++ b/modules/auth/site/mail_templates/account_new_password.html @@ -4,11 +4,11 @@ New Password - + -

You have required a new password at ROC CMS

+

You have required a new password at $sitename

To complete your request, please click on this link to genereate a new password:

diff --git a/modules/auth/site/mail_templates/account_re_activation.html b/modules/auth/site/mail_templates/account_re_activation.html index 3590804..fe3403c 100644 --- a/modules/auth/site/mail_templates/account_re_activation.html +++ b/modules/auth/site/mail_templates/account_re_activation.html @@ -4,11 +4,11 @@ New Activation - + -

You have request a new activation token at ROC CMS

+

You have request a new activation token at $sitename

To complete your registration, please click on this link to activate your account:

diff --git a/modules/auth/site/mail_templates/account_rejected.html b/modules/auth/site/mail_templates/account_rejected.html index 9cefb80..e4811a2 100644 --- a/modules/auth/site/mail_templates/account_rejected.html +++ b/modules/auth/site/mail_templates/account_rejected.html @@ -2,12 +2,12 @@ - New Activation + Application Rejected - + -

You requested has been rejected, your application does not conform our rules ROC CMS

+

You requested has been rejected, your application does not conform our rules $sitename

\ No newline at end of file diff --git a/modules/auth/site/mail_templates/account_welcome.html b/modules/auth/site/mail_templates/account_welcome.html index facecee..b2b8d04 100644 --- a/modules/auth/site/mail_templates/account_welcome.html +++ b/modules/auth/site/mail_templates/account_welcome.html @@ -4,10 +4,10 @@ Welcome - + -

Welcome toROC CMS

+

Welcome to$sitename

Thank you for joining us.

diff --git a/modules/auth/site/mail_templates/account_evaluation.html b/modules/auth/site/mail_templates/admin_account_evaluation.html similarity index 75% rename from modules/auth/site/mail_templates/account_evaluation.html rename to modules/auth/site/mail_templates/admin_account_evaluation.html index 002292d..e626446 100644 --- a/modules/auth/site/mail_templates/account_evaluation.html +++ b/modules/auth/site/mail_templates/admin_account_evaluation.html @@ -4,12 +4,12 @@ Account Evaluation - +

Account Evaluation

-

The user $user ($email) wants to register to the site ROC CMS

+

The user $user ($email) wants to register to the site $sitename

This is his/her application.

$application

@@ -17,10 +17,10 @@

To complete the registration, please click on the following link to activate the user account:

-

$activate

+

$activation_url

To reject the registration, please click on the following link

-

$reject

+

$rejection_url

diff --git a/modules/auth/site/scripts/auth_temp_users.tpl b/modules/auth/site/scripts/auth_temp_users.tpl index 14d42f6..d06c641 100644 --- a/modules/auth/site/scripts/auth_temp_users.tpl +++ b/modules/auth/site/scripts/auth_temp_users.tpl @@ -1,7 +1,7 @@ DROP TABLE IF EXISTS "auth_temp_users"; CREATE TABLE `auth_temp_users` ( - `uid` INTEGER PRIMARY KEY AUTOINCREMENT NOT NULL, + `uid` INTEGER PRIMARY KEY AUTO_INCREMENT NOT NULL, `name` VARCHAR(100) NOT NULL, `password` VARCHAR(100) NOT NULL, `salt` VARCHAR(100) NOT NULL, diff --git a/modules/auth/site/templates/block_register.tpl b/modules/auth/site/templates/block_register.tpl index e55b7b1..39104ef 100644 --- a/modules/auth/site/templates/block_register.tpl +++ b/modules/auth/site/templates/block_register.tpl @@ -21,10 +21,10 @@ {/if}
- - + {if isset="$error_application"} {$error_application/}
{/if} diff --git a/modules/oauth20/cms_oauth_20_module.e b/modules/oauth20/cms_oauth_20_module.e index 7cf6bab..7687548 100644 --- a/modules/oauth20/cms_oauth_20_module.e +++ b/modules/oauth20/cms_oauth_20_module.e @@ -493,7 +493,7 @@ feature -- OAuth2 Login with Provider -- Send Email create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle_callback_oauth: send_contact_welcome_email") - es.send_contact_welcome_email (l_email, "") + es.send_contact_welcome_email (l_email, "", req.absolute_script_url ("")) end end r.set_redirection (r.front_page_url) diff --git a/modules/openid/cms_openid_module.e b/modules/openid/cms_openid_module.e index cc84735..aa42bab 100644 --- a/modules/openid/cms_openid_module.e +++ b/modules/openid/cms_openid_module.e @@ -443,7 +443,7 @@ feature -- Openid Login -- Send Email create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) write_debug_log (generator + ".handle_callback_openid: send_contact_welcome_email") - es.send_contact_welcome_email (l_email, "") + es.send_contact_welcome_email (l_email, "", req.absolute_script_url ("")) end end r.set_redirection (r.front_page_url) diff --git a/src/persistence/user/cms_user_storage_i.e b/src/persistence/user/cms_user_storage_i.e index 958eca3..ca7967c 100644 --- a/src/persistence/user/cms_user_storage_i.e +++ b/src/persistence/user/cms_user_storage_i.e @@ -104,12 +104,6 @@ feature -- Change: user deferred end - new_user_from_temporal_user (a_user: CMS_USER) - require - no_id: not a_user.has_id - deferred - end - update_user (a_user: CMS_USER) -- Save user `a_user'. require diff --git a/src/persistence/user/cms_user_storage_sql_i.e b/src/persistence/user/cms_user_storage_sql_i.e index 16129c0..e0c7d7f 100644 --- a/src/persistence/user/cms_user_storage_sql_i.e +++ b/src/persistence/user/cms_user_storage_sql_i.e @@ -198,45 +198,6 @@ feature -- Access: user end feature -- Change: user - new_user_from_temporal_user (a_user: CMS_USER) - -- Add a new user `a_user'. - local - l_parameters: STRING_TABLE [detachable ANY] - do - error_handler.reset - if - attached a_user.hashed_password as l_password_hash and then - attached a_user.email as l_email and then - attached a_user.salt as l_password_salt - then - sql_begin_transaction - - write_information_log (generator + ".new_user") - create l_parameters.make (4) - l_parameters.put (a_user.name, "name") - l_parameters.put (l_password_hash, "password") - l_parameters.put (l_password_salt, "salt") - l_parameters.put (l_email, "email") - l_parameters.put (create {DATE_TIME}.make_now_utc, "created") - l_parameters.put (a_user.status, "status") - - sql_insert (sql_insert_user, l_parameters) - if not error_handler.has_error then - a_user.set_id (last_inserted_user_id) - update_user_roles (a_user) - end - if not error_handler.has_error then - sql_commit_transaction - else - sql_rollback_transaction - end - sql_finalize - else - -- set error - error_handler.add_custom_error (-1, "bad request" , "Missing password or email") - end - end - new_user (a_user: CMS_USER) -- Add a new user `a_user'. local diff --git a/src/service/user/cms_user_api.e b/src/service/user/cms_user_api.e index 36f1e47..76ba365 100644 --- a/src/service/user/cms_user_api.e +++ b/src/service/user/cms_user_api.e @@ -260,26 +260,6 @@ feature -- Change User end end - new_user_from_temporal_user (a_user: CMS_USER) - -- Add a new user `a_user'. - require - no_id: not a_user.has_id - has_hashed_password: a_user.hashed_password /= Void - has_sal: a_user.salt /= Void - do - reset_error - if - attached a_user.hashed_password as l_password and then - attached a_user.salt as l_salt and then - attached a_user.email as l_email - then - storage.new_user (a_user) - error_handler.append (storage.error_handler) - else - error_handler.add_custom_error (0, "bad new user request", "Missing password or email to create new user!") - end - end - update_user (a_user: CMS_USER) -- Update user `a_user'. require