Updated templates
Replaced hardcoded name "ROC CMS" for placeholder $sitename, and missing href's with $host. Renamed database script and database table for temporal users. Renamed CMS_AUTH_API AS CMS_USER_TEMP_API. Revert design to use CMS_TEMPORAL_USER and clean CMS_USER. Refactor rename cms_auth_storage_* classes to CMS_TEMPORAL_USER_STORAGE_* Added Pending Registrations to the admin menu to show the list of pending registrarions added CSS to display temporal users
This commit is contained in:
jvelilla
@@ -91,16 +91,16 @@ feature {CMS_API} -- Module Initialization
|
||||
-- <Precursor>
|
||||
local
|
||||
l_auth_api: like auth_api
|
||||
l_user_auth_storage: CMS_AUTH_STORAGE_I
|
||||
l_user_auth_storage: CMS_TEMPORAL_USER_STORAGE_I
|
||||
do
|
||||
Precursor (a_api)
|
||||
|
||||
-- Storage initialization
|
||||
if attached a_api.storage.as_sql_storage as l_storage_sql then
|
||||
create {CMS_AUTH_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
|
||||
create {CMS_TEMPORAL_USER_STORAGE_SQL} l_user_auth_storage.make (l_storage_sql)
|
||||
else
|
||||
-- FIXME: in case of NULL storage, should Current be disabled?
|
||||
create {CMS_AUTH_STORAGE_NULL} l_user_auth_storage
|
||||
create {CMS_TEMPORAL_USER_STORAGE_NULL} l_user_auth_storage
|
||||
end
|
||||
|
||||
-- API initialization
|
||||
@@ -114,7 +114,7 @@ feature {CMS_API} -- Module Initialization
|
||||
do
|
||||
-- Schema
|
||||
if attached api.storage.as_sql_storage as l_sql_storage then
|
||||
if not l_sql_storage.sql_table_exists ("auth_temp_user") then
|
||||
if not l_sql_storage.sql_table_exists ("auth_temp_users") then
|
||||
--| Schema
|
||||
l_sql_storage.sql_execute_file_script (api.module_resource_location (Current, (create {PATH}.make_from_string ("scripts")).extended ("auth_temp_users.sql")), Void)
|
||||
if l_sql_storage.has_error then
|
||||
@@ -128,7 +128,7 @@ feature {CMS_API} -- Module Initialization
|
||||
|
||||
feature {CMS_API} -- Access: API
|
||||
|
||||
auth_api: detachable CMS_AUTH_API
|
||||
auth_api: detachable CMS_USER_TEMP_API
|
||||
-- <Precursor>
|
||||
|
||||
feature -- Router
|
||||
@@ -252,7 +252,7 @@ feature -- Handler
|
||||
local
|
||||
r: CMS_RESPONSE
|
||||
l_user_api: CMS_USER_API
|
||||
u: CMS_USER
|
||||
u: CMS_TEMPORAL_USER
|
||||
l_exist: BOOLEAN
|
||||
es: CMS_AUTHENTICATON_EMAIL_SERVICE
|
||||
l_url_activate: STRING
|
||||
@@ -263,7 +263,7 @@ feature -- Handler
|
||||
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
|
||||
if r.has_permission ("account register") and then attached auth_api as l_auth_api then
|
||||
if req.is_post_request_method then
|
||||
if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("application") as l_application then
|
||||
if attached {WSF_STRING} req.form_parameter ("name") as l_name and then attached {WSF_STRING} req.form_parameter ("password") as l_password and then attached {WSF_STRING} req.form_parameter ("email") as l_email and then attached {WSF_STRING} req.form_parameter ("personal_information") as l_personal_information then
|
||||
l_user_api := api.user_api
|
||||
if attached l_user_api.user_by_name (l_name.value) or else attached l_auth_api.user_by_name (l_name.value) then
|
||||
-- Username already exist.
|
||||
@@ -292,7 +292,7 @@ feature -- Handler
|
||||
create u.make (l_name.value)
|
||||
u.set_email (l_email.value)
|
||||
u.set_password (l_password.value)
|
||||
u.set_application (l_application.value)
|
||||
u.set_personal_information (l_personal_information.value)
|
||||
l_auth_api.new_temp_user (u)
|
||||
|
||||
-- Create activation token
|
||||
@@ -304,16 +304,16 @@ feature -- Handler
|
||||
-- Send Email to webmaster
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_register_email")
|
||||
es.send_account_evaluation (u, l_application.value, l_url_activate, l_url_reject)
|
||||
es.send_account_evaluation (u, l_personal_information.value, l_url_activate, l_url_reject, req.absolute_script_url (""))
|
||||
|
||||
-- Send Email to user
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_contact_email")
|
||||
es.send_contact_email (l_email.value, l_name.value)
|
||||
es.send_contact_email (l_email.value, l_name.value, req.absolute_script_url (""))
|
||||
else
|
||||
r.set_value (l_name.value, "name")
|
||||
r.set_value (l_email.value, "email")
|
||||
r.set_value (l_application.value, "application")
|
||||
r.set_value (l_personal_information.value, "personal_information")
|
||||
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
|
||||
end
|
||||
end
|
||||
@@ -337,21 +337,26 @@ feature -- Handler
|
||||
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
|
||||
if r.has_permission ("account activate") then
|
||||
if attached {WSF_STRING} req.path_parameter ("token") as l_token then
|
||||
if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
|
||||
if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
|
||||
|
||||
-- TODO copy the personal information
|
||||
--! to CMS_USER_PROFILE and persist data
|
||||
--! check also CMS_USER.data_items
|
||||
|
||||
-- Delete temporal User
|
||||
l_auth_api.delete_user (l_user)
|
||||
l_auth_api.delete_temporary_user (l_user)
|
||||
|
||||
-- Valid user_id
|
||||
l_user.set_id (0)
|
||||
l_user.mark_active
|
||||
l_user_api.new_user_from_temporal_user (l_user)
|
||||
l_auth_api.new_user_from_temporal_user (l_user)
|
||||
l_auth_api.remove_activation (l_token.value)
|
||||
r.set_main_content ("<p> The account <i>" + l_user.name + "</i> has been activated</p>")
|
||||
-- Send Email
|
||||
if attached l_user.email as l_email then
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
|
||||
es.send_contact_activation_confirmation_email (l_email, req.absolute_script_url (""))
|
||||
es.send_contact_activation_confirmation_email (l_email, "", req.absolute_script_url (""))
|
||||
end
|
||||
else
|
||||
-- the token does not exist, or it was already used.
|
||||
@@ -376,7 +381,6 @@ feature -- Handler
|
||||
handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
|
||||
local
|
||||
r: CMS_RESPONSE
|
||||
l_user_api: CMS_USER_API
|
||||
l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
|
||||
es: CMS_AUTHENTICATON_EMAIL_SERVICE
|
||||
do
|
||||
@@ -385,13 +389,13 @@ feature -- Handler
|
||||
if r.has_permission ("account reject") then
|
||||
if attached {WSF_STRING} req.path_parameter ("token") as l_token then
|
||||
if attached {CMS_USER} l_auth_api.user_by_activation_token (l_token.value) as l_user then
|
||||
l_auth_api.delete_user (l_user)
|
||||
l_auth_api.delete_temporary_user (l_user)
|
||||
r.set_main_content ("<p> The temporal account for <i>" + l_user.name + "</i> has been removed</p>")
|
||||
-- Send Email
|
||||
if attached l_user.email as l_email then
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
|
||||
es.send_contact_activation_reject_email (l_email, req.absolute_script_url (""))
|
||||
es.send_contact_activation_reject_email (l_email, "", req.absolute_script_url (""))
|
||||
end
|
||||
else
|
||||
-- the token does not exist, or it was already used.
|
||||
@@ -428,7 +432,7 @@ feature -- Handler
|
||||
if req.is_post_request_method then
|
||||
if attached {WSF_STRING} req.form_parameter ("email") as l_email then
|
||||
l_user_api := api.user_api
|
||||
if attached {CMS_USER} l_auth_api.user_by_email (l_email.value) as l_user then
|
||||
if attached {CMS_TEMPORAL_USER} l_auth_api.user_by_email (l_email.value) as l_user then
|
||||
-- User exist create a new token and send a new email.
|
||||
if l_user.is_active then
|
||||
r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active")
|
||||
@@ -440,10 +444,10 @@ feature -- Handler
|
||||
l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
|
||||
|
||||
-- Send Email to webmaster
|
||||
if attached l_user.application as l_application then
|
||||
if attached l_user.personal_information as l_personal_information then
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_register_email")
|
||||
es.send_account_evaluation (l_user, l_application, l_url_activate, l_url_reject)
|
||||
es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url (""))
|
||||
end
|
||||
end
|
||||
else
|
||||
@@ -484,7 +488,7 @@ feature -- Handler
|
||||
-- Send Email
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_contact_password_email")
|
||||
es.send_contact_password_email (l_email.value, l_url)
|
||||
es.send_contact_password_email (l_email.value, l_url, req.absolute_script_url (""))
|
||||
else
|
||||
r.set_value ("The email does not exist !", "error_email")
|
||||
r.set_value (l_email.value, "email")
|
||||
@@ -500,7 +504,7 @@ feature -- Handler
|
||||
-- Send Email
|
||||
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
|
||||
write_debug_log (generator + ".handle register: send_contact_password_email")
|
||||
es.send_contact_password_email (l_email, l_url)
|
||||
es.send_contact_password_email (l_email, l_url, req.absolute_script_url (""))
|
||||
else
|
||||
r.set_value ("The username does not exist !", "error_username")
|
||||
r.set_value (l_username.value, "username")
|
||||
@@ -587,13 +591,95 @@ feature -- Handler
|
||||
|
||||
handle_admin_pending_registrations (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API)
|
||||
local
|
||||
l_page: CMS_RESPONSE
|
||||
lnk: CMS_LOCAL_LINK
|
||||
l_response: CMS_RESPONSE
|
||||
s: STRING
|
||||
u: CMS_TEMPORAL_USER
|
||||
l_page_helper: CMS_PAGINATION_GENERATOR
|
||||
s_pager: STRING
|
||||
l_count: INTEGER
|
||||
do
|
||||
create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
|
||||
l_page.execute
|
||||
-- At the moment the template are hardcoded, but we can
|
||||
-- get them from the configuration file and load them into
|
||||
-- the setup class.
|
||||
|
||||
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
|
||||
if
|
||||
l_response.has_permission ("admin registration") and then
|
||||
attached auth_api as l_auth_api
|
||||
then
|
||||
|
||||
l_count := l_auth_api.users_count
|
||||
|
||||
create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
|
||||
|
||||
create s.make_empty
|
||||
if l_count > 1 then
|
||||
l_response.set_title ("Listing " + l_count.out + " Pending Registrations")
|
||||
else
|
||||
l_response.set_title ("Listing " + l_count.out + " Pending Registration")
|
||||
end
|
||||
|
||||
create s_pager.make_empty
|
||||
create l_page_helper.make ("admin/pending-registrations/?page={page}&size={size}", l_auth_api.users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings
|
||||
l_page_helper.get_setting_from_request (req)
|
||||
if l_page_helper.has_upper_limit and then l_page_helper.pages_count > 1 then
|
||||
l_page_helper.append_to_html (l_response, s_pager)
|
||||
if l_page_helper.page_size > 25 then
|
||||
s.append (s_pager)
|
||||
end
|
||||
end
|
||||
|
||||
if attached l_auth_api.recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then
|
||||
s.append ("<ul class=%"cms-temp-users%">%N")
|
||||
across
|
||||
lst as ic
|
||||
loop
|
||||
u := ic.item
|
||||
s.append ("<li class=%"cms_temp_user%">")
|
||||
s.append ("User:" + u.name)
|
||||
s.append ("<ul class=%"cms_temp_user_details%">")
|
||||
if attached u.personal_information as l_information then
|
||||
s.append ("<li class=%"cms_temp_user_detail_information%">")
|
||||
s.append (l_information)
|
||||
s.append ("</li>%N")
|
||||
end
|
||||
if attached u.email as l_email then
|
||||
s.append ("<li class=%"cms_temp_user_detail_email%">")
|
||||
s.append (l_email)
|
||||
s.append ("</li>%N")
|
||||
end
|
||||
if attached l_auth_api.token_by_user_id (u.id) as l_token then
|
||||
s.append ("<li>")
|
||||
s.append ("<a href=%"")
|
||||
s.append (req.absolute_script_url ("/account/activate/" + l_token))
|
||||
s.append ("%">")
|
||||
s.append (html_encoded ("Activate"))
|
||||
s.append ("</a>")
|
||||
s.append ("</li>%N")
|
||||
s.append ("<li>")
|
||||
s.append ("<a href=%"")
|
||||
s.append (req.absolute_script_url ("/account/reject/" + l_token))
|
||||
s.append ("%">")
|
||||
s.append (html_encoded ("Reject"))
|
||||
s.append ("</a>")
|
||||
s.append ("</li>%N")
|
||||
end
|
||||
s.append ("</ul>%N")
|
||||
s.append ("</li>%N")
|
||||
end
|
||||
s.append ("</ul>%N")
|
||||
end
|
||||
-- Again the pager at the bottom, if needed
|
||||
s.append (s_pager)
|
||||
|
||||
l_response.set_main_content (s)
|
||||
l_response.execute
|
||||
else
|
||||
l_response.execute
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
block_list: ITERABLE [like {CMS_BLOCK}.name]
|
||||
local
|
||||
l_string: STRING
|
||||
@@ -821,7 +907,6 @@ feature {NONE} -- Block views
|
||||
|
||||
get_block_view_registration (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
|
||||
do
|
||||
-- TODO finish
|
||||
end
|
||||
|
||||
feature -- Recaptcha
|
||||
@@ -855,8 +940,8 @@ feature -- Response Alter
|
||||
response_alter (a_response: CMS_RESPONSE)
|
||||
do
|
||||
a_response.add_javascript_url ("https://www.google.com/recaptcha/api.js")
|
||||
a_response.add_style (a_response.url ("/module/" + name + "/files/css/auth.css", Void), Void)
|
||||
end
|
||||
|
||||
feature {NONE} -- Implementation
|
||||
|
||||
is_captcha_verified (a_secret, a_response: READABLE_STRING_8): BOOLEAN
|
||||
|
||||
Reference in New Issue
Block a user