Implemented CMS storage for user and nodes.

Implemented role and permission storage. Introduced the CMS_PARTIAL_NODE and CMS_PARTIAL_USER. Added support for node storage extension - storage of data specific to each node content type, - in addition to the core CMS_NODE) - For now, only implemented for SQL storage. Note: in current version, CMS_PAGE support is hard coded in the core, (as opposed to be only supported by the node module.) Commented/removed for now, the Web API code to update node summary, title, via REST request.
2015-04-14 11:25:02 +02:00
parent 734f661add
commit 133c243126
46 changed files with 2262 additions and 468 deletions
--- a/src/persistence/user/cms_user_storage.e
+++ b/src/persistence/user/cms_user_storage.e
@@ -90,29 +90,29 @@ feature -- Change: user

 feature -- Access: roles and permissions

-	user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
-			-- Anonymous or user `u' has permission for `s' ?
-			--| `s' could be "create page",	
-		do
--			if s = Void then
--				Result := True
--			elseif u = Void then
----				Result := user_role_has_permission (anonymous_user_role, s)
--			else
--				Result := user_role_has_permission (authenticated_user_role, s)
--				if not Result and attached u.roles as l_roles then
--					across
--						l_roles as r
--					until
--						Result
--					loop
--						if attached user_role_by_id (r.item) as ur then
--							Result := user_role_has_permission (ur, s)
--						end
--					end
--				end
--			end
-		end
+--	user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
+--			-- Anonymous or user `u' has permission for `s' ?
+--			--| `s' could be "create page",	
+--		do
+----			if s = Void then
+----				Result := True
+----			elseif u = Void then
+------				Result := user_role_has_permission (anonymous_user_role, s)
+----			else
+----				Result := user_role_has_permission (authenticated_user_role, s)
+----				if not Result and attached u.roles as l_roles then
+----					across
+----						l_roles as r
+----					until
+----						Result
+----					loop
+----						if attached user_role_by_id (r.item) as ur then
+----							Result := user_role_has_permission (ur, s)
+----						end
+----					end
+----				end
+----			end
+--		end

 	user_role_has_permission (a_role: CMS_USER_ROLE; s: READABLE_STRING_8): BOOLEAN
 		do
@@ -124,6 +124,12 @@ feature -- Access: roles and permissions
 		deferred
 		end

+	user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE]
+			-- User roles for user `a_user'.
+			-- Note: anonymous and authenticated roles are not included.
+		deferred
+		end
+
 	user_roles: LIST [CMS_USER_ROLE]
 			-- Possible list of user roles.
 		deferred
--- a/src/persistence/user/cms_user_storage_sql.e
+++ b/src/persistence/user/cms_user_storage_sql.e
@@ -208,24 +208,240 @@ feature -- Change: user
 feature -- Access: roles and permissions

 	user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE
+		local
+			l_parameters: STRING_TABLE [ANY]
 		do
-			to_implement (generator + ".user_role_by_id")
+			error_handler.reset
+			write_information_log (generator + ".user_role_by_id")
+			create l_parameters.make (1)
+			l_parameters.put (a_id, "rid")
+			sql_query (select_user_role_by_id, l_parameters)
+			if sql_rows_count = 1 then
+				Result := fetch_user_role
+				if Result /= Void and not has_error then
+					fill_user_role (Result)
+				end
+			else
+				check no_more_than_one: sql_rows_count = 0 end
+			end
+		end
+
+	user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE]
+		local
+			l_parameters: STRING_TABLE [ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".user_roles_for")
+
+			create {ARRAYED_LIST [CMS_USER_ROLE]} Result.make (0)
+			from
+				create l_parameters.make (1)
+				l_parameters.put (a_user.id, "uid")
+				sql_query (select_user_roles_by_user_id, l_parameters)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached fetch_user_role as l_role then
+					Result.force (l_role)
+				end
+				sql_forth
+			end
+			if not has_error then
+				across Result as ic loop
+					fill_user_role (ic.item)
+				end
+			end
 		end

 	user_roles: LIST [CMS_USER_ROLE]
+		local
+			l_role: detachable CMS_USER_ROLE
 		do
-			to_implement (generator + ".user_roles")
-			create {ARRAYED_LIST[CMS_USER_ROLE]} Result.make (0)
+			error_handler.reset
+			write_information_log (generator + ".user_roles")
+
+			create {ARRAYED_LIST [CMS_USER_ROLE]} Result.make (0)
+			from
+				sql_query (select_user_roles, Void)
+				sql_start
+			until
+				sql_after
+			loop
+				l_role := fetch_user_role
+				if l_role /= Void then
+					Result.force (l_role)
+				end
+				sql_forth
+			end
+			if not has_error then
+				across Result as ic loop
+					fill_user_role (ic.item)
+				end
+			end
+		end
+
+	fill_user_role (a_role: CMS_USER_ROLE)
+		require
+			a_role_has_id: a_role.has_id
+		do
+			if attached role_permissions_by_id (a_role.id) as l_permissions then
+				across
+					l_permissions as p_ic
+				loop
+					a_role.add_permission (p_ic.item)
+				end
+			end
+		end
+
+	role_permissions_by_id (a_role_id: INTEGER_32): LIST [READABLE_STRING_8]
+		local
+			l_parameters: STRING_TABLE [ANY]
+		do
+			error_handler.reset
+			write_information_log (generator + ".role_permissions_by_id")
+
+			create {ARRAYED_LIST [READABLE_STRING_8]} Result.make (0)
+			from
+				create l_parameters.make (1)
+				l_parameters.put (a_role_id, "rid")
+				sql_query (select_role_permissions_by_role_id, l_parameters)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached sql_read_string (1) as l_permission then
+					Result.force (l_permission)
+				end
+--				if attached sql_read_string_32 (2) as l_module then
+--				end
+				sql_forth
+			end
 		end

 feature -- Change: roles and permissions		

 	save_user_role (a_user_role: CMS_USER_ROLE)
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+			l_existing_role: detachable CMS_USER_ROLE
+			l_permissions: detachable LIST [READABLE_STRING_8]
+			p: READABLE_STRING_8
+			l_found: BOOLEAN
 		do
-			to_implement (generator + ".save_user_role")
+			error_handler.reset
+			write_information_log (generator + ".save_user_role")
+
+
+			if a_user_role.has_id then
+				l_existing_role := user_role_by_id (a_user_role.id)
+				check l_existing_role /= Void and then l_existing_role.id = a_user_role.id end
+				if
+					l_existing_role /= Void and then
+					l_existing_role.name.same_string (a_user_role.name)
+				then
+						-- No update needed
+				else
+					create l_parameters.make (2)
+					l_parameters.put (a_user_role.id, "rid")
+					l_parameters.put (a_user_role.name, "name")
+					sql_change (sql_update_user_role, l_parameters)
+				end
+				if not a_user_role.permissions.is_empty then
+					-- FIXME: check if this is non set permissions,or none ...
+					if l_existing_role /= Void then
+						l_permissions := l_existing_role.permissions
+						fill_user_role (l_existing_role)
+					end
+					if l_permissions = Void or else l_permissions.is_empty then
+						l_permissions := role_permissions_by_id (a_user_role.id)
+					end
+
+					across
+						a_user_role.permissions as ic
+					loop
+						p := ic.item
+						from
+							l_found := False
+							l_permissions.start
+						until
+							l_found or l_permissions.after
+						loop
+							if p.is_case_insensitive_equal (l_permissions.item) then
+								l_found := True
+							else
+								l_permissions.forth
+							end
+						end
+						if l_found then
+								-- Already there, skip							
+						else
+								-- Add permission
+							set_permission_for_role_id (p, a_user_role.id)
+						end
+					end
+						-- Remove other
+					across
+						l_permissions as ic
+					loop
+						unset_permission_for_role_id (ic.item, a_user_role.id)
+					end
+				end
+			else
+				create l_parameters.make (1)
+				l_parameters.put (a_user_role.name, "name")
+				sql_change (sql_insert_user_role, l_parameters)
+				if not error_handler.has_error then
+					a_user_role.set_id (last_inserted_user_role_id)
+					across
+						a_user_role.permissions as ic
+					loop
+						set_permission_for_role_id (ic.item, a_user_role.id)
+					end
+				end
+			end
 		end

-feature {NONE} -- Implementation
+	set_permission_for_role_id (a_permission: READABLE_STRING_8; a_role_id: INTEGER)
+		require
+			a_role_id > 0
+			not a_permission.is_whitespace
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			create l_parameters.make (3)
+			l_parameters.put (a_role_id, "rid")
+			l_parameters.put (a_permission, "permission")
+			l_parameters.put (Void, "module") -- FIXME: unsupported for now!
+			sql_change (sql_insert_user_role_permission, l_parameters)
+		end
+
+	unset_permission_for_role_id (a_permission: READABLE_STRING_8; a_role_id: INTEGER)
+		require
+			a_role_id > 0
+			not a_permission.is_whitespace
+
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			create l_parameters.make (2)
+			l_parameters.put (a_role_id, "rid")
+			l_parameters.put (a_permission, "permission")
+			sql_change (sql_delete_user_role_permission, l_parameters)
+		end
+
+	last_inserted_user_role_id: INTEGER_32
+			-- Last inserted user role id.
+		do
+			error_handler.reset
+			write_information_log (generator + ".last_inserted_user_role_id")
+			sql_query (Sql_last_insert_user_role_id, Void)
+			if sql_rows_count = 1 then
+				Result := sql_read_integer_32 (1)
+			end
+		end
+
+feature {NONE} -- Implementation: User

 	user_salt (a_username: READABLE_STRING_32): detachable READABLE_STRING_8
 			-- User salt for the given user `a_username', if any.
@@ -289,32 +505,83 @@ feature {NONE} -- Implementation
 			end
 		end

+feature {NONE} -- Implementation: User role		
+
+	fetch_user_role: detachable CMS_USER_ROLE
+		local
+			l_id: INTEGER_32
+			l_name: detachable READABLE_STRING_32
+		do
+			if attached sql_read_integer_32 (1) as rid then
+				l_id := rid
+			end
+			if attached sql_read_string_32 (2) as s and then not s.is_whitespace then
+				l_name := s
+			end
+
+			if l_name /= Void then
+				create Result.make (l_name)
+				if l_id > 0 then
+					Result.set_id (l_id)
+				end
+			elseif l_id > 0 then
+				create Result.make_with_id (l_id)
+			end
+		end
+
 feature {NONE} -- Sql Queries: USER

-	Select_users_count: STRING = "select count(*) from Users;"
+	Select_users_count: STRING = "SELECT count(*) FROM Users;"
 			-- Number of users.

-	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) from Users;"
+	Sql_last_insert_user_id: STRING = "SELECT MAX(uid) FROM Users;"

-	Select_users: STRING = "select * from Users;"
+	Select_users: STRING = "SELECT * FROM Users;"
 			-- List of users.

-	Select_user_by_id: STRING = "select * from Users where uid =:uid;"
+	Select_user_by_id: STRING = "SELECT * FROM Users WHERE uid =:uid;"
 			-- Retrieve user by id if exists.

-	Select_user_by_name: STRING = "select * from Users where name =:name;"
+	Select_user_by_name: STRING = "SELECT * FROM Users WHERE name =:name;"
 			-- Retrieve user by name if exists.

-	Select_user_by_email: STRING = "select * from Users where email =:email;"
+	Select_user_by_email: STRING = "SELECT * FROM Users WHERE email =:email;"
 			-- Retrieve user by email if exists.

-	Select_salt_by_username: STRING = "select salt from Users where name =:name;"
+	Select_salt_by_username: STRING = "SELECT salt FROM Users WHERE name =:name;"
 			-- Retrieve salt by username if exists.

-	Sql_Insert_user: STRING = "insert into users (name, password, salt, email, created) values (:name, :password, :salt, :email, :created);"
+	sql_insert_user: STRING = "INSERT INTO users (name, password, salt, email, created) VALUES (:name, :password, :salt, :email, :created);"
 			-- SQL Insert to add a new node.

-	sql_update_user: STRING = "update users SET name=:name, password=:password, salt=:salt, email=:email WHERE uid=:uid;"
+	sql_update_user: STRING = "UPDATE users SET name=:name, password=:password, salt=:salt, email=:email WHERE uid=:uid;"

+feature {NONE} -- Sql Queries: USER ROLE
+
+	sql_last_insert_user_role_id: STRING = "SELECT MAX(rid) FROM roles;"
+
+	select_user_roles: STRING = "SELECT rid, name FROM roles;"
+			-- List of user roles.	
+
+	sql_insert_user_role: STRING = "INSERT INTO roles (name) VALUES (:name);"
+			-- SQL Insert to add a new user role with name :name.		
+
+	sql_update_user_role : STRING = "UPDATE roles SET name=:name WHERE rid=:rid;"
+			-- Update user role with id :rid.	
+
+	select_user_roles_by_user_id: STRING = "SELECT rid, name FROM roles INNER JOIN users_roles ON users_roles.rid=roles.rid WHERE users_roles.uid=:uid;"
+			-- List of user roles for user id :uid.	
+
+	select_user_role_by_id: STRING = "SELECT rid, name FROM roles WHERE rid=:rid;"
+			-- User role for role id :rid;
+
+	sql_insert_user_role_permission: STRING = "INSERT INTO role_permissions (rid, permission, module) VALUES (:rid, :permission, :module);"
+			-- SQL Insert a new permission :permission for user role :rid.
+
+	sql_delete_user_role_permission: STRING = "DELETE FROM role_permissions WHERE rid=:rid AND permission=:permission;"
+			-- SQL Delete permission :permission from user role :rid.
+
+	select_role_permissions_by_role_id: STRING = "SELECT permission, module FROM role_permissions WHERE rid=:rid;"
+			-- User role permissions for role id :rid;

 end