From 1aad62ed5278d4a41ce0b7ded44d6ffd47ee89bc Mon Sep 17 00:00:00 2001 From: Jocelyn Fiat Date: Tue, 11 Apr 2017 13:19:39 +0200 Subject: [PATCH] Added CMS_RESPONSE.request_url (...) Update a few callers of CMS_RESPONSE.url (...). Renamed the demo files using "server" instead of "demo". --- examples/demo/{demo.crt => server.crt} | 0 examples/demo/{demo.ini => server.ini} | 4 +- examples/demo/{demo.key => server.key} | 0 examples/demo/src/demo_cms_server.e | 7 + .../admin/handler/cms_admin_cache_handler.e | 2 +- .../admin/handler/cms_admin_export_handler.e | 2 +- .../admin/handler/cms_admin_import_handler.e | 2 +- .../admin/handler/cms_admin_modules_handler.e | 4 +- .../handler/role/cms_role_form_response.e | 6 +- .../handler/user/cms_user_form_response.e | 6 +- modules/auth/cms_authentication_module.e-BAK | 703 ++++++++++++++++++ modules/basic_auth/cms_basic_auth_module.e | 4 +- modules/node/handler/node_form_response.e | 8 +- .../cms_recent_changes_module.e | 4 +- src/service/response/cms_response.e | 6 + 15 files changed, 737 insertions(+), 21 deletions(-) rename examples/demo/{demo.crt => server.crt} (100%) rename examples/demo/{demo.ini => server.ini} (72%) rename examples/demo/{demo.key => server.key} (100%) create mode 100644 modules/auth/cms_authentication_module.e-BAK diff --git a/examples/demo/demo.crt b/examples/demo/server.crt similarity index 100% rename from examples/demo/demo.crt rename to examples/demo/server.crt diff --git a/examples/demo/demo.ini b/examples/demo/server.ini similarity index 72% rename from examples/demo/demo.ini rename to examples/demo/server.ini index 8c631dc..7ad215a 100644 --- a/examples/demo/demo.ini +++ b/examples/demo/server.ini @@ -5,5 +5,5 @@ socket_timeout=60 socket_recv_timeout=45 keep_alive_timeout=25 ssl_enabled=false -ssl_ca_key=demo.key -ssl_ca_crt=demo.crt +ssl_ca_key=server.key +ssl_ca_crt=server.crt diff --git a/examples/demo/demo.key b/examples/demo/server.key similarity index 100% rename from examples/demo/demo.key rename to examples/demo/server.key diff --git a/examples/demo/src/demo_cms_server.e b/examples/demo/src/demo_cms_server.e index 9afbf09..bb8cf07 100644 --- a/examples/demo/src/demo_cms_server.e +++ b/examples/demo/src/demo_cms_server.e @@ -10,9 +10,16 @@ class inherit ROC_CMS_LAUNCHER [DEMO_CMS_EXECUTION] + redefine + optional_application_name + end create make_and_launch +feature -- Access + + optional_application_name: STRING_32 = "server" + end diff --git a/modules/admin/handler/cms_admin_cache_handler.e b/modules/admin/handler/cms_admin_cache_handler.e index afe5415..efdbb0a 100644 --- a/modules/admin/handler/cms_admin_cache_handler.e +++ b/modules/admin/handler/cms_admin_cache_handler.e @@ -89,7 +89,7 @@ feature -- Widget local but: WSF_FORM_SUBMIT_INPUT do - create Result.make (a_response.url (a_response.location, Void), "form_clear_cache") + create Result.make (a_response.request_url (Void), "form_clear_cache") create but.make_with_text ("op", text_clear_all_caches) Result.extend (but) end diff --git a/modules/admin/handler/cms_admin_export_handler.e b/modules/admin/handler/cms_admin_export_handler.e index a7eb3eb..85a150b 100644 --- a/modules/admin/handler/cms_admin_export_handler.e +++ b/modules/admin/handler/cms_admin_export_handler.e @@ -105,7 +105,7 @@ feature -- Widget f_name: WSF_FORM_TEXT_INPUT but: WSF_FORM_SUBMIT_INPUT do - create Result.make (a_response.url (a_response.location, Void), "export_all_data") + create Result.make (a_response.request_url (Void), "export_all_data") Result.extend_raw_text ("Export CMS data to ") create f_name.make_with_text ("folder", (create {DATE_TIME}.make_now_utc).formatted_out ("yyyy-[0]mm-[0]dd---hh24-[0]mi-[0]ss")) f_name.set_label ("Export folder name") diff --git a/modules/admin/handler/cms_admin_import_handler.e b/modules/admin/handler/cms_admin_import_handler.e index 845d1bf..2122077 100644 --- a/modules/admin/handler/cms_admin_import_handler.e +++ b/modules/admin/handler/cms_admin_import_handler.e @@ -113,7 +113,7 @@ feature -- Widget f_name: WSF_FORM_TEXT_INPUT but: WSF_FORM_SUBMIT_INPUT do - create Result.make (a_response.url (a_response.location, Void), "import_all_data") + create Result.make (a_response.request_url (Void), "import_all_data") Result.extend_raw_text ("Import CMS data from ") create f_name.make_with_text ("folder", "default") f_name.set_label ("Import folder name") diff --git a/modules/admin/handler/cms_admin_modules_handler.e b/modules/admin/handler/cms_admin_modules_handler.e index a44ab5d..d635715 100644 --- a/modules/admin/handler/cms_admin_modules_handler.e +++ b/modules/admin/handler/cms_admin_modules_handler.e @@ -188,7 +188,7 @@ feature -- Execution l_mods_to_install: ARRAYED_LIST [CMS_MODULE] l_extra: STRING do - create Result.make (a_response.url (a_response.location, Void), "modules_collection") + create Result.make (a_response.request_url (Void), "modules_collection") create w_tb.make w_tb.add_css_class ("modules_table") create w_row.make (5) @@ -283,7 +283,7 @@ feature -- Execution l_mods_to_install: ARRAYED_LIST [CMS_MODULE] do - create Result.make (a_response.url (a_response.location, Void), "modules_collection") + create Result.make (a_response.request_url (Void), "modules_collection") create l_mods_to_install.make (0) across api.setup.modules as ic diff --git a/modules/admin/handler/role/cms_role_form_response.e b/modules/admin/handler/role/cms_role_form_response.e index 0d824fd..4232c3d 100644 --- a/modules/admin/handler/role/cms_role_form_response.e +++ b/modules/admin/handler/role/cms_role_form_response.e @@ -63,7 +63,7 @@ feature -- Process Edit fd: detachable WSF_FORM_DATA do create b.make_empty - f := new_edit_form (a_role, url (request.percent_encoded_path_info, Void), "edit-user") + f := new_edit_form (a_role, request_url (Void), "edit-user") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.validation_actions.extend (agent edit_form_validate(?,a_role, b)) @@ -96,7 +96,7 @@ feature -- Process Delete fd: detachable WSF_FORM_DATA do create b.make_empty - f := new_delete_form (a_role, url (request.percent_encoded_path_info, Void), "edit-user") + f := new_delete_form (a_role, request_url (Void), "edit-user") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.process (Current) @@ -128,7 +128,7 @@ feature -- Process New l_role: detachable CMS_USER_ROLE do create b.make_empty - f := new_edit_form (l_role, url (request.percent_encoded_path_info, Void), "create-role") + f := new_edit_form (l_role, request_url (Void), "create-role") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.validation_actions.extend (agent new_form_validate(?, b)) diff --git a/modules/admin/handler/user/cms_user_form_response.e b/modules/admin/handler/user/cms_user_form_response.e index c88518b..8bda43d 100644 --- a/modules/admin/handler/user/cms_user_form_response.e +++ b/modules/admin/handler/user/cms_user_form_response.e @@ -64,7 +64,7 @@ feature -- Process Edit fd: detachable WSF_FORM_DATA do create b.make_empty - f := new_edit_form (a_user, url (location, Void), "edit-user") + f := new_edit_form (a_user, request_url (Void), "edit-user") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.submit_actions.extend (agent edit_form_submit (?, a_user, b)) @@ -96,7 +96,7 @@ feature -- Process Delete fd: detachable WSF_FORM_DATA do create b.make_empty - f := new_delete_form (a_user, url (location, Void), "edit-user") + f := new_delete_form (a_user, request_url (Void), "edit-user") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.process (Current) @@ -129,7 +129,7 @@ feature -- Process New l_user: detachable CMS_USER do create b.make_empty - f := new_edit_form (l_user, url (location, Void), "create-user") + f := new_edit_form (l_user, request_url (Void), "create-user") api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.validation_actions.extend (agent new_form_validate (?, b)) diff --git a/modules/auth/cms_authentication_module.e-BAK b/modules/auth/cms_authentication_module.e-BAK new file mode 100644 index 0000000..8dda26a --- /dev/null +++ b/modules/auth/cms_authentication_module.e-BAK @@ -0,0 +1,703 @@ +note + description: "Module Auth" + date: "$Date: 2015-05-20 06:50:50 -0300 (mi. 20 de may. de 2015) $" + revision: "$Revision: 97328 $" + +class + CMS_AUTHENTICATION_MODULE + +inherit + CMS_MODULE + redefine + register_hooks + end + + + CMS_HOOK_AUTO_REGISTER + + CMS_HOOK_VALUE_TABLE_ALTER + + CMS_HOOK_BLOCK + + CMS_HOOK_MENU_SYSTEM_ALTER + + SHARED_EXECUTION_ENVIRONMENT + export + {NONE} all + end + + REFACTORING_HELPER + + SHARED_LOGGER + + CMS_REQUEST_UTIL + +create + make + +feature {NONE} -- Initialization + + make + -- Create current module + do + version := "1.0" + description := "Authentication module" + package := "authentication" + + create root_dir.make_current + cache_duration := 0 + end + +feature -- Access + + name: STRING = "auth" + +feature -- Access: docs + + root_dir: PATH + + cache_duration: INTEGER + -- Caching duration + --| 0: disable + --| -1: cache always valie + --| nb: cache expires after nb seconds. + + cache_disabled: BOOLEAN + do + Result := cache_duration = 0 + end + +feature -- Router + + setup_router (a_router: WSF_ROUTER; a_api: CMS_API) + -- + do + configure_web (a_api, a_router) + end + + configure_web (a_api: CMS_API; a_router: WSF_ROUTER) + do + a_router.handle ("/account", create {WSF_URI_AGENT_HANDLER}.make (agent handle_account (a_api, ?, ?)), a_router.methods_head_get) + a_router.handle ("/account/roc-login", create {WSF_URI_AGENT_HANDLER}.make (agent handle_login (a_api, ?, ?)), a_router.methods_head_get) + a_router.handle ("/account/roc-logout", create {WSF_URI_AGENT_HANDLER}.make (agent handle_logout (a_api, ?, ?)), a_router.methods_head_get) + a_router.handle ("/account/roc-register", create {WSF_URI_AGENT_HANDLER}.make (agent handle_register (a_api, ?, ?)), a_router.methods_get_post) + a_router.handle ("/account/activate/{token}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_activation (a_api, ?, ?)), a_router.methods_head_get) + a_router.handle ("/account/reactivate", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reactivation (a_api, ?, ?)), a_router.methods_get_post) + a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password (a_api, ?, ?)), a_router.methods_get_post) + a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password (a_api, ?, ?)), a_router.methods_get_post) + a_router.handle ("/account/change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_change_password (a_api, ?, ?)), a_router.methods_get_post) + a_router.handle ("/account/post-change-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_post_change_password (a_api, ?, ?)), a_router.methods_get) + end + +feature -- Hooks configuration + + register_hooks (a_response: CMS_RESPONSE) + -- Module hooks configuration. + do + auto_subscribe_to_hooks (a_response) + a_response.subscribe_to_block_hook (Current) + a_response.subscribe_to_value_table_alter_hook (Current) + end + + value_table_alter (a_value: CMS_VALUE_TABLE; a_response: CMS_RESPONSE) + -- + do + a_value.force (a_response.user, "user") + end + + menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE) + -- Hook execution on collection of menu contained by `a_menu_system' + -- for related response `a_response'. + local + lnk: CMS_LOCAL_LINK + do + if attached a_response.current_user (a_response.request) as u then + create lnk.make (u.name + " (Logout)", "account/roc-logout" ) + lnk.set_weight (98) + a_menu_system.primary_menu.extend (lnk) + else + create lnk.make ("Login", "account/roc-login") + lnk.set_weight (98) + a_menu_system.primary_menu.extend (lnk) + end + end + +feature -- Handler + + handle_account (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + + if attached template_block ("account_info", r) as l_tpl_block then + if attached r.user as l_user then + r.set_value (api.user_api.user_roles (l_user), "roles") + end + r.add_block (l_tpl_block, "content") + else + debug ("cms") + r.add_warning_message ("Error with block [resources_page]") + end + end + r.execute + end + + + + handle_login (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + do + if attached api.module_by_name ("basic_auth") then + -- FIXME: find better solution to support a default login system. + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + r.set_redirection (r.absolute_url ("/account/roc-basic-auth", Void)) + r.execute + else + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + r.execute + end + end + + handle_logout (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + r.set_redirection (r.absolute_url ("", Void)) + r.execute + end + + + + handle_register (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + l_user_api: CMS_USER_API + u: CMS_USER + l_roles: LIST [CMS_USER_ROLE] + l_exist: BOOLEAN + es: CMS_AUTHENTICATON_EMAIL_SERVICE + l_url: STRING + l_token: STRING + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if r.has_permission ("account register") then + if req.is_post_request_method then + if + attached {WSF_STRING} req.form_parameter ("name") as l_name and then + attached {WSF_STRING} req.form_parameter ("password") as l_password and then + attached {WSF_STRING} req.form_parameter ("email") as l_email + then + l_user_api := api.user_api + + if attached l_user_api.user_by_name (l_name.value) then + -- Username already exist. + r.set_value ("User name already exists!", "error_name") + l_exist := True + end + if attached l_user_api.user_by_email (l_email.value) then + -- Emails already exist. + r.set_value ("An account is already associated with that email address!", "error_email") + l_exist := True + end + + if not l_exist then + -- New user + create {ARRAYED_LIST [CMS_USER_ROLE]}l_roles.make (1) + l_roles.force (l_user_api.authenticated_user_role) + + create u.make (l_name.value) + u.set_email (l_email.value) + u.set_password (l_password.value) + u.set_roles (l_roles) + l_user_api.new_user (u) + + -- Create activation token + l_token := new_token + l_user_api.new_activation (l_token, u.id) + l_url := req.absolute_script_url ("/account/activate/" + l_token) + + -- Send Email + create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) + write_debug_log (generator + ".handle register: send_contact_email") + es.send_contact_email (l_email.value, l_url) + + else + r.set_value (l_name.value, "name") + r.set_value (l_email.value, "email") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + end + end + else + create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api) + end + + r.execute + end + + handle_activation (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + l_user_api: CMS_USER_API + l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE + do + l_user_api := api.user_api + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if attached {WSF_STRING} req.path_parameter ("token") as l_token then + + if attached {CMS_USER} l_user_api.user_by_activation_token (l_token.value) as l_user then + -- Valid user_id + l_user.mark_active + l_user_api.update_user (l_user) + l_user_api.remove_activation (l_token.value) + r.set_main_content ("

Your account "+ l_user.name +" has been activated

") + else + -- the token does not exist, or it was already used. + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + r.set_main_content ("

The token " + l_token.value +" is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "

") + end + r.execute + else + create l_ir.make (req, res, api) + l_ir.execute + end + end + + + handle_reactivation (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + es: CMS_AUTHENTICATON_EMAIL_SERVICE + l_user_api: CMS_USER_API + l_token: STRING + l_url: STRING + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if req.is_post_request_method then + if + attached {WSF_STRING} req.form_parameter ("email") as l_email + then + l_user_api := api.user_api + if attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then + -- User exist create a new token and send a new email. + if l_user.is_active then + r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + else + l_token := new_token + l_user_api.new_activation (l_token, l_user.id) + l_url := req.absolute_script_url ("/account/activate/" + l_token) + + -- Send Email + create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) + write_debug_log (generator + ".handle register: send_contact_activation_email") + es.send_contact_activation_email (l_email.value, l_url) + end + else + r.set_value ("The email does not exist or !", "error_email") + r.set_value (l_email.value, "email") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + end + end + + r.execute + end + + handle_new_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + es: CMS_AUTHENTICATON_EMAIL_SERVICE + l_user_api: CMS_USER_API + l_token: STRING + l_url: STRING + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if req.is_post_request_method then + l_user_api := api.user_api + if attached {WSF_STRING} req.form_parameter ("email") as l_email then + if attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then + -- User exist create a new token and send a new email. + l_token := new_token + l_user_api.new_password (l_token, l_user.id) + l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token) + + -- Send Email + create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) + write_debug_log (generator + ".handle register: send_contact_password_email") + es.send_contact_password_email (l_email.value, l_url) + else + r.set_value ("The email does not exist !", "error_email") + r.set_value (l_email.value, "email") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + elseif attached {WSF_STRING} req.form_parameter ("username") as l_username then + if attached {CMS_USER} l_user_api.user_by_name (l_username) as l_user and then + attached l_user.email as l_email + then + -- User exist create a new token and send a new email. + l_token := new_token + l_user_api.new_password (l_token, l_user.id) + l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token) + + -- Send Email + create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) + write_debug_log (generator + ".handle register: send_contact_password_email") + es.send_contact_password_email (l_email, l_url) + else + r.set_value ("The username does not exist !", "error_username") + r.set_value (l_username.value, "username") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + end + end + r.execute + end + + + handle_reset_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + l_user_api: CMS_USER_API + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + l_user_api := api.user_api + if attached {WSF_STRING} req.query_parameter ("token") as l_token then + r.set_value (l_token.value, "token") + if l_user_api.user_by_password_token (l_token.value) = Void then + r.set_value ("The token " + l_token.value + " is not valid, " + r.link ("click here" , "account/new-password", Void) + " to generate a new token.", "error_token") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + end + + if req.is_post_request_method then + + if + attached {WSF_STRING} req.form_parameter ("token") as l_token and then + attached {WSF_STRING} req.form_parameter ("password") as l_password and then + attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password + then + -- Does the passwords match? + if l_password.value.same_string (l_confirm_password.value) then + -- is the token valid? + if attached {CMS_USER} l_user_api.user_by_password_token (l_token.value) as l_user then + l_user.set_password (l_password.value) + l_user_api.update_user (l_user) + l_user_api.remove_password (l_token.value) + end + else + r.set_value ("Passwords Don't Match", "error_password") + r.set_value (l_token.value, "token") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + end + end + end + r.execute + end + + handle_change_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + l_user_api: CMS_USER_API + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + l_user_api := api.user_api + + if req.is_post_request_method then + if attached current_user (req) as l_user then + r.set_value (api.user_api.user_roles (l_user), "roles") + if + attached {WSF_STRING} req.form_parameter ("password") as l_password and then + attached {WSF_STRING} req.form_parameter ("confirm_password") as l_confirm_password and then + l_password.value.same_string (l_confirm_password.value) + then + -- Does the passwords match? + l_user.set_password (l_password.value) + l_user_api.update_user (l_user) + r.set_redirection (req.absolute_script_url ("/account/post-change-password")) + else + if attached template_block ("account_info", r) as l_tpl_block then +-- r.set_value (l_user, "user") + r.set_value ("Passwords Don't Match", "error_password") + r.set_status_code ({HTTP_CONSTANTS}.bad_request) + r.add_block (l_tpl_block, "content") + end + end + end + end + r.execute + end + + handle_post_change_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) + local + r: CMS_RESPONSE + do + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if attached template_block ("post_change", r) as l_tpl_block then + r.add_block (l_tpl_block, "content") + end + r.execute + end + + block_list: ITERABLE [like {CMS_BLOCK}.name] + local + l_string: STRING + do + Result := <<"register", "reactivate", "new_password", "reset_password">> + debug ("roc") + create l_string.make_empty + across + Result as ic + loop + l_string.append (ic.item) + l_string.append_character (' ') + end + write_debug_log (generator + ".block_list:" + l_string ) + end + end + + get_block_view (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + do + if + a_block_id.is_case_insensitive_equal_general ("register") and then + a_response.location.starts_with ("account/roc-register") + then + get_block_view_register (a_block_id, a_response) + elseif + a_block_id.is_case_insensitive_equal_general ("reactivate") and then + a_response.location.starts_with ("account/reactivate") + then + get_block_view_reactivate (a_block_id, a_response) + elseif + a_block_id.is_case_insensitive_equal_general ("new_password") and then + a_response.location.starts_with ("account/new-password") + then + get_block_view_new_password (a_block_id, a_response) + elseif + a_block_id.is_case_insensitive_equal_general ("reset_password") and then + a_response.location.starts_with ("account/reset-password") + then + get_block_view_reset_password (a_block_id, a_response) + end + end + + +feature {NONE} -- Token Generation + + new_token: STRING + -- Generate a new token activation token + local + l_token: STRING + l_security: SECURITY_PROVIDER + l_encode: URL_ENCODER + do + create l_security + l_token := l_security.token + create l_encode + from until l_token.same_string (l_encode.encoded_string (l_token)) loop + -- Loop ensure that we have a security token that does not contain characters that need encoding. + -- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token + -- but the user will need to use an unencoded token if activation has to be done manually. + l_token := l_security.token + end + Result := l_token + end + +feature {NONE} -- Helpers + + template_block (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE): detachable CMS_SMARTY_TEMPLATE_BLOCK + -- Smarty content block for `a_block_id' + local + p: detachable PATH + do + create p.make_from_string ("templates") + p := p.extended ("block_").appended (a_block_id).appended_with_extension ("tpl") + + p := a_response.api.module_theme_resource_location (Current, p) + if p /= Void then + if attached p.entry as e then + create Result.make (a_block_id, Void, p.parent, e) + else + create Result.make (a_block_id, Void, p.parent, p) + end + end + end + +feature {NONE} -- Block views + + get_block_view_login (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + local +-- vals: CMS_VALUE_TABLE + do + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- create vals.make (1) +-- -- add the variable to the block +-- value_table_alter (vals, a_response) +-- across +-- vals as ic +-- loop +-- l_tpl_block.set_value (ic.item, ic.key) +-- end + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + end + + get_block_view_register (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + do + if a_response.request.is_get_request_method then + if attached template_block (a_block_id, a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + elseif a_response.request.is_post_request_method then + if a_response.values.has ("error_name") or else a_response.values.has ("error_email") then + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- l_tpl_block.set_value (a_response.values.item ("error_name"), "error_name") +-- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") +-- l_tpl_block.set_value (a_response.values.item ("email"), "email") +-- l_tpl_block.set_value (a_response.values.item ("name"), "name") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + else + if attached template_block ("post_register", a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + end + end + end + + + get_block_view_reactivate (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + do + if a_response.request.is_get_request_method then + if attached template_block (a_block_id, a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + elseif a_response.request.is_post_request_method then + if a_response.values.has ("error_email") or else a_response.values.has ("is_active") then + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") +-- l_tpl_block.set_value (a_response.values.item ("email"), "email") +-- l_tpl_block.set_value (a_response.values.item ("is_active"), "is_active") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + else + if attached template_block ("post_reactivate", a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + end + end + end + + get_block_view_new_password (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + do + if a_response.request.is_get_request_method then + if attached template_block (a_block_id, a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + elseif a_response.request.is_post_request_method then + if a_response.values.has ("error_email") or else a_response.values.has ("error_username") then + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") +-- l_tpl_block.set_value (a_response.values.item ("email"), "email") +-- l_tpl_block.set_value (a_response.values.item ("error_username"), "error_username") +-- l_tpl_block.set_value (a_response.values.item ("username"), "username") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + else + if attached template_block ("post_password", a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + end + end + end + + get_block_view_reset_password (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) + do + if a_response.request.is_get_request_method then + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- l_tpl_block.set_value (a_response.values.item ("token"), "token") +-- l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + elseif a_response.request.is_post_request_method then + if a_response.values.has ("error_token") or else a_response.values.has ("error_password") then + if attached template_block (a_block_id, a_response) as l_tpl_block then +-- l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") +-- l_tpl_block.set_value (a_response.values.item ("error_password"), "error_password") +-- l_tpl_block.set_value (a_response.values.item ("token"), "token") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + else + if attached template_block ("post_reset", a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end + end + end + end + +note + copyright: "Copyright (c) 1984-2013, Eiffel Software and others" + license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)" + source: "[ + Eiffel Software + 5949 Hollister Ave., Goleta, CA 93117 USA + Telephone 805-685-1006, Fax 805-685-6869 + Website http://www.eiffel.com + Customer support http://support.eiffel.com + ]" +end diff --git a/modules/basic_auth/cms_basic_auth_module.e b/modules/basic_auth/cms_basic_auth_module.e index 1d69320..e0af8fa 100644 --- a/modules/basic_auth/cms_basic_auth_module.e +++ b/modules/basic_auth/cms_basic_auth_module.e @@ -119,7 +119,7 @@ feature {NONE} -- Implementation: routes r.set_main_content (r.link ("Logout", "account/roc-logout", Void)) else if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then - r.add_javascript_url (r.url ("module/" + name + "/files/js/roc_basic_auth.js", Void)) + r.add_javascript_url (r.module_resource_url (Current, "/files/js/roc_basic_auth.js", Void)) create vals.make (1) -- add the variable to the block @@ -159,7 +159,7 @@ feature -- Hooks get_block_view (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) do if a_block_id.is_case_insensitive_equal_general ("login") then - a_response.add_javascript_url (a_response.url ("module/" + name + "/files/js/roc_basic_auth.js", Void)) + a_response.add_javascript_url (a_response.module_resource_url (Current, "/files/js/roc_basic_auth.js", Void)) get_block_view_login (a_block_id, a_response) end end diff --git a/modules/node/handler/node_form_response.e b/modules/node/handler/node_form_response.e index b3da352..331da77 100644 --- a/modules/node/handler/node_form_response.e +++ b/modules/node/handler/node_form_response.e @@ -101,7 +101,7 @@ feature {NONE} -- Create a new node do if attached a_type.new_node (Void) as l_node then -- create new node - f := new_edit_form (l_node, url (location, Void), "edit-" + a_type.name, a_type) + f := new_edit_form (l_node, request_url (Void), "edit-" + a_type.name, a_type) api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.validation_actions.extend (agent edit_form_validate (?, b)) @@ -135,7 +135,7 @@ feature {NONE} -- Create a new node f: like new_edit_form fd: detachable WSF_FORM_DATA do - f := new_edit_form (A_node, url (location, Void), "edit-" + a_type.name, a_type) + f := new_edit_form (a_node, request_url (Void), "edit-" + a_type.name, a_type) if is_old_revision then add_warning_message ("You are editing old revision #" + a_node.revision.out + " !") end @@ -169,7 +169,7 @@ feature {NONE} -- Create a new node fd: detachable WSF_FORM_DATA do if a_node.is_trashed then - f := new_delete_form (a_node, url (location, Void), "delete-" + a_type.name, a_type) + f := new_delete_form (a_node, request_url (Void), "delete-" + a_type.name, a_type) api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.process (Current) @@ -200,7 +200,7 @@ feature {NONE} -- Create a new node f: like new_edit_form fd: detachable WSF_FORM_DATA do - f := new_trash_form (a_node, url (location, Void), "trash-" + a_type.name, a_type) + f := new_trash_form (a_node, request_url (Void), "trash-" + a_type.name, a_type) api.hooks.invoke_form_alter (f, fd, Current) if request.is_post_request_method then f.process (Current) diff --git a/modules/recent_changes/cms_recent_changes_module.e b/modules/recent_changes/cms_recent_changes_module.e index 8c958fd..0bc1a7d 100644 --- a/modules/recent_changes/cms_recent_changes_module.e +++ b/modules/recent_changes/cms_recent_changes_module.e @@ -380,7 +380,7 @@ feature -- Handler if ch /= Void then if l_until_date /= Void then l_content.append (" << ") end @@ -394,7 +394,7 @@ feature -- Handler l_query.append (l_filter_source) end l_content.append (">))) + l_content.append (r.request_url (create {CMS_API_OPTIONS}.make_from_manifest (<<["query", l_query]>>))) l_content.append ("%">See more ...") end end diff --git a/src/service/response/cms_response.e b/src/service/response/cms_response.e index 810195f..49e7159 100644 --- a/src/service/response/cms_response.e +++ b/src/service/response/cms_response.e @@ -99,6 +99,12 @@ feature -- Access: query location: IMMUTABLE_STRING_8 -- Associated cms local location. + request_url (opts: detachable CMS_API_OPTIONS): STRING_8 + -- Current request location as a url. + do + Result := url (location, opts) + end + feature -- API api: CMS_API