Update user storage,

Clean code

modules/admin/handler/role/cms_role_form_response.e

@@ -320,6 +320,7 @@ feature -- Form
 			fs: WSF_FORM_FIELD_SET
 			cb: WSF_FORM_CHECKBOX_INPUT
 			ts: WSF_FORM_SUBMIT_INPUT
+			tb: WSF_FORM_BUTTON_INPUT
 		do
 			if attached a_role as l_role then
 				create fs.make
@@ -344,9 +345,11 @@ feature -- Form
 						fs.extend (cb)
 					end
 				end
-				fs.extend_html_text ("<div class=%"input_fields_wrap%"><button class=%"add_field_button%">Add More Permissions</button></div>")
 				create ti.make ("cms_perm[]")
 				fs.extend (ti)
+				fs.extend_html_text ("<div class=%"input_fields_wrap%"></div>")
+				fs.extend_html_text ("<button class=%"add_field_button%">Add More Permissions</button>")
+
 
 				a_form.extend (fs)
 				add_javascript_content (script_add_remove_items)
@@ -464,20 +467,14 @@ feature -- Generation
 			end
 		end
 
-
 	script_add_remove_items: STRING = "[
 				$(document).ready(function() {
-			    var max_fields      = 10; //maximum input boxes allowed
 			    var wrapper         = $(".input_fields_wrap"); //Fields wrapper
 			    var add_button      = $(".add_field_button"); //Add button ID
 
-			    var x = 1; //initlal text box count
 			    $(add_button).click(function(e){ //on add input button click
 			        e.preventDefault();
-			        if(x < max_fields){ //max input box allowed
-			            x++; //text box increment
 			        $(wrapper).append('<div><input type="text" name="cms_perm[]"/><a href="#" class="remove_field">Remove</a></div>'); //add input box
-			        }
 			    });
 
 			    $(wrapper).on("click",".remove_field", function(e){ //user click on remove text
@@ -485,5 +482,4 @@ feature -- Generation
 			    })
 			});
 	]"
-
 end

modules/admin/handler/user/cms_user_form_response.e

@@ -65,7 +65,6 @@ feature -- Process
 				uid > 0 and then
 				attached user_api.user_by_id (uid) as l_user
 			then
-				fixme ("refactor: process_edit, process_create process edit")
 				if
 					request.path_info.ends_with_general ("/edit")
 				then
@@ -520,160 +519,6 @@ feature -- Generation
 			end
 		end
 
-	handle_admin_hack (a_api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
-		local
-			s: STRING
-			r: CMS_RESPONSE
-			f: CMS_FORM
-			t: WSF_FORM_TEXT_INPUT
-			fe: WSF_FORM_EMAIL_INPUT
-			fs: WSF_FORM_FIELD_SET
-			f_submit: WSF_FORM_SUBMIT_INPUT
-		do
-			create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_api)
-
-			create f.make (req.percent_encoded_path_info, {CMS_ADMIN_MODULE}.name + "_hack_form")
-			create fs.make
-			fs.set_legend ("Create new user without password:")
-			create t.make_with_text ("username", "")
-			t.set_label ("User name")
-			t.enable_required
-			t.set_placeholder ("username")
-			fs.extend (t)
-
-			create fe.make_with_text ("email", "")
-			fe.set_label ("Email")
-			fe.set_placeholder ("valid email")
-			fs.extend (fe)
-			create f_submit.make_with_text ("op", "Create user")
-			fs.extend (f_submit)
-			create f_submit.make_with_text ("op", "Update user")
-			fs.extend (f_submit)
-			f.extend (fs)
-
-			if req.is_post_request_method then
-				create s.make_empty
-				f.validation_actions.extend (agent (fd: WSF_FORM_DATA; ia_api: CMS_API)
-						do
-							if attached fd.string_item ("op") as f_op then
-								if f_op.is_case_insensitive_equal_general ("Create user") then
-									if attached fd.string_item ("username") as l_username then
-										if attached ia_api.user_api.user_by_name (l_username) then
-											fd.report_invalid_field ("username", "Username already taken!")
-										end
-									else
-										fd.report_invalid_field ("username", "missing username")
-									end
-									if attached fd.string_item ("email") as l_email then
-										if attached ia_api.user_api.user_by_email (l_email) then
-											fd.report_invalid_field ("email", "Email address already associated with an existing account!")
-										end
-									else
-										fd.report_invalid_field ("email", "missing email address")
-									end
-								elseif f_op.is_case_insensitive_equal_general ("Update user") then
-									if attached fd.string_item ("username") as l_username then
-										if ia_api.user_api.user_by_name (l_username) = Void then
-											fd.report_invalid_field ("username", "Username does not exist!")
-										end
-									else
-										fd.report_invalid_field ("username", "missing username")
-									end
-								end
-							end
-						end(?, a_api)
-					)
-				f.submit_actions.extend (agent (fd: WSF_FORM_DATA; ia_api: CMS_API; a_output: STRING)
-						local
-							u: CMS_USER
-							l_roles: detachable LIST [CMS_USER_ROLE]
-							l_trusted_user_role: detachable CMS_USER_ROLE
-						do
-							if attached fd.string_item ("op") as f_op then
-								if f_op.is_case_insensitive_equal_general ("Create user") then
-									if
-										attached fd.string_item ("username") as l_username and then
-										attached fd.string_item ("email") as l_email and then
-										l_email.is_valid_as_string_8
-									then
-										create u.make (l_username)
-										u.set_email (l_email.as_string_8)
-										u.set_password (new_random_password (u))
-										ia_api.user_api.new_user (u)
-										if ia_api.user_api.has_error then
-
-										end
-										a_output.append ("<li>New user ["+ html_encoded (l_username) +"] created.</li>")
-									else
-										fd.report_invalid_field ("username", "Missing username!")
-										fd.report_invalid_field ("email", "Missing email address!")
-									end
-								elseif f_op.is_case_insensitive_equal_general ("Update user") then
-									if
-										attached fd.string_item ("username") as l_username and then
-										attached ia_api.user_api.user_by_name (l_username) as l_user
-									then
-										l_trusted_user_role := ia_api.user_api.user_role_by_name ("trusted")
-										if l_trusted_user_role = Void then
-											create l_trusted_user_role.make ("trusted")
-											ia_api.user_api.save_user_role (l_trusted_user_role)
-										end
-
-										l_trusted_user_role.add_permission ("admin wdocs")
-										l_trusted_user_role.add_permission ("edit wdocs page")
-										l_trusted_user_role.add_permission ("create wdocs page")
-										l_trusted_user_role.add_permission ("delete wdocs page")
-										l_trusted_user_role.add_permission ("edit any wdocs page")
-										l_trusted_user_role.add_permission ("delete any wdocs page")
-										l_trusted_user_role.add_permission ("clear wdocs cache")
-
-										l_trusted_user_role.add_permission ("create page")
-										l_trusted_user_role.add_permission ("edit any page")
-										l_trusted_user_role.add_permission ("delete any page")
-										l_trusted_user_role.add_permission ("create blog")
-										l_trusted_user_role.add_permission ("edit any blog")
-										l_trusted_user_role.add_permission ("delete any blog")
-
-										l_trusted_user_role.add_permission ("edit any node")
-										l_trusted_user_role.add_permission ("delete any node")
-
-
-										ia_api.user_api.save_user_role (l_trusted_user_role)
-										l_trusted_user_role := ia_api.user_api.user_role_by_name ("trusted")
-										if l_trusted_user_role /= Void then
-											u := l_user
-											ia_api.user_api.update_user (u)
-											l_roles := u.roles
-											if l_roles = Void then
-												create {ARRAYED_LIST [CMS_USER_ROLE]} l_roles.make (1)
-											end
-											l_roles.force (l_trusted_user_role)
-											u.set_roles (l_roles)
-
-											ia_api.user_api.update_user (u)
-											a_output.append ("<li>User ["+ html_encoded (l_username) +"] updated.</li>")
-										else
-											a_output.append ("<li>User ["+ html_encoded (l_username) +"] NOT updated! [ERROR].</li>")
-										end
-									else
-										fd.report_invalid_field ("username", "User does not exist!")
-									end
-								end
-							end
-						end(?, a_api, s)
-					)
-
-				f.process (r)
-				f.append_to_html (create {CMS_TO_WSF_THEME}.make (r, r.theme), s)
-				r.set_main_content (s)
-			elseif req.is_get_head_request_method then
-				create s.make_empty
-				f.append_to_html (create {CMS_TO_WSF_THEME}.make (r, r.theme), s)
-				r.set_main_content (s)
-			end
-			r.execute
-		end
-
 	new_random_password (u: CMS_USER): STRING
 			-- Generate a new token activation token
 		local

src/persistence/user/cms_user_storage_i.e

@@ -75,6 +75,16 @@ feature -- Access
 		deferred
 		end
 
+	users_count: INTEGER
+			-- Number of users
+		deferred
+		end
+
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
+			-- List of recent `a_count' users with an offset of `lower'.
+		deferred
+		end
+
 feature -- Change: user
 
 	save_user (a_user: CMS_USER)
@@ -101,6 +111,14 @@ feature -- Change: user
 		deferred
 		end
 
+	delete_user (a_user: CMS_USER)
+			-- Delete user `a_user'.
+		require
+			has_id: a_user.has_id
+		deferred
+		end
+
+
 feature -- Access: roles and permissions
 
 --	user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
@@ -160,6 +178,30 @@ feature -- Change: roles and permissions
 		deferred
 		end
 
+	unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
+			-- Unassign user_role to user
+		require
+				a_user.has_id
+				a_role.has_id
+		deferred
+		end
+
+	assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
+			-- Assign user_role to user
+		require
+				a_user.has_id
+				a_role.has_id
+		deferred
+		end
+
+
+	delete_role (a_role: CMS_USER_ROLE)
+			-- Remove role `a_role'.
+		require
+			a_role.has_id
+		deferred
+		end
+
 feature -- Change: User activation
 
 	save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64)

src/persistence/user/cms_user_storage_null.e

@@ -46,6 +46,17 @@ feature -- Access: user
 		do
 		end
 
+	users_count: INTEGER
+			--<Precursor>
+		do
+		end
+
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
+			-- <Precursor>
+		do
+			create {ARRAYED_LIST[CMS_USER]} Result.make (0)
+		end
+
 feature -- Change: user
 
 	new_user (a_user: CMS_USER)
@@ -60,6 +71,12 @@ feature -- Change: user
 		end
 
 
+	delete_user (a_user: CMS_USER)
+			-- Delete user `a_user'.
+		do
+		end
+
+
 feature -- Access: roles and permissions
 
 	user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE
@@ -88,6 +105,19 @@ feature -- Change: roles and permissions
 		do
 		end
 
+	unassign_role_from_user (a_user_role: CMS_USER_ROLE; a_user: CMS_USER)
+		do
+		end
+
+	assign_role_to_user (a_user_role: CMS_USER_ROLE; a_user: CMS_USER)
+		do
+		end
+
+	delete_role (a_role: CMS_USER_ROLE)
+			-- <Precursor>
+		do
+		end
+
 feature -- Change: User activation
 
 	save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64)

src/persistence/user/cms_user_storage_sql_i.e

@@ -20,10 +20,10 @@ feature -- Access: user
 	has_user: BOOLEAN
 			-- Has any user?
 		do
-			Result := user_count > 0
+			Result := users_count > 0
 		end
 
-	user_count: INTEGER
+	users_count: INTEGER
 			-- Number of items users.
 		do
 			error_handler.reset
@@ -163,6 +163,31 @@ feature -- Access: user
 
 		end
 
+	recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			create {ARRAYED_LIST [CMS_USER]} Result.make (0)
+
+			error_handler.reset
+			write_information_log (generator + ".recent_users")
+
+			from
+				create l_parameters.make (2)
+				l_parameters.put (a_count, "rows")
+				l_parameters.put (a_lower, "offset")
+				sql_query (sql_select_recent_users, l_parameters)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached fetch_user as l_user then
+					Result.force (l_user)
+				end
+				sql_forth
+			end
+		end
 feature -- Change: user
 
 	new_user (a_user: CMS_USER)
@@ -255,6 +280,20 @@ feature -- Change: user
 			end
 		end
 
+	delete_user (a_user: CMS_USER)
+			-- Delete user `a_user'.
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".delete_user")
+			create l_parameters.make (1)
+			l_parameters.put (a_user.id, "uid")
+			sql_change (sql_delete_user, l_parameters)
+			sql_commit_transaction
+		end
+
 	update_user_roles (a_user: CMS_USER)
 			-- Update roles of `a_user'
 		require
@@ -311,9 +350,6 @@ feature -- Change: user
 		end
 
 	assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
-		require
-			a_user.has_id
-			a_role.has_id
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
 		do
@@ -324,9 +360,6 @@ feature -- Change: user
 		end
 
 	unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
-		require
-			a_user.has_id
-			a_role.has_id
 		local
 			l_parameters: STRING_TABLE [detachable ANY]
 		do
@@ -502,12 +535,20 @@ feature -- Change: roles and permissions
 					-- FIXME: check if this is non set permissions,or none ...
 					if l_existing_role /= Void then
 						l_permissions := l_existing_role.permissions
-						fill_user_role (l_existing_role)
+--						fill_user_role (l_existing_role)
 					end
 					if l_permissions = Void or else l_permissions.is_empty then
 						l_permissions := role_permissions_by_id (a_user_role.id)
 					end
 
+					a_user_role.permissions.compare_objects
+					across l_permissions as ic
+					loop
+						if not a_user_role.permissions.has (ic.item) then
+							unset_permission_for_role_id (ic.item, a_user_role.id)
+						end
+					end
+
 					across
 						a_user_role.permissions as ic
 					loop
@@ -531,12 +572,12 @@ feature -- Change: roles and permissions
 							set_permission_for_role_id (p, a_user_role.id)
 						end
 					end
-						-- Remove other
-					across
-						l_permissions as ic
-					loop
-						unset_permission_for_role_id (ic.item, a_user_role.id)
-					end
+--						-- Remove other
+--					across
+--						l_permissions as ic
+--					loop
+--						unset_permission_for_role_id (ic.item, a_user_role.id)
+--					end
 				end
 			else
 				create l_parameters.make (1)
@@ -593,6 +634,22 @@ feature -- Change: roles and permissions
 		end
 
 
+	delete_role (a_role: CMS_USER_ROLE)
+			-- <Precursor>
+		local
+			l_parameters: STRING_TABLE [detachable ANY]
+		do
+			error_handler.reset
+			sql_begin_transaction
+			write_information_log (generator + ".delete_role")
+			create l_parameters.make (1)
+			l_parameters.put (a_role.id, "rid")
+			sql_change (sql_delete_role_permissions_by_role_id, l_parameters)
+			sql_change (sql_delete_role_by_id, l_parameters)
+			sql_commit_transaction
+		end
+
+
 feature -- Access: User activation
 
 	activation_elapsed_time (a_token: READABLE_STRING_32): INTEGER_32
@@ -800,6 +857,9 @@ feature {NONE} -- Sql Queries: USER
 	Select_user_by_name: STRING = "SELECT * FROM users WHERE name =:name;"
 			-- Retrieve user by name if exists.
 
+	Sql_select_recent_users: STRING = "SELECT * FROM users ORDER BY uid DESC, created DESC LIMIT :rows OFFSET :offset ;"
+			-- Retrieve recent users
+
 	Select_user_by_email: STRING = "SELECT * FROM users WHERE email =:email;"
 			-- Retrieve user by email if exists.
 
@@ -812,6 +872,8 @@ feature {NONE} -- Sql Queries: USER
 	sql_update_user: STRING = "UPDATE users SET name=:name, password=:password, salt=:salt, email=:email, status=:status WHERE uid=:uid;"
 			-- SQL update to update an existing user.
 
+	sql_delete_user: STRING = "DELETE FROM users WHERE uid=:uid;"
+
 feature {NONE} -- Sql Queries: USER ROLE
 
 	sql_last_insert_user_role_id: STRING = "SELECT MAX(rid) FROM roles;"
@@ -849,6 +911,10 @@ feature {NONE} -- Sql Queries: USER ROLE
 	select_role_permissions_by_role_id: STRING = "SELECT permission, module FROM role_permissions WHERE rid=:rid;"
 			-- User role permissions for role id :rid;
 
+	sql_delete_role_permissions_by_role_id: STRING = "DELETE FROM role_permissions WHERE rid=:rid;"
+
+	sql_delete_role_by_id: STRING = "DELETE FROM roles WHERE rid=:rid;"
+
 feature {NONE} -- Sql Queries: USER ACTIVATION
 
 	sql_insert_activation: STRING = "INSERT INTO users_activations (token, uid, created) VALUES (:token, :uid, :utc_date);"