diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e index edeb3ff..404d8c2 100644 --- a/modules/auth/cms_authentication_module.e +++ b/modules/auth/cms_authentication_module.e @@ -102,9 +102,9 @@ feature -- Hooks configuration value_table_alter (a_value: CMS_VALUE_TABLE; a_response: CMS_RESPONSE) -- do + a_value.force (a_response.user, "user") end - menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE) -- Hook execution on collection of menu contained by `a_menu_system' -- for related response `a_response'. @@ -129,11 +129,9 @@ feature -- Handler r: CMS_RESPONSE do create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) - r.set_value ("Account Info", "optional_content_type") if attached template_block ("account_info", r) as l_tpl_block then - r.set_value (current_user (req), "user") - if attached current_user (req) as l_user then + if attached r.user as l_user then r.set_value (api.user_api.user_roles (l_user), "roles") end r.add_block (l_tpl_block, "content") @@ -158,7 +156,6 @@ feature -- Handler r.execute else create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) - r.set_value ("Login", "optional_content_type") r.execute end end @@ -172,14 +169,11 @@ feature -- Handler r.execute end - - handle_register (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE) local r: CMS_RESPONSE l_user_api: CMS_USER_API u: CMS_USER - l_roles: LIST [CMS_USER_ROLE] l_exist: BOOLEAN es: CMS_AUTHENTICATON_EMAIL_SERVICE l_url: STRING @@ -187,7 +181,6 @@ feature -- Handler do create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) if r.has_permission ("account register") then - r.set_value ("Register", "optional_content_type") if req.is_post_request_method then if attached {WSF_STRING} req.form_parameter ("name") as l_name and then @@ -198,24 +191,20 @@ feature -- Handler if attached l_user_api.user_by_name (l_name.value) then -- Username already exist. - r.values.force ("User name already exists!", "error_name") + r.set_value ("User name already exists!", "error_name") l_exist := True end if attached l_user_api.user_by_email (l_email.value) then -- Emails already exist. - r.values.force ("An account is already associated with that email address!", "error_email") + r.set_value ("An account is already associated with that email address!", "error_email") l_exist := True end if not l_exist then -- New user - create {ARRAYED_LIST [CMS_USER_ROLE]}l_roles.make (1) - l_roles.force (l_user_api.authenticated_user_role) - create u.make (l_name.value) u.set_email (l_email.value) u.set_password (l_password.value) - u.set_roles (l_roles) l_user_api.new_user (u) -- Create activation token @@ -229,8 +218,8 @@ feature -- Handler es.send_contact_email (l_email.value, l_url) else - r.values.force (l_name.value, "name") - r.values.force (l_email.value, "email") + r.set_value (l_name.value, "name") + r.set_value (l_email.value, "email") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -257,12 +246,10 @@ feature -- Handler l_user.mark_active l_user_api.update_user (l_user) l_user_api.remove_activation (l_token.value) - r.set_value ("Account activated", "optional_content_type") r.set_main_content ("

Your account "+ l_user.name +" has been activated

") else -- the token does not exist, or it was already used. r.set_status_code ({HTTP_CONSTANTS}.bad_request) - r.set_value ("Account not activated", "optional_content_type") r.set_main_content ("

The token " + l_token.value +" is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "

") end r.execute @@ -290,7 +277,7 @@ feature -- Handler if attached {CMS_USER} l_user_api.user_by_email (l_email.value) as l_user then -- User exist create a new token and send a new email. if l_user.is_active then - r.values.force ("The asociated user to the given email " + l_email.value + " , is already active", "is_active") + r.set_value ("The asociated user to the given email " + l_email.value + " , is already active", "is_active") r.set_status_code ({HTTP_CONSTANTS}.bad_request) else l_token := new_token @@ -303,8 +290,8 @@ feature -- Handler es.send_contact_activation_email (l_email.value, l_url) end else - r.values.force ("The email does not exist or !", "error_email") - r.values.force (l_email.value, "email") + r.set_value ("The email does not exist or !", "error_email") + r.set_value (l_email.value, "email") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -336,8 +323,8 @@ feature -- Handler write_debug_log (generator + ".handle register: send_contact_password_email") es.send_contact_password_email (l_email.value, l_url) else - r.values.force ("The email does not exist !", "error_email") - r.values.force (l_email.value, "email") + r.set_value ("The email does not exist !", "error_email") + r.set_value (l_email.value, "email") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end elseif attached {WSF_STRING} req.form_parameter ("username") as l_username then @@ -354,8 +341,8 @@ feature -- Handler write_debug_log (generator + ".handle register: send_contact_password_email") es.send_contact_password_email (l_email, l_url) else - r.values.force ("The username does not exist !", "error_username") - r.values.force (l_username.value, "username") + r.set_value ("The username does not exist !", "error_username") + r.set_value (l_username.value, "username") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -372,9 +359,9 @@ feature -- Handler create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) l_user_api := api.user_api if attached {WSF_STRING} req.query_parameter ("token") as l_token then - r.values.force (l_token.value, "token") + r.set_value (l_token.value, "token") if l_user_api.user_by_password_token (l_token.value) = Void then - r.values.force ("The token " + l_token.value + " is not valid, " + r.link ("click here" , "account/new-password", Void) + " to generate a new token.", "error_token") + r.set_value ("The token " + l_token.value + " is not valid, " + r.link ("click here" , "account/new-password", Void) + " to generate a new token.", "error_token") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -395,8 +382,8 @@ feature -- Handler l_user_api.remove_password (l_token.value) end else - r.values.force ("Passwords Don't Match", "error_password") - r.values.force (l_token.value, "token") + r.set_value ("Passwords Don't Match", "error_password") + r.set_value (l_token.value, "token") r.set_status_code ({HTTP_CONSTANTS}.bad_request) end end @@ -426,8 +413,8 @@ feature -- Handler r.set_redirection (req.absolute_script_url ("/account/post-change-password")) else if attached template_block ("account_info", r) as l_tpl_block then - r.set_value (l_user, "user") - r.values.force ("Passwords Don't Match", "error_password") +-- r.set_value (l_user, "user") + r.set_value ("Passwords Don't Match", "error_password") r.set_status_code ({HTTP_CONSTANTS}.bad_request) r.add_block (l_tpl_block, "content") end @@ -536,17 +523,17 @@ feature {NONE} -- Block views get_block_view_login (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) local - vals: CMS_VALUE_TABLE +-- vals: CMS_VALUE_TABLE do if attached template_block (a_block_id, a_response) as l_tpl_block then - create vals.make (1) - -- add the variable to the block - value_table_alter (vals, a_response) - across - vals as ic - loop - l_tpl_block.set_value (ic.item, ic.key) - end +-- create vals.make (1) +-- -- add the variable to the block +-- value_table_alter (vals, a_response) +-- across +-- vals as ic +-- loop +-- l_tpl_block.set_value (ic.item, ic.key) +-- end a_response.add_block (l_tpl_block, "content") else debug ("cms") @@ -557,33 +544,35 @@ feature {NONE} -- Block views get_block_view_register (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE) do - if a_response.request.is_get_request_method then - if attached template_block (a_block_id, a_response) as l_tpl_block then - a_response.add_block (l_tpl_block, "content") - else - debug ("cms") - a_response.add_warning_message ("Error with block [" + a_block_id + "]") - end - end - elseif a_response.request.is_post_request_method then - if a_response.values.has ("error_name") or else a_response.values.has ("error_email") then + if a_response.has_permission ("account register") then + if a_response.request.is_get_request_method then if attached template_block (a_block_id, a_response) as l_tpl_block then - l_tpl_block.set_value (a_response.values.item ("error_name"), "error_name") - l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") - l_tpl_block.set_value (a_response.values.item ("email"), "email") - l_tpl_block.set_value (a_response.values.item ("name"), "name") a_response.add_block (l_tpl_block, "content") else debug ("cms") a_response.add_warning_message ("Error with block [" + a_block_id + "]") end end - else - if attached template_block ("post_register", a_response) as l_tpl_block then - a_response.add_block (l_tpl_block, "content") + elseif a_response.request.is_post_request_method then + if a_response.values.has ("error_name") or else a_response.values.has ("error_email") then + if attached template_block (a_block_id, a_response) as l_tpl_block then + -- l_tpl_block.set_value (a_response.values.item ("error_name"), "error_name") + -- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") + -- l_tpl_block.set_value (a_response.values.item ("email"), "email") + -- l_tpl_block.set_value (a_response.values.item ("name"), "name") + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end + end else - debug ("cms") - a_response.add_warning_message ("Error with block [" + a_block_id + "]") + if attached template_block ("post_register", a_response) as l_tpl_block then + a_response.add_block (l_tpl_block, "content") + else + debug ("cms") + a_response.add_warning_message ("Error with block [" + a_block_id + "]") + end end end end @@ -604,9 +593,9 @@ feature {NONE} -- Block views elseif a_response.request.is_post_request_method then if a_response.values.has ("error_email") or else a_response.values.has ("is_active") then if attached template_block (a_block_id, a_response) as l_tpl_block then - l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") - l_tpl_block.set_value (a_response.values.item ("email"), "email") - l_tpl_block.set_value (a_response.values.item ("is_active"), "is_active") +-- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") +-- l_tpl_block.set_value (a_response.values.item ("email"), "email") +-- l_tpl_block.set_value (a_response.values.item ("is_active"), "is_active") a_response.add_block (l_tpl_block, "content") else debug ("cms") @@ -638,10 +627,10 @@ feature {NONE} -- Block views elseif a_response.request.is_post_request_method then if a_response.values.has ("error_email") or else a_response.values.has ("error_username") then if attached template_block (a_block_id, a_response) as l_tpl_block then - l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") - l_tpl_block.set_value (a_response.values.item ("email"), "email") - l_tpl_block.set_value (a_response.values.item ("error_username"), "error_username") - l_tpl_block.set_value (a_response.values.item ("username"), "username") +-- l_tpl_block.set_value (a_response.values.item ("error_email"), "error_email") +-- l_tpl_block.set_value (a_response.values.item ("email"), "email") +-- l_tpl_block.set_value (a_response.values.item ("error_username"), "error_username") +-- l_tpl_block.set_value (a_response.values.item ("username"), "username") a_response.add_block (l_tpl_block, "content") else debug ("cms") @@ -664,8 +653,8 @@ feature {NONE} -- Block views do if a_response.request.is_get_request_method then if attached template_block (a_block_id, a_response) as l_tpl_block then - l_tpl_block.set_value (a_response.values.item ("token"), "token") - l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") +-- l_tpl_block.set_value (a_response.values.item ("token"), "token") +-- l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") a_response.add_block (l_tpl_block, "content") else debug ("cms") @@ -675,9 +664,9 @@ feature {NONE} -- Block views elseif a_response.request.is_post_request_method then if a_response.values.has ("error_token") or else a_response.values.has ("error_password") then if attached template_block (a_block_id, a_response) as l_tpl_block then - l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") - l_tpl_block.set_value (a_response.values.item ("error_password"), "error_password") - l_tpl_block.set_value (a_response.values.item ("token"), "token") +-- l_tpl_block.set_value (a_response.values.item ("error_token"), "error_token") +-- l_tpl_block.set_value (a_response.values.item ("error_password"), "error_password") +-- l_tpl_block.set_value (a_response.values.item ("token"), "token") a_response.add_block (l_tpl_block, "content") else debug ("cms") diff --git a/src/persistence/user/cms_user_storage_i.e b/src/persistence/user/cms_user_storage_i.e index bd82eda..44ab40b 100644 --- a/src/persistence/user/cms_user_storage_i.e +++ b/src/persistence/user/cms_user_storage_i.e @@ -137,6 +137,11 @@ feature -- Access: roles and permissions deferred end + user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE + -- User role by name `a_id', if any. + deferred + end + user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE] -- User roles for user `a_user'. -- Note: anonymous and authenticated roles are not included. @@ -179,4 +184,7 @@ feature -- Change: User password recovery deferred end +note + copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others" + license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)" end diff --git a/src/persistence/user/cms_user_storage_null.e b/src/persistence/user/cms_user_storage_null.e index 283fe5b..cc122ad 100644 --- a/src/persistence/user/cms_user_storage_null.e +++ b/src/persistence/user/cms_user_storage_null.e @@ -66,6 +66,10 @@ feature -- Access: roles and permissions do end + user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE + do + end + user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE] -- User roles for user `a_user'. -- Note: anonymous and authenticated roles are not included. @@ -108,4 +112,7 @@ feature -- Change: User password recovery do end +note + copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others" + license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)" end diff --git a/src/persistence/user/cms_user_storage_sql_i.e b/src/persistence/user/cms_user_storage_sql_i.e index 57ab83e..98121f8 100644 --- a/src/persistence/user/cms_user_storage_sql_i.e +++ b/src/persistence/user/cms_user_storage_sql_i.e @@ -357,6 +357,26 @@ feature -- Access: roles and permissions end end + user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE + -- User role by name `a_name', if any. + local + l_parameters: STRING_TABLE [ANY] + do + error_handler.reset + write_information_log (generator + ".user_role_by_name") + create l_parameters.make (1) + l_parameters.put (a_name, "name") + sql_query (select_user_role_by_name, l_parameters) + if sql_rows_count = 1 then + Result := fetch_user_role + if Result /= Void and not has_error then + fill_user_role (Result) + end + else + check no_more_than_one: sql_rows_count = 0 end + end + end + user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE] local l_parameters: STRING_TABLE [ANY] @@ -817,6 +837,9 @@ feature {NONE} -- Sql Queries: USER ROLE select_user_role_by_id: STRING = "SELECT rid, name FROM roles WHERE rid=:rid;" -- User role for role id :rid; + select_user_role_by_name: STRING = "SELECT rid, name FROM roles WHERE name=:name;" + -- User role for role name :name; + sql_insert_user_role_permission: STRING = "INSERT INTO role_permissions (rid, permission, module) VALUES (:rid, :permission, :module);" -- SQL Insert a new permission :permission for user role :rid. diff --git a/src/service/handler/cms_admin_install_handler.e b/src/service/handler/cms_admin_install_handler.e index 66c571c..9b61fa2 100644 --- a/src/service/handler/cms_admin_install_handler.e +++ b/src/service/handler/cms_admin_install_handler.e @@ -66,7 +66,13 @@ feature -- HTTP Methods loop l_module := ic.item if api.is_module_installed (l_module) then - s.append ("
  • " + l_module.name + " is already installed.
    • %N") + s.append ("
  • ") + s.append (l_module.name) + if l_module.is_enabled then + s.append (" [enabled]") + end + s.append (" is already installed.") + s.append ("
    • %N") else lst.force (l_module) end @@ -76,11 +82,19 @@ feature -- HTTP Methods lst as ic loop l_module := ic.item - if api.is_module_installed (l_module) then - s.append ("
  • " + l_module.name + " was successfully installed.
    • %N") - else - s.append ("
  • " + l_module.name + " could not be installed!
    • %N") + s.append ("
  • ") + s.append (l_module.name) + if l_module.is_enabled then + s.append (" [enabled]") end + + if api.is_module_installed (l_module) then + s.append (" was successfully installed.") + else + s.append (" could not be installed!") + s.append (" [ERROR]") + end + s.append ("
    • %N") end s.append ("") r.set_main_content (s) diff --git a/src/service/user/cms_user_api.e b/src/service/user/cms_user_api.e index 7008edc..5999009 100644 --- a/src/service/user/cms_user_api.e +++ b/src/service/user/cms_user_api.e @@ -123,6 +123,11 @@ feature -- User roles. Result := storage.user_role_by_id (a_id) end + user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE + do + Result := storage.user_role_by_name (a_name) + end + feature -- Change User new_user (a_user: CMS_USER)