From 3088468332fbaf219ec248f201a2024d9439717d Mon Sep 17 00:00:00 2001 From: Jocelyn Fiat Date: Mon, 2 Oct 2017 15:46:40 +0200 Subject: [PATCH] Allow to login with username or email. Removed useless and unimplemented feature from CMS_FORM . SCOOP is default for demo.ecf Made blog and page module self administrable, i.e administration module is same as module. This fixes the export hook for page and blog modules. Improved sql instructions to ease debugging and catch missing sql_finalize... call. Cleaned sql code. --- examples/demo/demo.ecf | 3 - .../sqlite3/src/cms_storage_sqlite3.e | 23 +- modules/blog/cms_blog_module.e | 12 +- .../node/submodules/page/cms_page_module.e | 10 + .../session_auth/cms_session_auth_module.e | 76 ++++-- .../cms_session_auth_storage_sql.e | 8 +- src/kernel/form/cms_form.e | 7 - src/modules/core/cms_user_api.e | 16 +- .../persistence/core/cms_core_storage_i.e | 8 +- .../persistence/core/cms_core_storage_sql_i.e | 78 +++---- .../persistence/user/cms_user_storage_i.e | 15 +- .../persistence/user/cms_user_storage_null.e | 15 +- .../persistence/user/cms_user_storage_sql_i.e | 219 +++++++++++------- .../cms_user_profile_storage_sql.e | 15 +- .../core/webapi/cms_root_webapi_handler.e | 10 +- src/persistence/cms_storage_null.e | 14 +- src/persistence/sql/cms_proxy_storage_sql.e | 1 + src/persistence/sql/cms_storage_sql_i.e | 48 +++- src/service/cms_self_module_administration.e | 45 ++++ tests/all-safe.ecf | 3 - 20 files changed, 403 insertions(+), 223 deletions(-) create mode 100644 src/service/cms_self_module_administration.e delete mode 100644 tests/all-safe.ecf diff --git a/examples/demo/demo.ecf b/examples/demo/demo.ecf index 57224f4..312a0fd 100644 --- a/examples/demo/demo.ecf +++ b/examples/demo/demo.ecf @@ -51,9 +51,6 @@ - - - diff --git a/library/persistence/sqlite3/src/cms_storage_sqlite3.e b/library/persistence/sqlite3/src/cms_storage_sqlite3.e index 2ddbc53..e33b96f 100644 --- a/library/persistence/sqlite3/src/cms_storage_sqlite3.e +++ b/library/persistence/sqlite3/src/cms_storage_sqlite3.e @@ -73,14 +73,25 @@ feature -- Execution sql_begin_transaction -- Start a database transtaction. + local + retried: BOOLEAN do - if transaction_depth = 0 then - sqlite.begin_transaction (False) - end - transaction_depth := transaction_depth + 1 - debug ("roc_storage") - print ("# sql_begin_transaction (depth="+ transaction_depth.out +").%N") + if retried then + -- Issue .. db locked? + sql_rollback_transaction + error_handler.add_custom_error (-1, "db error", "Unable to begin transaction..") + else + if transaction_depth = 0 then + sqlite.begin_transaction (False) + end + transaction_depth := transaction_depth + 1 + debug ("roc_storage") + print ("# sql_begin_transaction (depth="+ transaction_depth.out +").%N") + end end + rescue + retried := True + retry end sql_rollback_transaction diff --git a/modules/blog/cms_blog_module.e b/modules/blog/cms_blog_module.e index 6aa3b52..9fb986c 100644 --- a/modules/blog/cms_blog_module.e +++ b/modules/blog/cms_blog_module.e @@ -17,6 +17,8 @@ inherit blog_api end + CMS_WITH_MODULE_ADMINISTRATION + CMS_HOOK_MENU_SYSTEM_ALTER CMS_HOOK_RESPONSE_ALTER @@ -81,13 +83,21 @@ feature {CMS_API} -- Module management end end -feature {CMS_API} -- Access: API +feature {CMS_API, CMS_MODULE} -- Access: API blog_api: detachable CMS_BLOG_API -- node_api: detachable CMS_NODE_API +feature {NONE} -- Administration + + administration: CMS_SELF_MODULE_ADMINISTRATION [CMS_BLOG_MODULE] + -- Administration module. + do + create Result.make (Current) + end + feature -- Access: router setup_router (a_router: WSF_ROUTER; a_api: CMS_API) diff --git a/modules/node/submodules/page/cms_page_module.e b/modules/node/submodules/page/cms_page_module.e index eb89b74..553943a 100644 --- a/modules/node/submodules/page/cms_page_module.e +++ b/modules/node/submodules/page/cms_page_module.e @@ -21,6 +21,8 @@ inherit CMS_HOOK_IMPORT + CMS_WITH_MODULE_ADMINISTRATION + CMS_EXPORT_NODE_UTILITIES CMS_IMPORT_NODE_UTILITIES @@ -114,6 +116,14 @@ feature {CMS_API} -- Module management end end +feature {NONE} -- Administration + + administration: CMS_SELF_MODULE_ADMINISTRATION [CMS_PAGE_MODULE] + -- Administration module. + do + create Result.make (Current) + end + feature {CMS_API} -- Access: API page_api: detachable CMS_PAGE_API diff --git a/modules/session_auth/cms_session_auth_module.e b/modules/session_auth/cms_session_auth_module.e index 9abc865..c33ba1c 100644 --- a/modules/session_auth/cms_session_auth_module.e +++ b/modules/session_auth/cms_session_auth_module.e @@ -187,43 +187,75 @@ feature {NONE} -- Implementation: routes handle_login_with_session (api: CMS_API; a_session_api: CMS_SESSION_API; req: WSF_REQUEST; res: WSF_RESPONSE) local r: CMS_RESPONSE + l_username, l_username_or_email, l_password: detachable READABLE_STRING_GENERAL + l_user: detachable CMS_USER + l_tmp_user: detachable CMS_TEMP_USER do if - attached {WSF_STRING} req.form_parameter ("username") as l_username and then - attached {WSF_STRING} req.form_parameter ("password") as l_password + attached {WSF_STRING} req.form_parameter ("username") as p_username and then + attached {WSF_STRING} req.form_parameter ("password") as p_password then - if - api.user_api.is_valid_credential (l_username.value, l_password.value) and then - attached api.user_api.user_by_name (l_username.value) as l_user - then - a_session_api.process_user_login (l_user, req, res) - - create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + l_username_or_email := p_username.value + l_password := p_password.value + l_user := api.user_api.user_by_name (l_username_or_email) + if l_user = Void then + l_user := api.user_api.user_by_email (l_username_or_email) + end + if l_user = Void then + l_tmp_user := api.user_api.temp_user_by_name (l_username_or_email) + if l_tmp_user = Void then + l_tmp_user := api.user_api.temp_user_by_email (l_username_or_email) + end if - attached {WSF_STRING} req.item ("destination") as p_destination and then - attached p_destination.value as v and then - v.is_valid_as_string_8 + l_tmp_user /= Void and then + api.user_api.is_valid_temp_user_credential (l_tmp_user.name, l_password) then - r.set_redirection (v.to_string_8) + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then + l_tpl_block.set_value (l_username_or_email, "username") + l_tpl_block.set_value ("Error: Inactive account (or not yet validated)!", "error") + r.add_block (l_tpl_block, "content") + end else - r.set_redirection ("") + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then + l_tpl_block.set_value (l_username_or_email, "username") + l_tpl_block.set_value ("Wrong username or password ", "error") + r.add_block (l_tpl_block, "content") + end end else - create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) - if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then - l_tpl_block.set_value (l_username.value, "username") - l_tpl_block.set_value ("Wrong: Username or password ", "error") - r.add_block (l_tpl_block, "content") + l_username := l_user.name + if api.user_api.is_valid_credential (l_username, l_password) then + a_session_api.process_user_login (l_user, req, res) + + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if + attached {WSF_STRING} req.item ("destination") as p_destination and then + attached p_destination.value as v and then + v.is_valid_as_string_8 + then + r.set_redirection (v.to_string_8) + else + r.set_redirection ("") + end + else + create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) + if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then + l_tpl_block.set_value (l_username_or_email, "username") + l_tpl_block.set_value ("Wrong username or password ", "error") + r.add_block (l_tpl_block, "content") + end end end r.execute else create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api) if attached smarty_template_login_block (req, Current, "login", api) as l_tpl_block then - if attached {WSF_STRING} req.form_parameter ("username") as l_username then - l_tpl_block.set_value (l_username.value, "username") + if attached {WSF_STRING} req.form_parameter ("username") as p_username then + l_tpl_block.set_value (p_username.value, "username") end - l_tpl_block.set_value ("Wrong: Username or password ", "error") + l_tpl_block.set_value ("Wrong username or password ", "error") r.add_block (l_tpl_block, "content") end r.execute diff --git a/modules/session_auth/persistence/cms_session_auth_storage_sql.e b/modules/session_auth/persistence/cms_session_auth_storage_sql.e index 23473e0..d9036c3 100644 --- a/modules/session_auth/persistence/cms_session_auth_storage_sql.e +++ b/modules/session_auth/persistence/cms_session_auth_storage_sql.e @@ -41,7 +41,7 @@ feature -- Access User l_uid := 0 end end - sql_finalize + sql_finalize_query (Select_user_id_by_token) if l_uid > 0 and attached api as l_cms_api then Result := l_cms_api.user_api.user_by_id (l_uid) end @@ -64,7 +64,7 @@ feature -- Access User Result := False end end - sql_finalize + sql_finalize_query (Select_user_token) end feature -- Change User token @@ -82,8 +82,8 @@ feature -- Change User token l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date") sql_begin_transaction sql_insert (sql_insert_session_auth, l_parameters) + sql_finalize_insert (sql_insert_session_auth) sql_commit_transaction - sql_finalize end update_user_session_auth (a_token: READABLE_STRING_GENERAL; a_user: CMS_USER) @@ -99,8 +99,8 @@ feature -- Change User token l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date") sql_begin_transaction sql_modify (sql_update_session_auth, l_parameters) + sql_finalize_modify (sql_update_session_auth) sql_commit_transaction - sql_finalize end feature {NONE} -- SQL statements diff --git a/src/kernel/form/cms_form.e b/src/kernel/form/cms_form.e index 5da5498..df97b8e 100644 --- a/src/kernel/form/cms_form.e +++ b/src/kernel/form/cms_form.e @@ -108,13 +108,6 @@ feature -- CMS response end end -feature -- Webapi processing - - process_webapi_response () - do - - end - feature -- Helpers extend_text_field (a_name: READABLE_STRING_8; a_text: detachable READABLE_STRING_GENERAL) diff --git a/src/modules/core/cms_user_api.e b/src/modules/core/cms_user_api.e index f1f000e..990354d 100644 --- a/src/modules/core/cms_user_api.e +++ b/src/modules/core/cms_user_api.e @@ -235,7 +235,7 @@ feature -- Change User feature -- Status report - is_valid_credential (a_auth_login, a_auth_password: READABLE_STRING_32): BOOLEAN + is_valid_credential (a_auth_login, a_auth_password: READABLE_STRING_GENERAL): BOOLEAN -- Is the credentials `a_auth_login' and `a_auth_password' valid? do Result := user_storage.is_valid_credential (a_auth_login, a_auth_password) @@ -501,6 +501,12 @@ feature -- User status feature -- Access - Temp User + is_valid_temp_user_credential (a_auth_login, a_auth_password: READABLE_STRING_GENERAL): BOOLEAN + -- Is the credentials `a_auth_login' and `a_auth_password' valid? + do + Result := user_storage.is_valid_temp_user_credential (a_auth_login, a_auth_password) + end + temp_users_count: INTEGER -- Number of pending users. --! to be accepted or rehected @@ -508,19 +514,19 @@ feature -- Access - Temp User Result := user_storage.temp_users_count end - temp_user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_USER + temp_user_by_name (a_username: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User by name `a_user_name', if any. do - Result := user_storage.temp_user_by_name (a_username.as_string_32) + Result := user_storage.temp_user_by_name (a_username) end - temp_user_by_email (a_email: READABLE_STRING_8): detachable CMS_USER + temp_user_by_email (a_email: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User by email `a_email', if any. do Result := user_storage.temp_user_by_email (a_email) end - temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER + temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_TEMP_USER -- User by activation token `a_token'. do Result := user_storage.temp_user_by_activation_token (a_token) diff --git a/src/modules/core/persistence/core/cms_core_storage_i.e b/src/modules/core/persistence/core/cms_core_storage_i.e index ba2006a..b94ffc4 100644 --- a/src/modules/core/persistence/core/cms_core_storage_i.e +++ b/src/modules/core/persistence/core/cms_core_storage_i.e @@ -68,13 +68,13 @@ feature -- Logs feature -- Misc - set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: detachable READABLE_STRING_8) - -- Save data `a_name:a_value' for type `a_type' (or default if none). + set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: READABLE_STRING_8) + -- Save data `a_name:a_value' for type `a_type'. deferred end - unset_custom_value (a_name: READABLE_STRING_8; a_type: detachable READABLE_STRING_8) - -- Delete data `a_name' for type `a_type' (or default if none). + unset_custom_value (a_name: READABLE_STRING_8; a_type: READABLE_STRING_8) + -- Delete data `a_name' for type `a_type'. deferred end diff --git a/src/modules/core/persistence/core/cms_core_storage_sql_i.e b/src/modules/core/persistence/core/cms_core_storage_sql_i.e index 87474c8..9e75b36 100644 --- a/src/modules/core/persistence/core/cms_core_storage_sql_i.e +++ b/src/modules/core/persistence/core/cms_core_storage_sql_i.e @@ -53,7 +53,7 @@ feature -- URL aliases end if l_continue then sql_insert (sql_insert_path_alias, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_path_alias) end end @@ -80,7 +80,7 @@ feature -- URL aliases l_parameters.put (a_alias, "alias") sql_modify (sql_update_path_alias, l_parameters) - sql_finalize + sql_finalize_modify (sql_update_path_alias) end end @@ -97,7 +97,7 @@ feature -- URL aliases create l_parameters.make (1) l_parameters.put (a_alias, "alias") sql_modify (sql_delete_path_alias, l_parameters) - sql_finalize + sql_finalize_modify (sql_delete_path_alias) else error_handler.add_custom_error (0, "alias mismatch", "Path alias %"" + a_alias + "%" is not related to source %"" + a_source + "%"!") end @@ -120,7 +120,7 @@ feature -- URL aliases sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_select_path_source) end source_of_path_alias (a_alias: READABLE_STRING_GENERAL): detachable READABLE_STRING_8 @@ -139,7 +139,7 @@ feature -- URL aliases check one_row: sql_after end end end - sql_finalize + sql_finalize_query (sql_select_path_alias) end path_aliases: STRING_TABLE [READABLE_STRING_8] @@ -165,7 +165,7 @@ feature -- URL aliases sql_forth end end - sql_finalize + sql_finalize_query (sql_select_all_path_alias) end sql_select_all_path_alias: STRING = "SELECT source, alias, lang FROM path_aliases ORDER BY pid DESC;" @@ -218,7 +218,7 @@ feature -- Logs end l_parameters.put (now, "date") sql_insert (sql_insert_log, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_log) end logs (a_category: detachable READABLE_STRING_GENERAL; a_lower: INTEGER; a_count: INTEGER): ARRAYED_LIST [CMS_LOG] @@ -262,7 +262,7 @@ feature -- Logs end sql_forth end - sql_finalize + sql_finalize_query (l_sql) end fetch_log: detachable CMS_LOG @@ -311,7 +311,7 @@ feature -- Logs feature -- Misc - set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: detachable READABLE_STRING_8) + set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: READABLE_STRING_8) -- local l_parameters: STRING_TABLE [detachable ANY] @@ -319,45 +319,29 @@ feature -- Misc error_handler.reset create l_parameters.make (3) - if a_type /= Void then - l_parameters.put (a_type, "type") - else - l_parameters.put (a_type, "default") - end + l_parameters.put (a_type, "type") l_parameters.put (a_name, "name") l_parameters.put (a_value, "value") + sql_begin_transaction if attached custom_value (a_name, a_type) as l_value then if a_value.same_string (l_value) then -- already up to date else sql_modify (sql_update_custom_value, l_parameters) - sql_finalize + sql_finalize_modify (sql_update_custom_value) end else sql_insert (sql_insert_custom_value, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_custom_value) end - end - - unset_custom_value (a_name: READABLE_STRING_8; a_type: detachable READABLE_STRING_8) - -- - local - l_parameters: STRING_TABLE [detachable ANY] - do - error_handler.reset - - create l_parameters.make (3) - if a_type /= Void then - l_parameters.put (a_type, "type") + if has_error then + sql_rollback_transaction else - l_parameters.put (a_type, "default") + sql_commit_transaction end - l_parameters.put (a_name, "name") - sql_modify (sql_delete_custom_value, l_parameters) - sql_finalize end - custom_value (a_name: READABLE_STRING_GENERAL; a_type: detachable READABLE_STRING_8): detachable READABLE_STRING_32 + unset_custom_value (a_name: READABLE_STRING_8; a_type: READABLE_STRING_8) -- local l_parameters: STRING_TABLE [detachable ANY] @@ -365,11 +349,21 @@ feature -- Misc error_handler.reset create l_parameters.make (2) - if a_type /= Void then - l_parameters.put (a_type, "type") - else - l_parameters.put (a_type, "default") - end + l_parameters.put (a_type, "type") + l_parameters.put (a_name, "name") + sql_delete (sql_delete_custom_value, l_parameters) + sql_finalize_delete (sql_delete_custom_value) + end + + custom_value (a_name: READABLE_STRING_GENERAL; a_type: READABLE_STRING_8): detachable READABLE_STRING_32 + -- + local + l_parameters: STRING_TABLE [detachable ANY] + do + error_handler.reset + + create l_parameters.make (2) + l_parameters.put (a_type, "type") l_parameters.put (a_name, "name") sql_query (sql_select_custom_value, l_parameters) if not has_error and not sql_after then @@ -377,16 +371,16 @@ feature -- Misc sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_select_custom_value) end - custom_values: detachable LIST [TUPLE [name: READABLE_STRING_GENERAL; type: detachable READABLE_STRING_8; value: detachable READABLE_STRING_32]] + custom_values: detachable LIST [TUPLE [name: READABLE_STRING_GENERAL; type: READABLE_STRING_8; value: detachable READABLE_STRING_32]] -- Values as list of [name, type, value]. local l_type, l_name: READABLE_STRING_8 do error_handler.reset - create {ARRAYED_LIST [TUPLE [name: READABLE_STRING_GENERAL; type: detachable READABLE_STRING_8; value: detachable READABLE_STRING_32]]} Result.make (5) + create {ARRAYED_LIST [TUPLE [name: READABLE_STRING_GENERAL; type: READABLE_STRING_8; value: detachable READABLE_STRING_32]]} Result.make (5) sql_query (sql_select_all_custom_values, Void) if not has_error then from @@ -406,7 +400,7 @@ feature -- Misc sql_forth end end - sql_finalize + sql_finalize_query (sql_select_all_custom_values) end sql_select_all_custom_values: STRING = "SELECT type, name, value FROM custom_values;" diff --git a/src/modules/core/persistence/user/cms_user_storage_i.e b/src/modules/core/persistence/user/cms_user_storage_i.e index ce38b2f..c13b5bd 100644 --- a/src/modules/core/persistence/user/cms_user_storage_i.e +++ b/src/modules/core/persistence/user/cms_user_storage_i.e @@ -70,7 +70,7 @@ feature -- Access password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void) end - is_valid_credential (a_u, a_p: READABLE_STRING_32): BOOLEAN + is_valid_credential (a_u, a_p: READABLE_STRING_GENERAL): BOOLEAN -- Does account with username `a_username' and password `a_password' exist? deferred end @@ -212,18 +212,23 @@ feature -- Change: User password recovery feature -- Access: Temp Users + is_valid_temp_user_credential (a_u, a_p: READABLE_STRING_GENERAL): BOOLEAN + -- Does temp account with username `a_username' and password `a_password' exist? + deferred + end + temp_users_count: INTEGER -- Number of pending users --! to be accepted or rejected deferred end - temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER + temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- Retrieve a temporal user by id `a_uid' for the consumer `a_consumer', if aby. deferred end - temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER + temp_user_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User with name `a_name', if any. require a_name /= Void and then not a_name.is_empty @@ -233,7 +238,7 @@ feature -- Access: Temp Users password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void) end - temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER + temp_user_by_email (a_email: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User with name `a_email', if any. deferred ensure @@ -241,7 +246,7 @@ feature -- Access: Temp Users password: Result /= Void implies (Result.hashed_password /= Void and Result.password = Void) end - temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER + temp_user_by_activation_token (a_token: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User with activation token `a_token', if any. deferred ensure diff --git a/src/modules/core/persistence/user/cms_user_storage_null.e b/src/modules/core/persistence/user/cms_user_storage_null.e index 56a9bc9..0ff2f52 100644 --- a/src/modules/core/persistence/user/cms_user_storage_null.e +++ b/src/modules/core/persistence/user/cms_user_storage_null.e @@ -41,7 +41,7 @@ feature -- Access: user do end - is_valid_credential (l_auth_login, l_auth_password: READABLE_STRING_32): BOOLEAN + is_valid_credential (l_auth_login, l_auth_password: READABLE_STRING_GENERAL): BOOLEAN do end @@ -147,27 +147,31 @@ feature -- Change: User password recovery feature -- Access: Users + is_valid_temp_user_credential (l_auth_login, l_auth_password: READABLE_STRING_GENERAL): BOOLEAN + do + end + temp_users_count: INTEGER -- do end - temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER + temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- do end - temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER + temp_user_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- do end - temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER + temp_user_by_email (a_email: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- do end - temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER + temp_user_by_activation_token (a_token: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- do end @@ -190,7 +194,6 @@ feature -- Temp Users do end - remove_activation (a_token: READABLE_STRING_GENERAL) -- . do diff --git a/src/modules/core/persistence/user/cms_user_storage_sql_i.e b/src/modules/core/persistence/user/cms_user_storage_sql_i.e index fd18c86..330b5f0 100644 --- a/src/modules/core/persistence/user/cms_user_storage_sql_i.e +++ b/src/modules/core/persistence/user/cms_user_storage_sql_i.e @@ -35,7 +35,7 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_users_count) end users: LIST [CMS_USER] @@ -45,8 +45,8 @@ feature -- Access: user error_handler.reset write_information_log (generator + ".all_users") + sql_query (select_users, Void) from - sql_query (select_users, Void) sql_start until sql_after or has_error @@ -56,7 +56,7 @@ feature -- Access: user end sql_forth end - sql_finalize + sql_finalize_query (select_users) end user_by_id (a_id: like {CMS_USER}.id): detachable CMS_USER @@ -74,7 +74,7 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_user_by_id) end user_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER @@ -92,7 +92,7 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_user_by_name) end user_by_email (a_email: READABLE_STRING_GENERAL): detachable CMS_USER @@ -110,7 +110,7 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_user_by_email) end user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER @@ -128,7 +128,7 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_user_by_activation_token) end user_by_password_token (a_token: READABLE_STRING_32): detachable CMS_USER @@ -146,26 +146,26 @@ feature -- Access: user sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_user_by_password_token) end - is_valid_credential (l_auth_login, l_auth_password: READABLE_STRING_32): BOOLEAN + is_valid_credential (a_auth_login, a_auth_password: READABLE_STRING_GENERAL): BOOLEAN local l_security: SECURITY_PROVIDER do - if attached user_salt (l_auth_login) as l_hash then - if attached user_by_name (l_auth_login) as l_user then + if attached user_salt (a_auth_login) as l_hash then + if attached user_by_name (a_auth_login) as l_user then create l_security if attached l_user.hashed_password as l_hashed_password and then - l_security.password_hash (l_auth_password, l_hash).is_case_insensitive_equal (l_hashed_password) + l_security.password_hash (a_auth_password, l_hash).is_case_insensitive_equal (l_hashed_password) then Result := True else write_information_log (generator + ".is_valid_credential User: wrong username or password" ) end else - write_information_log (generator + ".is_valid_credential User:" + l_auth_login + "does not exist" ) + write_information_log (generator + ".is_valid_credential User:" + a_auth_login + "does not exist" ) end end end @@ -180,11 +180,11 @@ feature -- Access: user error_handler.reset write_information_log (generator + ".recent_users") + create l_parameters.make (2) + l_parameters.put (a_count, "rows") + l_parameters.put (a_lower, "offset") + sql_query (sql_select_recent_users, l_parameters) from - create l_parameters.make (2) - l_parameters.put (a_count, "rows") - l_parameters.put (a_lower, "offset") - sql_query (sql_select_recent_users, l_parameters) sql_start until sql_after @@ -194,7 +194,7 @@ feature -- Access: user end sql_forth end - sql_finalize + sql_finalize_query (sql_select_recent_users) end feature -- Change: user @@ -231,12 +231,12 @@ feature -- Change: user a_user.set_id (last_inserted_user_id) update_user_roles (a_user) end + sql_finalize_insert (sql_insert_user) if not error_handler.has_error then sql_commit_transaction else sql_rollback_transaction end - sql_finalize else -- set error error_handler.add_custom_error (-1, "bad request" , "Missing password or email") @@ -274,7 +274,7 @@ feature -- Change: user l_parameters.put (l_password_salt, "salt") sql_modify (sql_update_user_name, l_parameters) - sql_finalize + sql_finalize_modify (sql_update_user_name) if not error_handler.has_error then a_user.set_name (a_new_username) update_user_roles (a_user) @@ -284,7 +284,6 @@ feature -- Change: user else sql_rollback_transaction end - sql_finalize else -- set error error_handler.add_custom_error (-1, "bad request" , "Missing password or email") @@ -327,7 +326,7 @@ feature -- Change: user l_parameters.put (a_user.profile_name, "profile_name") sql_modify (sql_update_user, l_parameters) - sql_finalize + sql_finalize_modify (sql_update_user) if not error_handler.has_error then update_user_roles (a_user) end @@ -336,7 +335,6 @@ feature -- Change: user else sql_rollback_transaction end - sql_finalize else -- set error error_handler.add_custom_error (-1, "bad request" , "Missing password or email") @@ -353,9 +351,9 @@ feature -- Change: user write_information_log (generator + ".delete_user") create l_parameters.make (1) l_parameters.put (a_user.id, "uid") - sql_modify (sql_delete_user, l_parameters) + sql_delete (sql_delete_user, l_parameters) + sql_finalize_delete (sql_delete_user) sql_commit_transaction - sql_finalize end feature -- Change: roles @@ -413,7 +411,6 @@ feature -- Change: roles else sql_rollback_transaction end - sql_finalize end assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER) @@ -424,7 +421,7 @@ feature -- Change: roles l_parameters.put (a_user.id, "uid") l_parameters.put (a_role.id, "rid") sql_insert (sql_insert_role_to_user, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_role_to_user) end unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER) @@ -434,8 +431,8 @@ feature -- Change: roles create l_parameters.make (2) l_parameters.put (a_user.id, "uid") l_parameters.put (a_role.id, "rid") - sql_modify (sql_delete_role_from_user, l_parameters) - sql_finalize + sql_delete (sql_delete_role_from_user, l_parameters) + sql_finalize_delete (sql_delete_role_from_user) end feature -- Access: roles and permissions @@ -453,12 +450,11 @@ feature -- Access: roles and permissions Result := fetch_user_role sql_forth check one_row: sql_after end - sql_finalize - if Result /= Void and not has_error then - fill_user_role (Result) - end end - sql_finalize + sql_finalize_query (select_user_role_by_id) + if Result /= Void and not has_error then + fill_user_role (Result) + end end user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE @@ -475,12 +471,11 @@ feature -- Access: roles and permissions Result := fetch_user_role sql_forth check one_row: sql_after end - sql_finalize - if Result /= Void and not has_error then - fill_user_role (Result) - end end - sql_finalize + sql_finalize_query (select_user_role_by_name) + if Result /= Void and not has_error then + fill_user_role (Result) + end end user_roles_for (a_user: CMS_USER): LIST [CMS_USER_ROLE] @@ -491,10 +486,10 @@ feature -- Access: roles and permissions write_information_log (generator + ".user_roles_for") create {ARRAYED_LIST [CMS_USER_ROLE]} Result.make (0) + create l_parameters.make (1) + l_parameters.put (a_user.id, "uid") + sql_query (select_user_roles_by_user_id, l_parameters) from - create l_parameters.make (1) - l_parameters.put (a_user.id, "uid") - sql_query (select_user_roles_by_user_id, l_parameters) sql_start until sql_after @@ -504,7 +499,7 @@ feature -- Access: roles and permissions end sql_forth end - sql_finalize + sql_finalize_query (select_user_roles_by_user_id) if not has_error then across Result as ic loop fill_user_role (ic.item) @@ -520,8 +515,8 @@ feature -- Access: roles and permissions write_information_log (generator + ".user_roles") create {ARRAYED_LIST [CMS_USER_ROLE]} Result.make (0) + sql_query (select_user_roles, Void) from - sql_query (select_user_roles, Void) sql_start until sql_after @@ -532,7 +527,7 @@ feature -- Access: roles and permissions end sql_forth end - sql_finalize + sql_finalize_query (select_user_roles) if not has_error then across Result as ic loop fill_user_role (ic.item) @@ -561,10 +556,10 @@ feature -- Access: roles and permissions write_information_log (generator + ".role_permissions_by_id") create {ARRAYED_LIST [READABLE_STRING_8]} Result.make (0) + create l_parameters.make (1) + l_parameters.put (a_role_id, "rid") + sql_query (select_role_permissions_by_role_id, l_parameters) from - create l_parameters.make (1) - l_parameters.put (a_role_id, "rid") - sql_query (select_role_permissions_by_role_id, l_parameters) sql_start until sql_after or has_error @@ -576,7 +571,7 @@ feature -- Access: roles and permissions -- end sql_forth end - sql_finalize + sql_finalize_query (select_role_permissions_by_role_id) end role_permissions: LIST [READABLE_STRING_8] @@ -587,8 +582,8 @@ feature -- Access: roles and permissions create {ARRAYED_LIST [READABLE_STRING_8]} Result.make (0) Result.compare_objects + sql_query (select_role_permissions, Void) from - sql_query (select_role_permissions, Void) sql_start until sql_after or has_error @@ -598,7 +593,7 @@ feature -- Access: roles and permissions end sql_forth end - sql_finalize + sql_finalize_query (select_role_permissions) end feature -- Change: roles and permissions @@ -628,7 +623,7 @@ feature -- Change: roles and permissions l_parameters.put (a_user_role.id, "rid") l_parameters.put (a_user_role.name, "name") sql_modify (sql_update_user_role, l_parameters) - sql_finalize + sql_finalize_modify (sql_update_user_role) end if not a_user_role.permissions.is_empty then -- FIXME: check if this is non set permissions,or none ... @@ -675,7 +670,7 @@ feature -- Change: roles and permissions create l_parameters.make (1) l_parameters.put (a_user_role.name, "name") sql_insert (sql_insert_user_role, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_user_role) if not error_handler.has_error then a_user_role.set_id (last_inserted_user_role_id) across @@ -699,7 +694,7 @@ feature -- Change: roles and permissions l_parameters.put (a_permission, "permission") l_parameters.put (Void, "module") -- FIXME: unsupported for now! sql_insert (sql_insert_user_role_permission, l_parameters) - sql_finalize + sql_finalize_insert (sql_insert_user_role_permission) end unset_permission_for_role_id (a_permission: READABLE_STRING_8; a_role_id: INTEGER) @@ -713,8 +708,8 @@ feature -- Change: roles and permissions create l_parameters.make (2) l_parameters.put (a_role_id, "rid") l_parameters.put (a_permission, "permission") - sql_modify (sql_delete_user_role_permission, l_parameters) - sql_finalize + sql_delete (sql_delete_user_role_permission, l_parameters) + sql_finalize_delete (sql_delete_user_role_permission) end last_inserted_user_role_id: INTEGER_32 @@ -728,7 +723,7 @@ feature -- Change: roles and permissions sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_last_insert_user_role_id) end @@ -742,11 +737,11 @@ feature -- Change: roles and permissions write_information_log (generator + ".delete_role") create l_parameters.make (1) l_parameters.put (a_role.id, "rid") - sql_modify (sql_delete_role_permissions_by_role_id, l_parameters) - sql_finalize - sql_modify (sql_delete_role_by_id, l_parameters) + sql_delete (sql_delete_role_permissions_by_role_id, l_parameters) + sql_finalize_delete (sql_delete_role_permissions_by_role_id) + sql_delete (sql_delete_role_by_id, l_parameters) + sql_finalize_delete (sql_delete_role_by_id) sql_commit_transaction - sql_finalize end @@ -767,7 +762,7 @@ feature -- Access: User activation sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_select_activation_expiration) end user_id_by_activation (a_token: READABLE_STRING_32): INTEGER_64 @@ -785,7 +780,7 @@ feature -- Access: User activation sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_select_userid_activation) end feature -- Change: User activation @@ -805,8 +800,8 @@ feature -- Change: User activation l_parameters.put (a_id, "uid") l_parameters.put (l_utc_date, "utc_date") sql_insert (sql_insert_activation, l_parameters) + sql_finalize_insert (sql_insert_activation) sql_commit_transaction - sql_finalize end feature -- Change: User password recovery @@ -826,8 +821,8 @@ feature -- Change: User password recovery l_parameters.put (a_id, "uid") l_parameters.put (l_utc_date, "utc_date") sql_insert (sql_insert_password, l_parameters) + sql_finalize_insert (sql_insert_password) sql_commit_transaction - sql_finalize end remove_password (a_token: READABLE_STRING_32) @@ -841,13 +836,13 @@ feature -- Change: User password recovery create l_parameters.make (1) l_parameters.put (a_token, "token") sql_modify (sql_remove_password, l_parameters) + sql_finalize_modify (sql_remove_password) sql_commit_transaction - sql_finalize end feature {NONE} -- Implementation: User - user_salt (a_username: READABLE_STRING_32): detachable READABLE_STRING_8 + user_salt (a_username: READABLE_STRING_GENERAL): detachable READABLE_STRING_8 -- User salt for the given user `a_username', if any. local l_parameters: STRING_TABLE [detachable ANY] @@ -864,7 +859,27 @@ feature {NONE} -- Implementation: User sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_salt_by_username) + end + + temp_user_salt (a_username: READABLE_STRING_GENERAL): detachable READABLE_STRING_8 + -- User salt for the given user `a_username', if any. + local + l_parameters: STRING_TABLE [detachable ANY] + do + error_handler.reset + write_information_log (generator + ".temp_user_salt") + create l_parameters.make (1) + l_parameters.put (a_username, "name") + sql_query (select_temp_user_salt_by_username, l_parameters) + if not sql_after then + if attached sql_read_string (1) as l_salt then + Result := l_salt + end + sql_forth + check one_row: sql_after end + end + sql_finalize_query (select_temp_user_salt_by_username) end fetch_user: detachable CMS_USER @@ -1049,6 +1064,27 @@ feature {NONE} -- User Password Recovery feature -- Acess: Temp users + is_valid_temp_user_credential (a_auth_login, a_auth_password: READABLE_STRING_GENERAL): BOOLEAN + local + l_security: SECURITY_PROVIDER + do + if attached temp_user_salt (a_auth_login) as l_hash then + if attached temp_user_by_name (a_auth_login) as l_user then + create l_security + if + attached l_user.hashed_password as l_hashed_password and then + l_security.password_hash (a_auth_password, l_hash).is_case_insensitive_equal (l_hashed_password) + then + Result := True + else + write_information_log (generator + ".is_valid_temp_user_credential User: wrong username or password" ) + end + else + write_information_log (generator + ".is_valid_temp_user_credential User:" + a_auth_login + "does not exist" ) + end + end + end + temp_users_count: INTEGER -- Number of items users. do @@ -1061,10 +1097,10 @@ feature -- Acess: Temp users sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_temp_users_count) end - temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER + temp_user_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- local l_parameters: STRING_TABLE [detachable ANY] @@ -1084,10 +1120,10 @@ feature -- Acess: Temp users Result := Void end end - sql_finalize + sql_finalize_query (l_string) end - temp_user_by_name (a_name: like {CMS_USER}.name): detachable CMS_USER + temp_user_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User for the given name `a_name', if any. local l_parameters: STRING_TABLE [detachable ANY] @@ -1102,10 +1138,10 @@ feature -- Acess: Temp users sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_temp_user_by_name) end - temp_user_by_email (a_email: like {CMS_USER}.email): detachable CMS_USER + temp_user_by_email (a_email: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User for the given email `a_email', if any. local l_parameters: STRING_TABLE [detachable ANY] @@ -1120,10 +1156,10 @@ feature -- Acess: Temp users sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_temp_user_by_email) end - temp_user_by_activation_token (a_token: READABLE_STRING_32): detachable CMS_USER + temp_user_by_activation_token (a_token: READABLE_STRING_GENERAL): detachable CMS_TEMP_USER -- User for the given activation token `a_token', if any. local l_parameters: STRING_TABLE [detachable ANY] @@ -1138,7 +1174,7 @@ feature -- Acess: Temp users sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_temp_user_by_activation_token) end temp_recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_TEMP_USER] @@ -1151,11 +1187,11 @@ feature -- Acess: Temp users error_handler.reset write_information_log (generator + ".temp_recent_users") + create l_parameters.make (2) + l_parameters.put (a_count, "rows") + l_parameters.put (a_lower, "offset") + sql_query (sql_select_temp_recent_users, l_parameters) from - create l_parameters.make (2) - l_parameters.put (a_count, "rows") - l_parameters.put (a_lower, "offset") - sql_query (sql_select_temp_recent_users, l_parameters) sql_start until sql_after or has_error @@ -1165,7 +1201,7 @@ feature -- Acess: Temp users end sql_forth end - sql_finalize + sql_finalize_query (sql_select_temp_recent_users) end token_by_temp_user_id (a_id: like {CMS_USER}.id): detachable STRING @@ -1185,7 +1221,7 @@ feature -- Acess: Temp users sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (select_token_activation_by_user_id) end feature {NONE} -- Implementation: User @@ -1257,12 +1293,12 @@ feature -- New Temp User l_parameters.put (a_temp_user.profile_name, "profile_name") sql_insert (sql_insert_user, l_parameters) + sql_finalize_insert (sql_insert_user) if not error_handler.has_error then sql_commit_transaction else sql_rollback_transaction end - sql_finalize else -- set error error_handler.add_custom_error (-1, "bad request" , "Missing password or email") @@ -1297,13 +1333,13 @@ feature -- New Temp User sql_begin_transaction sql_insert (sql_insert_temp_user, l_parameters) + sql_finalize_insert (sql_insert_temp_user) if not error_handler.has_error then a_temp_user.set_id (last_inserted_temp_user_id) sql_commit_transaction else sql_rollback_transaction end - sql_finalize else -- set error error_handler.add_custom_error (-1, "bad request" , "Missing password or email or personal information") @@ -1323,8 +1359,8 @@ feature -- Remove Activation create l_parameters.make (1) l_parameters.put (a_token, "token") sql_modify (sql_remove_activation, l_parameters) + sql_finalize_modify (sql_remove_activation) sql_commit_transaction - sql_finalize end delete_temp_user (a_temp_user: CMS_TEMP_USER) @@ -1337,9 +1373,9 @@ feature -- Remove Activation write_information_log (generator + ".delete_temp_user") create l_parameters.make (1) l_parameters.put (a_temp_user.id, "uid") - sql_modify (sql_delete_temp_user, l_parameters) + sql_delete (sql_delete_temp_user, l_parameters) + sql_finalize_delete (sql_delete_temp_user) sql_commit_transaction - sql_finalize end feature {NONE} -- Implementation @@ -1355,7 +1391,7 @@ feature {NONE} -- Implementation sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_last_insert_temp_user_id) end last_inserted_user_id: INTEGER_64 @@ -1369,7 +1405,7 @@ feature {NONE} -- Implementation sql_forth check one_row: sql_after end end - sql_finalize + sql_finalize_query (sql_last_insert_user_id) end feature {NONE} -- SQL select @@ -1392,6 +1428,9 @@ feature {NONE} -- SQL select select_temp_user_by_activation_token: STRING = "SELECT u.uid, u.name, u.password, u.salt, u.email, u.application FROM auth_temp_users as u JOIN users_activations as ua ON ua.uid = u.uid and ua.token = :token;" -- Retrieve user by activation token if exist. + select_temp_user_salt_by_username: STRING = "SELECT salt FROM auth_temp_users WHERE name =:name;" + -- Retrieve temp user salt by username if exists. + sql_delete_temp_user: STRING = "DELETE FROM auth_temp_users WHERE uid=:uid;" select_temp_users_count: STRING = "SELECT count(*) FROM auth_temp_users;" diff --git a/src/modules/core/persistence/user_profile/cms_user_profile_storage_sql.e b/src/modules/core/persistence/user_profile/cms_user_profile_storage_sql.e index d4ea036..1a89633 100644 --- a/src/modules/core/persistence/user_profile/cms_user_profile_storage_sql.e +++ b/src/modules/core/persistence/user_profile/cms_user_profile_storage_sql.e @@ -35,7 +35,7 @@ feature -- Access if not has_error then Result := sql_read_string_32 (2) end - sql_finalize + sql_finalize_query (sql_select_user_profile_item) end user_profile (a_user: CMS_USER): detachable CMS_USER_PROFILE @@ -63,7 +63,7 @@ feature -- Access sql_forth end end - sql_finalize + sql_finalize_query (sql_select_user_profile_items) end users_with_profile_item (a_item_name: READABLE_STRING_GENERAL; a_value: detachable READABLE_STRING_GENERAL): detachable LIST [CMS_USER] @@ -98,7 +98,7 @@ feature -- Access sql_forth end end - sql_finalize + sql_finalize_query (sql_select_users_with_profile_item) if not has_error and l_uids /= Void and @@ -132,10 +132,11 @@ feature -- Change reset_error if user_profile_item (a_user, a_item_name) = Void then sql_insert (sql_insert_user_profile_item, l_parameters) + sql_finalize_insert (sql_insert_user_profile_item) else sql_modify (sql_update_user_profile_item, l_parameters) + sql_finalize_modify (sql_update_user_profile_item) end - sql_finalize end save_user_profile (a_user: CMS_USER; a_profile: CMS_USER_PROFILE) @@ -164,7 +165,8 @@ feature -- Change l_is_new := True elseif p.has_key (ic.key) then l_is_new := False - l_has_diff := attached p.item (ic.key) as l_prev_item and then not l_prev_item.same_string (l_item) + l_has_diff := attached p.item (ic.key) as l_prev_item and then + not l_prev_item.same_string (l_item) else l_is_new := True end @@ -175,13 +177,14 @@ feature -- Change if l_is_new then sql_insert (sql_insert_user_profile_item, l_parameters) + sql_finalize_insert (sql_insert_user_profile_item) else sql_modify (sql_update_user_profile_item, l_parameters) + sql_finalize_modify (sql_update_user_profile_item) end l_parameters.wipe_out end end - sql_finalize end feature {NONE} -- Queries diff --git a/src/modules/core/webapi/cms_root_webapi_handler.e b/src/modules/core/webapi/cms_root_webapi_handler.e index ca8e810..68a7596 100644 --- a/src/modules/core/webapi/cms_root_webapi_handler.e +++ b/src/modules/core/webapi/cms_root_webapi_handler.e @@ -41,13 +41,10 @@ feature -- Execution elseif api.has_permission ("account register") then rep.add_link ("register", Void, api.webapi_path ("/account/register")) end - - -- If query has "router=yes", display basic information about router mapping. - -- Note: this may change in the future if - attached router as l_router and then attached req.query_parameter ("router") as p_router and then - p_router.same_string ("yes") + p_router.same_string ("yes") and then + attached router as l_router then create j.make_empty create vis @@ -78,6 +75,9 @@ feature -- Execution end(?, j)) vis.process_router (l_router) rep.add_string_field ("routing", j.representation) +-- vis.on_mapping_actions.extend (agent (i_mapping: WSF_ROUTER_MAPPING; i_json: JSON_OBJECT) +-- do +-- end(?, j)) end rep.add_self (req.percent_encoded_path_info) rep.execute diff --git a/src/persistence/cms_storage_null.e b/src/persistence/cms_storage_null.e index 31ec294..79ba9cd 100644 --- a/src/persistence/cms_storage_null.e +++ b/src/persistence/cms_storage_null.e @@ -103,18 +103,18 @@ feature -- Logs feature -- Custom - set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: detachable READABLE_STRING_8) - -- Save data `a_name:a_value' for type `a_type' (or default if none). + set_custom_value (a_name: READABLE_STRING_8; a_value: attached like custom_value; a_type: READABLE_STRING_8) + -- Save data `a_name:a_value' for type `a_type'. do end - unset_custom_value (a_name: READABLE_STRING_8; a_type: detachable READABLE_STRING_8) - -- Delete data `a_name' for type `a_type' (or default if none). + unset_custom_value (a_name: READABLE_STRING_8; a_type: READABLE_STRING_8) + -- Delete data `a_name' for type `a_type'. do end - custom_value (a_name: READABLE_STRING_GENERAL; a_type: detachable READABLE_STRING_8): detachable READABLE_STRING_32 - -- Data for name `a_name' and type `a_type' (or default if none). + custom_value (a_name: READABLE_STRING_GENERAL; a_type: READABLE_STRING_8): detachable READABLE_STRING_32 + -- Data for name `a_name' and type `a_type'. local s: STRING_32 do @@ -130,7 +130,7 @@ feature -- Custom end end - custom_values: detachable LIST [TUPLE [name: READABLE_STRING_GENERAL; type: detachable READABLE_STRING_8; value: detachable READABLE_STRING_32]] + custom_values: detachable LIST [TUPLE [name: READABLE_STRING_GENERAL; type: READABLE_STRING_8; value: detachable READABLE_STRING_32]] -- Values as list of [name, type, value]. do end diff --git a/src/persistence/sql/cms_proxy_storage_sql.e b/src/persistence/sql/cms_proxy_storage_sql.e index a81d68c..75e997a 100644 --- a/src/persistence/sql/cms_proxy_storage_sql.e +++ b/src/persistence/sql/cms_proxy_storage_sql.e @@ -41,6 +41,7 @@ feature -- Execution sql_begin_transaction do + -- FIXME: may raise exception due to locked database... sql_storage.sql_begin_transaction end diff --git a/src/persistence/sql/cms_storage_sql_i.e b/src/persistence/sql/cms_storage_sql_i.e index 3231cc5..633b842 100644 --- a/src/persistence/sql/cms_storage_sql_i.e +++ b/src/persistence/sql/cms_storage_sql_i.e @@ -143,6 +143,31 @@ feature -- Operation deferred end + sql_finalize_query (a_sql_statement: STRING) + do + sql_finalize_statement (a_sql_statement) + end + + sql_finalize_insert (a_sql_statement: STRING) + do + sql_finalize_statement (a_sql_statement) + end + + sql_finalize_modify (a_sql_statement: STRING) + do + sql_finalize_statement (a_sql_statement) + end + + sql_finalize_delete (a_sql_statement: STRING) + do + sql_finalize_statement (a_sql_statement) + end + + sql_finalize_statement (a_sql_statement: STRING) + do + sql_finalize + end + feature -- Helper sql_script_content (a_path: PATH): detachable STRING @@ -181,6 +206,7 @@ feature -- Helper i: INTEGER err: BOOLEAN cl: CELL [INTEGER] + l_sql: STRING do reset_error sql_begin_transaction @@ -194,10 +220,13 @@ feature -- Helper loop if attached next_sql_statement (a_sql_script, i, cl) as s then if not s.is_whitespace then + l_sql := sql_statement (s) if s.starts_with ("INSERT") then - sql_insert (sql_statement (s), a_params) + sql_insert (l_sql, a_params) + sql_finalize_insert (l_sql) else - sql_modify (sql_statement (s), a_params) + sql_modify (l_sql, a_params) + sql_finalize_modify (l_sql) end err := err or has_error reset_error @@ -212,29 +241,34 @@ feature -- Helper else sql_commit_transaction end - sql_finalize end sql_table_exists (a_table_name: READABLE_STRING_8): BOOLEAN -- Does table `a_table_name' exists? + local + l_sql: STRING do reset_error - sql_query ("SELECT count(*) FROM " + a_table_name + " ;", Void) + l_sql := "SELECT count(*) FROM " + a_table_name + " ;" + sql_query (l_sql, Void) Result := not has_error -- FIXME: find better solution - sql_finalize + sql_finalize_query (l_sql) reset_error end sql_table_items_count (a_table_name: READABLE_STRING_8): INTEGER_64 -- Number of items in table `a_table_name'? + local + l_sql: STRING do reset_error - sql_query ("SELECT count(*) FROM " + a_table_name + " ;", Void) + l_sql := "SELECT count(*) FROM " + a_table_name + " ;" + sql_query (l_sql, Void) if not has_error then Result := sql_read_integer_64 (1) end - sql_finalize + sql_finalize_query (l_sql) end feature -- Access diff --git a/src/service/cms_self_module_administration.e b/src/service/cms_self_module_administration.e new file mode 100644 index 0000000..fa657ed --- /dev/null +++ b/src/service/cms_self_module_administration.e @@ -0,0 +1,45 @@ +note + description: "Summary description for {CMS_SELF_MODULE_ADMINISTRATION}." + date: "$Date$" + revision: "$Revision$" + +class + CMS_SELF_MODULE_ADMINISTRATION [G -> CMS_MODULE] + +inherit + CMS_MODULE_ADMINISTRATION [G] + redefine + setup_hooks, + filters + end + +create + make + +feature -- Router + + setup_administration_router (a_router: WSF_ROUTER; a_api: CMS_API) + do + end + +feature -- Filter + + filters (a_api: CMS_API): detachable LIST [WSF_FILTER] + -- Optional list of filter for Current module. + -- (from CMS_MODULE) + do + Result := module.filters (a_api) + end + +feature -- Hooks configuration + + setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER) + -- Module hooks configuration. + do + module.setup_hooks (a_hooks) + end + +note + copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Eiffel Software and others" + license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)" +end diff --git a/tests/all-safe.ecf b/tests/all-safe.ecf deleted file mode 100644 index 53fc8c4..0000000 --- a/tests/all-safe.ecf +++ /dev/null @@ -1,3 +0,0 @@ - - -