backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added CMS_API.request: WSF_REQUEST to ease dev of ROC CMS code.

Browse Source 
- Removed CMS_REQUEST_UTIL
  - centralize a few request related code into CMS_API
Added CMS_API.user, CMS_API.set_user (CMS_USER), ... and user related routines.

Refactored Auth related code
  - added various abstractions to factorize implementation and harmonize solutions.
  - revisited the logout strategy.
  - updated the account info page, and remove info user should not care about.
  - simplified the process, and encourage auth module to follow same design.

Added CMS_LINK helper routines to modify the related query string.
Removed CMS_USER.profile (and related routines)
   - It was not used so far.
   - it will probably a specific module later, if needed.

Update various module to avoid fetching user from sql directly, and let this task to CMS_USER_API.

Removed CMS_NODE_API.node_author (a_node: CMS_NODE): detachable CMS_USER,
   - as the info is already in CMS_NODE.author

Added CMS_RESPONSE.redirection_delay, if ever one code want to redirect after a few seconds.
Added the request uri info to the not found cms response.
This commit is contained in:
Jocelyn FIAT
2016-01-29 21:58:49 +01:00
parent 41ac45d07b
commit 3496536751
67 changed files with 1742 additions and 1820 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/node/cms_node_api.e
View File

@@ -290,9 +290,7 @@ feature -- Access: Node
is_author_of_node (u: CMS_USER; a_node: CMS_NODE): BOOLEAN
-- Is the user `u' owner of the node `n'.
do
if attached node_storage.node_author (a_node) as l_author then
Result := u.same_as (l_author)
end
Result := u.same_as (a_node.author)
end
nodes_of_type (a_node_type: CMS_CONTENT_TYPE): LIST [CMS_NODE]

20
modules/node/handler/node_handler.e
View File

@@ -122,7 +122,7 @@ feature -- HTTP Methods
if
l_node /= Void and then
l_rev > 0 and then
node_api.has_permission_for_action_on_node ("view revisions", l_node, current_user (req))
node_api.has_permission_for_action_on_node ("view revisions", l_node, api.user)
then
l_node := node_api.revision_node (l_nid, l_rev)
end
@@ -137,9 +137,9 @@ feature -- HTTP Methods
view_response.set_revision (l_rev)
view_response.execute
elseif
attached current_user (req) as l_user and then
attached api.user as l_user and then
( node_api.is_author_of_node (l_user, l_node)
or else api.user_api.user_has_permission (l_user, "view unpublished " + l_node.content_type)
or else api.user_has_permission (l_user, "view unpublished " + l_node.content_type)
)
then
create view_response.make (req, res, api, node_api)
@@ -208,13 +208,13 @@ feature -- HTTP Methods
do_trash (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Trash a node, soft delete.
do
if attached current_user (req) as l_user then
if attached api.user as l_user then
if attached {WSF_STRING} req.path_parameter ("id") as l_id then
if
l_id.is_integer and then
attached node_api.node (l_id.integer_value) as l_node
then
if node_api.has_permission_for_action_on_node ("trash", l_node, current_user (req)) then
if node_api.has_permission_for_action_on_node ("trash", l_node, l_user) then
node_api.trash_node (l_node)
res.send (create {CMS_REDIRECTION_RESPONSE_MESSAGE}.make (req.absolute_script_url ("")))
else
@@ -245,13 +245,13 @@ feature {NONE} -- Trash:Restore
local
l_source: STRING
do
if attached current_user (req) as l_user then
if attached api.user as l_user then
if attached {WSF_STRING} req.path_parameter ("id") as l_id then
if
l_id.is_integer and then
attached {CMS_NODE} node_api.node (l_id.integer_value) as l_node
then
if node_api.has_permission_for_action_on_node ("delete", l_node, current_user (req)) then
if node_api.has_permission_for_action_on_node ("delete", l_node, l_user) then
node_api.delete_node (l_node)
l_source := node_api.node_path (l_node)
api.unset_path_alias (l_source, api.location_alias (l_source))
@@ -274,13 +274,13 @@ feature {NONE} -- Trash:Restore
do_restore (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Restore a node: From {CMS_NODE_API}.trashed to {CMS_NODE_API}.not_published.
do
if attached current_user (req) as l_user then
if attached api.user as l_user then
if attached {WSF_STRING} req.path_parameter ("id") as l_id then
if
l_id.is_integer and then
attached node_api.node (l_id.integer_value) as l_node
then
if node_api.has_permission_for_action_on_node ("restore", l_node, current_user (req)) then
if node_api.has_permission_for_action_on_node ("restore", l_node, l_user) then
node_api.restore_node (l_node)
res.send (create {CMS_REDIRECTION_RESPONSE_MESSAGE}.make (req.absolute_script_url ("")))
else
@@ -310,7 +310,7 @@ feature {NONE} -- Trash:Restore
l_id.is_integer and then
attached node_api.node (l_id.integer_value) as l_node
then
if node_api.has_permission_for_action_on_node ("view revisions", l_node, current_user (req)) then
if node_api.has_permission_for_action_on_node ("view revisions", l_node, api.user) then
create r.make (req, res, api)
create b.make_empty
b.append ("<ul>")

3
modules/node/handler/node_view_response.e
View File

@@ -53,6 +53,7 @@ feature -- Execution
then
l_manager.append_content_as_html_to_page (l_node, Current)
end
set_modification_date (l_node.modification_date)
elseif revision > 0 then
set_main_content ("Missing revision node!")
else
@@ -64,8 +65,6 @@ feature -- Execution
if l_node /= Void and revision > 0 then
set_title ("Revision #" + revision.out + " of " + html_encoded (l_node.title))
end
end
end

7
modules/node/persistence/cms_node_storage_i.e
View File

@@ -120,13 +120,6 @@ feature -- Access
deferred
end
node_author (a_node: CMS_NODE): detachable CMS_USER
-- Node's author. if any.
require
valid_node: a_node.has_id
deferred
end
nodes_of_type (a_node_type: CMS_CONTENT_TYPE): LIST [CMS_NODE]
-- List of nodes of type `a_node_type'.
--| Redefine to optimize!

11
modules/node/persistence/cms_node_storage_null.e
View File

@@ -75,17 +75,6 @@ feature -- Access: node
do
end
node_author (a_node: CMS_NODE): detachable CMS_USER
-- Node's author. if any.
do
end
node_collaborators (a_id: like {CMS_NODE}.id): LIST [CMS_USER]
-- Possible list of node's collaborator.
do
create {ARRAYED_LIST [CMS_USER]} Result.make (0)
end
feature -- Access: outline
children (a_node: CMS_NODE): detachable LIST [CMS_NODE]

41
modules/node/persistence/cms_node_storage_sql.e
View File

@@ -206,23 +206,6 @@ feature -- Access
sql_finalize
end
node_author (a_node: CMS_NODE): detachable CMS_USER
-- Node's author for the given node id.
local
l_parameters: STRING_TABLE [ANY]
do
error_handler.reset
write_information_log (generator + ".node_author")
create l_parameters.make (2)
l_parameters.put (a_node.id, "nid")
l_parameters.put (a_node.revision, "revision")
sql_query (Select_user_author, l_parameters)
if not has_error and not sql_after then
Result := fetch_author
end
sql_finalize
end
last_inserted_node_id: INTEGER_64
-- Last insert node id.
do
@@ -589,11 +572,6 @@ feature {NONE} -- Queries
sql_delete_node_revisions: STRING = "DELETE FROM node_revisions WHERE nid=:nid;"
feature {NONE} -- Sql Queries: USER_ROLES collaborators, author
Select_user_author: STRING = "SELECT uid, name, password, salt, email, users.status, users.created, signed FROM nodes INNER JOIN users ON nodes.author=users.uid AND nodes.nid = :nid AND nodes.revision = :revision;"
-- Select_node_author: STRING = "SELECT nid, revision, type, title, summary, content, format, author, publish, created, changed FROM users INNER JOIN nodes ON nodes.author=users.uid AND nodes.nid =:nid;"
feature {NONE} -- Implementation
@@ -638,23 +616,4 @@ feature {NONE} -- Implementation
end
end
fetch_author: detachable CMS_USER
do
if attached sql_read_string_32 (2) as l_name and then not l_name.is_whitespace then
create Result.make (l_name)
if attached sql_read_integer_32 (1) as l_id then
Result.set_id (l_id)
end
if attached sql_read_string (3) as l_password then
-- FIXME: should we return the password here ???
Result.set_hashed_password (l_password)
end
if attached sql_read_string (5) as l_email then
Result.set_email (l_email)
end
else
check expected_valid_user: False end
end
end
end