backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added basic webapi system to ROC CMS system.

Browse Source 
Added sql_delete routine to replace sql_modify with "DELETE FROM .." sql statement.
Fixed filter setup when a module has more than one filter.
Fixed filter setup for site,admin and webapi modes.
Added CMS_AUTH_FILTER, and check if user is already authenticated, then skip following auth filters.
Added specific webapi handler classes for root, user, access token, ...
Added user profile system to the core module.
Moved /user/{uid} from auth module to core module.
Added possibility to add html before and after a cms form. (useful to add a form before or after, as nested form are forbidden).
Now theme can be installed using roc install command.
This commit is contained in:
Jocelyn Fiat
2017-09-05 15:54:40 +02:00
parent 34f0aa5844
commit ac9d29b971
88 changed files with 3552 additions and 553 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
modules/auth/cms_auth_filter_i.e
View File

@@ -1,44 +0,0 @@
note
description: "[
Processes a HTTP request, and depending on header, authenticate a current user or not.
]"
date: "$Date$"
revision: "$Revision$"
deferred class
CMS_AUTH_FILTER_I
inherit
WSF_FILTER
feature {NONE} -- Initialization
make (a_api: CMS_API)
-- Initialize Current handler with `a_api'.
do
api := a_api
end
feature -- API Service
api: CMS_API
feature -- Basic operations
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
deferred
end
auth_strategy: STRING
deferred
end
set_current_user (u: CMS_USER)
do
api.set_user (u)
-- Record auth strategy:
api.set_execution_variable ("auth_strategy", auth_strategy)
end
end

29
modules/auth/cms_auth_strategy_filter.e Normal file
View File

@@ -0,0 +1,29 @@
note
description: "Summary description for {CMS_AUTH_FILTER_WITH_LOGOUT}."
author: ""
date: "$Date$"
revision: "$Revision$"
deferred class
CMS_AUTH_STRATEGY_FILTER
inherit
CMS_AUTH_FILTER
redefine
set_current_user
end
feature -- Basic operations
auth_strategy: STRING
deferred
end
set_current_user (u: CMS_USER)
do
Precursor (u)
-- Record auth strategy:
api.set_execution_variable ({CMS_AUTHENTICATION_MODULE}.auth_strategy_execution_variable_name, auth_strategy)
end
end

56
modules/auth/cms_authentication_module.e
View File

@@ -124,8 +124,6 @@ feature -- Router
a_router.handle ("/account/new-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_new_password(a_api, ?, ?)), a_router.methods_get_post)
a_router.handle ("/account/reset-password", create {WSF_URI_AGENT_HANDLER}.make (agent handle_reset_password(a_api, ?, ?)), a_router.methods_get_post)
a_router.handle ("/account/change/{field}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_change_field (a_api, ?, ?)), a_router.methods_get_post)
a_router.handle ("/user/{uid}", create {CMS_USER_HANDLER}.make (a_api), a_router.methods_get)
end
feature -- Hooks configuration
@@ -206,6 +204,23 @@ feature -- Hooks configuration
end
end
feature -- Handler / Constants
auth_strategy_execution_variable_name: STRING = "auth_strategy"
-- Exevc
auth_strategy (req: WSF_REQUEST): detachable READABLE_STRING_8
-- Strategy used by current authentication.
-- note: if user is authenticated..
do
if
attached {READABLE_STRING_GENERAL} req.execution_variable (auth_strategy_execution_variable_name) as s and then
s.is_valid_as_string_8
then
Result := s.to_string_8
end
end
feature -- Handler
handle_account (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
@@ -214,10 +229,13 @@ feature -- Handler
l_user: detachable CMS_USER
b: STRING
lnk: CMS_LOCAL_LINK
f: CMS_FORM
tf: WSF_FORM_TEXT_INPUT
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create b.make_empty
l_user := r.user
create f.make (r.location, "roccms-user-view")
if attached smarty_template_block (Current, "account_info", api) as l_tpl_block then
l_tpl_block.set_weight (-10)
r.add_block (l_tpl_block, "content")
@@ -225,6 +243,30 @@ feature -- Handler
debug ("cms")
r.add_warning_message ("Error with block [resources_page]")
end
if l_user /= Void then
create tf.make_with_text ("username", l_user.name)
tf.set_label ("Username")
f.extend (tf)
if attached l_user.email as l_email then
create tf.make_with_text ("email", l_email.to_string_32)
tf.set_label ("Email")
f.extend (tf)
end
if attached l_user.profile_name as l_prof_name then
create tf.make_with_text ("profile_name", l_prof_name)
tf.set_label ("Profile name")
f.extend (tf)
end
create tf.make_with_text ("creation", api.formatted_date_time_yyyy_mm_dd (l_user.creation_date))
tf.set_label ("Creation date")
f.extend (tf)
if attached l_user.last_login_date as dt then
create tf.make_with_text ("last_login", api.formatted_date_time_ago (dt))
tf.set_label ("Last login")
f.extend (tf)
end
end
end
if r.is_authenticated then
@@ -237,6 +279,9 @@ feature -- Handler
r.add_to_primary_tabs (lnk)
end
api.hooks.invoke_form_alter (f, Void, r)
f.append_to_html (r.wsf_theme, b)
r.set_main_content (b)
if l_user = Void then
@@ -251,10 +296,12 @@ feature -- Handler
l_user: detachable CMS_USER
b: STRING
lnk: CMS_LOCAL_LINK
l_form: CMS_FORM
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create b.make_empty
l_user := r.user
create l_form.make (r.location, "roccms-user-edit")
if attached smarty_template_block (Current, "account_edit", api) as l_tpl_block then
l_tpl_block.set_weight (-10)
r.add_block (l_tpl_block, "content")
@@ -262,6 +309,7 @@ feature -- Handler
debug ("cms")
r.add_warning_message ("Error with block [resources_page]")
end
-- Build CMS form...
end
create lnk.make ("View", "account/")
lnk.set_weight (1)
@@ -287,6 +335,8 @@ feature -- Handler
f.append_to_html (r.wsf_theme, b)
end
l_form.append_to_html (r.wsf_theme, b)
r.set_main_content (b)
if l_user = Void then
@@ -336,7 +386,7 @@ feature -- Handler
loc: STRING
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if attached {READABLE_STRING_8} api.execution_variable ("auth_strategy") as l_auth_strategy then
if attached auth_strategy (req) as l_auth_strategy then
loc := l_auth_strategy
else
loc := ""

47
modules/auth/cms_authentication_module_webapi.e Normal file
View File

@@ -0,0 +1,47 @@
note
description: "Summary description for {CMS_AUTHENTICATION_MODULE_WEBAPI}."
author: ""
date: "$Date$"
revision: "$Revision$"
class
CMS_AUTHENTICATION_MODULE_WEBAPI
inherit
CMS_MODULE_WEBAPI [CMS_AUTHENTICATION_MODULE]
redefine
permissions
end
create
make
feature -- Security
permissions: LIST [READABLE_STRING_8]
-- List of permission ids, used by this module, and declared.
do
Result := Precursor
Result.force ("admin users")
end
feature {NONE} -- Router/administration
setup_webapi_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
a_router.handle ("/info", create {WSF_URI_AGENT_HANDLER}.make (agent handle_info (?, ?, a_api)), a_router.methods_get)
end
feature -- Request handling
handle_info (req: WSF_REQUEST; res: WSF_RESPONSE; api: CMS_API)
local
m: WSF_HTML_PAGE_RESPONSE
do
create m.make
m.set_body ("{%"info%":%"" + api.setup.site_name + "%"}")
res.send (m)
end
end

103
modules/auth/cms_user_handler.e
View File

@@ -1,103 +0,0 @@
note
description: "[
Handler for a CMS user in the CMS interface
]"
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- Query
user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("uid") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
local
l_user: detachable CMS_USER
l_uid: INTEGER_64
view_response: CMS_USER_VIEW_RESPONSE
do
if api.has_permission ("view user") then
-- Display existing node
l_uid := user_id_path_parameter (req)
if l_uid > 0 then
l_user := api.user_api.user_by_id (l_uid)
if
l_user /= Void
then
create view_response.make (req, res, api)
view_response.execute
else
send_not_found (req, res)
end
else
send_bad_request (req, res)
end
else
send_access_denied (req, res)
end
end
end

103
modules/auth/cms_user_view_response.e
View File

@@ -1,103 +0,0 @@
note
description: "Summary description for {CMS_USER_VIEW_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_VIEW_RESPONSE
inherit
CMS_RESPONSE
create
make
feature -- Query
user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("uid") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- Process
process
-- Computed response message.
local
b: STRING_8
uid: INTEGER_64
user_api: CMS_USER_API
f: CMS_FORM
do
user_api := api.user_api
create b.make_empty
uid := user_id_path_parameter (request)
if
uid > 0 and then
attached user_api.user_by_id (uid) as l_user
then
if
api.has_permission ("view user")
or l_user.same_as (user) -- Same user
then
f := new_view_form (l_user, request.request_uri, "view-user")
f.append_to_html (wsf_theme, b)
else
b.append ("You don't have the permission to view this user!")
end
else
b.append ("User not found!")
end
set_main_content (b)
end
feature -- Process Edit
new_view_form (a_user: detachable CMS_USER; a_url: READABLE_STRING_8; a_name: STRING): CMS_FORM
-- Create a web form named `a_name' for user `a_user' (if set), using form action url `a_url'.
local
th: WSF_FORM_HIDDEN_INPUT
do
create Result.make (a_url, a_name)
create th.make ("user-id")
if a_user /= Void then
th.set_text_value (a_user.id.out)
else
th.set_text_value ("0")
end
Result.extend (th)
populate_form (Result, a_user)
end
populate_form (a_form: WSF_FORM; a_user: detachable CMS_USER)
-- Fill the web form `a_form' with data from `a_node' if set,
-- and apply this to content type `a_content_type'.
local
ti: WSF_FORM_TEXT_INPUT
fs: WSF_FORM_FIELD_SET
do
if a_user /= Void then
create fs.make
fs.set_legend ("User Information")
create ti.make_with_text ("profile_name", a_user.name)
if attached a_user.profile_name as l_profile_name then
ti.set_text_value (l_profile_name)
end
ti.set_label ("Profile name")
ti.set_is_readonly (True)
fs.extend (ti)
a_form.extend (fs)
end
end
end

9
modules/basic_auth/cms_basic_auth_module.e
View File

@@ -19,6 +19,8 @@ inherit
setup_hooks
end
CMS_WITH_WEBAPI
CMS_HOOK_BLOCK
create
@@ -33,6 +35,13 @@ feature {NONE} -- Initialization
description := "Service to manage basic authentication"
end
feature {CMS_EXECUTION} -- Administration
webapi: CMS_BASIC_AUTH_MODULE_WEBAPI
do
create Result.make (Current)
end
feature -- Access
name: STRING = "basic_auth"

36
modules/basic_auth/cms_basic_auth_module_webapi.e Normal file
View File

@@ -0,0 +1,36 @@
note
description: "Summary description for {CMS_BASIC_AUTH_MODULE_WEBAPI}."
date: "$Date$"
revision: "$Revision$"
class
CMS_BASIC_AUTH_MODULE_WEBAPI
inherit
CMS_MODULE_WEBAPI [CMS_BASIC_AUTH_MODULE]
redefine
filters
end
create
make
feature {NONE} -- Router/administration
setup_webapi_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
end
feature -- Access: filter
filters (a_api: CMS_API): detachable LIST [WSF_FILTER]
-- Possibly list of Filter's module.
do
create {ARRAYED_LIST [WSF_FILTER]} Result.make (1)
Result.extend (create {CMS_BASIC_AUTH_FILTER}.make (a_api))
end
note
copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end

2
modules/basic_auth/filter/cms_basic_auth_filter.e
View File

@@ -9,7 +9,7 @@ class
CMS_BASIC_AUTH_FILTER
inherit
CMS_AUTH_FILTER_I
CMS_AUTH_STRATEGY_FILTER
REFACTORING_HELPER

4
modules/basic_auth/handler/cms_basic_auth_login_handler.e
View File

@@ -15,9 +15,6 @@ inherit
new_mapping as new_uri_mapping
end
WSF_FILTER
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get
@@ -34,7 +31,6 @@ feature -- execute
-- Execute request handler.
do
execute_methods (req, res)
execute_next (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)

6
modules/core/site/scripts/user_profile.sql Normal file
View File

@@ -0,0 +1,6 @@
CREATE TABLE user_profiles(
`uid` INTEGER NOT NULL CHECK("uid">=0),
`key` VARCHAR(255) NOT NULL,
`value` TEXT,
CONSTRAINT PK_uid_key PRIMARY KEY (uid,key)
);

2
modules/feed_aggregator/feed_aggregator_module.e
View File

@@ -57,7 +57,7 @@ feature {CMS_API} -- Module Initialization
create feed_aggregator_api.make (api)
end
feature {CMS_API} -- Access: API
feature {CMS_API, CMS_MODULE} -- Access: API
feed_aggregator_api: detachable FEED_AGGREGATOR_API
-- Eventual module api.

2
modules/oauth20/filter/cms_oauth_20_filter.e
View File

@@ -10,7 +10,7 @@ class
CMS_OAUTH_20_FILTER
inherit
CMS_AUTH_FILTER_I
CMS_AUTH_STRATEGY_FILTER
rename
make as make_filter
end

2
modules/openid/filter/cms_openid_filter.e
View File

@@ -9,7 +9,7 @@ class
CMS_OPENID_FILTER
inherit
CMS_AUTH_FILTER_I
CMS_AUTH_STRATEGY_FILTER
rename
make as make_filter
end

2
modules/session_auth/filter/cms_session_auth_filter.e
View File

@@ -9,7 +9,7 @@ class
CMS_SESSION_AUTH_FILTER
inherit
CMS_AUTH_FILTER_I
CMS_AUTH_STRATEGY_FILTER
rename
make as make_filter
end

2
modules/session_auth/persistence/cms_session_auth_storage_sql.e
View File

@@ -11,8 +11,6 @@ inherit
CMS_PROXY_STORAGE_SQL
CMS_SESSION_AUTH_STORAGE_I
CMS_STORAGE_SQL_I
REFACTORING_HELPER

6
modules/user_profile/site/scripts/user_profile.sql Normal file
View File

@@ -0,0 +1,6 @@
CREATE TABLE user_profiles(
`uid` INTEGER NOT NULL CHECK("uid">=0),
`key` VARCHAR(255) NOT NULL.
`value` TEXT.
CONSTRAINT PK_uid_key PRIMARY KEY (uid,key)
);