Fixed and improved various issue in admin module (especially the Role editing which was not working as expected.)

Added CMS_MODULE.permissions to allow module to declare the potential permissions. Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments. Split link "username (Logout)" into 2 links "username" and "logout". Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link. Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time. Merged CMS_REPONSE.variables and CMS_REPONSE.values . When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible. When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info . Code cleaning.
2015-08-04 12:48:14 +02:00
parent c271f839e2
commit bba1d57ce3
38 changed files with 497 additions and 594 deletions
--- a/modules/node/handler/node_handler.e
+++ b/modules/node/handler/node_handler.e
@@ -85,16 +85,16 @@ feature -- HTTP Methods
 			edit_response: NODE_FORM_RESPONSE
 			view_response: NODE_VIEW_RESPONSE
 		do
-			if req.path_info.ends_with_general ("/edit") then
-				check valid_url: req.path_info.starts_with_general ("/node/") end
+			if req.percent_encoded_path_info.ends_with ("/edit") then
+				check valid_url: req.percent_encoded_path_info.starts_with ("/node/") end
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
-			elseif req.path_info.ends_with_general ("/delete")  then
-				check valid_url: req.path_info.starts_with_general ("/node/") end
+			elseif req.percent_encoded_path_info.ends_with ("/delete")  then
+				check valid_url: req.percent_encoded_path_info.starts_with ("/node/") end
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
-			elseif req.path_info.ends_with_general ("/trash")  then
-				check valid_url: req.path_info.starts_with_general ("/node/") end
+			elseif req.percent_encoded_path_info.ends_with ("/trash")  then
+				check valid_url: req.percent_encoded_path_info.starts_with ("/node/") end
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
 			else
@@ -125,17 +125,17 @@ feature -- HTTP Methods
 			edit_response: NODE_FORM_RESPONSE
 		do
 			fixme ("Refactor code: extract methods: edit_node and add_node")
-			if req.path_info.ends_with_general ("/edit") then
+			if req.percent_encoded_path_info.ends_with ("/edit") then
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
-			elseif req.path_info.ends_with_general ("/delete") then
+			elseif req.percent_encoded_path_info.ends_with ("/delete") then
 				if
 					attached {WSF_STRING} req.form_parameter ("op") as l_op and then
 					l_op.value.same_string ("Delete")
 				then
 					do_delete (req, res)
 				end
-			elseif req.path_info.ends_with_general ("/trash") then
+			elseif req.percent_encoded_path_info.ends_with ("/trash") then
 				if
 					attached {WSF_STRING} req.form_parameter ("op") as l_op and then
 					l_op.value.same_string ("Trash")
@@ -147,7 +147,7 @@ feature -- HTTP Methods
 				then
 					do_restore (req, res)
 				end
-			elseif req.path_info.starts_with_general ("/node/add/") then
+			elseif req.percent_encoded_path_info.starts_with ("/node/add/") then
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
 			else
@@ -260,14 +260,14 @@ feature -- Error
 			l_page: CMS_RESPONSE
 		do
 			create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
-			l_page.add_variable (req.absolute_script_url (req.path_info), "request")
+			l_page.set_value (req.absolute_script_url (req.percent_encoded_path_info), "request")
 			if a_id /= Void and then a_id.is_integer then
 					-- resource not found
-				l_page.add_variable ("404", "code")
+				l_page.set_value ("404", "code")
 				l_page.set_status_code (404)
 			else
 					-- bad request
-				l_page.add_variable ("400", "code")
+				l_page.set_value ("400", "code")
 				l_page.set_status_code (400)
 			end
 			l_page.execute
@@ -279,7 +279,7 @@ feature {NONE} -- Node
 		local
 			edit_response: NODE_FORM_RESPONSE
 		do
-			if req.path_info.starts_with_general ("/node/") then
+			if req.percent_encoded_path_info.starts_with_general ("/node/") then
 				create edit_response.make (req, res, api, node_api)
 				edit_response.execute
 			elseif req.is_get_request_method then