Fixed and improved various issue in admin module (especially the Role editing which was not working as expected.)

Added CMS_MODULE.permissions to allow module to declare the potential permissions. Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments. Split link "username (Logout)" into 2 links "username" and "logout". Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link. Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time. Merged CMS_REPONSE.variables and CMS_REPONSE.values . When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible. When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info . Code cleaning.
2015-08-04 12:48:14 +02:00
parent c271f839e2
commit bba1d57ce3
38 changed files with 497 additions and 594 deletions
--- a/src/persistence/user/cms_user_storage_sql_i.e
+++ b/src/persistence/user/cms_user_storage_sql_i.e
@@ -503,6 +503,27 @@ feature -- Access: roles and permissions
 			end
 		end

+	role_permissions: LIST [READABLE_STRING_8]
+			-- Possible known permissions.
+		do
+			error_handler.reset
+			write_information_log (generator + ".role_permissions")
+
+			create {ARRAYED_LIST [READABLE_STRING_8]} Result.make (0)
+			Result.compare_objects
+			from
+				sql_query (select_role_permissions, Void)
+				sql_start
+			until
+				sql_after
+			loop
+				if attached sql_read_string (1) as l_permission then
+					Result.force (l_permission)
+				end
+				sql_forth
+			end
+		end
+
 feature -- Change: roles and permissions		

 	save_user_role (a_user_role: CMS_USER_ROLE)
@@ -553,18 +574,7 @@ feature -- Change: roles and permissions
 						a_user_role.permissions as ic
 					loop
 						p := ic.item
-						from
-							l_found := False
-							l_permissions.start
-						until
-							l_found or l_permissions.after
-						loop
-							if p.is_case_insensitive_equal (l_permissions.item) then
-								l_found := True
-							else
-								l_permissions.forth
-							end
-						end
+						l_found := across l_permissions as p_ic some p.is_case_insensitive_equal_general (p_ic.item) end
 						if l_found then
 								-- Already there, skip							
 						else
@@ -915,6 +925,9 @@ feature {NONE} -- Sql Queries: USER ROLE
 	select_role_permissions_by_role_id: STRING = "SELECT permission, module FROM role_permissions WHERE rid=:rid;"
 			-- User role permissions for role id :rid;

+	select_role_permissions: STRING = "SELECT DISTINCT permission FROM role_permissions;"
+			-- Used user role permissions
+
 	sql_delete_role_permissions_by_role_id: STRING = "DELETE FROM role_permissions WHERE rid=:rid;"

 	sql_delete_role_by_id: STRING = "DELETE FROM roles WHERE rid=:rid;"