Fixed and improved various issue in admin module (especially the Role editing which was not working as expected.)

Added CMS_MODULE.permissions to allow module to declare the potential permissions. Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments. Split link "username (Logout)" into 2 links "username" and "logout". Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link. Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time. Merged CMS_REPONSE.variables and CMS_REPONSE.values . When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible. When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info . Code cleaning.
2015-08-04 12:48:14 +02:00
parent c271f839e2
commit bba1d57ce3
38 changed files with 497 additions and 594 deletions
--- a/src/service/user/cms_user_api.e
+++ b/src/service/user/cms_user_api.e
@@ -1,6 +1,5 @@
 note
-	description: "Summary description for {CMS_USER_API}."
-	author: ""
+	description: "API providing user related features."
 	date: "$Date: 2015-02-13 13:08:13 +0100 (ven., 13 févr. 2015) $"
 	revision: "$Revision: 96616 $"

@@ -143,12 +142,52 @@ feature -- User roles.
 			Result := storage.user_role_by_name (a_name)
 		end

+	role_permissions: LIST [READABLE_STRING_8]
+			-- Possible known permissions.
+		local
+			perm: READABLE_STRING_8
+		do
+			Result := storage.role_permissions
+			across
+				cms_api.enabled_modules as ic
+			loop
+				across
+					ic.item.permissions as perms_ic
+				loop
+					perm := perms_ic.item
+					if not Result.has (perm) then
+						Result.force (perm)
+					end
+				end
+			end
+		end
+
 	roles: LIST [CMS_USER_ROLE]
 			-- List of possible roles.
 		do
 			Result := storage.user_roles
 		end

+	effective_roles: LIST [CMS_USER_ROLE]
+			-- List of possible roles, apart from anonymous and authenticated roles that are special.
+		local
+			l_roles: like roles
+			r: CMS_USER_ROLE
+		do
+			l_roles := storage.user_roles
+			create {ARRAYED_LIST [CMS_USER_ROLE]} Result.make (l_roles.count)
+			across
+				l_roles as ic
+			loop
+				r := ic.item
+				if r.same_user_role (anonymous_user_role) or r.same_user_role (authenticated_user_role) then
+					-- Ignore
+				else
+					Result.force (r)
+				end
+			end
+		end
+
 	roles_count: INTEGER
 			-- Number of roles
 		do