backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'jvelilla/roc_admin' into ewf_v1

Browse Source
This commit is contained in:
Jocelyn FIAT
2015-08-03 14:05:03 +02:00
parent 5d81f1d195 63f3ec12d0
commit c271f839e2
24 changed files with 2830 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
examples/demo/demo-safe.ecf
View File

@@ -23,6 +23,7 @@
<library name="cms_node_module" location="..\..\modules\node\node-safe.ecf" readonly="false"/> <library name="cms_node_module" location="..\..\modules\node\node-safe.ecf" readonly="false"/>
<library name="cms_oauth_20_module" location="..\..\modules\oauth20\oauth20-safe.ecf" readonly="false"/> <library name="cms_oauth_20_module" location="..\..\modules\oauth20\oauth20-safe.ecf" readonly="false"/>
<library name="cms_openid_module" location="..\..\modules\openid\openid-safe.ecf" readonly="false"/> <library name="cms_openid_module" location="..\..\modules\openid\openid-safe.ecf" readonly="false"/>
<library name="cms_admin_module" location="..\..\modules\admin\admin-safe.ecf" readonly="false"/>
<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf" readonly="false"/> <library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc-safe.ecf" readonly="false"/>
<!-- <!--
<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" readonly="false"/> <library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql-safe.ecf" readonly="false"/>

34
examples/demo/site/modules/admin/files/css/admin.css Normal file
View File

@@ -0,0 +1,34 @@
ul.cms-users {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-users li {
border-top: dotted 1px #ccc; }
ul.cms-users li:first-child {
border-top: none; }
ul.cms-users li.cms_user a::before {
content: "[users] "; }
ul.cms-roles {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-roles li {
border-top: dotted 1px #ccc; }
ul.cms-roles li:first-child {
border-top: none; }
ul.cms-roles li.cms_role a::before {
content: "[roles] "; }
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-permissions li {
border-top: dotted 1px #ccc; }
ul.cms-permissions li:first-child {
border-top: none; }
ul.cms-permissions li.cms_permission a::before {
content: "[permission] "; }
/*# sourceMappingURL=admin.css.map */

7
examples/demo/site/modules/admin/files/scss/admin.css.map Normal file
View File

@@ -0,0 +1,7 @@
{
"version": 3,
"mappings": "AAAA,YAAa;EAEZ,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,eAAE;IACD,UAAU,EAAE,eAAe;IAC3B,2BAAc;MACb,UAAU,EAAE,IAAI;EAIlB,kCAAsB;IACrB,OAAO,EAAE,UAAU;;AAKrB,YAAa;EAEZ,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,eAAE;IACD,UAAU,EAAE,eAAe;IAC3B,2BAAc;MACb,UAAU,EAAE,IAAI;EAIlB,kCAAsB;IACrB,OAAO,EAAE,UAAU;;AAKrB,kBAAmB;EAElB,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,qBAAE;IACD,UAAU,EAAE,eAAe;IAC3B,iCAAc;MACb,UAAU,EAAE,IAAI;EAIlB,8CAA4B;IAC3B,OAAO,EAAE,eAAe",
"sources": ["admin.scss"],
"names": [],
"file": "admin.css"
}

59
examples/demo/site/modules/admin/files/scss/admin.scss Normal file
View File

@@ -0,0 +1,59 @@
ul.cms-users {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_user a::before {
content: "[users] ";
}
}
ul.cms-roles {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_role a::before {
content: "[roles] ";
}
}
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_permission a::before {
content: "[permission] ";
}
}

3
examples/demo/src/ewf_roc_server_execution.e
View File

@@ -55,6 +55,9 @@ feature -- CMS setup
local local
m: CMS_MODULE m: CMS_MODULE
do do
create {CMS_ADMIN_MODULE} m.make (a_setup)
a_setup.register_module (m)
-- Auth -- Auth
create {CMS_AUTHENTICATION_MODULE} m.make create {CMS_AUTHENTICATION_MODULE} m.make
a_setup.register_module (m) a_setup.register_module (m)

28
modules/admin/admin-safe.ecf Normal file
View File

@@ -0,0 +1,28 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-14-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-14-0 http://www.eiffel.com/developers/xml/configuration-1-14-0.xsd" name="admin" uuid="7195898D-7ACB-40D1-B85A-EE83E0DC695A" library_target="admin">
<target name="admin">
<root all_classes="true"/>
<file_rule>
<exclude>/EIFGENs$</exclude>
<exclude>/CVS$</exclude>
<exclude>/.svn$</exclude>
</file_rule>
<option warning="true" full_class_checking="false" is_attached_by_default="true" void_safety="all" syntax="transitional">
<assertions precondition="true" postcondition="true" check="true" invariant="true" loop="true" supplier_precondition="true"/>
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base-safe.ecf"/>
<library name="cms" location="..\..\cms-safe.ecf"/>
<library name="cms_app_env" location="..\..\library\app_env\app_env-safe.ecf" readonly="false"/>
<library name="cms_auth_module" location="..\..\modules\auth\auth-safe.ecf" readonly="false"/>
<library name="cms_model" location="..\..\library\model\cms_model-safe.ecf" readonly="false"/>
<library name="encoder" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\text\encoder\encoder-safe.ecf"/>
<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error-safe.ecf"/>
<library name="http" location="$ISE_LIBRARY\contrib\library\network\protocol\http\http-safe.ecf"/>
<library name="http_authorization" location="$ISE_LIBRARY\contrib\library\network\authentication\http_authorization\http_authorization-safe.ecf" readonly="false"/>
<library name="time" location="$ISE_LIBRARY\library\time\time-safe.ecf"/>
<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension-safe.ecf" readonly="false"/>
<library name="wsf_html" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf_html\wsf_html-safe.ecf" readonly="false"/>
<cluster name="src" location=".\" recursive="true"/>
</target>
</system>

137
modules/admin/cms_admin_module.e Normal file
View File

@@ -0,0 +1,137 @@
note
description: "Summary description for {CMS_ADMIN_MODULE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_MODULE
inherit
CMS_MODULE
redefine
register_hooks
end
CMS_HOOK_MENU_SYSTEM_ALTER
CMS_HOOK_RESPONSE_ALTER
CMS_HOOK_BLOCK
CMS_REQUEST_UTIL
create
make
feature {NONE} -- Initialization
make (a_setup: CMS_SETUP)
-- Create Current module, disabled by default.
do
version := "1.0"
description := "Service to Administrate CMS (users, modules, etc)"
package := "core"
config := a_setup
end
config: CMS_SETUP
-- Node configuration.
feature -- Access
name: STRING = "admin"
feature {CMS_API} -- Module Initialization
feature -- Access: router
setup_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
configure_web (a_api, a_router)
end
configure_web (a_api: CMS_API; a_router: WSF_ROUTER)
local
l_admin_handler: CMS_ADMIN_HANDLER
l_users_handler: CMS_ADMIN_USERS_HANDLER
l_roles_handler: CMS_ADMIN_ROLES_HANDLER
l_user_handler: CMS_USER_HANDLER
l_role_handler: CMS_ROLE_HANDLER
l_uri_mapping: WSF_URI_MAPPING
do
create l_admin_handler.make (a_api)
create l_uri_mapping.make_trailing_slash_ignored ("/admin", l_admin_handler)
a_router.map (l_uri_mapping, a_router.methods_get_post)
create l_users_handler.make (a_api)
create l_uri_mapping.make_trailing_slash_ignored ("/admin/users", l_users_handler)
a_router.map (l_uri_mapping, a_router.methods_get_post)
create l_roles_handler.make (a_api)
create l_uri_mapping.make_trailing_slash_ignored ("/admin/roles", l_roles_handler)
a_router.map (l_uri_mapping, a_router.methods_get_post)
create l_user_handler.make (a_api)
a_router.handle ("/admin/add/user", l_user_handler, a_router.methods_get_post)
a_router.handle ("/admin/user/{id}", l_user_handler, a_router.methods_get)
a_router.handle ("/admin/user/{id}/edit", l_user_handler, a_router.methods_get_post)
a_router.handle ("/admin/user/{id}/delete", l_user_handler, a_router.methods_get_post)
create l_role_handler.make (a_api)
a_router.handle ("/admin/add/role", l_role_handler, a_router.methods_get_post)
a_router.handle ("/admin/role/{id}", l_role_handler, a_router.methods_get)
a_router.handle ("/admin/role/{id}/edit", l_role_handler, a_router.methods_get_post)
a_router.handle ("/admin/role/{id}/delete", l_role_handler, a_router.methods_get_post)
end
feature -- Hooks
register_hooks (a_response: CMS_RESPONSE)
-- <Precursor>
do
a_response.subscribe_to_menu_system_alter_hook (Current)
a_response.subscribe_to_block_hook (Current)
a_response.subscribe_to_response_alter_hook (Current)
end
response_alter (a_response: CMS_RESPONSE)
-- <Precursor>
do
a_response.add_style (a_response.url ("/module/" + name + "/files/css/admin.css", Void), Void)
end
block_list: ITERABLE [like {CMS_BLOCK}.name]
-- <Precursor>
do
Result := <<"admin-info">>
end
get_block_view (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
local
-- b: CMS_CONTENT_BLOCK
do
-- create b.make (a_block_id, "Block::node", "This is a block test", Void)
-- a_response.add_block (b, "sidebar_second")
end
menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE)
local
lnk: CMS_LOCAL_LINK
do
if
attached current_user (a_response.request) as l_user and then
a_response.api.user_api.is_admin_user (l_user)
then
create lnk.make ("Admin", "admin")
a_menu_system.primary_menu.extend (lnk)
end
end
note
copyright: "2011-2015, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end

91
modules/admin/handler/cms_admin_handler.e Normal file
View File

@@ -0,0 +1,91 @@
note
description: "[
handler for CMS admin in the CMS interface.
TODO: implement REST API.
]" author: ""
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get,
do_post
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
create {CMS_ADMIN_RESPONSE} r.make (req, res, api)
r.execute
else
r.execute
end
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
create {CMS_ADMIN_RESPONSE} r.make (req, res, api)
r.execute
else
r.execute
end
end
end

241
modules/admin/handler/cms_admin_response.e Normal file
View File

@@ -0,0 +1,241 @@
note
description: "Summary description for {CMS_ADMIN_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_RESPONSE
inherit
CMS_RESPONSE
redefine
make,
initialize,
custom_prepare
end
create
make
feature {NONE} -- Initialization
make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
do
create {WSF_NULL_THEME} wsf_theme.make
Precursor (req, res, a_api)
end
initialize
do
Precursor
create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
end
wsf_theme: WSF_THEME
feature -- Process
process
local
b: STRING
do
create b.make_empty
set_title (translation ("Admin Page", Void))
b.append ("<ul id=%"content-types%">")
fixme ("Check how to make it configurable")
if has_permissions (<< "View any">>) then
b.append ("<li>" + link ("Users", "admin/users", Void))
b.append ("<div class=%"description%">View/Edit/Add Users</div>")
b.append ("</li>")
b.append ("<li>" + link ("Roles", "admin/roles", Void))
b.append ("<div class=%"description%">View/Edit/Add Roles</div>")
b.append ("</li>")
end
b.append ("</ul>")
set_main_content (b)
end
feature -- Generation
custom_prepare (page: CMS_HTML_PAGE)
do
if attached variables as l_variables then
across l_variables as c loop page.register_variable (c.item, c.key) end
end
end
feature -- Admin: Add User Form
handle_admin_user_form
local
s: STRING
f: CMS_FORM
t: WSF_FORM_TEXT_INPUT
fe: WSF_FORM_EMAIL_INPUT
fs: WSF_FORM_FIELD_SET
f_submit: WSF_FORM_SUBMIT_INPUT
do
create f.make (request.percent_encoded_path_info, {CMS_ADMIN_MODULE}.name )
create fs.make
fs.set_legend ("Create new user without password:")
create t.make_with_text ("username", "")
t.set_label ("User name")
t.enable_required
t.set_placeholder ("username")
fs.extend (t)
create fe.make_with_text ("email", "")
fe.set_label ("Email")
fe.set_placeholder ("valid email")
fs.extend (fe)
create f_submit.make_with_text ("op", "Create user")
fs.extend (f_submit)
create f_submit.make_with_text ("op", "Update user")
fs.extend (f_submit)
f.extend (fs)
if request.is_post_request_method then
create s.make_empty
f.validation_actions.extend (agent (fd: WSF_FORM_DATA; ia_api: CMS_API)
do
if attached fd.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create user") then
if attached fd.string_item ("username") as l_username then
if attached ia_api.user_api.user_by_name (l_username) then
fd.report_invalid_field ("username", "Username already taken!")
end
else
fd.report_invalid_field ("username", "missing username")
end
if attached fd.string_item ("email") as l_email then
if attached ia_api.user_api.user_by_email (l_email) then
fd.report_invalid_field ("email", "Email address already associated with an existing account!")
end
else
fd.report_invalid_field ("email", "missing email address")
end
elseif f_op.is_case_insensitive_equal_general ("Update user") then
if attached fd.string_item ("username") as l_username then
if ia_api.user_api.user_by_name (l_username) = Void then
fd.report_invalid_field ("username", "Username does not exist!")
end
else
fd.report_invalid_field ("username", "missing username")
end
end
end
end(?, api)
)
f.submit_actions.extend (agent (fd: WSF_FORM_DATA; ia_api: CMS_API; a_output: STRING)
local
u: CMS_USER
l_roles: detachable LIST [CMS_USER_ROLE]
l_trusted_user_role: detachable CMS_USER_ROLE
do
if attached fd.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create user") then
if
attached fd.string_item ("username") as l_username and then
attached fd.string_item ("email") as l_email and then
l_email.is_valid_as_string_8
then
create u.make (l_username)
u.set_email (l_email.as_string_8)
u.set_password (new_random_password (u))
ia_api.user_api.new_user (u)
if ia_api.user_api.has_error then
end
a_output.append ("<li>New user ["+ html_encoded (l_username) +"] created.</li>")
else
fd.report_invalid_field ("username", "Missing username!")
fd.report_invalid_field ("email", "Missing email address!")
end
elseif f_op.is_case_insensitive_equal_general ("Update user") then
if
attached fd.string_item ("username") as l_username and then
attached ia_api.user_api.user_by_name (l_username) as l_user
then
l_trusted_user_role := ia_api.user_api.user_role_by_name ("trusted")
if l_trusted_user_role = Void then
create l_trusted_user_role.make ("trusted")
ia_api.user_api.save_user_role (l_trusted_user_role)
end
l_trusted_user_role.add_permission ("admin wdocs")
l_trusted_user_role.add_permission ("edit wdocs page")
l_trusted_user_role.add_permission ("create wdocs page")
l_trusted_user_role.add_permission ("delete wdocs page")
l_trusted_user_role.add_permission ("edit any wdocs page")
l_trusted_user_role.add_permission ("delete any wdocs page")
l_trusted_user_role.add_permission ("clear wdocs cache")
l_trusted_user_role.add_permission ("create page")
l_trusted_user_role.add_permission ("edit any page")
l_trusted_user_role.add_permission ("delete any page")
l_trusted_user_role.add_permission ("create blog")
l_trusted_user_role.add_permission ("edit any blog")
l_trusted_user_role.add_permission ("delete any blog")
l_trusted_user_role.add_permission ("edit any node")
l_trusted_user_role.add_permission ("delete any node")
ia_api.user_api.save_user_role (l_trusted_user_role)
l_trusted_user_role := ia_api.user_api.user_role_by_name ("trusted")
if l_trusted_user_role /= Void then
u := l_user
ia_api.user_api.update_user (u)
l_roles := u.roles
if l_roles = Void then
create {ARRAYED_LIST [CMS_USER_ROLE]} l_roles.make (1)
end
l_roles.force (l_trusted_user_role)
u.set_roles (l_roles)
ia_api.user_api.update_user (u)
a_output.append ("<li>User ["+ html_encoded (l_username) +"] updated.</li>")
else
a_output.append ("<li>User ["+ html_encoded (l_username) +"] NOT updated! [ERROR].</li>")
end
else
fd.report_invalid_field ("username", "User does not exist!")
end
end
end
end(?, api, s)
)
f.process (Current)
f.append_to_html (create {CMS_TO_WSF_THEME}.make (Current, Current.theme), s)
Current.set_main_content (s)
elseif request.is_get_head_request_method then
create s.make_empty
f.append_to_html (create {CMS_TO_WSF_THEME}.make (Current, Current.theme), s)
Current.set_main_content (s)
end
end
new_random_password (u: CMS_USER): STRING
-- Generate a new token activation token
local
l_token: STRING
l_security: SECURITY_PROVIDER
l_encode: URL_ENCODER
do
create l_security
l_token := l_security.token
create l_encode
from until l_token.same_string (l_encode.encoded_string (l_token)) loop
-- Loop ensure that we have a security token that does not contain characters that need encoding.
-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
-- but the user will need to use an unencoded token if activation has to be done manually.
l_token := l_security.token
end
Result := l_token + url_encoded (u.name) + u.creation_date.out
end
end

113
modules/admin/handler/role/cms_admin_roles_handler.e Normal file
View File

@@ -0,0 +1,113 @@
note
description: "Summary description for {CMS_ADMIN_ROLE_HANDLER}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_ROLES_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
local
l_response: CMS_RESPONSE
s: STRING
u: CMS_USER_ROLE
l_count: INTEGER
user_api: CMS_USER_API
do
-- At the moment the template are hardcoded, but we can
-- get them from the configuration file and load them into
-- the setup class.
user_api := api.user_api
l_count := user_api.roles_count
create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
create s.make_empty
if l_count > 1 then
l_response.set_title ("Listing " + l_count.out + " Roles")
else
l_response.set_title ("Listing " + l_count.out + " Role")
end
if attached user_api.roles as lst then
s.append ("<ul class=%"cms-roles%">%N")
across
lst as ic
loop
u := ic.item
s.append ("<li class=%"cms_role%">")
s.append ("<a href=%"")
s.append (req.absolute_script_url ("/admin/role/"+u.id.out))
s.append ("%">")
s.append (u.name)
s.append ("</a>")
s.append ("</li>%N")
end
s.append ("</ul>%N")
end
if l_response.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
s.append (l_response.link ("Add Role", "admin/add/role", Void))
end
l_response.set_main_content (s)
l_response.execute
end
end

486
modules/admin/handler/role/cms_role_form_response.e Normal file
View File

@@ -0,0 +1,486 @@
note
description: "Summary description for {CMS_ROLE_FORM_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ROLE_FORM_RESPONSE
inherit
CMS_RESPONSE
redefine
make,
initialize,
custom_prepare
end
create
make
feature {NONE} -- Initialization
make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
do
create {WSF_NULL_THEME} wsf_theme.make
Precursor (req, res, a_api)
end
initialize
do
Precursor
create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
end
wsf_theme: WSF_THEME
feature -- Query
role_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- Role id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- Process
process
-- Computed response message.
local
b: STRING_8
uid: INTEGER_64
user_api: CMS_USER_API
do
user_api := api.user_api
create b.make_empty
uid := role_id_path_parameter (request)
if uid > 0 and then attached user_api.user_role_by_id (uid.to_integer) as l_role then
fixme ("Issues with WSD_FORM_DATA.apply_to_associated_form")
-- if we have a WSF_FORM_CHECKBOK_INPUT, cheked inputs, are not preserverd in case of error.
if request.path_info.ends_with_general ("/edit") then
edit_form (l_role)
elseif request.path_info.ends_with_general ("/delete") then
delete_form (l_role)
end
else
new_form
end
end
feature -- Process Edit
edit_form (a_role: CMS_USER_ROLE)
local
f: like new_edit_form
b: STRING
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_edit_form (a_role, url (request.path_info, Void), "edit-user")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.validation_actions.extend (agent edit_form_validate(?,a_role, b))
f.submit_actions.extend (agent edit_form_submit(?, a_role, b))
f.process (Current)
fd := f.last_data
end
if a_role.has_id then
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("View", Void), "admin/role/" + a_role.id.out), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Edit", Void), "admin/role/" + a_role.id.out + "/edit"), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Delete", Void), "admin/role/" + a_role.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_role.name)
b.append (html_encoded (a_role.name) + " saved")
else
set_title (formatted_string (translation ("Edit $1 #$2", Void), [a_role.name, a_role.id]))
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Process Delete
delete_form (a_role: CMS_USER_ROLE)
local
f: like new_delete_form
b: STRING
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_delete_form (a_role, url (request.path_info, Void), "edit-user")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.process (Current)
fd := f.last_data
end
if a_role.has_id then
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("View", Void), "admin/role/" + a_role.id.out), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Edit", Void), "admin/role/" + a_role.id.out + "/edit"), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Delete", Void), "admin/role/" + a_role.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_role.name)
b.append (html_encoded (a_role.name) + " deleted")
else
set_title (formatted_string (translation ("Delete $1 #$2", Void), [a_role.name, a_role.id]))
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Process New
new_form
local
f: like new_edit_form
b: STRING
fd: detachable WSF_FORM_DATA
l_role: detachable CMS_USER_ROLE
do
create b.make_empty
f := new_edit_form (l_role, url (request.path_info, Void), "create-role")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.validation_actions.extend (agent new_form_validate(?, b))
f.submit_actions.extend (agent edit_form_submit(?, l_role, b))
f.process (Current)
fd := f.last_data
end
if attached redirection as l_location then
-- FIXME: Hack for now
if attached l_role then
set_title (l_role.name)
b.append (html_encoded (l_role.name) + " Saved")
end
else
if attached l_role then
set_title (formatted_string (translation ("Saved $1 #$2", Void), [l_role.name, l_role.id]))
end
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Form
edit_form_submit (fd: WSF_FORM_DATA; a_role: detachable CMS_USER_ROLE; b: STRING)
local
l_save_role: BOOLEAN
l_update_role: BOOLEAN
l_role: detachable CMS_USER_ROLE
s: STRING
lnk: CMS_LINK
do
l_save_role := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Create role")
if l_save_role then
debug ("cms")
across
fd as c
loop
b.append ("<li>" + html_encoded (c.key) + "=")
if attached c.item as v then
b.append (html_encoded (v.string_representation))
end
b.append ("</li>")
end
end
create_role (fd)
end
l_update_role := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Update role")
if l_update_role then
debug ("cms")
across
fd as c
loop
b.append ("<li>" + html_encoded (c.key) + "=")
if attached c.item as v then
b.append (html_encoded (v.string_representation))
end
b.append ("</li>")
end
end
if attached a_role as u_role then
update_role (fd, u_role)
else
fd.report_error ("Missing Role")
end
end
end
edit_form_validate (fd: WSF_FORM_DATA; a_role: CMS_USER_ROLE; b: STRING)
do
if attached fd.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Update role") then
if
attached fd.string_item ("role") as l_role and then
not a_role.name.is_case_insensitive_equal (l_role)
then
if attached api.user_api.user_role_by_name (l_role) then
fd.report_invalid_field ("role", "Role already taken!")
end
else
if fd.string_item ("role") = Void then
fd.report_invalid_field ("role", "missing role")
end
end
if attached {WSF_TABLE} fd.item ("cms_perm[]") as l_perm then
a_role.permissions.compare_objects
from
l_perm.values.start
until
l_perm.values.after
loop
if attached {WSF_STRING} l_perm.value (l_perm.values.key_for_iteration) as l_value then
if a_role.permissions.has (l_value.value) then
fd.report_invalid_field ("cms_perm[]", "Permission " + l_value.value + " already taken!")
end
end
l_perm.values.forth
end
end
end
end
end
new_edit_form (a_role: detachable CMS_USER_ROLE; a_url: READABLE_STRING_8; a_name: STRING;): CMS_FORM
-- Create a web form named `a_name' for uSER `a_YSER' (if set), using form action url `a_url'.
local
f: CMS_FORM
th: WSF_FORM_HIDDEN_INPUT
do
create f.make (a_url, a_name)
create th.make ("role-id")
if a_role /= Void then
th.set_text_value (a_role.id.out)
else
th.set_text_value ("0")
end
f.extend (th)
populate_form (f, a_role)
Result := f
end
new_form_validate (fd: WSF_FORM_DATA; b: STRING)
do
if attached fd.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create role") then
if attached fd.string_item ("role") as l_role then
if attached api.user_api.user_role_by_name (l_role) then
fd.report_invalid_field ("role", "Role already taken!")
end
else
fd.report_invalid_field ("role", "missing role")
end
end
end
end
new_delete_form (a_role: detachable CMS_USER_ROLE; a_url: READABLE_STRING_8; a_name: STRING;): CMS_FORM
-- Create a web form named `a_name' for node `a_user' (if set), using form action url `a_url'.
local
f: CMS_FORM
ts: WSF_FORM_SUBMIT_INPUT
do
create f.make (a_url, a_name)
f.extend_html_text ("<br/>")
f.extend_html_text ("<legend>Are you sure you want to delete?</legend>")
-- TODO check if we need to check for has_permissions!!
if a_role /= Void and then a_role.has_id then
create ts.make ("op")
ts.set_default_value ("Delete")
fixme ("[
ts.set_default_value (translation ("Delete"))
]")
f.extend (ts)
create ts.make ("op")
ts.set_default_value ("Cancel")
ts.set_formmethod ("GET")
ts.set_formaction ("/admin/role/" + a_role.id.out)
f.extend (ts)
end
Result := f
end
populate_form (a_form: WSF_FORM; a_role: detachable CMS_USER_ROLE)
-- Fill the web form `a_form' with data from `a_node' if set,
-- and apply this to content type `a_content_type'.
local
ti: WSF_FORM_TEXT_INPUT
fe: WSF_FORM_EMAIL_INPUT
fs: WSF_FORM_FIELD_SET
cb: WSF_FORM_CHECKBOX_INPUT
ts: WSF_FORM_SUBMIT_INPUT
tb: WSF_FORM_BUTTON_INPUT
do
if attached a_role as l_role then
create fs.make
fs.set_legend ("User Role")
create ti.make_with_text ("role", a_role.name)
ti.set_label ("Role")
ti.enable_required
fs.extend (ti)
a_form.extend (fs)
a_form.extend_html_text ("<br/>")
create fs.make
fs.set_legend ("Permissions")
if not l_role.permissions.is_empty then
across l_role.permissions as ic loop
create cb.make_with_value ("cms_permissions", ic.item)
cb.set_checked (True)
cb.set_label (ic.item)
fs.extend (cb)
end
end
create ti.make ("cms_perm[]")
fs.extend (ti)
fs.extend_html_text ("<div class=%"input_fields_wrap%"></div>")
fs.extend_html_text ("<button class=%"add_field_button%">Add More Permissions</button>")
a_form.extend (fs)
add_javascript_content (script_add_remove_items)
create ts.make ("op")
ts.set_default_value ("Update role")
a_form.extend (ts)
a_form.extend_html_text ("<hr>")
else
create fs.make
fs.set_legend ("User Role")
create ti.make ("role")
ti.set_label ("Role")
ti.enable_required
fs.extend (ti)
a_form.extend (fs)
a_form.extend_html_text ("<br/>")
create ts.make ("op")
ts.set_default_value ("Create role")
a_form.extend (ts)
a_form.extend_html_text ("<hr>")
end
end
update_role (a_form_data: WSF_FORM_DATA; a_role: CMS_USER_ROLE)
-- Update node `a_node' with form_data `a_form_data' for the given content type `a_content_type'.
local
l_permissions: LIST [READABLE_STRING_8]
do
if attached a_form_data.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Update role") then
if
attached a_form_data.string_item("role") as l_role_name and then
attached a_form_data.string_item ("role-id") as l_role_id
and then attached {CMS_USER_ROLE} api.user_api.user_role_by_id (l_role_id.to_integer) as l_role
then
l_permissions := a_role.permissions
l_permissions.compare_objects
if attached {WSF_STRING} a_form_data.item ("cms_permissions") as u_role then
a_role.permissions.wipe_out
a_role.add_permission (u_role.value)
elseif attached {WSF_MULTIPLE_STRING} a_form_data.item ("cms_permissions") as u_permissions then
across
u_permissions as ic
loop
if not l_permissions.has (ic.item.value) then
a_role.remove_permission (ic.item.value)
end
end
else
a_role.permissions.wipe_out
end
if attached {WSF_TABLE} a_form_data.item ("cms_perm[]") as l_perm then
a_role.permissions.compare_objects
from
l_perm.values.start
until
l_perm.values.after
loop
if
attached {WSF_STRING} l_perm.value (l_perm.values.key_for_iteration) as l_value and then
not l_value.value.is_whitespace
then
a_role.add_permission (l_value.value)
end
l_perm.values.forth
end
end
if not a_form_data.has_error then
a_role.set_name (l_role_name)
api.user_api.save_user_role (a_role)
add_success_message ("Permissions updated")
end
else
a_form_data.report_error ("Missing Role")
end
end
end
end
create_role (a_form_data: WSF_FORM_DATA)
local
u: CMS_USER_ROLE
do
if attached a_form_data.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create role") then
if attached a_form_data.string_item ("role") as l_role then
create u.make (l_role)
api.user_api.save_user_role (u)
if api.user_api.has_error then
-- handle error
else
add_success_message ("Created Role")
end
else
a_form_data.report_invalid_field ("username", "Missing role!")
end
end
end
end
feature -- Generation
custom_prepare (page: CMS_HTML_PAGE)
do
if attached variables as l_variables then
across
l_variables as c
loop
page.register_variable (c.item, c.key)
end
end
end
script_add_remove_items: STRING = "[
$(document).ready(function() {
var wrapper = $(".input_fields_wrap"); //Fields wrapper
var add_button = $(".add_field_button"); //Add button ID
$(add_button).click(function(e){ //on add input button click
e.preventDefault();
$(wrapper).append('<div><input type="text" name="cms_perm[]"/><a href="#" class="remove_field">Remove</a></div>'); //add input box
});
$(wrapper).on("click",".remove_field", function(e){ //user click on remove text
e.preventDefault(); $(this).parent('div').remove(); x--;
})
});
]"
end

203
modules/admin/handler/role/cms_role_handler.e Normal file
View File

@@ -0,0 +1,203 @@
note
description: "[
Handler for a CMS user in the CMS interface
]"
date: "$Date$"
revision: "$Revision$"
class
CMS_ROLE_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get,
do_post,
do_delete
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- Query
role_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
local
l_role: detachable CMS_USER_ROLE
l_uid: INTEGER_64
edit_response: CMS_ROLE_FORM_RESPONSE
view_response: CMS_ROLE_VIEW_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if req.path_info.ends_with_general ("/edit") then
check valid_url: req.path_info.starts_with_general ("/admin/role/") end
create edit_response.make (req, res, api)
edit_response.execute
elseif req.path_info.ends_with_general ("/delete") then
check valid_url: req.path_info.starts_with_general ("/admin/role/") end
create edit_response.make (req, res, api)
edit_response.execute
else
-- Display existing node
l_uid := role_id_path_parameter (req)
if l_uid > 0 then
l_role := api.user_api.user_role_by_id (l_uid.to_integer)
if
l_role /= Void
then
create view_response.make (req, res, api)
view_response.execute
else
send_not_found (req, res)
end
else
create_new_role (req, res)
end
end
else
r.execute
end
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_ROLE_FORM_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if req.path_info.ends_with_general ("/edit") then
create edit_response.make (req, res, api)
edit_response.execute
elseif req.path_info.ends_with_general ("/delete") then
if
attached {WSF_STRING} req.form_parameter ("op") as l_op and then
l_op.value.same_string ("Delete")
then
do_delete (req, res)
end
elseif req.path_info.ends_with_general ("/add/role") then
create edit_response.make (req, res, api)
edit_response.execute
end
else
r.execute
end
end
feature -- Error
do_error (req: WSF_REQUEST; res: WSF_RESPONSE; a_id: detachable WSF_STRING)
-- Handling error.
local
l_page: CMS_RESPONSE
do
create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
l_page.add_variable (req.absolute_script_url (req.path_info), "request")
if a_id /= Void and then a_id.is_integer then
-- resource not found
l_page.add_variable ("404", "code")
l_page.set_status_code (404)
else
-- bad request
l_page.add_variable ("400", "code")
l_page.set_status_code (400)
end
l_page.execute
end
do_delete (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
do
if attached current_user (req) as l_user then
if attached {WSF_STRING} req.path_parameter ("id") as l_id then
if
l_id.is_integer and then
attached api.user_api.user_role_by_id (l_id.integer_value) as l_role
then
api.user_api.delete_role (l_role)
res.send (create {CMS_REDIRECTION_RESPONSE_MESSAGE}.make (req.absolute_script_url ("")))
else
do_error (req, res, l_id)
end
else
(create {INTERNAL_SERVER_ERROR_CMS_RESPONSE}.make (req, res, api)).execute
end
else
send_access_denied (req, res)
end
end
feature {NONE} -- New User
create_new_role (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_ROLE_FORM_RESPONSE
do
if req.path_info.starts_with_general ("/admin/add/role") then
create edit_response.make (req, res, api)
edit_response.execute
else
send_bad_request (req, res)
end
end
end

114
modules/admin/handler/role/cms_role_view_response.e Normal file
View File

@@ -0,0 +1,114 @@
note
description: "Summary description for {CMS_ROLE_VIEW_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ROLE_VIEW_RESPONSE
inherit
CMS_RESPONSE
redefine
make,
initialize
end
create
make
feature {NONE} -- Initialization
make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api;)
do
create {WSF_NULL_THEME} wsf_theme.make
Precursor (req, res, a_api)
end
initialize
do
Precursor
create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
end
wsf_theme: WSF_THEME
feature -- Query
role_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- Role id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- Execution
process
-- Computed response message.
local
uid: INTEGER_64
user_api : CMS_USER_API
do
user_api := api.user_api
uid := role_id_path_parameter (request)
if uid > 0 and then attached user_api.user_role_by_id (uid.to_integer) as l_role then
append_html_to_output (l_role, Current)
else
set_main_content ("Missing Role")
end
end
append_html_to_output (a_role: CMS_USER_ROLE; a_response: CMS_RESPONSE )
local
lnk: CMS_LOCAL_LINK
s: STRING
do
a_response.add_variable (a_role, "role")
create lnk.make (a_response.translation ("View", Void), "admin/role/" + a_role.id.out)
lnk.set_is_active (True)
lnk.set_weight (1)
a_response.add_to_primary_tabs (lnk)
create lnk.make (a_response.translation ("Edit", Void), "admin/role/" + a_role.id.out + "/edit")
lnk.set_weight (2)
a_response.add_to_primary_tabs (lnk)
if a_role /= Void and then a_role.id > 0 then
create lnk.make (a_response.translation ("Delete", Void), "admin/role/" + a_role.id.out + "/delete")
lnk.set_weight (3)
a_response.add_to_primary_tabs (lnk)
end
create s.make_empty
s.append ("<div class=%"info%"> ")
s.append ("<h4>Role Information</h4>")
s.append ("<p>Role:")
s.append (a_role.name)
s.append ("</p>")
s.append ("<h4>Permissions:</h4>")
if
not a_role.permissions.is_empty
then
s.append ("<ul class=%"cms-permissions%">%N")
across a_role.permissions as ic loop
s.append ("<li class=%"cms-permission%">"+ ic.item + "</li>%N")
end
s.append ("</ul>%N")
end
s.append ("</div>")
a_response.set_title (a_role.name)
a_response.set_main_content (s)
end
end

128
modules/admin/handler/user/cms_admin_users_handler.e Normal file
View File

@@ -0,0 +1,128 @@
note
description: "Summary description for {CMS_ADMIN_USER_HANDLER}."
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_USERS_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
local
l_response: CMS_RESPONSE
s: STRING
u: CMS_USER
l_page_helper: CMS_PAGINATION_GENERATOR
s_pager: STRING
l_count: INTEGER
user_api: CMS_USER_API
do
-- At the moment the template are hardcoded, but we can
-- get them from the configuration file and load them into
-- the setup class.
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
if l_response.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
user_api := api.user_api
l_count := user_api.users_count
create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
create s.make_empty
if l_count > 1 then
l_response.set_title ("Listing " + l_count.out + " Users")
else
l_response.set_title ("Listing " + l_count.out + " User")
end
create s_pager.make_empty
create l_page_helper.make ("admin/users/?page={page}&size={size}", user_api.users_count.as_natural_64, 25) -- FIXME: Make this default page size a global CMS settings
l_page_helper.get_setting_from_request (req)
if l_page_helper.has_upper_limit and then l_page_helper.pages_count > 1 then
l_page_helper.append_to_html (l_response, s_pager)
if l_page_helper.page_size > 25 then
s.append (s_pager)
end
end
if attached user_api.recent_users (create {CMS_DATA_QUERY_PARAMETERS}.make (l_page_helper.current_page_offset, l_page_helper.page_size)) as lst then
s.append ("<ul class=%"cms-users%">%N")
across
lst as ic
loop
u := ic.item
s.append ("<li class=%"cms_user%">")
s.append ("<a href=%"")
s.append (req.absolute_script_url ("/admin/user/"+u.id.out))
s.append ("%">")
s.append (u.name)
s.append ("</a>")
s.append ("</li>%N")
end
s.append ("</ul>%N")
end
-- Again the pager at the bottom, if needed
s.append (s_pager)
if l_response.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
s.append (l_response.link ("Add User", "admin/add/user", Void))
end
l_response.set_main_content (s)
l_response.execute
else
l_response.execute
end
end
end

542
modules/admin/handler/user/cms_user_form_response.e Normal file
View File

@@ -0,0 +1,542 @@
note
description: "Summary description for {CMS_USER_FORM_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_FORM_RESPONSE
inherit
CMS_RESPONSE
redefine
make,
initialize,
custom_prepare
end
create
make
feature {NONE} -- Initialization
make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api)
do
create {WSF_NULL_THEME} wsf_theme.make
Precursor (req, res, a_api)
end
initialize
do
Precursor
create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
end
wsf_theme: WSF_THEME
feature -- Query
user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- Process
process
-- Computed response message.
local
b: STRING_8
uid: INTEGER_64
user_api: CMS_USER_API
do
user_api := api.user_api
create b.make_empty
uid := user_id_path_parameter (request)
if
uid > 0 and then
attached user_api.user_by_id (uid) as l_user
then
if
request.path_info.ends_with_general ("/edit")
then
edit_form (l_user)
elseif request.path_info.ends_with_general ("/delete") then
delete_form (l_user)
end
else
new_form
end
end
feature -- Process Edit
edit_form (a_user: CMS_USER)
local
f: like new_edit_form
b: STRING
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_edit_form (a_user, url (request.path_info, Void), "edit-user")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.submit_actions.extend (agent edit_form_submit (?, a_user, b))
f.process (Current)
fd := f.last_data
end
if a_user.has_id then
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("View", Void),"admin/user/" + a_user.id.out), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Edit", Void),"admin/user/" + a_user.id.out + "/edit"), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Delete", Void),"admin/user/" + a_user.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_user.name)
b.append (html_encoded (a_user.name) + " saved")
else
set_title (formatted_string (translation ("Edit $1 #$2", Void), [a_user.name, a_user.id]))
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Process Delete
delete_form (a_user: CMS_USER)
local
f: like new_delete_form
b: STRING
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_delete_form (a_user, url (request.path_info, Void), "edit-user")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.process (Current)
fd := f.last_data
end
if a_user.has_id then
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("View", Void),"admin/user/" + a_user.id.out ), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Edit", Void),"admin/user/" + a_user.id.out + "/edit"), primary_tabs)
add_to_menu (create {CMS_LOCAL_LINK}.make (translation ("Delete", Void),"admin/user/" + a_user.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_user.name)
b.append (html_encoded (a_user.name) + " deleted")
else
set_title (formatted_string (translation ("Delete $1 #$2", Void), [a_user.name, a_user.id]))
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Process New
new_form
local
f: like new_edit_form
b: STRING
fd: detachable WSF_FORM_DATA
l_user: detachable CMS_USER
do
create b.make_empty
f := new_edit_form (l_user, url (request.path_info, Void), "create-user")
invoke_form_alter (f, fd)
if request.is_post_request_method then
f.validation_actions.extend (agent new_form_validate (?, b))
f.submit_actions.extend (agent edit_form_submit (?, l_user, b))
f.process (Current)
fd := f.last_data
end
if attached redirection as l_location then
-- FIXME: Hack for now
if attached l_user then
set_title (l_user.name)
b.append (html_encoded (l_user.name) + " Saved")
end
else
if attached l_user then
set_title (formatted_string (translation ("Saved $1 #$2", Void), [l_user.name, l_user.id]))
end
f.append_to_html (wsf_theme, b)
end
set_main_content (b)
end
feature -- Form
edit_form_submit (fd: WSF_FORM_DATA; a_user: detachable CMS_USER; b: STRING)
local
l_update_roles: BOOLEAN
l_update_user: BOOLEAN
l_save_user: BOOLEAN
l_user: detachable CMS_USER
s: STRING
lnk: CMS_LINK
do
l_update_roles := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Update user role")
if l_update_roles then
debug ("cms")
across
fd as c
loop
b.append ("<li>" + html_encoded (c.key) + "=")
if attached c.item as v then
b.append (html_encoded (v.string_representation))
end
b.append ("</li>")
end
end
if a_user /= Void then
l_user := a_user
if l_user.has_id then
create {CMS_LOCAL_LINK}lnk.make (translation ("View", Void),"admin/user/" + l_user.id.out )
change_user (fd, a_user)
s := "modified"
set_redirection (lnk.location)
end
end
end
l_update_user := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Update user")
if l_update_user then
debug ("cms")
across
fd as c
loop
b.append ("<li>" + html_encoded (c.key) + "=")
if attached c.item as v then
b.append (html_encoded (v.string_representation))
end
b.append ("</li>")
end
end
if a_user /= Void then
l_user := a_user
if l_user.has_id then
change_user (fd, a_user)
s := "modified"
end
end
end
l_save_user := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Create user")
if l_save_user then
debug ("cms")
across
fd as c
loop
b.append ("<li>" + html_encoded (c.key) + "=")
if attached c.item as v then
b.append (html_encoded (v.string_representation))
end
b.append ("</li>")
end
end
create_user (fd)
end
end
new_edit_form (a_user: detachable CMS_USER; a_url: READABLE_STRING_8; a_name: STRING;): CMS_FORM
-- Create a web form named `a_name' for uSER `a_YSER' (if set), using form action url `a_url'.
local
f: CMS_FORM
th: WSF_FORM_HIDDEN_INPUT
do
create f.make (a_url, a_name)
create th.make ("user-id")
if a_user /= Void then
th.set_text_value (a_user.id.out)
else
th.set_text_value ("0")
end
f.extend (th)
populate_form (f, a_user)
Result := f
end
new_form_validate (fd: WSF_FORM_DATA; b: STRING)
do
if attached fd.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create user") then
if attached fd.string_item ("username") as l_username then
if attached api.user_api.user_by_name (l_username) then
fd.report_invalid_field ("username", "Username already taken!")
end
else
fd.report_invalid_field ("username", "missing username")
end
if attached fd.string_item ("email") as l_email then
if attached api.user_api.user_by_email (l_email) then
fd.report_invalid_field ("email", "Email address already associated with an existing account!")
end
else
fd.report_invalid_field ("email", "missing email address")
end
elseif f_op.is_case_insensitive_equal_general ("Update user") then
if attached fd.string_item ("username") as l_username then
if api.user_api.user_by_name (l_username) = Void then
fd.report_invalid_field ("username", "Username does not exist!")
end
else
fd.report_invalid_field ("username", "missing username")
end
end
end
end
new_delete_form (a_user: detachable CMS_USER; a_url: READABLE_STRING_8; a_name: STRING;): CMS_FORM
-- Create a web form named `a_name' for node `a_user' (if set), using form action url `a_url'.
local
f: CMS_FORM
ts: WSF_FORM_SUBMIT_INPUT
do
create f.make (a_url, a_name)
f.extend_html_text ("<br/>")
f.extend_html_text ("<legend>Are you sure you want to delete?</legend>")
-- TODO check if we need to check for has_permissions!!
if
a_user /= Void and then
a_user.has_id
then
create ts.make ("op")
ts.set_default_value ("Delete")
fixme ("[
ts.set_default_value (translation ("Delete"))
]")
f.extend (ts)
create ts.make ("op")
ts.set_default_value ("Cancel")
ts.set_formmethod ("GET")
ts.set_formaction ("/admin/user/" + a_user.id.out)
f.extend (ts)
end
Result := f
end
populate_form (a_form: WSF_FORM; a_user: detachable CMS_USER)
-- Fill the web form `a_form' with data from `a_node' if set,
-- and apply this to content type `a_content_type'.
local
ti: WSF_FORM_TEXT_INPUT
fe: WSF_FORM_EMAIL_INPUT
fs: WSF_FORM_FIELD_SET
cb: WSF_FORM_CHECKBOX_INPUT
ts: WSF_FORM_SUBMIT_INPUT
do
if attached a_user as l_user then
create fs.make
fs.set_legend ("Basic User Account Information")
fs.extend_html_text ("<div><string><label>User name </label></strong><br></div>")
fs.extend_html_text (l_user.name)
if attached l_user.email as l_email then
create fe.make_with_text ("email", l_email)
else
create fe.make_with_text ("email", "")
end
fe.set_label ("Email")
fe.enable_required
fs.extend (fe)
a_form.extend (fs)
a_form.extend_html_text ("<br/>")
create ts.make ("op")
ts.set_default_value ("Update user")
a_form.extend (ts)
a_form.extend_html_text ("<hr>")
create fs.make
fs.set_legend ("User Roles")
if attached {LIST[CMS_USER_ROLE]} api.user_api.user_roles (l_user) as u_roles and then
not u_roles.is_empty
then
u_roles.compare_objects
across api.user_api.roles as ic loop
if u_roles.has (ic.item) then
create cb.make_with_value ("cms_roles", ic.item.id.out)
cb.set_checked (True)
cb.set_label (ic.item.name)
fs.extend (cb)
else
create cb.make_with_value ("cms_roles", ic.item.id.out)
cb.set_label (ic.item.name)
fs.extend (cb)
end
end
else
across api.user_api.roles as ic loop
create cb.make_with_value ("cms_roles", ic.item.id.out)
cb.set_label (ic.item.name)
fs.extend (cb)
end
end
a_form.extend (fs)
create ts.make ("op")
ts.set_default_value ("Update user role")
a_form.extend (ts)
else
create fs.make
fs.set_legend ("Basic User Account Information")
create ti.make ("username")
ti.set_label ("Username")
ti.enable_required
fs.extend (ti)
create fe.make_with_text ("email", "")
fe.set_label ("Email")
fe.enable_required
fs.extend (fe)
a_form.extend (fs)
a_form.extend_html_text ("<br/>")
create ts.make ("op")
ts.set_default_value ("Create user")
a_form.extend (ts)
a_form.extend_html_text ("<hr>")
end
end
change_user (a_form_data: WSF_FORM_DATA; a_user: CMS_USER)
-- Update node `a_node' with form_data `a_form_data' for the given content type `a_content_type'.
local
l_uroles: LIST [CMS_USER_ROLE]
do
if attached a_form_data.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Update user role") then
if attached a_form_data.string_item ("user-id") as l_user_id and then
attached {CMS_USER} api.user_api.user_by_id (l_user_id.to_integer) as l_user
then
l_uroles := api.user_api.user_roles (l_user)
l_uroles.compare_objects
if attached {WSF_STRING} a_form_data.item ("cms_roles") as l_role then
if attached api.user_api.user_role_by_id (l_role.integer_value) as role then
if not l_uroles.has (role) then
api.user_api.assign_role_to_user (role, a_user)
end
end
elseif attached {WSF_MULTIPLE_STRING} a_form_data.item ("cms_roles") as l_roles then
across l_roles as ic loop
if attached api.user_api.user_role_by_id (ic.item.integer_value) as role then
if not l_uroles.has (role) then
api.user_api.assign_role_to_user (role, a_user)
end
end
end
else
across api.user_api.roles as ic loop
api.user_api.unassign_role_from_user (ic.item, a_user)
end
end
add_success_message ("Roles updated")
else
a_form_data.report_error ("Missing User")
end
elseif f_op.is_case_insensitive_equal_general ("Update user") then
if
attached a_form_data.string_item ("user-id") as l_user_id and then
attached {CMS_USER} api.user_api.user_by_id (l_user_id.to_integer) as l_user
then
if
attached a_form_data.string_item ("email") as l_email
then
if
attached l_user.email as u_email and then
not u_email.is_case_insensitive_equal_general (l_email) and then
api.user_api.user_by_email (l_email) = Void
then
-- Valid email
a_user.set_email (l_email)
else
if attached l_user.email as u_email and then not u_email.is_case_insensitive_equal_general (l_email) then
a_form_data.report_invalid_field ("email", "Email already exist!")
end
end
if not a_form_data.has_error then
api.user_api.update_user (a_user)
add_success_message ("Updated basic info")
end
end
end
end
end
end
create_user (a_form_data: WSF_FORM_DATA)
local
u: CMS_USER
do
if attached a_form_data.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Create user") then
if
attached a_form_data.string_item ("username") as l_username and then
attached a_form_data.string_item ("email") as l_email and then
l_email.is_valid_as_string_8
then
create u.make (l_username)
u.set_email (l_email.as_string_8)
u.set_password (new_random_password (u))
api.user_api.new_user (u)
if api.user_api.has_error then
-- handle error
else
add_success_message ("Created user")
end
else
a_form_data.report_invalid_field ("username", "Missing username!")
a_form_data.report_invalid_field ("email", "Missing email address!")
end
end
end
end
feature -- Generation
custom_prepare (page: CMS_HTML_PAGE)
do
if attached variables as l_variables then
across l_variables as c loop page.register_variable (c.item, c.key) end
end
end
new_random_password (u: CMS_USER): STRING
-- Generate a new token activation token
local
l_token: STRING
l_security: SECURITY_PROVIDER
l_encode: URL_ENCODER
do
create l_security
l_token := l_security.token
create l_encode
from until l_token.same_string (l_encode.encoded_string (l_token)) loop
-- Loop ensure that we have a security token that does not contain characters that need encoding.
-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
-- but the user will need to use an unencoded token if activation has to be done manually.
l_token := l_security.token
end
Result := l_token + url_encoded (u.name) + u.creation_date.out
end
end

203
modules/admin/handler/user/cms_user_handler.e Normal file
View File

@@ -0,0 +1,203 @@
note
description: "[
Handler for a CMS user in the CMS interface
]"
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
rename
execute as uri_execute,
new_mapping as new_uri_mapping
end
WSF_URI_TEMPLATE_HANDLER
rename
execute as uri_template_execute,
new_mapping as new_uri_template_mapping
select
new_uri_template_mapping
end
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get,
do_post,
do_delete
end
REFACTORING_HELPER
create
make
feature -- execute
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute_methods (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
uri_template_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
do
execute (req, res)
end
feature -- Query
user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
local
l_user: detachable CMS_USER
l_uid: INTEGER_64
edit_response: CMS_USER_FORM_RESPONSE
view_response: CMS_USER_VIEW_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if req.path_info.ends_with_general ("/edit") then
check valid_url: req.path_info.starts_with_general ("/admin/user/") end
create edit_response.make (req, res, api)
edit_response.execute
elseif req.path_info.ends_with_general ("/delete") then
check valid_url: req.path_info.starts_with_general ("/admin/user/") end
create edit_response.make (req, res, api)
edit_response.execute
else
-- Display existing node
l_uid := user_id_path_parameter (req)
if l_uid > 0 then
l_user := api.user_api.user_by_id (l_uid)
if
l_user /= Void
then
create view_response.make (req, res, api)
view_response.execute
else
send_not_found (req, res)
end
else
create_new_user (req, res)
end
end
else
r.execute
end
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_USER_FORM_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if req.path_info.ends_with_general ("/edit") then
create edit_response.make (req, res, api)
edit_response.execute
elseif req.path_info.ends_with_general ("/delete") then
if
attached {WSF_STRING} req.form_parameter ("op") as l_op and then
l_op.value.same_string ("Delete")
then
do_delete (req, res)
end
elseif req.path_info.ends_with_general ("/add/user") then
create edit_response.make (req, res, api)
edit_response.execute
end
else
r.execute
end
end
feature -- Error
do_error (req: WSF_REQUEST; res: WSF_RESPONSE; a_id: detachable WSF_STRING)
-- Handling error.
local
l_page: CMS_RESPONSE
do
create {GENERIC_VIEW_CMS_RESPONSE} l_page.make (req, res, api)
l_page.add_variable (req.absolute_script_url (req.path_info), "request")
if a_id /= Void and then a_id.is_integer then
-- resource not found
l_page.add_variable ("404", "code")
l_page.set_status_code (404)
else
-- bad request
l_page.add_variable ("400", "code")
l_page.set_status_code (400)
end
l_page.execute
end
do_delete (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
do
if attached current_user (req) as l_user then
if attached {WSF_STRING} req.path_parameter ("id") as l_id then
if
l_id.is_integer and then
attached api.user_api.user_by_id (l_id.integer_value) as u_user
then
api.user_api.delete_user(u_user)
res.send (create {CMS_REDIRECTION_RESPONSE_MESSAGE}.make (req.absolute_script_url ("")))
else
do_error (req, res, l_id)
end
else
(create {INTERNAL_SERVER_ERROR_CMS_RESPONSE}.make (req, res, api)).execute
end
else
send_access_denied (req, res)
end
end
feature {NONE} -- New User
create_new_user (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_USER_FORM_RESPONSE
do
if req.path_info.starts_with_general ("/admin/add/user") then
create edit_response.make (req, res, api)
edit_response.execute
else
send_bad_request (req, res)
end
end
end

124
modules/admin/handler/user/cms_user_view_response.e Normal file
View File

@@ -0,0 +1,124 @@
note
description: "Summary description for {CMS_USER_VIEW_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_VIEW_RESPONSE
inherit
CMS_RESPONSE
redefine
make,
initialize
end
create
make
feature {NONE} -- Initialization
make (req: WSF_REQUEST; res: WSF_RESPONSE; a_api: like api;)
do
create {WSF_NULL_THEME} wsf_theme.make
Precursor (req, res, a_api)
end
initialize
do
Precursor
create {CMS_TO_WSF_THEME} wsf_theme.make (Current, theme)
end
wsf_theme: WSF_THEME
feature -- Query
user_id_path_parameter (req: WSF_REQUEST): INTEGER_64
-- User id passed as path parameter for request `req'.
local
s: STRING
do
if attached {WSF_STRING} req.path_parameter ("id") as p_nid then
s := p_nid.value
if s.is_integer_64 then
Result := s.to_integer_64
end
end
end
feature -- Execution
process
-- Computed response message.
local
uid: INTEGER_64
user_api : CMS_USER_API
do
user_api := api.user_api
uid := user_id_path_parameter (request)
if uid > 0 and then attached user_api.user_by_id (uid) as l_user then
append_html_to_output (l_user, Current)
else
set_main_content ("Missing User")
end
end
append_html_to_output (a_user: CMS_USER; a_response: CMS_RESPONSE )
local
lnk: CMS_LOCAL_LINK
s: STRING
do
a_response.add_variable (a_user, "user")
create lnk.make (a_response.translation ("View", Void), "admin/user/" + a_user.id.out)
lnk.set_is_active (True)
lnk.set_weight (1)
a_response.add_to_primary_tabs (lnk)
create lnk.make (a_response.translation ("Edit", Void), "admin/user/" + a_user.id.out + "/edit")
lnk.set_weight (2)
a_response.add_to_primary_tabs (lnk)
if a_user /= Void and then a_user.id > 0 then
create lnk.make (a_response.translation ("Delete", Void), "admin/user/" + a_user.id.out + "/delete")
lnk.set_weight (3)
a_response.add_to_primary_tabs (lnk)
end
create s.make_empty
s.append ("<div class=%"info%"> ")
s.append ("<h4>Account Information</h4>")
s.append ("<p>UserName:")
s.append (a_user.name)
s.append ("</p>")
if attached a_user.email as l_email then
s.append ("<p>Email:")
s.append (l_email)
s.append ("</p>")
end
s.append ("<h4>User Role:</h4>")
if attached {LIST[CMS_USER_ROLE]} api.user_api.user_roles (a_user) as l_roles and then
not l_roles.is_empty
then
across l_roles as ic loop
s.append ("<i>")
s.append (ic.item.name)
s.append ("</i>")
s.append ("<h5>Permissions:</h5>")
s.append ("<ul class=%"cms-permissions%">%N")
across ic.item.permissions as c loop
s.append ("<li class=%"cms-permission%">"+ c.item + "</li>%N")
end
s.append ("</ul>%N")
end
end
s.append ("</div>")
a_response.set_title (a_user.name)
a_response.set_main_content (s)
end
end

34
modules/admin/site/files/css/admin.css Normal file
View File

@@ -0,0 +1,34 @@
ul.cms-users {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-users li {
border-top: dotted 1px #ccc; }
ul.cms-users li:first-child {
border-top: none; }
ul.cms-users li.cms_user a::before {
content: "[users] "; }
ul.cms-roles {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-roles li {
border-top: dotted 1px #ccc; }
ul.cms-roles li:first-child {
border-top: none; }
ul.cms-roles li.cms_role a::before {
content: "[roles] "; }
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc; }
ul.cms-permissions li {
border-top: dotted 1px #ccc; }
ul.cms-permissions li:first-child {
border-top: none; }
ul.cms-permissions li.cms_permission a::before {
content: "[permission] "; }
/*# sourceMappingURL=admin.css.map */

7
modules/admin/site/files/scss/admin.css.map Normal file
View File

@@ -0,0 +1,7 @@
{
"version": 3,
"mappings": "AAAA,YAAa;EAEZ,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,eAAE;IACD,UAAU,EAAE,eAAe;IAC3B,2BAAc;MACb,UAAU,EAAE,IAAI;EAIlB,kCAAsB;IACrB,OAAO,EAAE,UAAU;;AAKrB,YAAa;EAEZ,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,eAAE;IACD,UAAU,EAAE,eAAe;IAC3B,2BAAc;MACb,UAAU,EAAE,IAAI;EAIlB,kCAAsB;IACrB,OAAO,EAAE,UAAU;;AAKrB,kBAAmB;EAElB,eAAe,EAAE,IAAI;EACrB,OAAO,EAAE,eAAe;EACxB,MAAM,EAAE,cAAc;EAEtB,qBAAE;IACD,UAAU,EAAE,eAAe;IAC3B,iCAAc;MACb,UAAU,EAAE,IAAI;EAIlB,8CAA4B;IAC3B,OAAO,EAAE,eAAe",
"sources": ["admin.scss"],
"names": [],
"file": "admin.css"
}

59
modules/admin/site/files/scss/admin.scss Normal file
View File

@@ -0,0 +1,59 @@
ul.cms-users {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_user a::before {
content: "[users] ";
}
}
ul.cms-roles {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_role a::before {
content: "[roles] ";
}
}
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
border: solid 1px #ccc;
li{
border-top: dotted 1px #ccc;
&:first-child {
border-top: none;
}
}
li.cms_permission a::before {
content: "[permission] ";
}
}

42
src/persistence/user/cms_user_storage_i.e
View File

@@ -75,6 +75,16 @@ feature -- Access
deferred deferred
end end
users_count: INTEGER
-- Number of users
deferred
end
recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
-- List of recent `a_count' users with an offset of `lower'.
deferred
end
feature -- Change: user feature -- Change: user
save_user (a_user: CMS_USER) save_user (a_user: CMS_USER)
@@ -101,6 +111,14 @@ feature -- Change: user
deferred deferred
end end
delete_user (a_user: CMS_USER)
-- Delete user `a_user'.
require
has_id: a_user.has_id
deferred
end
feature -- Access: roles and permissions feature -- Access: roles and permissions
-- user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN -- user_has_permission (u: detachable CMS_USER; s: detachable READABLE_STRING_8): BOOLEAN
@@ -160,6 +178,30 @@ feature -- Change: roles and permissions
deferred deferred
end end
unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
-- Unassign user_role to user
require
a_user.has_id
a_role.has_id
deferred
end
assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
-- Assign user_role to user
require
a_user.has_id
a_role.has_id
deferred
end
delete_role (a_role: CMS_USER_ROLE)
-- Remove role `a_role'.
require
a_role.has_id
deferred
end
feature -- Change: User activation feature -- Change: User activation
save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64) save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64)

30
src/persistence/user/cms_user_storage_null.e
View File

@@ -46,6 +46,17 @@ feature -- Access: user
do do
end end
users_count: INTEGER
--<Precursor>
do
end
recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
-- <Precursor>
do
create {ARRAYED_LIST[CMS_USER]} Result.make (0)
end
feature -- Change: user feature -- Change: user
new_user (a_user: CMS_USER) new_user (a_user: CMS_USER)
@@ -60,6 +71,12 @@ feature -- Change: user
end end
delete_user (a_user: CMS_USER)
-- Delete user `a_user'.
do
end
feature -- Access: roles and permissions feature -- Access: roles and permissions
user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE
@@ -88,6 +105,19 @@ feature -- Change: roles and permissions
do do
end end
unassign_role_from_user (a_user_role: CMS_USER_ROLE; a_user: CMS_USER)
do
end
assign_role_to_user (a_user_role: CMS_USER_ROLE; a_user: CMS_USER)
do
end
delete_role (a_role: CMS_USER_ROLE)
-- <Precursor>
do
end
feature -- Change: User activation feature -- Change: User activation
save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64) save_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64)

94
src/persistence/user/cms_user_storage_sql_i.e
View File

@@ -20,10 +20,10 @@ feature -- Access: user
has_user: BOOLEAN has_user: BOOLEAN
-- Has any user? -- Has any user?
do do
Result := user_count > 0 Result := users_count > 0
end end
user_count: INTEGER users_count: INTEGER
-- Number of items users. -- Number of items users.
do do
error_handler.reset error_handler.reset
@@ -163,6 +163,31 @@ feature -- Access: user
end end
recent_users (a_lower: INTEGER; a_count: INTEGER): LIST [CMS_USER]
-- <Precursor>
local
l_parameters: STRING_TABLE [detachable ANY]
do
create {ARRAYED_LIST [CMS_USER]} Result.make (0)
error_handler.reset
write_information_log (generator + ".recent_users")
from
create l_parameters.make (2)
l_parameters.put (a_count, "rows")
l_parameters.put (a_lower, "offset")
sql_query (sql_select_recent_users, l_parameters)
sql_start
until
sql_after
loop
if attached fetch_user as l_user then
Result.force (l_user)
end
sql_forth
end
end
feature -- Change: user feature -- Change: user
new_user (a_user: CMS_USER) new_user (a_user: CMS_USER)
@@ -255,6 +280,20 @@ feature -- Change: user
end end
end end
delete_user (a_user: CMS_USER)
-- Delete user `a_user'.
local
l_parameters: STRING_TABLE [detachable ANY]
do
error_handler.reset
sql_begin_transaction
write_information_log (generator + ".delete_user")
create l_parameters.make (1)
l_parameters.put (a_user.id, "uid")
sql_change (sql_delete_user, l_parameters)
sql_commit_transaction
end
update_user_roles (a_user: CMS_USER) update_user_roles (a_user: CMS_USER)
-- Update roles of `a_user' -- Update roles of `a_user'
require require
@@ -311,9 +350,6 @@ feature -- Change: user
end end
assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER) assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
require
a_user.has_id
a_role.has_id
local local
l_parameters: STRING_TABLE [detachable ANY] l_parameters: STRING_TABLE [detachable ANY]
do do
@@ -324,9 +360,6 @@ feature -- Change: user
end end
unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER) unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER)
require
a_user.has_id
a_role.has_id
local local
l_parameters: STRING_TABLE [detachable ANY] l_parameters: STRING_TABLE [detachable ANY]
do do
@@ -502,12 +535,20 @@ feature -- Change: roles and permissions
-- FIXME: check if this is non set permissions,or none ... -- FIXME: check if this is non set permissions,or none ...
if l_existing_role /= Void then if l_existing_role /= Void then
l_permissions := l_existing_role.permissions l_permissions := l_existing_role.permissions
fill_user_role (l_existing_role) -- fill_user_role (l_existing_role)
end end
if l_permissions = Void or else l_permissions.is_empty then if l_permissions = Void or else l_permissions.is_empty then
l_permissions := role_permissions_by_id (a_user_role.id) l_permissions := role_permissions_by_id (a_user_role.id)
end end
a_user_role.permissions.compare_objects
across l_permissions as ic
loop
if not a_user_role.permissions.has (ic.item) then
unset_permission_for_role_id (ic.item, a_user_role.id)
end
end
across across
a_user_role.permissions as ic a_user_role.permissions as ic
loop loop
@@ -531,13 +572,17 @@ feature -- Change: roles and permissions
set_permission_for_role_id (p, a_user_role.id) set_permission_for_role_id (p, a_user_role.id)
end end
end end
-- Remove other else
across -- The user role does not have permissions, unset permissions
l_permissions as ic -- if any in the storage.
if l_existing_role /= Void then
l_permissions := l_existing_role.permissions
across l_permissions as ic
loop loop
unset_permission_for_role_id (ic.item, a_user_role.id) unset_permission_for_role_id (ic.item, a_user_role.id)
end end
end end
end
else else
create l_parameters.make (1) create l_parameters.make (1)
l_parameters.put (a_user_role.name, "name") l_parameters.put (a_user_role.name, "name")
@@ -593,6 +638,22 @@ feature -- Change: roles and permissions
end end
delete_role (a_role: CMS_USER_ROLE)
-- <Precursor>
local
l_parameters: STRING_TABLE [detachable ANY]
do
error_handler.reset
sql_begin_transaction
write_information_log (generator + ".delete_role")
create l_parameters.make (1)
l_parameters.put (a_role.id, "rid")
sql_change (sql_delete_role_permissions_by_role_id, l_parameters)
sql_change (sql_delete_role_by_id, l_parameters)
sql_commit_transaction
end
feature -- Access: User activation feature -- Access: User activation
activation_elapsed_time (a_token: READABLE_STRING_32): INTEGER_32 activation_elapsed_time (a_token: READABLE_STRING_32): INTEGER_32
@@ -800,6 +861,9 @@ feature {NONE} -- Sql Queries: USER
Select_user_by_name: STRING = "SELECT * FROM users WHERE name =:name;" Select_user_by_name: STRING = "SELECT * FROM users WHERE name =:name;"
-- Retrieve user by name if exists. -- Retrieve user by name if exists.
Sql_select_recent_users: STRING = "SELECT * FROM users ORDER BY uid DESC, created DESC LIMIT :rows OFFSET :offset ;"
-- Retrieve recent users
Select_user_by_email: STRING = "SELECT * FROM users WHERE email =:email;" Select_user_by_email: STRING = "SELECT * FROM users WHERE email =:email;"
-- Retrieve user by email if exists. -- Retrieve user by email if exists.
@@ -812,6 +876,8 @@ feature {NONE} -- Sql Queries: USER
sql_update_user: STRING = "UPDATE users SET name=:name, password=:password, salt=:salt, email=:email, status=:status WHERE uid=:uid;" sql_update_user: STRING = "UPDATE users SET name=:name, password=:password, salt=:salt, email=:email, status=:status WHERE uid=:uid;"
-- SQL update to update an existing user. -- SQL update to update an existing user.
sql_delete_user: STRING = "DELETE FROM users WHERE uid=:uid;"
feature {NONE} -- Sql Queries: USER ROLE feature {NONE} -- Sql Queries: USER ROLE
sql_last_insert_user_role_id: STRING = "SELECT MAX(rid) FROM roles;" sql_last_insert_user_role_id: STRING = "SELECT MAX(rid) FROM roles;"
@@ -849,6 +915,10 @@ feature {NONE} -- Sql Queries: USER ROLE
select_role_permissions_by_role_id: STRING = "SELECT permission, module FROM role_permissions WHERE rid=:rid;" select_role_permissions_by_role_id: STRING = "SELECT permission, module FROM role_permissions WHERE rid=:rid;"
-- User role permissions for role id :rid; -- User role permissions for role id :rid;
sql_delete_role_permissions_by_role_id: STRING = "DELETE FROM role_permissions WHERE rid=:rid;"
sql_delete_role_by_id: STRING = "DELETE FROM roles WHERE rid=:rid;"
feature {NONE} -- Sql Queries: USER ACTIVATION feature {NONE} -- Sql Queries: USER ACTIVATION
sql_insert_activation: STRING = "INSERT INTO users_activations (token, uid, created) VALUES (:token, :uid, :utc_date);" sql_insert_activation: STRING = "INSERT INTO users_activations (token, uid, created) VALUES (:token, :uid, :utc_date);"

60
src/service/user/cms_user_api.e
View File

@@ -47,6 +47,19 @@ feature -- Access
Result := storage.user_by_password_token (a_token) Result := storage.user_by_password_token (a_token)
end end
users_count: INTEGER
-- Number of users.
do
Result := storage.users_count
end
recent_users (params: CMS_DATA_QUERY_PARAMETERS): ITERABLE [CMS_USER]
-- List of the `a_rows' most recent users starting from `a_offset'.
do
Result := storage.recent_users (params.offset.to_integer_32, params.size.to_integer_32)
end
feature -- Status report feature -- Status report
is_valid_credential (a_auth_login, a_auth_password: READABLE_STRING_32): BOOLEAN is_valid_credential (a_auth_login, a_auth_password: READABLE_STRING_32): BOOLEAN
@@ -119,15 +132,29 @@ feature -- User roles.
end end
user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE user_role_by_id (a_id: like {CMS_USER_ROLE}.id): detachable CMS_USER_ROLE
-- Retrieve a `Role' represented by an id `a_id' if any.
do do
Result := storage.user_role_by_id (a_id) Result := storage.user_role_by_id (a_id)
end end
user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE user_role_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_USER_ROLE
-- Retrieve a `Role' represented by a name `a_name' if any.
do do
Result := storage.user_role_by_name (a_name) Result := storage.user_role_by_name (a_name)
end end
roles: LIST [CMS_USER_ROLE]
-- List of possible roles.
do
Result := storage.user_roles
end
roles_count: INTEGER
-- Number of roles
do
Result := storage.user_roles.count
end
feature -- Change User role feature -- Change User role
save_user_role (a_user_role: CMS_USER_ROLE) save_user_role (a_user_role: CMS_USER_ROLE)
@@ -137,6 +164,29 @@ feature -- Change User role
error_handler.append (storage.error_handler) error_handler.append (storage.error_handler)
end end
unassign_role_from_user (a_role: CMS_USER_ROLE; a_user: CMS_USER; )
-- Unassign user_role `a_role' to user `a_user'.
do
reset_error
storage.unassign_role_from_user (a_role, a_user)
error_handler.append (storage.error_handler)
end
assign_role_to_user (a_role: CMS_USER_ROLE; a_user: CMS_USER; )
-- Assign user_role `a_role' to user `a_user'.
do
reset_error
storage.assign_role_to_user (a_role, a_user)
error_handler.append (storage.error_handler)
end
delete_role (a_role: CMS_USER_ROLE)
do
reset_error
storage.delete_role (a_role)
error_handler.append (storage.error_handler)
end
feature -- Change User feature -- Change User
new_user (a_user: CMS_USER) new_user (a_user: CMS_USER)
@@ -167,6 +217,16 @@ feature -- Change User
error_handler.append (storage.error_handler) error_handler.append (storage.error_handler)
end end
delete_user (a_user: CMS_USER)
-- Delete user `a_user'.
require
has_id: a_user.has_id
do
reset_error
storage.delete_user (a_user)
error_handler.append (storage.error_handler)
end
feature -- User Activation feature -- User Activation
new_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64) new_activation (a_token: READABLE_STRING_32; a_id: INTEGER_64)