Added CMS_MODULE.permissions to allow module to declare the potential permissions.
Added support for CMS_LINK.is_forbidden, in relation with CMS_LOCAL_LINK.permission_arguments.
Split link "username (Logout)" into 2 links "username" and "logout".
Fixed/Changed the way auth modules alter the logout link based on "(Logout)" title, by safer solution based on `location' of the link.
Fixed usage of WSF_REQUEST.path_info by using percent_encoded_path_info which is not non unicode path info to be used most of the time.
Merged CMS_REPONSE.variables and CMS_REPONSE.values .
When possible, prefer usage of CMS_RESPONSE.user instead of CMS_REQUEST_UTIL.current_user (WSF_REQUEST) whenever it is possible.
When possible, prefer usage of CMS_RESPONSE.location, rather than usage of WSF_REQUEST.(percent_encoded_)path_info .
Code cleaning.
If user is not logged in, show a login option.
Updated New Password
Added option to request a new password using username.
Updated templates to use {$site_url}
Updated basic_auth module to handle templates
All the auth modules depends on CMS_AUTHENTICATION_MODULE
Send mail is done using features from CMS_AUTHENTICATION_MODULE.
Update redirect in roc_auth.js after success login to home.
Added CMS_HOOK_RESPONSE_ALTER to give a last chance to alter the response before rendering.
This hook should not be used, when there are other alternative hook that answer the need, but this is proposed for now, as a way to alter response by adding css, js url, ...
Moved blog under official modules folder.
Cleaned theme of demo example project.
Renamed NODE_MODULE as CMS_NODE_MODULE.
Updated code for sql that should not use parameters
to expand :table_name in table name usage,
since Eiffel Store will use quote,
and MySQL does not like them.
Merge remote-tracking branch 'jvelilla/roc_auth_v1' into ewf_v1_mod_env
Conflicts:
examples/demo/demo-safe.ecf
modules/auth/cms_authentication_module.e
Note that CMS_SETUP provides locations set by default or from configuration file.
Now theme related resources can be found under site/modules/$mod_name/... or site/themes/$theme/modules/...
so only theme related resources can be overriden for now.
Now we have ODBC .. that accepts various connection string (including SQLite, MySQL,...)
And EiffelStore+MySQL.
Updated sql scripts to work with MySQL, and SQLite.
Added a sql_statement (s: STRING): STRING that converts ROC sql statement to fit the underlying database engine.
mostly to adapt incompatibilities such as AUTO_INCREMENT for MySQL and AUTOINCREMENT for SQLite
by default SQL script should be written following MySQL SQL syntax.
Warning: to use ODBC persistence driver, it has to be installed on the target machine.
- OAUTH LOGIN: is generic based on a new OAUTH_20_GENERIC_API
- Storage (at the moment only SQL) for OAUTH_CONSUMER configuration.
- OAUTH login and callback are generic.
- Added a OAUTH_20_GENERIC_API.
- Added scripts and templates to build the new OAUTH tables.
- Fixed CMS_STORAGE_SQL_I.check_sql_query_validity issue.
- Extended CMS_STORAGE_SQL_I, to execute scripts with paramerters.
- Updated filter, now it's generic for every OAUTH consumer.
- Updated routes relative to /account/
- Updated emails with template support.
- Updated cookie to support the new route.
- Updated smarty block templates to use the new path.
Added OAuth2 GMAIL loggin/logout support.
Added OAuth2 Gmail filter.
LoginModule
Updated LoginModule with OAuth2 Gmail support.
Persitence
Extended user persitance api with OAuth2 gmail features.
(TODO refactor persistance as an user extention)
-- The module handle basic_auth (at the moment).
-- Handle login, logout, register user, activate/reactivate an account, password recovery.
-- Send notification emails.
CMS Updates
-- Added a new service: email.
-- Updated Basic Auth Module to handle logout based on the browser type.
-- Updated persistence layer to save and remove and query activation token and password token.
-- Updated CMS_USER to handle status {active, not_active, trashed}.
-- Updated MySQL scripts to be in sync with SQLite scripts
Refactored CMS_MODULE.router (..): WSF_ROUTER design,
to create only one router object of type CMS_ROUTER.
Added optional CMS_NODE.link: CMS_LOCAL_LINK
Reviewed permissions related to node module.
Refactor and add CMS_STORAGE_SQL(_BUILDER) abstractions
for implementation relying only on SQL statements.
Factorized sql builder initialization (to work for sqlite and mysql storage builders).
Added CMS_RESPONSE.formatted_string (a_text: READABLE_STRING_GENERAL; args: TUPLE): STRING_32
Added function "translation", but not implemented for now.
Updated indexing notes and comments.
Code cleaning.
Updated CMS_NODE_API, with status, not_published, published and trashed.
Updated Form response to use permission scopes.
Updated sqlquery to retrieve user author.
Added logger info in cms_response
Updated CMS_NODE with a new status attribute.
Updated table nodes to support trashing (or soft deletes) of node using the new status field
Updated Sqlite builder to test different scenarios for users and roles.
Updated NODE_FORM_RESPONSE.edit_form feature to add a delete operation
if there is a node ie node id >0 and the current user has delete permission on it.
Updated NODE_HANDLER.do_post to handle the operation "DELETE".
Updated queries to retrieve nodes filter by no logical deleted rows (ie. status is trashed).
Signed-off-by: jvelilla <javier.hector@gmail.com>
Added support for custom value stored in CMS_STORAGE.
Added optional css classes addition to CMS_BLOCK output.
Refactored storage, to manage node from node module code only (or mostly).
TODO: improved view for a cms node, for now hardcoded.
