backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

merge into: backup/ROC:es17.01
Branches Tags
backup/ROC:master backup/ROC:develop backup/ROC:webapi backup/ROC:es17.05 backup/ROC:es17.01 backup/ROC:v0 backup/ROC:jfiat_master_files backup/ROC:clean20160129 backup/ROC:jfiat_20160120_upload backup/ROC:roc_register backup/ROC:taxonomy_content backup/ROC:cms-doc backup/ROC:export_exp backup/ROC:ewf_v1 backup/ROC:ewf_v1_recent_changes backup/ROC:roc_auth_20150619 backup/ROC:ewf_v1_auth_mod backup/ROC:blog_ewf_v1 backup/ROC:pagination backup/ROC:blog backup/ROC:javier_roc_nm backup/ROC:nodes backup/ROC:jfiat backup/ROC:concurrent_ewf backup/ROC:storage_sql backup/ROC:storage_revisited_20150119 backup/ROC:minor_changes_20141113 backup/ROC:hook_20141112 backup/ROC:roc_service
backup/ROC:es_rev98797 backup/ROC:es_rev98795 backup/ROC:es_rev98616 backup/ROC:es_rev98530 backup/ROC:es_rev98527 backup/ROC:es_rev98518 backup/ROC:es_rev98480 backup/ROC:es_rev98474 backup/ROC:es_rev98448 backup/ROC:es_rev98430 backup/ROC:es_rev98404 backup/ROC:es_rev98398 backup/ROC:es_rev98368 backup/ROC:es_rev98285 backup/ROC:es_rev98275 backup/ROC:es_rev98233 backup/ROC:es_rev98203 backup/ROC:es_rev98116 backup/ROC:es_rev98108 backup/ROC:es_rev98069 backup/ROC:es_rev98066 backup/ROC:es_rev98065 backup/ROC:es_rev98064 backup/ROC:es_rev98022 backup/ROC:es_rev_98021 backup/ROC:es_rev97975 backup/ROC:eiffelstudio_rev97935 backup/ROC:eiffelstudio_rev97910 backup/ROC:v0.2 backup/ROC:v0.1 backup/ROC:es_15_08 backup/ROC:BEFORE_REST_API_EXPERIMENTAL_REMOVAL_06_2015
..
pull from: backup/ROC:develop
Branches Tags
backup/ROC:develop backup/ROC:master backup/ROC:webapi backup/ROC:es17.05 backup/ROC:es17.01 backup/ROC:v0 backup/ROC:jfiat_master_files backup/ROC:clean20160129 backup/ROC:jfiat_20160120_upload backup/ROC:roc_register backup/ROC:taxonomy_content backup/ROC:cms-doc backup/ROC:export_exp backup/ROC:ewf_v1 backup/ROC:ewf_v1_recent_changes backup/ROC:roc_auth_20150619 backup/ROC:ewf_v1_auth_mod backup/ROC:blog_ewf_v1 backup/ROC:pagination backup/ROC:blog backup/ROC:javier_roc_nm backup/ROC:nodes backup/ROC:jfiat backup/ROC:concurrent_ewf backup/ROC:storage_sql backup/ROC:storage_revisited_20150119 backup/ROC:minor_changes_20141113 backup/ROC:hook_20141112 backup/ROC:roc_service
backup/ROC:es_rev98797 backup/ROC:es_rev98795 backup/ROC:es_rev98616 backup/ROC:es_rev98530 backup/ROC:es_rev98527 backup/ROC:es_rev98518 backup/ROC:es_rev98480 backup/ROC:es_rev98474 backup/ROC:es_rev98448 backup/ROC:es_rev98430 backup/ROC:es_rev98404 backup/ROC:es_rev98398 backup/ROC:es_rev98368 backup/ROC:es_rev98285 backup/ROC:es_rev98275 backup/ROC:es_rev98233 backup/ROC:es_rev98203 backup/ROC:es_rev98116 backup/ROC:es_rev98108 backup/ROC:es_rev98069 backup/ROC:es_rev98066 backup/ROC:es_rev98065 backup/ROC:es_rev98064 backup/ROC:es_rev98022 backup/ROC:es_rev_98021 backup/ROC:es_rev97975 backup/ROC:eiffelstudio_rev97935 backup/ROC:eiffelstudio_rev97910 backup/ROC:v0.2 backup/ROC:v0.1 backup/ROC:es_15_08 backup/ROC:BEFORE_REST_API_EXPERIMENTAL_REMOVAL_06_2015

46 Commits
es17.01 .. develop

Author SHA1 Message Date
Jocelyn Fiat 112be64095 Reverted after EiffelWeb reverted the change that made WSF_URI_HANDLER and WSF_URI_TEMPLATE_HANDLER inheriting from WSF_EXECUTE_HANDLER. 2017-11-07 23:14:11 +01:00
Jocelyn Fiat aa1443cb8f Fixed conflicts between versions of repeatedly inherited feature. 2017-11-07 15:54:20 +01:00
Jocelyn Fiat 6b2e256fa7 Use absolute URL for href value in webapi json response. 2017-10-27 12:27:05 +02:00
Jocelyn Fiat f8715d54a8 Improved credential validation. 
- added `CMS_USER_API.user_with_credential (...): detachable CMS_USER` that check if credential is valid, and return associated user.
  - replaced use of `is_valid_credential` by new function `user_with_credential` .
  - revisited the session auth, to allow other credential validations (other than ROC CMS auth).
  - added CMS_USER_API.credential_validations to allow authenticating with system other than ROC CMS.
Added new permission to allow by-passing the default ROC-CMS user login/register management:
  - new permission to edit its own account.
  - new permission to edit its own password.
  - new permission to view users details (mostly for user managers).
 2017-10-27 12:26:21 +02:00
Jocelyn Fiat 49b9ba3f86 Updated ROC CMS package.iron file. 2017-10-17 13:48:12 +02:00
Jocelyn Fiat 84fe861cdc Updated (s)css files for wikitext module. 2017-10-17 13:47:45 +02:00
Jocelyn Fiat e8f024ede5 Added debug purpose class to collect info about cms setup. 2017-10-17 13:47:00 +02:00
Jocelyn Fiat 95d2306b1f Made initialization safer, 
by reporting errors reported during CMS_API initialization
 2017-10-17 13:46:43 +02:00
Jocelyn Fiat 60fbba5a70 Added CMS_WEBAPI_HANDLER.new_permissions_access_denied_error_response (..) to provide the required permissions. 2017-10-17 13:45:32 +02:00
Jocelyn Fiat be258c73e9 Added system info admin page. 2017-10-17 13:44:58 +02:00
Jocelyn Fiat 68ddd41fb7 added a way to set user password for the admin, or user managers 2017-10-17 13:44:17 +02:00
Jocelyn Fiat 72c35fd0f7 Reuse constant string value instead of using manifest string. 
Use proper form id.
 2017-10-17 13:43:41 +02:00
Jocelyn Fiat 40855d73d3 Report error during execute_sql_script routine. 2017-10-17 13:43:06 +02:00
Jocelyn Fiat 1c149f9daf Fixed sql for user profile installation. 
Escape "key" with backquote to be compatible with MySQL.
 2017-10-17 13:42:44 +02:00
Jocelyn Fiat e445696698 Improved the sqlite3 sql statement converter. 2017-10-17 13:40:32 +02:00
Jocelyn Fiat 375b53c677 Improved a few ecf file for tests. 
Cosmetic.
 2017-10-17 13:39:59 +02:00
Jocelyn Fiat ccf108a35e Accept env.json for the app environment file, if the $system_name.json is not found. 2017-10-17 13:38:11 +02:00
Jocelyn Fiat d00dd46187 roc can be compiled in SCOOP mode. 2017-10-04 18:29:51 +02:00
Jocelyn Fiat 7845240bf4 Inline code uses radius 4px to look nicer. 2017-10-04 18:29:37 +02:00
Jocelyn Fiat 6b4b3f3539 Display verbose output only if --verbose is set. 
Report at the end, a quick summary of the installation.
 2017-10-04 18:20:48 +02:00
Jocelyn Fiat 92925169b4 no border on inline code 2017-10-03 10:59:56 +02:00
Jocelyn Fiat 3088468332 Allow to login with username or email. 
Removed useless and unimplemented feature from CMS_FORM .
SCOOP is default for demo.ecf
Made blog and page module self administrable, i.e administration module is same as module.
This fixes the export hook for page and blog modules.
Improved sql instructions to ease debugging and catch missing sql_finalize... call.
Cleaned sql code.
 2017-10-02 15:46:40 +02:00
Jocelyn Fiat 208a35cb73 Removed svn keyword expanded values. 2017-09-21 12:49:38 +02:00
Jocelyn Fiat bc561b1a48 Fix authenticated role permissions, now it also has all anonymous permissions. 
Added permissions on basic auth, to have more control on who can authenticate with basic auth.
Use webapi version of basic auth filter.
For webapi, when authenticated /api/user/ is the same as /api/user/{uid} where uid is the id of current logged in user.
 2017-09-21 12:49:17 +02:00
Jocelyn Fiat 9d7d43073d Moved activation implementation into authentication api. 
Improved core webapi, added registration link, support redirection.
Use error webapi response, rather than `send_...` routines.
 2017-09-19 21:21:30 +02:00
Jocelyn Fiat e04138c89e Added auth_api: CMS_AUTHENTICATION_API, and for now moved registration instructions inside. 
Added authentication module webapi, to provide registration via webapi.
Improved the roles display by providing table of permissions if asked.
Added various links in primary tabs to navigate back to roles or users, depending on the page.
Added datetime to-from string converters in CMS_ENCODERS.
Start removing CMS_ADMINISTRABLE.
Added permission to use simple core access token.
Added webapi for users: list, new, register.
 2017-09-12 23:07:45 +02:00
Jocelyn Fiat b83a050a1d use roc name in install.bat 2017-09-11 22:33:11 +02:00
Jocelyn Fiat 6b4668ec6b Cleaned demo.ecf 
Fixed modules admin handler permission checking from "admin.installation_access" to "administration.installation_access".
Use constants for known form id.
Invoke hook form alter for user view response.
Include theme when installing roc cms library.
 2017-09-11 22:31:23 +02:00
Jocelyn Fiat 5f7eb82def Use real user display name when possible for messaging module. 2017-09-06 22:02:17 +02:00
Jocelyn Fiat e9c028b94e Improved node feed and recent changes feed by setting proper feed id and feed item id, and set expected author name. 2017-09-06 16:58:42 +02:00
Jocelyn Fiat f0180cc682 Cleaned many .ecf files. 2017-09-06 15:52:33 +02:00
Jocelyn Fiat 0c119b6b5a Added better id in feed item. 
In node recent changes, return only the published entries.
 2017-09-06 12:45:42 +02:00
Jocelyn Fiat 69894e8397 Added missing space in not found error message. 2017-09-06 10:44:30 +02:00
Jocelyn Fiat 50a54ba519 Restored debug.tpl for admin page. 2017-09-06 10:44:10 +02:00
Jocelyn Fiat 2fcbcf1938 Added store_mysql_fake persistence solution, to compile a ROC CMS system with mysql interface, but no real mysql driver. 
This is mainly during dev using sqlite, to include the mysql interfaces without depending on related C .lib files that are not always compiled.
 2017-09-06 10:26:47 +02:00
Jocelyn Fiat b6a5b4bc7f Removed unused thread library. 2017-09-05 17:59:55 +02:00
Jocelyn Fiat b732b20da8 Cleaned all.ecf and store odbc ecf file. 2017-09-05 17:50:19 +02:00
Jocelyn Fiat c87b70a3ae removed unwanted file. 2017-09-05 17:26:03 +02:00
Jocelyn Fiat dcf5132773 Added travis CI config. 2017-09-05 16:13:47 +02:00
Jocelyn Fiat 82bf9a4294 Converted ecf files to 1-16-0, to use a single ecf file for all variants (void-safe, non-void-safe, ...). Keep *-safe.ecf as redirection to avoid breaking existing -safe.ecf projects. 2017-09-05 16:08:10 +02:00
Jocelyn Fiat af3698ba5e Edit the path alias as url-decoded value, to avoid issue with %20 percent-encoded again and again as %25%20... 2017-09-05 15:55:47 +02:00
Jocelyn Fiat 71721ea00b Updated css for feed aggregator in demo example. 
cleaning.
 2017-09-05 15:55:34 +02:00
Jocelyn Fiat ac9d29b971 Added basic webapi system to ROC CMS system. 
Added sql_delete routine to replace sql_modify with "DELETE FROM .." sql statement.
Fixed filter setup when a module has more than one filter.
Fixed filter setup for site,admin and webapi modes.
Added CMS_AUTH_FILTER, and check if user is already authenticated, then skip following auth filters.
Added specific webapi handler classes for root, user, access token, ...
Added user profile system to the core module.
Moved /user/{uid} from auth module to core module.
Added possibility to add html before and after a cms form. (useful to add a form before or after, as nested form are forbidden).
Now theme can be installed using roc install command.
 2017-09-05 15:54:40 +02:00
Jocelyn Fiat 34f0aa5844 Improved feed aggregation module. 
Added support to choose either atom or rss for the "/feed" format.
  Added support for feed format view to feed aggregation.
  Use proper content type for RSS and ATOM response.
  For feed aggregation  use `?view=feed` or `?view=feed.atom` or `?view=feed.rss`
  Improved sized feed view.
  Use site name for recent changes feed title.
  Better name for node feeds (include the site name).
  Use current date when a feed aggregation is converted to a new feed, to set the last build date.
  Fixed category filter per feed location for the feed aggregation module.
Fixed authentication module, where a potential case (but not probable) had no response content.
Cosmetic and minor changes on messaging module.
 2017-06-12 09:36:29 +02:00
Jocelyn Fiat 78ef7af5f8 Removed obsolete calls, harmonized predefine response, added non admin user pages. 
When access is denied, also provide when possible and wanted, the needed
permissions so that in the future, user will be able to ask for
permission easily.
Renamed previous user handlers as admin user handlers.
Added non admin user handler /user/{uid} .
Add new `send_...` response to `CMS_API.response_api`, and use them
instead of `create {...RESPONSE}.... ; execute`.
Fixed potential issue with storage mailer initialization if folder does
not exist.
Added utf_8_encoded helpers function on CMS_API interface.
Fixed a few unicode potential issues.
Removed a few obsolete calls.
 2017-06-09 09:29:41 +02:00
Jocelyn Fiat 359344c9dd Fixed link for Oauth sign with. 
Added administration pages for OAuth20 module.
 2017-06-08 22:16:12 +02:00
252 changed files with 7276 additions and 1981 deletions
Expand all files Collapse all files
.travis.yml
+19
View File
@@ -0,0 +1,19 @@
language: eiffel
before_script:
- export current_dir=$PWD ; echo current_dir=$current_dir ; cd ..
- export ISE_VERSION=17.05; export ISE_BUILD=100416
- curl -sSL http://downloads.sourceforge.net/eiffelstudio/Eiffel_${ISE_VERSION}_gpl_${ISE_BUILD}-linux-x86-64.tar.bz2 | tar -x --bzip2
- export ISE_EIFFEL=$PWD/Eiffel_${ISE_VERSION} ; export ISE_PLATFORM=linux-x86-64
- export PATH=$PATH:$ISE_EIFFEL/studio/spec/$ISE_PLATFORM/bin:$PATH:$ISE_EIFFEL/tools/spec/$ISE_PLATFORM/bin
- echo `ec -version`
- cd $current_dir
- echo Check projects compilation status...
branches:
only:
- master
- v1
script: compile_all -ecb -melt -list_failures -log_verbose -clean -options dotnet=false
group: stable
os: linux
cms.ecf
+2 -3
View File
@@ -3,12 +3,10 @@
<target name="cms">
<root all_classes="true"/>
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<mapping old_name="CMS_LAYOUT" new_name="CMS_ENVIRONMENT"/>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
@@ -19,6 +17,7 @@
<library name="encoder" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\text\encoder\encoder.ecf" readonly="false"/>
<library name="error" location="$ISE_LIBRARY\contrib\library\utility\general\error\error.ecf"/>
<library name="http" location="$ISE_LIBRARY\contrib\library\network\protocol\http\http.ecf"/>
<library name="http_authorization" location="$ISE_LIBRARY\contrib\library\web\authentication\http_authorization\http_authorization.ecf"/>
<library name="i18n" location="$ISE_LIBRARY\library\i18n\i18n.ecf"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
<library name="kmp_matcher" location="$ISE_LIBRARY\library\text\regexp\kmp_matcher\kmp_matcher.ecf"/>
dev_modules/masquerade_auth/masquerade_auth.ecf
+1 -1
View File
@@ -3,7 +3,7 @@
<target name="masquerade_auth">
<root all_classes="true"/>
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
dev_modules/masquerade_auth/masquerade_auth_module.e
+2 -2
View File
@@ -183,10 +183,10 @@ feature {NONE} -- Implementation: routes
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.add_block (login_block ("login", "Wrong username", r), "content")
end
r.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
api.response_api.send_access_denied (Void, req, res)
end
r.execute
end
feature -- Hooks configuration
examples/demo/demo.ecf
+15 -18
View File
@@ -4,11 +4,12 @@
<target name="common" abstract="true">
<root class="DEMO_CMS_SERVER" feature="make_and_launch"/>
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option debug="true" warning="true">
<debug name="dbglog" enabled="true"/>
</option>
<setting name="executable_name" value="demo"/>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
@@ -18,7 +19,6 @@
</option>
</library>
<library name="cms_admin_module" location="..\..\modules\admin\admin.ecf" readonly="false"/>
<library name="cms_app_env" location="..\..\library\app_env\app_env.ecf" readonly="false"/>
<library name="cms_auth_module" location="..\..\modules\auth\auth.ecf" readonly="false"/>
<library name="cms_basic_auth_module" location="..\..\modules\basic_auth\basic_auth.ecf" readonly="false"/>
<library name="cms_blog_module" location="..\..\modules\blog\cms_blog_module.ecf" readonly="false"/>
@@ -26,20 +26,18 @@
<library name="cms_contact_module" location="..\..\modules\contact\contact.ecf" readonly="false"/>
<library name="cms_custom_block_module" location="..\..\modules\custom_block\custom_block.ecf" readonly="false"/>
<library name="cms_demo_module" location="modules\demo\cms_demo_module.ecf" readonly="false"/>
<library name="cms_email_service" location="..\..\library\email\email.ecf" readonly="false"/>
<library name="cms_feed_aggregator_module" location="..\..\modules\feed_aggregator\feed_aggregator.ecf" readonly="false"/>
<library name="cms_files_module" location="..\..\modules\files\files.ecf" readonly="false"/>
<library name="cms_google_search_20_module" location="..\..\modules\google_search_20\google_search_20"/>
<library name="cms_messaging_module" location="..\..\modules\messaging\messaging.ecf"/>
<library name="cms_model" location="..\..\library\model\cms_model.ecf" readonly="false"/>
<library name="cms_google_search_20_module" location="..\..\modules\google_search_20\google_search_20.ecf" readonly="false" use_application_options="true"/>
<library name="cms_messaging_module" location="..\..\modules\messaging\messaging.ecf" readonly="false"/>
<library name="cms_node_module" location="..\..\modules\node\node.ecf" readonly="false"/>
<library name="cms_oauth_20_module" location="..\..\modules\oauth20\oauth20.ecf" readonly="false"/>
<library name="cms_openid_module" location="..\..\modules\openid\openid.ecf" readonly="false"/>
<library name="cms_recent_changes_module" location="..\..\modules\recent_changes\recent_changes.ecf" readonly="false"/>
<library name="cms_seo_module" location="..\..\modules\seo\seo.ecf" readonly="false"/>
<library name="cms_sitemap_module" location="..\..\modules\sitemap\sitemap.ecf" readonly="false"/>
<library name="cms_session_auth_module" location="..\..\modules\session_auth\cms_session_auth.ecf" readonly="false"/>
<library name="cms_taxnomy_module" location="..\..\modules\taxonomy\taxonomy.ecf" readonly="false"/>
<library name="cms_sitemap_module" location="..\..\modules\sitemap\sitemap.ecf" readonly="false"/>
<library name="cms_taxonomy_module" location="..\..\modules\taxonomy\taxonomy.ecf" readonly="false"/>
<library name="cms_wikitext_module" location="..\..\modules\wikitext\wikitext.ecf" readonly="false"/>
<library name="embedded_video_module" location="..\..\modules\embedded_video\embedded_video.ecf" readonly="false"/>
<library name="masquerade_auth_module" location="..\..\dev_modules\masquerade_auth\masquerade_auth.ecf" readonly="false"/>
@@ -48,7 +46,7 @@
By default, commented, since it depends on specific environment settings.
<library name="persistence_store_odbc" location="..\..\library\persistence\store_odbc\store_odbc.ecf"/>
<library name="persistence_store_mysql" location="..\..\library\persistence\store_mysql\store_mysql.ecf" />
-->
-->
<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf.ecf"/>
<library name="wsf_extension" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf_extension.ecf" readonly="false"/>
</target>
@@ -57,29 +55,28 @@
<cluster name="src" location=".\src\" recursive="true"/>
</target>
<target name="demo_standalone" extends="common">
<option debug="true">
<debug name="dbglog" enabled="true"/>
</option>
<variable name="httpd_ssl_disabled" value="true"/>
<library name="standalone_launcher" location="..\..\launcher\standalone.ecf" readonly="false"/>
<cluster name="src" location=".\src\" recursive="true"/>
</target>
<target name="demo_standalone_none" extends="demo_standalone">
<capability>
<concurrency support="none" use="none"/>
<concurrency use="none"/>
</capability>
</target>
<target name="demo_standalone_mt" extends="demo_standalone">
<capability>
<concurrency support="thread" use="thread"/>
<concurrency use="thread"/>
</capability>
</target>
<target name="demo_standalone_scoop" extends="demo_standalone">
<capability>
<concurrency use="scoop"/>
</capability>
</target>
<target name="demo_standalone_scoop_ssl" extends="demo_standalone_scoop">
<capability>
<concurrency support="scoop" use="scoop"/>
<concurrency use="scoop"/>
</capability>
<variable name="httpd_ssl_enabled" value="true"/>
<variable name="libcurl_http_client_disabled" value="true"/>
@@ -88,14 +85,14 @@
</target>
<target name="demo_cgi" extends="common">
<capability>
<concurrency support="none" use="none"/>
<concurrency use="none"/>
</capability>
<library name="cgi_launcher" location="..\..\launcher\cgi.ecf" readonly="false"/>
<cluster name="src" location=".\src\" recursive="true"/>
</target>
<target name="demo_libfcgi" extends="common">
<capability>
<concurrency support="none" use="none"/>
<concurrency use="none"/>
</capability>
<library name="libfcgi_launcher" location="..\..\launcher\libfcgi.ecf" readonly="false"/>
<cluster name="src" location=".\src\" recursive="true"/>
examples/demo/launcher/any/application_launcher.e
-19
View File
@@ -1,19 +0,0 @@
note
description: "[
Effective class for APPLICATION_LAUNCHER_I
You can put modification in this class
]"
date: "$Date$"
revision: "$Revision$"
class
APPLICATION_LAUNCHER [G -> WSF_EXECUTION create make end]
inherit
APPLICATION_LAUNCHER_I [G]
feature -- Custom
end
examples/demo/launcher/any/application_launcher_i.e
-127
View File
@@ -1,127 +0,0 @@
note
description: "[
Specific application launcher
DO NOT EDIT THIS CLASS
you can customize APPLICATION_LAUNCHER
]"
date: "$Date$"
revision: "$Revision$"
deferred class
APPLICATION_LAUNCHER_I [G -> WSF_EXECUTION create make end]
inherit
SHARED_EXECUTION_ENVIRONMENT
feature -- Execution
launch (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
nature: like launcher_nature
do
nature := launcher_nature
if nature = Void then
launch_standalone (opts)
elseif nature = nature_standalone then
launch_standalone (opts)
elseif nature = nature_nino then
launch_nino (opts)
elseif nature = nature_cgi then
launch_cgi (opts)
elseif nature = nature_libfcgi then
launch_libfcgi (opts)
else
-- bye bye
(create {EXCEPTIONS}).die (-1)
end
end
feature {NONE} -- Access
launcher_nature: detachable READABLE_STRING_8
-- Initialize the launcher nature
-- either cgi, libfcgi, or nino.
--| We could extend with more connector if needed.
--| and we could use WSF_DEFAULT_SERVICE_LAUNCHER to configure this at compilation time.
local
p: PATH
ext: detachable READABLE_STRING_32
do
create p.make_from_string (execution_environment.arguments.command_name)
if attached p.entry as l_entry then
ext := l_entry.extension
end
if ext /= Void then
if ext.same_string (nature_standalone) then
Result := nature_standalone
end
if ext.same_string (nature_nino) then
Result := nature_nino
end
if ext.same_string (nature_cgi) then
Result := nature_cgi
end
if ext.same_string (nature_libfcgi) or else ext.same_string ("fcgi") then
Result := nature_libfcgi
end
end
Result := default_nature
end
feature {NONE} -- standalone
nature_standalone: STRING = "standalone"
launch_standalone (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
launcher: WSF_STANDALONE_SERVICE_LAUNCHER [G]
do
create launcher.make_and_launch (opts)
end
feature {NONE} -- nino
nature_nino: STRING = "nino"
launch_nino (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
launcher: WSF_NINO_SERVICE_LAUNCHER [G]
do
create launcher.make_and_launch (opts)
end
feature {NONE} -- cgi
nature_cgi: STRING = "cgi"
launch_cgi (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
launcher: WSF_CGI_SERVICE_LAUNCHER [G]
do
create launcher.make_and_launch (opts)
end
feature {NONE} -- libfcgi
nature_libfcgi: STRING = "libfcgi"
launch_libfcgi (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
launcher: WSF_LIBFCGI_SERVICE_LAUNCHER [G]
do
create launcher.make_and_launch (opts)
end
feature -- Default
default_nature: STRING
do
Result := nature_standalone
end
end
examples/demo/launcher/default/application_launcher.e
-19
View File
@@ -1,19 +0,0 @@
note
description: "[
Effective class for APPLICATION_LAUNCHER_I
You can put modification in this class
]"
date: "$Date$"
revision: "$Revision$"
class
APPLICATION_LAUNCHER [G -> WSF_EXECUTION create make end]
inherit
APPLICATION_LAUNCHER_I [G]
feature -- Custom
end
examples/demo/launcher/default/application_launcher_i.e
-26
View File
@@ -1,26 +0,0 @@
note
description: "[
Specific application launcher
DO NOT EDIT THIS CLASS
you can customize APPLICATION_LAUNCHER
]"
date: "$Date$"
revision: "$Revision$"
deferred class
APPLICATION_LAUNCHER_I [G -> WSF_EXECUTION create make end]
feature -- Execution
launch (opts: detachable WSF_SERVICE_LAUNCHER_OPTIONS)
local
launcher: WSF_DEFAULT_SERVICE_LAUNCHER [G]
do
create launcher.make_and_launch (opts)
end
end
examples/demo/modules/demo/cms_demo_module.ecf
+2 -5
View File
@@ -3,13 +3,10 @@
<target name="cms_demo_module">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
<library name="cms" location="..\..\..\..\cms.ecf" readonly="false"/>
examples/demo/roc.cfg
+4
View File
@@ -3,7 +3,11 @@
"project": "demo-safe.ecf",
"location": ".",
"site_directory": "site",
"themes": {
"admin": { "location": "../../themes/admin", "mode": "link" }
},
"modules": {
"demo": { "location": "modules/demo" },
"core": { "location": "../../modules/core" },
"admin": { "location": "../../modules/admin" },
"auth": { "location": "../../modules/auth" },
examples/demo/site/config/cms.ini
+4 -2
View File
@@ -57,13 +57,15 @@ output=site\db\mails
#openid.token=
#oauth.token=
[webapi]
mode=on
[administration]
base_path=/roc-admin
#theme=admin
theme=admin
# CMS Installation, are accessible by "all", "none" or uppon "permission". (default is none)
installation_access=all
[dev]
# masquerade: all, none, permission. Default is none.
masquerade=none
masquerade=all
examples/demo/site/modules/admin/files/css/admin.css
+12
View File
@@ -41,6 +41,18 @@ ul.cms-roles li.cms_role a::before {
content: "[role] ";
}
table.cms-roles {
border: solid 1px black;
border-collapse: collapse;
}
table.cms-roles th, table.cms-roles td {
padding: 2px;
border: solid 1px black;
}
table.cms-roles td.cms_role_permission {
font-style: italic;
}
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
examples/demo/site/modules/admin/files/scss/admin.scss
+8
View File
@@ -45,6 +45,14 @@ ul.cms-roles {
content: "[role] ";
}
}
table.cms-roles {
border: solid 1px black;
border-collapse: collapse;
th,td {padding: 2px; border: solid 1px black; }
td.cms_role_permission {
font-style: italic;
}
}
ul.cms-permissions {
examples/demo/site/modules/core/scripts/user_profile.sql
+6
View File
@@ -0,0 +1,6 @@
CREATE TABLE user_profiles(
`uid` INTEGER NOT NULL CHECK("uid">=0),
`key` VARCHAR(255) NOT NULL,
`value` TEXT,
CONSTRAINT PK_uid_key PRIMARY KEY (uid,key)
);
examples/demo/site/modules/feed_aggregator/files/css/feed_aggregator.css
+7
View File
@@ -1,3 +1,10 @@
div.feed ul.nav {
list-style: none;
}
div.feed ul.nav li {
display: inline-block;
padding-right: 1em;
}
div.feed ul {
list-style: none;
position: relative;
examples/demo/site/modules/feed_aggregator/files/scss/feed_aggregator.scss
+7
View File
@@ -1,4 +1,11 @@
div.feed {
ul.nav {
list-style: none;
li {
display: inline-block;
padding-right: 1em;
}
}
ul {
list-style: none;
position: relative;
examples/demo/site/modules/files/files/js/basic.css
+1
View File
@@ -0,0 +1 @@
.dropzone,.dropzone *{box-sizing:border-box}.dropzone{position:relative}.dropzone .dz-preview{position:relative;display:inline-block;width:120px;margin:0.5em}.dropzone .dz-preview .dz-progress{display:block;height:15px;border:1px solid #aaa}.dropzone .dz-preview .dz-progress .dz-upload{display:block;height:100%;width:0;background:green}.dropzone .dz-preview .dz-error-message{color:red;display:none}.dropzone .dz-preview.dz-error .dz-error-message,.dropzone .dz-preview.dz-error .dz-error-mark{display:block}.dropzone .dz-preview.dz-success .dz-success-mark{display:block}.dropzone .dz-preview .dz-error-mark,.dropzone .dz-preview .dz-success-mark{position:absolute;display:none;left:30px;top:30px;width:54px;height:58px;left:50%;margin-left:-27px}
examples/demo/site/modules/oauth20/templates/block_login.tpl
+1 -1
View File
@@ -1,7 +1,7 @@
<div class="primary-tabs">
<div>
{foreach item="item" from="$oauth_consumers"}
<a href="{$site_url/}account/login-with-oauth/{$item/}">Login with {$item/}</a><br>
<a href="{$site_url/}account/auth/login-with-oauth/{$item/}">Login with {$item/}</a><br>
{/foreach}
</div>
</div>
examples/demo/site/modules/wikitext/files/css/wikitext.css
+4
View File
@@ -12,4 +12,8 @@
display: inline-block;
padding: 0 2px 0 2px;
margin: 0;
border: none;
border-bottom: dotted 1px #ddd;
border-radius: 4px;
background-color: #efefef;
}
examples/demo/site/modules/wikitext/files/scss/wikitext.scss
+4
View File
@@ -13,6 +13,10 @@
display: inline-block;
padding: 0 2px 0 2px;
margin: 0;
border: none;
border-bottom: dotted 1px #ddd;
border-radius: 4px;
background-color: #efefef;
}
}
}
examples/demo/site/themes/admin/assets/css/style.css
+107
View File
@@ -0,0 +1,107 @@
div {
background-color: #ffdddd;
}
ul.horizontal li {
display: inline-block;
}
#header #primary.menu ul li {
color: #555;
background-color: #fff;
padding: 10px;
margin: 0;
}
#header #primary.menu ul li a {
color: #555;
text-decoration: none;
}
#header #primary.menu ul li a:hover {
color: black;
}
#header #primary.menu ul.horizontal {
border-bottom: solid 1px #ddd;
}
#header #primary.menu ul.horizontal li {
border-top: solid 3px #fff;
}
#header #primary.menu ul.horizontal li:hover {
background-color: #ffe;
border-top: solid 3px #999;
}
#header #primary.menu ul.horizontal li.active {
font-weight: bold;
border-top: solid 3px #ddd;
background-color: #ddd;
}
#header #primary.menu ul.horizontal li.active:hover {
border-top: solid 3px blue;
}
#content {
margin-left: 20px;
}
#content #highlighted {
position: relative;
border: solid 1px #ddd;
background-color: #ffc;
width: 70%;
left: 15%;
right: 15%;
padding: 5px;
font-style: italic;
}
#content .preview {
border: solid 1px red;
}
.sidebar {
padding: 5px;
margin: 3px;
/* border: solid 1px #ccc; */
}
.sidebar#sidebar_first {
width: 250px;
position: fixed;
top: 45px;
left: 0;
bottom: 0;
width: 200px;
border-right: solid 1px #ddd;
}
.sidebar#sidebar_second {
width: 250px;
float: right;
}
.sidebar + .main {
margin-left: 200px;
}
#primary-tabs ul.horizontal {
list-style-type: none;
}
#primary-tabs ul.horizontal li {
display: inline;
padding: 2px 5px;
border: solid 1px #ccf;
}
#primary-tabs ul.horizontal li.active {
border-color: #99f #99f #ddd;
border-style: solid solid none;
border-width: 2px 1px 0;
padding: 2px 7px 1px;
}
#message li.error {
background-color: #f99;
border: solid 1px red;
padding: 5px 2px 5px 2px;
}
table.with_border thead td {
font-weight: bold;
}
table.with_border td {
border: solid 1px #ccc;
padding: 2px 5px 2px 5px;
}
examples/demo/site/themes/admin/assets/favicon.ico
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 994 B

examples/demo/site/themes/admin/assets/js/jquery-1.10.2.min.js
Vendored
+6
View File
File diff suppressed because one or more lines are too long
examples/demo/site/themes/admin/assets/js/popup_search.js
+8
View File
@@ -0,0 +1,8 @@
$(document).ready(function() {
$('#gcse_search_form').submit(function() {
window.open('', 'formpopup', 'width=600,height=600,resizeable,scrollbars');
this.target = 'formpopup';
});
});
examples/demo/site/themes/admin/assets/scss/style.scss
+110
View File
@@ -0,0 +1,110 @@
ul.horizontal {
li {
display: inline-block;
}
}
#header {
#primary.menu {
ul {
li {
color: #555;
a {
color: #555;
text-decoration: none;
&:hover { color: black; }
}
background-color: #fff;
padding: 10px;
margin: 0;
}
&.horizontal {
border-bottom: solid 1px #ddd;
li {
border-top: solid 3px #fff;
&:hover {
background-color: #ffe;
border-top: solid 3px #999;
}
&.active {
font-weight: bold;
border-top: solid 3px #ddd;
background-color: #ddd;
}
&.active:hover {
border-top: solid 3px blue;
}
}
}
}
}
}
#content {
margin-left: 20px;
#highlighted {
position: relative;
border: solid 1px #ddd;
background-color: #ffc;
width: 70%;
left: 15%;
right: 15%;
padding: 5px;
font-style: italic;
}
.preview {
border: solid 1px red;
}
}
.sidebar {
padding: 5px;
margin: 3px;
/* border: solid 1px #ccc; */
&#sidebar_first {
width: 250px;
position: fixed;
top: 45px;
left: 0;
bottom: 0;
width: 200px;
border-right: solid 1px #ddd;
}
&#sidebar_second {
width: 250px;
float: right;
}
&+.main {
margin-left: 200px;
}
}
#primary-tabs {
ul.horizontal {
list-style-type: none;
li {
display: inline;
padding: 2px 5px;
border: solid 1px #ccf;
}
li.active {
border-color: #99f #99f #ddd;
border-style: solid solid none;
border-width: 2px 1px 0;
padding: 2px 7px 1px;
}
}
}
#message li.error {
background-color: #f99;
border: solid 1px red;
padding: 5px 2px 5px 2px;
}
table.with_border {
thead td {
font-weight: bold;
}
td {
border: solid 1px #ccc;
padding: 2px 5px 2px 5px;
}
}
examples/demo/site/themes/admin/debug.tpl
+38
View File
@@ -0,0 +1,38 @@
{assign name="debug_enabled" value="True"/}
{if condition="$debug_enabled"}
<!-- start debug -->
{literal}
<style>
div.cms-debug>span {
position: absolute;
bottom: 5px;
right: 5px;
color: #ccc;
padding: 5px;
}
div.cms-debug:hover>span {
color: red;
}
div.cms-debug>span+ul {
display: none;
border: solid 2px red;
background-color: #ccc;
white-space: pre-wrap;
}
div.cms-debug:hover>span+ul {
display: block;
position: relative;
bottom: 5px;
left: 1%; right: 1%;
width: 98%;
}
</style>
{/literal}
<div class="cms-debug"><span>Show debug</span>
<ul>
{assign name="kpage" value="page"/}{assign name="kregions" value="regions"/}{foreach key="k" item="i" from="$page.variables"}{unless condition="$k ~ $kpage"}{unless condition="$k ~ $kregions"}<li><strong>{$k/}</strong>={htmlentities}{$i/}{/htmlentities}</li>{/unless}{/unless}
{/foreach}
</ul>
</div>
<!-- end debug -->
{/if}
examples/demo/site/themes/admin/page.tpl
+101
View File
@@ -0,0 +1,101 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- EWF CMS -->
<link rel="stylesheet" href="{$theme_path/}css/style.css">
<!-- jQuery dep -->
<script src="{$theme_path/}js/jquery-1.10.2.min.js"></script>
<script src="{$theme_path/}js/popup_search.js"></script>
{if isset="$head"}{$head/}{/if}
{if isset="$styles"}{$styles/}{/if}
{if isset="$scripts"}{$scripts/}{/if}
{if isset="$head_lines"}{$head_lines/}{/if}
<!-- bootstrap framework -->
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<!-- Optional theme -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap-theme.min.css">
<title>{$head_title/}</title>
</head>
<body>
<!-- Page Top -->
{if isset="$region_top"}
{$region_top/}
{/if}
<!-- Body -->
<div class='container-fluid'>
<!-- Page Header -->
<div id="header">
{if isset="$page.primary_nav"}
{$page.primary_nav/}
{/if}
</div>
<!-- Page search -->
<div class="row">
<div class="col-md-2 col-md-offset-9">
<form action="{$site_url/}gcse" class="search-form" id="gcse_search_form">
<div class="form-group has-feedback">
<input type="search" class="form-control" name="q" id="gcse_search" placeholder="search" value="{htmlentities}{$cms_search_query/}{/htmlentities}" >
<span class="glyphicon glyphicon-search form-control-feedback"></span>
</div>
</form>
</div>
</div>
<!-- General Page Content -->
<div id='content' class='row-fluid'>
<!-- Left Sidebar sidebar_first -->
{unless isempty="$page.region_sidebar_first"}
<div id="sidebar_first" class="sidebar">{$page.region_sidebar_first/}</div>
{/unless}
<!-- Right Sidebar sidebar_second-->
{unless isempty="$page.region_sidebar_second"}
<div id="sidebar_second" class="sidebar">{$page.region_sidebar_second/}</div>
{/unless}
<!-- Highlighted, Help, Content -->
<div id='main' class='span8 main'>
<!-- Highlighted Section -->
{unless isempty="$page.region_highlighted"}
<div id="highlighted">{$page.region_highlighted/}</div>
{/unless}
<!-- Help Section -->
{unless isempty="$page.region_help"}
<div id="help">{$page.region_help/}</div>
{/unless}
<!-- Main Content Section -->
{unless isempty="$page_title"}<h1 class="page-title">{$page_title/}</h1>{/unless}
{$page.region_content/}
{if condition="$page.is_front"}
{if isset="$page.region_feed_news"}
<div class="column" style="width: 45%; float: left">{$page.region_feed_news/}</div>
{/if}
{if isset="$page.region_feed_forum"}
<div class="column" style="width: 45%; float: left">{$page.region_feed_forum/}</div>
{/if}
{/if}
</div>
</div>
</div>
<!--Page footer -->
{$page.region_footer/}
<!-- Page Bottom -->
{$page.region_bottom/}
<!-- jQuery (necessary for Bootstrap's JavaScript plugins) -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<!-- Latest compiled and minified JavaScript -->
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/js/bootstrap.min.js"></script>
{include file="debug.tpl"/}
</body>
</html>
examples/demo/site/themes/admin/theme.info
+14
View File
@@ -0,0 +1,14 @@
name=admin
engine=smarty
author=jocelyn fiat
version=0.1
regions[page_top] = Top
regions[header] = Header
regions[content] = Content
regions[highlighted] = Highlighted
regions[help] = Help
regions[footer] = Footer
regions[sidebar_first] = first sidebar
regions[sidebar_second] = second sidebar
regions[page_bottom] = Bottom
navigation=default_nav
launcher/any.ecf
-1
View File
@@ -10,7 +10,6 @@
<target name="launcher" extends="common">
<library name="cgi" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\connector\cgi.ecf"/>
<library name="libfcgi" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\connector\libfcgi.ecf"/>
<library name="standalone" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\connector\standalone.ecf"/>
<cluster name="launcher" location=".\any\" recursive="true"/>
<cluster name="src" location=".\"/>
launcher/cgi.ecf
-3
View File
@@ -2,9 +2,6 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="cgi_launcher" uuid="0FE4F1D0-BB70-4C7F-A66E-B27F1D718109" library_target="cgi_launcher">
<target name="common" abstract="true">
<root all_classes="true"/>
<capability>
<concurrency support="none"/>
</capability>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\cms.ecf"/>
<library name="cms_app_env" location="..\library\app_env\app_env.ecf" readonly="false"/>
launcher/libfcgi.ecf
-5
View File
@@ -2,11 +2,6 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="libfcgi_launcher" uuid="04D7D1EA-059B-4024-B0DE-BBB57AB2D00C" library_target="libfcgi_launcher">
<target name="common" abstract="true">
<root all_classes="true"/>
<option>
</option>
<capability>
<concurrency support="none"/>
</capability>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\cms.ecf"/>
<library name="cms_app_env" location="..\library\app_env\app_env.ecf" readonly="false"/>
launcher/standalone.ecf
-3
View File
@@ -2,9 +2,6 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="standalone_launcher" uuid="F42660A9-26C2-466B-A63C-C7823C808BE7" library_target="standalone_launcher">
<target name="common" abstract="true">
<root all_classes="true"/>
<option>
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\cms.ecf"/>
<library name="cms_app_env" location="..\library\app_env\app_env.ecf" readonly="false"/>
library/app_env/app_env.ecf
+1 -3
View File
@@ -3,14 +3,12 @@
<description>Application Environment (layout, configuration, logger, database, ...)</description>
<target name="app_env">
<root all_classes="true"/>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
<library name="logging" location="$ISE_LIBRARY\library\runtime\logging\logging.ecf"/>
<cluster name="src" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
library/app_env/src/application_environment.e
+11 -4
View File
@@ -38,14 +38,14 @@ feature {NONE} -- Initialization
end
make_with_path (p: PATH)
-- Create a layour based on a path `p'.
-- Create a layout based on a path `p'.
do
path := p.absolute_path.canonical_path
initialize_name
end
make_with_directory_name (a_dirname: READABLE_STRING_GENERAL)
-- Create a layour based on a path `p'.
-- Create a layout based on directory name `a_dirname'.
do
make_with_path (create {PATH}.make_from_string (a_dirname))
end
@@ -105,11 +105,18 @@ feature -- Access: internal
application_config_path: PATH
-- Database Configuration file path.
local
p: detachable PATH
p,p_dft: detachable PATH
fut: FILE_UTILITIES
do
p := internal_application_config_path
if p = Void then
p := config_path.extended (name + ".json")
if not fut.file_path_exists (p) then
p_dft := config_path.extended ("env.json")
if fut.file_path_exists (p_dft) then
p := p_dft
end
end
internal_application_config_path := p
end
Result := p
@@ -206,6 +213,6 @@ feature {NONE} -- Implementation
-- Directory for templates (HTML, etc).
;note
copyright: "2011-2015, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
copyright: "2011-2017, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end
library/configuration/config.ecf
+2 -4
View File
@@ -3,12 +3,10 @@
<target name="config">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf"/>
<cluster name="src" location=".\src\" recursive="true"/>
library/configuration/tests/config_tests.ecf
+2 -4
View File
@@ -3,12 +3,10 @@
<target name="config_tests">
<root class="TEST_CONFIG_READER_SET" feature="default_create"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<capability>
<concurrency use="none"/>
</capability>
library/email/email.ecf
+2 -5
View File
@@ -3,13 +3,10 @@
<target name="email_service">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms_app_env" location="..\app_env\app_env.ecf"/>
<library name="notification_mailer" location="$ISE_LIBRARY\contrib\library\runtime\process\notification_email\notification_email.ecf"/>
library/gcse/gcse.ecf
+2 -6
View File
@@ -3,15 +3,11 @@
<target name="gcse">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<setting name="console_application" value="true"/>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="http_client_extension" location="..\http_client_extension\http_client_extension.ecf" readonly="false"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
library/gcse/test/test.ecf
+2 -2
View File
@@ -1,5 +1,5 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="gcse_tests" uuid="6E2183A4-28E0-4835-A9AA-BAB13696D873">
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="gcse_tests" uuid="8E9CF931-93CE-4C5A-BF1A-6FD7D850C5FB">
<target name="gcse_tests">
<root class="APPLICATION" feature="make"/>
<option warning="true">
@@ -14,7 +14,7 @@
<library name="testing" location="$ISE_LIBRARY\library\testing\testing.ecf"/>
<cluster name="test" location=".\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
library/http_client_extension/http_client_extension.ecf
+7 -12
View File
@@ -2,10 +2,12 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="http_client_extension" uuid="EA6A381D-2E78-448C-8A6D-B71759F1082E" library_target="http_client_extension">
<target name="http_client_extension">
<root all_classes="true"/>
<option warning="true">
</option>
<setting name="console_application" value="true"/>
<file_rule>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
<library name="curl" location="$ISE_LIBRARY\library\cURL\cURL.ecf"/>
@@ -14,13 +16,6 @@
<library name="http_client" location="$ISE_LIBRARY\contrib\library\network\http_client\http_client.ecf"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
<library name="uri" location="$ISE_LIBRARY\library\text\uri\uri.ecf"/>
<cluster name="http_client_extension" location=".\src\" recursive="true">
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
</cluster>
<cluster name="http_client_extension" location=".\src\" recursive="true"/>
</target>
</system>
library/model/cms_model.ecf
+7 -10
View File
@@ -2,18 +2,15 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="cms_model" uuid="57C6F407-E894-4554-8A59-C8D1F3BBC5D7" library_target="cms_model">
<target name="cms_model">
<root all_classes="true"/>
<option warning="true">
</option>
<file_rule>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
<library name="time" location="$ISE_LIBRARY\library\time\time.ecf"/>
<cluster name="cms_model" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
</cluster>
<cluster name="cms_model" location=".\src\" recursive="true"/>
</target>
</system>
library/model/src/user/cms_temp_user.e
+10 -4
View File
@@ -23,12 +23,18 @@ feature -- Access
feature -- Element change
set_personal_information (a_personal_information: like personal_information)
-- Assign `personal_information' with `a_personal_information'.
set_personal_information (a_personal_information: detachable READABLE_STRING_GENERAL)
-- Assign `personal_information` with `a_personal_information`.
do
personal_information := a_personal_information
if a_personal_information = Void then
personal_information := Void
else
personal_information := a_personal_information.as_string_32
end
ensure
personal_information_assigned: personal_information = a_personal_information
personal_information_assigned: a_personal_information /= Void
implies (attached personal_information as inf and then
a_personal_information.same_string (inf))
end
set_salt (a_salt: like salt)
library/model/src/user/cms_user.e
+7 -39
View File
@@ -17,15 +17,19 @@ create
feature {NONE} -- Initialization
make (a_name: READABLE_STRING_32)
make (a_name: READABLE_STRING_GENERAL)
-- Create an object with name `a_name'.
require
a_name_not_empty: not a_name.is_whitespace
do
name := a_name
if attached {READABLE_STRING_32} a_name as n32 then
name := n32
else
name := a_name.to_string_32
end
initialize
ensure
name_set: name = a_name
name_set: name.same_string_general (a_name)
status_not_active: status = not_active
end
@@ -94,19 +98,6 @@ feature -- Roles
roles: detachable LIST [CMS_USER_ROLE]
-- If set, list of roles for current user.
feature -- Access: data
item (k: READABLE_STRING_GENERAL): detachable ANY assign put
-- Additional item data associated with key `k'.
do
if attached items as tb then
Result := tb.item (k)
end
end
items: detachable STRING_TABLE [detachable ANY]
-- Additional data.
feature -- Status report
has_id: BOOLEAN
@@ -219,29 +210,6 @@ feature -- Element change: roles
roles := lst
end
feature -- Change element: data
put (d: like item; k: READABLE_STRING_GENERAL)
-- Associate data item `d' with key `k'.
local
tb: like items
do
tb := items
if tb = Void then
create tb.make (1)
items := tb
end
tb.force (d, k)
end
remove (k: READABLE_STRING_GENERAL)
-- Remove data item associated with key `k'.
do
if attached items as tb then
tb.remove (k)
end
end
feature -- Status change
mark_not_active
library/model/src/user/cms_user_profile.e
+72
View File
@@ -0,0 +1,72 @@
note
description: "[
User profile used to extend information associated with a {CMS_USER}.
]"
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_PROFILE
inherit
TABLE_ITERABLE [READABLE_STRING_32, READABLE_STRING_GENERAL]
create
make
feature {NONE} -- Initialization
make
-- Create Current profile.
do
create items.make (0)
end
feature -- Access
item alias "[]" (k: READABLE_STRING_GENERAL): detachable READABLE_STRING_32
-- Profile item associated with key `k`.
do
Result := items.item (k)
end
has_key (k: READABLE_STRING_GENERAL): BOOLEAN
-- Has a profile item associated with key `k`?
do
Result := items.has (k)
end
count: INTEGER
do
Result := items.count
end
is_empty: BOOLEAN
do
Result := items.is_empty
end
feature -- Change
force (v: READABLE_STRING_GENERAL; k: READABLE_STRING_GENERAL)
-- Associated value `v` with key `k`.
do
items.force (v.to_string_32, k)
end
feature -- Access
new_cursor: TABLE_ITERATION_CURSOR [READABLE_STRING_32, READABLE_STRING_GENERAL]
-- Fresh cursor associated with current structure
do
Result := items.new_cursor
end
feature {NONE} -- Implementation
items: STRING_TABLE [READABLE_STRING_32]
;note
copyright: "2011-2014, Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end
library/persistence/implementation/store/cms_storage_store_sql.e
+6
View File
@@ -110,6 +110,12 @@ feature -- Query
sql_post_execution
end
sql_delete (a_sql_statement: STRING; a_params: detachable STRING_TABLE [detachable ANY])
-- <Precursor>
do
sql_modify (a_sql_statement, a_params)
end
sql_rows_count: INTEGER
-- Number of rows for last sql execution.
do
library/persistence/sqlite3/sqlite3.ecf
+8 -11
View File
@@ -2,8 +2,12 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="persistence_sqlite3" uuid="4E536C92-A09F-4305-8230-2EC5ABC51416" library_target="persistence_sqlite3">
<target name="persistence_sqlite3">
<root all_classes="true"/>
<option warning="true">
</option>
<file_rule>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<library name="app_env" location="..\..\app_env\app_env.ecf"/>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\..\cms.ecf"/>
@@ -13,15 +17,8 @@
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
<library name="logging" location="$ISE_LIBRARY\library\runtime\logging\logging.ecf"/>
<library name="model" location="..\..\model\cms_model.ecf"/>
<library name="sqlite3" location="$ISE_LIBRARY\unstable\library\persistency\database\sqlite3\sqlite.ecf"/>
<library name="sqlite3" location="$ISE_LIBRARY\unstable\library\persistency\database\sqlite3\sqlite.ecf" readonly="false"/>
<library name="time" location="$ISE_LIBRARY\library\time\time.ecf"/>
<cluster name="persistence_sqlite" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
<exclude>/old$</exclude>
</file_rule>
</cluster>
<cluster name="persistence_sqlite" location=".\src\" recursive="true"/>
</target>
</system>
library/persistence/sqlite3/src/cms_storage_sqlite3.e
+25 -8
View File
@@ -73,14 +73,25 @@ feature -- Execution
sql_begin_transaction
-- Start a database transtaction.
local
retried: BOOLEAN
do
if transaction_depth = 0 then
sqlite.begin_transaction (False)
end
transaction_depth := transaction_depth + 1
debug ("roc_storage")
print ("# sql_begin_transaction (depth="+ transaction_depth.out +").%N")
if retried then
-- Issue .. db locked?
sql_rollback_transaction
error_handler.add_custom_error (-1, "db error", "Unable to begin transaction..")
else
if transaction_depth = 0 then
sqlite.begin_transaction (False)
end
transaction_depth := transaction_depth + 1
debug ("roc_storage")
print ("# sql_begin_transaction (depth="+ transaction_depth.out +").%N")
end
end
rescue
retried := True
retry
end
sql_rollback_transaction
@@ -230,6 +241,12 @@ feature -- Operation
end
end
sql_delete (a_sql_statement: STRING; a_params: detachable STRING_TABLE [detachable ANY])
-- <Precursor>
do
sql_modify (a_sql_statement, a_params)
end
sqlite_arguments (a_params: STRING_TABLE [detachable ANY]): ARRAYED_LIST [SQLITE_BIND_ARG [ANY]]
local
k: READABLE_STRING_GENERAL
@@ -440,12 +457,12 @@ feature -- Conversion
until
i = 0
loop
i := a_statement.substring_index ("AUTO_INCREMENT", i)
i := a_statement.substring_index ("KEY AUTO_INCREMENT", i)
if i > 0 then
if Result = a_statement then
create Result.make_from_string (a_statement)
end
Result.remove (i + 4)
Result.remove (i + 8)
i := i + 14
end
end
library/persistence/store_mysql/store_mysql.ecf
+2 -3
View File
@@ -3,8 +3,6 @@
<description>CMS Eiffel Store MySQL persistence solution</description>
<target name="store_mysql">
<root all_classes="true"/>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\..\cms.ecf" readonly="false"/>
<library name="cms_app_env" location="..\..\app_env\app_env.ecf"/>
@@ -24,7 +22,8 @@
</cluster>
<cluster name="persistence_store_mysql" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
library/persistence/store_mysql/tests/tests.ecf
+3 -3
View File
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="tests" uuid="FCC2264E-784F-4ACF-9262-E348904FDBA5">
<target name="tests">
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="store_mysql_tests" uuid="FCC2264E-784F-4ACF-9262-E348904FDBA5">
<target name="store_mysql_tests">
<root class="APPLICATION" feature="make"/>
<option warning="true">
<assertions supplier_precondition="true"/>
@@ -19,7 +19,7 @@
<library name="testing" location="$ISE_LIBRARY\library\testing\testing.ecf"/>
<cluster name="tests" location=".\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
<exclude>/nodes$</exclude>
library/persistence/store_mysql_fake/store_mysql.ecf
+1 -3
View File
@@ -3,8 +3,6 @@
<description>CMS Eiffel Store MySQL persistence solution FAKE!!!</description>
<target name="store_mysql_fake">
<root all_classes="true"/>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\..\cms.ecf" readonly="false"/>
<library name="cms_app_env" location="..\..\app_env\app_env.ecf"/>
@@ -17,7 +15,7 @@
<library name="time" location="$ISE_LIBRARY\library\time\time.ecf"/>
<cluster name="persistence_store_mysql_fake" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
library/persistence/store_odbc/store_odbc.ecf
+1 -3
View File
@@ -3,8 +3,6 @@
<target name="persistence_store_odbc">
<description>CMS Eiffel Store ODBC persistence solution</description>
<root all_classes="true"/>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\..\cms.ecf"/>
<library name="cms_app_env" location="..\..\app_env\app_env.ecf"/>
@@ -20,7 +18,7 @@
<cluster name="common" location="..\implementation\store\" recursive="true"/>
<cluster name="persistence_store_odbc" location=".\src\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
library/persistence/store_odbc/tests/tests.ecf
+1 -1
View File
@@ -19,7 +19,7 @@
<library name="testing" location="$ISE_LIBRARY\library\testing\testing.ecf"/>
<cluster name="tests" location=".\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
<exclude>/nodes$</exclude>
library/recaptcha/recaptcha.ecf
+4 -5
View File
@@ -3,16 +3,15 @@
<target name="recaptcha">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="http_client_extension" location="..\http_client_extension\http_client_extension.ecf"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf" readonly="false"/>
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json.ecf"/>
<library name="uri" location="$ISE_LIBRARY\library\text\uri\uri.ecf"/>
<cluster name="recaptcha" location=".\src\" recursive="true"/>
</target>
</system>
library/recaptcha/src/recaptcha_api.e
+9 -11
View File
@@ -98,26 +98,24 @@ feature {NONE} -- REST API
get: detachable RESPONSE
-- Reading Data
local
l_request: REQUEST
do
create l_request.make ("GET", new_uri)
Result := l_request.execute
Result := (create {REQUEST}.make ("GET", new_uri)).execute
end
feature {NONE} -- Implementation
new_uri: STRING_8
-- new uri (BaseUri?secret=secret_value&response=response_value[&remoteip=remoteip_value]
local
l_uri: URI
do
create Result.make_from_string (base_uri)
Result.append ("?secret=")
Result.append (secret)
Result.append ("&response=")
Result.append (response)
create l_uri.make_from_string (base_uri)
l_uri.add_query_parameter ("secret", secret)
l_uri.add_query_parameter ("response", response)
if attached remoteip as l_remoteip then
Result.append ("&remoteip=" + l_remoteip)
l_uri.add_query_parameter ("remoteip", l_remoteip)
end
Result := l_uri.string
end
put_error (a_code: READABLE_STRING_GENERAL)
@@ -134,7 +132,7 @@ feature {NONE} -- Implementation
end
note
copyright: "2011-2015 Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
copyright: "2011-2017 Javier Velilla, Jocelyn Fiat, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
source: "[
Eiffel Software
library/recaptcha/test/test.ecf
+1 -1
View File
@@ -15,7 +15,7 @@
<library name="testing" location="$ISE_LIBRARY\library\testing\testing.ecf"/>
<cluster name="test" location=".\" recursive="true">
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
modules/admin/admin.ecf
+1 -4
View File
@@ -3,13 +3,10 @@
<target name="admin">
<root all_classes="true"/>
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true" full_class_checking="false" syntax="transitional">
<assertions/>
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\cms.ecf"/>
<library name="cms_app_env" location="..\..\library\app_env\app_env.ecf" readonly="false"/>
modules/admin/cms_admin_module_administration.e
+22 -1
View File
@@ -27,6 +27,7 @@ feature -- Security
-- List of permission ids, used by this module, and declared.
do
Result := Precursor
Result.force (perm_view_system_info)
Result.force ("access admin")
Result.force ("admin users")
Result.force ("admin roles")
@@ -39,6 +40,8 @@ feature -- Security
Result.force ("admin formats")
end
perm_view_system_info: STRING = "view system info"
feature {NONE} -- Router/administration
setup_administration_router (a_router: WSF_ROUTER; a_api: CMS_API)
@@ -46,12 +49,14 @@ feature {NONE} -- Router/administration
local
l_admin_handler: CMS_ADMIN_HANDLER
l_info_handler: CMS_ADMIN_INFO_HANDLER
l_modules_handler: CMS_ADMIN_MODULES_HANDLER
l_users_handler: CMS_ADMIN_USERS_HANDLER
l_roles_handler: CMS_ADMIN_ROLES_HANDLER
l_formats_handler: CMS_ADMIN_FORMATS_HANDLER
l_user_handler: CMS_USER_HANDLER
l_user_handler: CMS_ADMIN_USER_HANDLER
l_role_handler: CMS_ROLE_HANDLER
l_admin_logs_handler: CMS_LOGS_HANDLER
@@ -67,6 +72,10 @@ feature {NONE} -- Router/administration
create l_uri_mapping.make_trailing_slash_ignored ("", l_admin_handler)
a_router.map (l_uri_mapping, a_router.methods_get_post)
create l_info_handler.make (a_api)
create l_uri_mapping.make_trailing_slash_ignored ("/info", l_info_handler)
a_router.map (l_uri_mapping, a_router.methods_get)
create l_modules_handler.make (a_api)
create l_uri_mapping.make_trailing_slash_ignored ("/modules", l_modules_handler)
a_router.map (l_uri_mapping, a_router.methods_get_post)
@@ -146,27 +155,39 @@ feature -- Hooks
if l_api.user_is_authenticated then
admin_lnk := a_menu_system.management_menu.new_composite_item ("Admin", l_api.administration_path_location (""))
-- Global system information
create lnk.make ("Info", l_api.administration_path_location ("info"))
lnk.set_permission_arguments (<<"view system info">>)
lnk.set_weight (-1)
admin_lnk.extend (lnk)
create lnk.make ("Module", l_api.administration_path_location ("modules"))
lnk.set_permission_arguments (<<"manage module">>)
lnk.set_weight (1)
admin_lnk.extend (lnk)
create lnk.make ("Formats", l_api.administration_path_location ("formats"))
lnk.set_permission_arguments (<<"admin formats">>)
lnk.set_weight (2)
admin_lnk.extend (lnk)
-- Per module cache permission!
create lnk.make ("Cache", l_api.administration_path_location ("cache"))
lnk.set_permission_arguments (<<"admin cache">>)
lnk.set_weight (3)
admin_lnk.extend (lnk)
-- Per module export permission!
create lnk.make ("Export", l_api.administration_path_location ("export"))
lnk.set_permission_arguments (<<"admin export">>)
lnk.set_weight (8)
admin_lnk.extend (lnk)
-- Per module import permission!
create lnk.make ("Import", l_api.administration_path_location ("import"))
lnk.set_permission_arguments (<<"admin import">>)
lnk.set_weight (9)
admin_lnk.extend (lnk)
end
end
modules/admin/handler/cms_admin_cache_handler.e
+4 -4
View File
@@ -47,10 +47,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_custom_access_denied (Void, <<"admin cache">>, req, res)
end
l_response.execute
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
@@ -77,10 +77,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_custom_access_denied (Void, <<"admin cache">>, req, res)
end
l_response.execute
end
feature -- Widget
modules/admin/handler/cms_admin_export_handler.e
+4 -4
View File
@@ -47,10 +47,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_access_denied (req, res)
end
l_response.execute
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
@@ -92,10 +92,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_access_denied (req, res)
end
l_response.execute
end
feature -- Widget
modules/admin/handler/cms_admin_handler.e
+5 -7
View File
@@ -3,7 +3,7 @@ note
handler for CMS admin in the CMS interface.
TODO: implement REST API.
]"
]"
date: "$Date$"
revision: "$Revision$"
@@ -64,12 +64,11 @@ feature -- HTTP Methods
local
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if api.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
create {CMS_ADMIN_RESPONSE} r.make (req, res, api)
r.execute
else
r.execute
send_access_denied (req, res)
end
end
@@ -77,12 +76,11 @@ feature -- HTTP Methods
local
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
if api.has_permission ("manage " + {CMS_ADMIN_MODULE}.name) then
create {CMS_ADMIN_RESPONSE} r.make (req, res, api)
r.execute
else
r.execute
send_access_denied (req, res)
end
end
modules/admin/handler/cms_admin_import_handler.e
+4 -5
View File
@@ -47,10 +47,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_access_denied (req, res)
end
l_response.execute
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
@@ -99,11 +99,10 @@ feature -- Execution
create s.make_empty
f.append_to_html (l_response.wsf_theme, s)
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_access_denied (req, res)
end
l_response.execute
end
feature -- Widget
modules/admin/handler/cms_admin_info_handler.e
+80
View File
@@ -0,0 +1,80 @@
note
description: "Display information about ROC CMS installation."
date: "$Date$"
revision: "$Revision$"
class
CMS_ADMIN_INFO_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
create
make
feature -- Execution
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute request handler
local
r: like new_generic_response
s: STRING
do
if req.is_get_request_method then
if api.has_permission ({CMS_ADMIN_MODULE_ADMINISTRATION}.perm_view_system_info) then
r := new_generic_response (req, res)
create s.make_empty
r.set_title ("System Information")
r.add_to_primary_tabs (api.administration_link ("Administration", ""))
append_system_info_to (s)
r.set_main_content (s)
r.execute
else
send_access_denied (req, res)
end
else
send_bad_request (req, res)
end
end
append_system_info_to (s: STRING)
local
n: INTEGER
do
s.append ("<ul>")
s.append ("<li><strong>Current direction:</strong> ")
s.append (html_encoded ((create {EXECUTION_ENVIRONMENT}).current_working_path.name))
s.append ("</li>")
s.append ("<li><strong>Site:</strong> ")
s.append (html_encoded (api.setup.site_location.name))
s.append ("</li>")
s.append ("<li><strong>Cache:</strong> ")
s.append (html_encoded (api.setup.cache_location.name))
s.append ("</li>")
s.append ("<li><strong>Files:</strong> ")
s.append (html_encoded (api.setup.files_location.name))
s.append ("</li>")
s.append ("<li><strong>Temp:</strong> ")
s.append (html_encoded (api.setup.temp_location.name))
s.append ("</li>")
s.append ("<li><strong>Storage:</strong>")
n := s.count
across
api.setup.storage_drivers as ic
loop
if s.count > n then
s.append (", ")
else
s.append (" ")
end
s.append (html_encoded (ic.key))
end
s.append (" -&gt; ")
s.append (api.storage.generator)
s.append ("</li>")
s.append ("</ul>")
end
end
modules/admin/handler/cms_admin_modules_handler.e
+8 -13
View File
@@ -50,7 +50,7 @@ feature -- Execution
attached {WSF_TABLE} req.query_parameter ("module_uninstallation") as tb
then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if attached api.setup.string_8_item ("admin.installation_access") as l_access then
if attached api.setup.string_8_item ("administration.installation_access") as l_access then
if l_access.is_case_insensitive_equal ("none") then
l_denied := True
elseif l_access.is_case_insensitive_equal ("permission") then
@@ -60,8 +60,7 @@ feature -- Execution
l_denied := True
end
if l_denied then
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("You do not have permission to access CMS module uninstallation procedure!")
send_custom_access_denied ("You do not have permission to access CMS module uninstallation procedure!", Void, req, res)
else
create s.make_empty
across
@@ -82,8 +81,8 @@ feature -- Execution
end
s.append (r.link ("Back to modules management", r.location, Void))
r.set_main_content (s)
r.execute
end
r.execute
else
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create s.make_empty
@@ -119,8 +118,7 @@ feature -- Execution
l_denied := True
end
if l_denied then
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("You do not have permission to access CMS module installation procedure!")
send_custom_access_denied ("You do not have permission to access CMS module installation procedure!", Void, req, res)
else
f := modules_to_install_collection_web_form (r)
f.submit_actions.extend (agent on_installation_submit)
@@ -138,8 +136,8 @@ feature -- Execution
r.add_notice_message ("Operation on module(s) succeeded.")
r.set_redirection (r.location)
end
r.execute
end
r.execute
elseif l_op.same_string ("Update status") then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if api.has_permission ("admin module") then
@@ -159,15 +157,12 @@ feature -- Execution
r.add_notice_message ("Operation on module(s) succeeded.")
r.set_redirection (r.location)
end
r.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("You do not have permission to administrate CMS modules!")
send_custom_access_denied ("You do not have permission to administrate CMS modules!", Void, req, res)
end
r.execute
else
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.execute
send_bad_request (req, res)
end
else
do_get (req, res)
modules/admin/handler/cms_admin_path_alias_handler.e
+5 -5
View File
@@ -81,10 +81,10 @@ feature -- Execution
s.append ("</ul>")
end
l_response.set_main_content (s)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
send_access_denied (req, res)
end
l_response.execute
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
@@ -114,11 +114,11 @@ feature -- Execution
l_response.set_redirection (l_response.location)
l_response.set_redirection_delay (3)
l_response.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
l_response.set_redirection (l_response.location)
send_access_denied (req, res)
-- CHECK: set redirection?
end
l_response.execute
end
end
modules/admin/handler/format/cms_admin_formats_handler.e
+6 -6
View File
@@ -152,8 +152,8 @@ feature -- View/edit Format
i := i + 1
l_name := f_ic.item.name
l_all_filters.force (f_ic.item, l_name)
create cb.make_with_value ("filters[" + l_name + "]", l_name)
cb.set_title (f_ic.item.title)
create cb.make_with_value ("filters[" + l_name + "]", l_name.to_string_32)
cb.set_title (f_ic.item.title.to_string_32)
cb.set_checked (True)
create hf.make_with_text ("filter_weight[" + l_name + "]", i.out)
@@ -178,8 +178,8 @@ feature -- View/edit Format
l_name := f_ic.item.name
if l_all_filters.has (l_name) then
else
create cb.make_with_value ("filters[" + l_name + "]", l_name)
cb.set_title (f_ic.item.title)
create cb.make_with_value ("filters[" + l_name + "]", l_name.to_string_32)
cb.set_title (f_ic.item.title.to_string_32)
create ftb_row.make (2)
ftb.add_row (ftb_row)
ftb_row.add_widget (cb)
@@ -195,8 +195,8 @@ feature -- View/edit Format
api.content_types as ct_ic
loop
l_name := ct_ic.item.name
create cb.make_with_value ("content_types[]", l_name)
cb.set_title (l_name)
create cb.make_with_value ("content_types[]", l_name.to_string_32)
cb.set_title (l_name.to_string_32)
if f /= Void and then ct_ic.item.has_format (f.name) then
cb.set_checked (True)
end
modules/admin/handler/logs/cms_logs_handler.e
+3 -4
View File
@@ -63,7 +63,7 @@ feature -- HTTP Methods
l_logs: LIST [CMS_LOG]
l_log: CMS_LOG
r: CMS_RESPONSE
l_cat: detachable READABLE_STRING_8
l_cat: detachable READABLE_STRING_32
l_lower: INTEGER
l_count: INTEGER
b: STRING
@@ -104,11 +104,10 @@ feature -- HTTP Methods
r.set_main_content (b)
r.set_page_title ("Logs ...")
r.set_title ("Logs")
r.execute
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
send_access_denied (req, res)
end
r.execute
end
end
modules/admin/handler/role/cms_admin_roles_handler.e
+92 -21
View File
@@ -7,7 +7,6 @@ class
CMS_ADMIN_ROLES_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
@@ -29,6 +28,8 @@ inherit
do_get
end
CMS_SHARED_SORTING_UTILITIES
REFACTORING_HELPER
create
@@ -54,26 +55,30 @@ feature -- execute
execute (req, res)
end
feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
local
l_response: CMS_RESPONSE
s: STRING
u: CMS_USER_ROLE
l_role: CMS_USER_ROLE
l_perm: READABLE_STRING_8
l_count: INTEGER
user_api: CMS_USER_API
l_full: BOOLEAN
l_modname: STRING_8
l_mods: ARRAYED_LIST [STRING_8]
l_perms: LIST [READABLE_STRING_8]
do
-- At the moment the template are hardcoded, but we can
-- get them from the configuration file and load them into
-- the setup class.
user_api := api.user_api
l_count := user_api.roles_count
l_full := attached {WSF_STRING} req.query_parameter ("full") as p and then p.is_case_insensitive_equal ("yes")
create {GENERIC_VIEW_CMS_RESPONSE} l_response.make (req, res, api)
create s.make_empty
@@ -84,27 +89,93 @@ feature -- HTTP Methods
end
if attached user_api.roles as lst then
s.append ("<ul class=%"cms-roles%">%N")
across
lst as ic
loop
u := ic.item
s.append ("<li class=%"cms_role%">")
s.append ("<a href=%"")
s.append (req.absolute_script_url (api.administration_path ("/role/") + u.id.out))
s.append ("%">")
s.append (html_encoded (u.name))
s.append ("</a>")
s.append ("</li>%N")
end
s.append ("</ul>%N")
end
l_response.add_to_primary_tabs (api.local_link ("Permissions", l_response.location + "?full=yes"))
l_response.add_to_primary_tabs (api.local_link ("Roles", l_response.location))
if l_full then
s.append ("<table class=%"cms-roles%"><tr><th>Permissions</th>")
across
lst as ic
loop
l_role := ic.item
s.append ("<th class=%"cms_role%">")
s.append ("<a href=%"")
s.append (req.absolute_script_url (api.administration_path ("/role/") + l_role.id.out))
s.append ("%">")
s.append (html_encoded (l_role.name))
s.append ("</a>")
s.append ("</th>%N")
end
s.append ("</tr>")
if attached user_api.role_permissions as l_role_permissions then
create l_mods.make (l_role_permissions.count)
across
l_role_permissions as m_ic
loop
l_modname := m_ic.key
l_mods.force (l_modname)
end
string_sorter.sort (l_mods)
across
l_mods as m_ic
loop
l_modname := m_ic.item
l_perms := l_role_permissions.item (l_modname)
s.append ("<tr><th colspan=%"" + (1 + lst.count).out + "%">")
if l_modname.is_whitespace then
s.append ("...")
else
s.append (html_encoded (l_modname))
end
s.append ("</th></tr>")
if l_perms /= Void then
across
l_perms as p_ic
loop
l_perm := p_ic.item
if not l_perm.is_whitespace then
s.append ("<tr><td class=%"cms_role_permission%">")
s.append (html_encoded (l_perm))
s.append ("</td>")
across
lst as ic
loop
l_role := ic.item
s.append ("<td>")
if l_role.has_permission (l_perm) then
s.append ("X")
end
s.append ("</td>")
end
s.append ("</tr>")
end
end
end
end
end
s.append ("</table>")
else
s.append ("<ul class=%"cms-roles%">%N")
across
lst as ic
loop
l_role := ic.item
s.append ("<li class=%"cms_role%">")
s.append ("<a href=%"")
s.append (req.absolute_script_url (api.administration_path ("/role/") + l_role.id.out))
s.append ("%">")
s.append (html_encoded (l_role.name))
s.append ("</a>")
s.append ("</li>%N")
end
s.append ("</ul>%N")
end
end
s.append ("<br/>")
if l_response.has_permission ("admin roles") then
s.append (l_response.link ("Add Role", api.administration_path_location ("add/role"), Void))
end
l_response.set_main_content (s)
l_response.execute
end
modules/admin/handler/role/cms_role_form_response.e
+31 -20
View File
@@ -37,11 +37,26 @@ feature -- Process
b: STRING_8
uid: INTEGER_64
user_api: CMS_USER_API
lnk: CMS_LINK
do
user_api := api.user_api
create b.make_empty
uid := role_id_path_parameter (request)
if uid > 0 and then attached user_api.user_role_by_id (uid.to_integer) as l_role then
if l_role.has_id then
lnk := api.administration_link (translation ("View", Void), "role/" + l_role.id.out)
lnk.set_weight (1)
add_to_primary_tabs (lnk)
lnk := api.administration_link (translation ("Edit", Void), "role/" + l_role.id.out + "/edit")
lnk.set_weight (2)
add_to_primary_tabs (lnk)
lnk := api.administration_link (translation ("Delete", Void), "role/" + l_role.id.out + "/delete")
lnk.set_weight (3)
add_to_primary_tabs (lnk)
end
fixme ("Issues with WSD_FORM_DATA.apply_to_associated_form")
-- if we have a WSF_FORM_CHECKBOK_INPUT, cheked inputs, are not preserverd in case of error.
if location.ends_with_general ("/edit") then
@@ -52,6 +67,10 @@ feature -- Process
else
new_form
end
lnk := api.administration_link (translation ("<< Roles", Void), "roles")
lnk.set_weight (10)
add_to_primary_tabs (lnk)
end
feature -- Process Edit
@@ -63,7 +82,7 @@ feature -- Process Edit
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_edit_form (a_role, request_url (Void), "edit-user")
f := new_edit_form (a_role, request_url (Void), "edit-user-role")
api.hooks.invoke_form_alter (f, fd, Current)
if request.is_post_request_method then
f.validation_actions.extend (agent edit_form_validate(?,a_role, b))
@@ -71,11 +90,7 @@ feature -- Process Edit
f.process (Current)
fd := f.last_data
end
if a_role.has_id then
add_to_menu (api.administration_link (translation ("View", Void), "role/" + a_role.id.out), primary_tabs)
add_to_menu (api.administration_link (translation ("Edit", Void), "role/" + a_role.id.out + "/edit"), primary_tabs)
add_to_menu (api.administration_link (translation ("Delete", Void), "role/" + a_role.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_role.name)
@@ -96,17 +111,13 @@ feature -- Process Delete
fd: detachable WSF_FORM_DATA
do
create b.make_empty
f := new_delete_form (a_role, request_url (Void), "edit-user")
f := new_delete_form (a_role, request_url (Void), "delete-user-role")
api.hooks.invoke_form_alter (f, fd, Current)
if request.is_post_request_method then
f.process (Current)
fd := f.last_data
end
if a_role.has_id then
add_to_menu (api.administration_link (translation ("View", Void), "role/" + a_role.id.out), primary_tabs)
add_to_menu (api.administration_link (translation ("Edit", Void), "role/" + a_role.id.out + "/edit"), primary_tabs)
add_to_menu (api.administration_link (translation ("Delete", Void), "role/" + a_role.id.out + "/delete"), primary_tabs)
end
if attached redirection as l_location then
-- FIXME: Hack for now
set_title (a_role.name)
@@ -348,9 +359,9 @@ feature -- Form
fs.extend (lab)
string_sorter.sort (l_permissions)
across l_permissions as ic loop
create cb.make_with_value ("cms_permissions", ic.item)
create cb.make_with_value ("cms_permissions", ic.item.to_string_32)
cb.set_checked (across l_role_permissions as rp_ic some rp_ic.item.is_case_insensitive_equal (ic.item) end)
cb.set_title (ic.item)
cb.set_title (ic.item.to_string_32)
fs.extend (cb)
end
end
@@ -389,7 +400,7 @@ feature -- Form
update_role (a_form_data: WSF_FORM_DATA; a_role: CMS_USER_ROLE)
-- Update node `a_node' with form_data `a_form_data' for the given content type `a_content_type'.
local
l_perm: READABLE_STRING_8
l_perm: READABLE_STRING_GENERAL
do
if attached a_form_data.string_item ("op") as f_op then
if f_op.is_case_insensitive_equal_general ("Update role") then
@@ -400,16 +411,16 @@ feature -- Form
then
if attached {WSF_STRING} a_form_data.item ("cms_permissions") as u_role then
a_role.permissions.wipe_out
a_role.add_permission (u_role.value)
a_role.add_permission (api.utf_8_encoded (u_role.value)) -- TODO: utf-8 or require valid string 8?
elseif attached {WSF_MULTIPLE_STRING} a_form_data.item ("cms_permissions") as u_permissions then
a_role.permissions.wipe_out
-- Enable checked permissions.
across
u_permissions as ic
loop
l_perm := ic.item.value.as_string_8
l_perm := ic.item.value
if not l_perm.is_whitespace then
a_role.add_permission (l_perm)
a_role.add_permission (api.utf_8_encoded (l_perm)) -- TODO: utf-8 or require valid string 8?
end
end
else
@@ -421,9 +432,9 @@ feature -- Form
l_cms_perms.values as ic
loop
if attached {WSF_STRING} ic.item as p then
l_perm := p.value.as_string_8
l_perm := p.value
if not l_perm.is_whitespace then
a_role.add_permission (l_perm)
a_role.add_permission (api.utf_8_encoded (l_perm))
end
end
end
modules/admin/handler/role/cms_role_handler.e
+4 -9
View File
@@ -81,10 +81,8 @@ feature -- HTTP Methods
l_uid: INTEGER_64
edit_response: CMS_ROLE_FORM_RESPONSE
view_response: CMS_ROLE_VIEW_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("admin roles") then
if api.has_permission ("admin roles") then
if req.percent_encoded_path_info.ends_with_general ("/edit") then
check valid_url: req.percent_encoded_path_info.starts_with_general (api.administration_path ("/role/")) end
create edit_response.make (req, res, api)
@@ -111,18 +109,15 @@ feature -- HTTP Methods
end
end
else
r.execute
send_access_denied (req, res)
end
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_ROLE_FORM_RESPONSE
r: CMS_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("admin roles") then
if api.has_permission ("admin roles") then
if req.percent_encoded_path_info.ends_with_general ("/edit") then
create edit_response.make (req, res, api)
edit_response.execute
@@ -138,7 +133,7 @@ feature -- HTTP Methods
edit_response.execute
end
else
r.execute
send_access_denied (req, res)
end
end
modules/admin/handler/role/cms_role_view_response.e
+4 -2
View File
@@ -45,7 +45,6 @@ feature -- Execution
end
end
append_html_to_output (a_role: CMS_USER_ROLE; a_response: CMS_RESPONSE )
local
lnk: CMS_LOCAL_LINK
@@ -66,12 +65,15 @@ feature -- Execution
lnk.set_weight (3)
a_response.add_to_primary_tabs (lnk)
end
lnk := api.administration_link (translation ("<< Roles", Void), "roles")
lnk.set_weight (10)
add_to_primary_tabs (lnk)
create s.make_empty
s.append ("<div class=%"info%"> ")
s.append ("<h4>Role Information</h4>")
s.append ("<p>Role:")
s.append (a_role.name)
s.append (html_encoded (a_role.name))
s.append ("</p>")
s.append ("<h4>Permissions:</h4>")
modules/admin/handler/user/cms_user_form_response.e → modules/admin/handler/user/cms_admin_user_form_response.e
+52 -11
View File
@@ -1,10 +1,10 @@
note
description: "Summary description for {CMS_USER_FORM_RESPONSE}."
description: "Summary description for {CMS_ADMIN_USER_FORM_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_FORM_RESPONSE
CMS_ADMIN_USER_FORM_RESPONSE
inherit
CMS_RESPONSE
@@ -152,18 +152,30 @@ feature -- Process New
set_main_content (b)
end
feature -- Form
feature -- Form
edit_form_submit (fd: WSF_FORM_DATA; a_user: detachable CMS_USER; b: STRING)
local
l_update_roles: BOOLEAN
l_update_user: BOOLEAN
l_update_password,
l_update_roles,
l_update_user,
l_save_user: BOOLEAN
l_user: detachable CMS_USER
s: STRING
lnk: CMS_LINK
do
l_update_password := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Update Password")
if l_update_password then
if a_user /= Void then
l_user := a_user
if l_user.has_id then
lnk := api.administration_link (translation ("View", Void),"user/" + l_user.id.out)
change_user (fd, a_user)
s := "modified"
set_redirection (lnk.location)
end
end
end
l_update_roles := attached {WSF_STRING} fd.item ("op") as l_op and then l_op.same_string ("Update user role")
if l_update_roles then
debug ("cms")
@@ -314,6 +326,7 @@ feature -- Form
-- and apply this to content type `a_content_type'.
local
ti: WSF_FORM_TEXT_INPUT
tp: WSF_FORM_PASSWORD_INPUT
fe: WSF_FORM_EMAIL_INPUT
fs: WSF_FORM_FIELD_SET
cb: WSF_FORM_CHECKBOX_INPUT
@@ -324,10 +337,10 @@ feature -- Form
create fs.make
fs.set_legend ("Basic User Account Information")
fs.extend_html_text ("<div><string><label>User name </label></strong><br></div>")
fs.extend_html_text (a_user.name)
fs.extend_raw_text (a_user.name)
if attached a_user.email as l_email then
create fe.make_with_text ("email", l_email)
create fe.make_with_text ("email", l_email.to_string_32)
else
create fe.make_with_text ("email", "")
end
@@ -350,6 +363,19 @@ feature -- Form
a_form.extend (ts)
a_form.extend_html_text ("<hr>")
if api.has_permission ("admin users") then
create fs.make
fs.set_legend ("Change Password")
create tp.make ("password")
tp.set_label ("Password")
tp.set_description ("Enter new password for the user.")
tp.set_size (20)
fs.extend (tp)
create ts.make ("op")
ts.set_default_value ("Update Password")
fs.extend (ts)
a_form.extend (fs)
end
create fs.make
fs.set_legend ("User Roles")
@@ -463,6 +489,21 @@ feature -- Form
else
a_form_data.report_error ("Missing User")
end
elseif f_op.is_case_insensitive_equal_general ("Update Password") then
if
attached a_form_data.string_item ("user-id") as l_user_id and then
attached {CMS_USER} api.user_api.user_by_id (l_user_id.to_integer) as l_user
then
if attached a_form_data.string_item ("password") as l_password and then not l_password.is_empty then
l_user.set_password (l_password)
api.user_api.update_user (l_user)
if not api.user_api.has_error then
add_success_message ("Updated user password")
end
else
a_form_data.report_invalid_field ("password", "Missing password value!")
end
end
elseif f_op.is_case_insensitive_equal_general ("Update user") then
if
attached a_form_data.string_item ("user-id") as l_user_id and then
@@ -477,7 +518,7 @@ feature -- Form
api.user_api.user_by_email (l_email) = Void
then
-- Valid email
a_user.set_email (l_email)
a_user.set_email (api.utf_8_encoded (l_email))
else
if attached l_user.email as u_email and then not u_email.is_case_insensitive_equal_general (l_email) then
a_form_data.report_invalid_field ("email", "Email already exist!")
@@ -516,13 +557,13 @@ feature -- Form
create u.make (l_username)
u.set_email (l_email.as_string_8)
u.set_password (new_random_password (u))
u.mark_active
api.user_api.new_user (u)
if api.user_api.has_error then
-- handle error
else
add_success_message ("Created user")
add_success_message ("Created user <a href=%"" + api.administration_path ("user/" + u.id.out) + "%">" + html_encoded (u.name) + "</a>")
end
else
a_form_data.report_invalid_field ("username", "Missing username!")
a_form_data.report_invalid_field ("email", "Missing email address!")
modules/admin/handler/user/cms_user_handler.e → modules/admin/handler/user/cms_admin_user_handler.e
+10 -14
View File
@@ -1,12 +1,12 @@
note
description: "[
Handler for a CMS user in the CMS interface
Administration handler for a CMS user in the CMS interface
]"
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_HANDLER
CMS_ADMIN_USER_HANDLER
inherit
CMS_HANDLER
@@ -79,12 +79,10 @@ feature -- HTTP Methods
local
l_user: detachable CMS_USER
l_uid: INTEGER_64
edit_response: CMS_USER_FORM_RESPONSE
view_response: CMS_USER_VIEW_RESPONSE
r: CMS_RESPONSE
edit_response: CMS_ADMIN_USER_FORM_RESPONSE
view_response: CMS_ADMIN_USER_VIEW_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("admin users") then
if api.has_permission ("admin users") then
if req.percent_encoded_path_info.ends_with_general ("/edit") then
check valid_url: req.percent_encoded_path_info.starts_with_general (api.administration_path ("/user/")) end
create edit_response.make (req, res, api)
@@ -111,18 +109,16 @@ feature -- HTTP Methods
end
end
else
r.execute
send_access_denied (req, res)
end
end
do_post (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_USER_FORM_RESPONSE
r: CMS_RESPONSE
edit_response: CMS_ADMIN_USER_FORM_RESPONSE
do
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("admin users") then
if api.has_permission ("admin users") then
if req.percent_encoded_path_info.ends_with_general ("/edit") then
create edit_response.make (req, res, api)
edit_response.execute
@@ -138,7 +134,7 @@ feature -- HTTP Methods
edit_response.execute
end
else
r.execute
send_access_denied (req, res)
end
end
@@ -190,7 +186,7 @@ feature {NONE} -- New User
create_new_user (req: WSF_REQUEST; res: WSF_RESPONSE)
local
edit_response: CMS_USER_FORM_RESPONSE
edit_response: CMS_ADMIN_USER_FORM_RESPONSE
do
if req.percent_encoded_path_info.starts_with (api.administration_path ("/add/user")) then
create edit_response.make (req, res, api)
modules/admin/handler/user/cms_user_view_response.e → modules/admin/handler/user/cms_admin_user_view_response.e
+8 -3
View File
@@ -1,10 +1,10 @@
note
description: "Summary description for {CMS_USER_VIEW_RESPONSE}."
description: "Summary description for {CMS_ADMIN_USER_VIEW_RESPONSE}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_VIEW_RESPONSE
CMS_ADMIN_USER_VIEW_RESPONSE
inherit
CMS_RESPONSE
@@ -27,7 +27,6 @@ feature -- Query
end
end
feature -- Execution
process
@@ -62,12 +61,18 @@ feature -- Execution
lnk.set_weight (2)
a_response.add_to_primary_tabs (lnk)
if a_user /= Void and then a_user.id > 0 then
lnk := api.administration_link (a_response.translation ("Delete", Void), "user/" + a_user.id.out + "/delete")
lnk.set_weight (3)
a_response.add_to_primary_tabs (lnk)
end
lnk := api.administration_link (a_response.translation ("<< Users", Void), "users")
lnk.set_weight (10)
a_response.add_to_primary_tabs (lnk)
-- FIXME: [04/aug/2015] use a CMS_FORM rather than hardcoded html.
-- So that other module may easily integrate them-selves to add information.
create s.make_empty
modules/admin/handler/user/cms_admin_users_handler.e
+2 -4
View File
@@ -7,7 +7,6 @@ class
CMS_ADMIN_USERS_HANDLER
inherit
CMS_HANDLER
WSF_URI_HANDLER
@@ -73,8 +72,7 @@ feature -- HTTP Methods
-- get them from the configuration file and load them into
-- the setup class.
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
if l_response.has_permission ("admin users") then
if api.has_permission ("admin users") then
user_api := api.user_api
l_count := user_api.users_count
@@ -157,7 +155,7 @@ feature -- HTTP Methods
l_response.set_main_content (s)
l_response.execute
else
l_response.execute
send_access_denied (req, res)
end
end
end
modules/admin/site/files/css/admin.css
+12
View File
@@ -41,6 +41,18 @@ ul.cms-roles li.cms_role a::before {
content: "[role] ";
}
table.cms-roles {
border: solid 1px black;
border-collapse: collapse;
}
table.cms-roles th, table.cms-roles td {
padding: 2px;
border: solid 1px black;
}
table.cms-roles td.cms_role_permission {
font-style: italic;
}
ul.cms-permissions {
list-style-type: none;
padding: 3px 3px 3px 3px;
modules/admin/site/files/scss/admin.scss
+8
View File
@@ -45,6 +45,14 @@ ul.cms-roles {
content: "[role] ";
}
}
table.cms-roles {
border: solid 1px black;
border-collapse: collapse;
th,td {padding: 2px; border: solid 1px black; }
td.cms_role_permission {
font-style: italic;
}
}
ul.cms-permissions {
modules/auth/auth.ecf
+2 -5
View File
@@ -3,13 +3,10 @@
<target name="auth_module">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="apis" location="$ISE_LIBRARY\contrib\library\web\authentication\oauth\cypress\consumer\apis\apis.ecf" readonly="false"/>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\cms.ecf" readonly="false"/>
modules/auth/cms_auth_strategy_filter.e
+29
View File
@@ -0,0 +1,29 @@
note
description: "Summary description for {CMS_AUTH_FILTER_WITH_LOGOUT}."
author: ""
date: "$Date$"
revision: "$Revision$"
deferred class
CMS_AUTH_STRATEGY_FILTER
inherit
CMS_AUTH_FILTER
redefine
set_current_user
end
feature -- Basic operations
auth_strategy: STRING
deferred
end
set_current_user (u: CMS_USER)
do
Precursor (u)
-- Record auth strategy:
api.set_execution_variable ({CMS_AUTHENTICATION_MODULE}.auth_strategy_execution_variable_name, auth_strategy)
end
end
modules/auth/cms_authentication_api.e
+113
View File
@@ -0,0 +1,113 @@
note
description: "Summary description for {CMS_AUTHENTICATION_API}."
author: ""
date: "$Date$"
revision: "$Revision$"
class
CMS_AUTHENTICATION_API
inherit
CMS_AUTH_API_I
create {CMS_AUTHENTICATION_MODULE}
make
feature -- Token Generation
register_user (u: CMS_TEMP_USER; a_email: READABLE_STRING_8; a_personal_information: READABLE_STRING_GENERAL)
local
l_user_api: CMS_USER_API
l_url_activate: STRING
l_url_reject: STRING
l_token: STRING
es: CMS_AUTHENTICATION_EMAIL_SERVICE
do
l_user_api := cms_api.user_api
-- New temp user
u.set_personal_information (a_personal_information)
l_user_api.new_temp_user (u)
-- Create activation token
l_token := new_token
l_user_api.new_activation (l_token, u.id)
l_url_activate := cms_api.absolute_url ("/account/activate/" + l_token, Void)
l_url_reject := cms_api.absolute_url ("/account/reject/" + l_token, Void)
-- Send Email to webmaster
cms_api.log_debug ("registration", "send_register_email", Void)
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (cms_api))
es.send_account_evaluation (u, a_personal_information, l_url_activate, l_url_reject, cms_api.absolute_url ("", Void))
-- Send Email to user
cms_api.log_debug ("registration", "send_contact_email", Void)
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (cms_api))
es.send_contact_email (a_email, u, cms_api.absolute_url ("", Void))
cms_api.log ("registration", {STRING_32} "new user %"" + u.name + "%" <" + a_email + ">", {CMS_LOG}.level_info, Void)
end
activate_user (a_temp_user: CMS_TEMP_USER; a_token: READABLE_STRING_GENERAL)
require
a_temp_user.has_id
not a_temp_user.is_active
local
l_user_api: CMS_USER_API
l_temp_id: INTEGER_64
es: CMS_AUTHENTICATION_EMAIL_SERVICE
do
l_temp_id := a_temp_user.id
-- Valid user_id
a_temp_user.set_id (0)
a_temp_user.mark_active
l_user_api := cms_api.user_api
l_user_api.new_user_from_temp_user (a_temp_user)
if
not l_user_api.has_error and then
attached l_user_api.user_by_name (a_temp_user.name) as l_new_user
then
if attached a_temp_user.personal_information as l_perso_info then
-- Keep personal information in profile item!
l_user_api.save_user_profile_item (l_new_user, "personal_information", l_perso_info)
end
-- Delete temporal User
a_temp_user.set_id (l_temp_id)
l_user_api.delete_temp_user (a_temp_user)
l_user_api.remove_activation (a_token)
-- Send Email
if attached l_new_user.email as l_email then
cms_api.log_debug ("activation", "send_contact_activation_confirmation_email", Void)
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (cms_api))
es.send_contact_activation_confirmation_email (l_email, l_new_user, cms_api.site_url)
end
else
error_handler.add_custom_error (-1, "activation error", "Activation failed!")
end
end
new_token: STRING
-- Generate a new token activation token
local
l_token: STRING
l_security: SECURITY_PROVIDER
l_encode: URL_ENCODER
do
create l_security
l_token := l_security.token
create l_encode
from
until
l_token.same_string (l_encode.encoded_string (l_token))
loop
-- Loop ensure that we have a security token that does not contain characters that need encoding.
-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
-- but the user will need to use an unencoded token if activation has to be done manually.
l_token := l_security.token
end
Result := l_token
end
end
modules/auth/cms_authentication_email_service.e
+2 -2
View File
@@ -81,7 +81,7 @@ feature -- Basic Operations / Internal
feature -- Basic Operations / Contact
send_account_evaluation (a_user: CMS_USER; a_application, a_url_activate, a_url_reject, a_host: READABLE_STRING_8)
send_account_evaluation (a_user: CMS_USER; a_application: READABLE_STRING_GENERAL; a_url_activate, a_url_reject, a_host: READABLE_STRING_8)
-- Send new user register to webmaster to confirm or reject itt.
local
l_message: STRING
@@ -95,7 +95,7 @@ feature -- Basic Operations / Contact
else
l_message.replace_substring_all ("$email", "unknown email")
end
l_message.replace_substring_all ("$application", a_application)
l_message.replace_substring_all ("$application", cms_api.utf_8_encoded (a_application))
l_message.replace_substring_all ("$activation_url", a_url_activate)
l_message.replace_substring_all ("$rejection_url", a_url_reject)
send_message (contact_email_address, contact_email_address, parameters.contact_subject_account_evaluation, l_message)
modules/auth/cms_authentication_email_service_parameters.e
+5 -6
View File
@@ -13,7 +13,6 @@ feature {NONE} -- Initialization
make (a_cms_api: CMS_API)
local
utf: UTF_CONVERTER
s: detachable READABLE_STRING_32
l_utf8_site_name: IMMUTABLE_STRING_8
l_contact_email, l_subject_register, l_subject_activate, l_subject_password, l_subject_oauth: detachable READABLE_STRING_8
@@ -31,23 +30,23 @@ feature {NONE} -- Initialization
if attached a_cms_api.module_configuration_by_name ({CMS_AUTHENTICATION_MODULE}.name, Void) as cfg then
s := cfg.text_item ("email")
if s /= Void then
l_contact_email := utf.utf_32_string_to_utf_8_string_8 (s)
l_contact_email := cms_api.utf_8_encoded (s)
end
s := cfg.text_item ("subject_register")
if s /= Void then
l_subject_register := utf.utf_32_string_to_utf_8_string_8 (s)
l_subject_register := cms_api.utf_8_encoded (s)
end
s := cfg.text_item ("subject_activate")
if s /= Void then
l_subject_register := utf.utf_32_string_to_utf_8_string_8 (s)
l_subject_register := cms_api.utf_8_encoded (s)
end
s := cfg.text_item ("subject_password")
if s /= Void then
l_subject_register := utf.utf_32_string_to_utf_8_string_8 (s)
l_subject_register := cms_api.utf_8_encoded (s)
end
s := cfg.text_item ("subject_oauth")
if s /= Void then
l_subject_oauth := utf.utf_32_string_to_utf_8_string_8 (s)
l_subject_oauth := cms_api.utf_8_encoded (s)
end
end
if l_contact_email = Void then
modules/auth/cms_authentication_module.e
+259 -231
View File
@@ -8,12 +8,18 @@ class
inherit
CMS_MODULE
rename
module_api as auth_api
redefine
initialize,
setup_hooks,
permissions
permissions,
auth_api
end
CMS_ADMINISTRABLE
CMS_WITH_MODULE_ADMINISTRATION
CMS_WITH_WEBAPI
CMS_HOOK_AUTO_REGISTER
@@ -52,6 +58,15 @@ feature {NONE} -- Initialization
enable -- Is enabled by default
end
feature {CMS_API} -- Initialization
initialize (api: CMS_API)
-- <PRecursor>
do
create auth_api.make (api)
Precursor (api)
end
feature -- Access
name: STRING = "auth"
@@ -64,9 +79,14 @@ feature -- Access
Result.force ("account activate")
Result.force ("account reject")
Result.force ("account reactivate")
Result.force ("edit own account")
Result.force ("change own username")
Result.force ("change own password")
Result.force ("view users")
end
auth_api: detachable CMS_AUTHENTICATION_API
feature {CMS_EXECUTION} -- Administration
administration: CMS_AUTHENTICATION_MODULE_ADMINISTRATION
@@ -74,6 +94,13 @@ feature {CMS_EXECUTION} -- Administration
create Result.make (Current)
end
feature -- Webapi
webapi: CMS_AUTHENTICATION_MODULE_WEBAPI
do
create Result.make (Current)
end
feature -- Access: docs
root_dir: PATH
@@ -98,10 +125,12 @@ feature -- Router
setup_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
configure_web (a_api, a_router)
if attached auth_api as l_auth_api then
configure_web (l_auth_api, a_router)
end
end
configure_web (a_api: CMS_API; a_router: WSF_ROUTER)
configure_web (a_api: CMS_AUTHENTICATION_API; a_router: WSF_ROUTER)
local
m: WSF_URI_MAPPING
do
@@ -203,25 +232,72 @@ feature -- Hooks configuration
end
end
feature -- Handler / Constants
auth_strategy_execution_variable_name: STRING = "auth_strategy"
-- Exevc
auth_strategy (req: WSF_REQUEST): detachable READABLE_STRING_8
-- Strategy used by current authentication.
-- note: if user is authenticated..
do
if
attached {READABLE_STRING_GENERAL} req.execution_variable (auth_strategy_execution_variable_name) as s and then
s.is_valid_as_string_8
then
Result := s.to_string_8
end
end
feature -- Handler
handle_account (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
view_account_form_id: STRING = "roccms-user-view"
edit_account_form_id: STRING = "roccms-user-edit"
handle_account (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
l_user: detachable CMS_USER
b: STRING
lnk: CMS_LOCAL_LINK
f: CMS_FORM
tf: WSF_FORM_TEXT_INPUT
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
create b.make_empty
l_user := r.user
if attached smarty_template_block (Current, "account_info", api) as l_tpl_block then
create f.make (r.location, view_account_form_id)
if attached smarty_template_block (Current, "account_info", a_auth_api.cms_api) as l_tpl_block then
l_tpl_block.set_weight (-10)
r.add_block (l_tpl_block, "content")
else
debug ("cms")
r.add_warning_message ("Error with block [resources_page]")
end
if l_user /= Void then
create tf.make_with_text ("username", l_user.name)
tf.set_label ("Username")
f.extend (tf)
if attached l_user.email as l_email then
create tf.make_with_text ("email", l_email.to_string_32)
tf.set_label ("Email")
f.extend (tf)
end
if attached l_user.profile_name as l_prof_name then
create tf.make_with_text ("profile_name", l_prof_name)
tf.set_label ("Profile name")
f.extend (tf)
end
create tf.make_with_text ("creation", a_auth_api.cms_api.formatted_date_time_yyyy_mm_dd (l_user.creation_date))
tf.set_label ("Creation date")
f.extend (tf)
if attached l_user.last_login_date as dt then
create tf.make_with_text ("last_login", a_auth_api.cms_api.formatted_date_time_ago (dt))
tf.set_label ("Last login")
f.extend (tf)
end
end
end
if r.is_authenticated then
@@ -229,11 +305,16 @@ feature -- Handler
lnk.set_weight (1)
r.add_to_primary_tabs (lnk)
create lnk.make ("Edit", "account/edit")
lnk.set_weight (2)
r.add_to_primary_tabs (lnk)
if r.has_permission ("edit own account") then
create lnk.make ("Edit", "account/edit")
lnk.set_weight (2)
r.add_to_primary_tabs (lnk)
end
end
a_auth_api.cms_api.hooks.invoke_form_alter (f, Void, r)
f.append_to_html (r.wsf_theme, b)
r.set_main_content (b)
if l_user = Void then
@@ -242,67 +323,80 @@ feature -- Handler
r.execute
end
handle_edit_account (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_edit_account (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
l_user: detachable CMS_USER
b: STRING
lnk: CMS_LOCAL_LINK
l_form: CMS_FORM
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create b.make_empty
l_user := r.user
if attached smarty_template_block (Current, "account_edit", api) as l_tpl_block then
l_tpl_block.set_weight (-10)
r.add_block (l_tpl_block, "content")
else
debug ("cms")
r.add_warning_message ("Error with block [resources_page]")
if a_auth_api.cms_api.has_permission ("edit own account") then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
create b.make_empty
l_user := r.user
create l_form.make (r.location, edit_account_form_id)
if attached smarty_template_block (Current, "account_edit", a_auth_api.cms_api) as l_tpl_block then
l_tpl_block.set_weight (-10)
r.add_block (l_tpl_block, "content")
else
debug ("cms")
r.add_warning_message ("Error with block [resources_page]")
end
-- Build CMS form...
end
end
create lnk.make ("View", "account/")
lnk.set_weight (1)
r.add_to_primary_tabs (lnk)
create lnk.make ("View", "account/")
lnk.set_weight (1)
r.add_to_primary_tabs (lnk)
create lnk.make ("Edit", "account/edit")
lnk.set_weight (2)
r.add_to_primary_tabs (lnk)
create lnk.make ("Edit", "account/edit")
lnk.set_weight (2)
r.add_to_primary_tabs (lnk)
if
r.has_permission ("change own username") and then
attached new_change_username_form (r) as f
then
f.append_to_html (r.wsf_theme, b)
end
if attached new_change_profile_name_form (r) as f then
f.append_to_html (r.wsf_theme, b)
end
if attached new_change_password_form (r) as f then
f.append_to_html (r.wsf_theme, b)
end
if attached new_change_email_form (r) as f then
f.append_to_html (r.wsf_theme, b)
end
if
r.has_permission ("change own username") and then
attached new_change_username_form (r) as f
then
f.append_to_html (r.wsf_theme, b)
end
if attached new_change_profile_name_form (r) as f then
f.append_to_html (r.wsf_theme, b)
end
r.set_main_content (b)
if
r.has_permission ("change own password") and then
attached new_change_password_form (r) as f
then
f.append_to_html (r.wsf_theme, b)
end
if attached new_change_email_form (r) as f then
f.append_to_html (r.wsf_theme, b)
end
if l_user = Void then
r.set_redirection ("account")
l_form.append_to_html (r.wsf_theme, b)
r.set_main_content (b)
if l_user = Void then
r.set_redirection ("account")
end
r.execute
else
a_auth_api.cms_api.response_api.send_access_denied ("Can not edit your acocunt", req, res)
end
r.execute
end
handle_login (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_login (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
do
if api.user_is_authenticated then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if a_auth_api.cms_api.user_is_authenticated then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
r.set_redirection ("account")
r.execute
elseif attached api.module_by_name ("session_auth") then
elseif attached a_auth_api.cms_api.module_by_name ("session_auth") then
-- FIXME: find better solution to support a default login system.
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if attached {WSF_STRING} req.item ("destination") as l_destination then
r.set_redirection ("account/auth/roc-session-login?destination=" + l_destination.url_encoded_value)
else
@@ -311,9 +405,9 @@ feature -- Handler
r.execute
elseif attached api.module_by_name ("basic_auth") then
elseif attached a_auth_api.cms_api.module_by_name ("basic_auth") then
-- FIXME: find better solution to support a default login system.
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if attached {WSF_STRING} req.item ("destination") as l_destination then
r.set_redirection ("account/auth/roc-basic-login?destination=" + l_destination.url_encoded_value)
else
@@ -322,18 +416,18 @@ feature -- Handler
r.execute
else
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
r.execute
end
end
handle_logout (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_logout (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
loc: STRING
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if attached {READABLE_STRING_8} api.execution_variable ("auth_strategy") as l_auth_strategy then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if attached auth_strategy (req) as l_auth_strategy then
loc := l_auth_strategy
else
loc := ""
@@ -346,8 +440,9 @@ feature -- Handler
r.execute
end
handle_register (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_register (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
f: CMS_FORM
r: CMS_RESPONSE
l_user_api: CMS_USER_API
u: CMS_TEMP_USER
@@ -359,127 +454,94 @@ feature -- Handler
l_captcha_passed: BOOLEAN
l_email: READABLE_STRING_8
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("account register") then
if req.is_post_request_method then
if
attached {WSF_STRING} req.form_parameter ("name") as l_name and then
attached {WSF_STRING} req.form_parameter ("password") as l_password and then
attached {WSF_STRING} req.form_parameter ("email") as p_email and then
attached {WSF_STRING} req.form_parameter ("personal_information") as l_personal_information
then
if p_email.value.is_valid_as_string_8 then
l_email := p_email.value.to_string_8
l_user_api := api.user_api
if attached l_user_api.user_by_name (l_name.value) or else attached l_user_api.temp_user_by_name (l_name.value) then
-- Username already exist.
r.set_value ("User name already exists!", "error_name")
l_exist := True
end
if attached l_user_api.user_by_email (l_email) or else attached l_user_api.temp_user_by_email (l_email) then
-- Email already exists.
r.set_value ("An account is already associated with that email address!", "error_email")
l_exist := True
end
if attached recaptcha_secret_key (api) as l_recaptcha_key then
if attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then is_captcha_verified (l_recaptcha_key, l_recaptcha_response.value) then
l_captcha_passed := True
else
--| Bad or missing captcha
l_captcha_passed := False
end
else
--| reCaptcha is not setup, so no verification
if
a_auth_api.cms_api.has_permission ("account register") and then
req.is_post_request_method
then
create f.make (req.percent_encoded_path_info, "roccms-user-register")
f.extend_text_field ("name", Void)
f.extend_password_field ("password", Void)
f.extend_text_field ("email", Void)
f.extend_text_field ("personal_information", Void)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
f.process (r)
if
attached f.last_data as fd and then not fd.has_error and then
attached fd.string_item ("name") as l_name and then
attached fd.string_item ("password") as l_password and then
attached fd.string_item ("email") as s_email and then
attached fd.string_item ("personal_information") as l_personal_information
then
if s_email.is_valid_as_string_8 then
l_email := s_email.to_string_8
l_user_api := a_auth_api.cms_api.user_api
if attached l_user_api.user_by_name (l_name) or else attached l_user_api.temp_user_by_name (l_name) then
-- Username already exist.
r.set_value ("User name already exists!", "error_name")
l_exist := True
end
if attached l_user_api.user_by_email (l_email) or else attached l_user_api.temp_user_by_email (l_email) then
-- Email already exists.
r.set_value ("An account is already associated with that email address!", "error_email")
l_exist := True
end
if attached recaptcha_secret_key (a_auth_api.cms_api) as l_recaptcha_key then
if attached {WSF_STRING} req.form_parameter ("g-recaptcha-response") as l_recaptcha_response and then is_captcha_verified (l_recaptcha_key, l_recaptcha_response.url_encoded_value) then
l_captcha_passed := True
end
if not l_exist then
-- New temp user
create u.make (l_name.value)
u.set_email (l_email)
u.set_password (l_password.value)
u.set_personal_information (l_personal_information.value)
l_user_api.new_temp_user (u)
-- Create activation token
l_token := new_token
l_user_api.new_activation (l_token, u.id)
l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
-- Send Email to webmaster
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_register_email")
es.send_account_evaluation (u, l_personal_information.value, l_url_activate, l_url_reject, req.absolute_script_url (""))
-- Send Email to user
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_contact_email")
es.send_contact_email (l_email, u, req.absolute_script_url (""))
else
r.set_value (l_name.value, "name")
r.set_value (l_email, "email")
r.set_value (l_personal_information.value, "personal_information")
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
--| Bad or missing captcha
l_captcha_passed := False
end
else
r.set_value (l_name.value, "name")
r.set_value (p_email.value, "email")
r.set_value (l_personal_information.value, "personal_information")
--| reCaptcha is not setup, so no verification
l_captcha_passed := True
end
if l_captcha_passed and then not l_exist then
-- New temp user
create u.make (l_name)
u.set_email (l_email)
u.set_password (l_password)
u.set_personal_information (l_personal_information)
a_auth_api.register_user (u, l_email, l_personal_information)
else
r.set_value (l_name, "name")
r.set_value (l_email, "email")
r.set_value (l_personal_information, "personal_information")
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
end
else
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("There were issue with your application, invalid or missing values.")
r.set_value (l_name, "name")
r.set_value (l_email, "email")
r.set_value (l_personal_information, "personal_information")
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
end
r.execute
else
a_auth_api.cms_api.response_api.send_bad_request ("There were issue with your application, invalid or missing values.", req, res)
end
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.set_main_content ("You can also contact the webmaster to ask for an account.")
a_auth_api.cms_api.response_api.send_permissions_access_denied ("You can also contact the webmaster to ask for an account.", Void, req, res)
end
r.execute
end
handle_activation (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_activation (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
l_user_api: CMS_USER_API
l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
es: CMS_AUTHENTICATION_EMAIL_SERVICE
l_temp_id: INTEGER_64
do
if api.has_permission ("account activate") then
l_user_api := api.user_api
if a_auth_api.cms_api.has_permission ("account activate") then
l_user_api := a_auth_api.cms_api.user_api
if attached {WSF_STRING} req.path_parameter ("token") as l_token then
if attached {CMS_TEMP_USER} l_user_api.temp_user_by_activation_token (l_token.value) as l_temp_user then
-- TODO copy the personal information
--! to CMS_USER_PROFILE and persist data
--! check also CMS_USER.data_items
l_temp_id := l_temp_user.id
-- Valid user_id
l_temp_user.set_id (0)
l_temp_user.mark_active
l_user_api.new_user_from_temp_user (l_temp_user)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
a_auth_api.activate_user (l_temp_user, l_token.value)
if
not l_user_api.has_error and then
not a_auth_api.has_error and then
attached l_user_api.user_by_name (l_temp_user.name) as l_new_user
then
-- Delete temporal User
l_temp_user.set_id (l_temp_id)
l_user_api.delete_temp_user (l_temp_user)
l_user_api.remove_activation (l_token.value)
r.set_main_content ("<p> The account <i>" + html_encoded (l_new_user.name) + "</i> has been activated</p>")
-- Send Email
if attached l_new_user.email as l_email then
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_contact_activation_confirmation_email")
es.send_contact_activation_confirmation_email (l_email, l_new_user, req.absolute_script_url (""))
end
r.set_main_content ("<p> The account <i>" + a_auth_api.cms_api.user_html_link (l_new_user) + "</i> has been activated</p>")
else
-- Failure!!!
r.set_status_code ({HTTP_CONSTANTS}.internal_server_error)
@@ -489,39 +551,37 @@ feature -- Handler
end
end
else -- the token does not exist, or it was already used.
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
r.set_main_content ("<p>The token <i>" + l_token.value + "</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
end
r.execute
else
create l_ir.make (req, res, api)
l_ir.execute
(create {INTERNAL_SERVER_ERROR_CMS_RESPONSE}.make (req, res, a_auth_api.cms_api)).execute
end
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.execute
a_auth_api.cms_api.response_api.send_access_denied (Void, req, res)
end
end
handle_reject (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_reject (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
es: CMS_AUTHENTICATION_EMAIL_SERVICE
l_ir: INTERNAL_SERVER_ERROR_CMS_RESPONSE
l_user_api: CMS_USER_API
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if r.has_permission ("account reject") then
if attached {WSF_STRING} req.path_parameter ("token") as l_token then
l_user_api := api.user_api
l_user_api := a_auth_api.cms_api.user_api
if attached {CMS_TEMP_USER} l_user_api.temp_user_by_activation_token (l_token.value) as l_user then
l_user_api.delete_temp_user (l_user)
r.set_main_content ("<p> The temporal account for <i>" + html_encoded (l_user.name) + "</i> has been removed</p>")
-- Send Email
if attached l_user.email as l_email then
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (a_auth_api.cms_api))
write_debug_log (generator + ".handle register: send_contact_activation_reject_email")
es.send_contact_activation_reject_email (l_email, l_user, req.absolute_script_url (""))
end
@@ -532,16 +592,15 @@ feature -- Handler
end
r.execute
else
create l_ir.make (req, res, api)
create l_ir.make (req, res, a_auth_api.cms_api)
l_ir.execute
end
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.execute
a_auth_api.cms_api.response_api.send_access_denied (Void, req, res)
end
end
handle_reactivation (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_reactivation (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
es: CMS_AUTHENTICATION_EMAIL_SERVICE
@@ -551,26 +610,26 @@ feature -- Handler
l_url_reject: STRING
l_email: READABLE_STRING_8
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if r.has_permission ("account reactivate") then
if a_auth_api.cms_api.has_permission ("account reactivate") then
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if req.is_post_request_method then
if attached {WSF_STRING} req.form_parameter ("email") as p_email then
if p_email.value.is_valid_as_string_8 then
l_email := p_email.value.to_string_8
l_user_api := api.user_api
l_user_api := a_auth_api.cms_api.user_api
if attached {CMS_TEMP_USER} l_user_api.temp_user_by_email (l_email) as l_user then
-- User exist create a new token and send a new email.
if l_user.is_active then
r.set_value ("The asociated user to the given email " + l_email + " , is already active", "is_active")
r.set_status_code ({HTTP_CONSTANTS}.bad_request)
else
l_token := new_token
l_token := a_auth_api.new_token
l_user_api.new_activation (l_token, l_user.id)
l_url_activate := req.absolute_script_url ("/account/activate/" + l_token)
l_url_reject := req.absolute_script_url ("/account/reject/" + l_token)
-- Send Email to webmaster
if attached l_user.personal_information as l_personal_information then
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (a_auth_api.cms_api))
write_debug_log (generator + ".handle register: send_register_email")
es.send_account_evaluation (l_user, l_personal_information, l_url_activate, l_url_reject, req.absolute_script_url (""))
end
@@ -587,14 +646,13 @@ feature -- Handler
end
end
end
else
create {FORBIDDEN_ERROR_CMS_RESPONSE} r.make (req, res, api)
r.execute
else
a_auth_api.cms_api.response_api.send_access_denied (Void, req, res)
end
r.execute
end
handle_new_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_new_password (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
es: CMS_AUTHENTICATION_EMAIL_SERVICE
@@ -603,20 +661,20 @@ feature -- Handler
l_url: STRING
l_email: READABLE_STRING_8
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if req.is_post_request_method then
l_user_api := api.user_api
l_user_api := a_auth_api.cms_api.user_api
if attached {WSF_STRING} req.form_parameter ("email") as p_email then
if p_email.value.is_valid_as_string_8 then
l_email := p_email.value.to_string_8
if attached {CMS_USER} l_user_api.user_by_email (l_email) as l_user then
-- User exist create a new token and send a new email.
l_token := new_token
l_token := a_auth_api.new_token
l_user_api.new_password (l_token, l_user.id)
l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token)
-- Send Email
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (a_auth_api.cms_api))
write_debug_log (generator + ".handle register: send_contact_password_email")
es.send_contact_password_email (l_email, l_user, l_url, req.absolute_script_url (""))
else
@@ -635,12 +693,12 @@ feature -- Handler
attached l_user.email as l_user_email
then
-- User exist create a new token and send a new email.
l_token := new_token
l_token := a_auth_api.new_token
l_user_api.new_password (l_token, l_user.id)
l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token)
-- Send Email
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (a_auth_api.cms_api))
write_debug_log (generator + ".handle register: send_contact_password_email")
es.send_contact_password_email (l_user_email, l_user, l_url, req.absolute_script_url (""))
else
@@ -653,13 +711,13 @@ feature -- Handler
r.execute
end
handle_reset_password (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_reset_password (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
l_user_api: CMS_USER_API
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
l_user_api := api.user_api
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
l_user_api := a_auth_api.cms_api.user_api
if attached {WSF_STRING} req.query_parameter ("token") as l_token then
r.set_value (l_token.value, "token")
if l_user_api.user_by_password_token (l_token.value) = Void then
@@ -687,7 +745,7 @@ feature -- Handler
r.execute
end
handle_change_field (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
handle_change_field (a_auth_api: CMS_AUTHENTICATION_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
l_user_api: CMS_USER_API
@@ -700,9 +758,9 @@ feature -- Handler
l_fieldname := p_field.url_encoded_value
end
if l_fieldname = Void then
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, api)
a_auth_api.cms_api.response_api.send_bad_request (Void, req, res)
else
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_auth_api.cms_api)
if r.is_authenticated then
create lnk.make ("View", "account/")
@@ -714,7 +772,7 @@ feature -- Handler
r.add_to_primary_tabs (lnk)
end
l_user_api := api.user_api
l_user_api := a_auth_api.cms_api.user_api
if req.is_post_request_method then
if attached r.user as l_user then
if l_fieldname.is_case_insensitive_equal ("password") then
@@ -761,7 +819,7 @@ feature -- Handler
not fd.has_error and then
attached fd.string_item ("new_profile_name") as l_new_profile_name
then
check api.user_api.is_valid_profile_name (l_new_profile_name) end
check a_auth_api.cms_api.user_api.is_valid_profile_name (l_new_profile_name) end
l_user.set_profile_name (l_new_profile_name)
l_user_api.update_user (l_user)
r.add_success_message ("Profile name updated.")
@@ -772,7 +830,7 @@ feature -- Handler
r.set_main_content (f.to_html (r.wsf_theme))
end
elseif l_fieldname.is_case_insensitive_equal ("username") then
if api.has_permission ("change own username") then
if a_auth_api.cms_api.has_permission ("change own username") then
f := new_change_username_form (r)
f.process (r)
if
@@ -780,8 +838,8 @@ feature -- Handler
not fd.has_error and then
attached fd.string_item ("new_username") as l_new_username
then
check api.user_api.is_valid_username (l_new_username) end
check api.user_api.user_by_name (l_new_username) = Void end
check a_auth_api.cms_api.user_api.is_valid_username (l_new_username) end
check a_auth_api.cms_api.user_api.user_by_name (l_new_username) = Void end
l_user_api.update_username (l_user, l_new_username)
r.add_success_message ("Username updated.")
@@ -807,15 +865,15 @@ feature -- Handler
f := new_change_email_form (r)
f.append_to_html (r.wsf_theme, b)
elseif l_fieldname.is_case_insensitive_equal_general ("new_username") then
if api.has_permission ("change own username") then
if a_auth_api.cms_api.has_permission ("change own username") then
f := new_change_username_form (r)
f.append_to_html (r.wsf_theme, b)
end
end
r.set_main_content (b)
end
r.execute
end
r.execute
end
block_list: ITERABLE [like {CMS_BLOCK}.name]
@@ -946,30 +1004,6 @@ feature -- Handler
fs.extend_html_text ("<button type=%"submit%">Confirm</button>")
end
feature {NONE} -- Token Generation
new_token: STRING
-- Generate a new token activation token
local
l_token: STRING
l_security: SECURITY_PROVIDER
l_encode: URL_ENCODER
do
create l_security
l_token := l_security.token
create l_encode
from
until
l_token.same_string (l_encode.encoded_string (l_token))
loop
-- Loop ensure that we have a security token that does not contain characters that need encoding.
-- We cannot simply to an encode-decode because the email sent to the user will contain an encoded token
-- but the user will need to use an unencoded token if activation has to be done manually.
l_token := l_security.token
end
Result := l_token
end
feature {NONE} -- Block views
get_block_view_register (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE)
@@ -1118,36 +1152,30 @@ feature -- Access: configuration
form_registration_application_description (api: CMS_API): detachable READABLE_STRING_8
-- Get recaptcha security key.
local
utf: UTF_CONVERTER
do
if attached api.module_configuration (Current, Void) as cfg then
if attached cfg.text_item ("forms.registration.application_description") as l_desc and then not l_desc.is_whitespace then
Result := utf.utf_32_string_to_utf_8_string_8 (l_desc)
Result := api.utf_8_encoded (l_desc)
end
end
end
recaptcha_secret_key (api: CMS_API): detachable READABLE_STRING_8
-- Get recaptcha security key.
local
utf: UTF_CONVERTER
do
if attached api.module_configuration (Current, Void) as cfg then
if attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
Result := api.utf_8_encoded (l_recaptcha_key)
end
end
end
recaptcha_site_key (api: CMS_API): detachable READABLE_STRING_8
-- Get recaptcha security key.
local
utf: UTF_CONVERTER
do
if attached api.module_configuration (Current, Void) as cfg then
if attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then not l_recaptcha_key.is_empty then
Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
Result := api.utf_8_encoded (l_recaptcha_key)
end
end
end
modules/auth/cms_authentication_module_administration.e
+2 -3
View File
@@ -54,9 +54,8 @@ feature -- Request handling
-- get them from the configuration file and load them into
-- the setup class.
create {FORBIDDEN_ERROR_CMS_RESPONSE} l_response.make (req, res, api)
if
l_response.has_permission ("admin registration")
api.has_permission ("admin registration")
then
l_user_api := api.user_api
@@ -127,7 +126,7 @@ feature -- Request handling
l_response.set_main_content (s)
l_response.execute
else
l_response.execute
api.response_api.send_access_denied (Void, req, res)
end
end
modules/auth/cms_authentication_module_webapi.e
+38
View File
@@ -0,0 +1,38 @@
note
description: "Summary description for {CMS_AUTHENTICATION_MODULE_WEBAPI}."
author: ""
date: "$Date$"
revision: "$Revision$"
class
CMS_AUTHENTICATION_MODULE_WEBAPI
inherit
CMS_MODULE_WEBAPI [CMS_AUTHENTICATION_MODULE]
redefine
permissions
end
create
make
feature -- Security
permissions: LIST [READABLE_STRING_8]
-- List of permission ids, used by this module, and declared.
do
Result := Precursor
Result.force ("account register")
end
feature {NONE} -- Router/administration
setup_webapi_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
if attached module.auth_api as l_auth_api then
a_router.handle ("/account/register", create {CMS_USER_REGISTER_WEBAPI_HANDLER}.make_with_auth_api (l_auth_api), a_router.methods_post)
end
end
end
modules/auth/cms_user_register_webapi_handler.e
+114
View File
@@ -0,0 +1,114 @@
note
description: "Summary description for {CMS_USER_REGISTER_WEBAPI_HANDLER}."
date: "$Date$"
revision: "$Revision$"
class
CMS_USER_REGISTER_WEBAPI_HANDLER
inherit
CMS_WEBAPI_HANDLER
WSF_URI_HANDLER
create
make_with_auth_api
feature {NONE} -- Initialization
make_with_auth_api (a_auth_api: CMS_AUTHENTICATION_API)
do
auth_api := a_auth_api
make (a_auth_api.cms_api)
end
auth_api: CMS_AUTHENTICATION_API
feature -- Execution
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute handler for `req' and respond in `res'.
do
if req.is_post_request_method then
register_user (req, res)
else
new_bad_request_error_response (Void, req, res).execute
end
end
register_user (req: WSF_REQUEST; res: WSF_RESPONSE)
local
f: CMS_FORM
rep: like new_response
l_user_api: CMS_USER_API
u: CMS_TEMP_USER
l_exist: BOOLEAN
l_url_activate: STRING
l_url_reject: STRING
l_token: STRING
l_captcha_passed: BOOLEAN
l_email: READABLE_STRING_8
do
if
api.has_permission ("account register") and then
req.is_post_request_method
then
create f.make (req.percent_encoded_path_info, "roccms-user-register")
f.extend_text_field ("name", Void)
f.extend_password_field ("password", Void)
f.extend_text_field ("email", Void)
f.extend_text_field ("personal_information", Void)
rep := new_response (req, res)
f.process (rep)
if
attached f.last_data as fd and then not fd.has_error and then
attached fd.string_item ("name") as l_name and then
attached fd.string_item ("password") as l_password and then
attached fd.string_item ("email") as s_email and then
attached fd.string_item ("personal_information") as l_personal_information
then
if s_email.is_valid_as_string_8 then
l_email := s_email.to_string_8
l_user_api := api.user_api
if attached l_user_api.user_by_name (l_name) or else attached l_user_api.temp_user_by_name (l_name) then
-- Username already exists.
fd.report_invalid_field ("name", "User name already exists!")
l_exist := True
end
if attached l_user_api.user_by_email (l_email) or else attached l_user_api.temp_user_by_email (l_email) then
-- Email already exists.
fd.report_invalid_field ("email", "An account is already associated with that email address!")
l_exist := True
end
if fd.has_error or l_exist then
rep := new_bad_request_error_response ("User name or email is already taken!", req, res)
else
-- New temp user
create u.make (l_name)
u.set_email (l_email)
u.set_password (l_password)
u.set_personal_information (l_personal_information)
auth_api.register_user (u, l_email, l_personal_information)
-- Until it is activated, this is not a real user.
-- add_user_links_to (u, rep)
rep.add_string_field ("status", "succeed")
rep.add_string_field ("information", "Waiting for activation")
rep.add_self (req.percent_encoded_path_info)
end
else
rep := new_access_denied_error_response ("Invalid email", req, res)
end
else
rep := new_access_denied_error_response ("There were issue with your application, invalid or missing values.", req, res)
end
else
rep := new_permissions_access_denied_error_response (<<"account register">>, "You can also contact the webmaster to ask for an account.", req, res)
end
rep.execute
end
end
modules/basic_auth/basic_auth.ecf
+1 -3
View File
@@ -3,12 +3,10 @@
<target name="basic_auth">
<root all_classes="true"/>
<file_rule>
<exclude>/.svn$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/CVS$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\cms.ecf"/>
<library name="cms_app_env" location="..\..\library\app_env\app_env.ecf" readonly="false"/>
modules/basic_auth/cms_basic_auth_module.e
+34 -3
View File
@@ -16,9 +16,13 @@ inherit
redefine
make,
filters,
setup_hooks
setup_hooks,
install,
permissions
end
CMS_WITH_WEBAPI
CMS_HOOK_BLOCK
create
@@ -33,11 +37,38 @@ feature {NONE} -- Initialization
description := "Service to manage basic authentication"
end
feature {CMS_API} -- Module management
install (a_api: CMS_API)
do
Precursor (a_api)
if attached a_api.user_api.anonymous_user_role as ano then
ano.add_permission (perm_use_basic_auth)
a_api.user_api.save_user_role (ano)
end
end
feature {CMS_EXECUTION} -- Administration
webapi: CMS_BASIC_AUTH_MODULE_WEBAPI
do
create Result.make (Current)
end
feature -- Access
name: STRING = "basic_auth"
feature -- Access: auth strategy
permissions: LIST [READABLE_STRING_8]
-- List of permission ids, used by this module, and declared.
do
Result := Precursor
Result.force (perm_use_basic_auth)
end
perm_use_basic_auth: STRING = "use basic_auth"
feature -- Access: auth strategy
login_title: STRING = "Basic Auth"
-- Module specific login title.
@@ -62,7 +93,7 @@ feature -- Access: auth strategy
feature {CMS_API} -- Access: API
oauth20_api: detachable CMS_AUTH_API_I
-- <Precursor>
-- <Precursor>
feature -- Access: filter
modules/basic_auth/cms_basic_auth_module_webapi.e
+36
View File
@@ -0,0 +1,36 @@
note
description: "Summary description for {CMS_BASIC_AUTH_MODULE_WEBAPI}."
date: "$Date$"
revision: "$Revision$"
class
CMS_BASIC_AUTH_MODULE_WEBAPI
inherit
CMS_MODULE_WEBAPI [CMS_BASIC_AUTH_MODULE]
redefine
filters
end
create
make
feature {NONE} -- Router/administration
setup_webapi_router (a_router: WSF_ROUTER; a_api: CMS_API)
-- <Precursor>
do
end
feature -- Access: filter
filters (a_api: CMS_API): detachable LIST [WSF_FILTER]
-- Possibly list of Filter's module.
do
create {ARRAYED_LIST [WSF_FILTER]} Result.make (1)
Result.extend (create {CMS_BASIC_WEBAPI_AUTH_FILTER}.make (a_api))
end
note
copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end
modules/basic_auth/filter/cms_basic_auth_filter.e
+9 -8
View File
@@ -9,7 +9,7 @@ class
CMS_BASIC_AUTH_FILTER
inherit
CMS_AUTH_FILTER_I
CMS_AUTH_STRATEGY_FILTER
REFACTORING_HELPER
@@ -35,15 +35,16 @@ feature -- Basic operations
attached l_auth.password as l_auth_password
then
if
api.user_api.is_valid_credential (l_auth_login, l_auth_password) and then
attached api.user_api.user_by_name (l_auth_login) as l_user
attached api.user_api.user_with_credential (l_auth_login, l_auth_password) as l_user
then
debug ("refactor_fixme")
fixme ("Maybe we need to store in the credentials in a shared context SECURITY_CONTEXT")
-- req.set_execution_variable ("security_content", create SECURITY_CONTEXT.make (l_user))
-- other authentication filters (OpenID, etc) should implement the same approach.
if api.user_has_permission (l_user, {CMS_BASIC_AUTH_MODULE}.perm_use_basic_auth) then
debug ("refactor_fixme")
fixme ("Maybe we need to store in the credentials in a shared context SECURITY_CONTEXT")
-- req.set_execution_variable ("security_content", create SECURITY_CONTEXT.make (l_user))
-- other authentication filters (OpenID, etc) should implement the same approach.
end
set_current_user (l_user)
end
set_current_user (l_user)
else
api.logger.put_error (generator + ".execute login_valid failed for: " + l_auth_login, Void)
end
modules/basic_auth/filter/cms_basic_webapi_auth_filter.e
+44
View File
@@ -0,0 +1,44 @@
note
description: "Summary description for {CMS_BASIC_WEBAPI_AUTH_FILTER}."
date: "$Date$"
revision: "$Revision$"
class
CMS_BASIC_WEBAPI_AUTH_FILTER
inherit
CMS_WEBAPI_AUTH_FILTER
create
make
feature -- Basic operations
execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute the filter.
local
l_auth: HTTP_AUTHORIZATION
do
create l_auth.make (req.http_authorization)
if
l_auth.is_basic and then
attached l_auth.login as l_auth_login and then
attached l_auth.password as l_auth_password
then
if
attached api.user_api.user_with_credential (l_auth_login, l_auth_password) as l_user
then
if api.user_has_permission (l_user, {CMS_BASIC_AUTH_MODULE}.perm_use_basic_auth) then
api.set_user (l_user)
end
else
-- not authenticated due to bad login or password.
end
end
execute_next (req, res)
end
note
copyright: "2011-2017, Jocelyn Fiat, Javier Velilla, Eiffel Software and others"
license: "Eiffel Forum License v2 (see http://www.eiffel.com/licensing/forum.txt)"
end
modules/basic_auth/handler/cms_basic_auth_login_handler.e
-4
View File
@@ -15,9 +15,6 @@ inherit
new_mapping as new_uri_mapping
end
WSF_FILTER
WSF_RESOURCE_HANDLER_HELPER
redefine
do_get
@@ -34,7 +31,6 @@ feature -- execute
-- Execute request handler.
do
execute_methods (req, res)
execute_next (req, res)
end
uri_execute (req: WSF_REQUEST; res: WSF_RESPONSE)
modules/blog/cms_blog_module.e
+11 -1
View File
@@ -17,6 +17,8 @@ inherit
blog_api
end
CMS_WITH_MODULE_ADMINISTRATION
CMS_HOOK_MENU_SYSTEM_ALTER
CMS_HOOK_RESPONSE_ALTER
@@ -81,13 +83,21 @@ feature {CMS_API} -- Module management
end
end
feature {CMS_API} -- Access: API
feature {CMS_API, CMS_MODULE} -- Access: API
blog_api: detachable CMS_BLOG_API
-- <Precursor>
node_api: detachable CMS_NODE_API
feature {NONE} -- Administration
administration: CMS_SELF_MODULE_ADMINISTRATION [CMS_BLOG_MODULE]
-- Administration module.
do
create Result.make (Current)
end
feature -- Access: router
setup_router (a_router: WSF_ROUTER; a_api: CMS_API)
modules/blog/cms_blog_module.ecf
+3 -5
View File
@@ -3,16 +3,14 @@
<target name="cms_blog_module">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
<library name="cms" location="..\..\cms.ecf" readonly="false"/>
<library name="cms_comments_module" location="..\..\modules\comments\comments.ecf" readonly="false"/>
<library name="cms_model" location="..\..\library\model\cms_model.ecf" readonly="false"/>
<library name="cms_node_module" location="..\..\modules\node\node.ecf" readonly="false"/>
<library name="cms_taxnomy_module" location="..\..\modules\taxonomy\taxonomy.ecf"/>
modules/blog/handler/blog_user_handler.e
+2 -6
View File
@@ -37,8 +37,6 @@ feature -- HTTP Methods
do_get (req: WSF_REQUEST; res: WSF_RESPONSE)
-- <Precursor>
local
l_error: NOT_FOUND_ERROR_CMS_RESPONSE
do
check user_void: user = Void end
if attached user_from_request (req) as l_user then
@@ -47,13 +45,11 @@ feature -- HTTP Methods
Precursor (req, res)
else
-- Throw a bad request error because the user is not valid
create l_error.make (req, res, api)
if attached user_parameter (req) as l_user_id then
l_error.set_main_content ("<h1>Error</h1>User with id " + api.html_encoded (l_user_id) + " not found!</h1>")
api.response_api.send_not_found ("<h1>Error</h1>User with id " + api.html_encoded (l_user_id) + " not found!</h1>", req, res)
else
l_error.set_main_content ("<h1>Error</h1>User not found!</h1>")
api.response_api.send_not_found ("<h1>Error</h1>User not found!</h1>", req, res)
end
l_error.execute
end
user := Void
end
modules/comments/comments.ecf
+2 -4
View File
@@ -3,12 +3,10 @@
<target name="comments_module">
<root all_classes="true"/>
<file_rule>
<exclude>/.git$</exclude>
<exclude>/.svn$</exclude>
<exclude>/\.git$</exclude>
<exclude>/\.svn$</exclude>
<exclude>/EIFGENs$</exclude>
</file_rule>
<option warning="true">
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="base_extension" location="$ISE_LIBRARY\library\base_extension\base_extension.ecf"/>
<library name="cms" location="..\..\cms.ecf" readonly="false"/>
modules/contact/contact.ecf
-3
View File
@@ -2,9 +2,6 @@
<system xmlns="http://www.eiffel.com/developers/xml/configuration-1-16-0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.eiffel.com/developers/xml/configuration-1-16-0 http://www.eiffel.com/developers/xml/configuration-1-16-0.xsd" name="contact" uuid="5F9BB4AA-FB62-4550-B314-DED374843DC0" library_target="contact">
<target name="contact">
<root all_classes="true"/>
<option>
</option>
<library name="base" location="$ISE_LIBRARY\library\base\base.ecf"/>
<library name="cms" location="..\..\cms.ecf" readonly="false"/>
<library name="cms_app_env" location="..\..\library\app_env\app_env.ecf" readonly="false"/>
modules/contact/src/cms_contact_module.e
+2 -6
View File
@@ -123,30 +123,26 @@ feature -- Recaptcha
recaptcha_secret_key (api: CMS_API): detachable READABLE_STRING_8
-- Get recaptcha security key.
local
utf: UTF_CONVERTER
do
if attached api.module_configuration (Current, Void) as cfg then
if
attached cfg.text_item ("recaptcha.secret_key") as l_recaptcha_key and then
not l_recaptcha_key.is_empty
then
Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
Result := api.utf_8_encoded (l_recaptcha_key)
end
end
end
recaptcha_site_key (api: CMS_API): detachable READABLE_STRING_8
-- Get recaptcha security key.
local
utf: UTF_CONVERTER
do
if attached api.module_configuration (Current, Void) as cfg then
if
attached cfg.text_item ("recaptcha.site_key") as l_recaptcha_key and then
not l_recaptcha_key.is_empty
then
Result := utf.utf_32_string_to_utf_8_string_8 (l_recaptcha_key)
Result := api.utf_8_encoded (l_recaptcha_key)
end
end
end
modules/contact/src/contact_email_service_parameters.e
+3 -4
View File
@@ -13,13 +13,12 @@ feature {NONE} -- Initialization
make (a_cms_api: CMS_API; a_contact_module: CMS_CONTACT_MODULE)
local
utf: UTF_CONVERTER
l_site_name: READABLE_STRING_8
s: detachable READABLE_STRING_32
l_contact_email, l_contact_subject: detachable READABLE_STRING_8
do
-- Use global smtp setting if any, otherwise "localhost"
l_site_name := utf.escaped_utf_32_string_to_utf_8_string_8 (a_cms_api.setup.site_name)
l_site_name := a_cms_api.utf_8_encoded (a_cms_api.setup.site_name)
admin_email := a_cms_api.setup.site_email
if not admin_email.has ('<') then
@@ -29,11 +28,11 @@ feature {NONE} -- Initialization
if attached {CONFIG_READER} a_cms_api.module_configuration (a_contact_module, Void) as cfg then
s := cfg.text_item ("email")
if s /= Void then
l_contact_email := utf.utf_32_string_to_utf_8_string_8 (s)
l_contact_email := a_cms_api.utf_8_encoded (s)
end
s := cfg.text_item ("subject")
if s /= Void then
l_contact_subject := utf.utf_32_string_to_utf_8_string_8 (s)
l_contact_subject := a_cms_api.utf_8_encoded (s)
end
end
if l_contact_email /= Void then
modules/contact/src/persistence/contact_storage_fs.e
+2 -3
View File
@@ -25,7 +25,6 @@ feature -- Change
save_contact_message (m: CONTACT_MESSAGE)
local
s: STRING
utf: UTF_CONVERTER
now: DATE_TIME
do
error_handler.reset
@@ -38,7 +37,7 @@ feature -- Change
s.append (m.date.out)
s.append_character ('%N')
s.append ("name=")
s.append (utf.utf_32_string_to_utf_8_string_8 (m.username))
s.append (api.utf_8_encoded (m.username))
s.append_character ('%N')
if attached m.email as l_email then
@@ -47,7 +46,7 @@ feature -- Change
s.append_character ('%N')
end
s.append ("message=%N")
s.append (utf.utf_32_string_to_utf_8_string_8 (m.message))
s.append (api.utf_8_encoded (m.message))
s.append_character ('%N')
save_to_file (s, date_to_yyyymmdd_hhmmss_string (now))

Some files were not shown because too many files have changed in this diff Show More