- updated to the new pikotools api (child spaces were removed)
some plugins need to be fixed yet: ticket, gallery, group, menu - added current user to default models as "user" - renamed in User: super_user -> is_super_user, env -> admin_env, pass_hash_salted -> is_pass_hash_salted - now Users class has a WinixModel as a base class some plugin calls have to be fixed yet - added UserWrapper model with a pointer to User class - removed from ItemContent: methods for accessing 'meta' and 'admin_meta', now ezc can iterate through Space classes - fixed in env winix function: if there is "changeuser" parameter then we should only switch the user (not save anything)
This commit is contained in:
@@ -55,18 +55,18 @@ Account::Account()
|
||||
|
||||
bool Account::ActivateAccount(User * puser, long code, bool use_ses_log)
|
||||
{
|
||||
std::wstring * user_code_str = puser->aenv.get_wstr(L"activation_code");
|
||||
std::wstring * user_code_str = puser->admin_env.get_wstr(L"activation_code");
|
||||
|
||||
if( user_code_str )
|
||||
{
|
||||
if( Tol(*user_code_str) == code )
|
||||
{
|
||||
puser->status = WINIX_ACCOUNT_READY;
|
||||
puser->aenv.remove(L"activation_code");
|
||||
puser->admin_env.remove(L"activation_code");
|
||||
|
||||
if( puser->update() )
|
||||
{
|
||||
log << log2 << "Account: account: " << puser->name << " activated" << logend;
|
||||
log << log2 << "Account: account: " << puser->login << " activated" << logend;
|
||||
|
||||
if( use_ses_log )
|
||||
slog << loginfo << T(L"account_activated") << logend;
|
||||
|
||||
@@ -170,12 +170,12 @@ bool AddUser::AddNewUser(User & user, const std::wstring & pass)
|
||||
{
|
||||
if( system->users.AddUser(user) )
|
||||
{
|
||||
log << log2 << "AddUser: added a new user: " << user.name << logend;
|
||||
log << log2 << "AddUser: added a new user: " << user.login << logend;
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "AddUser: I can't add to system->users: " << user.name
|
||||
log << log1 << "AddUser: I can't add to system->users: " << user.login
|
||||
<< " but the user was added to the db correctly" << logend;
|
||||
}
|
||||
}
|
||||
@@ -217,9 +217,9 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
||||
user.clear();
|
||||
|
||||
//user.Clear();
|
||||
user.name = login;
|
||||
user.login = login;
|
||||
user.email = email;
|
||||
user.super_user = false;
|
||||
user.is_super_user = false;
|
||||
user.notify = 0;
|
||||
user.locale_id = config->locale_default_id;
|
||||
user.time_zone_id = config->time_zone_default_id;
|
||||
@@ -232,7 +232,7 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
||||
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
||||
{
|
||||
code = std::rand();
|
||||
user.aenv.add(L"activation_code", code);
|
||||
user.admin_env.add(L"activation_code", code);
|
||||
}
|
||||
|
||||
if( AddNewUser(user, pass) )
|
||||
@@ -240,13 +240,13 @@ bool AddUser::AddNewUser(const std::wstring & login,
|
||||
if( try_login && !cur->session->puser && user.status == WINIX_ACCOUNT_READY )
|
||||
{
|
||||
system->users.LoginUser(user.id, false);
|
||||
log << log2 << "AddUser: now logged as: " << user.name << logend;
|
||||
log << log2 << "AddUser: now logged as: " << user.login << logend;
|
||||
plugin->Call(WINIX_USER_LOGGED);
|
||||
}
|
||||
|
||||
if( user.status == WINIX_ACCOUNT_NOT_ACTIVATED )
|
||||
{
|
||||
system->notify.ActivateAccount(user.name, user.email, code);
|
||||
system->notify.ActivateAccount(user.login, user.email, code);
|
||||
|
||||
if( use_ses_log )
|
||||
slog << loginfo << T(L"account_email_sent") << logend;
|
||||
@@ -277,7 +277,7 @@ void AddUser::MakePost()
|
||||
!functions->fun_passwd.IsPasswordCorrect(pass, conf_pass, true) )
|
||||
return;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
{
|
||||
autoactivate = cur->request->IsPostVar(L"autoactivate");
|
||||
|
||||
|
||||
@@ -54,7 +54,7 @@ Emacs::Emacs()
|
||||
|
||||
bool Emacs::HasAccess(const Item & item)
|
||||
{
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user can use emacs everywhere
|
||||
return true;
|
||||
|
||||
|
||||
@@ -46,7 +46,6 @@ namespace Fun
|
||||
Env::Env()
|
||||
{
|
||||
fun.url = L"env";
|
||||
puser = 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -59,7 +58,7 @@ bool Env::HasAccess()
|
||||
{
|
||||
// show/change admin environment variables for a user
|
||||
|
||||
if( !cur->session->puser->super_user )
|
||||
if( !cur->session->puser->is_super_user )
|
||||
return false;
|
||||
}
|
||||
|
||||
@@ -78,16 +77,16 @@ bool Env::EditAdminEnv(const std::wstring & env_str, bool use_ses_log)
|
||||
{
|
||||
if( Parse(env_str) )
|
||||
{
|
||||
puser->aenv = space;
|
||||
user_wrapper.user->admin_env = space;
|
||||
|
||||
if( puser->update() )
|
||||
if( user_wrapper.user->update() )
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
|
||||
<< puser->name << ", id: " << puser->id << logend;
|
||||
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
else
|
||||
@@ -106,16 +105,16 @@ bool Env::EditEnv(const std::wstring & env_str, bool use_ses_log)
|
||||
{
|
||||
if( Parse(env_str) )
|
||||
{
|
||||
puser->env = space;
|
||||
user_wrapper.user->env = space;
|
||||
|
||||
if( puser->update() )
|
||||
if( user_wrapper.user->update() )
|
||||
{
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
log << log1 << "Evn: a database problem with changing admin environment variables for user: "
|
||||
<< puser->name << ", id: " << puser->id << logend;
|
||||
<< user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
else
|
||||
@@ -138,61 +137,89 @@ void Env::SaveEnv()
|
||||
|
||||
if( cur->request->IsParam(L"a") )
|
||||
{
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
{
|
||||
status = EditAdminEnv(env_str, true);
|
||||
|
||||
if( status )
|
||||
{
|
||||
slog << loginfo << T(L"env_admin_changed_successfully") << logend;
|
||||
}
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
status = EditEnv(env_str, true);
|
||||
}
|
||||
|
||||
if( status )
|
||||
system->RedirectToLastItem();
|
||||
if( status )
|
||||
{
|
||||
slog << loginfo << T(L"env_changed_successfully") << logend;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
void Env::RegisterModels()
|
||||
{
|
||||
cur->request->models.Add(L"users", system->users);
|
||||
cur->request->models.Add(L"env_user", user_wrapper);
|
||||
}
|
||||
|
||||
|
||||
|
||||
void Env::MakePost()
|
||||
{
|
||||
puser = nullptr;
|
||||
user_wrapper.user = nullptr;
|
||||
user_wrapper.set_connector(model_connector);
|
||||
|
||||
if( cur->session->puser )
|
||||
{
|
||||
puser = cur->session->puser;
|
||||
user_wrapper.user = cur->session->puser;
|
||||
|
||||
if( cur->request->IsPostVar(L"changeuser") )
|
||||
if( cur->session->puser->is_super_user && cur->request->IsPostVar(L"userid") )
|
||||
{
|
||||
// show environments variables for the specified user
|
||||
if( puser->super_user && cur->request->IsPostVar(L"userid") )
|
||||
{
|
||||
long id = Tol(cur->request->PostVar(L"userid"));
|
||||
puser = system->users.GetUser(id);
|
||||
long id = Tol(cur->request->PostVar(L"userid"));
|
||||
user_wrapper.user = system->users.GetUser(id);
|
||||
|
||||
if( puser )
|
||||
{
|
||||
log << log2 << "Env: changing user to: " << puser->name << ", id: " << puser->id << logend;
|
||||
}
|
||||
if( user_wrapper.user->id != cur->session->puser->id )
|
||||
{
|
||||
log << log2 << "Env: changing user to: " << user_wrapper.user->login << ", id: " << user_wrapper.user->id << logend;
|
||||
}
|
||||
}
|
||||
|
||||
if( puser )
|
||||
if( !cur->request->IsPostVar(L"changeuser") )
|
||||
{
|
||||
/*
|
||||
* this puser should be set in a new struct (based on Model)
|
||||
* and put to templates
|
||||
*
|
||||
*/
|
||||
|
||||
SaveEnv();
|
||||
}
|
||||
else
|
||||
{
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
if( user_wrapper.user )
|
||||
{
|
||||
SaveEnv();
|
||||
}
|
||||
else
|
||||
{
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
RegisterModels();
|
||||
}
|
||||
|
||||
|
||||
void Env::MakeGet()
|
||||
{
|
||||
user_wrapper.user = cur->session->puser;
|
||||
user_wrapper.set_connector(model_connector);
|
||||
|
||||
RegisterModels();
|
||||
}
|
||||
|
||||
|
||||
void Env::Clear()
|
||||
{
|
||||
user_wrapper.user = nullptr;
|
||||
}
|
||||
|
||||
|
||||
|
||||
} // namespace
|
||||
|
||||
|
||||
|
||||
@@ -35,9 +35,11 @@
|
||||
#ifndef headerfile_winix_functions_env
|
||||
#define headerfile_winix_functions_env
|
||||
|
||||
#include "models/userwrapper.h"
|
||||
#include "functionbase.h"
|
||||
#include "space/spaceparser.h"
|
||||
|
||||
|
||||
namespace Winix
|
||||
{
|
||||
|
||||
@@ -54,13 +56,15 @@ public:
|
||||
|
||||
bool HasAccess();
|
||||
void MakePost();
|
||||
void MakeGet();
|
||||
void Clear();
|
||||
|
||||
|
||||
private:
|
||||
|
||||
pt::SpaceParser conf_parser;
|
||||
pt::Space space;
|
||||
User * puser;
|
||||
UserWrapper user_wrapper;
|
||||
|
||||
bool EditAdminEnv(const std::wstring & env_str, bool use_ses_log = false);
|
||||
bool EditEnv(const std::wstring & env_str, bool use_ses_log = false);
|
||||
@@ -68,6 +72,8 @@ private:
|
||||
bool Parse(const std::wstring & env_str);
|
||||
void SaveEnv();
|
||||
|
||||
void RegisterModels();
|
||||
|
||||
|
||||
};
|
||||
|
||||
|
||||
@@ -615,7 +615,7 @@ void Functions::ReadItemFilterHtml(Item & item)
|
||||
|
||||
void Functions::ReadItemContent(Item & item, const std::wstring & content_type)
|
||||
{
|
||||
bool is_root = cur->session->puser && cur->session->puser->super_user;
|
||||
bool is_root = cur->session->puser && cur->session->puser->is_super_user;
|
||||
bool filter_html = (content_type == L"2") && config->editors_html_safe_mode;
|
||||
|
||||
if( filter_html && is_root && config->editors_html_safe_mode_skip_root )
|
||||
|
||||
@@ -58,7 +58,7 @@ IPBanFun::IPBanFun()
|
||||
|
||||
bool IPBanFun::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -81,7 +81,7 @@ bool Login::CheckPasswords(User & user, const std::wstring & password)
|
||||
std::wstring password_from_db = user.password;
|
||||
user.password = password;
|
||||
|
||||
if( user.pass_hash_salted )
|
||||
if( user.is_pass_hash_salted )
|
||||
salt = config->pass_hash_salt;
|
||||
else
|
||||
salt.clear();
|
||||
|
||||
@@ -53,7 +53,7 @@ Meta::Meta()
|
||||
bool Meta::HasAccess()
|
||||
{
|
||||
if( cur->request->IsParam(L"a") )
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
else
|
||||
return system->HasWriteAccess(*cur->request->last_item);
|
||||
}
|
||||
@@ -134,7 +134,7 @@ void Meta::ChangeAdminMeta()
|
||||
{
|
||||
// IMPROVE ME we need to show an error msg if the user is not an admin
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
{
|
||||
const std::wstring & meta_str = cur->request->PostVar(L"itemmeta");
|
||||
|
||||
|
||||
@@ -60,7 +60,7 @@ bool Mkdir::HasAccess(const Item & item)
|
||||
if( item.type != Item::dir )
|
||||
return false;
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user can use mkdir everywhere
|
||||
return true;
|
||||
|
||||
|
||||
@@ -53,7 +53,7 @@ Mount::Mount()
|
||||
|
||||
bool Mount::HasAccess()
|
||||
{
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
return true;
|
||||
|
||||
return false;
|
||||
|
||||
@@ -117,7 +117,7 @@ bool result = false;
|
||||
result = puser->update();
|
||||
|
||||
if( result )
|
||||
log << log2 << "Passwd: password for user " << puser->name << " has been changed" << logend;
|
||||
log << log2 << "Passwd: password for user " << puser->login << " has been changed" << logend;
|
||||
else
|
||||
log << log1 << "Passwd: I cannot change password -- database problem" << logend;
|
||||
}
|
||||
@@ -140,7 +140,7 @@ long user_id;
|
||||
const std::wstring & pass_new = cur->request->PostVar(L"passwordnew");
|
||||
const std::wstring & pass_conf = cur->request->PostVar(L"passwordconfirm");
|
||||
|
||||
if( !cur->session->puser->super_user && !functions->fun_login.CheckUserPass(puser->name, pass_cur, user_id) )
|
||||
if( !cur->session->puser->is_super_user && !functions->fun_login.CheckUserPass(puser->login, pass_cur, user_id) )
|
||||
{
|
||||
log << log3 << "Passwd: incorrect current password" << logend;
|
||||
slog << logerror << T("passwd_err_bad_current_password") << logend;
|
||||
@@ -190,7 +190,7 @@ return result;
|
||||
|
||||
bool Passwd::ResetPassword(User * puser, long code, bool use_ses_log, bool only_check_access)
|
||||
{
|
||||
std::wstring * user_code_str = puser->aenv.get_wstr(L"password_change_code");
|
||||
std::wstring * user_code_str = puser->admin_env.get_wstr(L"password_change_code");
|
||||
|
||||
if( user_code_str )
|
||||
{
|
||||
@@ -230,7 +230,7 @@ bool Passwd::ResetPassword(const std::wstring & login, long code, bool use_ses_l
|
||||
{
|
||||
long t = static_cast<long>(cur->request->start_time);
|
||||
|
||||
if( puser->aenv.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
|
||||
if( puser->admin_env.to_long(L"password_change_time") + config->reset_password_code_expiration_time > t )
|
||||
{
|
||||
result = ResetPassword(puser, code, use_ses_log, only_check_access);
|
||||
}
|
||||
@@ -297,10 +297,10 @@ const std::wstring * plogin;
|
||||
|
||||
if( cur->session->puser )
|
||||
{
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
plogin = &cur->request->PostVar(L"login");
|
||||
else
|
||||
plogin = &cur->session->puser->name;
|
||||
plogin = &cur->session->puser->login;
|
||||
|
||||
User * puser = system->users.GetUser(*plogin);
|
||||
|
||||
|
||||
@@ -156,7 +156,7 @@ void PrivChanger::PrivLogStart(const wchar_t * what, long user, long group, int
|
||||
log << "new user: ";
|
||||
|
||||
if( puser )
|
||||
log << puser->name;
|
||||
log << puser->login;
|
||||
else
|
||||
log << "id: " << user;
|
||||
|
||||
|
||||
@@ -53,7 +53,7 @@ Reload::Reload()
|
||||
|
||||
bool Reload::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ void Reload::MakeGet()
|
||||
{
|
||||
// !! temporarily only an admin has access
|
||||
|
||||
if( !cur->session->puser || !cur->session->puser->super_user )
|
||||
if( !cur->session->puser || !cur->session->puser->is_super_user )
|
||||
{
|
||||
log << log1 << "Content: Only an admin has access to reload function" << logend;
|
||||
cur->request->status = WINIX_ERR_PERMISSION_DENIED;
|
||||
|
||||
@@ -55,7 +55,7 @@ RmUser::RmUser()
|
||||
|
||||
bool RmUser::HasAccess()
|
||||
{
|
||||
return cur->session->puser && cur->session->puser->super_user;
|
||||
return cur->session->puser && cur->session->puser->is_super_user;
|
||||
}
|
||||
|
||||
|
||||
@@ -66,7 +66,7 @@ bool RmUser::RemoveUser(long user_id)
|
||||
|
||||
if( puser )
|
||||
{
|
||||
name = puser->name;
|
||||
name = puser->login;
|
||||
|
||||
if( system->users.Remove(user_id) )
|
||||
{
|
||||
@@ -88,7 +88,7 @@ void RmUser::MakePost()
|
||||
{
|
||||
long user_id;
|
||||
|
||||
if( cur->session->puser->super_user )
|
||||
if( cur->session->puser->is_super_user )
|
||||
user_id = Tol(cur->request->PostVar(L"userid"));
|
||||
else
|
||||
user_id = cur->session->puser->id;
|
||||
|
||||
@@ -53,7 +53,7 @@ Subject::Subject()
|
||||
bool Subject::SubjectCheckAccess()
|
||||
{
|
||||
// super user can always
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
return true;
|
||||
|
||||
bool access;
|
||||
|
||||
@@ -58,7 +58,7 @@ bool Template::HasAccess()
|
||||
if( config->template_only_root_use_template_fun )
|
||||
{
|
||||
// only root is allowed to change the template
|
||||
return (cur->session->puser && cur->session->puser->super_user);
|
||||
return (cur->session->puser && cur->session->puser->is_super_user);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -74,7 +74,7 @@ bool Upload::HasAccess(const Item & item)
|
||||
return false;
|
||||
}
|
||||
|
||||
if( cur->session->puser && cur->session->puser->super_user )
|
||||
if( cur->session->puser && cur->session->puser->is_super_user )
|
||||
// super user can use upload everywhere
|
||||
return true;
|
||||
|
||||
|
||||
Reference in New Issue
Block a user