User: sits
Date: 08/09/08 03:19:52
Modified: template/en/default newpassword.html.tmpl login.html.tmpl
lib/Codestriker/Model User.pm
lib/Codestriker/Http/Method ViewTopicTextMethod.pm
ViewTopicPropertiesMethod.pm
ViewTopicMetricsMethod.pm ViewTopicFileMethod.pm
ViewTopicCommentsMethod.pm ViewMetricsMethod.pm
UpdateTopicStateMethod.pm
UpdateTopicPropertiesMethod.pm
UpdateTopicMetricsMethod.pm UpdateProjectMethod.pm
UpdatePasswordMethod.pm
UpdateCommentMetricsMethod.pm
SubmitSearchTopicsMethod.pm
StaticResourcesMethod.pm SearchTopicsMethod.pm
ResetPasswordMethod.pm NewPasswordMethod.pm
LoginMethod.pm ListTopicsMethod.pm
ListProjectsMethod.pm EditProjectMethod.pm
DownloadTopicTextMethod.pm DownloadMetricsMethod.pm
CreateTopicMethod.pm CreateProjectMethod.pm
CreateNewUserMethod.pm CreateCommentMethod.pm
AuthenticateMethod.pm AddTopicMethod.pm
AddProjectMethod.pm AddNewUserMethod.pm
AddCommentMethod.pm
lib/Codestriker/Http Method.pm Input.pm Dispatcher.pm
lib/Codestriker/Action Login.pm Authenticate.pm
Log:
Proper user authentication is now in the system. Have also introduced
the notion of admin authorisation for some of the project-specific
actions and metrics download.
Index: newpassword.html.tmpl
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/template/en/default/newpassword.html.tmpl,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- newpassword.html.tmpl 8 Sep 2008 05:17:18 -0000 1.2
+++ newpassword.html.tmpl 8 Sep 2008 10:19:50 -0000 1.3
@@ -6,7 +6,7 @@
Please enter your new password:
</p>
-<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
+<form method="post" enctype="multipart/form-data" action="[% action_url %]">
<input type="hidden" name="action" value="update_password" />
<input type="hidden" name="email" value="[% email %]" />
Index: login.html.tmpl
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/template/en/default/login.html.tmpl,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- login.html.tmpl 8 Sep 2008 05:17:18 -0000 1.2
+++ login.html.tmpl 8 Sep 2008 10:19:50 -0000 1.3
@@ -12,9 +12,11 @@
Please enter your email address and password to continue.
</p>
-<form method="post" enctype="application/x-www-form-urlencoded" action="[%
action_url %]">
+<form method="post" enctype="multipart/form-data" action="[% action_url %]">
<input type="hidden" name="action" value="authenticate" />
+<input type="hidden" name="redirect" value="[% redirect %]" />
+
<table>
<tr>
<th align="right">E-mail address:</th>
Index: User.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Model/User.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- User.pm 8 Sep 2008 06:49:37 -0000 1.5
+++ User.pm 8 Sep 2008 10:19:50 -0000 1.6
@@ -184,8 +184,9 @@
sub _hash_password {
my ($password) = @_;
- # List of characters that can be used for the salt.
- my @salt_characters = ( '.', '/', 'A'..'Z', 'a'..'z', '0' ..'9' );
+ # List of characters that can be used for the salt. Exclude '.' for
+ # now since that can cause issues when outputting URLs ending in a '.'.
+ my @salt_characters = ( '/', 'A'..'Z', 'a'..'z', '0' ..'9' );
# Generate the salt. Generate an 8 character value in case we are on
# a system which uses MD5 digests (48 bit - 6 * 8). Older systems just
Index: ViewTopicTextMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewTopicTextMethod.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ViewTopicTextMethod.pm 6 Sep 2008 00:31:44 -0000 1.5
+++ ViewTopicTextMethod.pm 8 Sep 2008 10:19:50 -0000 1.6
@@ -17,7 +17,7 @@
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
confess "Parameter topicid missing" unless defined $args{topicid};
@@ -44,7 +44,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "view") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/text}) {
$self->_extract_nice_parameters($http_input,
Index: ViewTopicPropertiesMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewTopicPropertiesMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ViewTopicPropertiesMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ ViewTopicPropertiesMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ViewTopicPropertiesMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
die "Parameter topicid missing" unless defined $args{topicid};
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"view_topic_properties") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/properties/view}) {
$self->_extract_nice_parameters($http_input,
Index: ViewTopicMetricsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewTopicMetricsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ViewTopicMetricsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ ViewTopicMetricsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ViewTopicMetricsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
die "Parameter topicid missing" unless defined $args{topicid};
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "viewinfo") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/metrics/view}) {
$self->_extract_nice_parameters($http_input,
Index: ViewTopicFileMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewTopicFileMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ViewTopicFileMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ ViewTopicFileMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ViewTopicFileMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
die "Parameter topicid missing" unless defined $args{topicid};
@@ -39,7 +39,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "view_file") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/file/\d+}) {
$self->_extract_nice_parameters($http_input,
Index: ViewTopicCommentsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewTopicCommentsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ViewTopicCommentsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ ViewTopicCommentsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ViewTopicCommentsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
die "Parameter topicid missing" unless defined $args{topicid};
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "list_comments")
{
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/comments/list}) {
$self->_extract_nice_parameters($http_input,
Index: ViewMetricsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ViewMetricsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ViewMetricsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ ViewMetricsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ViewMetricsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"metrics_report") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/metrics/view$}) {
$self->_extract_nice_parameters($http_input);
Index: UpdateTopicStateMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdateTopicStateMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- UpdateTopicStateMethod.pm 6 Sep 2008 03:31:07 -0000 1.4
+++ UpdateTopicStateMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::UpdateTopicStateMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -33,7 +33,6 @@
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action &&
$action eq "change_topics_state") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/topics/update}) {
$self->_extract_nice_parameters($http_input);
Index: UpdateTopicPropertiesMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdateTopicPropertiesMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- UpdateTopicPropertiesMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ UpdateTopicPropertiesMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::UpdateTopicPropertiesMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"edit_topic_properties") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/properties}) {
$self->_extract_nice_parameters($http_input,
Index: UpdateTopicMetricsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdateTopicMetricsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- UpdateTopicMetricsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ UpdateTopicMetricsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::UpdateTopicMetricsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"edit_topic_metrics") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/metrics/update}) {
$self->_extract_nice_parameters($http_input,
Index: UpdateProjectMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdateProjectMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- UpdateProjectMethod.pm 6 Sep 2008 00:31:45 -0000 1.3
+++ UpdateProjectMethod.pm 8 Sep 2008 10:19:50 -0000 1.4
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::UpdateProjectMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, $projectid) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"submit_editproject") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/admin/project/\d+/update$}) {
$self->_extract_nice_parameters($http_input,
@@ -42,6 +41,10 @@
}
}
+sub requires_admin {
+ return 1;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: UpdatePasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdatePasswordMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- UpdatePasswordMethod.pm 8 Sep 2008 05:17:19 -0000 1.3
+++ UpdatePasswordMethod.pm 8 Sep 2008 10:19:50 -0000 1.4
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::UpdatePasswordMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"update_password") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/user/.*/password/update$}) {
$self->_extract_nice_parameters($http_input,
@@ -45,6 +44,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: UpdateCommentMetricsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/UpdateCommentMetricsMethod.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- UpdateCommentMetricsMethod.pm 6 Sep 2008 00:31:44 -0000 1.2
+++ UpdateCommentMetricsMethod.pm 8 Sep 2008 10:19:50 -0000 1.3
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::UpdateCommentMetricsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"change_comments_state") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/comments/update}) {
$self->_extract_nice_parameters($http_input,
Index: SubmitSearchTopicsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/SubmitSearchTopicsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- SubmitSearchTopicsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ SubmitSearchTopicsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::SubmitSearchTopicsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "submit_search")
{
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/topics/submitsearch}) {
$self->_extract_nice_parameters($http_input);
Index: StaticResourcesMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/StaticResourcesMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- StaticResourcesMethod.pm 6 Sep 2008 00:31:45 -0000 1.3
+++ StaticResourcesMethod.pm 8 Sep 2008 10:19:50 -0000 1.4
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::StaticResourcesMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
# Check if the HTML files are accessible via another URL (required for
@@ -39,4 +39,8 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
1;
Index: SearchTopicsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/SearchTopicsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- SearchTopicsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ SearchTopicsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::SearchTopicsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "search") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/topics/search}) {
$self->_extract_nice_parameters($http_input);
Index: ResetPasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ResetPasswordMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ResetPasswordMethod.pm 8 Sep 2008 06:49:38 -0000 1.4
+++ ResetPasswordMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -17,7 +17,7 @@
@Codestriker::Http::Method::ResetPasswordMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -33,7 +33,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"reset_password") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info eq '/users/reset') {
$self->_extract_nice_parameters($http_input);
@@ -43,6 +42,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: NewPasswordMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/NewPasswordMethod.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- NewPasswordMethod.pm 7 Sep 2008 12:20:30 -0000 1.1
+++ NewPasswordMethod.pm 8 Sep 2008 10:19:50 -0000 1.2
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::NewPasswordMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -35,7 +35,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "new_password") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/user/.*/password/new/challenge/}) {
$self->_extract_nice_parameters($http_input,
@@ -47,6 +46,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: LoginMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/LoginMethod.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LoginMethod.pm 7 Sep 2008 04:49:26 -0000 1.2
+++ LoginMethod.pm 8 Sep 2008 10:19:50 -0000 1.3
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::LoginMethod::ISA = ("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -36,7 +36,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "login") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/login/form}) {
$self->_extract_nice_parameters($http_input,
@@ -48,6 +47,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: ListTopicsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ListTopicsMethod.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ListTopicsMethod.pm 6 Sep 2008 00:31:45 -0000 1.5
+++ ListTopicsMethod.pm 8 Sep 2008 10:19:50 -0000 1.6
@@ -16,7 +16,7 @@
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
my $sstate = defined $args{sstate} ? CGI::escape(join ',',
@{$args{sstate}}) : "";
@@ -64,7 +64,6 @@
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action &&
($action eq "list_topics" || $action eq "list_topics_rss")) {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/feed/topics/list} ||
$path_info =~ m{^/topics/list}) {
Index: ListProjectsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/ListProjectsMethod.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ListProjectsMethod.pm 6 Sep 2008 00:31:44 -0000 1.5
+++ ListProjectsMethod.pm 8 Sep 2008 10:19:50 -0000 1.6
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::ListProjectsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "list_projects")
{
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/admin/projects/list$}) {
$self->_extract_nice_parameters($http_input);
Index: EditProjectMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/EditProjectMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- EditProjectMethod.pm 6 Sep 2008 00:31:45 -0000 1.3
+++ EditProjectMethod.pm 8 Sep 2008 10:19:50 -0000 1.4
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::EditProjectMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, $projectid) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "edit_project") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/admin/project/\d+/edit$}) {
$self->_extract_nice_parameters($http_input,
@@ -42,6 +41,10 @@
}
}
+sub requires_admin {
+ return 1;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: DownloadTopicTextMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/DownloadTopicTextMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- DownloadTopicTextMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ DownloadTopicTextMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -17,7 +17,7 @@
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
confess "Parameter topicid missing" unless defined $args{topicid};
@@ -36,7 +36,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "download") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topic/\d+/download}) {
$self->_extract_nice_parameters($http_input,
Index: DownloadMetricsMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/DownloadMetricsMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- DownloadMetricsMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ DownloadMetricsMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::DownloadMetricsMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"metrics_download") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/metrics/download$}) {
$self->_extract_nice_parameters($http_input);
@@ -41,6 +40,10 @@
}
}
+sub requires_admin {
+ return 1;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: CreateTopicMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/CreateTopicMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- CreateTopicMethod.pm 6 Sep 2008 00:31:45 -0000 1.4
+++ CreateTopicMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::CreateTopicMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, $obsoletes) = @_;
if ($self->{cgi_style}) {
@@ -33,7 +33,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "create") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/topics/create}) {
$self->_extract_nice_parameters($http_input,
Index: CreateProjectMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/CreateProjectMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- CreateProjectMethod.pm 6 Sep 2008 00:31:45 -0000 1.4
+++ CreateProjectMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::CreateProjectMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"create_project") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/admin/projects/create$}) {
$self->_extract_nice_parameters($http_input);
@@ -41,6 +40,10 @@
}
}
+sub requires_admin {
+ return 1;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: CreateNewUserMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/CreateNewUserMethod.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- CreateNewUserMethod.pm 8 Sep 2008 05:17:19 -0000 1.1
+++ CreateNewUserMethod.pm 8 Sep 2008 10:19:50 -0000 1.2
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::CreateNewUserMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -34,7 +34,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"create_new_user") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info eq "/users/create") {
$self->_extract_nice_parameters($http_input);
@@ -44,6 +43,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: CreateCommentMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/CreateCommentMethod.pm,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- CreateCommentMethod.pm 6 Sep 2008 00:31:45 -0000 1.5
+++ CreateCommentMethod.pm 8 Sep 2008 10:19:50 -0000 1.6
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::CreateCommentMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
confess "Parameter topicid missing" unless defined $args{topicid};
@@ -41,7 +41,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "edit") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~
m{^/project/\d+/topic/\d+/comment/(\d+)\|(\d+)\|(\d+)/create}) {
$self->_extract_nice_parameters($http_input,
Index: AuthenticateMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AuthenticateMethod.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AuthenticateMethod.pm 8 Sep 2008 06:49:38 -0000 1.3
+++ AuthenticateMethod.pm 8 Sep 2008 10:19:50 -0000 1.4
@@ -16,7 +16,7 @@
@Codestriker::Http::Method::AuthenticateMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -32,7 +32,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "authenticate") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/login/authenticate}) {
$self->_extract_nice_parameters($http_input);
@@ -42,6 +41,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: AddTopicMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AddTopicMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AddTopicMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ AddTopicMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::AddTopicMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
die "Parameter projectid missing" unless defined $args{projectid};
@@ -33,7 +33,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"submit_new_topic") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/project/\d+/topics/add}) {
$self->_extract_nice_parameters($http_input,
Index: AddProjectMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AddProjectMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AddProjectMethod.pm 6 Sep 2008 00:31:44 -0000 1.4
+++ AddProjectMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::AddProjectMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"submit_project") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~ m{^/admin/projects/add}) {
$self->_extract_nice_parameters($http_input);
@@ -41,6 +40,10 @@
}
}
+sub requires_admin {
+ return 1;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: AddNewUserMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AddNewUserMethod.pm,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- AddNewUserMethod.pm 8 Sep 2008 05:17:19 -0000 1.1
+++ AddNewUserMethod.pm 8 Sep 2008 10:19:50 -0000 1.2
@@ -31,7 +31,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq "add_new_user") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info eq "/users/add") {
$self->_extract_nice_parameters($http_input);
@@ -41,6 +40,10 @@
}
}
+sub requires_authentication {
+ return 0;
+}
+
sub execute {
my ($self, $http_input, $http_output) = @_;
Index: AddCommentMethod.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method/AddCommentMethod.pm,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- AddCommentMethod.pm 6 Sep 2008 00:31:45 -0000 1.4
+++ AddCommentMethod.pm 8 Sep 2008 10:19:50 -0000 1.5
@@ -15,7 +15,7 @@
@Codestriker::Http::Method::AddCommentMethod::ISA =
("Codestriker::Http::Method");
# Generate a URL for this method.
-sub url() {
+sub url {
my ($self, %args) = @_;
if ($self->{cgi_style}) {
@@ -35,7 +35,6 @@
my $action = $http_input->{query}->param('action');
my $path_info = $http_input->{query}->path_info();
if ($self->{cgi_style} && defined $action && $action eq
"submit_comment") {
- $http_input->extract_cgi_parameters();
return 1;
} elsif ($path_info =~
m{^/project/\d+/topic/\d+/comment/(\d+)\|(\d+)\|(\d+)/add}) {
$self->_extract_nice_parameters($http_input,
Index: Method.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Method.pm,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- Method.pm 7 Sep 2008 11:49:45 -0000 1.7
+++ Method.pm 8 Sep 2008 10:19:51 -0000 1.8
@@ -46,6 +46,16 @@
return undef;
}
+# Indicates that this method requires authentication.
+sub requires_authentication {
+ return 1;
+}
+
+# Indicates that this method can only be executed by an admin.
+sub requires_admin {
+ return 0;
+}
+
# If this query type is recognised, extract the parameters and store them
into
# $http_input and return true, otherwise return false.
sub extract_parameters {
Index: Input.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Http/Input.pm,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -r1.53 -r1.54
--- Input.pm 8 Sep 2008 05:17:19 -0000 1.53
+++ Input.pm 8 Sep 2008 10:19:51 -0000 1.54
@@ -204,6 +204,7 @@
$self->_set_property_from_cookie('projectid', 0);
$self->_set_property_from_cookie('module', "");
$self->_set_property_from_cookie('topicsort', "");
+ $self->_set_property_from_cookie('password_hash', "");
$self->_untaint('topic_sort_change',
'(title)|(author)|(created)|(state)');
Index: Dispatcher.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Http/Dispatcher.pm,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- Dispatcher.pm 8 Sep 2008 05:17:19 -0000 1.14
+++ Dispatcher.pm 8 Sep 2008 10:19:51 -0000 1.15
@@ -47,7 +47,6 @@
use Codestriker::Http::Method::AddNewUserMethod;
# Initialise all of the methods that are known to the system.
-# TODO: add configuration to the parameter.
sub new {
my ($type, $query) = @_;
@@ -101,22 +100,63 @@
sub dispatch {
my ($self, $http_input, $http_output) = @_;
- # TODO: put login in here which redirects to the login form
- # if appropriate with the full URL in the redirect parameter.
+ # Extract all cookie and CGI parameters.
+ $http_input->extract_cgi_parameters();
+ # Determine which method can handle this URL.
+ my $found_method;
foreach my $method ( @{$self->{methods}} ) {
if ($method->extract_parameters($http_input)) {
- $method->execute($http_input, $http_output);
+ $found_method = $method;
+ }
+ }
+
+ # Set to a default method if none were found.
+ if (! defined $found_method) {
+ $found_method = $Codestriker::allow_searchlist ?
+ $self->{list_topics_method} : $self->{create_topics_method};
+ }
+
+ # Check if the method requires authentication.
+ my $user;
+ if ($found_method->requires_authentication()) {
+ my $query = $http_output->get_query();
+ my $email = $http_input->get('email');
+ my $password_hash = $http_input->get('password_hash');
+
+ # If the user is not logged in, redirect to the login screen.
+ my $full_url = $query->url(-path_info => 1, -query => 1);
+ my $login_url =
+ Codestriker::Http::Method::LoginMethod->new($query)->url(redirect
=> $full_url);
+ if (!defined($email) || $email eq '' ||
+ !defined($password_hash) || $password_hash eq '') {
+ print $query->redirect(-URI => $login_url);
+ return;
+ }
+
+ # If email has been specified, but it doesn't exist, redirect
+ # to the login screen.
+ if (!Codestriker::Model::User->exists($email)) {
+ print $query->redirect(-URI => $login_url);
+ return;
+ }
+
+ # Check that the user has supplied the right credentials.
+ $user = Codestriker::Model::User->new($email);
+ if ($user->{password_hash} ne $password_hash) {
+ print $query->redirect(-URI => $login_url);
return;
}
}
- # If we have reached here, execute the default method.
- if ($Codestriker::allow_searchlist) {
- $self->{list_topics_method}->execute($http_input, $http_output);
- } else {
- $self->{create_topic_method}->execute($http_input, $http_output);
+ # Check if the method requires admin priviledges.
+ if ($found_method->requires_admin() && !$user->{admin}) {
+ $http_output->error("This function requires admin access.");
+ return;
}
+
+ # All checks have completed, execute the method.
+ $found_method->execute($http_input, $http_output);
}
1;
Index: Login.pm
===================================================================
RCS file: /cvsroot/codestriker/codestriker/lib/Codestriker/Action/Login.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Login.pm 8 Sep 2008 05:17:19 -0000 1.2
+++ Login.pm 8 Sep 2008 10:19:51 -0000 1.3
@@ -27,6 +27,7 @@
$vars->{'action_url'} = $url_builder->authenticate_url();
$vars->{'new_user_url'} = $url_builder->create_new_user_url();
$vars->{'reset_password_url'} = $url_builder->reset_password_url();
+ $vars->{'redirect'} = $http_input->get('redirect');
$vars->{'feedback'} = $http_input->get('feedback');
my $template = Codestriker::Http::Template->new("login");
Index: Authenticate.pm
===================================================================
RCS file:
/cvsroot/codestriker/codestriker/lib/Codestriker/Action/Authenticate.pm,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- Authenticate.pm 8 Sep 2008 07:20:14 -0000 1.2
+++ Authenticate.pm 8 Sep 2008 10:19:52 -0000 1.3
@@ -43,17 +43,19 @@
print $query->redirect(-URI => $url);
} else {
# Redirect to the specified URL, if present, otherwise go to the
default
- # URL. Get the current cookie, and set the password hash into it.
+ # URL. Get the current cookie, and set the email and password hash
+ # into it.
my %cookie_hash = Codestriker::Http::Cookie->get($query);
+ $cookie_hash{email} = $user->{email};
$cookie_hash{password_hash} = $user->{password_hash};
my $cookie = Codestriker::Http::Cookie->make($query, \%cookie_hash);
if (defined $redirect && $redirect ne "") {
print $query->redirect(-cookie => $cookie,
- -URI => $redirect);
+ -location => $redirect);
} else {
print $query->redirect(-cookie => $cookie,
- -URI => $query->url());
+ -location => $query->url());
}
}
}
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Codestriker-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/codestriker-commits
