cgi-bin/tek/class/loona.lua
changeset 206 450cd443de9f
parent 201 d52b05a9fe9c
child 213 44bbb49bd40c
     1.1 --- a/cgi-bin/tek/class/loona.lua	Fri Nov 23 01:46:43 2007 +0100
     1.2 +++ b/cgi-bin/tek/class/loona.lua	Sat Nov 24 20:53:20 2007 +0100
     1.3 @@ -13,6 +13,8 @@
     1.4  local Request = require "tek.class.cgi.request"
     1.5  local util = require "tek.class.loona.util"
     1.6  local markup = require "tek.class.loona.markup"
     1.7 +-- local db = require "tek.lib.debug"
     1.8 +-- db.level = 4
     1.9  
    1.10  local boxed_G = {
    1.11  	string = string, table = table,
    1.12 @@ -254,7 +256,7 @@
    1.13  	self:recursesections(self.sections, function(self, s, e)
    1.14  		local permitted = true
    1.15  		local sectperm = e.permissions
    1.16 -		if sectperm and sectperm ~= "" then
    1.17 +		if sectperm and sectperm ~= "" and not self.authuser_seeall then
    1.18  			permitted = false
    1.19  			if userperm then
    1.20  				local num = sectperm:len()
    1.21 @@ -713,8 +715,7 @@
    1.22  	local contentdir = self.contentdir
    1.23  	local edit, show, hidden, extramsg, changed
    1.24  
    1.25 -	if self.authuser_edit or self.authuser_profile or
    1.26 -		self.authuser_modifyprofile or self.authuser_menu then
    1.27 +	if self.authuser_edit or self.authuser_profile or self.authuser_menu then
    1.28  
    1.29  		local hiddenvars = table.concat( {
    1.30  			self:hidden("lang", self.args.lang),
    1.31 @@ -910,47 +911,45 @@
    1.32  			self.args.actionchangeprofile or
    1.33  			self.args.actionchangelanguage or
    1.34  			self.args.actionpublishprofile) and editkey == "main" and
    1.35 -			(self.authuser_profile or self.authuser_modifyprofile) then
    1.36 +			self.authuser_profile then
    1.37  			hidden = true
    1.38 -			if self.authuser_profile then
    1.39 -				self:out([[
    1.40 -				<form action="]] .. self.document .. [[" method="post" accept-charset="utf-8">
    1.41 -					<fieldset>
    1.42 -						<legend>
    1.43 -							]] .. self.locale.CHANGEPROFILE .. [[
    1.44 -						</legend>
    1.45 -						<select name="changeprofile" size="1">]])
    1.46 -							for _, val in ipairs(self:getprofiles()) do
    1.47 -								self:out('<option' .. (val == self.profile and ' selected="selected"' or '') .. '>')
    1.48 -								self:out(val)
    1.49 -								self:out('</option>')
    1.50 -							end
    1.51 -						self:out([[
    1.52 -						</select>
    1.53 -						<input type="submit" name="actionchangeprofile" value="]] .. self.locale.CHANGE ..[[" />
    1.54 -						]] .. hiddenvars .. [[
    1.55 -					</fieldset>
    1.56 -				</form>
    1.57 -				<form action="]] .. self.document .. [[" method="post" accept-charset="utf-8">
    1.58 -					<fieldset>
    1.59 -						<legend>
    1.60 -							]] .. self.locale.CHANGELANGUAGE .. [[
    1.61 -						</legend>
    1.62 -						<select name="changelanguage" size="1">]])
    1.63 -							for _, val in ipairs(self:getlanguages()) do
    1.64 -								self:out('<option' .. (val == self.lang and ' selected="selected"' or '') .. '>')
    1.65 -								self:out(val)
    1.66 -								self:out('</option>')
    1.67 -							end
    1.68 -						self:out([[
    1.69 -						</select>
    1.70 -						<input type="submit" name="actionchangelanguage" value="]] .. self.locale.CHANGE ..[[" />
    1.71 -						]] .. hiddenvars .. [[
    1.72 -					</fieldset>
    1.73 -				</form>
    1.74 -				]])
    1.75 -			end
    1.76 -			if self.authuser_modifyprofile then
    1.77 +			self:out([[
    1.78 +			<form action="]] .. self.document .. [[" method="post" accept-charset="utf-8">
    1.79 +				<fieldset>
    1.80 +					<legend>
    1.81 +						]] .. self.locale.CHANGEPROFILE .. [[
    1.82 +					</legend>
    1.83 +					<select name="changeprofile" size="1">]])
    1.84 +						for _, val in ipairs(self:getprofiles()) do
    1.85 +							self:out('<option' .. (val == self.profile and ' selected="selected"' or '') .. '>')
    1.86 +							self:out(val)
    1.87 +							self:out('</option>')
    1.88 +						end
    1.89 +					self:out([[
    1.90 +					</select>
    1.91 +					<input type="submit" name="actionchangeprofile" value="]] .. self.locale.CHANGE ..[[" />
    1.92 +					]] .. hiddenvars .. [[
    1.93 +				</fieldset>
    1.94 +			</form>
    1.95 +			<form action="]] .. self.document .. [[" method="post" accept-charset="utf-8">
    1.96 +				<fieldset>
    1.97 +					<legend>
    1.98 +						]] .. self.locale.CHANGELANGUAGE .. [[
    1.99 +					</legend>
   1.100 +					<select name="changelanguage" size="1">]])
   1.101 +						for _, val in ipairs(self:getlanguages()) do
   1.102 +							self:out('<option' .. (val == self.lang and ' selected="selected"' or '') .. '>')
   1.103 +							self:out(val)
   1.104 +							self:out('</option>')
   1.105 +						end
   1.106 +					self:out([[
   1.107 +					</select>
   1.108 +					<input type="submit" name="actionchangelanguage" value="]] .. self.locale.CHANGE ..[[" />
   1.109 +					]] .. hiddenvars .. [[
   1.110 +				</fieldset>
   1.111 +			</form>
   1.112 +			]])
   1.113 +			if self.authuser_publish then
   1.114  				self:out([[
   1.115  				<form action="]] .. self.document ..[[" method="post" accept-charset="utf-8">
   1.116  					<fieldset>
   1.117 @@ -966,8 +965,8 @@
   1.118  				</form>
   1.119  				]])
   1.120  			end
   1.121 -			if not self.ispubprofile or self.config.editablepubprofile and
   1.122 -				self.authuser_modifyprofile then
   1.123 +			if (not self.ispubprofile or self.config.editablepubprofile) and
   1.124 +				self.authuser_publish then
   1.125  				self:out([[
   1.126  				<form action="]] .. self.document .. [[" method="post" accept-charset="utf-8">
   1.127  					<fieldset>
   1.128 @@ -992,8 +991,8 @@
   1.129  				]])
   1.130  			end
   1.131  
   1.132 -		elseif self.args.actionedit and editkey == self.args.editkey then
   1.133 -			if not self.section.redirect and self.authuser_edit then
   1.134 +		elseif self.args.actionedit and editkey == self.args.editkey and self.authuser_edit then
   1.135 +			if not self.section.redirect then
   1.136  				extramsg = self.ispubprofile and
   1.137  					self.locale.WARNING_YOU_ARE_IN_PUBLISHED_PROFILE
   1.138  				edit = self:loadcontent(fname):gsub("\194\160", "&nbsp;") -- TODO
   1.139 @@ -1221,8 +1220,10 @@
   1.140  
   1.141  	-- get profile
   1.142  
   1.143 -	local checkprofile =
   1.144 -		self.authuser_profile and self.args.profile or self.pubprofile or "work"
   1.145 +	local checkprofile = self.authuser and
   1.146 +		(self.authuser_profile and self.args.profile or self.session.data.profile)
   1.147 +		or self.config.defprofile or self.pubprofile or "work"
   1.148 +
   1.149  	for _, lang in ipairs(self.langs) do
   1.150  		if profiles[checkprofile .. "_" .. lang] then
   1.151  			self.profile = checkprofile
   1.152 @@ -1611,7 +1612,6 @@
   1.153  	self.args = self.request:getargs()
   1.154  	self.cgi_document = self.request:getdocument()
   1.155  
   1.156 ---  	self.scriptpath = self.scriptpath or self.cgi_document.Path
   1.157  	self.requesthandler = self.requesthandler or self.cgi_document.Handler
   1.158   	self.requestdocument = self.requestdocument or self.cgi_document.Name
   1.159  	self.requestpath = self.requestpath or self.cgi_document.VirtualPath
   1.160 @@ -1635,12 +1635,13 @@
   1.161  				self.session = nil
   1.162  			elseif self.args.password then
   1.163  				self.loginfailed = true
   1.164 -				local match, username, perm =
   1.165 +				local match, username, perm, profile =
   1.166  					self:checkpw(self.args.login, self.args.password)
   1.167  				if match then
   1.168  					self.session.data.authuser = self.args.login
   1.169  					self.session.data.username = username
   1.170  					self.session.data.permissions = perm
   1.171 +					self.session.data.profile = profile
   1.172  					self.session.data.id = self.session.id
   1.173  					self.loginfailed = nil
   1.174  				end
   1.175 @@ -1656,10 +1657,12 @@
   1.176  	else
   1.177  		self.authuser_edit = self.session.data.permissions:find("e") and true
   1.178  		self.authuser_menu = self.session.data.permissions:find("m") and true
   1.179 -		self.authuser_profile = self.session.data.permissions:find("p") and true
   1.180 -		self.authuser_modifyprofile = self.session.data.permissions:find("c") and true
   1.181 +		self.authuser_publish = self.session.data.permissions:find("p") and true
   1.182 +		self.authuser_profile = self.authuser_publish or
   1.183 +			self.session.data.permissions:find("c") and true
   1.184  		self.authuser_visible = self.session.data.permissions:find("v") and true
   1.185  		self.authuser_debug = self.session.data.permissions:find("d") and true
   1.186 +		self.authuser_seeall = self.session.data.permissions:find("a") and true
   1.187  	end
   1.188  
   1.189  
   1.190 @@ -1705,9 +1708,10 @@
   1.191  
   1.192  function Loona:checkpw(login, passwd)
   1.193  	local pwddb = lib.source(self.config.passwdfile)
   1.194 -	local pwdentry = pwddb[login]
   1.195 -	if pwdentry and pwdentry.password == passwd then
   1.196 -		return true, pwdentry.username, pwdentry.permissions or ""
   1.197 +	local pwdent = pwddb[login]
   1.198 +	if pwdent and pwdent.password == passwd then
   1.199 +		return true, pwdent.username or login,
   1.200 +			pwdent.permissions or "", pwdent.profile
   1.201  	end
   1.202  end
   1.203