cgi-bin/tek/class/loona.lua
changeset 246 9378039084bd
parent 243 ae976ed38923
child 247 71a5ca44a68e
     1.1 --- a/cgi-bin/tek/class/loona.lua	Mon Jun 30 02:11:03 2008 +0200
     1.2 +++ b/cgi-bin/tek/class/loona.lua	Sat Sep 13 15:57:41 2008 +0200
     1.3 @@ -37,7 +37,7 @@
     1.4  -------------------------------------------------------------------------------
     1.5  
     1.6  module("tek.class.loona", tek.class)
     1.7 -_VERSION = "LOona Class 5.3"
     1.8 +_VERSION = "LOona Class 5.4"
     1.9  
    1.10  -------------------------------------------------------------------------------
    1.11  --	Markup:
    1.12 @@ -89,11 +89,10 @@
    1.13  --	class Session:
    1.14  -------------------------------------------------------------------------------
    1.15  
    1.16 -local Session = Class:newClass()
    1.17 +local Session = Class:newClass { _NAME = "_session" }
    1.18  
    1.19  function Session.new(class, self)
    1.20 -
    1.21 -	self = Class.new(class, self or { })
    1.22 +	self = self or { }
    1.23  
    1.24  	assert(self.id, "No session Id")
    1.25   	assert(self.sessiondir, "No session directory")
    1.26 @@ -101,13 +100,15 @@
    1.27  	self.name = self.id:gsub("(.)", function(a)
    1.28  		return ("%02x"):format(a:byte())
    1.29  	end)
    1.30 +
    1.31  	self.filename = self.sessiondir .. "/" .. self.name
    1.32  	-- remove non-dotted files (expired sessions) from sessions dir:
    1.33 +
    1.34  	util.expire(self.sessiondir, "[^.]%S+", self.maxage or 600)
    1.35  	-- load session state:
    1.36  	self.data = lib.source(self.filename) or { }
    1.37  
    1.38 -	return self
    1.39 +	return Class.new(class, self)
    1.40  end
    1.41  
    1.42  function Session:save()
    1.43 @@ -346,7 +347,7 @@
    1.44  			table.insert(tab, { entries = sectionpath.subs })
    1.45  		end
    1.46  	end
    1.47 -	return tab, sectionpath
    1.48 +	return tab, sectionpath or false
    1.49  end
    1.50  
    1.51  
    1.52 @@ -1472,7 +1473,7 @@
    1.53  				self:dbmsg("Cannot delete published profile", c))
    1.54  			if self.args.actionconfirm then
    1.55  				self:deleteprofile(c)
    1.56 -				self.profile = nil
    1.57 +				self.profile = false
    1.58  				self.args.profile = nil
    1.59  				self:init()
    1.60  				save = true
    1.61 @@ -1512,7 +1513,7 @@
    1.62  			-- Publish profile
    1.63  
    1.64  			local c = self:checkprofilename(self.args.publishprofile:lower())
    1.65 -			if c ~= self.publicprofile then
    1.66 +			if c ~= self.pubprofile then
    1.67  				if self.args.actionconfirm then
    1.68  					self:publishprofile(c)
    1.69  					save = true
    1.70 @@ -1601,20 +1602,45 @@
    1.71  end
    1.72  
    1.73  
    1.74 +local function wrout(self, s)
    1.75 +	self.buf:out(s)
    1.76 +end
    1.77 +
    1.78 +
    1.79 +local function headout(self, s)
    1.80 +	self.buf:addheader(s)
    1.81 +end
    1.82 +
    1.83 +
    1.84  function Loona.new(class, self)
    1.85  
    1.86 -	self = Class.new(class, self or { })
    1.87 -
    1.88  	local parsed, msg
    1.89  
    1.90 +	self = self or { }
    1.91 +
    1.92 +	self.langs = false
    1.93 +	self.document = false
    1.94 +	self.profile = false
    1.95 +	self.pubprofile = false
    1.96 +	self.profile = false
    1.97 +	self.lang = false
    1.98 +	self.ispubprofile = false
    1.99 +	self.contentdir = false
   1.100 +	self.indexfname = false
   1.101 +	self.sections = false
   1.102 +	self.section = false
   1.103 +	self.submenus = false
   1.104 +	self.sectionpath = false
   1.105 +	self.sectionname = false
   1.106 +	self.getdocname = false
   1.107 +	self.useralert = false
   1.108 +	self.loginfailed = false
   1.109 +
   1.110  	-- Buffer
   1.111  
   1.112 -	self.out = self.out or function(self, s)
   1.113 -		self.buf:out(s)
   1.114 -	end
   1.115 -	self.addheader = self.addheader or function(self, s)
   1.116 -		self.buf:addheader(s)
   1.117 -	end
   1.118 +	self.out = self.out or wrout
   1.119 +	self.addheader = self.addheader or headout
   1.120 +
   1.121  
   1.122  	-- Get configuration
   1.123  
   1.124 @@ -1654,6 +1680,7 @@
   1.125  	end
   1.126  	setmetatable(self.locale, locmt)
   1.127  
   1.128 +
   1.129  	-- Get request, args, document, script name, request path
   1.130  
   1.131  	self.request = self.request or Request:new()
   1.132 @@ -1662,10 +1689,14 @@
   1.133  
   1.134  	self.requesthandler = self.requesthandler or self.cgi_document.Handler
   1.135   	self.requestdocument = self.requestdocument or self.cgi_document.Name
   1.136 -	self.requestpath = self.requestpath or self.cgi_document.VirtualPath
   1.137 -	self.explicitlang = not self.requestlang and self.args.lang
   1.138 +	self.requestpath = self.requestpath or self.cgi_document.VirtualPath or false
   1.139 +	self.requestlang = self.requestlang or false
   1.140 +	self.explicitlang = not self.requestlang and self.args.lang or false
   1.141  	self.secure = not self.insecure and (self.request.SERVER_PORT == self.config.secureport)
   1.142  
   1.143 +	self.nologin = self.nologin or false
   1.144 +	self.authuser = false
   1.145 +
   1.146  	-- Manage login and establish session
   1.147  
   1.148  	if not self.nologin then
   1.149 @@ -1680,18 +1711,18 @@
   1.150  			self.args.session = sid -- !
   1.151  			if self.args.login == "false" then
   1.152  				self.session:delete()
   1.153 -				self.session = nil
   1.154 +				self.session = false
   1.155  			elseif self.args.password then
   1.156  				self.loginfailed = true
   1.157  				local match, username, perm, profile =
   1.158 -					self:checkpw(self.args.login, self.args.password)
   1.159 +					checkpw(self, self.args.login, self.args.password)
   1.160  				if match then
   1.161  					self.session.data.authuser = self.args.login
   1.162  					self.session.data.username = username
   1.163  					self.session.data.permissions = perm
   1.164  					self.session.data.profile = profile
   1.165  					self.session.data.id = self.session.id
   1.166 -					self.loginfailed = nil
   1.167 +					self.loginfailed = false
   1.168  				end
   1.169  			end
   1.170  		end
   1.171 @@ -1699,9 +1730,16 @@
   1.172  	end
   1.173  
   1.174  	if self.nologin or not self.authuser then
   1.175 -		self.authuser = nil
   1.176 -		self.session = nil
   1.177 -		self.args.session = nil
   1.178 +		self.authuser = false
   1.179 +		self.session = false
   1.180 +		self.args.session = false
   1.181 +		self.authuser_edit = false
   1.182 +		self.authuser_menu = false
   1.183 +		self.authuser_publish = false
   1.184 +		self.authuser_profile = false
   1.185 +		self.authuser_visible = false
   1.186 +		self.authuser_debug = false
   1.187 +		self.authuser_seeall = false
   1.188  	else
   1.189  		self.authuser_edit = self.session.data.permissions:find("e") and true
   1.190  		self.authuser_menu = self.session.data.permissions:find("m") and true
   1.191 @@ -1713,6 +1751,7 @@
   1.192  		self.authuser_seeall = self.session.data.permissions:find("a") and true
   1.193  	end
   1.194  
   1.195 +	self = Class.new(class, self)
   1.196  
   1.197  	-- Get lang, locale, profile, section
   1.198  
   1.199 @@ -1724,34 +1763,14 @@
   1.200  		self.args.profile = nil
   1.201  	end
   1.202  
   1.203 -
   1.204  	-- Current document
   1.205  
   1.206  	self.document = self.requestdocument .. "/" .. self.sectionpath
   1.207 +	assert(self.document ~= nil)
   1.208  	if self.authuser then
   1.209 -		self.getdocname = function(self, path)
   1.210 -			local url, anch = path:match("^([^#]*)(#?.*)$")
   1.211 -			path = url ~= "" and url
   1.212 -			anch = anch or ""
   1.213 -			return self.requestdocument .. "/" .. (path or self.sectionpath) .. anch
   1.214 -		end
   1.215 +		self.getdocname = getDocNameNoAuth
   1.216  	else
   1.217 -		self.getdocname = function(self, path, haveargs)
   1.218 -			local url, anch = path:match("^([^#]*)(#?.*)$")
   1.219 -			path = url ~= "" and url
   1.220 -			anch = anch or ""
   1.221 -			local dyn, exists
   1.222 -			dyn, path, exists = self:isdynamic(path or self.sectionpath)
   1.223 -			if dyn or haveargs or not exists then
   1.224 -				return self.requestdocument .. "/" .. path .. anch
   1.225 -			end
   1.226 -			path = path == self.config.defname and "index" or path
   1.227 -
   1.228 -			if path:match("%.html$") then
   1.229 -				return "/" .. path:gsub("/", "_") .. anch
   1.230 -			end
   1.231 -			return "/" .. path:gsub("/", "_") .. ".html" .. anch
   1.232 -		end
   1.233 +		self.getdocname = getDocNameAuth
   1.234  	end
   1.235  
   1.236  	-- Save session state
   1.237 @@ -1764,12 +1783,40 @@
   1.238  end
   1.239  
   1.240  
   1.241 -function Loona:checkpw(login, passwd)
   1.242 +function Loona:getDocNameNoAuth(path)
   1.243 +	local url, anch = path:match("^([^#]*)(#?.*)$")
   1.244 +	path = url ~= "" and url
   1.245 +	anch = anch or ""
   1.246 +	return self.requestdocument .. "/" .. (path or self.sectionpath) .. anch
   1.247 +end
   1.248 +
   1.249 +
   1.250 +function Loona:getDocNameAuth(path, haveargs)
   1.251 +	local url, anch = path:match("^([^#]*)(#?.*)$")
   1.252 +	path = url ~= "" and url
   1.253 +	anch = anch or ""
   1.254 +	local dyn, exists
   1.255 +	dyn, path, exists = self:isdynamic(path or self.sectionpath)
   1.256 +	if dyn or haveargs or not exists then
   1.257 +		return self.requestdocument .. "/" .. path .. anch
   1.258 +	end
   1.259 +	path = path == self.config.defname and "index" or path
   1.260 +
   1.261 +	if path:match("%.html$") then
   1.262 +		return "/" .. path:gsub("/", "_") .. anch
   1.263 +	end
   1.264 +	return "/" .. path:gsub("/", "_") .. ".html" .. anch
   1.265 +end
   1.266 +
   1.267 +
   1.268 +function Loona.checkpw(self, login, passwd)
   1.269  	local pwddb = lib.source(self.config.passwdfile)
   1.270 -	local pwdent = pwddb[login]
   1.271 -	if pwdent and pwdent.password == passwd then
   1.272 -		return true, pwdent.username or login,
   1.273 -			pwdent.permissions or "", pwdent.profile
   1.274 +	if pwddb then
   1.275 +		local pwdent = pwddb[login]
   1.276 +		if pwdent and pwdent.password == passwd then
   1.277 +			return true, pwdent.username or login,
   1.278 +				pwdent.permissions or "", pwdent.profile
   1.279 +		end
   1.280  	end
   1.281  end
   1.282