Context Navigation

source: trunk/gsdl/src/recpt/usersaction.cpp@ 430

Last change on this file since 430 was 421, checked in by sjboddie, 25 years ago
added collectinfo argument to some functions
Property svn:executable set to ``* Property svn:keywords set to `Author Date Id Revision`
File size: 13.3 KB

Line
1	/**********************************************************************
2	*
3	* usersaction.cpp -- managing users
4	* Copyright (C) 1999 DigiLib Systems Limited, New Zealand
5	*
6	* PUT COPYRIGHT NOTICE HERE
7	*
8	* $Id: usersaction.cpp 421 1999-07-30 02:24:45Z sjboddie $
9	*
10	*********************************************************************/
11
12	/*
13	$Log$
14	Revision 1.2 1999/07/30 02:24:44 sjboddie
15	added collectinfo argument to some functions
16
17	Revision 1.1 1999/07/13 23:22:05 rjmcnab
18	Initial revision.
19
20
21	*/
22
23
24	#include "usersaction.h"
25	#include "fileutil.h"
26	#include "userdb.h"
27
28
29	///////////////
30	// usersaction
31	///////////////
32
33	usersaction::usersaction () {
34	// this action uses cgi variable "a"
35	cgiarginfo arg_ainfo;
36	arg_ainfo.shortname = "a";
37	arg_ainfo.longname = "action";
38	arg_ainfo.multiplechar = true;
39	arg_ainfo.defaultstatus = cgiarginfo::weak;
40	arg_ainfo.argdefault = "um"; // user management
41	arg_ainfo.savedarginfo = cgiarginfo::must;
42	argsinfo.addarginfo (NULL, arg_ainfo);
43
44	// "uma"
45	arg_ainfo.shortname = "uma";
46	arg_ainfo.longname = "user management action";
47	arg_ainfo.multiplechar = true;
48	arg_ainfo.defaultstatus = cgiarginfo::weak;
49	arg_ainfo.argdefault = "listusers";
50	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
51	argsinfo.addarginfo (NULL, arg_ainfo);
52
53	// "umun"
54	arg_ainfo.shortname = "umun";
55	arg_ainfo.longname = "user management user name";
56	arg_ainfo.multiplechar = true;
57	arg_ainfo.defaultstatus = cgiarginfo::weak;
58	arg_ainfo.argdefault = "";
59	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
60	argsinfo.addarginfo (NULL, arg_ainfo);
61
62	// "umpw"
63	arg_ainfo.shortname = "umpw";
64	arg_ainfo.longname = "user management password";
65	arg_ainfo.multiplechar = true;
66	arg_ainfo.defaultstatus = cgiarginfo::weak;
67	arg_ainfo.argdefault = "";
68	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
69	argsinfo.addarginfo (NULL, arg_ainfo);
70
71	// "umnpw1"
72	arg_ainfo.shortname = "umnpw1";
73	arg_ainfo.longname = "user management new password 1";
74	arg_ainfo.multiplechar = true;
75	arg_ainfo.defaultstatus = cgiarginfo::weak;
76	arg_ainfo.argdefault = "";
77	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
78	argsinfo.addarginfo (NULL, arg_ainfo);
79
80	// "umnpw2"
81	arg_ainfo.shortname = "umnpw2";
82	arg_ainfo.longname = "user management new password 2";
83	arg_ainfo.multiplechar = true;
84	arg_ainfo.defaultstatus = cgiarginfo::weak;
85	arg_ainfo.argdefault = "";
86	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
87	argsinfo.addarginfo (NULL, arg_ainfo);
88
89	// "umus"
90	arg_ainfo.shortname = "umus";
91	arg_ainfo.longname = "user management account status";
92	arg_ainfo.multiplechar = true;
93	arg_ainfo.defaultstatus = cgiarginfo::weak;
94	arg_ainfo.argdefault = "";
95	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
96	argsinfo.addarginfo (NULL, arg_ainfo);
97
98	// "umug"
99	arg_ainfo.shortname = "umug";
100	arg_ainfo.longname = "user management groups"; // comma seperated list
101	arg_ainfo.multiplechar = true;
102	arg_ainfo.defaultstatus = cgiarginfo::weak;
103	arg_ainfo.argdefault = "";
104	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
105	argsinfo.addarginfo (NULL, arg_ainfo);
106
107	// "umc"
108	arg_ainfo.shortname = "umc";
109	arg_ainfo.longname = "user management comment";
110	arg_ainfo.multiplechar = true;
111	arg_ainfo.defaultstatus = cgiarginfo::weak;
112	arg_ainfo.argdefault = "";
113	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
114	argsinfo.addarginfo (NULL, arg_ainfo);
115
116	// "bcp"
117	arg_ainfo.shortname = "bcp";
118	arg_ainfo.longname = "change password submit button";
119	arg_ainfo.multiplechar = true;
120	arg_ainfo.defaultstatus = cgiarginfo::weak;
121	arg_ainfo.argdefault = "";
122	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
123	argsinfo.addarginfo (NULL, arg_ainfo);
124
125	// "beu"
126	arg_ainfo.shortname = "beu";
127	arg_ainfo.longname = "edit user submit button";
128	arg_ainfo.multiplechar = true;
129	arg_ainfo.defaultstatus = cgiarginfo::weak;
130	arg_ainfo.argdefault = "";
131	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
132	argsinfo.addarginfo (NULL, arg_ainfo);
133
134	// "cm"
135	arg_ainfo.shortname = "cm";
136	arg_ainfo.longname = "confirm an action";
137	arg_ainfo.multiplechar = true;
138	arg_ainfo.defaultstatus = cgiarginfo::weak;
139	arg_ainfo.argdefault = "";
140	arg_ainfo.savedarginfo = cgiarginfo::mustnot;
141	argsinfo.addarginfo (NULL, arg_ainfo);
142	}
143
144	void usersaction::configure (const text_t &key, const text_tarray &cfgline) {
145	// get the password filename
146	if (cfgline.size() == 1) {
147	if (key == "usersfile") usersfile = cfgline[0];
148	else if (key == "gsdlhome") {
149	if (usersfile.empty())
150	usersfile = filename_cat (cfgline[0], "etc", "users.db");
151	}
152	}
153
154	action::configure (key, cfgline);
155	}
156
157	bool usersaction::check_cgiargs (cgiargsinfoclass &/argsinfo/, cgiargsclass &args,
158	ostream &/logout/) {
159	args["uan"] = "1"; // user authentication is needed
160
161	if (args["uma"] == "changepasswd") {
162	// no particular group is needed to change a password
163	args["ug"].clear();
164	} else {
165	// administrator is needed for all other management tasks
166	args["ug"] = "administrator";
167	}
168
169	return true;
170	}
171
172	void usersaction::get_cgihead_info (cgiargsclass &/args/, response_t &response,
173	text_t &response_data, ostream &/logout/) {
174	response = content;
175	response_data = "text/html";
176	}
177
178	void usersaction::define_internal_macros (const ColInfoResponse_t &/collectinfo/, displayclass &/disp/,
179	cgiargsclass &/args/, recptproto /collectproto*/,
180	ostream &/logout/) {
181	}
182
183	void usersaction::define_external_macros (const ColInfoResponse_t &/collectinfo/, displayclass &/disp/,
184	cgiargsclass &/args/, recptproto /collectproto*/,
185	ostream &/logout/) {
186	}
187
188	bool usersaction::do_action (cgiargsclass &args, const ColInfoResponse_t &/collectinfo/,
189	recptproto *collectproto, displayclass &disp,
190	outconvertclass &outconvert, ostream &textout,
191	ostream &logout) {
192	if (args["uma"] == "adduser" \|\| args["uma"] == "edituser") {
193	// adduser is handled by edituser
194	return do_edituser (args, collectproto, disp, outconvert, textout, logout);
195
196	} else if (args["uma"] == "deleteuser") {
197	return do_deleteuser (args, collectproto, disp, outconvert, textout, logout);
198
199	} else if (args["uma"] == "changepasswd") {
200	return do_changepasswd (args, collectproto, disp, outconvert, textout, logout);
201	}
202
203	// default
204	return do_listusers (args, collectproto, disp, outconvert, textout, logout);
205	}
206
207	bool usersaction::do_listusers (cgiargsclass &/args/, recptproto /collectproto*/,
208	displayclass &disp, outconvertclass &outconvert,
209	ostream &textout, ostream &/logout/) {
210	textout << outconvert << disp
211	<< "_userslistusers:header_\n_userslistusers:contentstart_\n";
212
213
214	// open the user database (it will be used a lot)
215	gdbmclass userdb;
216	text_tarray userlist;
217	if (userdb.opendatabase(usersfile)) {
218	// get user list
219	get_user_list (userdb, userlist);
220	}
221
222	// sort the list
223	sort(userlist.begin(), userlist.end());
224
225	// output the information for each user
226	userinfo_t userinfo;
227	text_tarray::iterator users_here = userlist.begin();
228	text_tarray::iterator users_end = userlist.end();
229	while (users_here != users_end) {
230	if (get_user_info (userdb, *users_here, userinfo)) {
231	textout << outconvert << disp
232	<< "<tr><td bgcolor=\"\\#eeeeee\">" << userinfo.username << "</td>\n"
233	<< "<td bgcolor=\"\\#eeeeee\">" << (userinfo.enabled ? "enabled" : "disabled") << "</td>\n"
234	<< "<td bgcolor=\"\\#eeeeee\">" << userinfo.groups << " </td>\n"
235	<< "<td bgcolor=\"\\#eeeeee\">" << userinfo.comment << " </td>\n"
236	<< "<td><a href=\"_httpcurrentdocument_&a=um&uma=edituser&umun="
237	<< userinfo.username << "\">_userslistusers:textedituser_</a> "
238	<< "<a href=\"_httpcurrentdocument_&a=um&uma=deleteuser&umun="
239	<< userinfo.username << "\">_userslistusers:textdeleteuser_</a>"
240	<< "</td></tr>\n\n";
241
242	} else {
243	textout << outconvert << disp
244	<< "<tr><td bgcolor=\"\\#eeeeee\">" << *users_here << "</td>\n"
245	<< "<td bgcolor=\"\\#eeeeee\"> </td>\n"
246	<< "<td bgcolor=\"\\#eeeeee\"> </td>\n"
247	<< "<td bgcolor=\"\\#eeeeee\"> </td>\n"
248	<< "<td> </td></tr>\n\n";
249	}
250
251	users_here++;
252	}
253
254	userdb.closedatabase();
255
256	textout << outconvert << disp
257	<< "_userslistusers:contentend_\n_userslistusers:footer_\n";
258	return true;
259	}
260
261	void usersaction::define_user_macros (cgiargsclass &args, displayclass &disp) {
262	disp.setmacro ("usersargun", "users", args["umun"]);
263	disp.setmacro ("usersargpw", "users", args["umpw"]);
264	disp.setmacro ("usersargus", "users", args["umus"]);
265	disp.setmacro ("usersargug", "users", args["umug"]);
266	disp.setmacro ("usersargc", "users", args["umc"]);
267	}
268
269
270	bool usersaction::do_edituser (cgiargsclass &args, recptproto *collectproto,
271	displayclass &disp, outconvertclass &outconvert,
272	ostream &textout, ostream &logout) {
273	userinfo_t userinfo;
274	text_t messagestatus;
275	bool noproblems = true;
276
277	// fill in defaults from user database (if appropriate)
278	if (args["umun"].empty()) {
279	noproblems = false;
280
281	} else if (!username_ok (args["umun"])) {
282	// problem with username
283	noproblems = false;
284	messagestatus += "_users:messageinvalidusername_";
285
286	} else if (get_user_info (usersfile, args["umun"], userinfo)) {
287	if (args["uma"] == "adduser") {
288	// must not add a user that has the same name as another user
289	noproblems = false;
290	messagestatus += "_users:messageuserexists_";
291
292	} else {
293	// only fill in the data if there is no user status defined
294	if (args["umus"].empty()) {
295	args["umus"] = userinfo.enabled ? "enabled" : "disabled";
296	if (args["umug"].empty()) args["umug"] = userinfo.groups;
297	if (args["umc"].empty()) args["umc"] = userinfo.comment;
298	}
299	}
300	}
301
302	// fill in the user status default
303	if (args["umus"].empty()) {
304	noproblems = false;
305	args["umus"] = "enabled";
306	}
307
308	// make sure the password is ok
309	if (args["umpw"].empty()) {
310	// password must not be empty if none were supplied from database
311	// and we have had no other problems
312	if (userinfo.password.empty() && noproblems) {
313	noproblems = false;
314	messagestatus += "_users:messageemptypassword_";
315	}
316
317	} else if (!password_ok(args["umpw"])) {
318	noproblems = false;
319	messagestatus += "_users:messageinvalidpassword_";
320	}
321
322	// set this info if no problems have been encounted
323	// and the submit button was pressed
324	if (noproblems && !args["beu"].empty()) {
325	userinfo.username = args["umun"];
326	if (!args["umpw"].empty()) {
327	// only set the password if it is not empty
328	userinfo.password = crypt_text(args["umpw"]);
329	}
330	userinfo.enabled = (args["umus"] == "enabled");
331	userinfo.groups = args["umug"];
332	userinfo.comment = args["umc"];
333
334	set_user_info (usersfile, args["umun"], userinfo);
335
336	// show list of users
337	return do_listusers (args, collectproto, disp, outconvert, textout, logout);
338	}
339
340	// define the macros for the user
341	define_user_macros (args, disp);
342	disp.setmacro ("messagestatus", "users", messagestatus);
343
344	textout << outconvert << disp
345	<< "_usersedituser:header_\n_usersedituser:content_\n_usersedituser:footer_\n";
346
347	return true;
348	}
349
350	bool usersaction::do_deleteuser (cgiargsclass &args, recptproto *collectproto,
351	displayclass &disp, outconvertclass &outconvert,
352	ostream &textout, ostream &logout) {
353	if (!args["cm"].empty()) {
354	if (args["cm"] == "yes" && !args["umun"].empty()) {
355	// user confirmed the deletion of the user
356	delete_user (usersfile, args["umun"]);
357	}
358
359	// redirect the user back to the listusers page
360	return do_listusers (args, collectproto, disp, outconvert, textout, logout);
361	}
362
363	define_user_macros (args, disp);
364	textout << outconvert << disp
365	<< "_usersdeleteuser:header_\n_usersdeleteuser:content_\n_usersdeleteuser:footer_\n";
366
367	return true;
368	}
369
370	bool usersaction::do_changepasswd (cgiargsclass &args, recptproto /collectproto*/,
371	displayclass &disp, outconvertclass &outconvert,
372	ostream &textout, ostream &/logout/) {
373	text_t messagestatus;
374
375	if (!args["bcp"].empty()) {
376	if (args["un"].empty()) {
377	messagestatus = "_users:messageusernameempty_";
378	} else if (args["umpw"].empty()) {
379	messagestatus = "_users:messagepasswordempty_";
380	} else if (args["umnpw1"].empty()) {
381	messagestatus = "_users:messagenewpass1empty_";
382	} else if (args["umnpw2"].empty()) {
383	messagestatus = "_users:messagenewpass2empty_";
384	} else if (args["umnpw1"] != args["umnpw2"]) {
385	messagestatus = "_users:messagenewpassmismatch_";
386	} else if (!password_ok(args["umnpw1"])) {
387	messagestatus = "_users:messageinvalidpassword_";
388	} else {
389	userinfo_t userinfo;
390	if (get_user_info (usersfile, args["un"], userinfo)) {
391	// check old password
392	if (userinfo.password != crypt_text(args["umpw"])) {
393	messagestatus = "_users:messagefailed_";
394
395	} else {
396	userinfo.password = crypt_text(args["umnpw1"]);
397	if (set_user_info (usersfile, args["un"], userinfo)) {
398	// everything is ok
399	textout << outconvert << disp
400	<< "_userschangepasswdok:header_\n"
401	"_userschangepasswdok:content_\n"
402	"_userschangepasswdok:footer_\n";
403	return true;
404	}
405	}
406	}
407	}
408	}
409
410	disp.setmacro ("messagestatus", "users", messagestatus);
411
412	textout << outconvert << disp
413	<< "_userschangepasswd:header_\n"
414	"_userschangepasswd:content_\n"
415	"_userschangepasswd:footer_\n";
416
417	return true;
418	}
419

Note: See TracBrowser for help on using the repository browser.

Download in other formats: