Changesets can be listed by changeset number.
The Git repository is here.
Changeset 167
Implemented account enumeration. Improved pagination and enumeration
"show details" mechanism; the HTTP referrer is used to return to the
list view to get the right page and list type. Obvious potential for
trouble if someone directly links to an item from an external site
but since the details items require administrative Hub access it is
unlikely to present a problem in real use.
- Comitted by: rool
- Date: Monday January 01 14:14:35 2007 (over 17 years ago)
Affected files:
rool/rails/hub/trunk/app/views/account/enumerate.rhtml -
rool/rails/hub/trunk/public/images/account/enumerate.png
rool/rails/gems/hubssolib/trunk/VERSION (diff)
-
rool/rails/gems/hubssolib/trunk/hubssolib.gemspec (diff)
-
rool/rails/gems/hubssolib/trunk/lib/hub_sso_lib.rb (diff)
-
rool/rails/hub/trunk/app/controllers/account_controller.rb (diff)
-
rool/rails/hub/trunk/app/controllers/tasks_controller.rb (diff)
-
rool/rails/hub/trunk/app/helpers/application_helper.rb (diff)
-
rool/rails/hub/trunk/app/views/account/list.rhtml (diff)
-
rool/rails/hub/trunk/app/views/account/show.rhtml (diff)
-
rool/rails/hub/trunk/app/views/tasks/index.rhtml (diff)
rool/rails/gems/hubssolib/trunk/VERSION:
| prev. | current | |
| 1 | ||
| 1 | 0.2.4 (01-Jan-2007) |
rool/rails/gems/hubssolib/trunk/hubssolib.gemspec:
| prev. | current | |
| s.platform = Gem::Platform::RUBY | ||
| s.name = 'hubssolib' | ||
| 7 | | |
| 7 | s.version = '0.2.4' | |
| s.author = 'Andrew Hodgkinson and others' | ||
| s.email = 'ahodgkin@rowing.org.uk' | ||
| s.homepage = 'http://pond.org.uk/ruby/hub/' |
rool/rails/gems/hubssolib/trunk/lib/hub_sso_lib.rb:
| prev. | current | |
| return @sessions[key] | ||
| end | ||
| 612 | ||
| 613 | def enumerate_sessions | |
| 614 | @sessions | |
| 615 | end | |
| end | ||
| ####################################################################### | ||
| ... | ... | |
| # Nothing to do presently - DRb handles everything | ||
| end | ||
| 1160 | # Return an array of Hub User objects representing users based | |
| 1161 | # on a list of known sessions returned by the DRb server. Note | |
| 1162 | # that if an application exposes this method to a view, it is | |
| 1163 | # up to the application to ensure sufficient access permission | |
| 1164 | # protection for that view according to the webmaster's choice | |
| 1165 | # of site security level. Generally, normal users should not | |
| 1166 | # be allowed access. | |
| 1167 | # | |
| 1168 | def hubssolib_enumerate_users | |
| 1169 | DRb.start_service() | |
| 1170 | ||
| 1171 | factory = DRbObject.new_with_uri(HUBSSOLIB_DRB_URI) | |
| 1172 | sessions = factory.enumerate_sessions() | |
| 1173 | users = [] | |
| 1174 | ||
| 1175 | sessions.each do |key, value| | |
| 1176 | users.push(value.session_user) | |
| 1177 | end | |
| 1178 | ||
| 1179 | return users | |
| 1180 | ||
| 1181 | rescue Exception => e | |
| 1182 | ||
| 1183 | # At this point there tends to be no Session data, so we're | |
| 1184 | # going to have to encode the exception data into the URI... | |
| 1185 | ||
| 1186 | suffix = '/' + CGI::escape(hubssolib_set_exception_data(e)) | |
| 1187 | new_path = HUB_PATH_PREFIX + '/tasks/service' | |
| 1188 | redirect_to new_path + suffix unless request.path.include?(new_path) | |
| 1189 | return nil | |
| 1190 | end | |
| 1191 | ||
| # Encode exception data into a string suitable for using in a URL | ||
| # if CGI escaped first. Pass the exception object; stores only the | ||
| # message. |
rool/rails/hub/trunk/app/controllers/account_controller.rb:
| prev. | current | |
| :delete => [ :admin, :webmaster, :privileged, :normal ], | ||
| :delete_confirm => [ :admin, :webmaster, :privileged, :normal ], | ||
| :list => [ :admin, :webmaster, :privileged ], | ||
| 14 | :enumerate => [ :admin, :webmaster ], | |
| :show => [ :admin, :webmaster ], | ||
| :edit_roles => [ :admin ], | ||
| :destroy => [ :admin ] | ||
| ... | ... | |
| @page = @pager.page(params[:page]) | ||
| end | ||
| 270 | # Enumerate active users (those users known to the DRb server). | |
| 271 | # | |
| 272 | def enumerate | |
| 273 | @title = 'Active users' | |
| 274 | @users = [] | |
| 275 | users = hubssolib_enumerate_users | |
| 276 | ||
| 277 | # Map the user objects returned from the HubSsoLib Gem to | |
| 278 | # internal users. | |
| 279 | ||
| 280 | users.each do |user| | |
| 281 | @users.push(to_real_user(user)) if (user && user.user_id) | |
| 282 | end | |
| 283 | ||
| 284 | count = @users.length | |
| 285 | ||
| 286 | if (count > 0) | |
| 287 | ||
| 288 | # Page number zero is magic; it indicates "all items". | |
| 289 | ||
| 290 | if (params[:page] == '0') | |
| 291 | limit = count | |
| 292 | @all = true | |
| 293 | else | |
| 294 | limit = 10 | |
| 295 | @all = false | |
| 296 | end | |
| 297 | ||
| 298 | @pager = ::Paginator.new(count, limit) do |offset, per_page| | |
| 299 | @users[offset..(offset + per_page - 1)] | |
| 300 | end | |
| 301 | ||
| 302 | @page = @pager.page(params[:page]) | |
| 303 | ||
| 304 | else | |
| 305 | ||
| 306 | @pager = false | |
| 307 | ||
| 308 | end | |
| 309 | end | |
| 310 | ||
| 311 | # Show details of a specific user account. | |
| 312 | # | |
| def show | ||
| 270 | | |
| 271 | | |
| 314 | @title = 'User account details' | |
| 315 | @user = User.find(params[:id]) | |
| 316 | @referrer = request.env["HTTP_REFERER"] | |
| 317 | @referrer = nil unless (@referrer && !@referrer.empty?) | |
| end | ||
| def edit_roles |
rool/rails/hub/trunk/app/controllers/tasks_controller.rb:
| prev. | current | |
| 1 | ||
| 2 | ||
| 3 | ||
| 4 | ||
| 5 | ||
| 6 | ||
| 7 | ||
| 8 | ||
| 9 | ||
| 10 | ||
| 11 |
| |
| 12 | ||
| 13 | | |
| 14 | | |
| 15 |
| |
| 16 | | |
| 17 |
| |
| 18 | | |
| 19 | | |
| 20 |
| |
| 21 | | |
| 22 | | |
| 23 |
| |
| 24 | | |
| 25 | | |
| 26 |
| |
| 27 | | |
| 28 | | |
| 29 | | |
| 30 | ||
| 1 | ####################################################################### | |
| 2 | # File: tasks_controller.rb # | |
| 3 | # (C) Hipposoft 2006 # | |
| 4 | # # | |
| 5 | # Purpose: RISC OS Open web site user account tasks. # | |
| 6 | # # | |
| 7 | # Author: A.D.Hodgkinson # | |
| 8 | # # | |
| 9 | # History: 17-Oct-2006 (ADH): Adapted from Clubhouse. # | |
| 10 | ####################################################################### | |
| 11 | ||
| 12 | class TasksController < ApplicationController | |
| 13 | helper :Tasks | |
| 14 | layout 'default.rhtml' | |
| 15 | ||
| 16 | skip_before_filter :hubssolib_login_required | |
| 17 | ||
| 18 | def index | |
| 19 | # Generate a list of available tasks. | |
| 20 | ||
| 21 | @title = 'Control panel' | |
| 22 | end | |
| 23 | ||
| 24 | def service | |
| 25 | # Warn that there is a service problem. | |
| 26 | ||
| 27 | @title = 'Service failure' | |
| 28 | @exception_data = hubssolib_get_exception_message(params[:id]) | |
| 29 | end | |
| 30 | end |
rool/rails/hub/trunk/app/helpers/application_helper.rb:
| prev. | current | |
| # | ||
| # If you don't want the text link adding, pass 'nil' or an empty string. | ||
| # | ||
| 16 | | |
| 17 | | |
| 18 | | |
| 16 | # To override the default URI constructed from the given controller and | |
| 17 | # action, provide a sixth parameter with the required URI. | |
| 18 | # | |
| 19 | def make_action_link(controller, action, width, height, text, uri = nil) | |
| 20 | if (uri.nil?) | |
| 20 | | |
| 21 | | |
| 22 | | |
| 22 | html = link_to(image_tag("#{controller}/#{action}", :size => "#{width}x#{height}", :border => 0), | |
| 23 | {:controller => controller, :action => action}, :class => 'image') | |
| 24 | ||
| 25 | unless (text.nil? or text.empty?) | |
| 26 | html << '<br />' | |
| 27 | html << link_to(text, :controller => controller, :action => action) | |
| 28 | end | |
| 29 | ||
| 30 | else | |
| 31 | ||
| 32 | html = content_tag("a", image_tag("#{controller}/#{action}", :size => "#{width}x#{height}", :border => 0), | |
| 33 | { :href => uri, :class => 'image' }) | |
| 34 | unless (text.nil? or text.empty?) | |
| 35 | html << '<br />' | |
| 36 | html << content_tag("a", text, { :href => uri }) | |
| 37 | end | |
| 38 | ||
| end | ||
| return html |
rool/rails/hub/trunk/app/views/account/list.rhtml:
| prev. | current | |
| <p> | ||
| When you've finished managing accounts, you can | ||
| 53 | | |
| 53 | <%= link_to 'return to the control panel', :controller => 'tasks', :action => nil %>. | |
| </p> |
rool/rails/hub/trunk/app/views/account/show.rhtml:
| prev. | current | |
| <tr valign="top" align="center"> | ||
| <td><%= make_action_link('tasks', 'index', 80, 80, 'Control<br />panel') %></td> | ||
| <td> </td> | ||
| 45 | | |
| 45 | <td><%= make_action_link('account', 'list', 80, 80, 'Return<br />to list', @referrer) %></td> | |
| <td> </td> | ||
| <td><%= make_protected_action_link('account', 'edit_roles', @user.id, 'Edit<br />roles') %></td> | ||
| <td> </td> |
rool/rails/hub/trunk/app/views/tasks/index.rhtml:
| prev. | current | |
| <table border="0" cellspacing="0" cellpadding="6" align="center"> | ||
| <tr valign="top" align="center"> | ||
| <td><%= make_action_link('account', 'list', 80, 80, 'List accounts') %></td> | ||
| 38 | <td> </td> | |
| 39 | <td><%= make_action_link('account', 'enumerate', 80, 80, 'Active users') %></td> | |
| </tr> | ||
| </table> | ||
| <% end -%> |
