[Netpass-devel] NetPass/www/htdocs/Admin/Editor edit.mhtml,1.4,1.5 index.mhtml,1.5,1.6
Brought to you by:
jeffmurphy
Menu
▾
▴
[Netpass-devel] NetPass/www/htdocs/Admin/Editor edit.mhtml,1.4,1.5 index.mhtml,1.5,1.6
|
From: jeff m. <jef...@us...> - 2005-06-08 16:35:56
|
Update of /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4634/www/htdocs/Admin/Editor Modified Files: edit.mhtml index.mhtml Log Message: bug fixes to editor, auth methods UI feature Index: edit.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor/edit.mhtml,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- edit.mhtml 27 Apr 2005 03:54:08 -0000 1.4 +++ edit.mhtml 8 Jun 2005 16:35:42 -0000 1.5 @@ -28,6 +28,9 @@ my ($isRO, $roGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @roGroups ]); my ($isRW, $rwGroups) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); my ($isRoot, $junk) = $m->comp('/Admin/MemberOf', 'acl' => [ 'Admin' ], 'group' => 'default'); +my ($allMyRO, $allMyRW); +($junk, $allMyRO) = $m->comp('/Admin/MemberOf', 'acl' => [ @roGroups ]); +($junk, $allMyRW) = $m->comp('/Admin/MemberOf', 'acl' => [ @rwGroups ]); if ($isRW) { $readOnly = ""; @@ -49,15 +52,19 @@ } my $pageList = $np->db->getPageList(); -my %allGroups = map { $_ => $_ } @{$pageList->{'group'}}; +my %allGroups = map { $_ => $_ } 'default', @{$pageList->{'group'}}, @{$np->cfg->getNetgroups()}; -if (! $isRoot) { - %allGroups = map {$_ => $_} (@$rwGroups); -} +print "You have permission to <B>edit</B> the messages in the following groups: ", join(', ', @$allMyRW), "<BR>" + if ($#{$allMyRW} > -1); </%perl> +<P> +"Default" means "all groups". Note that even though all groups appear in the dropdown menu, +you will only be allowed to save changes to pages in the groups you have +permissions for. This is enforced when you click "Save Changes/Copy". +<P> <script type="text/javascript"> _editor_url = "/Admin/Editor/htmlarea"; _editor_lang = "en"; Index: index.mhtml =================================================================== RCS file: /cvsroot/netpass/NetPass/www/htdocs/Admin/Editor/index.mhtml,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- index.mhtml 27 Apr 2005 03:54:08 -0000 1.5 +++ index.mhtml 8 Jun 2005 16:35:42 -0000 1.6 @@ -13,6 +13,7 @@ $search => ''; $group => ''; $submit => ''; +$del => ''; </%args> @@ -21,6 +22,10 @@ --></script> <%perl> +use Data::Dumper; + +$name = pop @$name if (ref($name) eq "ARRAY"); +$group = pop @$group if (ref($group) eq "ARRAY"); print $q->h2("Message Editor"); @@ -49,29 +54,16 @@ my $pageList = $np->db->getPageList(); -my %allGroups = map { $_ => $_ } @{$pageList->{'group'}}; - - -if (! $isRoot) { - # 'default' is added so you can at least see the default - # messages (assuming you dont have any default perms). - # we won't allow you to edit them tho. - - %allGroups = map {$_ => $_} ('default', @$allMyRO, @$allMyRW); -} +my %allGroups = map { $_ => $_ } 'default', @{$pageList->{'group'}}, @{$np->cfg->getNetgroups()}; print "You have permission to <B>edit</B> the messages in the following groups: ", join(', ', @$allMyRW), "<BR>" if ($#{$allMyRW} > -1); -print "You have permission to <B>view</B> the messages in the following groups: "; - -if ($#{$allMyRO} > -1) { - print join(', ', @$allMyRO); - print ", default" if (grep !/^default$/, @$allMyRO); - print "<BR>"; -} else { - print "default<BR>"; -} +print qq{<P> +"Default" means "all groups". Note that even though all groups appear in the dropdown menu, +you will only be allowed to save changes to edit pages in the groups you have +permissions for. If you want to use one of the 'default' pages as a starting point, +'edit' it and then change the group that it is in and click 'Save Copy'.<P>}; print $q->table({-border=>0, -width=>600}, @@ -97,6 +89,7 @@ $q->td({-class=>"gray"}, $q->popup_menu( -name => "group", + -default => $group, -values => [ sort keys %allGroups ] ) ) @@ -113,11 +106,34 @@ ); -return if(!$submit && !$search); +return if(!$submit && !$search && !$del); -if($submit) { - my $rv = savePage($allMyRW, $name, $group, $ta, ($submit eq " Save Copy ")); - print $q->p({-class=>'error'}, $rv); +if ($submit) { + if ( ($name =~ /;/) || ($group =~ /;/) ) { + print $q->p({-class => 'error'}, "Name and/or group can not contain semi-colons."); + } else { + my $rv = savePage($allMyRW, $name, $group, $ta, ($submit eq " Save Copy "), $isRoot); + print $q->p({-class=>'error'}, $rv); + } +} + + +if ($del ne '') { + if ($del !~ /;/) { + print "<P class='error'>Delete parse error.</P>"; + } else { + my ($dN, $dG) = split(/;/, $del); + if ($isRoot || grep /^$dG$/, @$rwGroups) { + my $rv = $np->db->delPage(-name => $dN, -group => $dG); + if ($rv) { + print "<P class='error'>Couldn't delete page $dN from $dG - $rv</P>"; + } else { + $np->db->audit( -user => $m->session->{'username'}, + -severity => "ALERT", -ip => $ENV{'REMOTE_ADDR'}, + -msg => [ "MessageEdit: deleted page $dN from $dG" ]); + } + } + } } my $pl = $np->db->getPageList(-name => $name, -group => $group); @@ -130,25 +146,26 @@ </%perl> <h4>Your search returned <%$count%> result(s)</h4> % if ($count) { - <table> <tr><th>Name</th><th>Group</th><th colspan=3>Operation</th></tr> % for(my $row = 0 ; $row <= $#{$pl->{'name'}} ; $row++) { % $class = ($class eq "")?"gray":""; -% my $rwHref = "edit.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; -% my $roHref = "view.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $rwHref = "edit.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $delHref = "index.mhtml?del=1&name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; +% my $roHref = "view.mhtml?name=" . $pl->{'name'}->[$row]."&group=".$pl->{'group'}->[$row]; % my $delLink = ""; <tr class="<%$class%>"> <td width='50%'><%$pl->{'name'}->[$row]%></td> <td width='25%'><%$pl->{'group'}->[$row]%></td> -% if (grep /^$pl->{'group'}->[$row]$/, @$rwGroups) { - <td width='8%'><a href="<%$rwHref%>">[ edit ]</a></td> - <td width='8%'><a href="">[ del ]</a></td> + <td width='8%'><a href="<%$rwHref%>">[ edit ]</a></td> +% if ($isRoot || grep /^$pl->{'group'}->[$row]$/, @$rwGroups) { + <td width='8%'> +<button class='href' name='del' value='<%$pl->{'name'}->[$row]%>;<%$pl->{'group'}->[$row]%>'>[ del ]</button> +</td> % } else { <td width='8%'> </td> - <td width='8%'> </td> % } <td width='8%'><a href="<%$roHref%>">[ view ]</a></td> </tr> @@ -169,14 +186,15 @@ my $group = shift; my $content = shift; my $noupdate = shift; + my $isRoot = shift; # enforce permissions - if (grep /^$group$/, @$rw) { + if ($isRoot || grep /^$group$/, @$rw) { $np->db->audit( - -user => $m->session->{'username'}, - -msg => [ "MessageEdit: $name ($group) editted" ]); + -user => $m->session->{'username'}, -ip => $ENV{'REMOTE_ADDR'}, + -msg => [ "MessageEdit: $name ($group) edited" ]); my $rv = $np->db->setPage(-name => $name, -group => $group, -content => $content, -noupdate => $noupdate); @@ -191,7 +209,7 @@ # else you dont have permission $np->db->audit( -user => $m->session->{'username'}, -severity => "ALERT", - -msg => [ "tried to edit $name ($group) but doesnt have permission to do so" ]); + -msg => [ "MessageEdit: tried to edit $name ($group) but doesnt have permission to do so" ]); return "You dont have the appropriate permissions to edit this message."; } |
