[interchange-cvs] interchange - heins modified 4 files
interchange-core@interchange.redhat.com
interchange-core@interchange.redhat.com
Tue Feb 5 20:51:01 2002
User: heins
Date: 2002-02-06 01:50:32 GMT
Modified: code/UI_Tag su.coretag
Modified: dist/lib/UI/pages/admin access.html customer.html
Modified: dist/lib/UI/profiles login
Log:
* Add capability to su.coretag to:
Switch superuser->adminuser
Switch adminuser->regularuser
When you "log out", you are reverting to the previous user,
and you can go no further back. So if you go from superuser->adminuser,
then adminuser->regular user, there is no way back to superuser without
logging in again.
Revision Changes Path
1.2 +58 -15 interchange/code/UI_Tag/su.coretag
rev 1.2, prev_rev 1.1
Index: su.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/su.coretag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- su.coretag 5 Feb 2002 20:57:03 -0000 1.1
+++ su.coretag 6 Feb 2002 01:50:32 -0000 1.2
@@ -6,8 +6,41 @@
sub {
my ($user, $opt) = @_;
use vars qw/$Session $Tag $ready_safe $Scratch/;
- if($user and ! $Tag->if_mm('super')) {
- ::logError("attempt to su to user %s", $user);
+
+ my $super = $Tag->if_mm('super');
+ my $former = $Vend::username;
+
+ $opt->{profile} = 'ui' if $opt->{admin} and ! $opt->{profile};
+
+ my $u;
+ if($opt->{profile}) {
+ $u = $Vend::Cfg->{UserDB_repository}{$opt->{profile}};
+ }
+ else {
+ $u = $Vend::Cfg->{UserDB};
+ }
+
+ if(! $u) {
+ my $place = $opt->{profile} || 'default';
+ ::logError("Can't find UserDB repository, profile '%'", $place);
+ return undef;
+ }
+ my $table = $u->{database};
+ my $ufield = $u->{user_field};
+ my $going_to_admin = $u->{admin} || $opt->{admin};
+
+ if($user and $going_to_admin and ! $super) {
+ ::logError("attempt to su to admin user %s by non-super user %s",
+ $user,
+ $former,
+ );
+ return undef;
+ }
+ elsif($user and ! $Vend::admin) {
+ ::logError("attempt to su to user %s by non-admin user %s",
+ $user,
+ $former,
+ );
return undef;
}
@@ -54,10 +87,9 @@
delete $Session->{su};
$Vend::admin = $Vend::Session->{admin};
$Vend::username = $Vend::Session->{username};
- $Vend::logged_in = $Vend::Session->{logged_in};
- $Tag->if_mm('super')
+ $Tag->if_mm('logged_in')
and logError(
- "Superuser %s returned from login as %s",
+ "Admin user %s returned from login as %s",
$Session->{username},
$former,
)
@@ -65,20 +97,19 @@
return;
}
elsif ($user) {
- my $u = $Vend::Cfg->{UserDB}{$opt->{profile} ||= 'default'};
- my $table = $u->{login_table};
- my $ufield = $u->{user_field};
-#::logDebug("user table=$table ufield=$ufield");
+ if( $u->{admin} and ! $super) {
+ }
+::logDebug("user table=$table ufield=$ufield");
$table ||= 'userdb';
$ufield ||= 'username';
-#::logDebug("user table=$table ufield=$ufield");
+::logDebug("user table=$table ufield=$ufield");
if(! $Tag->data($table, $ufield, $user) ) {
$Scratch->{ui_error} = errmsg("attempt to su to non-existent user %s", $user);
return undef;
}
my $rand = random_string();
my $sess = uneval_it($Session);
-#::logDebug("sess is $sess");
+::logDebug("sess is $sess");
my $sesskey = generate_key($rand . $sess);
open(MDIT, "> $dir/$Session->{id}")
@@ -87,20 +118,32 @@
close MDIT;
$Tag->set_cookie( { name => 'MV_SU_KEY', value => $sesskey } );
my $former = $Session->{username};
+
undef $Vend::admin;
undef $Vend::superuser;
+ undef $Vend::UI_entry;
+
Vend::Session::init_session();
$Session = $Vend::Session;
- $Vend::username = $user;
- $Session->{username} = $user;
+
+ $Vend::username = $Session->{username} = $user;
+ $Vend::admin = $Session->{admin} = $going_to_admin;
+
$Session->{su} = $sess;
$Session->{logged_in} = 1;
+
$Tag->userdb('load');
- logError("superuser %s switched user to %s", $former, $Session->{username});
+ my $dest = $Tag->if_mm('logged_in') ? 'admin user' : 'regular user';
+ logError(
+ "superuser %s switched user to %s %s",
+ $former,
+ $dest,
+ $Session->{username},
+ );
return 1;
}
else {
- ::logError("unknown su operation");
+ ::logError("unknown su operation: " . uneval_it($opt));
return undef;
}
}
2.1 +11 -0 interchange/dist/lib/UI/pages/admin/access.html
rev 2.1, prev_rev 2.0
Index: access.html
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/pages/admin/access.html,v
retrieving revision 2.0
retrieving revision 2.1
diff -u -r2.0 -r2.1
--- access.html 18 Jul 2001 02:22:00 -0000 2.0
+++ access.html 6 Feb 2002 01:50:32 -0000 2.1
@@ -91,6 +91,17 @@
[/button]
[/if-mm]
+[if-mm super]
+[button text="[L]Switch to user[/L]" form=accessform]
+mv_todo=return
+mv_nextpage=@@MV_PAGE@@
+mv_click=MMsu
+admin=1
+user=[cgi user_id]
+dest=admin/index
+[/button]
+[/if-mm]
+
</td>
<td bgcolor="__UI_C_INTBLOCK__" width=__UI_RIGHT_WIDTH__>
2.11 +1 -1 interchange/dist/lib/UI/pages/admin/customer.html
rev 2.11, prev_rev 2.10
Index: customer.html
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/pages/admin/customer.html,v
retrieving revision 2.10
retrieving revision 2.11
diff -u -r2.10 -r2.11
--- customer.html 5 Feb 2002 20:57:04 -0000 2.10
+++ customer.html 6 Feb 2002 01:50:32 -0000 2.11
@@ -343,7 +343,7 @@
[scratch active_nm]=1[/button]
[/on-match]
</FORM>
-[if-mm super]
+[if-mm advanced userdb=e]
<form action="[area @@MV_PAGE@@]">
<input type=hidden name=mv_action value=refresh>
<input type=hidden name=mv_click value=MMsu>
2.2 +6 -2 interchange/dist/lib/UI/profiles/login
rev 2.2, prev_rev 2.1
Index: login
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/profiles/login,v
retrieving revision 2.1
retrieving revision 2.2
diff -u -r2.1 -r2.2
--- login 5 Feb 2002 20:57:04 -0000 2.1
+++ login 6 Feb 2002 01:50:32 -0000 2.2
@@ -20,8 +20,12 @@
__END__
__NAME__ MMsu
-[if type=explicit compare="[su username='[cgi user]']"]
-mv_nextpage=[calc]$Config->{SpecialPage}{catalog}[/calc]
+[if type=explicit
+ compare=|
+ [su username='[cgi user]' admin='[cgi admin]' ]
+ |
+]
+mv_nextpage=[calc]$CGI->{dest} || $Config->{SpecialPage}{catalog}[/calc]
[else]
[calc]$Session->{ui_error} = "Failed to su to user $CGI->{user}"; return;[/calc]
[/else]