[interchange-cvs] interchange - heins modified 4 files

interchange-core@interchange.redhat.com interchange-core@interchange.redhat.com
Tue Feb 5 20:51:01 2002


User:      heins
Date:      2002-02-06 01:50:32 GMT
Modified:  code/UI_Tag su.coretag
Modified:  dist/lib/UI/pages/admin access.html customer.html
Modified:  dist/lib/UI/profiles login
Log:
	* Add capability to su.coretag to:

		Switch  superuser->adminuser
		Switch  adminuser->regularuser

	  When you "log out", you are reverting to the previous user,
	  and you can go no further back. So if you go from superuser->adminuser,
	  then adminuser->regular user, there is no way back to superuser without
	  logging in again.

Revision  Changes    Path
1.2       +58 -15    interchange/code/UI_Tag/su.coretag


rev 1.2, prev_rev 1.1
Index: su.coretag
===================================================================
RCS file: /anon_cvs/repository/interchange/code/UI_Tag/su.coretag,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- su.coretag	5 Feb 2002 20:57:03 -0000	1.1
+++ su.coretag	6 Feb 2002 01:50:32 -0000	1.2
@@ -6,8 +6,41 @@
 sub {
 	my ($user, $opt) = @_;
 	use vars qw/$Session $Tag $ready_safe $Scratch/;
-	if($user and ! $Tag->if_mm('super')) {
-		::logError("attempt to su to user %s", $user);
+
+	my $super  = $Tag->if_mm('super');
+	my $former = $Vend::username;
+
+	$opt->{profile} = 'ui'     if $opt->{admin} and ! $opt->{profile};
+
+	my $u;
+	if($opt->{profile}) {
+		$u = $Vend::Cfg->{UserDB_repository}{$opt->{profile}};
+	}
+	else {
+		$u = $Vend::Cfg->{UserDB};
+	}
+
+	if(! $u) {
+		my $place = $opt->{profile} || 'default';
+		::logError("Can't find UserDB repository, profile '%'", $place);
+		return undef;
+	}
+	my $table  = $u->{database};
+	my $ufield = $u->{user_field};
+	my $going_to_admin = $u->{admin} || $opt->{admin};
+
+	if($user and $going_to_admin and ! $super) {
+		::logError("attempt to su to admin user %s by non-super user %s",
+						$user,
+						$former,
+					);
+		return undef;
+	}
+	elsif($user and ! $Vend::admin) {
+		::logError("attempt to su to user %s by non-admin user %s",
+						$user,
+						$former,
+					);
 		return undef;
 	}
 
@@ -54,10 +87,9 @@
 		delete $Session->{su};
 		$Vend::admin = $Vend::Session->{admin};
 		$Vend::username = $Vend::Session->{username};
-		$Vend::logged_in = $Vend::Session->{logged_in};
-		$Tag->if_mm('super')
+		$Tag->if_mm('logged_in')
 			and logError(
-					"Superuser %s returned from login as %s",
+					"Admin user %s returned from login as %s",
 					$Session->{username},
 					$former,
 				)
@@ -65,20 +97,19 @@
 		return;
 	}
 	elsif ($user) {
-		my $u = $Vend::Cfg->{UserDB}{$opt->{profile} ||= 'default'};
-		my $table  = $u->{login_table};
-		my $ufield = $u->{user_field};
-#::logDebug("user table=$table ufield=$ufield");
+		if( $u->{admin} and ! $super) {
+		}
+::logDebug("user table=$table ufield=$ufield");
 		$table  ||= 'userdb';
 		$ufield ||= 'username';
-#::logDebug("user table=$table ufield=$ufield");
+::logDebug("user table=$table ufield=$ufield");
 		if(! $Tag->data($table, $ufield, $user) ) {
 			$Scratch->{ui_error} = errmsg("attempt to su to non-existent user %s", $user);
 			return undef;
 		}
 		my $rand	= random_string();
 		my $sess	= uneval_it($Session);
-#::logDebug("sess is $sess");
+::logDebug("sess is $sess");
 		my $sesskey	= generate_key($rand . $sess);
 
 		open(MDIT, "> $dir/$Session->{id}")
@@ -87,20 +118,32 @@
 		close MDIT;
 		$Tag->set_cookie( { name => 'MV_SU_KEY', value => $sesskey } );
 		my $former = $Session->{username};
+
 		undef $Vend::admin;
 		undef $Vend::superuser;
+		undef $Vend::UI_entry;
+
 		Vend::Session::init_session();
 		$Session = $Vend::Session;
-		$Vend::username = $user;
-		$Session->{username} = $user;
+
+		$Vend::username = $Session->{username} = $user;
+		$Vend::admin    = $Session->{admin}    = $going_to_admin;
+
 		$Session->{su} = $sess;
 		$Session->{logged_in} = 1;
+
 		$Tag->userdb('load');
-		logError("superuser %s switched user to %s", $former, $Session->{username});
+		my $dest = $Tag->if_mm('logged_in') ? 'admin user' : 'regular user';
+		logError(
+			"superuser %s switched user to %s %s",
+			$former,
+			$dest,
+			$Session->{username},
+			);
 		return 1;
 	}
 	else {
-		::logError("unknown su operation");
+		::logError("unknown su operation: " . uneval_it($opt));
 		return undef;
 	}
 }



2.1       +11 -0     interchange/dist/lib/UI/pages/admin/access.html


rev 2.1, prev_rev 2.0
Index: access.html
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/pages/admin/access.html,v
retrieving revision 2.0
retrieving revision 2.1
diff -u -r2.0 -r2.1
--- access.html	18 Jul 2001 02:22:00 -0000	2.0
+++ access.html	6 Feb 2002 01:50:32 -0000	2.1
@@ -91,6 +91,17 @@
 [/button]
 [/if-mm]
 
+[if-mm super]
+[button text="[L]Switch to user[/L]" form=accessform]
+mv_todo=return
+mv_nextpage=@@MV_PAGE@@
+mv_click=MMsu
+admin=1
+user=[cgi user_id]
+dest=admin/index
+[/button]
+[/if-mm]
+
 </td>
 
 <td bgcolor="__UI_C_INTBLOCK__" width=__UI_RIGHT_WIDTH__>



2.11      +1 -1      interchange/dist/lib/UI/pages/admin/customer.html


rev 2.11, prev_rev 2.10
Index: customer.html
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/pages/admin/customer.html,v
retrieving revision 2.10
retrieving revision 2.11
diff -u -r2.10 -r2.11
--- customer.html	5 Feb 2002 20:57:04 -0000	2.10
+++ customer.html	6 Feb 2002 01:50:32 -0000	2.11
@@ -343,7 +343,7 @@
 [scratch active_nm]=1[/button]
 [/on-match]
 </FORM>
-[if-mm super]
+[if-mm advanced userdb=e]
 	<form action="[area @@MV_PAGE@@]">
 	<input type=hidden name=mv_action value=refresh>
 	<input type=hidden name=mv_click value=MMsu>



2.2       +6 -2      interchange/dist/lib/UI/profiles/login


rev 2.2, prev_rev 2.1
Index: login
===================================================================
RCS file: /anon_cvs/repository/interchange/dist/lib/UI/profiles/login,v
retrieving revision 2.1
retrieving revision 2.2
diff -u -r2.1 -r2.2
--- login	5 Feb 2002 20:57:04 -0000	2.1
+++ login	6 Feb 2002 01:50:32 -0000	2.2
@@ -20,8 +20,12 @@
 __END__
 
 __NAME__ MMsu
-[if type=explicit compare="[su username='[cgi user]']"]
-mv_nextpage=[calc]$Config->{SpecialPage}{catalog}[/calc]
+[if type=explicit
+    compare=|
+		[su username='[cgi user]' admin='[cgi admin]' ]
+		|
+]
+mv_nextpage=[calc]$CGI->{dest} || $Config->{SpecialPage}{catalog}[/calc]
 [else]
 [calc]$Session->{ui_error} = "Failed to su to user $CGI->{user}"; return;[/calc]
 [/else]