[Rt-commit] rt branch, 3.8-trunk, updated. rt-3.8.5-158-g1e697a2
jesse
jesse at bestpractical.com
Tue Sep 29 14:52:05 EDT 2009
The branch, 3.8-trunk has been updated
via 1e697a2754b62088ed7bfccba99173856953e809 (commit)
via ad018b1ebe0566ad00b96a6097ccf2b8d3d5301d (commit)
from 221b9853f811a7dfed062e21709300a0162576d4 (commit)
Summary of changes:
lib/RT/Interface/Web.pm | 37 ++++++++++++++++++++++++++++++++
share/html/autohandler | 53 ++++++++--------------------------------------
2 files changed, 47 insertions(+), 43 deletions(-)
- Log -----------------------------------------------------------------
commit ad018b1ebe0566ad00b96a6097ccf2b8d3d5301d
Author: Jesse Vincent <jesse at bestpractical.com>
Date: Wed Sep 30 03:29:45 2009 +0900
unfolding lines for ease of refactoring
diff --git a/share/html/autohandler b/share/html/autohandler
index 6729ba7..1380090 100755
--- a/share/html/autohandler
+++ b/share/html/autohandler
@@ -104,7 +104,6 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
# do we actually have a REMOTE_USER equivlent?
if ( RT::Interface::Web::WebCanonicalizeInfo() ) {
-
my $orig_user = $user;
$user = RT::Interface::Web::WebCanonicalizeInfo();
@@ -122,7 +121,6 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
if ( RT->Config->Get('WebExternalAuto') && !$session{'CurrentUser'}->Id ) {
# Create users on-the-fly
-
my $UserObj = RT::User->new( $RT::SystemUser );
my ($val, $msg) = $UserObj->Create(
%{ ref RT->Config->Get('AutoCreate') ? RT->Config->Get('AutoCreate') : {} },
@@ -131,17 +129,14 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
);
if ( $val ) {
-
# now get user specific information, to better create our user.
- my $new_user_info
- = RT::Interface::Web::WebExternalAutoInfo($user);
+ my $new_user_info = RT::Interface::Web::WebExternalAutoInfo($user);
# set the attributes that have been defined.
foreach my $attribute ($user->WritableAttributes) {
$m->callback( Attribute => $attribute, User => $user, UserInfo => $new_user_info, CallbackName => 'NewUser' );
my $method = "Set$attribute";
- $UserObj->$method( $new_user_info->{$attribute} )
- if defined $new_user_info->{$attribute};
+ $UserObj->$method( $new_user_info->{$attribute} ) if defined $new_user_info->{$attribute};
}
$session{'CurrentUser'}->Load($user);
}
@@ -150,8 +145,7 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
# we failed to successfully create the user. abort abort abort.
delete $session{'CurrentUser'};
$m->abort unless RT->Config->Get('WebFallbackToInternalAuth');
- $m->comp( '/Elements/Login', %ARGS,
- Error => loc( 'Cannot create user: [_1]', $msg ) );
+ $m->comp( '/Elements/Login', %ARGS, Error => loc( 'Cannot create user: [_1]', $msg ) );
}
}
@@ -163,16 +157,14 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
$user = $orig_user;
if ( RT->Config->Get('WebExternalOnly') ) {
- $m->comp( '/Elements/Login', %ARGS,
- Error => loc('You are not an authorized user') );
+ $m->comp( '/Elements/Login', %ARGS, Error => loc('You are not an authorized user') );
$m->abort();
}
}
}
elsif (RT->Config->Get('WebFallbackToInternalAuth')) {
unless ( defined $session{'CurrentUser'} ) {
- $m->comp( '/Elements/Login', %ARGS,
- Error => loc('You are not an authorized user') );
+ $m->comp( '/Elements/Login', %ARGS, Error => loc('You are not an authorized user') );
$m->abort();
}
}
@@ -185,14 +177,12 @@ elsif ( RT->Config->Get('WebExternalAuth') ) {
}
}
-delete $session{'CurrentUser'}
- unless $session{'CurrentUser'} && $session{'CurrentUser'}->Id;
+delete $session{'CurrentUser'} unless $session{'CurrentUser'} && $session{'CurrentUser'}->Id;
# Process per-page authentication callbacks
$m->callback( %ARGS, CallbackName => 'Auth' );
-delete $session{'CurrentUser'}
- unless $session{'CurrentUser'} && $session{'CurrentUser'}->Id;
+delete $session{'CurrentUser'} unless $session{'CurrentUser'} && $session{'CurrentUser'}->Id;
unless( $session{'CurrentUser'} ) {
# If the user is logging in, let's authenticate
@@ -202,15 +192,12 @@ unless( $session{'CurrentUser'} ) {
unless ( $user_obj->id && $user_obj->IsPassword( $pass ) ) {
$RT::Logger->error("FAILED LOGIN for $user from $ENV{'REMOTE_ADDR'}");
- $m->comp( '/Elements/Login', %ARGS,
- Error => loc('Your username or password is incorrect'),
- );
+ $m->comp( '/Elements/Login', %ARGS, Error => loc('Your username or password is incorrect'),);
$m->callback( %ARGS, CallbackName => 'FailedLogin' );
$m->abort;
}
$session{'CurrentUser'} = $user_obj;
- $RT::Logger->info(
- "Successful login for $user from $ENV{'REMOTE_ADDR'}");
+ $RT::Logger->info( "Successful login for $user from $ENV{'REMOTE_ADDR'}");
$m->callback( %ARGS, CallbackName => 'SuccessfulLogin' );
}
# if no credentials then show him login page
@@ -232,9 +219,7 @@ $m->callback( %ARGS );
unless ( $session{'CurrentUser'}->Privileged ) {
# if the user is trying to access a ticket, redirect them
- if ( $m->request_comp->path =~ '^(/+)Ticket/Display.html'
- && $ARGS{'id'} )
- {
+ if ( $m->request_comp->path =~ '^(/+)Ticket/Display.html' && $ARGS{'id'} ) {
RT::Interface::Web::Redirect( RT->Config->Get('WebURL') ."SelfService/Display.html?id=".$ARGS{'id'});
}
commit 1e697a2754b62088ed7bfccba99173856953e809
Author: Jesse Vincent <jesse at bestpractical.com>
Date: Wed Sep 30 03:51:43 2009 +0900
Extract the logic for "show the page the user requested" out into its own function in the Interface library
diff --git a/lib/RT/Interface/Web.pm b/lib/RT/Interface/Web.pm
index 3d5f6fb..ab454c0 100755
--- a/lib/RT/Interface/Web.pm
+++ b/lib/RT/Interface/Web.pm
@@ -166,6 +166,43 @@ sub WebExternalAutoInfo {
# }}}
+=head2 ShowRequestedPage \%ARGS
+
+This function, called exclusively by RT's autohandler, dispatches
+a request to the page a user requested (making sure that unprivileg users
+can only see self-service pages.
+
+=cut
+
+sub ShowRequestedPage {
+ my $ARGS = shift;
+
+ # If the user isn't privileged, they can only see SelfService
+ #
+ my $m = $HTML::Mason::Commands::m;
+
+ unless ( $HTML::Mason::Commands::session{'CurrentUser'}->Privileged ) {
+
+ # if the user is trying to access a ticket, redirect them
+ if ( $m->request_comp->path =~ '^(/+)Ticket/Display.html' && $ARGS->{'id'} ) {
+ RT::Interface::Web::Redirect( RT->Config->Get('WebURL') . "SelfService/Display.html?id=" . $ARGS->{'id'} );
+ }
+
+ # otherwise, drop the user at the SelfService default page
+ elsif ( $m->base_comp->path !~ RT->Config->Get('SelfServiceRegex') ) {
+ RT::Interface::Web::Redirect( RT->Config->Get('WebURL') . "SelfService/" );
+ }
+
+ # if user is in SelfService dir let him do anything
+ else {
+ $m->comp( { base_comp => $m->request_comp }, $m->fetch_next, %$ARGS );
+ }
+ } else {
+ $m->comp( { base_comp => $m->request_comp }, $m->fetch_next, %$ARGS );
+ }
+
+}
+
=head2 Redirect URL
diff --git a/share/html/autohandler b/share/html/autohandler
index 1380090..60eca6c 100755
--- a/share/html/autohandler
+++ b/share/html/autohandler
@@ -215,26 +215,8 @@ $session{'home_refresh_interval'} = $ARGS{'HomeRefreshInterval'} if ( $ARGS{'Hom
# Process per-page global callbacks
$m->callback( %ARGS );
-# If the user isn't privileged, they can only see SelfService
-unless ( $session{'CurrentUser'}->Privileged ) {
- # if the user is trying to access a ticket, redirect them
- if ( $m->request_comp->path =~ '^(/+)Ticket/Display.html' && $ARGS{'id'} ) {
- RT::Interface::Web::Redirect( RT->Config->Get('WebURL') ."SelfService/Display.html?id=".$ARGS{'id'});
- }
-
- # otherwise, drop the user at the SelfService default page
- elsif ( $m->base_comp->path !~ RT->Config->Get('SelfServiceRegex') ) {
- RT::Interface::Web::Redirect( RT->Config->Get('WebURL') ."SelfService/" );
- }
- # if user is in SelfService dir let him do anything
- else {
- $m->comp( { base_comp => $m->request_comp }, $m->fetch_next, %ARGS);
- }
-}
-else {
- $m->comp( { base_comp => $m->request_comp }, $m->fetch_next, %ARGS);
-}
+RT::Interface::Web::ShowRequestedPage(\%ARGS);
RT::Interface::Web::LogRecordedSQLStatements();
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list