Permalink
Browse files

Merge branch 'master' of github.com:castaway/Presenting-Perl

- fixed: admin script now sets role admin
- removed Plugin::Redirect for standard redirects

Conflicts:
	lib/PresentingPerl/Web/Controller/Admin.pm
  • Loading branch information...
2 parents 190e652 + 01d7f65 commit a15a0d22120186cfe2af5f3f0c5c0b1626d5bdf5 @castaway committed Mar 24, 2012
View
@@ -11,6 +11,7 @@ all_from 'lib/PresentingPerl/Web.pm';
requires 'Catalyst::Runtime' => '5.90007';
requires 'Catalyst::Plugin::ConfigLoader';
+requires 'Catalyst::Plugin::Redirect';
requires 'Catalyst::Plugin::Static::Simple';
requires 'Catalyst::Action::RenderView';
requires 'Moose';
@@ -28,6 +29,7 @@ requires 'DBIx::Class::InflateColumn::Authen::Passphrase';
requires 'CatalystX::SimpleLogin';
requires 'Catalyst::Authentication::Store::DBIx::Class';
requires 'Catalyst::Plugin::Authorization::Roles';
+requires 'Perl6::Junction';
requires 'DBIx::Class::TimeStamp';
requires 'Template::Tiny';
@@ -19,7 +19,7 @@ PresentingPerl::Schema::Result::Role
=cut
-__PACKAGE__->table("role");
+__PACKAGE__->table("roles");
=head1 ACCESSORS
@@ -101,12 +101,34 @@ __PACKAGE__->has_many(
# Created by DBIx::Class::Schema::Loader v0.07010 @ 2011-12-03 14:51:10
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:LdcXqKuNwSPcZp4qrNP8mw
+# many_to_many():
+# args:
+# 1) Name of relationship, DBIC will create accessor with this name
+# 2) Name of has_many() relationship this many_to_many() is shortcut for
+# 3) Name of belongs_to() relationship in model class of has_many() above
+# You must already have the has_many() defined to use a many_to_many().
+__PACKAGE__->many_to_many(roles => 'user_roles', 'role');
+
sub check_password {
my ($self, $passp) = @_;
return $self->password->match($passp);
}
+=head2 has_role
+
+Check if a user has the specified role
+
+=cut
+
+use Perl6::Junction qw/any/;
+sub has_role {
+ my ($self, $role) = @_;
+
+ # Does this user posses the required role?
+ return any(map { $_->role } $self->roles) eq $role;
+}
+
# You can replace this text with custom code or comments, and it will be preserved on regeneration
__PACKAGE__->meta->make_immutable;
1;
@@ -21,6 +21,7 @@ use Catalyst qw/
ConfigLoader
+CatalystX::SimpleLogin
Authentication
+ Authorization::Roles
Session
Session::Store::File
Session::State::Cookie
@@ -3,12 +3,16 @@ package PresentingPerl::Web::Controller::Admin;
use Moose;
use namespace::autoclean;
-BEGIN { extends 'Catalyst::Controller' }
+BEGIN { extends 'Catalyst::Controller::ActionRole' }
## This thing runs on HTML::Zoom, look in View::Zoom::Admin to see how the stash is applied to the templates.
sub begin : Private {
my ($self, $c) = @_;
+ unless($c->user_exists && $c->user->get_object->has_role('admin')) {
+ return $c->res->redirect($c->uri_for('/login'));
+ }
+
$c->stash->{current_view} = 'Zoom';
}
@@ -0,0 +1,51 @@
+package PresentingPerl::Web::Controller::Admin::Users;
+
+use Moose;
+use namespace::autoclean;
+
+BEGIN { extends 'Catalyst::Controller::ActionRole' }
+
+
+sub edit :Path :Args(1) : Local Does('NeedsLogin') {
+ my ($self, $c, $user_id) = @_;
+
+ unless($c->user->get_object->has_role('admin')) {
+ $c->res->redirect($c->uri_for('/login'));
+ }
+
+ # Stash user details
+ $c->stash->{ user } = $c->model( 'DB::User' )->find({
+ id => $user_id,
+ });
+
+ # Stash the list of roles
+ my @roles = $c->model( 'DB::Role' )->search;
+ $c->stash->{ roles } = \@roles;
+}
+
+
+
+sub root :Path :Args(0) : Local Does('NeedsLogin') {
+ my ($self, $c) = @_;
+
+ unless($c->user->get_object->has_role('admin')) {
+ $c->res->redirect($c->uri_for('/login'));
+ }
+
+ # Stash the list of users
+ my @users = $c->model( 'DB::User' )->search(
+ {},
+ {
+ order_by => 'username',
+ },
+ );
+
+ $c->stash->{ users } = \@users;
+}
+
+
+
+
+__PACKAGE__->meta->make_immutable;
+
+1;
@@ -104,6 +104,19 @@ Attempt to render a view, if needed.
sub end : ActionClass('RenderView') {}
+=head2 denied
+
+Access denied
+
+=cut
+
+sub denied :Private {
+ my ($self, $c) = @_;
+
+ $c->res->status('403');
+ $c->res->body('Denied!');
+}
+
=head1 AUTHOR
Catalyst developer
View
@@ -23,6 +23,8 @@ default_view TT
<store>
class DBIx::Class
user_model DB::User
+ role_relation user_roles
+ role_field role
</store>
</default>
View
@@ -0,0 +1,72 @@
+[%- meta.wrapper = 'shinycms.tt';
+ IF user.id;
+ meta.title = 'Edit user';
+ ELSE;
+ meta.title = 'Add new user';
+ END;
+-%]
+
+<h2>
+ [%- IF user.id %]
+ Edit details for [% user.username | html %]
+ [%- ELSE %]
+ Add new user
+ [%- END %]
+</h2>
+
+<form id="edit_user" method="post" enctype="multipart/form-data" action="[% c.uri_for('edit-do') %]">
+ [%- UNLESS user.id %]
+ <p>
+ <label for="username">
+ Username
+ </label>
+ <br /><input type="text" class="textlong" id="username" name="username" value="[% user.username | html %]" size="50" maxlength="50" />
+ </p>
+ <p>
+ <label for="password">
+ Password
+ </label>
+ <br /><input type="password" class="textlong" id="password" name="password" size="50" maxlength="200" />
+ </p>
+ [%- END %]
+ <p>
+ <label for="email_address">
+ Email
+ </label>
+ <br /><input type="text" class="textlong" id="email_address" name="email_address" value="[% user.email_address | html %]" size="50" maxlength="200" />
+ </p>
+ <p>
+ <label for="first_name">
+ First name
+ </label>
+ <br /><input type="text" class="textshort" id="first_name" name="first_name" value="[% user.first_name | html %]" size="50" />
+ </p>
+ <p>
+ <label for="last_name">
+ Last name
+ </label>
+ <br /><input type="text" class="textshort" id="last_name" name="last_name" value="[% user.last_name | html %]" size="50" />
+ </p>
+ <p>
+ <label for="active">
+ Account active
+ </label>
+ <br /><input type="checkbox" id="active" name="active" [% IF user.active == 1 %] checked="checked" [%- END %] />
+ </p>
+ [%- IF c.user.has_role( 'User Admin' ) %]
+ <p>
+ <span class="label">Roles</span>
+ [%- FOREACH role IN roles %]
+ <br /><input id="role_[% role.id %]" name="role_[% role.id %]" type="checkbox"[% IF user.has_role(role.role) %] checked="checked"[% END %] /> <label for="role_[% role.id %]">[% role.role | html %]</label>
+ [%- END %]
+ </p>
+ [%- END %]
+ <p>
+ <input name="user_id" type="hidden" value="[% user.id %]" />
+ <input name="submit" type="submit" value="Save" />
+ <input name="reset" type="reset" value="Reset" />
+ [%- IF user.id %]
+ <input name="delete" type="submit" value="Delete" onclick="javascript:return confirm('Are you sure you want to delete this user?')" />
+ [%- END %]
+ </p>
+</form>
View
@@ -0,0 +1,32 @@
+[%- meta.wrapper = 'shinycms.tt';
+ meta.title = 'Users';
+-%]
+<table class="list">
+ <tr>
+ <th>
+ Username
+ </th>
+ <th>
+ Name
+ </th>
+ <th>
+ Actions
+ </th>
+ </tr>
+ [%- FOREACH user IN users %]
+ <tr onmouseover="style.backgroundColor='#eeffdd';" onmouseout="style.backgroundColor='transparent'">
+ <td>
+ [% user.username | html %]
+ </td>
+ <td>
+ [% user.first_name | html %] [% user.last_name | html %]
+ </td>
+ <td>
+ <a href="[% c.uri_for( 'view', user.id ) %]">View</a> /
+ <a href="[% c.uri_for( 'edit', user.id ) %]">Edit</a> /
+ <a href="[% c.uri_for( 'password', user.id ) %]">Change password</a>
+ </td>
+ </tr>
+ [%- END %]
+</table>
+
@@ -73,5 +73,6 @@ =head1 SYNOPSIS
passphrase => $cli_pass,
),
username => $cli_user,
+ user_roles => [ { role => { role => 'admin' } } ],
});

0 comments on commit a15a0d2

Please sign in to comment.