Permalink
Browse files

yslowviewer: Add ACL

  • Loading branch information...
1 parent 4a108d7 commit 6f78870e3f8fdf02d90a41dfead2c77590ee6d46 @crumbjp crumbjp committed Apr 10, 2012
@@ -1 +1,7 @@
-{"user":"admin","hash":"21232f297a57a5a743894a0e4a801fc3","email":"","root":true,"_u":"admin"}
+{
+"user":"admin",
+"hash":"c510b84a45ecb27f512536845e11c2bb",
+"email":"admin@mail.cockatoo.jp",
+"root":"1",
+"_u":"admin"
+}
@@ -0,0 +1,50 @@
+<?php
+namespace yslowviewer;
+/**
+ * AccountAction.php - ????
+ *
+ * @package ????
+ * @access public
+ * @author hiroaki.kubota <hiroaki.kubota@mail.rakuten.com>
+ * @create 2011/07/07
+ * @version $Id$
+ * @copyright Copyright (C) 2011, rakuten
+ */
+
+class AccountAction extends \Cockatoo\AccountAction {
+ const REDIRECT_PATH='/yslowviewer/default/main';
+
+ protected function preAction(){
+ $this->setNamespace('yslowviewer');
+ $this->BASE_BRL=YslowviewerConfig::USER_COLLECTION;
+ }
+
+ protected function genUserData(&$post_data,&$session_login,&$user_data){
+ return $user_data;
+ }
+
+ protected function success(&$submit,&$user_data){
+ if ( $submit === 'password reset' ) {
+ mail($user_data[\Cockatoo\AccountUtil::KEY_EMAIL],
+ 'Your profile changed',
+ 'Your new profile'."\n".
+ ' User : ' . $user_data[\Cockatoo\AccountUtil::KEY_USER] ."\n".
+ ' Password : ' . (isset($user_data[\Cockatoo\AccountUtil::KEY_PASSWD])?$user_data[\Cockatoo\AccountUtil::KEY_PASSWD]:'(no change)')."\n".
+ ' Email : ' . $user_data[\Cockatoo\AccountUtil::KEY_EMAIL]."\n".
+ ' Root : ' . ($user_data[\Cockatoo\AccountUtil::KEY_ROOT]?'YES':'NO'),
+ 'From: '.YslowviewerConfig::MAIL_FROM ."\r\n" .
+ 'Reply-To: '.YslowviewerConfig::MAIL_FROM ."\r\n"
+ );
+ }elseif($submit === 'profile' ){
+ return;
+ }
+ $this->setRedirect(self::REDIRECT_PATH);
+ }
+
+ protected function error(&$e){
+ $s['emessage'] = $e->getMessage();
+ $this->updateSession($s);
+ $this->setRedirect('/yslowviewer/default/error');
+ \Cockatoo\Log::error(__CLASS__ . '::' . __FUNCTION__ . $e->getMessage(),$e);
+ }
+}
@@ -0,0 +1,51 @@
+<?php
+namespace yslowviewer;
+/**
+ * AdminAction.php - ????
+ *
+ * @package ????
+ * @access public
+ * @author hiroaki.kubota <hiroaki.kubota@mail.rakuten.com>
+ * @create 2011/07/07
+ * @version $Id$
+ * @copyright Copyright (C) 2011, rakuten
+ */
+class AdminAction extends \Cockatoo\AdminAction {
+ protected function preAction(){
+ $this->setNamespace('yslowviewer');
+ $this->BASE_BRL=YslowviewerConfig::USER_COLLECTION;
+
+ $session = $this->getSession();
+ $root = $session[\Cockatoo\AccountUtil::SESSION_LOGIN]['root'];
+ if ( ! $root ) {
+ throw new \Exception('You do not have a permission !!');
+ }
+ }
+ protected function genUserData(&$post_data,&$session_login,&$user_data){
+ $this->passwd = $user_data[\Cockatoo\AccountUtil::KEY_PASSWD];
+ return $user_data;
+ }
+ protected function success(&$submit,&$user_data){
+ if ( $submit === 'add user' ) {
+ mail($user_data[\Cockatoo\AccountUtil::KEY_EMAIL],
+ 'Your profile changed',
+ 'Your new profile'."\n".
+ ' User : ' . $user_data[\Cockatoo\AccountUtil::KEY_USER] ."\n".
+ ' Password : ' . (($this->passwd)?$this->passwd:'(no change)')."\n".
+ ' Email : ' . $user_data[\Cockatoo\AccountUtil::KEY_EMAIL]."\n".
+ ' Root : ' . ($user_data[\Cockatoo\AccountUtil::KEY_ROOT]?'YES':'NO'),
+ 'From: '.YslowviewerConfig::MAIL_FROM ."\r\n" .
+ 'Reply-To: '.YslowviewerConfig::MAIL_FROM ."\r\n"
+ );
+ }
+ }
+ protected function error(&$e){
+ $s['emessage'] = $e->getMessage();
+ $this->updateSession($s);
+ $this->setRedirect('/yslowviewer/default/error');
+ \Cockatoo\Log::error(__CLASS__ . '::' . __FUNCTION__ . $e->getMessage(),$e);
+ }
+
+ public function postProc(){
+ }
+}
@@ -31,10 +31,17 @@ public function proc(){
try{
$this->setNamespace('yslowviewer');
if ( $this->method === \Cockatoo\Beak::M_SET ) {
+ $session = $this->getSession();
+ $user = $session[\Cockatoo\AccountUtil::SESSION_LOGIN][\Cockatoo\AccountUtil::KEY_USER];
+ if ( ! $user and YslowviewerConfig::ACL ) {
+ \Cockatoo\Log::error(__CLASS__ . '::' . __FUNCTION__ ,'Guest users are not allowed to POST');
+ return null; // Guest users are not allowed to POST
+ }
$now = time();
$beacon = json_decode($session[\Cockatoo\Def::SESSION_KEY_POST],1);
$beacon = $this->get_json();
+
$beacon['t'] = strftime('%Y-%m-%d %H:%M:%S',$now);
$beacon['_t'] = $now;
$beacon = $this->form_beacon($beacon);
@@ -0,0 +1,8 @@
+<?php
+namespace yslowviewer;
+class YslowviewerConfig {
+ const ACL=false;
+ const MAIL_NOTIFICATION=true;
+ const MAIL_FROM='root@cockatoo.jp';
+ const USER_COLLECTION='storage://yslowviewer-storage/users/';
+}
@@ -0,0 +1,16 @@
+{
+"@R":"1334021781",
+"type":"HorizontalWidget",
+"subject":"admin",
+"description":"admin",
+"css":"#admin {\n border: 1px solid #8080F0;\n color: #888888;\n text-align:left;\n padding: 0 50px;\n}\n\n#admin table {\n border: 2px solid #4040E0;\n}\n#admin table tr {\n}\n#admin table th {\n padding: 2px 5px;\n border-left: 1px solid #4040E0;\n border-bottom: 1px solid #4040E0;\n}\n#admin table td {\n padding: 2px 5px;\n border-right: 1px dashed #4040E0;\n border-top: 1px solid #4040E0;\n}\ntr.selectable:hover {\n background-color: #FFD0D0;\n}\n\n#admin div.window {\n border : 1px solid #C0C8C2;\n width: 200px;\n margin: 0 0;\n text-align:left;\n}\n\n#admin h5 {\n margin: 0 0 0 0;\n padding: 0 2px 0 2px;\n font-size: 1.2em;\n}\n\n#admin div.input {\n border-bottom : 1px solid #F0F0F0;\n text-align:left;\n}\n\n#admin div.input > h6 {\n margin: 0 0 0 0;\n padding: 0 5px 0 0;\n width: 80px;\n text-align:left;\n color: #888888;\n}\n#admin div.input > input[type=\"text\"],\n#admin div.input > input[type=\"password\"] {\n margin: 0 0 0 0;\n padding: 0 0 0 0;\n position: relative;\n text-align: left;\n width: 180px;\n }\n",
+"js":"$(function(){\n $('tr.selectable').click(function(ev){\n $('form.setuser input[name=\"user\"]').val($(this).find('td.user').text());\n $('form.setuser input[name=\"email\"]').val($(this).find('td.email').text());\n $('form.setuser input[name=\"hash\"]').val($(this).find('td.hash').text());\n if ( $(this).find('td.root').text() ) {\n $('form.setuser input[name=\"root\"]').attr(\"checked\",1);\n }else{\n $('form.setuser input[name=\"root\"]').removeAttr(\"checked\");\n }\n });\n})(jQuery);\n",
+"id":"admin",
+"class":"",
+"body":"<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tr>\n<th>user<\/th>\n<th>mail<\/th>\n<th>passwd hash<\/th>\n<th>is root<\/th>\n<\/tr>\n<?cs each:item = A.yslowviewer.users ?>\n<tr class=\"selectable \">\n<td class=\"user\"><?cs name:item ?><\/td>\n<td class=\"email\"><?cs var:item.email ?><\/td>\n<td class=\"hash\"><?cs var:item.hash ?><\/td>\n<td class=\"root\"><?cs var:item.root ?><\/td>\n<\/tr>\n<?cs \/each ?>\n<\/table>\n<h5>Add or update member<\/h5>\n<div class=\"window\">\n<form class=\"setuser\" method=\"POST\" action=\"\/yslowviewer\/default\/admin\">\n<div class=\"input\"> <h6>User<\/h6> <input name=\"user\" type=\"text\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Password<\/h6> <input name=\"passwd\" type=\"password\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Hash<\/h6> <input name=\"hash\" type=\"text\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Email<\/h6> <input name=\"email\" type=\"text\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Root<\/h6> <input name=\"root\" type=\"checkbox\" value=\"\" \/><\/div>\n<div class=\"input\">\n<input name=\"submit\" type=\"submit\" value=\"add user\" \/>\n<input name=\"submit\" type=\"submit\" value=\"remove user\" \/>\n<\/div>\n<\/form>\n<\/div>\n",
+"action":[
+"action:\/\/wiki-action\/yslowviewer\/AdminAction?keys",
+""
+],
+"_u":"admin"
+}
@@ -0,0 +1 @@
+{"@R":"1328327357","type":"HorizontalWidget","subject":"error","description":"error","css":"#emessage {\n color:red;\n}","js":"","id":"","class":"","body":"<h2>Error page<\/h2>\n<div id=\"emessage\">\n <?cs var:S.emessage ?>\n<\/div>","action":[""],"_u":"error"}
@@ -0,0 +1,15 @@
+{
+"@R":"1334024368",
+"type":"HorizontalWidget",
+"subject":"login",
+"description":"login",
+"css":"\n#login {\n border: 1px solid #8080F0;\n color: #888888;\n text-align:center;\n}\n#login div.input {\n text-align: left;\n}\n#login div.input > h6 {\n color: #888888;\n margin:0;\n padding:0;\n text-align: left;\n width: 80px;\n}\n\n#login div.user {\n\/* float: right; *\/\n}\n#login div.user > span {\n color: blue;\n}\n\n#login div.window {\n border : 1px solid #C0C8C2;\n width: 198px;\n margin: 0 auto;\n}\n\n#login h5 {\n margin: 0 0 0 0;\n padding: 0 2px 0 2px;\n font-size: 1.2em;\n}\n#login div.input > input[type=\"text\"],\n#login div.input > input[type=\"password\"] {\n margin: 0 0 0 0;\n padding: 0 0 0 0;\n position: relative;\n text-align: left;\n width: 180px;\n }\n\n",
+"js":"",
+"id":"login",
+"class":"",
+"body":"<?cs if: S.login.user ?>\n <div class=\"user\">\n Welcome <span><?cs var:S.login.user ?><\/span>\n <form method=\"POST\" action=\"\/yslowviewer\/default\/profile\">\n <input name=\"submit\" type=\"submit\" value=\"logout\" \/>\n <input name=\"submit\" type=\"submit\" value=\"profile\" \/>\n <\/form>\n <?cs if: S.login.root ?>\n <a id=\"reset\" href=\"\/yslowviewer\/default\/admin\">admin tool<\/a>\n <?cs \/if ?>\n <\/div>\n<?cs else ?>\n <div class=\"window\">\n <form method=\"POST\" action=\"\/yslowviewer\/default\/login\">\n <div class=\"input\"><h6>User<\/h6> <input name=\"user\" type=\"text\" value=\"\" \/><\/div>\n <div class=\"input\"><h6>Password<\/h6> <input name=\"passwd\" type=\"password\" value=\"\" \/><\/div>\n <div class=\"input\"> <input name=\"submit\" type=\"submit\" value=\"login\" \/><input name=\"submit\" type=\"submit\" value=\"password reset\" \/><\/div>\n <\/form>\n <\/div>\n<?cs \/if ?>\n\n",
+"action":[
+""
+],
+"_u":"login"
+}
@@ -0,0 +1,15 @@
+{
+"@R":"1334023204",
+"type":"HorizontalWidget",
+"subject":"profile",
+"description":"profile",
+"css":"#profile {\n border: 1px solid #8080F0;\n color: #888888;\n text-align:left;\n padding: 0 50px;\n}\n\n#profile div.window {\n border : 1px solid #C0C8C2;\n width: 200px;\n margin: 0 0;\n text-align:left;\n}\n\n#profile h5 {\n margin: 0 0 0 0;\n padding: 0 2px 0 2px;\n font-size: 1.2em;\n}\n\n#profile div.input {\n border-bottom : 1px solid #F0F0F0;\n text-align:left;\n}\n\n#profile div.input > h6 {\n margin: 0 0 0 0;\n padding: 0 5px 0 0;\n width: 80px;\n text-align:left;\n color: #888888;\n}\n#profile div.input > input[type=\"text\"],\n#profile div.input > input[type=\"password\"] {\n margin: 0 0 0 0;\n padding: 0 0 0 0;\n position: relative;\n text-align: left;\n width: 180px;\n }",
+"js":"",
+"id":"profile",
+"class":"",
+"body":"<h5>Update profile<\/h5>\n<div class=\"window\">\n<form class=\"setuser\" method=\"POST\" action=\"\/yslowviewer\/default\/profile\">\n<div class=\"input\"> <h6>User<\/h6> <input name=\"passwd\" type=\"text\" value=\"<?cs var:S.login.user ?>\" readonly=\"readonly\" \/><\/div>\n<div class=\"input\"> <h6>Password<\/h6> <input name=\"passwd\" type=\"password\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Confirm<\/h6> <input name=\"confirm\" type=\"password\" value=\"\" \/><\/div>\n<div class=\"input\"> <h6>Email<\/h6> <input name=\"email\" type=\"text\" value=\"<?cs var:S.login.email ?>\" \/><\/div>\n<div class=\"input\">\n<input name=\"submit\" type=\"submit\" value=\"update profile\" \/>\n<\/div>\n",
+"action":[
+"action:\/\/yslowviewer-action\/yslowviewer\/AccountAction"
+],
+"_u":"profile"
+}
@@ -1,5 +1,5 @@
{
-"@R":"1332249185",
+"@R":"1334040109",
"eredirect":"\/yslowviewer\/default\/main",
"layout":{
"type":"HorizontalWidget",
@@ -12,6 +12,31 @@
"component":"component:\/\/core-component\/default\/horizontal?get",
"children":[
{
+"type":"VerticalWidget",
+"class":"",
+"height":"",
+"width":"",
+"min_height":"",
+"min_width":"",
+"vpos":"right",
+"swidth":"200px",
+"extra":"",
+"component":"component:\/\/core-component\/default\/vertical?get",
+"children":[
+{
+"type":"HorizontalWidget",
+"class":"",
+"height":"",
+"width":"200px",
+"min_height":"",
+"min_width":"",
+"extra":"",
+"component":"component:\/\/yslowviewer-component\/default\/login?get",
+"children":[
+
+]
+},
+{
"type":"HorizontalWidget",
"class":"",
"height":"",
@@ -22,6 +47,8 @@
"component":"component:\/\/yslowviewer-component\/default\/header?get",
"children":[
+]
+}
]
},
{
@@ -57,5 +84,5 @@
"expires":"0",
"_u":"",
"bottom":"<script type=\"text\/javascript\" src=\"\/_s_\/yslowviewer\/default\/js\/jquery-1.4.4.min.js\"><\/script>\n",
-"session_exp":"0"
+"session_exp":"86400"
}
@@ -0,0 +1,33 @@
+{
+"@R":"1334022627",
+"eredirect":"",
+"redirect":"",
+"pre_action":"",
+"post_action":"",
+"session_exp":"2147483647",
+"expires":"0",
+"header":"<meta name=\"description\" content=\"\">\n",
+"pheader":"",
+"bottom":"",
+"layout":{
+"type":"HorizontalWidget",
+"class":"",
+"height":"",
+"width":"",
+"min_height":"",
+"min_width":"",
+"extra":"",
+"component":"component:\/\/core-component\/default\/horizontal#critical",
+"children":[
+{
+"type":"HorizontalWidget",
+"extra":"",
+"component":"component:\/\/yslowviewer-component\/default\/admin?get",
+"children":[
+
+]
+}
+]
+},
+"_u":"admin"
+}
@@ -0,0 +1,21 @@
+{
+"@R":"1334033142",
+"eredirect":"",
+"redirect":"",
+"pre_action":"",
+"post_action":"",
+"session_exp":"2147483647",
+"expires":"0",
+"header":"<meta name=\"description\" content=\"\">\n",
+"pheader":"",
+"bottom":"",
+"layout":{
+"type":"HorizontalWidget",
+"extra":"",
+"component":"component:\/\/yslowviewer-component\/default\/error?get",
+"children":[
+
+]
+},
+"_u":"error"
+}
@@ -0,0 +1,21 @@
+{
+"@R":"1334023193",
+"eredirect":"",
+"redirect":"",
+"pre_action":"",
+"post_action":"action:\/\/yslowviewer-action\/yslowviewer\/AccountAction",
+"session_exp":"2147483647",
+"expires":"0",
+"header":"<meta name=\"description\" content=\"\">\n",
+"pheader":"",
+"bottom":"",
+"layout":{
+"type":"HorizontalWidget",
+"component":"component:\/\/core-component\/default\/horizontal#critical",
+"extra":null,
+"children":[
+
+]
+},
+"_u":"login"
+}
@@ -1 +1,21 @@
-{"@R":"1332464154","eredirect":"","redirect":"","pre_action":"action:\/\/yslowviewer-action\/yslowviewer\/NetexportAction?set","post_action":"","session_exp":"0","expires":"0","header":"<meta name=\"description\" content=\"\">\n","pheader":"","bottom":"","layout":{"type":"PlainWidget","extra":"","component":"component:\/\/core-component\/default\/plain?get","children":[]},"_u":"nepost"}
+{
+"@R":"1334022655",
+"eredirect":"",
+"redirect":"",
+"pre_action":"action:\/\/yslowviewer-action\/yslowviewer\/NetexportAction?set",
+"post_action":"",
+"session_exp":"2147483647",
+"expires":"0",
+"header":null,
+"pheader":"",
+"bottom":"",
+"layout":{
+"type":"PlainWidget",
+"extra":"",
+"component":"component:\/\/core-component\/default\/plain?get",
+"children":[
+
+]
+},
+"_u":"nepost"
+}
@@ -0,0 +1,21 @@
+{
+"@R":"1334022985",
+"eredirect":"",
+"redirect":"",
+"pre_action":"",
+"post_action":"",
+"session_exp":"2147483647",
+"expires":"0",
+"header":"<meta name=\"description\" content=\"\">\n",
+"pheader":"",
+"bottom":"",
+"layout":{
+"type":"HorizontalWidget",
+"extra":"",
+"component":"component:\/\/yslowviewer-component\/default\/profile?get",
+"children":[
+
+]
+},
+"_u":"profile"
+}
Oops, something went wrong.

0 comments on commit 6f78870

Please sign in to comment.