Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Make TestDostep_Userow pass, fix TestPuste_Logowanie

  • Loading branch information...
commit b0977e22f007a03787d956ee2804d440cf87d6fc 1 parent a8a450d
@tadzik authored
Showing with 18 additions and 14 deletions.
  1. +16 −12 Skunk.cpp
  2. +1 −1  Skunk.hpp
  3. +1 −1  puste_logowanie.py
View
28 Skunk.cpp
@@ -58,10 +58,13 @@ CSGI::Response Skunk::Server::get(CSGI::Env& env) {
resp.content.append("\t<body>");
resp.content.append("\n\t\t<form method='post' action='/'>\n");
+ std::string username = isAuthed(env);
for (it = widgets_.begin(); it != widgets_.end(); it++) {
Skunk::Widget *w = *it;
- resp.content.append(w->GET());
- resp.content.append("<hr/>");
+ if (auth_->canGET(username, w->id_)) {
+ resp.content.append(w->GET());
+ resp.content.append("<hr/>");
+ }
}
resp.content.append("\n\t\t\t<input type='submit' value='Zmień'/>");
@@ -101,12 +104,9 @@ StringMap parseCookies(std::string& src) {
return parseKeyVals(src, ";");
}
-bool Skunk::Server::isAuthed(CSGI::Env& env) {
+std::string Skunk::Server::isAuthed(CSGI::Env& env) {
StringMap cookies = parseCookies(env["HTTP_COOKIE"]);
- if (sessions_[cookies["sessionid"]].compare("") != 0) {
- return true;
- }
- return false;
+ return sessions_[cookies["sessionid"]];
}
CSGI::Response showLoginScreen() {
@@ -130,8 +130,9 @@ CSGI::Response showLoginScreen() {
}
CSGI::Response Skunk::Server::operator()(CSGI::Env& env) {
- std::string session = "";
- if (!isAuthed(env)) {
+ std::string session = "";
+ std::string username = isAuthed(env);
+ if (username.compare("") == 0) {
if (env["REQUEST_METHOD"].compare("POST") == 0) {
StringMap cred = parsePostData(env);
if (auth_->verify(cred["user"], cred["pass"])) {
@@ -150,9 +151,12 @@ CSGI::Response Skunk::Server::operator()(CSGI::Env& env) {
StringMap data = parsePostData(env);
StringMap::iterator it;
for (it = data.begin(); it != data.end(); it++) {
- if (widgets_map_[it->first] != NULL) {
- std::string decoded = urldecoder(it->second);
- widgets_map_[it->first]->POST(decoded);
+ Widget *w = widgets_map_[it->first];
+ if (w != NULL) {
+ if (auth_->canPOST(username, w->id_)) {
+ std::string decoded = urldecoder(it->second);
+ w->POST(decoded);
+ }
}
}
}
View
2  Skunk.hpp
@@ -77,7 +77,7 @@ class Server : CSGI::Application {
Server() : nextID_(0) { };
int addWidget(Widget *);
void setAuth(Auth *a) { auth_ = a; }
- bool isAuthed(CSGI::Env&);
+ std::string isAuthed(CSGI::Env&);
void run();
CSGI::Response get(CSGI::Env&);
virtual CSGI::Response operator()(CSGI::Env&);
View
2  puste_logowanie.py
@@ -8,7 +8,7 @@ def testuj_puste_logowanie():
user = get_element(tag='input', name='user')
passw = get_element(tag='input', name='pass')
- write_textfield(user,'admin')
+ write_textfield(user,'admin', check=False)
#write_textfield(passw,'')
submit = get_element(tag='input', type='submit')
click_element(submit)
Please sign in to comment.
Something went wrong with that request. Please try again.