From 59b5a0549635aa5c8320707cec75612746debdd0 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 30 Oct 2009 09:32:18 -0700 Subject: Rename the login helper to auth. Create a login and logout helper function to allow for programmically login in and out. --- modules/gallery/controllers/albums.php | 2 +- modules/gallery/controllers/login.php | 15 +++----- modules/gallery/controllers/logout.php | 12 +------ modules/gallery/helpers/auth.php | 56 ++++++++++++++++++++++++++++++ modules/gallery/helpers/login.php | 31 ----------------- modules/gallery/views/maintenance.html.php | 2 +- 6 files changed, 63 insertions(+), 55 deletions(-) create mode 100644 modules/gallery/helpers/auth.php delete mode 100644 modules/gallery/helpers/login.php (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index d393422e..a430b14d 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -29,7 +29,7 @@ class Albums_Controller extends Items_Controller { $view = new Theme_View("page.html", "login"); $view->page_title = t("Log in to Gallery"); $view->content = new View("login_ajax.html"); - $view->content->form = login::get_form("login/auth_html"); + $view->content->form = auth::get_login_form("login/auth_html"); print $view; return; } else { diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index 3978b64f..75ee6b9c 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -21,7 +21,7 @@ class Login_Controller extends Controller { public function ajax() { $view = new View("login_ajax.html"); - $view->form = login::get_form("login/auth_ajax"); + $view->form = auth::get_login_form("login/auth_ajax"); print $view; } @@ -40,7 +40,7 @@ class Login_Controller extends Controller { } public function html() { - print login::get_form("login/auth_html"); + print auth::get_login_form("login/auth_html"); } public function auth_html() { @@ -55,7 +55,7 @@ class Login_Controller extends Controller { } private function _auth($url) { - $form = login::get_form($url); + $form = auth::get_login_form($url); $valid = $form->validate(); if ($valid) { $user = identity::lookup_user_by_name($form->login->inputs["name"]->value); @@ -70,14 +70,7 @@ class Login_Controller extends Controller { } if ($valid) { - if (identity::is_writable()) { - $user->login_count += 1; - $user->last_login = time(); - $user->save(); - } - identity::set_active_user($user); - log::info("user", t("User %name logged in", array("name" => $user->name))); - module::event("user_login", $user); + auth::login($user); } // Either way, regenerate the session id to avoid session trapping diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php index 1b0364fd..2b93655d 100644 --- a/modules/gallery/controllers/logout.php +++ b/modules/gallery/controllers/logout.php @@ -19,17 +19,7 @@ */ class Logout_Controller extends Controller { public function index() { - $user = identity::active_user(); - if (!$user->guest) { - try { - Session::instance()->destroy(); - } catch (Exception $e) { - Kohana::log("error", $e); - } - module::event("user_logout", $user); - } - log::info("user", t("User %name logged out", array("name" => $user->name)), - html::anchor("user/$user->id", html::clean($user->name))); + auth::logout(); if ($continue_url = $this->input->get("continue")) { $item = url::get_item_from_uri($continue_url); if (access::can("view", $item)) { diff --git a/modules/gallery/helpers/auth.php b/modules/gallery/helpers/auth.php new file mode 100644 index 00000000..9c69cecd --- /dev/null +++ b/modules/gallery/helpers/auth.php @@ -0,0 +1,56 @@ + "g-login-form")); + $form->set_attr('class', "g-narrow"); + $group = $form->group("login")->label(t("Login")); + $group->input("name")->label(t("Username"))->id("g-username")->class(null); + $group->password("password")->label(t("Password"))->id("g-password")->class(null); + $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); + $group->submit("")->value(t("Login")); + return $form; + } + + static function login($user) { + if (identity::is_writable()) { + $user->login_count += 1; + $user->last_login = time(); + $user->save(); + } + identity::set_active_user($user); + log::info("user", t("User %name logged in", array("name" => $user->name))); + module::event("user_login", $user); + } + + static function logout() { + $user = identity::active_user(); + if (!$user->guest) { + try { + Session::instance()->destroy(); + } catch (Exception $e) { + Kohana::log("error", $e); + } + module::event("user_logout", $user); + } + log::info("user", t("User %name logged out", array("name" => $user->name)), + html::anchor("user/$user->id", html::clean($user->name))); + } +} \ No newline at end of file diff --git a/modules/gallery/helpers/login.php b/modules/gallery/helpers/login.php deleted file mode 100644 index cb961604..00000000 --- a/modules/gallery/helpers/login.php +++ /dev/null @@ -1,31 +0,0 @@ - "g-login-form")); - $form->set_attr('class', "g-narrow"); - $group = $form->group("login")->label(t("Login")); - $group->input("name")->label(t("Username"))->id("g-username")->class(null); - $group->password("password")->label(t("Password"))->id("g-password")->class(null); - $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); - $group->submit("")->value(t("Login")); - return $form; - } -} \ No newline at end of file diff --git a/modules/gallery/views/maintenance.html.php b/modules/gallery/views/maintenance.html.php index 2fdc40a3..6351b6ab 100644 --- a/modules/gallery/views/maintenance.html.php +++ b/modules/gallery/views/maintenance.html.php @@ -43,7 +43,7 @@

- + -- cgit v1.2.3 From 294215258a30bb0e99701655ce2b69271446a867 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 30 Oct 2009 10:31:47 -0700 Subject: Include the graphics_toolkit_path from the advanced settings in the path when searching for the graphics toolkits directories. Fixes ticket #639 --- modules/gallery/helpers/graphics.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php index 1063c073..d6a2f00c 100644 --- a/modules/gallery/helpers/graphics.php +++ b/modules/gallery/helpers/graphics.php @@ -278,7 +278,10 @@ class graphics_Core { $toolkits->graphicsmagick->installed = false; $toolkits->graphicsmagick->error = t("GraphicsMagick requires the exec function"); } else { - putenv("PATH=" . getenv("PATH") . ":/usr/local/bin:/opt/local/bin:/opt/bin"); + $graphics_path = module::get_var("gallery", "graphics_toolkit_path", null); + + putenv("PATH=" . getenv("PATH") . (empty($graphics_path) ? "" : ":$graphics_path") . + ":/usr/local/bin:/opt/local/bin:/opt/bin"); // @todo: consider refactoring the two segments below into a loop since they are so // similar. -- cgit v1.2.3 From 90465012d18b9d795d315e2fdf0461b39716b0a5 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Fri, 30 Oct 2009 14:23:57 -0700 Subject: Patch to clean up loose ends when a user is deleted. * For items and tasks the owner id is set to admin * For notification subscriptions, the subscription is deleted * For comments, I've extracted the user name, email and url and set the guest_name, guest_email and guest_url columns while setting the author_id to identity::guest()->id Fix for ticket #777. --- modules/comment/helpers/comment_event.php | 11 +++++++++++ modules/gallery/helpers/gallery_event.php | 7 +++++++ modules/notification/helpers/notification_event.php | 4 ++++ 3 files changed, 22 insertions(+) (limited to 'modules/gallery') diff --git a/modules/comment/helpers/comment_event.php b/modules/comment/helpers/comment_event.php index 2199eb7f..f20e1a51 100644 --- a/modules/comment/helpers/comment_event.php +++ b/modules/comment/helpers/comment_event.php @@ -22,6 +22,17 @@ class comment_event_Core { Database::instance()->delete("comments", array("item_id" => $item->id)); } + static function user_deleted($user) { + $guest = identity::guest(); + Database::instance() + ->query("UPDATE {comments} + SET author_id = {$guest->id}, + guest_email = '{$user->email}', + guest_name = '{$user->name}', + guest_url = '{$user->url}' + WHERE author_id = {$user->id}"); + } + static function admin_menu($menu, $theme) { $menu->get("content_menu") ->append(Menu::factory("link") diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 87dee356..7e0382ec 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -28,6 +28,13 @@ class gallery_event_Core { locales::set_request_locale(); } + static function user_deleted($user) { + $admin = identity::admin_user(); + $db = Database::instance(); + $db->query("UPDATE {tasks} SET owner_id = {$admin->id} where owner_id = {$user->id}"); + $db->query("UPDATE {items} SET owner_id = {$admin->id} where owner_id = {$user->id}"); + } + static function group_created($group) { access::add_group($group); } diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index 3a369155..e6791071 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -52,6 +52,10 @@ class notification_event_Core { } } + static function user_deleted($user) { + Database::instance()->query("DELETE FROM {subscriptions} where user_id = {$user->id}"); + } + static function comment_created($comment) { try { if ($comment->state == "published") { -- cgit v1.2.3 From 47c75aa279f1ec140bdd2b5e4c975bee3c0c2055 Mon Sep 17 00:00:00 2001 From: Bharat Mediratta Date: Fri, 30 Oct 2009 15:40:22 -0700 Subject: Log an alert when we can't load a user. --- modules/gallery/models/log.php | 1 + 1 file changed, 1 insertion(+) (limited to 'modules/gallery') diff --git a/modules/gallery/models/log.php b/modules/gallery/models/log.php index 4f6b8c4b..c816a4a7 100644 --- a/modules/gallery/models/log.php +++ b/modules/gallery/models/log.php @@ -28,6 +28,7 @@ class Log_Model extends ORM { try { return identity::lookup_user($this->user_id); } catch (Exception $e) { + Kohana::log("alert", "Unable to load user with id $this->user_id"); return null; } } else { -- cgit v1.2.3 From 8db2406c0091212899f388f5cd17947434a3c734 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:11:06 -0700 Subject: Added a config parameter to the IdentityProvider to specifiy the configuration. This allows the ldap installer to instantiate the ldap Identity provider to use in the install and uninstall methods --- modules/gallery/libraries/IdentityProvider.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/libraries/IdentityProvider.php b/modules/gallery/libraries/IdentityProvider.php index aa519bd3..e213ae97 100644 --- a/modules/gallery/libraries/IdentityProvider.php +++ b/modules/gallery/libraries/IdentityProvider.php @@ -62,8 +62,10 @@ class IdentityProvider_Core { * * @return void */ - public function __construct() { - $config = module::get_var("gallery", "identity_provider", "user"); + public function __construct($config=null) { + if (empty($config)) { + $config = module::get_var("gallery", "identity_provider", "user"); + } // Test the config group name if (($this->config = Kohana::config("identity." . $config)) === NULL) { -- cgit v1.2.3 From abe42002b2250d4ecf5627293e0338e11c4bfdb0 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:13:35 -0700 Subject: Don't specify the default identity provider in the gallery installer. Let the user module use that as a trigger to set ownership of the root album to the administrator. --- modules/gallery/helpers/gallery_installer.php | 2 -- modules/user/helpers/user_installer.php | 14 ++++++++++++-- 2 files changed, 12 insertions(+), 4 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index 5daf1016..2eb02546 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -253,8 +253,6 @@ class gallery_installer { $theme->save(); } - module::set_var("gallery", "identity_provider", "user"); - block_manager::add("dashboard_sidebar", "gallery", "block_adder"); block_manager::add("dashboard_sidebar", "gallery", "stats"); block_manager::add("dashboard_sidebar", "gallery", "platform_info"); diff --git a/modules/user/helpers/user_installer.php b/modules/user/helpers/user_installer.php index 9aad4130..0cba502f 100644 --- a/modules/user/helpers/user_installer.php +++ b/modules/user/helpers/user_installer.php @@ -70,8 +70,18 @@ class user_installer { $admin->admin = true; $admin->save(); - // Let the admin own everything - $db->query("update {items} set owner_id = {$admin->id}"); + $current_provider = module::get_var("gallery", "identity_provider"); + if (empty($current_provider)) { + // If there is no provider defined then we are doing an initial install + // so we need to set the provider and make the administrator own everything + // If the installer is called and there is an identity provider, then we + // are switching identity providers and and the event handlers will do the + // right things + module::set_var("gallery", "identity_provider", "user"); + + // Let the admin own everything + $db->query("update {items} set owner_id = {$admin->id}"); + } $root = ORM::factory("item", 1); access::allow($everybody, "view", $root); -- cgit v1.2.3 From 7f4e71e52688d15cbc53baed10660f81f2de6551 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:15:17 -0700 Subject: fix an issue with the scroll bar appearing on the confirmation dialog and insure that dialog is removed if cancel is pressed, so we can correctly reshow it if required. --- modules/gallery/views/admin_identity.html.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/views/admin_identity.html.php b/modules/gallery/views/admin_identity.html.php index 9a34dcc4..70fe401f 100644 --- a/modules/gallery/views/admin_identity.html.php +++ b/modules/gallery/views/admin_identity.html.php @@ -12,7 +12,7 @@ bgiframe: true, title: for_js() ?>, resizable: false, - height:165, + height:180, modal: true, overlay: { backgroundColor: '#000', @@ -20,10 +20,10 @@ }, buttons: { "Continue": function() { - $("##g-dialog form").submit(); + $("#g-dialog form").submit(); }, Cancel: function() { - $(this).dialog('close'); + $(this).dialog('destroy').remove(); } } }); -- cgit v1.2.3 From 80b892915f7286d3cb8daef3ba12c012738cef28 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:22:12 -0700 Subject: Change the order of processing to allow various modules to respond to the identity change event after the new provider instance has been installed. Once the new provider is installed and activated, we can uninstall the old provider which causes users to be deleted. This should be safer, because at this point our new identity provider has been installed, most of the ownership issues have been resolved by the identity change handlers. If there are any ownership issues left, the user deleted event has the new identity provider to uses to rectify them. --- modules/gallery/controllers/admin_identity.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/controllers/admin_identity.php b/modules/gallery/controllers/admin_identity.php index 520b1966..acf71665 100644 --- a/modules/gallery/controllers/admin_identity.php +++ b/modules/gallery/controllers/admin_identity.php @@ -40,15 +40,11 @@ class Admin_Identity_Controller extends Admin_Controller { $active_provider = module::get_var("gallery", "identity_provider", "user"); $providers = identity::providers(); - $new_provider = $this->input->post("provider"); if ($new_provider != $active_provider) { - module::event("identity_before_change", $active_provider, $new_provider); - module::deactivate($active_provider); - module::uninstall($active_provider); // Switch authentication identity::reset(); @@ -57,6 +53,10 @@ class Admin_Identity_Controller extends Admin_Controller { module::install($new_provider); module::activate($new_provider); + module::event("identity_provider_changed", $active_provider, $new_provider); + + module::uninstall($active_provider); + message::success(t("Changed to %description", array("description" => $providers->$new_provider))); -- cgit v1.2.3 From 903b5f6f67faaf8d8b25d8efd279f0ebe669f4d2 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:23:05 -0700 Subject: Add identity_change handlers to resolve the ownership issues of comments, subscription, items and tasks. --- modules/comment/helpers/comment_event.php | 16 +++++++++++++--- modules/gallery/helpers/gallery_event.php | 7 +++++++ modules/notification/helpers/notification_event.php | 4 ++++ 3 files changed, 24 insertions(+), 3 deletions(-) (limited to 'modules/gallery') diff --git a/modules/comment/helpers/comment_event.php b/modules/comment/helpers/comment_event.php index f20e1a51..ddf72e3c 100644 --- a/modules/comment/helpers/comment_event.php +++ b/modules/comment/helpers/comment_event.php @@ -27,12 +27,22 @@ class comment_event_Core { Database::instance() ->query("UPDATE {comments} SET author_id = {$guest->id}, - guest_email = '{$user->email}', - guest_name = '{$user->name}', - guest_url = '{$user->url}' + guest_email = NULL, + guest_name = 'guest', + guest_url = NULL WHERE author_id = {$user->id}"); } + static function identity_provider_changed($old_provider, $new_provider) { + $guest = identity::guest(); + Database::instance() + ->query("UPDATE {comments} + SET author_id = {$guest->id}, + guest_email = NULL, + guest_name = 'guest', + guest_url = null"); + } + static function admin_menu($menu, $theme) { $menu->get("content_menu") ->append(Menu::factory("link") diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index 7e0382ec..f3ad1630 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -35,6 +35,13 @@ class gallery_event_Core { $db->query("UPDATE {items} SET owner_id = {$admin->id} where owner_id = {$user->id}"); } + static function identity_provider_changed($old_provider, $new_provider) { + $admin = identity::admin_user(); + $db = Database::instance(); + $db->query("UPDATE {tasks} SET owner_id = {$admin->id}"); + $db->query("UPDATE {items} SET owner_id = {$admin->id}"); + } + static function group_created($group) { access::add_group($group); } diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index e6791071..b82e4f0f 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -56,6 +56,10 @@ class notification_event_Core { Database::instance()->query("DELETE FROM {subscriptions} where user_id = {$user->id}"); } + static function identity_provider_changed($old_provider, $new_provider) { + Database::instance()->query("DELETE FROM {subscriptions}"); + } + static function comment_created($comment) { try { if ($comment->state == "published") { -- cgit v1.2.3 From c3dcfd136bea8ec4b627a7d38f618ac97c9ea4a0 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 14:41:55 -0700 Subject: Move the identity provider menu item under the settings menu and make the User/Groups administration a first level menu item. As discussed via -devel mailing list. --- modules/gallery/helpers/gallery_event.php | 13 +++++-------- modules/user/helpers/user_event.php | 9 ++++----- 2 files changed, 9 insertions(+), 13 deletions(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index f3ad1630..582e3267 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -179,7 +179,11 @@ class gallery_event_Core { ->append(Menu::factory("link") ->id("advanced") ->label(t("Advanced")) - ->url(url::site("admin/advanced_settings")))) + ->url(url::site("admin/advanced_settings"))) + ->append(Menu::factory("link") + ->id("identity_drivers") + ->label(t("Identity drivers")) + ->url(url::site("admin/identity")))) ->append(Menu::factory("link") ->id("modules") ->label(t("Modules")) @@ -202,13 +206,6 @@ class gallery_event_Core { ->id("sidebar") ->label(t("Manage sidebar")) ->url(url::site("admin/sidebar")))) - ->append(Menu::factory("submenu") - ->id("identity_menu") - ->label(t("Identity management")) - ->append(Menu::factory("link") - ->id("identity_drivers") - ->label(t("Identity drivers")) - ->url(url::site("admin/identity")))) ->append(Menu::factory("submenu") ->id("statistics_menu") ->label(t("Statistics"))) diff --git a/modules/user/helpers/user_event.php b/modules/user/helpers/user_event.php index e3dbacb7..11b9c56c 100644 --- a/modules/user/helpers/user_event.php +++ b/modules/user/helpers/user_event.php @@ -20,11 +20,10 @@ class user_event_Core { static function admin_menu($menu, $theme) { - $menu->get("identity_menu") - ->append(Menu::factory("link") - ->id("users_groups") - ->label(t("Users/Groups")) - ->url(url::site("admin/users"))); + $menu->add_after("appearance_menu", Menu::factory("link") + ->id("users_groups") + ->label(t("Users/Groups")) + ->url(url::site("admin/users"))); return $menu; } -- cgit v1.2.3 From e72022f062ba22f9f11a9ce063c49dfd790d5d40 Mon Sep 17 00:00:00 2001 From: Tim Almdal Date: Sat, 31 Oct 2009 16:23:08 -0700 Subject: Include the gallery_toolkit_path in the path when determining the location of ffmpeg. --- modules/gallery/helpers/movie.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'modules/gallery') diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index 6dac0803..e84e8ea6 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -190,7 +190,10 @@ class movie_Core { static function find_ffmpeg() { if (!$ffmpeg_path = module::get_var("gallery", "ffmpeg_path")) { - putenv("PATH=" . getenv("PATH") . ":/usr/local/bin:/opt/local/bin:/opt/bin"); + $graphics_path = module::get_var("gallery", "graphics_toolkit_path", null); + + putenv("PATH=" . getenv("PATH") . (empty($graphics_path) ? "" : ":$graphics_path") . + ":/usr/local/bin:/opt/local/bin:/opt/bin"); if (function_exists("exec")) { $ffmpeg_path = exec("which ffmpeg"); } -- cgit v1.2.3