liquid_feedback_frontend
changeset 813:ea2449916c12
Cleaned up public access levels
| author | bsw |
|---|---|
| date | Fri Jul 06 13:58:20 2012 +0200 (2012-07-06) |
| parents | e12f0348b191 |
| children | b68880106e7e |
| files | app/main/_filter/21_auth.lua app/main/_filter_view/30_navigation.lua app/main/event/_list.lua app/main/index/index.lua app/main/index/login.lua app/main/index/search.lua app/main/initiative/_show.lua app/main/issue/show.lua app/main/member/show.lua config/example.lua config/init.lua model/member.lua model/session.lua |
line diff
1.1 --- a/app/main/_filter/21_auth.lua Fri Jul 06 13:34:02 2012 +0200 1.2 +++ b/app/main/_filter/21_auth.lua Fri Jul 06 13:58:20 2012 +0200 1.3 @@ -20,7 +20,7 @@ 1.4 ) 1.5 ) 1.6 1.7 -if config.public_access then 1.8 +if app.session:has_access("anonymous") then 1.9 1.10 if 1.11 module == "area" and view == "show" 1.12 @@ -41,7 +41,7 @@ 1.13 1.14 end 1.15 1.16 -if config.public_access == "full" then 1.17 +if app.session:has_access("all_pseudonymous") then 1.18 if module == "member_image" and view == "show" 1.19 or module == "vote" and view == "show_incoming" 1.20 or module == "interest" and view == "show_incoming" 1.21 @@ -50,11 +50,17 @@ 1.22 end 1.23 end 1.24 1.25 +if app.session:has_access("everything") then 1.26 + if module == "member" and (view == "show" or view == "history") then 1.27 + auth_needed = false 1.28 + end 1.29 +end 1.30 + 1.31 if module == "sitemap" then 1.32 auth_needed = false 1.33 end 1.34 1.35 -if config.public_access and not app.session.member_id and auth_needed and module == "index" and view == "index" then 1.36 +if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then 1.37 if config.single_unit_id then 1.38 request.redirect{ module = "unit", view = "show", id = config.single_unit_id } 1.39 else
2.1 --- a/app/main/_filter_view/30_navigation.lua Fri Jul 06 13:34:02 2012 +0200 2.2 +++ b/app/main/_filter_view/30_navigation.lua Fri Jul 06 13:58:20 2012 +0200 2.3 @@ -9,25 +9,28 @@ 2.4 module = 'index', 2.5 view = 'index' 2.6 } 2.7 - ui.link{ 2.8 - content = _"Search", 2.9 - module = 'index', 2.10 - view = 'search' 2.11 - } 2.12 + 2.13 + if app.session:has_access("anonymous") then 2.14 2.15 - 2.16 - 2.17 - if config.public_access and app.session.member == nil then 2.18 ui.link{ 2.19 - text = _"Login", 2.20 + content = _"Search", 2.21 module = 'index', 2.22 - view = 'login', 2.23 - params = { 2.24 - redirect_module = request.get_module(), 2.25 - redirect_view = request.get_view(), 2.26 - redirect_id = param.get_id() 2.27 + view = 'search' 2.28 + } 2.29 + 2.30 + if app.session.member == nil then 2.31 + ui.link{ 2.32 + text = _"Login", 2.33 + module = 'index', 2.34 + view = 'login', 2.35 + params = { 2.36 + redirect_module = request.get_module(), 2.37 + redirect_view = request.get_view(), 2.38 + redirect_id = param.get_id() 2.39 + } 2.40 } 2.41 - } 2.42 + end 2.43 + 2.44 end 2.45 2.46 if app.session.member == nil then
3.1 --- a/app/main/event/_list.lua Fri Jul 06 13:34:02 2012 +0200 3.2 +++ b/app/main/event/_list.lua Fri Jul 06 13:58:20 2012 +0200 3.3 @@ -96,7 +96,7 @@ 3.4 slot.put(")") 3.5 end 3.6 --]] 3.7 - if (app.session.member_id or config.public_access == "pseudonym") and event.member_id then 3.8 + if app.session:has_access("authors_pseudonymous") and event.member_id then 3.9 slot.put("<br />") 3.10 slot.put("<br />") 3.11 if app.session.member_id then
4.1 --- a/app/main/index/index.lua Fri Jul 06 13:34:02 2012 +0200 4.2 +++ b/app/main/index/index.lua Fri Jul 06 13:58:20 2012 +0200 4.3 @@ -5,7 +5,7 @@ 4.4 module = "index", view = "_index_member" 4.5 } 4.6 4.7 -elseif config.public_access then 4.8 +elseif app.session:has_access("anonymous") then 4.9 if config.motd_public then 4.10 local help_text = config.motd_public 4.11 ui.container{
5.1 --- a/app/main/index/login.lua Fri Jul 06 13:34:02 2012 +0200 5.2 +++ b/app/main/index/login.lua Fri Jul 06 13:58:20 2012 +0200 5.3 @@ -20,7 +20,7 @@ 5.4 } 5.5 end 5.6 5.7 -if config.public_access then 5.8 +if app.session:has_access("anonymous") then 5.9 ui.tag{ 5.10 tag = 'p', 5.11 content = _'You need to be logged in, to use all features of this system.'
6.1 --- a/app/main/index/search.lua Fri Jul 06 13:34:02 2012 +0200 6.2 +++ b/app/main/index/search.lua Fri Jul 06 13:58:20 2012 +0200 6.3 @@ -15,7 +15,7 @@ 6.4 attr = { class = "vertical" }, 6.5 content = function() 6.6 6.7 - if app.session.member_id or config.public_access == "full" then 6.8 + if app.session:has_access("all_pseudonymous") then 6.9 ui.field.select{ 6.10 label = _"Search context", 6.11 name = "search_for", 6.12 @@ -38,7 +38,7 @@ 6.13 6.14 if search_string then 6.15 6.16 - if app.session.member_id or config.public_access == "full" then 6.17 + if app.session:has_access("all_pseudonymous") then 6.18 if search_for == "global" or search_for == "member" then 6.19 local members_selector = Member:get_search_selector(search_string) 6.20 execute.view{
7.1 --- a/app/main/initiative/_show.lua Fri Jul 06 13:34:02 2012 +0200 7.2 +++ b/app/main/initiative/_show.lua Fri Jul 06 13:58:20 2012 +0200 7.3 @@ -64,14 +64,14 @@ 7.4 else 7.5 ui.container{ attr = { class = "title" }, content = text } 7.6 end 7.7 - if app.session.member_id or config.public_access == "pseudonym" or config.public_access == "full" then 7.8 + if app.session:has_access("authors_pseudonymous") then 7.9 ui.container{ attr = { class = "content" }, content = function() 7.10 ui.tag{ 7.11 attr = { class = "initiator_names" }, 7.12 content = function() 7.13 for i, initiator in ipairs(initiators) do 7.14 slot.put(" ") 7.15 - if app.session.member_id or config.public_access == "full" then 7.16 + if app.session:has_access("all_pseudonymous") then 7.17 ui.link{ 7.18 content = function () 7.19 execute.view{ 7.20 @@ -421,7 +421,7 @@ 7.21 } 7.22 7.23 7.24 - if config.public_access == "full" or app.session.member_id then 7.25 + if app.session:has_access("all_pseudonymous") then 7.26 if initiative.issue.ranks_available then 7.27 local members_selector = initiative.issue:get_reference_selector("direct_voters") 7.28 :left_join("vote", nil, { "vote.initiative_id = ? AND vote.member_id = member.id", initiative.id })
8.1 --- a/app/main/issue/show.lua Fri Jul 06 13:34:02 2012 +0200 8.2 +++ b/app/main/issue/show.lua Fri Jul 06 13:58:20 2012 +0200 8.3 @@ -17,7 +17,7 @@ 8.4 execute.view{ module = "issue", view = "_show", params = { issue = issue } } 8.5 end ) 8.6 8.7 -if app.session.member_id or config.public_access == "full" then 8.8 +if app.session:has_access("all_pseudonymous") then 8.9 8.10 ui.container{ attr = { class = "heading" }, content = _"Interested members" } 8.11
9.1 --- a/app/main/member/show.lua Fri Jul 06 13:34:02 2012 +0200 9.2 +++ b/app/main/member/show.lua Fri Jul 06 13:58:20 2012 +0200 9.3 @@ -55,7 +55,7 @@ 9.4 content = _"This member is locked" 9.5 } 9.6 end 9.7 - if not (member.id == app.session.member.id) then 9.8 + if app.session.member_id and not (member.id == app.session.member.id) then 9.9 slot.put(" · ") 9.10 --TODO performance 9.11 local contact = Contact:by_pk(app.session.member.id, member.id) 9.12 @@ -93,47 +93,49 @@ 9.13 } 9.14 end 9.15 end 9.16 - local ignored_member = IgnoredMember:by_pk(app.session.member.id, member.id) 9.17 - slot.put(" · ") 9.18 - if ignored_member then 9.19 - ui.tag{ 9.20 - attr = { class = "interest" }, 9.21 - content = _"You have ignored this member" 9.22 - } 9.23 + if app.session.member_id then 9.24 + local ignored_member = IgnoredMember:by_pk(app.session.member.id, member.id) 9.25 slot.put(" · ") 9.26 - ui.link{ 9.27 - text = _"Stop ignoring member", 9.28 - module = "member", 9.29 - action = "update_ignore_member", 9.30 - id = member.id, 9.31 - params = { delete = true }, 9.32 - routing = { 9.33 - default = { 9.34 - mode = "redirect", 9.35 - module = request.get_module(), 9.36 - view = request.get_view(), 9.37 - id = param.get_id_cgi(), 9.38 - params = param.get_all_cgi() 9.39 + if ignored_member then 9.40 + ui.tag{ 9.41 + attr = { class = "interest" }, 9.42 + content = _"You have ignored this member" 9.43 + } 9.44 + slot.put(" · ") 9.45 + ui.link{ 9.46 + text = _"Stop ignoring member", 9.47 + module = "member", 9.48 + action = "update_ignore_member", 9.49 + id = member.id, 9.50 + params = { delete = true }, 9.51 + routing = { 9.52 + default = { 9.53 + mode = "redirect", 9.54 + module = request.get_module(), 9.55 + view = request.get_view(), 9.56 + id = param.get_id_cgi(), 9.57 + params = param.get_all_cgi() 9.58 + } 9.59 } 9.60 } 9.61 - } 9.62 - elseif member.activated then 9.63 - ui.link{ 9.64 - attr = { class = "interest" }, 9.65 - text = _"Ignore member", 9.66 - module = "member", 9.67 - action = "update_ignore_member", 9.68 - id = member.id, 9.69 - routing = { 9.70 - default = { 9.71 - mode = "redirect", 9.72 - module = request.get_module(), 9.73 - view = request.get_view(), 9.74 - id = param.get_id_cgi(), 9.75 - params = param.get_all_cgi() 9.76 + elseif member.activated then 9.77 + ui.link{ 9.78 + attr = { class = "interest" }, 9.79 + text = _"Ignore member", 9.80 + module = "member", 9.81 + action = "update_ignore_member", 9.82 + id = member.id, 9.83 + routing = { 9.84 + default = { 9.85 + mode = "redirect", 9.86 + module = request.get_module(), 9.87 + view = request.get_view(), 9.88 + id = param.get_id_cgi(), 9.89 + params = param.get_all_cgi() 9.90 + } 9.91 } 9.92 } 9.93 - } 9.94 + end 9.95 end 9.96 end } 9.97 end)
10.1 --- a/config/example.lua Fri Jul 06 13:34:02 2012 +0200 10.2 +++ b/config/example.lua Fri Jul 06 13:58:20 2012 +0200 10.3 @@ -1,15 +1,22 @@ 10.4 -- ======================================================================== 10.5 --- MANDATORY (MUST BE SET!) 10.6 +-- MANDATORY (MUST BE CAREFULLY CHECKED AND PROPERLY SET!) 10.7 -- ======================================================================== 10.8 10.9 +-- Name of this instance, defaults to name of config file 10.10 +-- ------------------------------------------------------------------------ 10.11 +config.instance_name = "Instance name" 10.12 + 10.13 + 10.14 -- Information about service provider (HTML) 10.15 -- ------------------------------------------------------------------------ 10.16 config.app_service_provider = "Snake Oil<br/>10000 Berlin<br/>Germany" 10.17 10.18 + 10.19 -- A rocketwiki formatted text the user has to accept while registering 10.20 -- ------------------------------------------------------------------------ 10.21 config.use_terms = "=== Terms of Use ===" 10.22 10.23 + 10.24 -- Checkbox(es) the user has to accept while registering 10.25 -- ------------------------------------------------------------------------ 10.26 config.use_terms_checkboxes = { 10.27 @@ -24,7 +31,18 @@ 10.28 -- not_accepted_error = "You have to accept the extra terms of use to be able to register." 10.29 -- } 10.30 } 10.31 + 10.32 10.33 +-- Absolute base url of application 10.34 +-- ------------------------------------------------------------------------ 10.35 +config.absolute_base_url = "http://example.com/" 10.36 + 10.37 + 10.38 +-- Connection information for the LiquidFeedback database 10.39 +-- ------------------------------------------------------------------------ 10.40 +config.database = { engine='postgresql', dbname='liquid_feedback' } 10.41 + 10.42 + 10.43 -- Location of the rocketwiki binaries 10.44 -- ------------------------------------------------------------------------ 10.45 config.formatting_engine_executeables = { 10.46 @@ -32,17 +50,25 @@ 10.47 compat = "/opt/rocketwiki-lqfb/rocketwiki-lqfb-compat" 10.48 } 10.49 10.50 --- Absolute base url of application 10.51 --- ------------------------------------------------------------------------ 10.52 -config.absolute_base_url = "http://example.com/" 10.53 10.54 --- Name of this instance, defaults to name of config file 10.55 +-- Public access level 10.56 -- ------------------------------------------------------------------------ 10.57 -config.instance_name = "Instance name" 10.58 +-- Available options: 10.59 +-- "none" 10.60 +-- -> Closed user group, no public access at all 10.61 +-- (except login/registration/password reset) 10.62 +-- "anonymous" 10.63 +-- -> Shows only initiative/suggestions texts and aggregated 10.64 +-- supporter/voter counts 10.65 +-- "authors_pseudonymous" 10.66 +-- -> Like anonymous, but shows screen names of authors 10.67 +-- "all_pseudonymous" 10.68 +-- -> Show everything a member can see, except profile pages 10.69 +-- "everything" 10.70 +-- -> Show everything a member can see, including profile pages 10.71 +-- ------------------------------------------------------------------------ 10.72 +config.public_access = "none" 10.73 10.74 --- Connection information for the LiquidFeedback database 10.75 --- ------------------------------------------------------------------------ 10.76 -config.database = { engine='postgresql', dbname='liquid_feedback' } 10.77 10.78 10.79 -- ======================================================================== 10.80 @@ -85,12 +111,6 @@ 10.81 -- ------------------------------------------------------------------------ 10.82 -- config.download_use_terms = "=== Download use terms ===\n" 10.83 10.84 --- Set public access level 10.85 --- Available options: false, "anonymous", "pseudonym", "full" 10.86 --- Defaults to false (no public access) 10.87 --- ------------------------------------------------------------------------ 10.88 --- config.public_access = false 10.89 - 10.90 -- Use custom image conversion, defaults to ImageMagick's convert 10.91 -- ------------------------------------------------------------------------ 10.92 --config.member_image_content_type = "image/jpeg"
11.1 --- a/config/init.lua Fri Jul 06 13:34:02 2012 +0200 11.2 +++ b/config/init.lua Fri Jul 06 13:58:20 2012 +0200 11.3 @@ -28,10 +28,6 @@ 11.4 } 11.5 end 11.6 11.7 -if config.public_access == nil then 11.8 - config.public_access = false 11.9 -end 11.10 - 11.11 if config.locked_profile_fields == nil then 11.12 config.locked_profile_fields = {} 11.13 end
12.1 --- a/model/member.lua Fri Jul 06 13:34:02 2012 +0200 12.2 +++ b/model/member.lua Fri Jul 06 13:58:20 2012 +0200 12.3 @@ -470,7 +470,7 @@ 12.4 12.5 function Member.object:ui_field_text(args) 12.6 args = args or {} 12.7 - if app.session.member_id or config.public_access == "pseudonym" or config.public_access == "full" then 12.8 + if app.session:has_access("authors_pseudonymous") then 12.9 -- ugly workaround for getting html into a replaced string and to the user 12.10 ui.container{label = args.label, label_attr={class="ui_field_label"}, content = function() 12.11 slot.put(string.format('<span><a href="%s">%s</a></span>',
13.1 --- a/model/session.lua Fri Jul 06 13:34:02 2012 +0200 13.2 +++ b/model/session.lua Fri Jul 06 13:58:20 2012 +0200 13.3 @@ -31,3 +31,44 @@ 13.4 selector:optional_object_mode() 13.5 return selector:exec() 13.6 end 13.7 + 13.8 +function Session.object:has_access(level) 13.9 + if level == "member" then 13.10 + if app.session.member_id then 13.11 + return true 13.12 + else 13.13 + return false 13.14 + end 13.15 + 13.16 + elseif level == "everything" then 13.17 + if self:has_access("member") or config.public_access == "everything" then 13.18 + return true 13.19 + else 13.20 + return false 13.21 + end 13.22 + 13.23 + elseif level == "all_pseudonymous" then 13.24 + if self:has_access("everything") or config.public_access == "all_pseudonymous" then 13.25 + return true 13.26 + else 13.27 + return false 13.28 + end 13.29 + 13.30 + elseif level == "authors_pseudonymous" then 13.31 + if self:has_access("all_pseudonymous") or config.public_access == "authors_pseudonymous" then 13.32 + return true 13.33 + else 13.34 + return false 13.35 + end 13.36 + 13.37 + elseif level == "anonymous" then 13.38 + if self:has_access("authors_pseudonymous") or config.public_access == "anonymous" then 13.39 + return true 13.40 + else 13.41 + return false 13.42 + end 13.43 + 13.44 + end 13.45 + 13.46 + error("invalid access level") 13.47 +end