| ... | ... |
@@ -63,26 +63,31 @@ sub check_user_and_password {
|
| 63 | 63 |
} |
| 64 | 64 |
|
| 65 | 65 |
sub is_collaborator {
|
| 66 |
- my ($self, $user, $project, $session_user) = @_; |
|
| 67 |
- |
|
| 68 |
- $session_user = $self->cntl->session('user') unless defined $session_user;
|
|
| 69 |
- return unless $session_user; |
|
| 66 |
+ my ($self, $user_id, $project_id, $collaborator_id) = @_; |
|
| 67 |
+ |
|
| 68 |
+ my $user_row_id = $self->get_user_row_id($user_id); |
|
| 69 |
+ my $project_row_id = $self->app->dbi->model('project')->select(
|
|
| 70 |
+ where => {user => $user_row_id, id => $project_id}
|
|
| 71 |
+ )->value; |
|
| 72 |
+ my $collaborator_row_id = $self->get_user_row_id($collaborator_id); |
|
| 70 | 73 |
|
| 71 | 74 |
my $row = $self->app->dbi->model('collaboration')->select(
|
| 72 |
- id => [$user, $project, $session_user] |
|
| 75 |
+ where => {project => $project_row_id, collaborator => $collaborator_row_id}
|
|
| 73 | 76 |
)->one; |
| 74 | 77 |
|
| 75 | 78 |
return $row ? 1 : 0; |
| 76 | 79 |
} |
| 77 | 80 |
|
| 78 | 81 |
sub can_access_private_project {
|
| 79 |
- my ($self, $user, $project) = @_; |
|
| 82 |
+ my ($self, $user_id, $project_id) = @_; |
|
| 80 | 83 |
|
| 81 |
- my $session_user = $self->cntl->session('user');
|
|
| 82 |
- $session_user = '' unless defined $session_user; |
|
| 84 |
+ my $session_user_row_id = $self->cntl->session('user_row_id');
|
|
| 85 |
+ my $session_user_id = $self->app->dbi->model('user')->select(
|
|
| 86 |
+ 'id', where => {row_id => $session_user_row_id}
|
|
| 87 |
+ )->value; |
|
| 83 | 88 |
|
| 84 | 89 |
my $is_valid = |
| 85 |
- ($user eq $session_user || $self->is_collaborator($user, $project)) |
|
| 90 |
+ ($user_id eq $session_user_id || $self->is_collaborator($user_id, $project_id, $session_user_id)) |
|
| 86 | 91 |
&& $self->logined; |
| 87 | 92 |
|
| 88 | 93 |
return $is_valid; |
| ... | ... |
@@ -103,30 +108,42 @@ sub logined_admin {
|
| 103 | 108 |
my $c = $self->cntl; |
| 104 | 109 |
|
| 105 | 110 |
# Check logined as admin |
| 106 |
- my $user = $c->session('user');
|
|
| 111 |
+ my $session_user_id = $self->session_user_id; |
|
| 112 |
+ |
|
| 113 |
+ return $self->app->manager->is_admin($session_user_id) && $self->logined($session_user_id); |
|
| 114 |
+} |
|
| 115 |
+ |
|
| 116 |
+sub session_user_id {
|
|
| 117 |
+ my $self = shift; |
|
| 118 |
+ |
|
| 119 |
+ my $session_user_row_id = $self->cntl->session('user_row_id');
|
|
| 120 |
+ my $session_user_id = $self->app->dbi->model('user')->select(
|
|
| 121 |
+ 'id', where => {row_id => $session_user_row_id}
|
|
| 122 |
+ )->value; |
|
| 107 | 123 |
|
| 108 |
- return $self->app->manager->is_admin($user) && $self->logined($user); |
|
| 124 |
+ return $session_user_id; |
|
| 109 | 125 |
} |
| 110 | 126 |
|
| 111 | 127 |
sub logined {
|
| 112 |
- my ($self, $user) = @_; |
|
| 128 |
+ my ($self, $user_id) = @_; |
|
| 113 | 129 |
|
| 114 | 130 |
my $c = $self->cntl; |
| 115 |
- |
|
| 116 | 131 |
my $dbi = $c->app->dbi; |
| 117 | 132 |
|
| 118 |
- my $current_user = $c->session('user');
|
|
| 133 |
+ my $session_user_row_id = $c->session('user_row_id');
|
|
| 134 |
+ my $session_user_id = $self->session_user_id; |
|
| 119 | 135 |
my $password = $c->session('password');
|
| 120 | 136 |
return unless defined $password; |
| 121 | 137 |
|
| 122 |
- my $correct_password |
|
| 123 |
- = $dbi->model('user')->select('password', id => $current_user)->value;
|
|
| 138 |
+ my $correct_password = $dbi->model('user')->select(
|
|
| 139 |
+ 'password', |
|
| 140 |
+ where => {row_id => $session_user_row_id}
|
|
| 141 |
+ )->value; |
|
| 124 | 142 |
return unless defined $correct_password; |
| 125 | 143 |
|
| 126 | 144 |
my $logined; |
| 127 |
- |
|
| 128 |
- if (defined $user) {
|
|
| 129 |
- $logined = $user eq $current_user && $password eq $correct_password; |
|
| 145 |
+ if (defined $user_id) {
|
|
| 146 |
+ $logined = $user_id eq $session_user_id && $password eq $correct_password; |
|
| 130 | 147 |
} |
| 131 | 148 |
else {
|
| 132 | 149 |
$logined = $password eq $correct_password |
| ... | ... |
@@ -56,7 +56,6 @@ |
| 56 | 56 |
# Login success |
| 57 | 57 |
my $password_encrypted = $user->{password};
|
| 58 | 58 |
my $admin = $user->{admin};
|
| 59 |
- session(user => $id); # Deprecated! |
|
| 60 | 59 |
session(user_row_id => $user->{row_id});
|
| 61 | 60 |
session(password => $password_encrypted); |
| 62 | 61 |
|
| ... | ... |
@@ -1,7 +1,8 @@ |
| 1 | 1 |
<% |
| 2 | 2 |
# API |
| 3 | 3 |
my $api = gitprep_api; |
| 4 |
- my $session_user = session('user');
|
|
| 4 |
+ my $session_user_row_id = session('user_row_id');
|
|
| 5 |
+ my $session_user = app->dbi->model('user')->select(where => {row_id => $session_user_row_id})->one;
|
|
| 5 | 6 |
|
| 6 | 7 |
my $op = param('op') || '';
|
| 7 | 8 |
|
| ... | ... |
@@ -14,7 +15,7 @@ |
| 14 | 15 |
my $errors; |
| 15 | 16 |
if ($op eq 'create') {
|
| 16 | 17 |
# Parameters |
| 17 |
- my $project = param('project');
|
|
| 18 |
+ my $project_id = param('project');
|
|
| 18 | 19 |
my $description = param('description');
|
| 19 | 20 |
my $readme = param('readme');
|
| 20 | 21 |
my $private = param('private');
|
| ... | ... |
@@ -26,13 +27,13 @@ |
| 26 | 27 |
my $validation = $vc->validation; |
| 27 | 28 |
|
| 28 | 29 |
# "project" |
| 29 |
- if (!(defined $project && length $project)) {
|
|
| 30 |
+ if (!(defined $project_id && length $project_id)) {
|
|
| 30 | 31 |
$validation->add_failed(project => 'Repository name is empty'); |
| 31 | 32 |
} |
| 32 |
- elsif (!$vc->check($project, 'project_name')) {
|
|
| 33 |
+ elsif (!$vc->check($project_id, 'project_name')) {
|
|
| 33 | 34 |
$validation->add_failed(project => 'Invalid repository name'); |
| 34 | 35 |
} |
| 35 |
- elsif (app->manager->exists_project($session_user, $project)) {
|
|
| 36 |
+ elsif (app->manager->exists_project($session_user->{id}, $project_id)) {
|
|
| 36 | 37 |
$validation->add_failed(project => 'Repository already exists'); |
| 37 | 38 |
} |
| 38 | 39 |
|
| ... | ... |
@@ -56,8 +57,8 @@ |
| 56 | 57 |
# Create repository |
| 57 | 58 |
eval {
|
| 58 | 59 |
$manager->create_project( |
| 59 |
- $session_user, |
|
| 60 |
- $project, |
|
| 60 |
+ $session_user->{id},
|
|
| 61 |
+ $project_id, |
|
| 61 | 62 |
{description => $description, readme => $readme, private => $private}
|
| 62 | 63 |
); |
| 63 | 64 |
}; |
| ... | ... |
@@ -67,7 +68,7 @@ |
| 67 | 68 |
$errors = ['Internal error']; |
| 68 | 69 |
} |
| 69 | 70 |
else {
|
| 70 |
- $self->redirect_to("/$session_user/$project");
|
|
| 71 |
+ $self->redirect_to("/$session_user->{id}/$project_id");
|
|
| 71 | 72 |
return; |
| 72 | 73 |
} |
| 73 | 74 |
} |
| ... | ... |
@@ -112,7 +113,7 @@ |
| 112 | 113 |
</tr> |
| 113 | 114 |
<tr> |
| 114 | 115 |
<td> |
| 115 |
- <i class="icon-user"></i><%= $session_user %> |
|
| 116 |
+ <i class="icon-user"></i><%= $session_user->{id} %>
|
|
| 116 | 117 |
</td> |
| 117 | 118 |
<td style="padding:0 10px"> |
| 118 | 119 |
/ |
| ... | ... |
@@ -2,10 +2,13 @@ |
| 2 | 2 |
# API |
| 3 | 3 |
my $api = gitprep_api; |
| 4 | 4 |
|
| 5 |
- # Paramters |
|
| 6 |
- my $user = param('user');
|
|
| 7 |
- my $project = param('project');
|
|
| 8 |
- my $current_user = session('user');
|
|
| 5 |
+ # Parameters |
|
| 6 |
+ my $user_id = param('user');
|
|
| 7 |
+ my $project_id = param('project');
|
|
| 8 |
+ my $session_user_row_id = session('user_row_id');
|
|
| 9 |
+ my $session_user = app->dbi->model('user')->select(
|
|
| 10 |
+ where => {row_id => $session_user_row_id}
|
|
| 11 |
+ )->one; |
|
| 9 | 12 |
|
| 10 | 13 |
# Can fork? |
| 11 | 14 |
unless ($api->logined) {
|
| ... | ... |
@@ -14,20 +17,20 @@ |
| 14 | 17 |
} |
| 15 | 18 |
|
| 16 | 19 |
# Repository is already exists |
| 17 |
- if (app->manager->exists_project($current_user, $project)) {
|
|
| 18 |
- $self->redirect_to("/$current_user/$project");
|
|
| 20 |
+ if (app->manager->exists_project($session_user->{id}, $project_id)) {
|
|
| 21 |
+ $self->redirect_to("/$session_user->{id}/$project_id");
|
|
| 19 | 22 |
return; |
| 20 | 23 |
} |
| 21 | 24 |
# Fork |
| 22 | 25 |
else {
|
| 23 |
- eval { app->manager->fork_project($current_user, $user, $project) };
|
|
| 26 |
+ eval { app->manager->fork_project($session_user->{id}, $user_id, $project_id) };
|
|
| 24 | 27 |
if (my $e = $@) {
|
| 25 | 28 |
$self->reply->exception('Internal Error');
|
| 26 | 29 |
app->log->error(url_for . ": $e"); |
| 27 | 30 |
} |
| 28 | 31 |
else {
|
| 29 |
- flash(message => "Repository is forked from /$user/$project."); |
|
| 30 |
- $self->redirect_to("/$current_user/$project");
|
|
| 32 |
+ flash(message => "Repository is forked from /$user_id/$project_id."); |
|
| 33 |
+ $self->redirect_to("/$session_user->{id}/$project_id");
|
|
| 31 | 34 |
} |
| 32 | 35 |
return; |
| 33 | 36 |
} |
| ... | ... |
@@ -2,8 +2,8 @@ |
| 2 | 2 |
my $api = gitprep_api; |
| 3 | 3 |
my $logined = $api->logined; |
| 4 | 4 |
|
| 5 |
- my $current_user_row_id = session('user_row_id');
|
|
| 6 |
- my $current_user = app->dbi->model('user')->select(where => {row_id => $current_user_row_id})->one;
|
|
| 5 |
+ my $session_user_row_id = session('user_row_id');
|
|
| 6 |
+ my $session_user = app->dbi->model('user')->select(where => {row_id => $session_user_row_id})->one;
|
|
| 7 | 7 |
|
| 8 | 8 |
my $user_id = $self->param('user');
|
| 9 | 9 |
|
| ... | ... |
@@ -33,21 +33,21 @@ |
| 33 | 33 |
<div class="header-right"> |
| 34 | 34 |
<div class="header-rigth-container"> |
| 35 | 35 |
% if ($api->logined) {
|
| 36 |
- % unless ($current_user->{id} eq 'admin') {
|
|
| 36 |
+ % unless ($session_user->{id} eq 'admin') {
|
|
| 37 | 37 |
<div class="header-btn-container"> |
| 38 | 38 |
<a class="btn btn-small" href="<%= url_for("/_new") %>">Create a new repo</a>
|
| 39 | 39 |
</div> |
| 40 | 40 |
<div class="header-btn-container"> |
| 41 |
- <a class="btn btn-small" href="<%= url_for("/$current_user->{id}/_settings") %>">Account Settings</a>
|
|
| 41 |
+ <a class="btn btn-small" href="<%= url_for("/$session_user->{id}/_settings") %>">Account Settings</a>
|
|
| 42 | 42 |
</div> |
| 43 | 43 |
% } |
| 44 | 44 |
% my $url = url_with->to_abs; |
| 45 | 45 |
<div class="header-btn-container"> |
| 46 | 46 |
<a class="btn btn-small" href="<%= url_for("/_logout?from=$url") %>">Sign out</a>
|
| 47 | 47 |
</div> |
| 48 |
- <!-- Logined as <%= $current_user->{id} %> -->
|
|
| 48 |
+ <!-- Logined as <%= $session_user->{id} %> -->
|
|
| 49 | 49 |
<div class="header-login-container"> |
| 50 |
- <i class="icon-user"></i><a href="<%= url_for("/$current_user->{id}") %>"><%= $current_user->{id} %></a>
|
|
| 50 |
+ <i class="icon-user"></i><a href="<%= url_for("/$session_user->{id}") %>"><%= $session_user->{id} %></a>
|
|
| 51 | 51 |
</div> |
| 52 | 52 |
% } else {
|
| 53 | 53 |
<div class="header-btn-container"> |
| ... | ... |
@@ -92,7 +92,7 @@ |
| 92 | 92 |
<div class="project-header-right-container"> |
| 93 | 93 |
% if (defined $project_id) {
|
| 94 | 94 |
<div class="project-header-btn-container"> |
| 95 |
- % if ($logined && $current_user->{id} ne $user_id ) {
|
|
| 95 |
+ % if ($logined && $session_user->{id} ne $user_id ) {
|
|
| 96 | 96 |
<a href="<%= url_for("/$user_id/$project_id/fork") %>" class="btn">Fork</a>
|
| 97 | 97 |
% } else {
|
| 98 | 98 |
<button class="btn disabled" disabled>Fork</button> |
| ... | ... |
@@ -128,7 +128,7 @@ |
| 128 | 128 |
Graph |
| 129 | 129 |
</a> |
| 130 | 130 |
</li> |
| 131 |
- % if ($logined && $user_id eq session('user')) {
|
|
| 131 |
+ % if ($logined && $user_id eq $session_user->{id}) {
|
|
| 132 | 132 |
<li class="<%= $tab eq 'settings' ? 'active' : '' %>"> |
| 133 | 133 |
<a href="<%= url_for("/$user_id/$project_id/settings") %>">
|
| 134 | 134 |
<i class="icon-cog"></i> |