... | ... |
@@ -174,17 +174,21 @@ EOS |
174 | 174 |
|
175 | 175 |
# User defined Routes |
176 | 176 |
{ |
177 |
- |
|
178 |
- # Reset admin password |
|
179 |
- $r->any('/reset-password')->name('reset-password') |
|
180 |
- if $conf->{admin}{reset_password}; |
|
181 |
- |
|
182 | 177 |
# User |
183 |
- $r->get('/:user')->name('user'); |
|
178 |
+ my $r = $r->route('/:user'); |
|
179 |
+ { |
|
180 |
+ # Home |
|
181 |
+ $r->get('/')->name('user'); |
|
182 |
+ |
|
183 |
+ # Settings |
|
184 |
+ $r->get('/_settings')->name('user-settings'); |
|
185 |
+ } |
|
184 | 186 |
|
185 | 187 |
# Project |
186 | 188 |
{ |
187 |
- my $r = $r->route('/:user/:project'); |
|
189 |
+ my $r = $r->route('/:project'); |
|
190 |
+ |
|
191 |
+ # Home |
|
188 | 192 |
$r->get('/')->name('project'); |
189 | 193 |
|
190 | 194 |
# Commit |
... | ... |
@@ -220,7 +224,7 @@ EOS |
220 | 224 |
$r->get('/compare/(#rev1)...(#rev2)')->name('compare'); |
221 | 225 |
|
222 | 226 |
# Settings |
223 |
- $r->any('/settings')->name('settings'); |
|
227 |
+ $r->any('/settings')->name('project-settings'); |
|
224 | 228 |
|
225 | 229 |
# Fork |
226 | 230 |
$r->any('/fork')->name('fork'); |
... | ... |
@@ -12,6 +12,21 @@ sub dirname { File::Basename::dirname(@_) } |
12 | 12 |
|
13 | 13 |
has 'cntl'; |
14 | 14 |
|
15 |
+sub admin_user { |
|
16 |
+ my $self = shift; |
|
17 |
+ |
|
18 |
+ # DBI |
|
19 |
+ my $dbi = $self->cntl->app->dbi; |
|
20 |
+ |
|
21 |
+ # Admin user |
|
22 |
+ my $users = $dbi->model('user')->select->filter('config' => 'json')->all; |
|
23 |
+ for my $user (@$users) { |
|
24 |
+ return $user->{id} if $user->{config}{admin}; |
|
25 |
+ } |
|
26 |
+ |
|
27 |
+ return; |
|
28 |
+} |
|
29 |
+ |
|
15 | 30 |
sub encrypt_password { |
16 | 31 |
my ($self, $password) = @_; |
17 | 32 |
|
... | ... |
@@ -81,7 +96,7 @@ sub logined_admin { |
81 | 96 |
my $c = $self->cntl; |
82 | 97 |
|
83 | 98 |
# Check logined as admin |
84 |
- my $user = $c->session('user_id'); |
|
99 |
+ my $user = $c->session('user'); |
|
85 | 100 |
|
86 | 101 |
return $self->is_admin($user) && $self->logined; |
87 | 102 |
} |
... | ... |
@@ -99,17 +114,17 @@ sub json { |
99 | 114 |
} |
100 | 115 |
|
101 | 116 |
sub logined { |
102 |
- my ($self, $user) = @_; |
|
117 |
+ my $self = shift; |
|
103 | 118 |
|
104 | 119 |
my $c = $self->cntl; |
105 | 120 |
|
106 | 121 |
my $dbi = $c->app->dbi; |
107 | 122 |
|
108 |
- my $id = $c->session('user_id'); |
|
109 |
- my $password = $c->session('user_password'); |
|
123 |
+ my $user = $c->session('user'); |
|
124 |
+ my $password = $c->session('password'); |
|
110 | 125 |
return unless defined $password; |
111 | 126 |
|
112 |
- my $row = $dbi->model('user')->select('config', id => $id)->one; |
|
127 |
+ my $row = $dbi->model('user')->select('config', id => $user)->one; |
|
113 | 128 |
return unless $row; |
114 | 129 |
my $config = $self->json($row->{config}); |
115 | 130 |
|
... | ... |
@@ -37,7 +37,7 @@ |
37 | 37 |
} |
38 | 38 |
|
39 | 39 |
my $data = $vresult->data; |
40 |
- my $user = session('user_id'); |
|
40 |
+ my $user = session('user'); |
|
41 | 41 |
my $project = $data->{project}; |
42 | 42 |
my $description = $data->{description}; |
43 | 43 |
my $readme = $data->{readme}; |
... | ... |
@@ -18,18 +18,20 @@ |
18 | 18 |
<div><h3>Admin Users</h3></div> |
19 | 19 |
<div style="margin-bottom:10px"><a class="btn" href="/_admin/user/create">Create User</a></div> |
20 | 20 |
<div class="container"> |
21 |
- <table class="table"> |
|
22 |
- % for my $user (@$users) { |
|
23 |
- <tr> |
|
24 |
- <td> |
|
25 |
- <a href="#"><%= $user->{id} %></a> |
|
26 |
- </td> |
|
27 |
- <td style="text-align:right"> |
|
28 |
- <a class="btn btn-mini" href="<%= url_for("/_admin/user/delete?user=$user->{id}") %>">Delete</a> |
|
29 |
- </td> |
|
30 |
- </tr> |
|
31 |
- % } |
|
32 |
- </table> |
|
21 |
+ <table class="table"> |
|
22 |
+ % for my $user (@$users) { |
|
23 |
+ % my $uid = $user->{id}; |
|
24 |
+ <tr> |
|
25 |
+ <td> |
|
26 |
+ <a href="#"><%= $uid %></a> |
|
27 |
+ </td> |
|
28 |
+ <td style="text-align:right"> |
|
29 |
+ <a class="btn btn-mini" href="<%= url_for("/reset-password?user=$uid") %>">Reset Password</a> |
|
30 |
+ <a class="btn btn-mini" href="<%= url_for("/_admin/user/delete?user=$uid") %>">Delete</a> |
|
31 |
+ </td> |
|
32 |
+ </tr> |
|
33 |
+ % } |
|
34 |
+ </table> |
|
33 | 35 |
</div> |
34 | 36 |
</div> |
35 | 37 |
<div class="text-center" style="margin-bottom:20px"><big><a href="/_admin">Admin page</a></big></div> |
... | ... |
@@ -63,8 +63,8 @@ |
63 | 63 |
my $config = $api->json($config_json); |
64 | 64 |
my $password_encrypted = $config->{password}; |
65 | 65 |
my $admin = $config->{admin}; |
66 |
- session(user_id => $id); |
|
67 |
- session(user_password => $password_encrypted); |
|
66 |
+ session(user => $id); |
|
67 |
+ session(password => $password_encrypted); |
|
68 | 68 |
|
69 | 69 |
# Go to admin page |
70 | 70 |
if ($admin) { |
... | ... |
@@ -1,5 +1,4 @@ |
1 | 1 |
<% |
2 |
- use Mojo::Util 'md5_sum'; |
|
3 | 2 |
|
4 | 3 |
# API |
5 | 4 |
my $api = gitprep_api; |
... | ... |
@@ -7,6 +6,34 @@ |
7 | 6 |
# Operator |
8 | 7 |
my $op = param('op') || ''; |
9 | 8 |
|
9 |
+ # Current user |
|
10 |
+ my $current_user = session('user'); |
|
11 |
+ |
|
12 |
+ # User |
|
13 |
+ my $user = param('user'); |
|
14 |
+ |
|
15 |
+ # Reset password |
|
16 |
+ my $reset_password_conf_on; |
|
17 |
+ my $admin_user = $api->admin_user; |
|
18 |
+ # Reset password config |
|
19 |
+ if (app->config->{admin}{reset_password}) { |
|
20 |
+ $user = $admin_user; |
|
21 |
+ $reset_password_conf_on = 1; |
|
22 |
+ } |
|
23 |
+ # Normal user can't change other user password |
|
24 |
+ elsif ($api->logined |
|
25 |
+ && $current_user ne $admin_user |
|
26 |
+ && $current_user ne $user) |
|
27 |
+ { |
|
28 |
+ $self->redirect_to('/'); |
|
29 |
+ return 1; |
|
30 |
+ } |
|
31 |
+ # Not logined |
|
32 |
+ elsif (!$api->logined) { |
|
33 |
+ $self->redirect_to('/'); |
|
34 |
+ return 1; |
|
35 |
+ } |
|
36 |
+ |
|
10 | 37 |
# Error |
11 | 38 |
my $errors; |
12 | 39 |
|
... | ... |
@@ -17,7 +44,7 @@ |
17 | 44 |
sleep 3; |
18 | 45 |
|
19 | 46 |
# Check existence admin user |
20 |
- my $admin_user = app->dbi->model('user')->select(id => 'admin')->one; |
|
47 |
+ my $admin_user = app->dbi->model('user')->select(id => $user)->one; |
|
21 | 48 |
|
22 | 49 |
# Reset password |
23 | 50 |
if ($admin_user) { |
... | ... |
@@ -41,27 +68,31 @@ |
41 | 68 |
|
42 | 69 |
# Valid parameters |
43 | 70 |
my $valid_params = $vresult->data; |
44 |
- my $id = 'admin'; |
|
45 | 71 |
my ($password_encrypted, $salt) |
46 | 72 |
= $api->encrypt_password($valid_params->{password}); |
47 | 73 |
|
48 | 74 |
# Create admin user |
49 | 75 |
my $dbi = app->dbi; |
50 | 76 |
|
51 |
- my $config_json = $dbi->model('user')->select('config', id => $id)->value; |
|
77 |
+ my $config_json = $dbi->model('user')->select('config', id => $user)->value; |
|
52 | 78 |
if (defined $config_json) { |
53 | 79 |
my $config = $api->json($config_json); |
54 | 80 |
$config->{password} = $password_encrypted; |
55 | 81 |
$config->{salt} = $salt; |
56 |
- $self->app->dbi->model('user')->update({config => $config_json}, id => $id); |
|
82 |
+ $self->app->dbi->model('user')->update({config => $config_json}, id => $user); |
|
57 | 83 |
} |
58 |
- else { $errors = ["Admin user don't exists"] } |
|
84 |
+ else { $errors = ["User $user don't exists"] } |
|
59 | 85 |
|
60 | 86 |
# Redirect |
61 |
- my $message = "Password is reseted. Don't forget" |
|
62 |
- . " to comment out reset_password option line from config file"; |
|
63 |
- flash(message => $message); |
|
64 |
- $self->redirect_to('current'); |
|
87 |
+ my $messages = []; |
|
88 |
+ push @$messages, "Success Reset Password: User $user password is changed"; |
|
89 |
+ if ($reset_password_conf_on) { |
|
90 |
+ my $message = "Password is reseted. Don't forget" |
|
91 |
+ . " to comment out reset_password option line from config file"; |
|
92 |
+ push @$messages, $message; |
|
93 |
+ } |
|
94 |
+ flash(messages => $messages); |
|
95 |
+ $self->redirect_to(url_for->query(user => $user)); |
|
65 | 96 |
} |
66 | 97 |
else { $errors = $vresult->messages } |
67 | 98 |
} |
... | ... |
@@ -74,10 +105,12 @@ |
74 | 105 |
%= include '/include/header'; |
75 | 106 |
|
76 | 107 |
<div class="container"> |
77 |
- % if (my $message = flash('message')) { |
|
108 |
+ % if (my $messages = flash('messages')) { |
|
78 | 109 |
<div class="alert alert-success"> |
79 | 110 |
<button type="button" class="close" data-dismiss="alert">×</button> |
80 |
- <div><%= $message %></div> |
|
111 |
+ % for my $message (@$messages) { |
|
112 |
+ <div><%= $message %></div> |
|
113 |
+ % } |
|
81 | 114 |
</div> |
82 | 115 |
% } |
83 | 116 |
|
... | ... |
@@ -89,13 +122,14 @@ |
89 | 122 |
% } |
90 | 123 |
</div> |
91 | 124 |
% } |
92 |
- <div class="text-center"><h3>Reset Admin Password</h3></div> |
|
125 |
+ <div class="text-center"><h3>Reset Password</h3></div> |
|
93 | 126 |
<div class="well" style="background-color:white;padding-top:15px;padding-left:60px;width:300px;margin-left:auto;margin-right:auto"> |
94 | 127 |
<form action="<%= url_for->query(op => 'reset') %>" method="post"> |
95 | 128 |
<div class="control-group"> |
96 | 129 |
<label class="control-label" for="user-name">User name</label> |
97 | 130 |
<div> |
98 |
- <b>admin</b> |
|
131 |
+ <b><%= $user %></b> |
|
132 |
+ %= hidden_field user => $user; |
|
99 | 133 |
</div> |
100 | 134 |
</div> |
101 | 135 |
<div class="control-group"> |
... | ... |
@@ -107,7 +141,7 @@ |
107 | 141 |
</div> |
108 | 142 |
<div class="control-group"> |
109 | 143 |
<div class="controls"> |
110 |
- <button type="submit" class="btn">Reset Admin Password</button> |
|
144 |
+ <button type="submit" class="btn">Reset Password</button> |
|
111 | 145 |
</div> |
112 | 146 |
</div> |
113 | 147 |
</form> |
... | ... |
@@ -21,7 +21,7 @@ |
21 | 21 |
return 1; |
22 | 22 |
} |
23 | 23 |
|
24 |
- my $login_user = session('user_id'); |
|
24 |
+ my $login_user = session('user'); |
|
25 | 25 |
my $data = $vresult->data; |
26 | 26 |
my $user = $data->{user}; |
27 | 27 |
my $project = $data->{project}; |
... | ... |
@@ -11,11 +11,12 @@ |
11 | 11 |
% if ($api->logined) { |
12 | 12 |
<div style="margin-top:5px"> |
13 | 13 |
<div> |
14 |
- % my $user = session('user_id') || ''; |
|
14 |
+ % my $user = session('user') || ''; |
|
15 | 15 |
<i class="icon-user"></i><a href="<%= url_for("/$user") %>"><%= $user %></a> |
16 | 16 |
</div> |
17 | 17 |
% unless ($user eq 'admin') { |
18 | 18 |
<a class="btn btn-small" href="<%= url_for("/_admin/create") %>">Create a new repo</a> |
19 |
+ <a class="btn btn-small" href="<%= url_for("/$user/_settings") %>">Account settings</a> |
|
19 | 20 |
% } |
20 | 21 |
% my $url = url_with->to_abs; |
21 | 22 |
<a class="btn btn-small" href="<%= url_for("/_logout?from=$url") %>">Sign out</a> |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
<% |
2 | 2 |
my $api = gitprep_api; |
3 | 3 |
my $logined = $api->logined; |
4 |
- my $user_is_valid = $logined && $user eq session('user_id'); |
|
4 |
+ my $user_is_valid = $logined && $user eq session('user'); |
|
5 | 5 |
|
6 | 6 |
my $git = app->git; |
7 | 7 |
|
... | ... |
@@ -119,7 +119,7 @@ |
119 | 119 |
</h4> |
120 | 120 |
</div> |
121 | 121 |
<div class="span2 text-right"> |
122 |
- % if ($logined && $user eq session('user_id')) { |
|
122 |
+ % if ($logined && $user eq session('user')) { |
|
123 | 123 |
<a class="btn" href="<%= url_for("/$user/$project/settings") %>">Settings</a> |
124 | 124 |
% } |
125 | 125 |
</div> |
... | ... |
@@ -0,0 +1,19 @@ |
1 |
+% layout 'common'; |
|
2 |
+ |
|
3 |
+ %= include '/include/header'; |
|
4 |
+ |
|
5 |
+ <div class="container"> |
|
6 |
+ <ul class="breadcrumb" style="margin-top:10px"> |
|
7 |
+ <li><a href="<%= url_for('/') %>">Home</a></li> |
|
8 |
+ / |
|
9 |
+ <li><a href="<%= url_for("/$user") %>"><%= $user %></a></li> |
|
10 |
+ </ul> |
|
11 |
+ <h4> |
|
12 |
+ User Account Settings |
|
13 |
+ </h4> |
|
14 |
+ <div style="margin-bottom:30px"> |
|
15 |
+ <a class="btn" href="<%= url_for("/reset-password")->query(user => $user) %>">Reset Password</a> |
|
16 |
+ </div> |
|
17 |
+ </div> |
|
18 |
+ |
|
19 |
+ %= include '/include/footer'; |
... | ... |
@@ -13,7 +13,7 @@ |
13 | 13 |
<ul class="breadcrumb" style="margin-top:10px"> |
14 | 14 |
<li><a href="<%= url_for('/') %>">Home</a></li> |
15 | 15 |
/ |
16 |
- <li><a href="<%= url_for %>"><%= $user %></a></li> |
|
16 |
+ <li><a href="<%= url_for("/$user") %>"><%= $user %></a></li> |
|
17 | 17 |
</ul> |
18 | 18 |
% if (my $message = flash('delete_message')) { |
19 | 19 |
<div class="alert alert-success"> |