YunoHost/SSOwat
1
0
Fork 0
mirror of https://github.com/YunoHost/SSOwat.git synced 2024-09-03 20:06:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

User edition

Browse source
This commit is contained in:
kload 2013-10-21 18:43:12 +00:00
parent 85f105c2ce
commit d611d15ce2
6 changed files with 250 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

187
access.lua
View file

@ -156,6 +156,37 @@ function set_headers (user)
end end
function get_mails(user)
local mails = { mail = "", mailalias = {}, maildrop = {} }
if type(cache[user]["mail"]) == "table" then
mails["mail"] = cache[user]["mail"][1]
for k, mail in ipairs(cache[user]["mail"]) do
if k ~= 1 then table.insert(mails["mailalias"], mail) end
end
else
mails["mail"] = cache[user]["mail"]
end
if type(cache[user]["maildrop"]) == "table" then
for k, mail in ipairs(cache[user]["maildrop"]) do
if k ~= 1 then table.insert(mails["maildrop"], mail) end
end
end
return mails
end
function get_domains()
local domains = {}
ldap = lualdap.open_simple("localhost")
for dn, attribs in ldap:search {
base = "ou=domains,dc=yunohost,dc=org",
scope = "onelevel",
attrs = {"virtualdomain"}
} do
table.insert(domains, attribs["virtualdomain"])
end
return domains
end
-- Yo dawg -- Yo dawg
function serve(uri) function serve(uri)
rel_path = string.gsub(uri, conf["portal_path"], "/") rel_path = string.gsub(uri, conf["portal_path"], "/")
@ -187,6 +218,7 @@ function serve(uri)
mime_types = { mime_types = {
html = "text/html", html = "text/html",
js = "text/javascript", js = "text/javascript",
map = "text/javascript",
css = "text/css", css = "text/css",
gif = "image/gif", gif = "image/gif",
jpg = "image/jpeg", jpg = "image/jpeg",
@ -224,37 +256,50 @@ end
function get_data_for(view) function get_data_for(view)
local user = ngx.var.cookie_SSOwAuthUser local user = ngx.var.cookie_SSOwAuthUser
local data = {} local data = {}
data['flash_fail'] = {flashs["fail"]}
data['flash_win'] = {flashs["win"] }
data['flash_info'] = {flashs["info"]}
if view == "login.html" then if view == "login.html" then
data["title"] = "YunoHost Login" data["title"] = "YunoHost Login"
elseif view == "info.html" then elseif view == "info.html" then
set_headers() set_headers(user)
data["title"] = cache[user]["uid"].." <small>"..cache[user]["cn"].."</small>"
data["connected"] = true local mails = get_mails(user)
data["uid"] = cache[user]["uid"] data = {
data["cn"] = cache[user]["cn"] title = cache[user]["uid"].." <small>"..cache[user]["cn"].."</small>",
data["mailalias"] = {} connected = true,
data["maildrop"] = {} uid = cache[user]["uid"],
if type(cache[user]["mail"]) == "table" then cn = cache[user]["cn"],
data["mail"] = cache[user]["mail"][1] mail = mails["mail"],
for k, mail in ipairs(cache[user]["mail"]) do mailalias = mails["mailalias"],
if k ~= 1 then table.insert(data["mailalias"], mail) end maildrop = mails["maildrop"]
end }
else
data["mail"] = cache[user]["mail"]
end
if type(cache[user]["maildrop"]) == "table" then
for k, mail in ipairs(cache[user]["maildrop"]) do
if k ~= 1 then table.insert(data["maildrop"], mail) end
end
end
elseif view == "password.html" then elseif view == "password.html" then
data["title"] = "Change password"
data["connected"] = true data = {
title = "Change password",
connected = true
}
elseif view == "edit.html" then
set_headers(user)
local mails = get_mails(user)
data = {
title = "Edit "..user,
connected = true,
uid = cache[user]["uid"],
sn = cache[user]["sn"],
givenName = cache[user]["givenName"],
mail = mails["mail"],
mailalias = mails["mailalias"],
maildrop = mails["maildrop"]
}
end end
data['flash_fail'] = {flashs["fail"]}
data['flash_win'] = {flashs["win"] }
data['flash_info'] = {flashs["info"]}
return data return data
end end
@ -265,21 +310,24 @@ function do_edit ()
if is_logged_in() and args if is_logged_in() and args
then then
ngx.status = ngx.HTTP_CREATED ngx.status = ngx.HTTP_CREATED
local user = ngx.var.cookie_SSOwAuthUser
-- Change password
if string.ends(ngx.var.uri, "password.html") then if string.ends(ngx.var.uri, "password.html") then
if args.actualpassword if args.currentpassword
and args.actualpassword == cache[ngx.var.cookie_SSOwAuthUser]["password"] and args.currentpassword == cache[user]["password"]
then then
if args.newpassword == args.confirm then if args.newpassword == args.confirm then
local dn = "uid="..ngx.var.cookie_SSOwAuthUser..",ou=users,dc=yunohost,dc=org" local dn = "uid="..user..",ou=users,dc=yunohost,dc=org"
local ldap = lualdap.open_simple("localhost", dn, args.actualpassword) local ldap = lualdap.open_simple("localhost", dn, args.currentpassword)
local password = "{SHA}"..ngx.encode_base64(ngx.sha1_bin(args.newpassword)) local password = "{SHA}"..ngx.encode_base64(ngx.sha1_bin(args.newpassword))
if ldap:modify(dn, {'=', userPassword = password }) then if ldap:modify(dn, {'=', userPassword = password }) then
flash("win", "Password successfully changed") flash("win", "Password successfully changed")
cache[ngx.var.cookie_SSOwAuthUser]["password"] = args.newpassword cache[user]["password"] = args.newpassword
return redirect(portal_url.."info.html") return redirect(portal_url.."info.html")
else else
flash("fail", "An error occured on password changing") flash("fail", "An error occured on password changing")
end end
else else
flash("fail", "New passwords don't match") flash("fail", "New passwords don't match")
end end
@ -287,7 +335,76 @@ function do_edit ()
flash("fail", "Actual password is wrong") flash("fail", "Actual password is wrong")
end end
return redirect(portal_url.."password.html") return redirect(portal_url.."password.html")
-- Edit user informations
elseif string.ends(ngx.var.uri, "edit.html") then elseif string.ends(ngx.var.uri, "edit.html") then
if args.givenName and args.sn and args.mail then
local mailalias = {}
if args["mailalias[]"] and type(args["mailalias[]"]) == "table" then
mailalias = args["mailalias[]"]
end
local maildrop = {}
if args["maildrop[]"] and type(args["maildrop[]"]) == "table" then
maildrop = args["maildrop[]"]
end
local mail_pattern = "[A-Za-z0-9%.%%%+%-]+@[A-Za-z0-9%.%%%+%-]+%.%w%w%w?%w?"
table.insert(mailalias, 1, args.mail)
for k, mail in ipairs(mailalias) do
if mail == "" then
table.remove(mailalias, k)
elseif not mail:match(mail_pattern) then
flash("fail", "Invalid mail address: "..mail)
return redirect(portal_url.."edit.html")
else
local domains = get_domains()
local domain_valid = false
for _, domain in ipairs(domains) do
if string.ends(mail, "@"..domain) then
domain_valid = true
break
end
end
if not domain_valid then
flash("fail", "Invalid domain for mail "..mail)
return redirect(portal_url.."edit.html")
end
end
end
for k, mail in ipairs(maildrop) do
if mail == "" then
table.remove(maildrop, k)
elseif not mail:match(mail_pattern) then
flash("fail", "Invalid mail forward address: "..mail)
return redirect(portal_url.."edit.html")
end
end
table.insert(maildrop, 1, user)
local dn = "uid="..user..",ou=users,dc=yunohost,dc=org"
local ldap = lualdap.open_simple("localhost", dn, cache[user]["password"])
local cn = args.givenName.." "..args.sn
if ldap:modify(dn, {'=', cn = cn,
gecos = cn,
givenName = args.givenName,
sn = args.sn,
mail = mailalias,
maildrop = maildrop })
then
cache[user]["mail"] = nil
set_headers(user) -- Ugly trick to reload cache
flash("win", "Informations updated")
return redirect(portal_url.."info.html")
else
flash("fail", "An error occured on user saving")
end
else
flash("fail", "Missing required fields")
end
return redirect(portal_url.."edit.html") return redirect(portal_url.."edit.html")
end end
end end
@ -428,11 +545,15 @@ end
-- i.e. http://mydomain.org/ssowat/* -- i.e. http://mydomain.org/ssowat/*
if ngx.var.host == conf["portal_domain"] if ngx.var.host == conf["portal_domain"]
and string.starts(ngx.var.uri, conf["portal_path"]) and string.starts(ngx.var.uri, string.sub(conf["portal_path"], 1, -2))
then then
if ngx.var.request_method == "GET" then if ngx.var.request_method == "GET" then
-- http://mydomain.org/ssowat
if ngx.var.uri.."/" == conf["portal_path"] then
return redirect(portal_url)
end
uri_args = ngx.req.get_uri_args() uri_args = ngx.req.get_uri_args()
if uri_args.action and uri_args.action == 'logout' then if uri_args.action and uri_args.action == 'logout' then
-- Logout -- Logout

6
portal/assets/js/jquery-1.10.2.min.js vendored Normal file
View file

File diff suppressed because one or more lines are too long

1
portal/assets/js/jquery-1.10.2.min.map Normal file
View file

File diff suppressed because one or more lines are too long

83
portal/edit.html
View file

@ -0,0 +1,83 @@
<form class="form-horizontal" role="form" method="POST" action="edit.html">
<div class="form-group">
<label for="uid" class="col-sm-3 control-label">Username</label>
<div class="col-sm-9">
<input type="text" name="uid" class="form-control" value="{{uid}}" disabled>
</div>
</div>
<div class="form-group">
<label for="givenName" class="col-sm-3 control-label">Fullname</label>
<div class="clearfix visible-xs"></div>
<div class="col-sm-4 col-xs-6">
<input type="text" name="givenName" class="form-control" value="{{givenName}}" required>
</div>
<div class="col-sm-5 col-xs-6">
<input type="text" name="sn" class="form-control" value="{{sn}}" required>
</div>
</div>
<hr>
<div class="form-group">
<label for="mail" class="col-sm-3 control-label">Mail</label>
<div class="col-sm-9">
<input type="email" name="mail" class="form-control" value="{{mail}}" required>
</div>
</div>
<hr>
<div class="row">
<div class="col-sm-3 text-right hidden-xs"><strong>Aliases</strong></div>
<div class="col-sm-3 text-left visible-xs"><h4>Aliases</h4></div>
<div class="col-sm-9">
<blockquote>
{{#mailalias}}
<input type="email" name="mailalias[]" class="form-control" value="{{.}}">
<br>
{{/mailalias}}
<input type="email" name="mailalias[]" class="form-control mailalias-input" placeholder="newalias@mydomain.org">
<div class="text-center" style="display: none;" id="add-mailalias"><a class="btn btn-success"><strong>+</strong></a></div>
<div class="clearfix"></div>
</blockquote>
</div>
</div>
<hr>
<div class="row">
<div class="col-sm-3 text-right hidden-xs"><strong>Forward</strong></div>
<div class="col-sm-3 text-left visible-xs"><h4>Forward</h4></div>
<div class="col-sm-9">
<blockquote>
{{#maildrop}}
<input type="email" name="maildrop[]" class="form-control" value="{{.}}">
<br>
{{/maildrop}}
<input type="email" name="maildrop[]" class="form-control maildrop-input" placeholder="newforward@myforeigndomain.org">
<div class="text-center" style="display: none;" id="add-maildrop"><a class="btn btn-success"><strong>+</strong></a></div>
<div class="clearfix"></div>
</blockquote>
</div>
</div>
<hr>
<div class="row">
<div class="col-sm-6 text-center">
<input type="submit" class="btn btn-lg btn-primary" value="OK">
</div>
<div class="visible-xs" style="height: 20px"></div>
<div class="col-sm-6 text-center">
<a href="info.html" class="btn btn-lg btn-default">Cancel</a>
</div>
</div>
</form>
<script type="text/javascript">
$( document ).ready(function() {
$("#add-mailalias").show();
$("#add-maildrop").show();
$(".mailalias-input").hide();
$(".maildrop-input").hide();
$("#add-mailalias a").on("click", function() {
$("#add-mailalias").before($(".mailalias-input:first").clone().show());
$("#add-mailalias").before("<br><br>");
});
$("#add-maildrop a").on("click", function() {
$("#add-maildrop").before($(".maildrop-input:first").clone().show());
$("#add-maildrop").before("<br><br>");
});
});
</script>

7
portal/header.ms
View file

@ -1,8 +1,9 @@
<html> <html>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" > <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" >
<head> <head>
<title>YunoHost</title> <title>YunoHost Portal</title>
<link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css"/> <link rel="stylesheet" href="assets/css/bootstrap.min.css" type="text/css"/>
<script src="assets/js/jquery-1.10.2.min.js"></script>
</head> </head>
<body> <body>
<!-- Padding bootstrap style --> <!-- Padding bootstrap style -->
@ -10,7 +11,7 @@
<div class="col-xs-1 visible-xs"></div> <div class="col-xs-1 visible-xs"></div>
<div class="col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offest-1"> <div class="col-sm-10 col-sm-offset-1 col-xs-10 col-xs-offest-1">
<div class="row"> <div class="row">
<div class="col-sm-6 col-sm-offset-3 col-xs-12"> <div class="col-sm-8 col-sm-offset-2 col-xs-12" style="max-width: 750px;">
<h2>{{{title}}}</h2> <h2>{{{title}}}</h2>
{{#connected}} {{#connected}}

4
portal/password.html
View file

@ -1,8 +1,8 @@
<form class="form-horizontal" role="form" method="POST" action="password.html"> <form class="form-horizontal" role="form" method="POST" action="password.html">
<div class="form-group"> <div class="form-group">
<label for="actualpassword" class="col-md-5 control-label">Actual password</label> <label for="currentpassword" class="col-md-5 control-label">Current password</label>
<div class="col-md-7"> <div class="col-md-7">
<input type="password" class="form-control" id="actualpassword" name="actualpassword"> <input type="password" class="form-control" id="currentpassword" name="currentpassword">
</div> </div>
</div> </div>
<hr> <hr>