Changeset 294 for trunk


Ignore:
Timestamp:
03/29/12 13:22:59 (13 years ago)
Author:
Kris Deugau
Message:

/trunk

"Move action logging for change group default permissions" mutated
into "Move action logging for (change group default permissions),
(add user), (update user), (update user permissions)". See #35.

Location:
trunk
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • trunk/DNSDB.pm

    r293 r294  
    11151115  my $inherit = shift || 0;
    11161116
    1117   my $failmsg = '';
     1117  my $resultmsg = '';
    11181118
    11191119  # see if we're switching from inherited to custom.  for bonus points,
     
    11211121  # to set/alter custom perms, and both if we're switching from custom to
    11221122  # inherited.
    1123   my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited,u.permission_id,g.permission_id".
     1123  my $sth = $dbh->prepare("SELECT (u.permission_id=g.permission_id) AS was_inherited,u.permission_id,g.permission_id,".
     1124        ($type eq 'user' ? 'u.group_id,u.username' : 'u.parent_group_id,u.group_name').
    11241125        " FROM ".($type eq 'user' ? 'users' : 'groups')." u ".
    11251126        " JOIN groups g ON u.".($type eq 'user' ? '' : 'parent_')."group_id=g.group_id ".
     
    11271128  $sth->execute($id);
    11281129
    1129   my ($wasinherited,$permid,$parpermid) = $sth->fetchrow_array;
     1130  my ($wasinherited,$permid,$parpermid,$parid,$name) = $sth->fetchrow_array;
    11301131
    11311132# hack phtoui
     
    11681169    } # (inherited->)? custom
    11691170
     1171    if ($type eq 'user') {
     1172      $resultmsg = "Updated permissions for user $name";
     1173    } else {
     1174      $resultmsg = "Updated default permissions for group $name";
     1175    }
     1176    _log($dbh, (group_id => ($type eq 'user' ? $parid : $id), entry => $resultmsg));
    11701177    $dbh->commit;
    11711178  }; # end eval
     
    11731180    my $msg = $@;
    11741181    eval { $dbh->rollback; };
    1175     return ('FAIL',"$failmsg: $msg ($permid)");
    1176   } else {
    1177     return ('OK',$permid);
    1178   }
    1179 
     1182    return ('FAIL',"Error changing permissions: $msg");
     1183  }
     1184
     1185  return ('OK',$resultmsg);
    11801186} # end changePermissions()
    11811187
     
    20062012  local $dbh->{RaiseError} = 1;
    20072013
    2008   my $failmsg = '';
    2009 
    20102014  # Wrap all the SQL in a transaction
    20112015  eval {
     
    20592063##fixme: add another table to hold name/email for log table?
    20602064
     2065    _log($dbh, (group_id => $group, entry => "Added user $username ($fname $lname)"));
    20612066    # once we get here, we should have suceeded.
    20622067    $dbh->commit;
     
    20662071    my $msg = $@;
    20672072    eval { $dbh->rollback; };
    2068     return ('FAIL',$msg." $failmsg");
    2069   } else {
    2070     return ('OK',$user_id);
    2071   }
     2073    if ($config{log_failures}) {
     2074      _log($dbh, (group_id => $group, entry => "Error adding user $username: $msg"));
     2075      $dbh->commit;     # since we enabled transactions earlier
     2076    }
     2077    return ('FAIL',"Error adding user $username: $msg");
     2078  }
     2079
     2080  return ('OK',"User $username ($fname $lname) added");
    20722081} # end addUser
    20732082
     
    21122121  my $phone = shift || '';      # not going format-check
    21132122
    2114   my $failmsg = '';
     2123  my $resultmsg = '';
    21152124
    21162125  # Allow transactions, and raise an exception on errors so we can catch it later.
     
    21242133  # Actual blank passwords are bad, mm'kay?
    21252134  if (!$pass) {
    2126     $sth = $dbh->prepare("SELECT password FROM users WHERE user_id=?");
    2127     $sth->execute($uid);
    2128     ($pass) = $sth->fetchrow_array;
     2135    ($pass) = $dbh->selectrow_array("SELECT password FROM users WHERE user_id=?", undef, ($uid));
    21292136  } else {
    21302137    $pass = unix_md5_crypt($pass);
     
    21322139
    21332140  eval {
    2134     my $sth = $dbh->prepare(q(
    2135         UPDATE users
    2136         SET username=?, password=?, firstname=?, lastname=?, phone=?, type=?, status=?
    2137         WHERE user_id=?
    2138         )
    2139       );
    2140     $sth->execute($username, $pass, $fname, $lname, $phone, $type, $state, $uid);
     2141    $dbh->do("UPDATE users SET username=?, password=?, firstname=?, lastname=?, phone=?, type=?, status=?".
     2142        " WHERE user_id=?", undef, ($username, $pass, $fname, $lname, $phone, $type, $state, $uid));
     2143    $resultmsg = "Updated user info for $username ($fname $lname)";
     2144    _log($dbh, group_id => $group, entry => $resultmsg);
    21412145    $dbh->commit;
    21422146  };
     
    21442148    my $msg = $@;
    21452149    eval { $dbh->rollback; };
    2146     return ('FAIL',"$failmsg: $msg");
    2147   } else {
    2148     return ('OK','OK');
    2149   }
     2150    if ($config{log_failures}) {
     2151      _log($dbh, (group_id => $group, entry => "Error updating user $username: $msg"));
     2152      $dbh->commit;     # since we enabled transactions earlier
     2153    }
     2154    return ('FAIL',"Error updating user $username: $msg");
     2155  }
     2156
     2157  return ('OK',$resultmsg);
    21502158} # end updateUser()
    21512159
  • trunk/dns.cgi

    r293 r294  
    10161016    my ($code,$msg) = changePermissions($dbh, 'group', $webvar{gid}, \%chperms);
    10171017    if ($code eq 'OK') {
    1018       logaction(0, $session->param("username"), $webvar{gid},
    1019         "Updated default permissions in group $webvar{gid} (".groupName($dbh, $webvar{gid}).")");
    10201018      if ($alterperms) {
    10211019        changepage(page => "grpman", warnmsg =>
     
    10231021                groupName($dbh, $webvar{gid})." updated with reduced access");
    10241022      } else {
    1025         changepage(page => "grpman", resultmsg =>
    1026                 "Updated default permissions in group ".groupName($dbh, $webvar{gid}));
     1023        changepage(page => "grpman", resultmsg => $msg);
    10271024      }
    10281025    } # fallthrough else
    1029     logaction(0, $session->param("username"), $webvar{gid}, "Failed to update default permissions in group ".
    1030         groupName($dbh, $webvar{gid}).": $msg")
    1031         if $config{log_failures};
    10321026    # no point in doing extra work
    10331027    fill_permissions($page, \%chperms);
     
    12611255    $page->param(add => 1) if $webvar{useraction} eq 'add';
    12621256
    1263     my ($code,$msg);
     1257    # can't re-use $code and $msg for update if we want to be able to identify separate failure states
     1258    my ($code,$code2,$msg,$msg2) = ('OK','OK','OK','OK');
    12641259
    12651260    my $alterperms = 0; # flag iff we need to force custom permissions due to user's current access limits
     
    13151310                ($webvar{makeactive} eq 'on' ? 1 : 0), $webvar{accttype}, $permstring,
    13161311                $webvar{fname}, $webvar{lname}, $webvar{phone});
    1317         logaction(0, $session->param("username"), $curgroup, "Added user $webvar{uname} (uid $msg)")
    1318                 if $code eq 'OK';
    13191312      } else {
    13201313        changepage(page => "useradmin", errmsg => "You do not have permission to edit users")
     
    13241317          changepage(page => "useradmin", errmsg => "You do not have permission to edit the requested user");
    13251318        }
    1326 # User update is icky.  I'd really like to do this in one atomic
    1327 # operation, but that would duplicate a **lot** of code in DNSDB.pm
     1319# User update is icky.  I'd really like to do this in one atomic operation,
     1320# but that gets hairy by either duplicating a **lot** of code in DNSDB.pm
     1321# or self-torture trying to not commit the transaction until we're really done.
    13281322        # Allowing for changing group, but not coding web support just yet.
    13291323        ($code,$msg) = updateUser($dbh, $webvar{uid}, $webvar{uname}, $webvar{gid}, $webvar{pass1},
     
    13321326        if ($code eq 'OK') {
    13331327          $newperms{admin} = 1 if $webvar{accttype} eq 'S';
    1334           ($code,$msg) = changePermissions($dbh, 'user', $webvar{uid}, \%newperms, ($permstring eq 'i'));
    1335           logaction(0, $session->param("username"), $curgroup,
    1336                 "Updated uid $webvar{uid}, user $webvar{uname} ($webvar{fname} $webvar{lname})");
     1328          ($code2,$msg2) = changePermissions($dbh, 'user', $webvar{uid}, \%newperms, ($permstring eq 'i'));
    13371329        }
    13381330      }
    13391331    }
    13401332
    1341     if ($code eq 'OK') {
    1342 
     1333    if ($code eq 'OK' && $code2 eq 'OK') {
     1334      my %pageparams = (page => "useradmin");
    13431335      if ($alterperms) {
    1344         changepage(page => "useradmin", warnmsg =>
    1345                 "You can only grant permissions you hold.  $webvar{uname} ".
    1346                 ($webvar{useraction} eq 'add' ? 'added' : 'updated')." with reduced access.");
     1336        $pageparams{warnmsg} = "You can only grant permissions you hold.\nUser ".
     1337                ($webvar{useraction} eq 'add' ? "$webvar{uname} added" : "info updated for $webvar{uname}").
     1338                ".\nPermissions ".($webvar{useraction} eq 'add' ? 'added' : 'updated')." with reduced access.";
    13471339      } else {
    1348         changepage(page => "useradmin", resultmsg => "Successfully ".
    1349                 ($webvar{useraction} eq 'add' ? 'added' : 'updated')." user $webvar{uname}");
     1340        $pageparams{resultmsg} = "$msg".($webvar{useraction} eq 'add' ? '' : "\n$msg2");
    13501341      }
     1342      changepage(%pageparams);
    13511343
    13521344    # add/update failed:
     
    13671359      $page->param(pass1 => $webvar{pass1});
    13681360      $page->param(pass2 => $webvar{pass2});
    1369       $page->param(errmsg => $msg);
     1361      $page->param(errmsg => "User info updated but permissions update failed: $msg2") if $code eq 'OK';
     1362      $page->param(errmsg => $msg) if $code ne 'OK';
    13701363      fill_permissions($page, \%newperms);
    13711364      fill_actypelist($webvar{accttype});
    13721365      fill_clonemelist();
    1373       logaction(0, $session->param("username"), $curgroup, "Failed to $webvar{useraction} user ".
    1374         "$webvar{uname}: $msg")
    1375         if $config{log_failures};
    13761366    }
    13771367
     
    13941384    fill_actypelist($userinfo->{type});
    13951385    # not using this yet, but adding it now means we can *much* more easily do so later.
    1396     $page->param(gid => $webvar{group_id});
     1386    $page->param(gid => $userinfo->{group_id});
    13971387
    13981388    my %curperms;
  • trunk/templates/user.tmpl

    r207 r294  
    1616<table border="0" cellspacing="2" cellpadding="2" width="450">
    1717<TMPL_IF add_failed>    <tr>
    18                 <td class="errhead" colspan="2">Error <TMPL_IF add>adding<TMPL_ELSE>updating</TMPL_IF> user <TMPL_VAR NAME=uname>: <TMPL_VAR NAME=errmsg></td>
     18                <td class="errhead" colspan="2"><TMPL_VAR NAME=errmsg></td>
    1919        </tr></TMPL_IF>
    2020        <tr class="darkrowheader"><td colspan="2" align="center"><TMPL_IF add>Add<TMPL_ELSE>Edit</TMPL_IF> User</td></tr>
Note: See TracChangeset for help on using the changeset viewer.