1 # ===================================================================== 2 # updateGroup: W-TW page group updater/creator. 3 # 4 # Copyright (c) 2010 Carlo Strozzi 5 # 6 # This program is free software; you can redistribute it and/or modify 7 # it under the terms of the GNU General Public License as published by 8 # the Free Software Foundation; version 2 dated June, 1991. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 # GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 18 # 19 # ===================================================================== 20 21 # ===================================================================== 22 # Local variables and functions 23 # ===================================================================== 24 25 cgi.group = () 26 cgi.group.literal = () 27 cgi.group.descr = () 28 cgi.group.editor = () 29 cgi.group.uri = () 30 cgi.checksum = () 31 32 tpl.var.checksum = () 33 34 tmp2 = /dev/null 35 36 # ===================================================================== 37 # Main program 38 # ===================================================================== 39 40 csaGetArgs POST 41 42 #~ $REMOTE_ADDR 192.168.1.2 && csaExit.env 43 #~ $REMOTE_ADDR 2001:470:1f0b:13a5:1::2 && csaExit.env 44 45 # Refuse empty/reserved names. 46 {~ $'cgi.group' () || ~ $'cgi.group' tw-*} && csaExit.fault 1000 47 48 # Set Principal Lock Semaphore(s) (PLS). 49 csaLock $CSA_ROOT/var/pages/$CSA_LANG/group+dat || csaExit.fault 50 51 # Create group table if it does not yet exist. 52 if (!csaIsFullPath --exists --quiet $CSA_ROOT/var/pages/$CSA_LANG/group+dat) { 53 maketable --input \ 54 $CSA_ROOT/lib/group.xrf > $CSA_ROOT/var/pages/$CSA_LANG/group+dat || 55 csaExit.fault 0003 maketable 56 } 57 58 # Since group-stuff.rc has not been sourced yet, tmp1 is still undefined. 59 csaMkTemp tmp1 60 61 # Fetch the requested group record, if available. 62 csa-tbl2rc --input $CSA_ROOT/var/pages/$CSA_LANG/group+dat \ 63 --key $'cgi.group' --prefix tbl_group. > $tmp1 || 64 csaExit.fault 0003 csa-tbl2rc 65 66 . $tmp1 67 68 csaSum --file $tmp1 69 tpl.var.checksum = $CSA_RESULT # this is used further down. 70 71 if (!~ $'tbl_group.k_group' ()) { 72 73 ~ $'tbl_group.k_node' () && csaExit.fault 0037 1 $CSA_PGM($#CSA_PGM) 74 75 # Existing group, no name change allowed. 76 cgi.group.literal = $'tbl_group.g_name' 77 78 # Set defaults if necessary. 79 ~ $'cgi.group.descr' () && cgi.group.descr = $'tbl_group.g_descr' 80 ~ $'cgi.group.editor' () && cgi.group.editor = $'tbl_group.g_editor' 81 82 . $CSA_ROOT/lib/group-stuff.rc 83 84 . $CSA_ROOT/lib/tpl-stuff.rc 85 86 } else { 87 88 # New group, so I cannot rely upon group-level custom templates 89 # and neiter I can call group-stuff.rc of course, so I need to 90 # hard-code part of the latter's logic here. 91 92 tw_dstem = $CSA_ROOT/lib/default 93 94 # Account for the fact that templates are created by the client. 95 CSA_TPL_SAFEPATH = ($CSA_INSTALL/lib $tw_dstem $TMPDIR $CSA_TPL_ROOT 96 $CSA_DOCROOT/$CSA_LANG/$TNS_ATTACH_PUBDIR) 97 98 CSA_EXIT_SCRIPT = $CSA_ROOT/lib/exit-stuff.rc 99 100 # Set defaults if necessary. 101 ~ $'cgi.group.descr' () && cgi.group.descr = $'cgi.group.literal' 102 } 103 104 # By doing the following checks at this stage I ensure that any 105 # error messages will be issued using the relevant templates. 106 107 # Make sure the requested record hasn't changed in the meantime. 108 if (!~ $'tpl.var.checksum' $'cgi.checksum') { 109 csaIsInteractive && CSA_EXIT_SCRIPT = ($CSA_EXIT_SCRIPT back) 110 csaExit.fault 0026 111 } 112 113 # Running this script requires authentication. 114 csaTrue $CSA_AUTH_OK || csaExit.needauth 115 116 ################################### carlo ############################ 117 118 # Only *authenticated* global editors are allowed to create/update 119 # page group settings. Note that for this to work at this stage, then 120 # 'lib/group-editor.rc' must *NOT* be included by this script. 121 122 if (!csaTrue $CSA_AUTH_OK || !~ ,$TNS_AUTH_GRP, *,editor,*) { 123 csaExit.needauth 124 } 125 126 #~ $REMOTE_ADDR 192.168.1.2 && csaExit.env 127 128 if (!csaIsConfirmed) { 129 130 if (!~ $'tbl_group.k_group' ()) { 131 132 # Existing group. 133 134 # Only those users who are either global editors or group-level 135 # editors for the target group are allowed to edit the latter. 136 # Note that for this to work at this stage it requires that 137 # 'lib/group-editor.rc' is *NOT* loaded by this script. 138 139 ~ ,$TNS_AUTH_GRP, *,editor,* || 140 ,$'tbl_group.g_editor', *,$CSA_AUTH_USER,* || csaExit.needauth 141 142 if (csaIsFullPath --exists --quiet \ 143 $CSA_TPL_ROOT/tw-update-group-confirm.txt) { 144 # custom group update confirmation template. 145 tpl.include.html.body = $CSA_TPL_ROOT/tw-update-group-confirm.txt 146 } else { 147 # default update confirmation template. 148 tpl.include.html.body = $tw_dstem/tw-update-group-confirm.txt 149 } 150 151 } else { 152 153 # New group; I cannot rely on group-level templates here, so I pick the 154 # relevant default in the local language if available, otherwise I go 155 # for the global default. 156 157 if (csaIsFullPath --exists --quiet \ 158 $tw_dstem/i18n/$CSA_LANG/tw-create-group-confirm.txt) { 159 tpl.include.html.body = \ 160 $tw_dstem/i18n/$CSA_LANG/tw-create-group-confirm.txt 161 } else tpl.include.html.body = $tw_dstem/tw-create-group-confirm.txt 162 163 if (csaIsFullPath --exists --quiet \ 164 $tw_dstem/i18n/$CSA_LANG/tw.$CSA_TPLEXT) { 165 tpl_file = (--file-root $tw_dstem/i18n/$CSA_LANG tw.$CSA_TPLEXT) 166 } else tpl_file = (--file-root $tw_dstem tw.$CSA_TPLEXT) 167 168 # Load local language-specific default group settings. 169 csaIsFullPath --exists --quiet \ 170 $CSA_ROOT/var/pages/$CSA_LANG/tw-default+cf && 171 . $CSA_ROOT/var/pages/$CSA_LANG/tw-default+cf 172 173 # Only global editors are allowed to create new groups, unless the 174 # TNS_ALLOW_WRITERS rc(1) list either contains/comprises the special 175 # keyword "ALL" or the requesting user. Again, for this to work at 176 # this stage it requires that 'lib/group-editor.rc' is *NOT* loaded 177 # by this script. 178 179 if (!~ ,$TNS_AUTH_GRP, *,editor,*) { 180 181 ~ $TNS_ALLOW_WRITERS ALL $CSA_AUTH_USER || csaExit.needauth 182 183 cgi.group.editor = $CSA_AUTH_USER 184 } 185 } 186 187 # Set group-related template vars. 188 csaSetClear tpl.var.tw.group cgi.group.literal 189 csaSetClear tpl.var.tw.group.descr cgi.group.descr 190 csaSetClear tpl.var.tw.group.editor cgi.group.editor 191 192 tpl.var.html.title = $'tpl.var.tw.group' 193 194 tpl.if.tw.ispage = '(::DEL:)' 195 tpl.fi.tw.ispage = '(:DEL::)' 196 tpl.if.tw.isview = () 197 tpl.fi.tw.isview = () 198 199 csaExit.ok $tpl_file 200 201 } else { 202 203 if (~ $'tbl_group.k_node' ()) { 204 205 # Only global editors are allowed to create new groups, unless the 206 # TNS_ALLOW_WRITERS rc(1) list either contains/comprises the special 207 # keyword "ALL" or the requesting user. Again, for this to work at 208 # this stage it requires that 'lib/group-editor.rc' is *NOT* loaded 209 # by this script. 210 211 if (!~ ,$TNS_AUTH_GRP, *,editor,*) { 212 213 ~ $TNS_ALLOW_WRITERS ALL $CSA_AUTH_USER || csaExit.needauth 214 215 tbl_upd.g_editor = $CSA_AUTH_USER 216 } 217 218 # New group, node to be created. 219 makeNode $CSA_LANG/$'cgi.group' 220 221 tbl_upd.k_node = $node_num 222 tbl_upd.g_uri = $'cgi.group.uri' 223 224 # The group name is strictly related to group:k_group so the 225 # value supplied by the user is taken into account only if it 226 # is a new group. 227 228 tbl_upd.g_name = $'cgi.group.literal' 229 230 } else { 231 232 # Existing group. 233 234 # Only those users who are either global editors or group-level 235 # editors for the target group are allowed to edit the latter. 236 # Note that for this to work at this stage it requires that 237 # 'lib/group-editor.rc' is *NOT* loaded by this script. 238 239 if (!~ ,$TNS_AUTH_GRP, *,editor,*) { 240 241 ,$'tbl_group.g_editor', *,$CSA_AUTH_USER,* || csaExit.needauth 242 243 # Make sure the requesting group-editor is always included in 244 # the list of allowed group editors for the target group. 245 246 if (!~ ,$'cgi.group.editor', *,$CSA_AUTH_USER,*) { 247 ~ $'cgi.group.editor' *, || 248 cgi.group.editor = $'cgi.group.editor', 249 cgi.group.editor = $'cgi.group.editor'$CSA_AUTH_USER 250 } 251 } 252 } 253 254 tbl_upd.k_group = $'cgi.group' 255 tbl_upd.g_descr = $'cgi.group.descr' 256 257 # Note that no checks are done to assess whether the specified 258 # editor accounts actually exist. In fact thay can even be 259 # explicitly created afterwards, and this is intentional. 260 261 tbl_upd.g_editor = $'cgi.group.editor' 262 } 263 264 csaOpen --fast $CSA_ROOT/var/pages/$CSA_LANG/group+dat || csaExit.fault 265 tmp2 = $CSA_RESULT 266 envtotable --match '^tbl_upd__2e[a-z]' \ 267 --strip-names '^tbl_upd__2e' | updtable --stdin \ 268 --key-columns k_group $CSA_ROOT/var/pages/$CSA_LANG/group+dat | 269 sorttable > $tmp2 270 271 csaStatus || csaExit.fault 0003 envtotable/updtable/sorttable 272 273 #csaMkTemp debug; prtable -l300 < $tmp2 > $debug; csaExit.pcdata $debug 274 275 # The public attachment directory creation command will fail if either 276 # the parent directory does not exist or the UID we are running as does 277 # not have write permissions on it. This is correct, but for it to work 278 # then mkdir's "-p" option must not be used, but then testing for the 279 # directory existence before try and create it becomes a necessity. 280 281 test -d $CSA_DOCROOT/$CSA_LANG/$TNS_ATTACH_PUBDIR/$'cgi.group' || 282 csaOnCommit \ 283 'mkdir '$CSA_DOCROOT/$CSA_LANG/$TNS_ATTACH_PUBDIR/$'cgi.group' 284 285 # Create also the associated page directory. 286 test -d $CSA_ROOT/var/pages/$CSA_LANG/$'cgi.group' || 287 csaOnCommit 'mkdir '$CSA_ROOT/var/pages/$CSA_LANG/$'cgi.group' 288 289 # Next line will automatically take care of all the nitty-gritties 290 # associated with REST, interactive mode, commits, etc. 291 292 csaExit.ok $CSA_RPC_URI/$CSA_LANG/tw-groups 293 294 # End of program.