Clean up the authorization code a bit

[?]
Oct 14, 2013, 4:01 PM
LYVUXIGTAG74XXVIMRPO3YZGFVH4XAHA5HDXUFRH2VQ6H65ETY2QC

Dependencies

  • [2] SSMN5MPT Remove dead code
  • [3] LZVO64YG Merge in the first bits of the API work
  • [4] LUPEGYR7 Hydra: In case of failure, also show changes between last succesful build and the first failed build after this
  • [5] 3PNG7NIB Remove trailing whitespace
  • [6] ODNCGFQ5 * Improved the navigation bar: don't include all projects (since that
  • [7] 7UJ5YV4V * Provide a channel for each project containing all the latest
  • [8] LC64D4PU Correctly redirect to the referring page when logging in
  • [9] U2ZK6LZ7 Fix some warnings
  • [10] XJRJ4J7M Add user registration
  • [11] KAZWI5G4 * hydra: buildpage, show changes since last build/successful build
  • [12] HPEG2RHV Merge the BuildResultInfo table into the Builds table
  • [13] NABL63FI * hydra: project members can do stuff that the owner can do
  • [14] QTFVCDIF added hide feature for project/jobset
  • [15] N45RZUQ6 Reduce I/O in build listings by only fetching required columns
  • [16] LSZLZHJY Allow users to edit their own settings
  • [17] A52HEFHQ * Allow builds to be restarted (if they failed with a transient error,
  • [18] 5NO7NCKT * Refactoring.
  • [19] CS7T2XFI
  • [20] FPK5LF53 * Put the project-related actions in a separate controller. Put the
  • [21] SJN2QPWH * Big speed-up of the job status page and the channel generation (such
  • [22] BHJ62LYE * Allow authorised users to create projects.
  • [23] LBNVQXUB * Build the /build stuff in a separate controller.

Change contents

  • replacement in src/lib/Hydra/Controller/Project.pm at line 117
    [4.53][4.2228:2229](),[4.2229][4.55:183](),[4.55][4.55:183]()
    requireLogin($c) if !$c->user_exists;
    error($c, "Only administrators or authorised users can perform this operation.")
    [4.53]
    [4.183]
    requireUser($c);
    accessDenied($c, "Only administrators or authorised users can perform this operation.")
  • replacement in src/lib/Hydra/Controller/User.pm at line 153
    [3.25048][3.25048:25090]()
    requireLogin($c) if !$c->user_exists;
    [3.25048]
    [3.25090]
    requireUser($c);
  • replacement in src/lib/Hydra/Controller/User.pm at line 169
    [4.1222][4.1222:1264]()
    requireLogin($c) if !$c->user_exists;
    [4.1222]
    [4.1264]
    requireUser($c);
  • replacement in src/lib/Hydra/Controller/User.pm at line 171
    [4.1265][4.1265:1330]()
    error($c, "You do not have permission to edit other users.")
    [4.1265]
    [4.1330]
    accessDenied($c, "You do not have permission to edit other users.")
  • replacement in src/lib/Hydra/Helper/CatalystUtils.pm at line 18
    [2.70][4.9702:9721](),[4.207][4.9702:9721](),[4.268][4.9702:9721](),[4.620][4.9702:9721](),[4.1286][4.9702:9721](),[4.1635][4.9702:9721](),[4.4810][4.9702:9721](),[4.9702][4.9702:9721](),[4.9721][4.1595:1680]()
    error notFound
    requireLogin requireProjectOwner requireAdmin requirePost isAdmin isProjectOwner
    [2.70]
    [4.9771]
    error notFound accessDenied
    forceLogin requireUser requireProjectOwner requireAdmin requirePost isAdmin isProjectOwner
  • edit in src/lib/Hydra/Helper/CatalystUtils.pm at line 101
    [4.4333]
    [4.4333]
    error($c, $msg);
    }
    sub accessDenied {
    my ($c, $msg) = @_;
    $c->response->status(403);
  • replacement in src/lib/Hydra/Helper/CatalystUtils.pm at line 120
    [4.4325][4.1160:1179](),[4.4358][4.1160:1179]()
    sub requireLogin {
    [4.4325]
    [4.1179]
    sub forceLogin {
  • edit in src/lib/Hydra/Helper/CatalystUtils.pm at line 125
    [4.1329]
    [4.1329]
    }
    sub requireUser {
    my ($c) = @_;
    forceLogin($c) if !$c->user_exists;
  • replacement in src/lib/Hydra/Helper/CatalystUtils.pm at line 136
    [4.1730][4.1332:1333](),[4.1332][4.1332:1333](),[4.1333][4.1731:1951]()
    return $c->user_exists && ($c->check_user_roles('admin') || $c->user->username eq $project->owner->username || defined $c->model('DB::ProjectMembers')->find({ project => $project, userName => $c->user->username }));
    [4.1730]
    [4.1951]
    return
    $c->user_exists &&
    (isAdmin($c) ||
    $c->user->username eq $project->owner->username ||
    defined $c->model('DB::ProjectMembers')->find({ project => $project, userName => $c->user->username }));
  • replacement in src/lib/Hydra/Helper/CatalystUtils.pm at line 146
    [4.1387][4.2572:2573](),[4.2573][4.1392:1434](),[4.1392][4.1392:1434](),[4.1434][4.0:89]()
    requireLogin($c) if !$c->user_exists;
    error($c, "Only the project members or administrators can perform this operation.")
    [4.1387]
    [4.1955]
    requireUser($c);
    accessDenied($c, "Only the project members or administrators can perform this operation.")
  • edit in src/lib/Hydra/Helper/CatalystUtils.pm at line 154
    [4.2033][4.2033:2034]()
  • replacement in src/lib/Hydra/Helper/CatalystUtils.pm at line 160
    [4.11226][4.11226:11269](),[4.11269][4.2574:2575](),[4.2575][4.11274:11339](),[4.11274][4.11274:11339]()
    requireLogin($c) if !$c->user_exists;
    error($c, "Only administrators can perform this operation.")
    [4.11226]
    [4.2099]
    requireUser($c);
    accessDenied($c, "Only administrators can perform this operation.")