grahamc/hydra - Change RU7AQO7U4HCWJNQTR2KRGDLLG24WYD47MWIHREV6SIAPCPDQHAWQC

* Role-based access control. Only admins can create projects. Only

admins or project owners can edit or delete a project.

Created by Eelco Dolstra on November 26, 2008

RU7AQO7U4HCWJNQTR2KRGDLLG24WYD47MWIHREV6SIAPCPDQHAWQC

Dependencies

In channels

upstream

main

Change contents

Insertion in src/Hydra/hydra.conf at line 16 [3.671]

[2.360]

                role_relation userroles
                role_field role

Replacement in src/Hydra/lib/Hydra/Controller/Root.pm at line 77 [3.804]
B:BD[2.940] → [2.940:955]
```
        }     
```
[2.940]
[2.955]
```
        }
```
Deletion in src/Hydra/lib/Hydra/Controller/Root.pm at line 101 [3.804]
B:BD[2.1348] → [2.1348:1397]
```
    return requireLogin($c) if !$c->user_exists;
```

Insertion in src/Hydra/lib/Hydra/Controller/Root.pm at line 120 [3.804]

[4.411]

[5.0]

    $project->owner(trim($c->request->params->{owner}))
        if $c->check_user_roles('admin');

Insertion in src/Hydra/lib/Hydra/Controller/Root.pm at line 239 [3.804]

[6.662]


    if ($subcommand ne "") {
        return requireLogin($c) if !$c->user_exists;
        
        if (!$c->check_user_roles('admin') && $c->user->username ne $project->owner) {
            return error($c, "Only the project owner or the administrator can perform this operation.");
        }
        
        if ($subcommand eq "edit") {
            $c->stash->{edit} = 1;
        }
        elsif ($subcommand eq "submit" && $isPosted) {
            $c->model('DB')->schema->txn_do(sub {
                updateProject($c, $project);
            });
            return $c->res->redirect($c->uri_for("/project", trim $c->request->params->{name}));
        }

Replacement in src/Hydra/lib/Hydra/Controller/Root.pm at line 259 [3.804]

B:BD[6.663] → [6.663:879]

B:BD[6.879] → [4.1229:1322]

∅:D[7.88] → [6.952:1253]

∅:D[4.1322] → [6.952:1253]

B:BD[6.952] → [6.952:1253]

    if ($subcommand eq "edit") {
        $c->stash->{edit} = 1;
    } elsif ($subcommand eq "submit" && $isPosted) {
        $c->model('DB')->schema->txn_do(sub {
            updateProject($c, $project);
        });
        return $c->res->redirect($c->uri_for("/project", trim $c->request->params->{name}));
    } elsif ($subcommand eq "delete" && $isPosted) {
        $c->model('DB')->schema->txn_do(sub {
            $project->delete;
        });
        return $c->res->redirect($c->uri_for("/"));
    } elsif ($subcommand eq "") {
    } else {
        return error($c, "Unknown subcommand $subcommand.");

[6.663]

[6.1253]

        elsif ($subcommand eq "delete" && $isPosted) {
            $c->model('DB')->schema->txn_do(sub {
                $project->delete;
            });
            return $c->res->redirect($c->uri_for("/"));
        }
        else {
            return error($c, "Unknown subcommand $subcommand.");
        }

Insertion in src/Hydra/lib/Hydra/Controller/Root.pm at line 301 [3.804]

[8.4]

[6.1330]

    return requireLogin($c) if !$c->user_exists;
    
    if (!$c->check_user_roles('admin')) {
        return error($c, "Only administrators can create projects.");
    }

Replacement in src/Hydra/lib/Hydra/Schema/Buildinputs.pm at line 39 [9.1]

B:BD[9.782] → [2.1398:1540]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:LRcAsbLWbetVw+DCDnv/9w

[9.782]

[9.924]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:BEl4PIMuykTwqyl7La0pKQ

Replacement in src/Hydra/lib/Hydra/Schema/Buildproducts.pm at line 36 [3.4268]

B:BD[3.4922] → [2.1541:1683]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:Pu6gWxltfVJJ+9DBiC9bYg

[3.4922]

[3.5064]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:uEkpbb6hgGe47sDE7KtLDQ

Replacement in src/Hydra/lib/Hydra/Schema/Buildresultinfo.pm at line 32 [10.1594]

B:BD[10.2382] → [2.1684:1826]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:X5GXZRLAaCMl8OKBGjtztw

[10.2382]

[10.2524]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:CfJnTtjRXGV5dD/MWbrJxA

Replacement in src/Hydra/lib/Hydra/Schema/Builds.pm at line 73 [3.5202]

B:BD[3.6194] → [2.1827:1969]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:h32zqOEGcpXQy7pshiWVMA

[3.6194]

[10.3377]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:AFGyXbj7hMxpQxjzgpvrCw

Replacement in src/Hydra/lib/Hydra/Schema/Buildschedulinginfo.pm at line 26 [10.3773]

B:BD[10.4473] → [2.1970:2112]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:egegc7kFKTt9cEGuomi0cQ

[10.4473]

[10.4615]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:O6brsCdVF4TfvtmI9R+TOA

Replacement in src/Hydra/lib/Hydra/Schema/Buildsteps.pm at line 38 [11.1675]

B:BD[11.2816] → [2.2113:2255]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:kFD90OFRM1aqVVCBCh/geA

[11.2816]

[11.2958]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:klPmbTcngdzKN+Dzhj8gvw

Replacement in src/Hydra/lib/Hydra/Schema/Cachedpathinputs.pm at line 25 [12.859]

B:BD[12.1497] → [2.2256:2398]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:r/3GaLIIWaX1fh8kfuQp+w

[12.1497]

[12.1639]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:vGVYmR4k3kezEwiCGSXZWQ

Replacement in src/Hydra/lib/Hydra/Schema/Cachedsubversioninputs.pm at line 23 [12.1780]

B:BD[12.2342] → [2.2399:2541]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:yTp1XcBSQ+6OJvVLugRh1w

[12.2342]

[12.2484]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:ORooKeTpZBPOQCgosHLGeg

Replacement in src/Hydra/lib/Hydra/Schema/Jobsetinputalts.pm at line 36 [13.825]

B:BD[13.1831] → [2.2542:2684]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:lYdNLENxLW2mtZ2w+jou8w

[13.1831]

[13.1973]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:ZeFpiIuYHvaFqRSppuUpoA

Replacement in src/Hydra/lib/Hydra/Schema/Jobsetinputs.pm at line 46 [14.590]

B:BD[14.1681] → [2.2685:2827]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:Bk/vLWpBjR3ZU0p1KN7KfA

[14.1681]

[14.1823]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:/PmcpU0eiLZT+dlUZYyTaQ

Replacement in src/Hydra/lib/Hydra/Schema/Jobsets.pm at line 53 [14.1960]

B:BD[14.2992] → [2.2828:2970]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:9xvvQg/H0oibycB6B45V5A

[14.2992]

[14.3134]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:EGgAWXbhcEC0uBobJMfpUw

Insertion in src/Hydra/lib/Hydra/Schema/Projects.pm at line 19 [14.3266]
[15.1993]
[14.3527]
```
  "owner",
  { data_type => "text", is_nullable => 0, size => undef },
```

Replacement in src/Hydra/lib/Hydra/Schema/Projects.pm at line 35 [14.3266]

B:BD[14.3685] → [2.2971:3113]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:3YMBhMqCjtpUjoTx4JLTOw

[14.3685]

[14.3827]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:jdyfk3vHisJRyE+VNR6dNA

Replacement in src/Hydra/lib/Hydra/Schema/Systemtypes.pm at line 19 [16.1717]

B:BD[16.2105] → [2.3114:3256]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:SSKVFeg7ieeLJcF+s1uWWw

[16.2105]

[16.2247]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:N/yG0cEhf0Y9Ve9YkdwRfA

File addition: Userroles.pm (----------)

[17.207]

package Hydra::Schema::Userroles;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("Core");
__PACKAGE__->table("UserRoles");
__PACKAGE__->add_columns(
  "username",
  { data_type => "text", is_nullable => 0, size => undef },
  "role",
  { data_type => "text", is_nullable => 0, size => undef },
);
__PACKAGE__->set_primary_key("username", "role");
__PACKAGE__->belongs_to("username", "Hydra::Schema::Users", { username => "username" });
# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:f16iU2I/Htdo7mXHvAdwyQ
# You can replace this text with custom content, and it will be preserved on regeneration
1;

Insertion in src/Hydra/lib/Hydra/Schema/Users.pm at line 21 [2.3258]

[2.3780]

__PACKAGE__->has_many(
  "userroles",
  "Hydra::Schema::Userroles",
  { "foreign.username" => "self.username" },
);

Replacement in src/Hydra/lib/Hydra/Schema/Users.pm at line 28 [2.3258]

B:BD[2.3782] → [2.3782:3924]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:BgF6FK+9d7+cc72sp6pfCQ

[2.3782]

[2.3924]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:wwRBfogrkKN2QdgmFjcUlA

Replacement in src/Hydra/lib/Hydra/Schema.pm at line 11 [3.6376]

B:BD[3.6498] → [2.4053:4195]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-26 20:02:52
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:jK/9VMZBot2RJwtlHA6QIg

[3.6498]

[3.6640]

# Created by DBIx::Class::Schema::Loader v0.04005 @ 2008-11-27 00:07:44
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:OcrPIHyQBUa+kF79Ltf95g

Insertion in src/Hydra/lib/Hydra.pm at line 14 [3.6954]
[2.4227]
[2.4227]
```
                Authorization::Roles
```

File addition: login.tt (----------)

[18.857]

[% WRAPPER layout.tt title="Login to Hydra" %]
[% PROCESS common.tt %]
<h1>Login</h1>
[% IF c.user_exists %]
<p>
You are already logged in as <tt>[% c.user.username %]</tt>.
You can <a href="[% c.uri_for('/logout') %]">logout</a> here.
</p>
[% ELSE %]
[% IF errorMsg %]
<p class="error">Error: [% errorMsg %]</p>
[% END %]
<form method="post" action="[% c.uri_for('/login') %]">
  <table class="layoutTable">
    <tr>
      <td>Username:</td>
      <td><input type="text" name="username" /></td>
    </tr>
    <tr>
      <td>Password:</td>
      <td><input type="password" name="password" /></td>
    </tr>
    <tr colspan="2">
      <td>
        <input type="submit" name="login" value="Login" />
      </td>
    </tr>
  </table>
</form>
[% END %]
[% END %]

Insertion in src/Hydra/root/project.tt at line 165 [19.1667]

[5.3619]

  </tr>
  <tr>
    <th>Owner:</th>
    <td><tt>[% INCLUDE maybeEditString param="owner" value=curProject.owner edit=(edit && c.check_user_roles('admin')) %]</tt></td>

Insertion in src/hydra.sql at line 157 [20.1]

[15.14997]

[14.4540]

    owner         text not null,
    foreign key   (owner) references Users(userName) -- ignored by sqlite

Insertion in src/hydra.sql at line 274 [20.1]

[12.5626]


create table UserRoles (
    userName      text not null,
    role          text not null,
    primary key   (userName, role),
    foreign key   (userName) references Users(userName) -- ignored by sqlite
);
create trigger cascadeUserDelete
  before delete on Users
  for each row begin
    delete from UserRoles where userName = old.userName;
  end;