summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobert Haas2009-05-26 20:55:25 +0000
committerRobert Haas2009-05-26 20:56:23 +0000
commit75796dd6fbe25282c001f5fa7f0da2e21813656b (patch)
treeab36bc35eb1906980fc437dbbed52126301e185a
parent0bf2c02e0126e48aca9e6d8db9ea7e426060cf44 (diff)
Restrict new/edit/delete on CommitFests to administrators.
The list of administrators is controlled by the new user_privilege table.
-rw-r--r--etc/table.sql6
-rw-r--r--perl-lib/PgCommitFest/CommitFest.pm19
-rw-r--r--perl-lib/PgCommitFest/Request.pm10
3 files changed, 28 insertions, 7 deletions
diff --git a/etc/table.sql b/etc/table.sql
index 44ae05f..c60a298 100644
--- a/etc/table.sql
+++ b/etc/table.sql
@@ -1,3 +1,9 @@
+CREATE TABLE user_privilege (
+ userid varchar not null,
+ is_administrator boolean not null,
+ PRIMARY KEY (userid)
+);
+
CREATE TABLE session (
id varchar not null,
userid varchar not null,
diff --git a/perl-lib/PgCommitFest/CommitFest.pm b/perl-lib/PgCommitFest/CommitFest.pm
index f16819d..b1b3d8d 100644
--- a/perl-lib/PgCommitFest/CommitFest.pm
+++ b/perl-lib/PgCommitFest/CommitFest.pm
@@ -4,7 +4,7 @@ use warnings;
sub delete {
my ($r) = @_;
- $r->authenticate('require_login' => 1);
+ $r->authenticate('require_login' => 1, 'require_administrator' => 1);
$r->set_title('Delete CommitFest');
my $d;
eval {
@@ -28,7 +28,7 @@ EOM
sub form {
my ($r) = @_;
- $r->authenticate('require_login' => 1);
+ $r->authenticate('require_login' => 1, 'require_administrator' => 1);
# Decide whether this is a new commitfest or an edit of an existing
# commitfest, and if editing reload data from database.
@@ -74,8 +74,11 @@ EOM
sub search {
my ($r) = @_;
+ my $aa = $r->authenticate();
$r->set_title('CommitFest Index');
- $r->add_link('/action/commitfest_form', 'New CommitFest');
+ if (defined $aa && $aa->{'is_administrator'}) {
+ $r->add_link('/action/commitfest_form', 'New CommitFest');
+ }
my $list = $r->db->select(<<EOM);
SELECT id, name, commitfest_status FROM commitfest_view ORDER BY name DESC
EOM
@@ -84,6 +87,7 @@ EOM
sub view {
my ($r) = @_;
+ my $aa = $r->authenticate();
my $id = $r->cgi_id();
my $d = $r->db->select_one(<<EOM, $id) if defined $id;
SELECT id, name, commitfest_status FROM commitfest_view WHERE id = ?
@@ -126,9 +130,12 @@ EOM
$r->add_link('/action/patch_form?commitfest=' . $id, 'New Patch');
$r->add_link('/action/commitfest_topic_search?id=' . $id,
'CommitFest Topics');
- $r->add_link('/action/commitfest_form?id=' . $id, 'Edit CommitFest');
- $r->add_link('/action/commitfest_delete?id=' . $id, 'Delete CommitFest',
- 'Are you sure you want to delete this CommitFest?');
+ if (defined $aa && $aa->{'is_administrator'}) {
+ $r->add_link('/action/commitfest_form?id=' . $id, 'Edit CommitFest');
+ $r->add_link('/action/commitfest_delete?id=' . $id,
+ 'Delete CommitFest',
+ 'Are you sure you want to delete this CommitFest?');
+ }
$r->render_template('commitfest_view', { 'd' => $d, 'patch_grouping' => [
{
'name' => 'Pending Patches',
diff --git a/perl-lib/PgCommitFest/Request.pm b/perl-lib/PgCommitFest/Request.pm
index 78911c7..3a89c41 100644
--- a/perl-lib/PgCommitFest/Request.pm
+++ b/perl-lib/PgCommitFest/Request.pm
@@ -58,7 +58,9 @@ sub authenticate {
if (!defined $self->{'authenticate'} && defined $self->cookie('session')) {
$self->{'authenticate'} =
$self->db->select_one(<<EOM, $self->cookie('session'));
-SELECT s.* FROM session s WHERE s.id = ?
+SELECT s.*, p.is_administrator FROM session s
+ LEFT JOIN user_privilege p ON s.userid = p.userid
+WHERE s.id = ?
EOM
}
if (!defined $self->{'authenticate'} && $option{'require_login'}) {
@@ -69,6 +71,12 @@ EOM
}
$self->redirect('/action/login');
}
+ if (defined $self->{'authenticate'} && $option{'require_administrator'}
+ && ! $self->{'authenticate'}{'is_administrator'}) {
+ $self->error_exit(<<EOM);
+This function is available only to administators.
+EOM
+ }
return $self->{'authenticate'};
}