Improve session handling, and other minor fixes

skoranda · Nov 16, 2018 · 66d7f96 · 66d7f96
1 parent 2af824e
commit 66d7f96
Show file tree

Hide file tree

Showing 13 changed files with 199 additions and 150 deletions.
diff --git a/app/src/Controller/AppController.php b/app/src/Controller/AppController.php
@@ -109,7 +109,8 @@ public function beforeRender(\Cake\Event\Event $event) {
     parent::beforeRender($event);
 
     // The current user, if authenticated
-    $this->set('vv_user', $this->request->getSession()->read('Auth.User'));
+    $curUser = $this->request->getSession()->read('Auth.User');
+    $this->set('vv_user', $curUser);
 
     // The current Matchgrid, as determined in beforeFilter()
     $mgid = null;
@@ -123,7 +124,7 @@ public function beforeRender(\Cake\Event\Event $event) {
     $this->set('vv_matchgrids', $this->Matchgrids->find('list')->find('activeMatchGrids')->toArray());
 
     // The set of menu permissions, so the layout knows what to render
-    if($this->Authorization) {
+    if($this->Authorization && $curUser) {
       // Ordinarily $this->Authorization will be set, but under certain error conditions
       // it won't, which will prevent error messages from rendering
 

diff --git a/app/src/Controller/MatchgridsController.php b/app/src/Controller/MatchgridsController.php
@@ -96,6 +96,9 @@ public function isAuthorized(Array $user) {
       'manage'    => $platformAdmin || $mgAdmin,
       'pending'   => $platformAdmin || $mgAdmin || $recMgr,
       'reconcile' => $platformAdmin || $mgAdmin || $recMgr,
+      // We allow anyone to access select since we don't have a matchgrid context yet.
+      // If $user has no meaningful permissions, they'll get no menu options.
+      'select'    => true,
       'view'      => false
     ];
 
@@ -251,4 +254,15 @@ public function reconcile(string $id) {
       $this->Flash->error(__('match.er.reconcile', [$e->getMessage()]));
     }
   }
+
+  /**
+   * Provide a set of Matchgrids to operate on.
+   *
+   * @since  COmanage Match v1.0.0
+   * @param  String $id Matchgrid ID
+   */
+
+  public function select() {
+    $this->set('vv_title', __('match.op.select.mg'));
+  }
 }
diff --git a/app/src/Controller/PagesController.php b/app/src/Controller/PagesController.php
@@ -28,7 +28,33 @@
  */
 class PagesController extends AppController
 {
-
+  /**
+   * Callback run prior to the request action.
+   *
+   * @since  COmanage Match v1.0.0
+   * @param  Event $event Cake Event
+   */
+
+  public function beforeFilter(\Cake\Event\Event $event) {
+    parent::beforeFilter($event);
+
+    $param = $this->request->getParam('pass.0');
+
+    if($param == 'home') {
+      // Allow rendering to get the login button. If we're already logged in,
+      // redirect to the landing page.
+      if($this->request->getSession()->read('Auth')) {
+        $this->redirect([
+          'controller' => 'matchgrids',
+          'action'     => 'select',
+          'plugin'     => false
+        ]);
+      }
+
+      $this->Auth->allow(['display']);
+    }
+  }
+
     /**
      * Displays a view
      *

diff --git a/app/src/Controller/UsersController.php.not b/app/src/Controller/UsersController.php.not
diff --git a/app/src/Locale/en_US/default.po b/app/src/Locale/en_US/default.po
@@ -197,6 +197,9 @@ msgstr "Request ID {0} not found"
 msgid "match.er.save"
 msgstr "Save Failed ({0})"
 
+msgid "match.er.unauthorized"
+msgstr "{0} does not have any valid permissions"
+
 # XXX rekey?
 msgid "matchgrid.er.search_type"
 msgstr "Unknown search type '{0}'"
@@ -306,6 +309,9 @@ msgstr "Unique, alphanumeric name for matchgrid (will be prefixed mg_ for actual
 msgid "match.fd.username"
 msgstr "Username"
 
+msgid "match.home.welcome"
+msgstr "Welcome to {0}."
+
 ### Informational Messages
 msgid "match.in.matchgrids.none"
 msgstr "There are no matchgrids currently defined."
@@ -336,6 +342,12 @@ msgstr "Edit"
 msgid "match.op.edit.a"
 msgstr "Edit {0}"
 
+msgid "match.op.login"
+msgstr "Login"
+
+msgid "match.op.logout"
+msgstr "Logout"
+
 msgid "match.op.manage"
 msgstr "Manage"
 
@@ -360,6 +372,9 @@ msgstr "Assign This Reference ID"
 msgid "match.op.save"
 msgstr "Save"
 
+msgid "match.op.select.mg"
+msgstr "Matchgrid Selection"
+
 msgid "match.op.skip_to_content"
 msgstr "Skip to main content"
 

diff --git a/app/src/Template/Element/breadcrumbs.ctp b/app/src/Template/Element/breadcrumbs.ctp
@@ -43,7 +43,8 @@ if($this->request->getRequestTarget(false) != '/') {
 
   $this->Breadcrumbs->prepend(
     __('match.meta.match'),
-    '/'
+    ['controller'   => 'matchgrids',
+     'action'       => 'select']
   );
 
   if(!empty($vv_cur_mg) 

diff --git a/app/src/Template/Element/menuUser.ctp b/app/src/Template/Element/menuUser.ctp
@@ -38,27 +38,27 @@
     <ul id="user-links-menu" class="mdl-menu mdl-menu--bottom-right mdl-js-menu mdl-js-ripple-effect" for="user-links">
       <li id="user-links-cn">XXX Put something here</li>
       <li id="logout-in-menu" class="co-menu-button">
-        <?php // XXX these links aren't right
-          $args = array('controller' => 'auth',
-            'action'     => 'logout',
-            'plugin'     => false);
-          print $this->Html->link("XXX LOGOUT" . ' <span class="fa fa-sign-out"></span>',
-            $args, array('escape'=>false, 'class' => 'mdl-button mdl-js-button mdl-js-ripple-effect'));
+        <?php
+          print $this->Html->link(__('match.op.logout') . ' <span class="fa fa-sign-out"></span>',
+                                  '/auth/logout/logout.php',
+                                  ['escape'     => false,
+                                   'class'      => 'mdl-button mdl-js-button mdl-js-ripple-effect']);
         ?>
       </li>
     </ul>
   </div>
-<?php endif ?>
+<?php endif; ?>
 
 <?php if(!isset($noLoginLogout) || !$noLoginLogout) : ?>
-  <?php // Print the login button XXX this isn't right
+  <?php
     if(!$vv_user) {
-      $args = array('controller' => 'auth',
-                    'action'     => 'login',
-                    'plugin'     => false
-                   );
-      print $this->Html->link("XXX LOGIN" . ' <span class="fa fa-sign-in"></span>',
-            $args, array('escape'=>false, 'id' => 'login', 'class' => ''));
+      print $this->Html->link(__('match.op.login') . ' <span class="fa fa-sign-in"></span>',
+                              ['controller' => 'matchgrids',
+                               'action'     => 'select',
+                               'plugin'     => false],
+                              ['escape'     => false, 
+                               'id'         => 'login',
+                               'class'      => '']);
     }
   ?>
 <?php endif; ?>

diff --git a/app/src/Template/Matchgrids/manage.ctp b/app/src/Template/Matchgrids/manage.ctp
@@ -26,9 +26,20 @@
  */
 
 declare(strict_types = 1);
+?>
 
-print $this->Html->link(__('match.op.reconcile'),
-                        ['controller' => 'Matchgrids',
-                         'action' => 'pending',
-                         $vv_cur_mg->id],
-                        ['class' => 'reconcilebutton']);
+<h1><?= $vv_title; ?></h1>
+
+<!-- Matchgrid Management Menu -->
+<section class="inner-content">
+  <ul id="configuration-menu" class="three-col">
+    <li>
+      <em class="material-icons" aria-hidden="true">check_circle</em>
+      <?= $this->Html->link(__('match.op.reconcile'),
+                            ['controller' => 'Matchgrids',
+                             'action' => 'pending',
+                             $vv_cur_mg->id]);
+      ?>
+    </li>
+  </ul>
+</section>
diff --git a/app/src/Template/Matchgrids/select.ctp b/app/src/Template/Matchgrids/select.ctp
@@ -0,0 +1,87 @@
+<?php
+/**
+ * COmanage Matchgrid Select Page
+ *
+ * Portions licensed to the University Corporation for Advanced Internet
+ * Development, Inc. ("UCAID") under one or more contributor license agreements.
+ * See the NOTICE file distributed with this work for additional information
+ * regarding copyright ownership.
+ *
+ * UCAID licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with the
+ * License. You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * @link          http://www.internet2.edu/comanage COmanage Project
+ * @package       match
+ * @since         COmanage Match v1.0.0
+ * @license       Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
+ */
+
+declare(strict_types = 1);
+
+use \App\Lib\Enum\PermissionEnum;
+?>
+
+<h1><?= $vv_title; ?></h1>
+
+<?php if(count($vv_matchgrids) == 0): ?>
+<div class="co-info-topbox">
+  <em class="material-icons">info</em>
+  <?= __('match.in.matchgrids.none'); ?>
+</div>
+<?php else: // vv_matchgrids ?>
+<div id="fpCoList" class="co-grid co-grid-with-header mdl-shadow--2dp">
+  <div class="mdl-grid co-grid-header">
+    <div class="mdl-cell mdl-cell--6-col"><?= __('match.ct.matchgrids', [1]) ?></div>
+    <div class="mdl-cell mdl-cell--6-col"><?= __('match.fd.action') ?></div>
+  </div>
+  <?php foreach($vv_matchgrids as $id => $name): ?>
+  <?php
+    if(empty($vv_menu_permissions['gridroles'][$id])
+       && !$vv_menu_permissions['matchgrids']) {
+      continue;
+    }
+  ?>
+  <div class="mdl-grid co-row spin">
+    <div class="mdl-cell mdl-cell--6-col collab-name">
+      <?= filter_var($name, FILTER_SANITIZE_SPECIAL_CHARS); ?>
+    </div>
+    <div class="mdl-cell mdl-cell--6-col collab-desc">
+      <?php
+        // Can manage this matchgrid?
+        if((isset($vv_menu_permissions['gridroles'][$id][PermissionEnum::MatchgridAdmin])
+            && $vv_menu_permissions['gridroles'][$id][PermissionEnum::MatchgridAdmin])
+           // Proxy for platform admin
+           || $vv_menu_permissions['matchgrids']) {
+          print $this->Html->link(__('match.op.manage'),
+                                  ['controller' => 'Matchgrids',
+                                   'action'     => 'manage',
+                                   $id],
+                                  ['class' => 'configurebutton']);
+        }
+
+        // Can reconcile this matchgrid?
+        if((isset($vv_menu_permissions['gridroles'][$id][PermissionEnum::ReconciliationManager])
+            && $vv_menu_permissions['gridroles'][$id][PermissionEnum::ReconciliationManager])
+           // Proxy for platform admin
+           || $vv_menu_permissions['matchgrids']) {
+          print $this->Html->link(__('match.op.reconcile'),
+                                  ['controller' => 'Matchgrids',
+                                   'action'     => 'pending',
+                                   $id],
+                                  ['class' => 'reconcilebutton']);
+        }
+      ?>
+    </div>
+  </div>
+  <?php endforeach; // vv_matchgrids ?>
+</div>
+<?php endif; // vv_matchgrids ?>