diff --git a/docs/changelog/7.x.x.txt b/docs/changelog/7.x.x.txt index bb921b07c..f047daa9d 100644 --- a/docs/changelog/7.x.x.txt +++ b/docs/changelog/7.x.x.txt @@ -1,4 +1,7 @@ 7.5.2 + - add: Auth modules now accept a "returnUrl" form parameter when logging in + or creating a new account. This parameter is the URL the user is + redirected to after the login / createAccount is done. 7.5.1 - fix: Extra head tags of unplaced assets included twice diff --git a/lib/WebGUI/Auth.pm b/lib/WebGUI/Auth.pm index b6fe9502a..cad39b4ec 100644 --- a/lib/WebGUI/Auth.pm +++ b/lib/WebGUI/Auth.pm @@ -3,7 +3,7 @@ package WebGUI::Auth; =head1 LEGAL ------------------------------------------------------------------- - WebGUI is Copyright 2001-2008 Plain Black Corporation. + WebGUI is Copyright 2001-2007 Plain Black Corporation. ------------------------------------------------------------------- Please read the legal notices (docs/legal.txt) and the license (docs/license.txt) that came with this distribution before using @@ -283,7 +283,11 @@ sub createAccountSave { # If we have a redirectAfterLogin, redirect the user - if ($self->session->scratch->get("redirectAfterLogin")) { + if ($self->session->form->get('returnUrl')) { + $self->session->http->setRedirect( $self->session->form->get('returnUrl') ); + $self->session->scratch->delete("redirectAfterLogin"); + } + elsif ($self->session->scratch->get("redirectAfterLogin")) { my $url = $self->session->scratch->delete("redirectAfterLogin"); $self->session->http->setRedirect($url); return undef; @@ -459,9 +463,15 @@ sub displayLogin { my $vars = $_[1]; # Automatically set redirectAfterLogin unless we've linked here directly # or it's already been set to perform another operation - unless ($self->session->form->process("op") eq "auth" - || ($self->session->scratch->get("redirectAfterLogin") =~ /op=\w+/) ) { - $self->session->scratch->set("redirectAfterLogin",$self->session->url->page($self->session->env->get("QUERY_STRING"))); + unless ( + $self->session->form->process("op") eq "auth" + || ($self->session->scratch->get("redirectAfterLogin") =~ /op=\w+/) + ) { + my $returnUrl + = $self->session->form->get('returnUrl') + || $self->session->url->page( $self->session->env->get('QUERY_STRING') ) + ; + $self->session->scratch->set("redirectAfterLogin", $returnUrl); } my $i18n = WebGUI::International->new($self->session); $vars->{title} = $i18n->get(66); @@ -669,7 +679,13 @@ sub login { $currentUrl =~ s/^https:/http:/; $self->session->http->setRedirect($currentUrl); } - if ($self->session->scratch->get("redirectAfterLogin")) { + + # Set the proper redirect + if ($self->session->form->get('returnUrl')) { + $self->session->http->setRedirect( $self->session->form->get('returnUrl') ); + $self->session->scratch->delete("redirectAfterLogin"); + } + elsif ($self->session->scratch->get("redirectAfterLogin")) { $self->session->http->setRedirect($self->session->scratch->get("redirectAfterLogin")); $self->session->scratch->delete("redirectAfterLogin"); } diff --git a/lib/WebGUI/Help/Asset_Photo.pm b/lib/WebGUI/Help/Asset_Photo.pm index 0d09dbd45..91c3d02ca 100644 --- a/lib/WebGUI/Help/Asset_Photo.pm +++ b/lib/WebGUI/Help/Asset_Photo.pm @@ -243,6 +243,10 @@ our $HELP = { name => 'username', description => 'helpvar commentLoop username', }, + { + name => 'url_deleteComment', + description => 'helpvar commentLoop url_deleteComment', + }, ], }, { diff --git a/lib/WebGUI/Help/Macro_L_loginBox.pm b/lib/WebGUI/Help/Macro_L_loginBox.pm index 667230495..3c099ad1b 100644 --- a/lib/WebGUI/Help/Macro_L_loginBox.pm +++ b/lib/WebGUI/Help/Macro_L_loginBox.pm @@ -34,6 +34,7 @@ our $HELP = { }, { 'name' => 'account.create.url' }, { 'name' => 'account.create.label' }, + { 'name' => 'helpvar form.returnUrl' }, { 'required' => 1, 'name' => 'form.footer' } diff --git a/lib/WebGUI/Macro/L_loginBox.pm b/lib/WebGUI/Macro/L_loginBox.pm index f2081a4ad..23df4d62b 100644 --- a/lib/WebGUI/Macro/L_loginBox.pm +++ b/lib/WebGUI/Macro/L_loginBox.pm @@ -75,6 +75,14 @@ sub process { $var{'logout.url'} = $session->url->page("op=auth;method=logout"); $var{'account.display.url'} = $session->url->page('op=auth;method=displayAccount'); $var{'logout.label'} = $i18n->get(49); + + # A hidden field with the current URL + $var{'form.returnUrl'} + = WebGUI::Form::hidden( $session, { + name => 'returnUrl', + value => $session->url->page($session->env->get("QUERY_STRING")), + }); + my $boxSize = $param[0]; $boxSize = 12 unless ($boxSize); if (index(lc($session->env->get("HTTP_USER_AGENT")),"msie") < 0) { diff --git a/lib/WebGUI/i18n/English/Macro_L_loginBox.pm b/lib/WebGUI/i18n/English/Macro_L_loginBox.pm index 86f4eb782..9e19139f7 100644 --- a/lib/WebGUI/i18n/English/Macro_L_loginBox.pm +++ b/lib/WebGUI/i18n/English/Macro_L_loginBox.pm @@ -92,6 +92,12 @@ our $I18N = { message => q|Click here to log out.|, lastUpdated => 1031514049, }, + + 'helpvar form.returnUrl' => { + message => 'When this hidden form element is present, the user will be + returned to the current page after they login', + lastUpdated => 0, + }, }; 1; diff --git a/t/Auth.t b/t/Auth.t new file mode 100644 index 000000000..9761a306a --- /dev/null +++ b/t/Auth.t @@ -0,0 +1,105 @@ +# vim:syntax=perl +#------------------------------------------------------------------- +# WebGUI is Copyright 2001-2008 Plain Black Corporation. +#------------------------------------------------------------------- +# Please read the legal notices (docs/legal.txt) and the license +# (docs/license.txt) that came with this distribution before using +# this software. +#------------------------------------------------------------------ +# http://www.plainblack.com info@plainblack.com +#------------------------------------------------------------------ + +# Write a little about what this script tests. +# +# + +use FindBin; +use strict; +use lib "$FindBin::Bin/lib"; +use Test::More; +use WebGUI::Test; # Must use this before any other WebGUI modules +use WebGUI::Auth; +use WebGUI::Session; + +#---------------------------------------------------------------------------- +# Init +my $session = WebGUI::Test->session; + +my @cleanupUsernames = (); # Will be cleaned up when we're done +my $AUTH_METHOD = "TEST"; # Used as second argument to WebGUI::Auth->new +my $auth; # will be used to create auth instances +my ($request, $oldRequest, $output); + +#---------------------------------------------------------------------------- +# Tests + +plan tests => 2; # Increment this number for each test you create + +#---------------------------------------------------------------------------- +# Test createAccountSave and returnUrl together +# Set up request +$oldRequest = $session->request; +$request = WebGUI::PseudoRequest->new; +$request->setup_param({ + returnUrl => 'REDIRECT_URL', +}); +$session->{_request} = $request; + +$auth = WebGUI::Auth->new( $session, $AUTH_METHOD ); +my $username = $session->id->generate; +push @cleanupUsernames, $username; +$output = $auth->createAccountSave( $username, { }, "PASSWORD" ); + +is( + $session->http->getRedirectLocation, 'REDIRECT_URL', + "returnUrl field is used to set redirect after createAccountSave", +); + +# Session Cleanup +$session->{_request} = $oldRequest; + +#---------------------------------------------------------------------------- +# Test login and returnUrl together +# Set up request +$oldRequest = $session->request; +$request = WebGUI::PseudoRequest->new; +$request->setup_param({ + returnUrl => 'REDIRECT_LOGIN_URL', +}); +$session->{_request} = $request; + +$auth = WebGUI::Auth->new( $session, $AUTH_METHOD, 3 ); +my $username = $session->id->generate; +push @cleanupUsernames, $username; +$output = $auth->login; + +is( + $session->http->getRedirectLocation, 'REDIRECT_LOGIN_URL', + "returnUrl field is used to set redirect after login", +); + +# Session Cleanup +$session->{_request} = $oldRequest; + + +#---------------------------------------------------------------------------- +# Cleanup +END { + for my $username ( @cleanupUsernames ) { + # We don't create actual, real users, so we have to cleanup by hand + my $userId = $session->db->quickScalar( + "SELECT userId FROM users WHERE username=?", + [ $username ] + ); + + my @tableList + = qw{authentication users userProfileData groupings inbox userLoginLog}; + + for my $table ( @tableList ) { + $session->db->write( + "DELETE FROM $table WHERE userId=?", + [ $userId ] + ); + } + } +} diff --git a/t/Macro/L_loginBox.t b/t/Macro/L_loginBox.t index ad1778ab9..1aa6b5b91 100644 --- a/t/Macro/L_loginBox.t +++ b/t/Macro/L_loginBox.t @@ -29,13 +29,16 @@ $session->user({userId=>1}); ##known user agent. Since it usually contains a reference to %ENV, ##you can't just modify that hash since it's protected my $origEnv = $session->{_env}; -my %newEnvHash = ('HTTP_USER_AGENT', 'mozilla'); +my %newEnvHash = ( + 'HTTP_USER_AGENT' => 'mozilla', + 'QUERY_STRING' => 'func=search', +); $session->{_env}->{_env} = \%newEnvHash; my $i18n = WebGUI::International->new($session,'Macro_L_loginBox'); my $numTests = 1; #Module loading test -$numTests += 29; #Static tests +$numTests += 30; #Static tests plan tests => $numTests; @@ -110,6 +113,14 @@ is( is($vars{'form.footer'}, WebGUI::Form::formFooter($session), 'form.footer'); +is( $vars{'form.returnUrl'}, + WebGUI::Form::hidden( $session, { + name => 'returnUrl', + value => $session->url->page($session->env->get("QUERY_STRING")), + }), + 'form.returnUrl' +); + ##Now, test variations on user input, browser type and config settings ##Set non-default boxSize @@ -223,7 +234,7 @@ sub setupTest { qw/user.isVisitor customText hello.label logout.url account.display.url logout.label form.header username.label username.form password.label password.form form.login account.create.url - account.create.label form.footer/; + account.create.label form.footer form.returnUrl/; #$properties->{template} .= "\n"; my $template = $defaultNode->addChild($properties, $properties->{id}); $versionTag->commit;