diff --git a/lib/WebGUI/Operation.pm b/lib/WebGUI/Operation.pm index 4c102fb75..c664436de 100644 --- a/lib/WebGUI/Operation.pm +++ b/lib/WebGUI/Operation.pm @@ -194,9 +194,6 @@ sub getOperations { 'setPersonalStyle' => 'Style', 'unsetPersonalStyle' => 'Style', - 'ajaxCreateUser' => 'User', - 'ajaxDeleteUser' => 'User', - 'ajaxUpdateUser' => 'User', 'becomeUser' => 'User', 'deleteUser' => 'User', 'editUser' => 'User', diff --git a/lib/WebGUI/Operation/User.pm b/lib/WebGUI/Operation/User.pm index b89119bf4..5d2d94eef 100644 --- a/lib/WebGUI/Operation/User.pm +++ b/lib/WebGUI/Operation/User.pm @@ -25,8 +25,6 @@ use WebGUI::SQL; use WebGUI::TabForm; use WebGUI::User; use WebGUI::Utility; -use JSON; -use XML::Simple; =head1 NAME @@ -138,7 +136,7 @@ sub canUseService { my ( $session ) = @_; my $subnets = $session->config->get('serviceSubnets'); return 1 if !$subnets || !@{$subnets}; - return 1 if WebGUI::Utility::isInSubnet( $session->env->getIp, $subnets ); + return 1 if WebGUI::Utility::isInSubnet( $session->getIp, $subnets ); return 0; # Don't go away mad, just go away } @@ -159,27 +157,6 @@ sub canView { #------------------------------------------------------------------- -=head2 createServiceResponse ( format, data ) - -Create a string with the correct C from the given C. - -Possible formats are "json" and "xml". - -=cut - -sub createServiceResponse { - my ( $format, $data ) = @_; - - if ( lc $format eq "xml" ) { - return XML::Simple::XMLout($data, NoAttr => 1, RootName => "response" ); - } - else { - return JSON->new->encode($data); - } -} - -#------------------------------------------------------------------- - =head2 doUserSearch ( session, op, returnPaginator, userFilter ) Subroutine that actually performs the SQL search for users. @@ -362,21 +339,22 @@ sub www_ajaxCreateUser { ### Verify data # User data is in form - my %userParam = ( + my %user = ( map { $_ => $session->form->get($_) } - grep { !/^auth:/ && $_ ne "op" } - ( $session->form->param ) + grep { !/^auth:/ } + $session->form->get ); # Auth data is auth:: in form - my %authParam = (); - for my $formParam ( grep { /^auth:[^:]+:.+$/ } $session->form->get ) { - my ( $authMethod, $property ) = $formParam =~ /^auth:([^:]+):(.+)$/; - $authParam{$authMethod}{$property} = $session->form->get($formParam); + my %auth = (); + for my $formParam ( grep { /^auth:([^:]+):(.+)$/ } $session->form->get ) { + my $authMethod = $1; + my $property = $2; + $auth{$authMethod}{$property} = $session->form->get($formParam); } - + # User must have a username - if ( !$userParam{username} ) { + if ( !$user{username} ) { return createServiceResponse( $outputFormat, { error => "WebGUI::Error::InvalidParam", param => "username", @@ -384,26 +362,11 @@ sub www_ajaxCreateUser { } ); } - ### Create user - my $user = WebGUI::User->create( $session ); - $user->update( \%userParam ); - for my $authMethod ( keys %authParam ) { - my $auth = WebGUI::Operation::Auth::getInstance($session,$authMethod,$user->getId); + # Create user + + # Send new user's data + - # XXX Special handling for WebGUI passwords. This should be removed when - # Auth is fixed in WebGUI 8 - if ( $authMethod eq 'WebGUI' && exists $authParam{$authMethod}{identifier} ) { - $authParam{$authMethod}{identifier} - = $auth->hashPassword( $authParam{$authMethod}{identifier} ); - } - - $auth->saveParams( $user->getId, $auth->authMethod, $authParam{$authMethod} ); - } - - ### Send new user's data - return createServiceResponse( $outputFormat, { - user => $user->get, - } ); } #------------------------------------------------------------------- @@ -417,53 +380,7 @@ Delete a user using a web service. sub www_ajaxDeleteUser { my ( $session ) = @_; - ### Get desired output format first (for future error messages) - my $outputFormat = "json"; - my $mimeType = "application/json"; - # Allow XML - if ( lc $session->form->get('as') eq "xml" ) { - $outputFormat = "xml"; - $mimeType = "application/xml"; - } - - $session->http->setMimeType( $mimeType ); - - # Verify access - if ( !canEdit($session) || !canUseService($session) ) { - # We need an automatic way to send a request for an http basic auth - $session->http->setStatus(401,'Unauthorized'); - return createServiceResponse( $outputFormat, { - error => "WebGUI::Error::Unauthorized", - message => "", - } ); - } - - # Verify data - my $userId = $session->form->get('userId'); - if ( !$userId ) { - return createServiceResponse( $outputFormat, { - error => "WebGUI::Error::InvalidParam", - param => "userId", - message => "", - } ); - } - elsif ( $userId eq "1" || $userId eq "3" ) { - $session->http->setStatus(403,"Forbidden"); - return createServiceResponse( $outputFormat, { - error => 'WebGUI::Error::InvalidParam', - param => 'userId', - message => 'Cannot delete system user', - } ); - } - - ### Delete user - my $user = WebGUI::User->new( $session, $userId ); - $user->delete; - - return createServiceResponse( $outputFormat, { - message => 'User deleted', - } ); } #------------------------------------------------------------------- @@ -477,72 +394,7 @@ Update a user using a web service. sub www_ajaxUpdateUser { my ( $session ) = @_; - ### Get desired output format first (for future error messages) - my $outputFormat = "json"; - my $mimeType = "application/json"; - # Allow XML - if ( lc $session->form->get('as') eq "xml" ) { - $outputFormat = "xml"; - $mimeType = "application/xml"; - } - - $session->http->setMimeType( $mimeType ); - - # Verify access - if ( !canEdit($session) || !canUseService($session) ) { - # We need an automatic way to send a request for an http basic auth - $session->http->setStatus(401,'Unauthorized'); - return createServiceResponse( $outputFormat, { - error => "WebGUI::Error::Unauthorized", - message => "", - } ); - } - - ### Verify data - # User data is in form - my %userParam = ( - map { $_ => $session->form->get($_) } - grep { !/^auth:/ && $_ ne "op" } - ( $session->form->param ) - ); - - # Auth data is auth:: in form - my %authParam = (); - for my $formParam ( grep { /^auth:[^:]+:.+$/ } $session->form->param ) { - my ( $authMethod, $property ) = $formParam =~ /^auth:([^:]+):(.+)$/; - $authParam{$authMethod}{$property} = $session->form->get($formParam); - } - - # User must have a userId - if ( !$userParam{userId} ) { - return createServiceResponse( $outputFormat, { - error => "WebGUI::Error::InvalidParam", - param => "userId", - message => "", - } ); - } - - ### Update user - my $user = WebGUI::User->new( $session, delete $userParam{userId} ); - $user->update( \%userParam ); - for my $authMethod ( keys %authParam ) { - my $auth = WebGUI::Operation::Auth::getInstance($session,$authMethod,$user->getId); - - # XXX Special handling for WebGUI passwords. This should be removed when - # Auth is fixed in WebGUI 8 - if ( $authMethod eq 'WebGUI' && exists $authParam{$authMethod}{identifier} ) { - $authParam{$authMethod}{identifier} - = $auth->hashPassword( $authParam{$authMethod}{identifier} ); - } - - $auth->saveParams( $user->getId, $auth->authMethod, $authParam{$authMethod} ); - } - - ### Send user's data - return createServiceResponse( $outputFormat, { - user => $user->get, - } ); } >>>>>>> added services to create, update, and delete users:lib/WebGUI/Operation/User.pm diff --git a/lib/WebGUI/User.pm b/lib/WebGUI/User.pm index e428bbe0b..42af8182f 100644 --- a/lib/WebGUI/User.pm +++ b/lib/WebGUI/User.pm @@ -1251,12 +1251,10 @@ sub update { # Make a safe copy of properties, we'll be deleting from it $properties = { %$properties }; + $self->uncache; $properties->{lastUpdated} ||= time; - # No userId, bad! - delete $properties->{userId}; - # $self->{_user} contains all fields in `users` table my @userFields = (); my @userValues = (); diff --git a/t/User.t b/t/User.t index 4003a01ef..be9b9882c 100644 --- a/t/User.t +++ b/t/User.t @@ -20,7 +20,7 @@ use WebGUI::Cache; use WebGUI::User; use WebGUI::ProfileField; -use Test::More tests => 221; # increment this value for each test you create +use Test::More tests => 211; # increment this value for each test you create use Test::Deep; use Data::Dumper; @@ -115,18 +115,12 @@ $newSession->close; my $now = time; $user->update({ - userId => 'INEDU2COMEINSATURDYTHX', username => "jlumbe", firstName => "John", lastName => "Lumbergh", lastUpdated => $now, }); -isnt( - $user->get('userId'), 'INEDU2COMEINSATURDYTHX', - "update() does not allow changing userId", -); - is( $session->db->quickScalar("SELECT username FROM users WHERE userId=?",[$user->getId]), "jlumbe", diff --git a/t/lib/WebGUI/PseudoRequest.pm b/t/lib/WebGUI/PseudoRequest.pm index 76160d3e3..b2e359b07 100644 --- a/t/lib/WebGUI/PseudoRequest.pm +++ b/t/lib/WebGUI/PseudoRequest.pm @@ -231,10 +231,7 @@ all form variables. sub body { my $self = shift; my $value = shift; - if ( !defined $value ) { - return keys %{ $self->{body} } if wantarray; - return { %{ $self->{body} } }; - } + return keys %{ $self->{body} } unless defined $value; if ($self->{body}->{$value}) { if (wantarray && ref $self->{body}->{$value} eq "ARRAY") { return @{$self->{body}->{$value}};