1 // The Antville Project
  2 // http://code.google.com/p/antville
  3 //
  4 // Copyright 2007-2011 by Tobi Schäfer.
  5 //
  6 // Copyright 2001–2007 Robert Gaggl, Hannes Wallnöfer, Tobi Schäfer,
  7 // Matthias & Michael Platzer, Christoph Lincke.
  8 //
  9 // Licensed under the Apache License, Version 2.0 (the ``License'');
 10 // you may not use this file except in compliance with the License.
 11 // You may obtain a copy of the License at
 12 //
 13 //    http://www.apache.org/licenses/LICENSE-2.0
 14 //
 15 // Unless required by applicable law or agreed to in writing, software
 16 // distributed under the License is distributed on an ``AS IS'' BASIS,
 17 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 18 // See the License for the specific language governing permissions and
 19 // limitations under the License.
 20 //
 21 // $Revision$
 22 // $Author$
 23 // $Date$
 24 // $URL$
 25 
 26 /**
 27  * @fileOverview Defines the Members prototype.
 28  */
 29 
 30 markgettext("Members");
 31 markgettext("members");
 32 
 33 /**
 34  * @name Members
 35  * @constructor
 36  * @property {Membership[]} _children
 37  * @property {Membership[]} contributors
 38  * @property {Membership[]} managers
 39  * @property {Membership[]} owners
 40  * @property {Membership[]} subscribers
 41  * @extends HopObject
 42  */
 43 
 44 /**
 45  * 
 46  * @param {String} action
 47  * @returns {Boolean}
 48  */
 49 Members.prototype.getPermission = function(action) {
 50    switch (action) {
 51       case "login":
 52       case "logout":
 53       case "register":
 54       case "reset":
 55       case "salt.txt":
 56       return true;
 57    }
 58       
 59    if (!this._parent.getPermission("main")) {
 60       return false;
 61    }
 62 
 63    switch (action) {
 64       case "edit":
 65       case "privileges":
 66       case "subscriptions":
 67       case "updated":
 68       return !!session.user;
 69       
 70       case ".":
 71       case "main":
 72       case "add":
 73       case "owners":
 74       case "managers":
 75       case "contributors":
 76       case "subscribers":
 77       return Membership.require(Membership.OWNER) ||
 78             User.require(User.PRIVILEGED);
 79    }
 80 
 81    return Feature.getPermission.apply(this, arguments);
 82 }
 83 
 84 Members.prototype.main_action = function() {
 85    res.data.title = gettext("Site Members");
 86    res.data.list = renderList(this, "$Membership#member", 
 87          10, req.queryParams.page);
 88    res.data.pager = renderPager(this, this.href(req.action), 
 89          10, req.queryParams.page);
 90    res.data.body = this.renderSkinAsString("$Members#main");
 91    res.handlers.site.renderSkin("Site#page");
 92    return;
 93 }
 94 
 95 Members.prototype.register_action = function() {
 96    if (req.postParams.register) {
 97       try {
 98          var title = res.handlers.site.title;
 99          var user = User.register(req.postParams);
100          var membership = Membership.add(user, Membership.SUBSCRIBER, this._parent);
101          membership.notify(req.action, user.email, 
102                gettext('[{0}] Welcome to {1}!', root.title, title));
103          res.message = gettext('Welcome to “{0}”, {1}. Have fun!',
104                title, user.name);
105          res.redirect(User.getLocation() || this._parent.href());
106       } catch (ex) {
107          res.message = ex;
108       }
109    }
110 
111    session.data.token = User.getSalt();
112    res.data.action = this.href(req.action);
113    res.data.title = gettext("Register");
114    res.data.body = this.renderSkinAsString("$Members#register");
115    this._parent.renderSkin("Site#page");
116    return;
117 }
118 
119 Members.prototype.reset_action = function() {
120    if (req.postParams.reset) {
121       try {
122          if (!req.postParams.name || !req.postParams.email) {
123             throw Error(gettext("Please enter a user name and e-mail address."));
124          }
125          var user = User.getByName(req.postParams.name);
126          if (!user || user.email !== req.postParams.email) {
127             throw Error(gettext("User name and e-mail address do not match."))
128          }
129          var token = User.getSalt();
130          user.setMetadata("resetToken", token);
131          sendMail(user.email, gettext("[{0}] Password reset confirmation", root.title),
132                user.renderSkinAsString("$User#notify_reset", {
133                   href: this.href("reset"),
134                   token: token
135                }));
136          res.message = gettext("A confirmation mail was sent to your e-mail address.");
137          res.redirect(this._parent.href());
138       } catch(ex) {
139          res.message = ex;
140       }
141    } else if (req.data.user && req.data.token) {
142       var user = User.getById(req.data.user);
143       if (user) {
144          var token = user.getMetadata("resetToken");
145          if (token && token === req.data.token) {
146             session.login(user);
147             if (req.postParams.save) {
148                var password = req.postParams.password;
149                if (!password) {
150                   res.message = gettext("Please enter a new password.");
151                } else if (password !== req.postParams.passwordConfirm) {
152                   res.message = gettext("The passwords do not match.");
153                } else {
154                   user.hash = (password + user.salt).md5();
155                   user.setMetadata("resetToken", null);
156                   res.message = gettext("Your password was changed.");
157                   res.redirect(this._parent.href());
158                }
159             }
160             res.data.title = gettext("Reset Password");
161             res.data.body = this.renderSkinAsString("$Members#password");
162             this._parent.renderSkin("Site#page");
163             return;
164          }
165       }
166       res.message = gettext("This URL is not valid for resetting your password.");
167       res.redirect(this.href(req.action));
168    }
169    res.data.action = this.href(req.action);
170    res.data.title = gettext("Request Password Reset");
171    res.data.body = this.renderSkinAsString("$Members#reset");
172    this._parent.renderSkin("Site#page");
173    return;
174 }
175 
176 Members.prototype.login_action = function() {
177    if (req.postParams.login) {
178       try {
179          var user = User.login(req.postParams);
180          res.message = gettext('Welcome to {0}, {1}. Have fun!',
181                res.handlers.site.getTitle(), user.name);
182          res.redirect(User.getLocation() || this._parent.href());
183       } catch (ex) {
184          res.message = ex;
185       }
186    }
187    session.data.token = User.getSalt();
188    res.data.action = this.href(req.action);
189    res.data.title = gettext("Login");
190    res.data.body = this.renderSkinAsString("$Members#login");
191    this._parent.renderSkin("Site#page");
192    return;
193 }
194 
195 Members.prototype.logout_action = function() {
196    if (session.user) {
197       res.message = gettext("Good bye, {0}! Looking forward to seeing you again!", 
198             session.user.name);
199       User.logout();
200    }
201    res.redirect(this._parent.href());
202    return;
203 }
204 
205 Members.prototype.edit_action = function() {
206    if (req.postParams.save) {
207       try {
208          session.user.update(req.postParams);
209          res.message = gettext("The changes were saved successfully.");
210          res.redirect(this._parent.href());
211       } catch (err) {
212          res.message = err.toString();
213       }
214    }
215 
216    session.data.token = User.getSalt();
217    session.data.salt = session.user.salt; // FIXME
218    res.data.title = gettext("User Profile");
219    res.data.body = session.user.renderSkinAsString("$User#edit");
220    this._parent.renderSkin("Site#page");
221    return;
222 }
223 
224 Members.prototype.salt_txt_action = function() {
225    res.contentType = "text/plain";
226    var user;
227    if (user = User.getByName(req.queryParams.user)) {
228       res.write(user.salt || String.EMPTY);
229    }
230    return;
231 }
232 
233 Members.prototype.owners_action = function() {
234    res.data.title = gettext("Site Owners");
235    res.data.list = renderList(this.owners, 
236          "$Membership#member", 10, req.queryParams.page);
237    res.data.pager = renderPager(this.owners, 
238          this.href(req.action), 10, req.queryParams.page);
239    res.data.body = this.renderSkinAsString("$Members#main");
240    res.handlers.site.renderSkin("Site#page");
241    return;
242 }
243 
244 Members.prototype.managers_action = function() {
245    res.data.title = gettext("Site Managers");
246    res.data.list = renderList(this.managers, 
247          "$Membership#member", 10, req.queryParams.page); 
248    res.data.pager = renderPager(this.managers, 
249          this.href(req.action), 10, req.queryParams.page);
250    res.data.body = this.renderSkinAsString("$Members#main");
251    res.handlers.site.renderSkin("Site#page");
252    return;
253 }
254 
255 Members.prototype.contributors_action = function() {
256    res.data.title = gettext("Site Contributors");
257    res.data.list = renderList(this.contributors, 
258          "$Membership#member", 10, req.queryParams.page);
259    res.data.pager = renderPager(this.contributors, 
260          this.href(req.action), 10, req.data.page);
261    res.data.body = this.renderSkinAsString("$Members#main");
262    res.handlers.site.renderSkin("Site#page");
263    return;
264 }
265 
266 Members.prototype.subscribers_action = function() {
267    res.data.title = gettext("Site Subscribers");
268    res.data.list = renderList(this.subscribers, 
269          "$Membership#member", 10, req.queryParams.page);
270    res.data.pager = renderPager(this.subscribers, 
271          this.href(req.action), 10, req.queryParams.page);
272    res.data.body = this.renderSkinAsString("$Members#main");
273    res.handlers.site.renderSkin("Site#page");
274    return;
275 }
276 
277 Members.prototype.updated_action = function() {
278    res.data.title = gettext("Updates");
279    res.data.list = session.user.renderSkinAsString("$User#sites");
280    res.data.body = session.user.renderSkinAsString("$User#subscriptions");
281    res.handlers.site.renderSkin("Site#page");
282    return;
283 }
284 
285 Members.prototype.privileges_action = function() {
286    var site = res.handlers.site;
287    res.data.title = gettext("Privileges");
288    res.data.list = renderList(session.user.memberships, function(item) {
289       res.handlers.subscription = item.site;
290       item.renderSkin("$Membership#subscription");
291       return;
292    });
293    res.handlers.site = site;
294    res.data.body = session.user.renderSkinAsString("$User#subscriptions");
295    res.handlers.site.renderSkin("Site#page");
296    return;
297 }
298 
299 Members.prototype.subscriptions_action = function() {
300    var site = res.handlers.site;
301    res.data.title = gettext("Subscriptions");
302    res.data.list = renderList(session.user.subscriptions, function(item) {
303       res.handlers.subscription = item.site;
304       item.renderSkin("$Membership#subscription");
305       return;
306    });
307    res.handlers.site = site;
308    res.data.body = session.user.renderSkinAsString("$User#subscriptions");
309    res.handlers.site.renderSkin("Site#page");
310    return;
311 }
312 
313 Members.prototype.add_action = function() {
314    if (req.postParams.term) {
315       try {
316          var result = this.search(req.postParams.term);
317          if (result.length < 1) {
318             res.message = gettext("No user found to add as member.");
319          } else {
320             if (result.length >= 100) {
321                res.message = gettext("Too many users found, displaying the first {0} matches only.", 
322                      result.length);
323             } else {
324                res.message = ngettext("One user found.", "{0} users found.", 
325                       result.length);
326             }
327             res.data.result = this.renderSkinAsString("$Members#results", result);
328          }
329       } catch (ex) {
330          res.message = ex;
331          app.log(ex);
332       }
333    } else if (req.postParams.add) {
334       try {
335          var membership = this.addMembership(req.postParams);
336          membership.notify(req.action, membership.creator.email,  
337                gettext('[{0}] Notification of membership change', root.title));
338          res.message = gettext("Successfully added {0} to the list of members.", 
339                req.postParams.name);
340          res.redirect(membership.href("edit"));
341       } catch (ex) {
342          res.message = ex;
343          app.log(ex);
344       }
345       res.redirect(this.href());
346    }
347    res.data.action = this.href(req.action);
348    res.data.title = gettext('Add Member');
349    res.data.body = this.renderSkinAsString("$Members#add");
350    res.handlers.site.renderSkin("Site#page");
351    return;
352 }
353 
354 /**
355  * 
356  * @param {String} searchString
357  * @returns {Object}
358  */
359 Members.prototype.search = function(searchString) {
360    var self = this;
361    var mode = "=";
362    if (searchString.contains("*")) {
363       searchString = searchString.replace(/\*/g, "%");
364       mode = "like";
365    }
366    var sql = new Sql;
367    sql.retrieve(Sql.MEMBERSEARCH, mode, searchString, 100);
368    var counter = 0, name;
369    res.push();
370    sql.traverse(function() {
371       // Check if the user is not already a member
372       if (!self.get(this.name)) {
373          self.renderSkin("$Members#result", {name: this.name});
374          counter += 1;
375       }
376    });
377    return {
378       result: res.pop(),
379       length: counter
380    };
381 }
382 
383 /**
384  * 
385  * @param {Object} data
386  * @returns {Membership}
387  */
388 Members.prototype.addMembership = function(data) {
389    var user = root.users.get(data.name);
390    if (!user) {
391       throw Error(gettext("Sorry, your input did not match any registered user."));
392    } else if (this.get(data.name)) {
393       throw Error(gettext("This user is already a member of this site."));
394    }
395    var membership = Membership.add(user, Membership.SUBSCRIBER, this._parent);
396    return membership;
397 }
398