Select Git revision
virtio_mem.c
person_controller.rb 9.13 KiB
require 'xmlhash'
class PersonController < ApplicationController
validate_action :userinfo => {:method => :get, :response => :user}
validate_action :userinfo => {:method => :put, :request => :user, :response => :status}
validate_action :grouplist => {:method => :get, :response => :directory}
validate_action :register => {:method => :put, :response => :status}
validate_action :register => {:method => :post, :response => :status}
skip_before_action :extract_user, only: [:command, :register]
skip_before_action :require_login, only: [:command, :register]
def show
if params[:prefix]
@list = User.where("login LIKE ?", params[:prefix] + '%')
elsif params[:email]
@list = User.where(:email => params[:email])
else
@list = User.all
end
end
def login
render_ok # just a dummy check for the webui to call (for now)
end
# Returns a list of all users (that optionally start with a prefix)
def command
if params[:cmd] == "register"
internal_register
return
end
raise UnknownCommandError.new "Allowed commands are 'change_password'"
end
def get_userinfo
user = User.find_by_login!(params[:login])
if user.login != @http_user.login
logger.debug "Generating for user from parameter #{user.login}"
render :text => user.render_axml(@http_user.is_admin?), :content_type => "text/xml"
else
logger.debug "Generating user info for logged in user #{@http_user.login}"
render :text => @http_user.render_axml(true), :content_type => "text/xml"
end
end
def post_userinfo
login = params[:login]
# just for permission checking
User.find_by_login!(login)
if params[:cmd] == "change_password"
login ||= @http_user.login
password = request.raw_post.to_s.chomp
if login != @http_user.login and not @http_user.is_admin?
render_error :status => 403, :errorcode => "change_password_no_permission",
:message => "No permission to change password for user #{login}"
return
end
if password.blank?
render_error :status => 404, :errorcode => "password_empty",
:message => "No new password given in first line of the body"
return
end
change_password(login, password)
render_ok
return
end
raise UnknownCommandError.new "Allowed commands are 'change_password'"