Changeset 503


Ignore:
Timestamp:
Sep 26, 2011, 6:05:01 PM (10 years ago)
Author:
Kris Deugau
Message:

/branches/htmlform

Checkpoint, clearing out references to printError()
All ACL checks that generate error pages should now be converted
to use the new aclerror template. See #15.
Fix a minor bug in CustIDCK.pm - calls to custid_check are being
treated as an object call for some reason.

Location:
branches/htmlform
Files:
1 added
6 edited

Legend:

Unmodified
Added
Removed
  • branches/htmlform/cgi-bin/CustIDCK.pm

    r417 r503  
    3131# the local admin on installation
    3232sub custid_exist {
     33  my $self = shift;
    3334  my $custid = shift;
    3435
  • branches/htmlform/cgi-bin/IPDB.pm

    r479 r503  
    2424@EXPORT_OK    = qw(
    2525        %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist @masterblocks
    26         %allocated %free %routed %bigfree %IPDBacl
     26        %allocated %free %routed %bigfree %IPDBacl %aclmsg
    2727        &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock &addMaster
    2828        &deleteBlock &getBlockData &mailNotify
     
    3232%EXPORT_TAGS    = ( ALL => [qw(
    3333                %disp_alloctypes %list_alloctypes %def_custids @citylist @poplist
    34                 @masterblocks %allocated %free %routed %bigfree %IPDBacl
     34                @masterblocks %allocated %free %routed %bigfree %IPDBacl %aclmsg
    3535                &initIPDBGlobals &connectDB &finish &checkDBSanity &allocateBlock
    3636                &addMaster &deleteBlock &getBlockData &mailNotify
     
    5252our %bigfree;
    5353our %IPDBacl;
     54
     55# mapping table for functional-area => error message
     56our %aclmsg = (
     57        addmaster       => 'add a master block',
     58        addblock        => 'add an allocation',
     59        updateblock     => 'update a block',
     60        delblock        => 'delete an allocation',
     61        );
    5462
    5563our $org_name = 'Example Corp';
  • branches/htmlform/cgi-bin/main.cgi

    r497 r503  
    8282
    8383#main()
     84my $aclerr;
    8485
    8586if(!defined($webvar{action})) {
     
    9899} elsif ($webvar{action} eq 'addmaster') {
    99100  if ($IPDBacl{$authuser} !~ /a/) {
    100     printError("You shouldn't have been able to get here.  Access denied.");
     101    $aclerr = 'addmaster';
    101102  }
    102103} elsif ($webvar{action} eq 'newmaster') {
    103104
    104105  if ($IPDBacl{$authuser} !~ /a/) {
    105     printError("You shouldn't have been able to get here.  Access denied.");
     106    $aclerr = 'addmaster';
    106107  } else {
    107108    my $cidr = new NetAddr::IP $webvar{cidr};
     
    191192
    192193
     194# Switch to a different template if we've tripped on an ACL error.
     195# Note that this should only be exercised in development, when
     196# deeplinked, or when being attacked;  normal ACL handling should
     197# remove the links a user is not allowed to click on.
     198if ($aclerr) {
     199  $page = HTML::Template->new(filename => "aclerror.tmpl");
     200  $page->param(ipdbfunc => $aclmsg{$aclerr});
     201}
     202
    193203
    194204# Clean up IPDB globals, DB handle, etc.
     
    502512
    503513  if ($IPDBacl{$authuser} !~ /a/) {
    504     printError("You shouldn't have been able to get here.  Access denied.");
     514    $aclerr = 'addblock';
    505515    return;
    506516  }
     
    605615sub confirmAssign {
    606616  if ($IPDBacl{$authuser} !~ /a/) {
    607     printError("You shouldn't have been able to get here.  Access denied.");
     617    $aclerr = 'addblock';
    608618    return;
    609619  }
     
    777787sub insertAssign {
    778788  if ($IPDBacl{$authuser} !~ /a/) {
    779     printError("You shouldn't have been able to get here.  Access denied.");
     789    $aclerr = 'addblock';
    780790    return;
    781791  }
     
    10211031sub update {
    10221032  if ($IPDBacl{$authuser} !~ /c/) {
    1023     printError("You shouldn't have been able to get here.  Access denied.");
     1033    $aclerr = 'updateblock';
    10241034    return;
    10251035  }
     
    11251135sub remove {
    11261136  if ($IPDBacl{$authuser} !~ /d/) {
    1127     printError("You shouldn't have been able to get here.  Access denied.");
     1137    $aclerr = 'delblock';
    11281138    return;
    11291139  }
     
    12101220sub finalDelete {
    12111221  if ($IPDBacl{$authuser} !~ /d/) {
    1212     $page->param(aclerr => 1);
     1222    $aclerr = 'delblock';
    12131223    return;
    12141224  }
  • branches/htmlform/ipdb.css

    r499 r503  
    188188.err {
    189189        text-align: center;
    190         font-size: 100%;
     190        font-size: 1em;
    191191}
    192192
  • branches/htmlform/templates/confirm.tmpl

    r463 r503  
    11<TMPL_IF err>
    2 <div class="err">
     2<div class="regular err">
    33<p><TMPL_VAR NAME=err></p>
    44<input type="button" value="Back" onclick="history.go(-1)">
  • branches/htmlform/templates/finaldelete.tmpl

    r476 r503  
    11<div class="center">
    2 <TMPL_IF aclerr>
    3 <p>You shouldn't have been able to get here.  Access denied.</p>
    4 <input type="button" value="Back" onclick="history.go(-1)">
    5 <TMPL_ELSE>
    62<TMPL_IF failmsg>
    73<p>Could not deallocate <TMPL_IF netblock>netblock<TMPL_ELSE>static IP</TMPL_IF> <TMPL_VAR NAME=block>: <TMPL_VAR NAME=failmsg></p>
     
    106<div class="heading">Success!  <TMPL_VAR NAME=block> deallocated.</div>
    117</TMPL_IF>
    12 </TMPL_IF>
    138</div>
    149
Note: See TracChangeset for help on using the changeset viewer.