From cf493e8923065697a42722623ef6facf2573d6b9 Mon Sep 17 00:00:00 2001
From: dongsheng <dongsheng>
Date: Tue, 9 Sep 2008 03:25:03 +0000
Subject: [PATCH] MDL-13766 popup authentication support (draft)
---
repository/lib.php | 39 ++++++++++++++++++---------
repository/ws.php | 66 ++++++++++++++++++++++++++++++----------------
2 files changed, 69 insertions(+), 36 deletions(-)
diff --git a/repository/lib.php b/repository/lib.php
index 53940bb0d5..6c0b98a6e9 100644
--- a/repository/lib.php
+++ b/repository/lib.php
@@ -1244,6 +1244,10 @@ EOD;
<script type="text/javascript" src="$CFG->httpswwwroot/lib/yui/selector/selector-beta-min.js"></script>
<script type="text/javascript">
//<![CDATA[
+var active_instance = null;
+function repository_callback(id){
+ active_instance.req(id, '', 0);
+}
var repository_client_$suffix = (function() {
// private static field
var dver = '1.0';
@@ -1490,26 +1494,35 @@ _client.rename = function(oldname, url, icon, repo_id){
html += '</div>';
panel.get('element').innerHTML = html;
}
+_client.popup = function(url){
+ active_instance = repository_client_$suffix;
+ _client.win = window.open(url,'repo_auth', 'location=0,status=0,scrollbars=0,width=500,height=300');
+ return false;
+}
_client.print_login = function(){
var panel = new YAHOO.util.Element('panel-$suffix');
var data = _client.ds.login;
var str = '';
for(var k in data){
str += '<p>';
- var lable_id = '';
- var field_id = '';
- var field_value = '';
- if(data[k].id){
- lable_id = ' for="'+data[k].id+'"';
- field_id = ' id="'+data[k].id+'"';
- }
- if (data[k].label) {
- str += '<label'+lable_id+'>'+data[k].label+'</label><br/>';
- }
- if(data[k].value){
- field_value = ' value="'+data[k].value+'"';
+ if(data[k].type=='popup'){
+ str += '<a href="###" onclick="repository_client_$suffix.popup(\''+data[k].url+'\')">test</a>';
+ }else{
+ var lable_id = '';
+ var field_id = '';
+ var field_value = '';
+ if(data[k].id){
+ lable_id = ' for="'+data[k].id+'"';
+ field_id = ' id="'+data[k].id+'"';
+ }
+ if (data[k].label) {
+ str += '<label'+lable_id+'>'+data[k].label+'</label><br/>';
+ }
+ if(data[k].value){
+ field_value = ' value="'+data[k].value+'"';
+ }
+ str += '<input type="'+data[k].type+'"'+' name="'+data[k].name+'"'+field_id+field_value+' />';
}
- str += '<input type="'+data[k].type+'"'+' name="'+data[k].name+'"'+field_id+field_value+' />';
str += '</p>';
}
str += '<p><input type="button" onclick="repository_client_$suffix.login()" value="$strsubmit" /></p>';
diff --git a/repository/ws.php b/repository/ws.php
index d918864ee8..1a56614cda 100644
--- a/repository/ws.php
+++ b/repository/ws.php
@@ -5,38 +5,41 @@ header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
require_once('../config.php');
require_once('../lib/filelib.php');
require_once('lib.php');
-// set one hour here
-$CFG->repository_cache_expire = 60*60;
// page or path
$p = optional_param('p', '', PARAM_INT);
// opened in editor or moodleform
$env = optional_param('env', 'form', PARAM_ALPHA);
// file to download
-// TODO: which type should be?
$file = optional_param('file', '', PARAM_RAW);
// rename the file name
$title = optional_param('title', '', PARAM_FILE);
$action = optional_param('action', '', PARAM_ALPHA);
$search = optional_param('s', '', PARAM_CLEANHTML);
-// id of repository
+// repository ID
$repo_id = optional_param('repo_id', 1, PARAM_INT);
-// TODO
-// what will happen if user use a fake ctx_id?
-// Think about using $SESSION save it
$ctx_id = optional_param('ctx_id', SITEID, PARAM_INT);
$userid = $USER->id;
+// check context id
if (!repository_check_context($ctx_id)) {
$err = new stdclass;
$err->e = get_string('nopermissiontoaccess', 'repository');
die(json_encode($err));
}
+/**
+ * walk an array to attach repository ID
+ */
function attach_repository_id(&$value, $key, $id){
$value['repo_id'] = $id;
}
-// do global search
-if($action=='gsearch'){
+
+/**
+ * these actions are requested without repository ID
+ */
+switch ($action) {
+case 'gsearch':
+ // global search
$repos = repository_get_instances(array(get_context_instance_by_id($ctx_id), get_system_context()));
$list = array();
foreach($repos as $repo){
@@ -54,13 +57,16 @@ if($action=='gsearch'){
}
}
die(json_encode(array('list'=>$list)));
-}
-if ($action=='ccache') {
+ break;
+case 'ccache':
+ //clean cache
$cache = new curl_cache;
$cache->refresh();
die(get_string('cachecleared', 'repository'));
+ break;
}
+// Get repository instance information
$sql = 'SELECT i.name, i.typeid, r.type FROM {repository} r, {repository_instances} i WHERE i.id='.$repo_id.' AND i.typeid=r.id';
if(!$repository = $DB->get_record_sql($sql)) {
$err = new stdclass;
@@ -89,7 +95,27 @@ if(file_exists($CFG->dirroot.'/repository/'.
die(json_encode($err));
}
-if ($action == 'list' || $action == 'search') {
+switch ($action) {
+case 'login':
+ try {
+ echo json_encode($repo->print_login());
+ } catch (repository_exception $e){
+ $err = new stdclass;
+ $err->e = $e->getMessage();
+ die(json_encode($err));
+ }
+ break;
+case 'callback':
+ // http://xx.moodle.com/repository/ws.php?action=callback&repo_id=1&sid=xxx
+ // sid is the attached auth token from external source
+ $js =<<<EOD
+<html><head><script type="text/javascript">
+window.opener.repository_callback($repo_id);
+</script><body></body></html>
+EOD;
+ break;
+case 'list':
+case 'search':
try {
if(!empty($p)) {
echo json_encode($repo->get_listing($p));
@@ -103,8 +129,8 @@ if ($action == 'list' || $action == 'search') {
$err->e = $e->getMessage();
die(json_encode($err));
}
-
-} elseif($action == 'download') {
+ break;
+case 'download':
$path = $repo->get_file($file, $title);
$itemid = (int)substr(hexdec(uniqid()), 0, 9)+rand(1,100);
try {
@@ -124,15 +150,8 @@ if ($action == 'list' || $action == 'search') {
$err->e = $e->getMessage();
die(json_encode($err));
}
-} elseif ($action == 'login') {
- try {
- echo json_encode($repo->print_login());
- } catch (repository_exception $e){
- $err = new stdclass;
- $err->e = $e->getMessage();
- die(json_encode($err));
- }
-} elseif ($action == 'upload') {
+ break;
+case 'upload':
try {
echo json_encode($repo->get_listing());
} catch (repository_exception $e){
@@ -140,4 +159,5 @@ if ($action == 'list' || $action == 'search') {
$err->e = $e->getMessage();
die(json_encode($err));
}
+ break;
}
--
2.39.5