Monotone-Parent: 47b9620ce14470cae0697918adc94344f3f07b0e

Monotone-Revision: b4d23e0ff0b98727a952a0a09a9cb7e312f3562a Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2008-08-26T17:42:03 Monotone-Branch: ca.inverse.sogo
2008-08-26 17:42:03 +00:00 · 2008-08-26 17:42:03 +00:00 · 5876989e1d
parent 0227fd120e
commit 5876989e1d
8 changed files with 148 additions and 154 deletions
--- a/11
+++ b/11
@ -1,5 +1,16 @@
 2008-08-26  Wolfgang Sourdeau  <wsourdeau@inverse.ca>

+	* UI/MainUI/SOGoRootPage.m ([SOGoRootPage -setUserName:_value])
+	([SOGoRootPage -userName]): removed accessors, since the
+	corresponding ivar is not used and was removed too.
+
+	* UI/SOGoUI/UIxComponent.m ([-shortUserNameForDisplay]): no longer
+	make use of the "wrongusernamepassword" hack.
+
+	* UI/MainUI/SOGoRootPage.m ([SOGoRootPage -connectAction]): return
+	HTTP code 403 if the username and the password passed in the
+	request are not valid.
+
 	* SoObjects/SOGo/SOGoUserFolder.m ([SOGoUserFolder
 	-lookupName:_keyinContext:_ctxacquire:_flag]): whenever a user has
 	no access to the specified module, a response with code 403 and
--- a/UI/MainUI/SOGoRootPage.h
+++ b/UI/MainUI/SOGoRootPage.h
@ -26,9 +26,6 @@
 #import <UI/SOGoUI/UIxComponent.h>

@interface SOGoRootPage : UIxComponent
-{
-  NSString *userName;
-}

@end

--- a/UI/MainUI/SOGoRootPage.m
+++ b/UI/MainUI/SOGoRootPage.m
@ -46,24 +46,8 @@

@implementation SOGoRootPage

- (void) dealloc
-{
-  [userName release];
-  [super dealloc];
-}
-
 /* accessors */

- (void) setUserName: (NSString *) _value
-{
-  ASSIGNCOPY (userName, _value);
-}
-
- (NSString *) userName
-{
-  return userName;
-}
-
 - (NSString *) connectURL
 {
  return [NSString stringWithFormat: @"%@connect", [self applicationPath]];
@ -77,20 +61,27 @@
  WOCookie *authCookie;
  SOGoWebAuthenticator *auth;
  NSString *cookieValue, *cookieString;
+  NSString *userName, *password;

  auth = [[WOApplication application]
 	   authenticatorInContext: context];
  request = [context request];
-  response = [self responseWith204];
-  cookieString = [NSString stringWithFormat: @"%@:%@",
-			   [request formValueForKey: @"userName"],
-			   [request formValueForKey: @"password"]];
-  cookieValue = [NSString stringWithFormat: @"basic %@",
-			  [cookieString stringByEncodingBase64]];
-  authCookie = [WOCookie cookieWithName: [auth cookieNameInContext: context]
-			 value: cookieValue];
-  [authCookie setPath: @"/"];
-  [response addCookie: authCookie];
+  userName = [request formValueForKey: @"userName"];
+  password = [request formValueForKey: @"password"];
+  if ([auth checkLogin: userName password: password])
+    {
+      response = [self responseWith204];
+      cookieString = [NSString stringWithFormat: @"%@:%@",
+			       userName, password];
+      cookieValue = [NSString stringWithFormat: @"basic %@",
+			      [cookieString stringByEncodingBase64]];
+      authCookie = [WOCookie cookieWithName: [auth cookieNameInContext: context]
+			     value: cookieValue];
+      [authCookie setPath: @"/"];
+      [response addCookie: authCookie];
+    }
+  else
+    response = [self responseWithStatus: 403];

  return response;
 }
--- a/UI/SOGoUI/UIxComponent.m
+++ b/UI/SOGoUI/UIxComponent.m
@ -446,9 +446,6 @@ static BOOL uixDebugEnabled = NO;

 - (NSString *) shortUserNameForDisplay
 {
-  if ([context activeUser] == nil)
-    return @"wrongusernamepassword";
-
  return [[context activeUser] login];
 }

--- a/UI/Templates/MainUI/SOGoRootPage.wox
+++ b/UI/Templates/MainUI/SOGoRootPage.wox
@ -7,6 +7,7 @@
  xmlns:const="http://www.skyrix.com/od/constant"
  xmlns:rsrc="OGo:url"
  xmlns:label="OGo:label"
+  const:popup="YES"
  ><var:string var:value="doctype" const:escapeHTML="NO"/>
  <form id="connectForm" var:href="connectURL">
    <div id="loginScreen">
@ -14,9 +15,8 @@
 	 type="text/javascript">var loginSuffix = '<var:string value="loginSuffix"/>';</script
 	></var:if>
      <img const:alt="*" id="splash" rsrc:src="lori-login.jpg"/><br/><br/>
-      <var:if condition="shortUserNameForDisplay" const:value="wrongusernamepassword"
-      ><p class="error"><var:string label:value="Wrong username or password."/></p>
-      </var:if><label><var:string label:value="Username:"/><br/>
+      <p id="loginErrorMessage"><var:string label:value="Wrong username or password."/></p>
+      <label><var:string label:value="Username:"/><br/>
 	<input class="textField" id="userName" name="userName"
 	  type="text" var:value="userName" /></label><br/>
      <label><var:string label:value="Password:"/><br/>
--- a/UI/Templates/UIxPageFrame.wox
+++ b/UI/Templates/UIxPageFrame.wox
@ -41,65 +41,58 @@

      <body var:class="bodyClasses"
 	><var:if condition="isCompatibleBrowser"
-	  >
-	  <var:if condition="shortUserNameForDisplay" const:value="anonymous"
-	    const:negate="YES"
-	    ><var:if condition="shortUserNameForDisplay"
-	      const:value="wrongusernamepassword"
-	      const:negate="YES"
-	      ><var:if condition="isPopup" const:negate="YES"
-		><var:if condition="context.isUIxDebugEnabled"
-		  ><div id="logConsole"><!-- space --></div></var:if>
-		<div id="linkBanner" class="linkbanner">
-		  <a id="logoff" var:href="logoffPath"
-		    ><var:string label:value="Disconnect" /></a>
-		  <var:if condition="userHasCalendarAccess">
-		    <var:if condition="isCalendar">
-		      <span class="active"><var:string label:value="Calendar"
-			  /></span>
-		    </var:if>
-		    <var:if condition="isCalendar" const:negate="YES">
-		      <a id="calendarBannerLink"
-			var:href="relativeCalendarPath"
-			><var:string label:value="Calendar" /></a>
-		    </var:if>
-		    |
+	  ><var:if condition="isPopup" const:negate="YES"
+	    ><var:if condition="context.isUIxDebugEnabled"
+	      ><div id="logConsole"><!-- space --></div></var:if>
+	    <div id="linkBanner" class="linkbanner">
+	      <a id="logoff" var:href="logoffPath"
+		><var:string label:value="Disconnect" /></a>
+	      <var:if condition="userHasCalendarAccess">
+		<var:if condition="isCalendar">
+		  <span class="active"><var:string label:value="Calendar"
+		      /></span>
 		  </var:if>
-		  <var:if condition="isContacts">
-		    <span class="active"><var:string label:value="Address Book"
-			/></span>
-		  </var:if>
-		  <var:if condition="isContacts" const:negate="YES">
-		    <a id="contactsBannerLink"
-		      var:href="relativeContactsPath"
-		      ><var:string label:value="Address Book" /></a>
-		  </var:if>
-		  |
-		  <var:if condition="userHasMailAccess">
-		    <var:if condition="isMail">
-		      <span class="active"><var:string label:value="Mail"
-			  /></span>
-		    </var:if>
-		    <var:if condition="isMail" const:negate="YES">
-		      <a id="mailBannerLink" var:href="relativeMailPath"
-			><var:string label:value="Mail" /></a>
-		    </var:if>
-		      |
-		  </var:if>
-		  <a id="preferencesBannerLink"
-		    var:href="relativePreferencesPath"
-		    ><var:string label:value="Preferences" /></a>
-		  <var:if condition="context.isUIxDebugEnabled"
-		    >| <a id="consoleBannerLink"
-		      href="#"><var:string
-			label:value="Log Console (dev.)" /></a
-		      ></var:if>
-		</div>
-	      </var:if
-		><var:component className="UIxToolbar" var:toolbar="toolbar"
-		/>
-	    </var:if></var:if>
-	  
+		<var:if condition="isCalendar" const:negate="YES">
+		  <a id="calendarBannerLink"
+		    var:href="relativeCalendarPath"
+		    ><var:string label:value="Calendar" /></a>
+		</var:if>
+		|
+	      </var:if>
+	      <var:if condition="isContacts">
+		<span class="active"><var:string label:value="Address Book"
+		    /></span>
+	      </var:if>
+	      <var:if condition="isContacts" const:negate="YES">
+		<a id="contactsBannerLink"
+		  var:href="relativeContactsPath"
+		  ><var:string label:value="Address Book" /></a>
+	      </var:if>
+	      |
+	      <var:if condition="userHasMailAccess">
+		<var:if condition="isMail">
+		    <span class="active"><var:string label:value="Mail"
+		      /></span>
+		</var:if>
+		<var:if condition="isMail" const:negate="YES">
+		  <a id="mailBannerLink" var:href="relativeMailPath"
+		    ><var:string label:value="Mail" /></a>
+		</var:if>
+		|
+	      </var:if>
+	      <a id="preferencesBannerLink"
+		var:href="relativePreferencesPath"
+		><var:string label:value="Preferences" /></a>
+	      <var:if condition="context.isUIxDebugEnabled"
+		>| <a id="consoleBannerLink"
+		  href="#"><var:string
+		    label:value="Log Console (dev.)" /></a
+		  ></var:if>
+	    </div>
+	  </var:if
+	    ><var:component className="UIxToolbar" var:toolbar="toolbar"
+	    />
+
 	  <div id="pageContent"><var:component-content/></div>

 	  <div id="javascriptSafetyNet"><!-- space --></div>
--- a/UI/WebServerResources/SOGoRootPage.css
+++ b/UI/WebServerResources/SOGoRootPage.css
@ -48,8 +48,9 @@ DIV#loginButton IMG#progressIndicator
  margin-top: 5px;
  margin-left: 5px; }

-P.error
-{ color: #f00;
+#loginErrorMessage
+{ display: none;
+  color: #f00;
  text-align: center; }

 P.browser
--- a/UI/WebServerResources/SOGoRootPage.js
+++ b/UI/WebServerResources/SOGoRootPage.js
@ -1,76 +1,80 @@
 function initLogin() {
-  var date = new Date();
-  date.setTime(date.getTime() - 86400000);
-  document.cookie = ("0xHIGHFLYxSOGo-0.9=discard; path=/"
-		     + "; expires=" + date.toGMTString());
-  var submit = $("submit");
-  submit.observe("click", onLoginClick);
+    var date = new Date();
+    date.setTime(date.getTime() - 86400000);
+    document.cookie = ("0xHIGHFLYxSOGo-0.9=discard; path=/"
+                       + "; expires=" + date.toGMTString());
+    var submit = $("submit");
+    submit.observe("click", onLoginClick);

-  var userName = $("userName");
-  userName.focus();
+    var userName = $("userName");
+    userName.focus();

-  var image = $("preparedAnimation");
-  image.parentNode.removeChild(image);
+    var image = $("preparedAnimation");
+    image.parentNode.removeChild(image);
 }

 function onLoginClick(event) {
-  var userNameField = $("userName");
-  var userName = userNameField.value;
-  var password = $("password").value;
+    var userNameField = $("userName");
+    var userName = userNameField.value;
+    var password = $("password").value;

-  if (userName.length > 0) {
-    startAnimation($("loginButton"), $("submit"));
+    if (userName.length > 0) {
+        startAnimation($("loginButton"), $("submit"));

-    if (typeof(loginSuffix) != "undefined"
-	&& loginSuffix.length > 0
-	&& !userName.endsWith(loginSuffix))
-      userName += loginSuffix;
-    var url = $("connectForm").getAttribute("action");
-    var parameters = ("userName=" + encodeURI(userName) + "&password=" + encodeURI(password));
-    document.cookie = "";
-    triggerAjaxRequest(url, onLoginCallback, null, parameters,
-		       { "Content-type": "application/x-www-form-urlencoded",
-			 "Content-length": parameters.length,
-			 "Connection": "close" });
-  }
-  else
-    userNameField.focus();
+        if (typeof(loginSuffix) != "undefined"
+            && loginSuffix.length > 0
+            && !userName.endsWith(loginSuffix))
+            userName += loginSuffix;
+        var url = $("connectForm").getAttribute("action");
+        var parameters = ("userName=" + encodeURI(userName) + "&password=" + encodeURI(password));
+        document.cookie = "";
+        triggerAjaxRequest(url, onLoginCallback, null, parameters,
+                           { "Content-type": "application/x-www-form-urlencoded",
+                                   "Content-length": parameters.length,
+                                   "Connection": "close" });
+    }
+    else
+        userNameField.focus();

-  preventDefault(event);
+    preventDefault(event);
 }

 function onLoginCallback(http) {
-  if (http.readyState == 4) {
-    if (isHttpStatus204(http.status)) {
-      var userName = $("userName").value;
-      if (typeof(loginSuffix) != "undefined"
-          && loginSuffix.length > 0
-          && !userName.endsWith(loginSuffix))
-        userName += loginSuffix;
-      var address = "" + window.location.href;
-      var baseAddress = ApplicationBaseURL + encodeURI(userName);
-      var altBaseAddress;
-      if (baseAddress[0] == "/") {
-        var parts = address.split("/");
-        var hostpart = parts[2];
-        var protocol = parts[0];
-        baseAddress = protocol + "//" + hostpart + baseAddress;
-      }
-      var altBaseAddress;
-      var parts = baseAddress.split("/");
-      parts.splice(3, 0);
-      altBaseAddress = parts.join("/");
+    if (http.readyState == 4) {
+        if (isHttpStatus204(http.status)) {
+            var userName = $("userName").value;
+            if (typeof(loginSuffix) != "undefined"
+                && loginSuffix.length > 0
+                && !userName.endsWith(loginSuffix))
+                userName += loginSuffix;
+            var address = "" + window.location.href;
+            var baseAddress = ApplicationBaseURL + encodeURI(userName);
+            var altBaseAddress;
+            if (baseAddress[0] == "/") {
+                var parts = address.split("/");
+                var hostpart = parts[2];
+                var protocol = parts[0];
+                baseAddress = protocol + "//" + hostpart + baseAddress;
+            }
+            var altBaseAddress;
+            var parts = baseAddress.split("/");
+            parts.splice(3, 0);
+            altBaseAddress = parts.join("/");

-      var newAddress;
-      if ((address.startsWith(baseAddress)
-           || address.startsWith(altBaseAddress))
-          && !address.endsWith("/logoff"))
-        newAddress = address;
-      else
-        newAddress = baseAddress;
-      window.location.href = newAddress;
+            var newAddress;
+            if ((address.startsWith(baseAddress)
+                 || address.startsWith(altBaseAddress))
+                && !address.endsWith("/logoff"))
+                newAddress = address;
+            else
+                newAddress = baseAddress;
+            window.location.href = newAddress;
+        }
+        else {
+            var message = $("loginErrorMessage");
+            message.setStyle({ display: "block" });
+        }
    }
-  }
 }

 FastInit.addOnLoad(initLogin);