if not self.optional or self:cfgvalue(s) or self:formcreated(s) then
scope = scope or {}
scope.section = s
-
- -- fixup size for MultiValue fields
- if instanceof(self, MultiValue) and self.widget == "select" and not self.size then
- self.size = #self.vallist
- end
Node.render(self, scope)
end
self.delimiter = " "
end
+function MultiValue.render(self, ...)
+ if self.widget == "select" and not self.size then
+ self.size = #self.vallist
+ end
+
+ AbstractValue.render(self, ...)
+end
+
function MultiValue.value(self, key, val)
val = val or key
table.insert(self.keylist, tostring(key))
user = {}
-- returns user information to a given uid
user.getuser = posix.getpasswd
+
+-- checks whether a string matches the password of a certain system user
+function user.checkpasswd(user, password)
+ local account = user.getuser(user)
+ if posix.crypt and account then
+ return (account.passwd == posix.crypt(account.passwd, password))
+ end
+end
-- Changes the user password of given user
function user.setpasswd(user, pwd)
-- Environment Table
luci.http.env = ENV
+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+ -- Dummy for Haserl
+ return true
+end
+
-- Returns the main dispatcher URL
function luci.http.dispatcher()
return luci.http.env.SCRIPT_NAME or ""
luci.http.vars = vars
end
+-- Enforces user authentification
+function luci.http.basic_auth(verify_callback, realm)
+ local user = luci.http.env.auth_user
+ local pass = luci.http.env.auth_password
+ realm = realm or ""
+
+ if not user or not verify_callback(user, pass) then
+ luci.http.status("401", "Unauthorized")
+ luci.http.header("WWW-Authenticate", string.format('Basic realm="%s"', realm))
+ return false
+ else
+ return true
+ end
+end
+
-- Returns the main dispatcher URL
function luci.http.dispatcher()
return luci.http.env.SCRIPT_NAME or ""
luci.sys.net.routes = function() return {} end
luci.sys.wifi.getiwconfig = function() return {} end
luci.sys.wifi.iwscan = function() return {} end
+
+ luci.sys.user.checkpasswd = function() return true end
end
end
return luci.http.dispatcher() .. "/" .. table.concat(arg, "/")
end
+-- Prints an error message or renders the "error401" template if available
+function error401(message)
+ message = message or "Unauthorized"
+
+ require("luci.template")
+ if not pcall(luci.template.render, "error401") then
+ luci.http.prepare_content("text/plain")
+ print(message)
+ end
+ return false
+end
+
-- Sends a 404 error code and renders the "error404" template if available
function error404(message)
luci.http.status(404, "Not Found")
end
end
+ if track.sysauth then
+ local accs = track.sysauth
+ accs = (type(accs) == "string") and {accs} or accs
+
+ local function sysauth(user, password)
+ return (luci.util.contains(accs, user)
+ and luci.sys.user.checkpasswd(user, password))
+ end
+
+ if not luci.http.basic_auth(sysauth) then
+ error401()
+ return
+ end
+ end
if track.i18n then
require("luci.i18n").loadc(track.i18n)
entry({"about"}, template("about")).i18n = "admin-core"
- local page = node("admin")
- page.target = alias("admin", "index")
- page.title = i18n("administration", "Administration")
- page.order = 10
- page.i18n = "admin-core"
+ local page = node("admin")
+ page.target = alias("admin", "index")
+ page.title = i18n("administration", "Administration")
+ page.order = 10
+ page.i18n = "admin-core"
+ page.sysauth = "root"
local page = node("admin", "index")
page.target = template("admin_index/index")
projects / project / luci.git / commitdiff