i18n = require "luci.i18n"
_M.fs = fs
-authenticator = {}
-
-- Index table
local index = nil
return table.concat(url, "")
end
+function _ordered_children(node)
+ local name, child, children = nil, nil, {}
+
+ for name, child in pairs(node.nodes) do
+ children[#children+1] = {
+ name = name,
+ node = child,
+ order = child.order or 100
+ }
+ end
+
+ table.sort(children, function(a, b)
+ if a.order == b.order then
+ return a.name < b.name
+ else
+ return a.order < b.order
+ end
+ end)
+
+ return children
+end
+
function node_visible(node)
if node then
return not (
function node_childs(node)
local rv = { }
if node then
- local k, v
- for k, v in util.spairs(node.nodes,
- function(a, b)
- return (node.nodes[a].order or 100)
- < (node.nodes[b].order or 100)
- end)
- do
- if node_visible(v) then
- rv[#rv+1] = k
+ local _, child
+ for _, child in ipairs(_ordered_children(node)) do
+ if node_visible(child.node) then
+ rv[#rv+1] = child.name
end
end
end
http.status(404, "Not Found")
message = message or "Not Found"
- require("luci.template")
- if not util.copcall(luci.template.render, "error404") then
+ local function render()
+ local template = require "luci.template"
+ template.render("error404")
+ end
+
+ if not util.copcall(render) then
http.prepare_content("text/plain")
http.write(message)
end
+
return false
end
return false
end
-function authenticator.htmlauth(validator, accs, default)
- local user = http.formvalue("luci_username")
- local pass = http.formvalue("luci_password")
-
- if user and validator(user, pass) then
- return user
- end
-
- require("luci.i18n")
- require("luci.template")
- context.path = {}
- http.status(403, "Forbidden")
- luci.template.render("sysauth", {duser=default, fuser=user})
-
- return false
-
-end
-
function httpdispatch(request, prefix)
http.context.request = request
end
end
- for node in pathinfo:gmatch("[^/]+") do
+ local node
+ for node in pathinfo:gmatch("[^/%z]+") do
r[#r+1] = node
end
if (type(required_val) == "string" and
request_val ~= required_val) or
- (required_val == true and
- (request_val == nil or request_val == ""))
+ (required_val == true and request_val == nil)
then
return false
end
return true
end
+local function session_retrieve(sid, allowed_users)
+ local sdat = util.ubus("session", "get", { ubus_rpc_session = sid })
+
+ if type(sdat) == "table" and
+ type(sdat.values) == "table" and
+ type(sdat.values.token) == "string" and
+ (not allowed_users or
+ util.contains(allowed_users, sdat.values.username))
+ then
+ uci:set_session_id(sid)
+ return sid, sdat.values
+ end
+
+ return nil, nil
+end
+
+local function session_setup(user, pass, allowed_users)
+ if util.contains(allowed_users, user) then
+ local login = util.ubus("session", "login", {
+ username = user,
+ password = pass,
+ timeout = tonumber(luci.config.sauth.sessiontime)
+ })
+
+ local rp = context.requestpath
+ and table.concat(context.requestpath, "/") or ""
+
+ if type(login) == "table" and
+ type(login.ubus_rpc_session) == "string"
+ then
+ util.ubus("session", "set", {
+ ubus_rpc_session = login.ubus_rpc_session,
+ values = { token = sys.uniqueid(16) }
+ })
+
+ io.stderr:write("luci: accepted login on /%s for %s from %s\n"
+ %{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
+
+ return session_retrieve(login.ubus_rpc_session)
+ end
+
+ io.stderr:write("luci: failed login on /%s for %s from %s\n"
+ %{ rp, user, http.getenv("REMOTE_ADDR") or "?" })
+ end
+
+ return nil, nil
+end
+
function dispatch(request)
--context._disable_memtrace = require "luci.debug".trap_memtrace("l")
local ctx = context
assert(conf.main,
"/etc/config/luci seems to be corrupt, unable to find section 'main'")
+ local i18n = require "luci.i18n"
local lang = conf.main.lang or "auto"
if lang == "auto" then
local aclang = http.getenv("HTTP_ACCEPT_LANGUAGE") or ""
- for lpat in aclang:gmatch("[%w-]+") do
- lpat = lpat and lpat:gsub("-", "_")
- if conf.languages[lpat] then
- lang = lpat
+ for aclang in aclang:gmatch("[%w_-]+") do
+ local country, culture = aclang:match("^([a-z][a-z])[_-]([a-zA-Z][a-zA-Z])$")
+ if country and culture then
+ local cc = "%s_%s" %{ country, culture:lower() }
+ if conf.languages[cc] then
+ lang = cc
+ break
+ elseif conf.languages[country] then
+ lang = country
+ break
+ end
+ elseif conf.languages[aclang] then
+ lang = aclang
break
end
end
end
- require "luci.i18n".setlanguage(lang)
+ if lang == "auto" then
+ lang = i18n.default
+ end
+ i18n.setlanguage(lang)
local c = ctx.tree
local stat
ctx.requestpath = ctx.requestpath or freq
ctx.path = preq
- if track.i18n then
- i18n.loadc(track.i18n)
- end
-
-- Init template engine
if (c and c.index) or not track.notemplate then
local tpl = require("luci.template")
assert(media, "No valid theme found")
end
- local function _ifattr(cond, key, val)
+ local function _ifattr(cond, key, val, noescape)
if cond then
local env = getfenv(3)
local scope = (type(env.self) == "table") and env.self
- return string.format(
- ' %s="%s"', tostring(key),
- util.pcdata(tostring( val
- or (type(env[key]) ~= "function" and env[key])
- or (scope and type(scope[key]) ~= "function" and scope[key])
- or "" ))
- )
+ if type(val) == "table" then
+ if not next(val) then
+ return ''
+ else
+ val = util.serialize_json(val)
+ end
+ end
+
+ val = tostring(val or
+ (type(env[key]) ~= "function" and env[key]) or
+ (scope and type(scope[key]) ~= "function" and scope[key]) or "")
+
+ if noescape ~= true then
+ val = util.pcdata(val)
+ end
+
+ return string.format(' %s="%s"', tostring(key), val)
else
return ''
end
ifattr = function(...) return _ifattr(...) end;
attr = function(...) return _ifattr(true, ...) end;
url = build_url;
- }, {__index=function(table, key)
+ }, {__index=function(tbl, key)
if key == "controller" then
return build_url()
elseif key == "REQUEST_URI" then
return build_url(unpack(ctx.requestpath))
+ elseif key == "FULL_REQUEST_URI" then
+ local url = { http.getenv("SCRIPT_NAME") or "", http.getenv("PATH_INFO") }
+ local query = http.getenv("QUERY_STRING")
+ if query and #query > 0 then
+ url[#url+1] = "?"
+ url[#url+1] = query
+ end
+ return table.concat(url, "")
elseif key == "token" then
return ctx.authtoken
else
- return rawget(table, key) or _G[key]
+ return rawget(tbl, key) or _G[key]
end
end})
end
"https://github.com/openwrt/luci/issues"
)
- if track.sysauth then
- local authen = type(track.sysauth_authenticator) == "function"
- and track.sysauth_authenticator
- or authenticator[track.sysauth_authenticator]
+ if track.sysauth and not ctx.authsession then
+ local authen = track.sysauth_authenticator
+ local _, sid, sdat, default_user, allowed_users
- local def = (type(track.sysauth) == "string") and track.sysauth
- local accs = def and {track.sysauth} or track.sysauth
- local sess = ctx.authsession
- if not sess then
- sess = http.getcookie("sysauth")
- sess = sess and sess:match("^[a-f0-9]*$")
+ if type(authen) == "string" and authen ~= "htmlauth" then
+ error500("Unsupported authenticator %q configured" % authen)
+ return
end
- local sdat = (util.ubus("session", "get", { ubus_rpc_session = sess }) or { }).values
- local user, token
+ if type(track.sysauth) == "table" then
+ default_user, allowed_users = nil, track.sysauth
+ else
+ default_user, allowed_users = track.sysauth, { track.sysauth }
+ end
- if sdat then
- user = sdat.user
- token = sdat.token
+ if type(authen) == "function" then
+ _, sid = authen(sys.user.checkpasswd, allowed_users)
else
- local eu = http.getenv("HTTP_AUTH_USER")
- local ep = http.getenv("HTTP_AUTH_PASS")
- if eu and ep and sys.user.checkpasswd(eu, ep) then
- authen = function() return eu end
- end
+ sid = http.getcookie("sysauth")
end
- if not util.contains(accs, user) then
- if authen then
- local user, sess = authen(sys.user.checkpasswd, accs, def)
- local token
- if not user or not util.contains(accs, user) then
- return
- else
- if not sess then
- local sdat = util.ubus("session", "create", { timeout = tonumber(luci.config.sauth.sessiontime) })
- if sdat then
- token = sys.uniqueid(16)
- util.ubus("session", "set", {
- ubus_rpc_session = sdat.ubus_rpc_session,
- values = {
- user = user,
- token = token,
- section = sys.uniqueid(16)
- }
- })
- sess = sdat.ubus_rpc_session
- end
- end
+ sid, sdat = session_retrieve(sid, allowed_users)
- if sess and token then
- http.header("Set-Cookie", 'sysauth=%s; path=%s' %{ sess, build_url() })
+ if not (sid and sdat) and authen == "htmlauth" then
+ local user = http.getenv("HTTP_AUTH_USER")
+ local pass = http.getenv("HTTP_AUTH_PASS")
- ctx.authsession = sess
- ctx.authtoken = token
- ctx.authuser = user
+ if user == nil and pass == nil then
+ user = http.formvalue("luci_username")
+ pass = http.formvalue("luci_password")
+ end
+
+ sid, sdat = session_setup(user, pass, allowed_users)
+
+ if not sid then
+ local tmpl = require "luci.template"
+
+ context.path = {}
- http.redirect(build_url(unpack(ctx.requestpath)))
- end
- end
- else
http.status(403, "Forbidden")
+ http.header("X-LuCI-Login-Required", "yes")
+ tmpl.render(track.sysauth_template or "sysauth", {
+ duser = default_user,
+ fuser = user
+ })
+
return
end
- else
- ctx.authsession = sess
- ctx.authtoken = token
- ctx.authuser = user
+
+ http.header("Set-Cookie", 'sysauth=%s; path=%s; HttpOnly%s' %{
+ sid, build_url(), http.getenv("HTTPS") == "on" and "; secure" or ""
+ })
+ http.redirect(build_url(unpack(ctx.requestpath)))
+ end
+
+ if not sid or not sdat then
+ http.status(403, "Forbidden")
+ http.header("X-LuCI-Login-Required", "yes")
+ return
end
+
+ ctx.authsession = sid
+ ctx.authtoken = sdat.token
+ ctx.authuser = sdat.username
+ end
+
+ if track.cors and http.getenv("REQUEST_METHOD") == "OPTIONS" then
+ luci.http.status(200, "OK")
+ luci.http.header("Access-Control-Allow-Origin", http.getenv("HTTP_ORIGIN") or "*")
+ luci.http.header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+ return
end
if c and require_post_security(c.target) then
else
ok, err = util.copcall(target, unpack(args))
end
- assert(ok,
- "Failed to execute " .. (type(c.target) == "function" and "function" or c.target.type or "unknown") ..
- " dispatcher target for entry '/" .. table.concat(request, "/") .. "'.\n" ..
- "The called action terminated with an exception:\n" .. tostring(err or "(unknown)"))
+ if not ok then
+ error500("Failed to execute " .. (type(c.target) == "function" and "function" or c.target.type or "unknown") ..
+ " dispatcher target for entry '/" .. table.concat(request, "/") .. "'.\n" ..
+ "The called action terminated with an exception:\n" .. tostring(err or "(unknown)"))
+ end
else
local root = node()
if not root or not root.target then
local ctx = context
local tree = {nodes={}, inreq=true}
- local modi = {}
ctx.treecache = setmetatable({}, {__mode="v"})
ctx.tree = tree
- ctx.modifiers = modi
-
- -- Load default translation
- require "luci.i18n".loadc("base")
local scope = setmetatable({}, {__index = luci.dispatcher})
v()
end
- local function modisort(a,b)
- return modi[a].order < modi[b].order
- end
-
- for _, v in util.spairs(modi, modisort) do
- scope._NAME = v.module
- setfenv(v.func, scope)
- v.func()
- end
-
return tree
end
-function modifier(func, order)
- context.modifiers[#context.modifiers+1] = {
- func = func,
- order = order or 0,
- module
- = getfenv(2)._NAME
- }
-end
-
function assign(path, clone, title, order)
local obj = node(unpack(path))
obj.nodes = nil
return c
end
+function lookup(...)
+ local i, path = nil, {}
+ for i = 1, select('#', ...) do
+ local name, arg = nil, tostring(select(i, ...))
+ for name in arg:gmatch("[^/]+") do
+ path[#path+1] = name
+ end
+ end
+
+ for i = #path, 1, -1 do
+ local node = context.treecache[table.concat(path, ".", 1, i)]
+ if node and (i == #path or node.leaf) then
+ return node, build_url(unpack(path))
+ end
+ end
+end
+
function _create_node(path)
if #path == 0 then
return context.tree
local last = table.remove(path)
local parent = _create_node(path)
- c = {nodes={}, auto=true}
- -- the node is "in request" if the request path matches
- -- at least up to the length of the node path
- if parent.inreq and context.path[#path+1] == last then
- c.inreq = true
+ c = {nodes={}, auto=true, inreq=true}
+
+ local _, n
+ for _, n in ipairs(path) do
+ if context.path[_] ~= n then
+ c.inreq = false
+ break
+ end
end
+
+ c.inreq = c.inreq and (context.path[#path + 1] == last)
+
parent.nodes[last] = c
context.treecache[name] = c
end
+
return c
end
-- Subdispatchers --
-function _firstchild()
- local path = { unpack(context.path) }
- local name = table.concat(path, ".")
- local node = context.treecache[name]
-
- local lowest
- if node and node.nodes and next(node.nodes) then
- local k, v
- for k, v in pairs(node.nodes) do
- if not lowest or
- (v.order or 100) < (node.nodes[lowest].order or 100)
- then
- lowest = k
- end
- end
- end
+function _find_eligible_node(root, prefix, deep, types, descend)
+ local children = _ordered_children(root)
+
+ if not root.leaf and deep ~= nil then
+ local sub_path = { unpack(prefix) }
+
+ if deep == false then
+ deep = nil
+ end
+
+ local _, child
+ for _, child in ipairs(children) do
+ sub_path[#prefix+1] = child.name
+
+ local res_path = _find_eligible_node(child.node, sub_path,
+ deep, types, true)
+
+ if res_path then
+ return res_path
+ end
+ end
+ end
+
+ if descend and
+ (not types or
+ (type(root.target) == "table" and
+ util.contains(types, root.target.type)))
+ then
+ return prefix
+ end
+end
+
+function _find_node(recurse, types)
+ local path = { unpack(context.path) }
+ local name = table.concat(path, ".")
+ local node = context.treecache[name]
+
+ path = _find_eligible_node(node, path, recurse, types)
- assert(lowest ~= nil,
- "The requested node contains no childs, unable to redispatch")
+ if path then
+ dispatch(path)
+ else
+ require "luci.template".render("empty_node_placeholder")
+ end
+end
- path[#path+1] = lowest
- dispatch(path)
+function _firstchild()
+ return _find_node(false, nil)
end
function firstchild()
- return { type = "firstchild", target = _firstchild }
+ return { type = "firstchild", target = _firstchild }
+end
+
+function _firstnode()
+ return _find_node(true, { "cbi", "form", "template", "arcombine" })
+end
+
+function firstnode()
+ return { type = "firstnode", target = _firstnode }
end
function alias(...)
local state = nil
+ local i, res
for i, res in ipairs(maps) do
+ if util.instanceof(res, cbi.SimpleForm) then
+ io.stderr:write("Model %s returns SimpleForm but is dispatched via cbi(),\n"
+ % self.model)
+
+ io.stderr:write("please change %s to use the form() action instead.\n"
+ % table.concat(context.request, "/"))
+ end
+
res.flow = config
local cstate = res:parse()
if cstate and (not state or cstate < state) then
for i, res in ipairs(maps) do
res:render({
firstmap = (i == 1),
- applymap = applymap,
redirect = redirect,
messages = messages,
pageaction = pageaction,
if not config.nofooter then
tpl.render("cbi/footer", {
- flow = config,
- pageaction = pageaction,
- redirect = redirect,
- state = state,
- autoapply = config.autoapply
+ flow = config,
+ pageaction = pageaction,
+ redirect = redirect,
+ state = state,
+ autoapply = config.autoapply,
+ trigger_apply = applymap
})
end
end
function cbi(model, config)
return {
type = "cbi",
- post = { ["cbi.submit"] = "1" },
+ post = { ["cbi.submit"] = true },
config = config,
model = model,
target = _cbi
local maps = luci.cbi.load(self.model, ...)
local state = nil
+ local i, res
for i, res in ipairs(maps) do
local cstate = res:parse()
if cstate and (not state or cstate < state) then
function form(model)
return {
type = "cbi",
- post = { ["cbi.submit"] = "1" },
+ post = { ["cbi.submit"] = true },
model = model,
target = _form
}