Index: openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-2-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-bootstrap-installer/installer/Attic/create-administrator-2-postgresql.xql,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-2-postgresql.xql 16 Apr 2001 05:20:10 -0000 1.1 +++ openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-2-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.2 @@ -2,9 +2,12 @@ postgresql7.1 - + -select acs_permission__grant_permission(acs__magic_object_id('security_context_root'), :user_id, 'admin') +select acs_permission__grant_permission( + acs__magic_object_id('security_context_root'), + :user_id, + 'admin') Index: openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-bootstrap-installer/installer/Attic/create-administrator-postgresql.xql,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-postgresql.xql 15 Apr 2001 23:09:55 -0000 1.1 +++ openacs-4/packages/acs-bootstrap-installer/installer/create-administrator-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.2 @@ -2,7 +2,7 @@ postgresql7.1 - + select email from cc_users limit 1 Index: openacs-4/packages/acs-tcl/tcl/apm-file-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/apm-file-procs-postgresql.xql,v diff -u -r1.3 -r1.4 --- openacs-4/packages/acs-tcl/tcl/apm-file-procs-postgresql.xql 16 Apr 2001 04:46:21 -0000 1.3 +++ openacs-4/packages/acs-tcl/tcl/apm-file-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.4 @@ -2,7 +2,7 @@ postgresql7.1 - + select apm_package_version__add_file( NULL, @@ -14,7 +14,7 @@ - + select apm_package_version__remove_file ( :path, Index: openacs-4/packages/acs-tcl/tcl/apm-install-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/apm-install-procs-postgresql.xql,v diff -u -r1.2 -r1.3 --- openacs-4/packages/acs-tcl/tcl/apm-install-procs-postgresql.xql 15 Apr 2001 23:09:55 -0000 1.2 +++ openacs-4/packages/acs-tcl/tcl/apm-install-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.3 @@ -2,7 +2,7 @@ postgresql7.1 - + select apm_package_version__version_name_greater(service_version, :dependency_version) as version_p from apm_package_dependencies d, apm_package_types a, apm_package_versions v @@ -14,13 +14,13 @@ - + SELECT apm_package_version__enable(:version_id); - + SELECT apm__register_application ( :package_key, @@ -33,7 +33,7 @@ - + SELECT apm__register_service ( :package_key, @@ -46,7 +46,7 @@ - + select version_id from apm_package_versions @@ -55,7 +55,7 @@ - + select apm_package_version__new( :version_id, @@ -73,7 +73,7 @@ - + select apm_package__new( NULL, Index: openacs-4/packages/acs-tcl/tcl/apm-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/apm-procs-postgresql.xql,v diff -u -r1.2 -r1.3 --- openacs-4/packages/acs-tcl/tcl/apm-procs-postgresql.xql 16 Apr 2001 04:46:21 -0000 1.2 +++ openacs-4/packages/acs-tcl/tcl/apm-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.3 @@ -2,7 +2,7 @@ postgresql7.1 - + select apm__register_parameter ( NULL, @@ -17,15 +17,15 @@ - + select v.package_id, p.parameter_name, coalesce(p.default_value, v.attr_value) as attr_value from apm_parameters p LEFT JOIN apm_parameter_values v using (parameter_id) where p.package_key = :package_key - + select apm_package_version__add_interface( :interface_id, @@ -36,15 +36,15 @@ - + select apm_package_version__remove_interface( :interface_id ); - + select apm_package_version__add_dependency( :dependency_id, Index: openacs-4/packages/acs-tcl/tcl/community-core-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/community-core-procs-postgresql.xql,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-tcl/tcl/community-core-procs-postgresql.xql 16 Apr 2001 05:20:10 -0000 1.1 +++ openacs-4/packages/acs-tcl/tcl/community-core-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.2 @@ -2,7 +2,7 @@ postgresql7.1 - + select acs__add_user( :user_id, Index: openacs-4/packages/acs-tcl/tcl/db-query-dispatcher-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/Attic/db-query-dispatcher-procs.tcl,v diff -u -r1.6 -r1.7 --- openacs-4/packages/acs-tcl/tcl/db-query-dispatcher-procs.tcl 16 Apr 2001 21:59:47 -0000 1.6 +++ openacs-4/packages/acs-tcl/tcl/db-query-dispatcher-procs.tcl 17 Apr 2001 22:59:51 -0000 1.7 @@ -154,17 +154,10 @@ # We do a check to see if we already have a fullname. # Since the DB procs are a bit incestuous, this might get # called more than once. DAMMIT! (ben) - if {[regexp {^acs\.} $local_name all]} { + if {![db_qd_relative_path_p $local_name]} { return $local_name } - # Test stuff (ben) - for {set i 0} {$i < 5} {incr i} { - if {[catch {ns_log Notice "QD = LEVEL $i = [info level [expr "0 - $i"]]"} errmsg]} { - break - } - } - # Get the proc name being executed. set proc_name [info level [expr "-1 - $added_stack_num"]] @@ -200,9 +193,11 @@ ns_log Notice "QD = package key is $package_key and rest is $rest" if {$real_url_p} { - set full_name "acs.${package_key}.www${rest}.${local_name}" + set full_name [db_qd_make_absolute_path "${package_key}.www${rest}." $local_name] + # set full_name "acs.${package_key}.www${rest}.${local_name}" } else { - set full_name "acs.${package_key}${rest}.${local_name}" + set full_name [db_qd_make_absolute_path "${package_key}${rest}." $local_name] + # set full_name "acs.${package_key}${rest}.${local_name}" } } else { # Let's find out where this Tcl proc is defined!! @@ -218,7 +213,7 @@ # return a bogus proc name if {![nsv_exists api_proc_doc $proc_name]} { ns_log Notice "QD: there is no documented proc with name $proc_name -- we used default SQL" - return "acs.NULL" + return [db_qd_null_path] } array set doc_elements [nsv_get api_proc_doc $proc_name] @@ -239,9 +234,11 @@ ns_log Notice "TEMP - QD: proc_name is $proc_name" ns_log Notice "TEMP - QD: local_name is $local_name" - set full_name "acs.$rest.${proc_name}.${local_name}" + # set full_name "acs.$rest.${proc_name}.${local_name}" + set full_name [db_qd_make_absolute_path "${rest}.${proc_name}." $local_name] } + ns_log Notice "QD= generated fullname of $full_name" return $full_name } @@ -332,8 +329,8 @@ ns_log Notice "QD = loaded one query - [db_fullquery_get_name $one_query]" # Relative Path for the Query - if {[string range [db_fullquery_get_name $one_query] 0 0] == "."} { - set new_name "acs.${queryname_root}[db_fullquery_get_name $one_query]" + if {[db_qd_relative_path_p [db_fullquery_get_name $one_query]]} { + set new_name [db_qd_make_absolute_path $queryname_root [db_fullquery_get_name $one_query]] set new_fullquery [db_fullquery_create \ $new_name \ @@ -423,16 +420,19 @@ # remove the prepended "/packages/" string regsub {^\/?packages\/} $relative_path {} relative_path - # remove the last component, the file name, since we're just looking for the root path - regsub {/[^/]*$} $relative_path {} relative_path + # remove the last chunk of the file name, since we're just looking for the root path + # NOTE: THIS MAY NEED BETTER ABSTRACTION, since this assumes a naming scheme + # of -rdbms.XXX (ben) + regsub {\-[^/-]*$} $relative_path {} relative_path # Change all . to : regsub -all {\.} $relative_path {:} relative_path # Change all / to . (hah, no reference to News for Nerds) regsub -all {/} $relative_path {.} relative_path - return $relative_path + # We append a "." at the end, since we want easy concatenation + return "${relative_path}." } ## @@ -568,4 +568,36 @@ ns_log Notice "QD/PARSER = RDBMS parser - $type - $version" return [db_rdbms_create $type $version] +} + + +## +## RELATIVE AND ABSOLUTE QUERY PATHS +## + +# The token that indicates the root of all queries +proc db_qd_root_path {} { + return "dbqd." +} + +proc db_qd_null_path {} { + return "[db_qd_root_path].NULL" +} + +# Check if the path is relative +proc db_qd_relative_path_p {path} { + set root_path [db_qd_root_path] + set root_path_length [string length $root_path] + + # Check if the path starts with the root + if {[string range $path 0 [expr "$root_path_length - 1"]] == $root_path} { + return 0 + } else { + return 1 + } +} + +# Make a path absolute +proc db_qd_make_absolute_path {relative_root suffix} { + return "[db_qd_root_path]${relative_root}$suffix" } \ No newline at end of file Index: openacs-4/packages/acs-tcl/tcl/defs-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/Attic/defs-procs-postgresql.xql,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-tcl/tcl/defs-procs-postgresql.xql 16 Apr 2001 05:20:10 -0000 1.1 +++ openacs-4/packages/acs-tcl/tcl/defs-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.2 @@ -2,7 +2,7 @@ postgresql7.1 - + select apm__set_value( :package_id, Index: openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 13 Mar 2001 22:59:26 -0000 1.1 +++ openacs-4/packages/acs-tcl/tcl/request-processor-procs.tcl 17 Apr 2001 22:59:51 -0000 1.2 @@ -408,7 +408,9 @@ # session-level variables such as user_id, session_id, etc. we can # call sec_handler at this point because the previous return # statements are all error-throwing cases or redirects. + # ns_log Notice "OACS= RP start" sec_handler + # ns_log Notice "OACS= RP end" ##### # Index: openacs-4/packages/acs-tcl/tcl/security-procs-postgresql.xql =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs-postgresql.xql,v diff -u -r1.2 -r1.3 --- openacs-4/packages/acs-tcl/tcl/security-procs-postgresql.xql 16 Apr 2001 04:46:21 -0000 1.2 +++ openacs-4/packages/acs-tcl/tcl/security-procs-postgresql.xql 17 Apr 2001 22:59:51 -0000 1.3 @@ -7,7 +7,7 @@ 7.1 - + insert into secret_tokens(token_id, token, timestamp) values (sec_security_token_id_seq.nextval, :random_token, now()) Index: openacs-4/packages/acs-tcl/tcl/security-procs.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/acs-tcl/tcl/security-procs.tcl,v diff -u -r1.1 -r1.2 --- openacs-4/packages/acs-tcl/tcl/security-procs.tcl 13 Mar 2001 22:59:26 -0000 1.1 +++ openacs-4/packages/acs-tcl/tcl/security-procs.tcl 17 Apr 2001 22:59:51 -0000 1.2 @@ -86,7 +86,9 @@ set new_user_id [lindex [split [ad_get_signed_cookie "ad_user_login_secure"] {,}] 0] } } + # ns_log Notice "OACS= setting up session" sec_setup_session $new_user_id + # ns_log Notice "OACS= done setting up session" } else { # The session already exists and is valid. set cookie_data [split [lindex $cookie_list 0] {,}] @@ -210,11 +212,19 @@ # figure out the session id, if we don't already have it if { [empty_string_p $session_id]} { + + # ns_log Notice "OACS= empty session_id" + set session_id [sec_allocate_session] # if we have a user on an newly allocated session, update # users table + + # ns_log Notice "OACS= newly allocated session $session_id" + if { $new_user_id != 0 } { + # ns_log Notice "OACS= about to update user session info, user_id NONZERO" sec_update_user_session_info $new_user_id + # ns_log Notice "OACS= done updating user session info, user_id NONZERO" } } else { # $session_id is an active verified session @@ -242,9 +252,13 @@ # su, set the session_id global var, and then generate the cookie ad_conn -set user_id $new_user_id ad_conn -set session_id $session_id + + # ns_log Notice "OACS= about to generate session id cookie" sec_generate_session_id_cookie + # ns_log Notice "OACS= done generating session id cookie" + if { [ad_secure_conn_p] } { # this is a secure session, so the browser needs # a cookie marking it as such @@ -403,6 +417,7 @@ ad_proc -private sec_generate_session_id_cookie {} { Sets the ad_session_id cookie based on global variables. } { set user_id [ad_conn user_id] set session_id [ad_conn session_id] + ns_log Notice "Security: [ns_time] sec_generate_session_id_cookie setting $session_id, $user_id." ns_log Debug "Security: [ns_time] sec_generate_session_id_cookie setting $session_id, $user_id." ad_set_signed_cookie -replace t -max_age [sec_session_timeout] \ "ad_session_id" "$session_id,$user_id"