{- This file is part of Vervis. - - Written in 2016 by fr33domlover . - - ♡ Copying is an act of love. Please copy, reuse and share. - - The author(s) have dedicated all copyright and related and neighboring - rights to this software to the public domain worldwide. This software is - distributed without any warranty. - - You should have received a copy of the CC0 Public Domain Dedication along - with this software. If not, see - . -} module Vervis.Foundation where import Prelude (init, last) import Database.Persist.Sql (ConnectionPool, runSqlPool) import Text.Hamlet (hamletFile) --import Text.Jasmine (minifym) import Yesod.Auth.HashDB (authHashDB) import Yesod.Auth.Message (AuthMessage (IdentifierNotFound)) import Yesod.Default.Util (addStaticContentExternal) import Yesod.Core.Types (Logger) import qualified Yesod.Core.Unsafe as Unsafe --import qualified Data.CaseInsensitive as CI import Data.Text as T (pack, intercalate) --import qualified Data.Text.Encoding as TE import Text.Jasmine.Local (discardm) import Vervis.Import.NoFoundation hiding (last) import Vervis.Widget (breadcrumbsW, revisionW) -- | The foundation datatype for your application. This can be a good place to -- keep settings and values requiring initialization before your application -- starts running, such as database connections. Every handler will have -- access to the data present here. data App = App { appSettings :: AppSettings , appStatic :: Static -- ^ Settings for static file serving. , appConnPool :: ConnectionPool -- ^ Database connection pool. , appHttpManager :: Manager , appLogger :: Logger } -- This is where we define all of the routes in our application. For a full -- explanation of the syntax, please see: -- http://www.yesodweb.com/book/routing-and-handlers -- -- Note that this is really half the story; in Application.hs, mkYesodDispatch -- generates the rest of the code. Please see the following documentation -- for an explanation for this split: -- http://www.yesodweb.com/book/scaffolding-and-the-site-template#scaffolding-and-the-site-template_foundation_and_application_modules -- -- This function also generates the following type synonyms: -- type Handler = HandlerT App IO -- type Widget = WidgetT App IO () mkYesodData "App" $(parseRoutesFile "config/routes") -- | A convenient synonym for creating forms. type Form a = Html -> MForm (HandlerT App IO) (FormResult a, Widget) type AppDB = YesodDB App -- Please see the documentation for the Yesod typeclass. There are a number -- of settings which can be configured by overriding methods here. instance Yesod App where -- Controls the base of generated URLs. For more information on modifying, -- see: https://github.com/yesodweb/yesod/wiki/Overriding-approot approot = ApprootRequest $ \app req -> case appRoot $ appSettings app of Nothing -> getApprootText guessApproot app req Just root -> root -- Store session data on the client in encrypted cookies, -- default session idle timeout is 120 minutes makeSessionBackend _ = -- sslOnlySessions $ Just <$> defaultClientSessionBackend 120 "config/client_session_key.aes" -- Yesod Middleware allows you to run code before and after each handler function. -- The defaultYesodMiddleware adds the response header "Vary: Accept, Accept-Language" and performs authorization checks. -- The defaultCsrfMiddleware: -- a) Sets a cookie with a CSRF token in it. -- b) Validates that incoming write requests include that token in either a header or POST parameter. -- For details, see the CSRF documentation in the Yesod.Core.Handler module of the yesod-core package. yesodMiddleware = -- defaultCsrfMiddleware . -- sslOnlyMiddleware 120 . defaultYesodMiddleware defaultLayout widget = do master <- getYesod mmsg <- getMessage mperson <- maybeAuth (title, bcs) <- breadcrumbs -- We break up the default layout into two components: -- default-layout is the contents of the body tag, and -- default-layout-wrapper is the entire page. Since the final -- value passed to hamletToRepHtml cannot be a widget, this allows -- you to use normal widget features in default-layout. pc <- widgetToPageContent $ do setTitle $ toHtml $ T.intercalate " :: " (map snd bcs) <> " :: " <> title $(widgetFile "default-layout") withUrlRenderer $(hamletFile "templates/default-layout-wrapper.hamlet") -- The page to be redirected to when authentication is required. authRoute _ = Just $ AuthR LoginR -- Who can access which pages. isAuthorized (ProjectNewR user) _ = loggedInAs user "You can’t create projects for other users" isAuthorized (RepoNewR user) _ = loggedInAs user "You can’t create repos for other users" isAuthorized (KeysR user) _ = loggedInAs user "You can’t watch keys of other users" isAuthorized (KeyR user _key) _ = loggedInAs user "You can’t watch keys of other users" isAuthorized (KeyNewR user) _ = loggedInAs user "You can’t add keys for other users" isAuthorized (RepoR shar _) True = loggedInAs shar "You can’t modify repos for other users" isAuthorized (TicketNewR _ _) _ = loggedIn isAuthorized (TicketR user _ _) True = loggedInAs user "Only project members can modify this ticket" isAuthorized (TicketEditR user _ _) _ = loggedInAs user "Only project members can modify this ticket" isAuthorized _ _ = return Authorized -- This function creates static content files in the static folder -- and names them based on a hash of their content. This allows -- expiration dates to be set far in the future without worry of -- users receiving stale content. addStaticContent ext mime content = do master <- getYesod let staticDir = appStaticDir $ appSettings master addStaticContentExternal discardm genFileName staticDir (StaticR . flip StaticRoute []) ext mime content where -- Generate a unique filename based on the content itself genFileName lbs = "autogen-" ++ base64md5 lbs -- What messages should be logged. The following includes all messages when -- in development, and warnings and errors in production. shouldLog app _source level = appShouldLogAll (appSettings app) || level == LevelWarn || level == LevelError makeLogger = return . appLogger -- How to run database actions. instance YesodPersist App where type YesodPersistBackend App = SqlBackend runDB action = do master <- getYesod runSqlPool action $ appConnPool master instance YesodPersistRunner App where getDBRunner = defaultGetDBRunner appConnPool instance YesodAuth App where type AuthId App = PersonId -- Where to send a user after successful login loginDest _ = HomeR -- Where to send a user after logout logoutDest _ = HomeR -- Override the above two destinations when a Referer: header is present redirectToReferer _ = True authenticate creds = do let ident = credsIdent creds mpid <- runDB $ getBy $ UniquePersonLogin $ credsIdent creds return $ case mpid of Nothing -> UserError $ IdentifierNotFound ident Just (Entity pid _) -> Authenticated pid {-ps <- select $ from $ \ (sharer, person) -> do where_ $ sharer ^. SharerIdent ==. val ident &&. sharer ^. SharerId ==. person ^. PersonIdent return (person ^. PersonId, person ^. PersonHash)-} {-case x of Just (Entity uid _) -> return $ Authenticated uid Nothing -> Authenticated <$> insert User { userIdent = credsIdent creds , userPassword = Nothing }-} {-return $ case ps of [] -> UserError $ IdentifierNotFound ident [(pid, phash)] -> _ -> ServerError "Data model error, non-unique ident" -} -- You can add other plugins like BrowserID, email or OAuth here authPlugins _ = [authHashDB $ Just . UniquePersonLogin] authHttpManager = getHttpManager instance YesodAuthPersist App -- This instance is required to use forms. You can modify renderMessage to -- achieve customized and internationalized form validation messages. instance RenderMessage App FormMessage where renderMessage _ _ = defaultFormMessage -- Useful when writing code that is re-usable outside of the Handler context. -- An example is background jobs that send email. -- This can also be useful for writing code that works across multiple Yesod -- applications. instance HasHttpManager App where getHttpManager = appHttpManager unsafeHandler :: App -> Handler a -> IO a unsafeHandler = Unsafe.fakeHandlerGetLogger appLogger -- Note: Some functionality previously present in the scaffolding has been -- moved to documentation in the Wiki. Following are some hopefully helpful -- links: -- -- https://github.com/yesodweb/yesod/wiki/Sending-email -- https://github.com/yesodweb/yesod/wiki/Serve-static-files-from-a-separate-domain -- https://github.com/yesodweb/yesod/wiki/i18n-messages-in-the-scaffolding loggedIn :: Handler AuthResult loggedIn = do mpid <- maybeAuthId case mpid of Nothing -> return AuthenticationRequired Just _pid -> return Authorized loggedInAs :: Text -> Text -> Handler AuthResult loggedInAs ident msg = do mp <- maybeAuth case mp of Nothing -> return AuthenticationRequired Just (Entity _pid person) -> do let sid = personIdent person msharer <- runDB $ get sid case msharer of Nothing -> return $ Unauthorized $ "Integrity error: User " <> personLogin person <> " specified a nonexistent sharer ID" Just sharer -> if ident == sharerIdent sharer then return Authorized else return $ Unauthorized msg instance YesodBreadcrumbs App where breadcrumb route = return $ case route of HomeR -> ("Home", Nothing) PeopleR -> ("People", Just HomeR) PersonNewR -> ("New", Just PeopleR) PersonR shar -> (shar, Just PeopleR) KeysR shar -> ("Keys", Just $ PersonR shar) KeyNewR shar -> ("New", Just $ KeysR shar) KeyR shar key -> (key, Just $ KeysR shar) ReposR shar -> ("Repos", Just $ PersonR shar) RepoNewR shar -> ("New", Just $ ReposR shar) RepoR shar repo -> (repo, Just $ ReposR shar) RepoSourceR shar repo [] -> ("Files", Just $ RepoR shar repo) RepoSourceR shar repo refdir -> ( last refdir , Just $ RepoSourceR shar repo $ init refdir ) RepoHeadChangesR shar repo -> ("Changes", Just $ RepoR shar repo) RepoChangesR shar repo ref -> ( ref , Just $ RepoHeadChangesR shar repo ) ProjectsR shar -> ("Projects", Just $ PersonR shar) ProjectNewR shar -> ("New", Just $ ProjectsR shar) ProjectR shar proj -> (proj, Just $ ProjectsR shar) TicketsR shar proj -> ( "Tickets" , Just $ ProjectR shar proj ) TicketNewR shar proj -> ("New", Just $ TicketsR shar proj) TicketR shar proj num -> ( T.pack $ '#' : show num , Just $ TicketsR shar proj ) TicketEditR shar proj num -> ( "Edit" , Just $ TicketR shar proj num ) _ -> ("", Nothing)