Mercurial Hosting > hghosting
view src/private/tools/private_users.html.luan @ 16:50a1fe272c10
more security
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Sun, 01 Oct 2023 21:36:34 -0600 |
parents | 028e74c8889d |
children |
line wrap: on
line source
local Luan = require "luan:Luan.luan" local error = Luan.error local pairs = Luan.pairs or error() local ipairs = Luan.ipairs or error() local stringify = Luan.stringify or error() local Io = require "luan:Io.luan" local Http = require "luan:http/Http.luan" local Shared = require "site:/lib/Shared.luan" local head = Shared.head or error() local header = Shared.private_header or error() local text_to_list = Shared.text_to_list or error() local config = Shared.config or error() local get_raw_config = Shared.get_raw_config or error() local save_raw_config = Shared.save_raw_config or error() local Logging = require "luan:logging/Logging.luan" local logger = Logging.logger "private_users.html" local function response(content) %> <!doctype html> <html> <head> <% head() %> <title>Mercurial Private Users</title> </head> <body> <% header() %> <div content> <h1>Private Users</h1> <%=content%> </div> </body> </html> <% end local function posted() local users = Http.request.parameters.users or error() users = text_to_list(users) if #users == 0 then return "Users cannot be empty" end for _, user in ipairs(users) do if config.users[user] == nil then return "user "..user.." is not a registered user" end end local raw_config = get_raw_config() raw_config.private = users save_raw_config(raw_config) return nil end return function() Io.stdout = Http.response.text_writer() local error_msg = "" if Http.request.method == "POST" then local error_msg = posted() if error_msg == nil then response([[<p>Private updated</p>]]) else response([[<p error>]]..error_msg..[[</p>]]) end return end %> <!doctype html> <html> <head> <% head() %> <title>Mercurial Private Users</title> </head> <body> <% header() %> <div content> <h1>Private Users</h1> <form method=post> <p> <label prompt>Users (one per line)</label> <textarea name=users> <% for user in pairs(config.private or {}) do %> <%=user%> <% end %> </textarea> <label prompt>Users who can access /private/</label> </p> <p> <input type=submit value="Update Private"> </p> </form> </div> </body> </html> <% end