Merge branch 'master' of ssh://git@git.helsinki.at:2342/rhwebimport.git

author: Peter Grassberger <petertheone@gmail.com> 2015-12-27 22:04:18 (GMT)
committer: Peter Grassberger <petertheone@gmail.com> 2015-12-27 22:04:18 (GMT)
commit: f7c5ad3a69e89a558a1f9d4375c5aaaee270e997 (patch)
tree: 6c02fb18830c7a517adbe9f1793805d767ae820a /rh-bin/musicgrid.cgi
parent: 2d4a4c039d588a26610daed552e1570b707e3e46 (diff)
parent: 5f72eb4960c9e6fb48a06fcb428ab70b742d9ace (diff)
1 files changed, 75 insertions, 21 deletions
diff --git a/rh-bin/musicgrid.cgi b/rh-bin/musicgrid.cgi
index 6e18e7e..f2bf9db 100755
--- a/rh-bin/musicgrid.cgi
+++ b/rh-bin/musicgrid.cgi
@@ -35,35 +35,89 @@ my @clocks = ();
 my $q = CGI->new;
 my $username = $q->param('LOGIN_NAME');
 my $token = $q->param('PASSWORD');
+my $cmd = $q->param('COMMAND');
 
-(my $ctx, $status, $errorstring) = RHRD::rddb::init();
-if(defined $ctx) {
-  my $result = 1;
-#  ($result, $status, $errorstring) = RHRD::rddb::check_token($ctx, $username, $token);
-  if($result == 1) {
-    # TODO: check if user is allowed to read/edit music pools
-    # TODO: dispatch command get,set
-    $responsecode = 200;
-    @clocks = RHRD::rddb::get_musicpools_clocks($ctx);
-    if(!defined $clocks[0] && defined $clocks[1]) {
+sub get_clocks
+{
+  my ($ctx) = @_;
+
+  @clocks = RHRD::rddb::get_musicpools_clocks($ctx);
+  if(!defined $clocks[0] && defined $clocks[1]) {
+    return 500, $clocks[1] . ": " . $clocks[2];
+  }
+
+  return 200, "OK";
+}
+
+sub set_clock
+{
+  my ($ctx) = @_;
+
+  my $dow = $q->param('DOW');
+  my $hour = $q->param('HOUR');
+  my $shortname = $q->param('NAME');
+
+  if(!defined $dow) {
+    return 400 ,"mandatory field DOW is missing";
+  } elsif($dow < 0 || $dow > 6) {
+    return 400 ,"DOW is out of range";
+  } elsif(!defined $hour) {
+    return 400, "mandatory field HOUR is missing";
+  } elsif($hour < 0 || $hour > 23) {
+    return 400 ,"HOUR is out of range";
+  } elsif(!defined $shortname) {
+    return 400, "mandatory field NAME is missing";
+  }
+
+  my ($result, $status, $error) = RHRD::rddb::set_musicpools_clock($ctx, $dow, $hour, $shortname);
+  if(!defined $result) {
+    return 500, $status . ": " . $error;
+  }
+
+  return 200, "OK";
+}
+
+if(!defined $username) {
+  $responsecode = 400;
+  $errorstring = "mandatory field LOGIN_NAME is missing";
+} elsif(!defined $token) {
+  $responsecode = 400;
+  $errorstring = "mandatory field PASSWORD is missing";
+} elsif(!defined $cmd) {
+  $responsecode = 400;
+  $errorstring = "mandatory field COMMAND is missing";
+} else {
+  (my $ctx, $status, $errorstring) = RHRD::rddb::init();
+  if(defined $ctx) {
+    (my $authenticated, $status, $errorstring) = RHRD::rddb::check_token($ctx, $username, $token);
+    my $authorized = RHRD::rddb::is_musicpools_user($ctx, $username);
+    if($authenticated == 1 && $authorized == 1) {
+      if($cmd eq "get") {
+        ($responsecode, $errorstring) = get_clocks($ctx);
+      }
+      elsif($cmd eq "set") {
+        ($responsecode, $errorstring) = set_clock($ctx);
+      }
+      else {
+        $responsecode = 400;
+        $errorstring = "command '$cmd' is unknown";
+      }
+    } elsif($authenticated == 0) {
+      $responsecode = 401;
+    } elsif($authorized == 0) {
+      $responsecode = 403;
+      $errorstring = "user '" . $username . "' is not allowed to access the music grid";
+    } else {
       $responsecode = 500;
-      $status = $clocks[1];
-      $errorstring = $clocks[2];
     }
-  } elsif($result == 0) {
-    $responsecode = 401;
-  } else {
-    $responsecode = 500;
+    RHRD::rddb::destroy($ctx);
   }
-  RHRD::rddb::destroy($ctx);
 }
 
-
 print "Content-type: application/xml; charset=UTF-8\n";
 print "Status: $responsecode\n\n";
 
-# TODO: dispatch command get,set
-if($responsecode != 200) {
+if($cmd eq "set" || $responsecode != 200) {
   print "<RDWebResult>\n";
   print "  <ResponseCode>" . xml_quote($responsecode) . "</ResponseCode>\n";
   print "  <ErrorString>" . xml_quote($errorstring) . "</ErrorString>\n";
@@ -72,7 +126,7 @@ if($responsecode != 200) {
   print "<grid>\n";
   for my $href (@clocks) {
     print "  <clock dow=\"" . xml_quote($href->{'DOW'}) . "\" hour=\"" . xml_quote($href->{'HOUR'}) . "\">\n";
-    print "    <name>" . xml_quote($href->{'NAME'}) . "</name>\n";
+    print "    <name>" . xml_quote($href->{'SHORTNAME'}) . "</name>\n";
     print "    <color>" . xml_quote($href->{'COLOR'}) . "</color>\n";
     print "    <title>" . xml_quote($href->{'TITLE'}) . "</title>\n";
     print "  </clock>\n";
author	Peter Grassberger <petertheone@gmail.com>	2015-12-27 22:04:18 (GMT)
committer	Peter Grassberger <petertheone@gmail.com>	2015-12-27 22:04:18 (GMT)
commit	f7c5ad3a69e89a558a1f9d4375c5aaaee270e997 (patch)
tree	6c02fb18830c7a517adbe9f1793805d767ae820a /rh-bin/musicgrid.cgi
parent	2d4a4c039d588a26610daed552e1570b707e3e46 (diff)
parent	5f72eb4960c9e6fb48a06fcb428ab70b742d9ace (diff)