~fnux/mailadmin

c71c7021f10167c996d00f0246316eb46c0307e5 — Timothée Floure 5 years ago 64e9267
Allow URL prefix
14 files changed, 95 insertions(+), 79 deletions(-)

M app.rb
M config.example.yml
R lib/{helpers.rb => session_helpers.rb}
R views/{panel/admin/aliases.html.erb => admin/aliases.html.erb}
A views/admin/aliases/edit.html.erb
R views/{panel/admin/domains.html.erb => admin/domains.html.erb}
R views/{panel/admin/domains/edit.html.erb => admin/domains/edit.html.erb}
R views/{panel/admin/index.html.erb => admin/index.html.erb}
R views/{panel/admin/users.html.erb => admin/users.html.erb}
R views/{panel/admin/users/edit.html.erb => admin/users/edit.html.erb}
M views/index.html.erb
M views/layout.html.erb
D views/panel/admin/aliases/edit.html.erb
M views/panel/index.html.erb
M app.rb => app.rb +61 -48
@@ 2,78 2,91 @@ class MailAdmin < Sinatra::Base
  register Sinatra::Reloader if CONFIG['reloader']
  register Sinatra::Namespace

  require './lib/helpers.rb'
  require './lib/session_helpers.rb'
  require './lib/models.rb'

  include SessionHelpers

  # Authorization
  before '/panel/*' do
    protected!(false)
    @user = get_session_user
    @admin = is_admin?(@user)
  # Custom redirect
  def prefix_redirect(path)
    redirect(CONFIG['prefix'] + path)
  end

  before '/panel/admin/*' do
    protected!(true)
  # View helpers
  helpers do
    def url_for(path)
      CONFIG['prefix'] + path
    end
  end

  ### Web ###
  namespace CONFIG['prefix'] do

  get '/' do
    erb :index
  end

  post '/login' do
    if check_user(params[:email], params[:password])
      session[:user] = gen_cookie(params[:email])
      redirect '/panel/'
    else
      redirect '/'
    get '/' do
      erb :index
    end
  end

  get '/logout' do
    session[:user].clear
    redirect '/'
  end
    post '/login' do
      if check_user(params[:email], params[:password])
        session[:user] = gen_cookie(params[:email])
        prefix_redirect '/panel/'
      else
        prefix_redirect '/'
      end
    end

  namespace '/panel' do
    get '/' do
      erb :'panel/index'
    get '/logout' do
      session[:user].clear
      prefix_redirect '/'
    end

    # Allow the standard user to change its password
    post '/password' do
      if params['current-password'].crypt('$6$' + CONFIG['salt']) == @user.password
        if params['new-password'] == params['new-password-confirmation']
          @user.update(:password => params['new-password'].crypt('$6$' + CONFIG['salt']))
    namespace '/panel' do
      before do 
        protected!(false)
        @user = get_session_user
        @admin = is_admin?(@user)
      end

      get '/' do
        erb :'panel/index'
      end

      # Allow the standard user to change its password
      post '/password' do
        if params['current-password'].crypt('$6$' + CONFIG['salt']) == @user.password
          if params['new-password'] == params['new-password-confirmation']
            @user.update(:password => params['new-password'].crypt('$6$' + CONFIG['salt']))
          end
        end
        prefix_redirect '/panel/'
      end
      redirect '/panel/'
    end

    namespace '/admin' do
      before do
        protected!(true)
      end

      get '/' do
        erb :'panel/admin/index'
        erb :'admin/index'
      end

      # Manage domains
      get '/domains' do
        @domains = Domain.all
        erb :'panel/admin/domains'
        erb :'admin/domains'
      end

      post '/domains/create' do
        Domain.create(
          :name => params[:name]
        )
        redirect '/panel/admin/domains'
        prefix_redirect '/admin/domains'
      end

      get '/domains/edit/:id' do
        @domain = Domain[params[:id]]
        erb :'panel/admin/domains/edit'
        erb :'admin/domains/edit'
      end

      post '/domains/edit/:id' do


@@ 82,18 95,18 @@ class MailAdmin < Sinatra::Base
          :name => params[:name],
        )

        redirect '/panel/admin/domains'
        prefix_redirect '/admin/domains'
      end

      get '/domains/destroy/:id' do
        Domain[params[:id]].destroy
        redirect '/panel/admin/domains'
        prefix_redirect '/admin/domains'
      end

      # Manage users
      get '/users' do
        @users = User.all
        erb :'panel/admin/users'
        erb :'admin/users'
      end

      post '/users/create' do


@@ 101,12 114,12 @@ class MailAdmin < Sinatra::Base
          :mail => params[:mail],
          :password => params[:password].crypt('$6$' + CONFIG['salt'])
        )
        redirect 'panel/admin/users'
        prefix_redirect '/admin/users'
      end

      get '/users/edit/:id' do
        @user = User[params[:id]]
        erb :'panel/admin/users/edit'
        erb :'admin/users/edit'
      end

      post '/users/edit/:id' do


@@ 122,18 135,18 @@ class MailAdmin < Sinatra::Base
          :password => password
        )

        redirect '/panel/admin/users'
        prefix_redirect '/admin/users'
      end

      get '/users/destroy/:id' do
        User[params[:id]].destroy
        redirect '/panel/admin/users'
        prefix_redirect '/admin/users'
      end

      # Manage aliases
      get '/aliases' do
        @aliases = Alias.all
        erb :'panel/admin/aliases'
        erb :'admin/aliases'
      end

      post '/aliases/create' do


@@ 141,12 154,12 @@ class MailAdmin < Sinatra::Base
          :source => params[:source],
          :destination => params[:destination]
        )
        redirect '/panel/admin/aliases'
        prefix_redirect '/admin/aliases'
      end

      get '/aliases/edit/:id' do
        @alias = Alias[params[:id]]
        erb :'panel/admin/aliases/edit'
        erb :'admin/aliases/edit'
      end

      post '/aliases/edit/:id' do


@@ 156,12 169,12 @@ class MailAdmin < Sinatra::Base
          :destination => params[:destination]
        )

        redirect '/panel/admin/aliases'
        prefix_redirect '/admin/aliases'
      end

      get '/aliases/destroy/:id' do
        Alias[params[:id]].destroy
        redirect '/panel/admin/aliases'
        prefix_redirect '/admin/aliases'
      end
    end
  end

M config.example.yml => config.example.yml +3 -0
@@ 1,6 1,9 @@
# Admin users, separeted by `;`
admins: admin1@lamb.da;admin2@lamb.da

# URL prefix
prefix: ""

# Session secret
secret: myawesomesecret


R lib/helpers.rb => lib/session_helpers.rb +0 -0
R views/panel/admin/aliases.html.erb => views/admin/aliases.html.erb +4 -4
@@ 1,4 1,4 @@
<h2 style="margin-top:0">Manage Aliases - <a href="/panel/admin/">Back to admin index &crarr;</a></h2>
<h2 style="margin-top:0">Manage Aliases - <a href="<%= url_for('/admin/') %>">Back to admin index &crarr;</a></h2>

<table class="full" >
  <thead>


@@ 16,8 16,8 @@
        <td><%= forward.source %></td>
        <td><%= forward.destination %></td>
        <td>
          <a href="/panel/admin/aliases/edit/<%= forward.id %>">Edit</a> /
          <a href="/panel/admin/aliases/destroy/<%= forward.id %>">Delete</a>
          <a href="<%= url_for("/admin/aliases/edit/#{forward.id}") %>">Edit</a> /
          <a href="<%= url_for("/admin/aliases/destroy/#{forward.id}") %>">Delete</a>
        </td>
      </tr>
    <% end %>


@@ 26,7 26,7 @@

<hr />

<form action="/panel/admin/aliases/create" method="post">
<form action="<%= url_for('/admin/aliases/create') %>" method="post">
  <input type="text" name="source" class="" placeholder="Source" />
  <input type="text" name="destination" class="" placeholder="Destination" />
  <button type="submit" class="">New alias &raquo;</button>

A views/admin/aliases/edit.html.erb => views/admin/aliases/edit.html.erb +7 -0
@@ 0,0 1,7 @@
<h2 style="margin-top:0">Edit user : <%= @alias.source %> - <a href="<%= url_for('/admin/aliases') %>">Back to aliases &crarr;</a></h2>

<form action="<%= url_for("/admin/aliases/edit/#{@alias.id}") %>" method="post">
  <input type="text" name="source" class="" placeholder="Source", value="<%= @alias.source %>" />
  <input type="text" name="destination" class="" placeholder="Destination", value="<%= @alias.destination %>" />
  <button type="submit" class="">Update &raquo;</button>
</form>

R views/panel/admin/domains.html.erb => views/admin/domains.html.erb +4 -4
@@ 1,4 1,4 @@
<h2 style="margin-top:0">Manage Domains - <a href="/panel/admin/">Back to admin index &crarr;</a></h2>
<h2 style="margin-top:0">Manage Domains - <a href="<%= url_for('/admin/') %>">Back to admin index &crarr;</a></h2>

<table class="full">
  <thead>


@@ 14,8 14,8 @@
        <td><%= domain.id %></td>
        <td><%= domain.name %></td>
        <td>
          <a href="/panel/admin/domains/edit/<%= domain.id %>">Edit</a> /
          <a href="/panel/admin/domains/destroy/<%= domain.id %>">Delete</a>
          <a href="<%= url_for("/admin/domains/edit/#{domain.id}") %>">Edit</a> /
            <a href="<%= url_for("/admin/domains/destroy/#{domain.id}") %>">Delete</a>
        </td>
      </tr>
    <% end %>


@@ 24,7 24,7 @@

<hr />

<form action="/panel/admin/domains/create" method="post">
<form action="<%= url_for("/admin/domains/create") %>" method="post">
  <input type="text" name="name" class="" placeholder="New domain name." />
  <button type="submit" class="">Create domain &raquo;</button>
</form>

R views/panel/admin/domains/edit.html.erb => views/admin/domains/edit.html.erb +2 -2
@@ 1,6 1,6 @@
<h2 style="margin-top:0">Edit domain : <%= @domain.name %> - <a href="/panel/admin/domains">Back to domains &crarr;</a></h2>
<h2 style="margin-top:0">Edit domain : <%= @domain.name %> - <a href="<%= url_for('/admin/domains') %>">Back to domains &crarr;</a></h2>

<form action="/panel/admin/domains/edit/<%= @domain.id %>" method="post">
<form action="<%= url_for("/admin/domains/edit/#{@domain.id}") %>" method="post">
  <input type="text" name="name" class="" placeholder="Domain name" value="<%= @domain.name %>"/>
  <button type="submit" class="">Update &raquo;</button>
</form>

R views/panel/admin/index.html.erb => views/admin/index.html.erb +2 -2
@@ 10,7 10,7 @@
    <p>You are authenticated as <i>Administrator</i>.</p>
    <p>If there is anything wrong, please contact your system administrator.</p>

    <a href="/logout" class="">Logout &raquo;</a>
    /  <a href="/panel/" class="">Back to user panel &crarr;</a>
    <a href="<%= url_for('/logout') %>" class="">Logout &raquo;</a>
    /  <a href="<%= url_for('/panel/') %>" class="">Back to user panel &crarr;</a>
  </div>
</div>

R views/panel/admin/users.html.erb => views/admin/users.html.erb +4 -4
@@ 1,4 1,4 @@
<h2 style="margin-top:0">Manage Users - <a href="/panel/admin/">Back to admin index &crarr;</a></h2>
<h2 style="margin-top:0">Manage Users - <a href="<%= url_for('/admin/') %>">Back to admin index &crarr;</a></h2>

<table class="full">
  <thead>


@@ 14,8 14,8 @@
        <td><%= user.id %></td>
        <td><%= user.mail %></td>
        <td>
          <a href="/panel/admin/users/edit/<%= user.id %>">Edit</a> /
          <a href="/panel/admin/users/destroy/<%= user.id %>">Delete</a>
          <a href="<%= url_for("/admin/users/edit/#{user.id}") %>">Edit</a> /
          <a href="<%= url_for("/admin/users/destroy/#{user.id}") %>">Delete</a>
        </td>
      </tr>
    <% end %>


@@ 24,7 24,7 @@

<hr />

<form action="/panel/admin/users/create" method="post">
<form action="<%= url_for('/admin/users/create') %>" method="post">
  <input type="text" name="mail" class="" placeholder="Email Adress" />
  <input type="password" name="password" class="" placeholder="Password" />
  <button type="submit" class="">Create User &raquo;</button>

R views/panel/admin/users/edit.html.erb => views/admin/users/edit.html.erb +2 -2
@@ 1,6 1,6 @@
<h2 style="margin-top:0">Edit user : <%= @user.mail %> - <a href="/panel/admin/users">Back to domains &crarr;</a></h2>
<h2 style="margin-top:0">Edit user : <%= @user.mail %> - <a href="<%= url_for('/admin/users') %>">Back to domains &crarr;</a></h2>

<form action="/panel/admin/users/edit/<%= @user.id %>" method="post">
<form action="<%= url_for("/admin/users/edit/#{@user.id}") %>" method="post">
  <input type="text" name="mail" class="" placeholder="Email Adress", value="<%= @user.mail %>" />
  <input type="password" name="password" class="" placeholder="Password" />
  <button type="submit" class="">Update &raquo;</button>

M views/index.html.erb => views/index.html.erb +1 -1
@@ 1,6 1,6 @@
<div class="login-container">
  <div class="login-form">
    <form action="/login" method="post">
    <form action="<%= url_for('/login') %>" method="post">
      <input type="text" name="email" class="full" placeholder="Email" />
      <input type="password" name="password" class="full" placeholder="Password" />
      <button type="submit" class="full">Login &raquo;</button>

M views/layout.html.erb => views/layout.html.erb +2 -2
@@ 3,8 3,8 @@
  <head>
    <title>Mail Administration</title>
    <meta charset="UTF-8">
    <link rel="stylesheet" href="/assets/normalize.css">
    <link rel="stylesheet" href="/assets/main.css">
    <link rel="stylesheet" href="<%= url_for('/assets/normalize.css') %>">
    <link rel="stylesheet" href="<%= url_for('/assets/main.css') %>">
  </head>
  <body>
    <div id="header">

D views/panel/admin/aliases/edit.html.erb => views/panel/admin/aliases/edit.html.erb +0 -7
@@ 1,7 0,0 @@
<h2 style="margin-top:0">Edit user : <%= @alias.source %> - <a href="/panel/admin/aliasess">Back to aliases &crarr;</a></h2>

<form action="/panel/admin/aliases/edit/<%= @alias.id %>" method="post">
  <input type="text" name="source" class="" placeholder="Source", value="<%= @alias.source %>" />
  <input type="text" name="destination" class="" placeholder="Destination", value="<%= @alias.destination %>" />
  <button type="submit" class="">Update &raquo;</button>
</form>

M views/panel/index.html.erb => views/panel/index.html.erb +3 -3
@@ 1,6 1,6 @@
<div class="panel-container">
  <div class="panel-form">
    <form action="/panel/password" method="post">
    <form action="<%= url_for('/panel/password') %>" method="post">
      <input type="password" name="current-password" class="full" placeholder="Current password" />
      <hr />
      <input type="password" name="new-password" class="full" placeholder="New password" />


@@ 11,9 11,9 @@
  <div class="panel-note">
    <p>You are authenticated as <i><%= @user.mail %></i>.</p>
    <p>If there is anything wrong, please contact your system administrator.</p>
    <a href="/logout" class="">Logout &raquo;</a>
    <a href="<%= url_for('/logout') %>" class="">Logout &raquo;</a>
    <% if @admin %>
      /  <a href="/panel/admin/" class="">Administration Panel &raquo;</a>
      /  <a href="<%= url_for('/admin/') %>" class="">Administration Panel &raquo;</a>
    <% end %>
  </div>
</div>