Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
B
belenios
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
1
Issues
1
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Incidents
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
belenios
belenios
Commits
40c11088
Commit
40c11088
authored
Jan 20, 2016
by
Stephane Glondu
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allow only one submission of public credentials
parent
b71d90c6
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
34 additions
and
22 deletions
+34
-22
src/web/web_common.ml
src/web/web_common.ml
+1
-1
src/web/web_common.mli
src/web/web_common.mli
+1
-1
src/web/web_site.ml
src/web/web_site.ml
+7
-2
src/web/web_templates.ml
src/web/web_templates.ml
+25
-18
No files found.
src/web/web_common.ml
View file @
40c11088
...
...
@@ -203,7 +203,6 @@ let uuid =
type
setup_voter
=
{
sv_id
:
string
;
mutable
sv_credential
:
bool
;
mutable
sv_password
:
bool
;
}
...
...
@@ -215,6 +214,7 @@ type setup_election = {
mutable
se_public_keys
:
(
string
*
string
ref
)
list
;
mutable
se_metadata
:
metadata
;
mutable
se_public_creds
:
string
;
mutable
se_public_creds_received
:
bool
;
}
let
b58_digits
=
"123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
...
...
src/web/web_common.mli
View file @
40c11088
...
...
@@ -98,7 +98,6 @@ val uuid :
type
setup_voter
=
{
sv_id
:
string
;
mutable
sv_credential
:
bool
;
mutable
sv_password
:
bool
;
}
...
...
@@ -110,6 +109,7 @@ type setup_election = {
mutable
se_public_keys
:
(
string
*
string
ref
)
list
;
mutable
se_metadata
:
metadata
;
mutable
se_public_creds
:
string
;
mutable
se_public_creds_received
:
bool
;
}
val
generate_token
:
unit
->
string
Lwt
.
t
...
...
src/web/web_site.ml
View file @
40c11088
...
...
@@ -361,6 +361,7 @@ let create_new_election owner cred auth =
se_public_keys
=
[]
;
se_metadata
;
se_public_creds
=
token
;
se_public_creds_received
=
false
;
}
in
lwt
()
=
Ocsipersist
.
add
election_stable
uuid_s
se
in
lwt
()
=
Ocsipersist
.
add
election_credtokens
token
uuid_s
in
...
...
@@ -650,7 +651,7 @@ let () =
with
Not_found
->
()
in
se
.
se_voters
<-
se
.
se_voters
@
List
.
map
(
fun
sv_id
->
{
sv_id
;
sv_
credential
=
false
;
sv_
password
=
false
}
{
sv_id
;
sv_password
=
false
}
)
xs
;
return
(
redir_preapply
election_setup_voters
uuid
)))
...
...
@@ -734,6 +735,7 @@ let wrap_handler f =
let
handle_credentials_post
token
creds
=
lwt
uuid
=
Ocsipersist
.
find
election_credtokens
token
in
lwt
se
=
Ocsipersist
.
find
election_stable
uuid
in
if
se
.
se_public_creds_received
then
forbidden
()
else
let
module
G
=
(
val
Group
.
of_string
se
.
se_group
:
GROUP
)
in
let
fname
=
!
spool_dir
/
uuid
^
".public_creds.txt"
in
Lwt_mutex
.
with_lock
...
...
@@ -757,6 +759,8 @@ let handle_credentials_post token creds =
(
Lwt_io
.
lines_of_file
fname
)
in
let
()
=
se
.
se_metadata
<-
{
se
.
se_metadata
with
e_cred_authority
=
None
}
in
let
()
=
se
.
se_public_creds_received
<-
true
in
Ocsipersist
.
add
election_stable
uuid
se
>>
T
.
generic_page
~
title
:
"Success"
"Credentials have been received and checked!"
()
>>=
Html5
.
send
...
...
@@ -843,6 +847,7 @@ let () =
Any
.
register
~
service
:
election_setup_credentials_server
(
handle_setup
(
fun
se
()
_
uuid
->
if
se
.
se_public_creds_received
then
forbidden
()
else
let
()
=
se
.
se_metadata
<-
{
se
.
se_metadata
with
e_cred_authority
=
Some
"server"
}
in
...
...
@@ -868,7 +873,6 @@ let () =
let
body
=
Printf
.
sprintf
template_credential
title
login
cred
url
in
let
subject
=
"Your credential for election "
^
title
in
lwt
()
=
send_email
"noreply@belenios.org"
email
subject
body
in
v
.
sv_credential
<-
true
;
return
@@
S
.
add
pub_cred
accu
)
S
.
empty
se
.
se_voters
in
...
...
@@ -881,6 +885,7 @@ let () =
(
fun
oc
->
Lwt_list
.
iter_s
(
Lwt_io
.
write_line
oc
)
creds
)
in
se
.
se_public_creds_received
<-
true
;
return
(
fun
()
->
T
.
generic_page
~
title
:
"Success"
"Credentials have been generated and mailed!"
()
>>=
Html5
.
send
)))
...
...
src/web/web_templates.ml
View file @
40c11088
...
...
@@ -438,15 +438,21 @@ let election_setup uuid se () =
let
div_credentials
=
div
[
h2
[
pcdata
"Credentials"
];
if
has_credentials
then
(
post_form
~
service
:
election_setup_credentials_server
(
fun
()
->
[
string_input
~
input_type
:
`Submit
~
value
:
"Generate on server"
()
]
)
uuid
)
else
(
if
se
.
se_public_creds_received
then
(
div
[
a
~
service
:
election_setup_credential_authority
[
pcdata
"Credential management"
]
uuid
;
pcdata
"Credentials have already been generated!"
]
)
else
(
if
has_credentials
then
(
post_form
~
service
:
election_setup_credentials_server
(
fun
()
->
[
string_input
~
input_type
:
`Submit
~
value
:
"Generate on server"
()
]
)
uuid
)
else
(
div
[
a
~
service
:
election_setup_credential_authority
[
pcdata
"Credential management"
]
uuid
;
]
)
)
]
in
...
...
@@ -608,10 +614,6 @@ let election_setup_voters uuid se () =
]
)
uuid
in
let
has_credentials
=
match
se
.
se_metadata
.
e_cred_authority
with
|
None
->
false
|
Some
_
->
true
in
let
has_passwords
=
match
se
.
se_metadata
.
e_auth_config
with
|
Some
[{
auth_system
=
"password"
;
_
}]
->
true
|
_
->
false
...
...
@@ -621,7 +623,6 @@ let election_setup_voters uuid se () =
List
.
map
(
fun
v
->
tr
(
[
td
[
pcdata
v
.
sv_id
]]
@
(
if
has_credentials
then
[
td
[
pcdata
(
to_string
v
.
sv_credential
)]]
else
[]
)
@
(
if
has_passwords
then
[
td
[
pcdata
(
to_string
v
.
sv_password
)]]
else
[]
)
@
[
td
[
mk_remove_button
v
.
sv_id
]]
)
...
...
@@ -634,7 +635,6 @@ let election_setup_voters uuid se () =
table
(
tr
(
[
th
[
pcdata
"Identity"
]]
@
(
if
has_credentials
then
[
th
[
pcdata
"Credential"
]]
else
[]
)
@
(
if
has_passwords
then
[
th
[
pcdata
"Password"
]]
else
[]
)
@
[
th
[
pcdata
"Remove"
]]
))
...
...
@@ -725,11 +725,18 @@ let election_setup_credentials token uuid se () =
]
in
let
div_textarea
=
div
[
group
;
voters
;
interactivity
;
form_textarea
;
disclaimer
]
in
let
content
=
[
div_download
;
div_textarea
;
form_file
;
]
in
let
content
=
if
se
.
se_public_creds_received
then
(
[
div
[
pcdata
"Credentials have already been generated!"
];
]
)
else
(
[
div_download
;
div_textarea
;
form_file
;
]
)
in
let
login_box
=
pcdata
""
in
base
~
title
~
login_box
~
content
()
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment