? README_KOUMBIT.txt ? openid_provider_sites_page.patch ? patches Index: openid_provider.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/openid_provider/openid_provider.inc,v retrieving revision 1.3 diff -u -u -r1.3 openid_provider.inc --- openid_provider.inc 7 Sep 2008 03:41:22 -0000 1.3 +++ openid_provider.inc 11 Mar 2009 03:28:19 -0000 @@ -131,12 +131,16 @@ } $rp = _openid_provider_rp_load($user->uid, $realm); - if ($rp->auto_release) { + switch ($rp->access) { + case OPENID_PROVIDER_DENY: + $return_to = $request['openid.return_to']; + $response = openid_provider_cancel_authentication_response($request['openid.mode']); + return openid_redirect_http($return_to, $response); + case OPENID_PROVIDER_ALLOW: $response = _openid_provider_sign($response); _openid_provider_rp_save($user->uid, $realm, TRUE); return openid_redirect_http($response['openid.return_to'], $response); - } - else { + case OPENID_PROVIDER_ASK: return drupal_get_form('openid_provider_form', $response, $realm); } } @@ -276,13 +280,13 @@ } } -function _openid_provider_rp_save($uid, $realm, $auto_release = FALSE) { +function _openid_provider_rp_save($uid, $realm, $access = OPENID_PROVIDER_ASK) { $rpid = db_result(db_query("SELECT rpid FROM {openid_provider_relying_party} WHERE uid=%d AND realm='%s'", $uid, $realm)); if ($rpid) { - db_query("UPDATE {openid_provider_relying_party} SET auto_release=%d, last_time=%d WHERE rpid=%d", $auto_release, time(), $rpid); + db_query("UPDATE {openid_provider_relying_party} SET access=%d, last_time=%d WHERE rpid=%d", $access, time(), $rpid); } else { - db_query("INSERT INTO {openid_provider_relying_party} (uid, realm, first_time, last_time, auto_release) VALUES (%d, '%s', %d, %d, %d)", $uid, $realm, time(), time(), $auto_release); + db_query("INSERT INTO {openid_provider_relying_party} (uid, realm, first_time, last_time, access) VALUES (%d, '%s', %d, %d, %d)", $uid, $realm, time(), time(), $access); } } function _openid_provider_nonce() { Index: openid_provider.install =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/openid_provider/openid_provider.install,v retrieving revision 1.2 diff -u -u -r1.2 openid_provider.install --- openid_provider.install 1 Jun 2008 03:21:41 -0000 1.2 +++ openid_provider.install 11 Mar 2009 03:28:19 -0000 @@ -80,7 +80,7 @@ 'default' => 0, 'description' => t('Timestamp of the most recent access'), ), - 'auto_release' => array( + 'access' => array( 'type' => 'int', 'not null' => TRUE, 'default' => 0, @@ -133,4 +133,11 @@ ); return $schema; -} \ No newline at end of file +} + +function openid_provider_update_6100() { + $ret = array(); + db_change_field($ret, 'openid_provider_relying_party', 'auto_release', 'access', array('type' => 'int', 'not null' => TRUE,'default' => 0)); + $ret[] = update_sql("UPDATE {openid_provider_relying_party} SET access = access + 1;"); + return $ret; +} Index: openid_provider.module =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/openid_provider/openid_provider.module,v retrieving revision 1.3 diff -u -u -r1.3 openid_provider.module --- openid_provider.module 7 Sep 2008 03:51:58 -0000 1.3 +++ openid_provider.module 11 Mar 2009 03:28:19 -0000 @@ -5,6 +5,10 @@ * OpenID 2.0 Provider implementation for Drupal. */ +define('OPENID_PROVIDER_DENY', 0); +define('OPENID_PROVIDER_ASK', 1); +define('OPENID_PROVIDER_ALLOW', 2); + /** * Implementation of hook_perm(). */ @@ -62,6 +66,14 @@ return $items; } +function openid_provider_theme($existing, $type, $theme, $path) { + return array( + 'openid_provider_sites' => array( + 'arguments' => array('form' => NULL), + ), + ); +} + /** * Implementation of hook_init() * @@ -175,19 +187,24 @@ $form['#action'] = url('openid/provider/send'); + $form['submit_always'] = array( + '#type' => 'submit', + '#value' => t('Yes; always'), + '#submit' => array('openid_provider_form_submit_always_allow') + ); $form['submit_once'] = array( '#type' => 'submit', '#value' => t('Yes; just this once'), ); - $form['submit_always'] = array( + $form['submit_deny'] = array( '#type' => 'submit', - '#value' => t('Yes; always'), - '#submit' => array('openid_provider_form_submit_always') + '#value' => t('No'), + '#submit' => array('openid_provider_form_submit_deny') ); - $form['cancel'] = array( + $form['submit_always_deny'] = array( '#type' => 'submit', - '#value' => t('Cancel'), - '#submit' => array('openid_provider_form_submit_cancel') + '#value' => t('No; always'), + '#submit' => array('openid_provider_form_submit_always_deny') ); return $form; @@ -196,28 +213,28 @@ /** * Once submit handler */ -function openid_provider_form_submit(&$form, $form_state, $auto_release = FALSE) { +function openid_provider_form_submit(&$form, $form_state, $access = OPENID_PROVIDER_ASK) { global $user; module_load_include('inc', 'openid'); module_load_include('inc', 'openid_provider'); $response = _openid_provider_sign($form_state['storage']['response']); - _openid_provider_rp_save($user->uid, $form_state['storage']['realm'], $auto_release); + _openid_provider_rp_save($user->uid, $form_state['storage']['realm'], $access); openid_redirect_http($response['openid.return_to'], $response); } /** * Always submit handler */ -function openid_provider_form_submit_always(&$form, $form_state) { - return openid_provider_form_submit($form, $form_state, TRUE); +function openid_provider_form_submit_always_allow(&$form, $form_state) { + return openid_provider_form_submit($form, $form_state, OPENID_PROVIDER_ALLOW); } /** * Cancel submit handler */ -function openid_provider_form_submit_cancel(&$form, $form_state) { +function openid_provider_form_submit_deny(&$form, $form_state) { module_load_include('inc', 'openid_provider'); module_load_include('inc', 'openid'); @@ -225,3 +242,11 @@ $response = openid_provider_cancel_authentication_response($form_state['openid.mode']); openid_redirect($return_to, $response); } + +/** + * Always submit handler + */ +function openid_provider_form_submit_deny_always(&$form, $form_state) { + _openid_provider_rp_save($user->uid, $form_state['storage']['realm'], OPENID_PROVIDER_DENY); + return openid_provider_form_submit($form, $form_state); +} Index: openid_provider.pages.inc =================================================================== RCS file: /cvs/drupal-contrib/contributions/modules/openid_provider/openid_provider.pages.inc,v retrieving revision 1.1 diff -u -u -r1.1 openid_provider.pages.inc --- openid_provider.pages.inc 13 Apr 2008 11:53:04 -0000 1.1 +++ openid_provider.pages.inc 11 Mar 2009 03:28:19 -0000 @@ -63,7 +63,7 @@ /** * Page callback for OpenID Sites form where users can configure the - * auto_release status of RP's they have logged into. + * access status of RP's they have logged into. * * @param object $account User account object for the user. */ @@ -79,26 +79,35 @@ module_load_include('inc', 'openid_provider'); - $rps = _openid_provider_rp_load($user->uid); - if (count($rps)) { - $form = array('#tree' => TRUE); - foreach ($rps as $rp) { - $form['rpid'][$rp->rpid] = array( - '#type' => 'checkbox', - '#title' => $rp->realm, - '#default_value' => $rp->auto_release, - '#description' => t('Last accessed @time', array('@time' => format_date($rp->last_time))) - ); - } + $result = pager_query("SELECT * FROM {openid_provider_relying_party} WHERE uid=%d ORDER BY last_time DESC", 50, 0, NULL, $user->uid); + + $form['description'] = array( + '#type' => 'item', + '#description' => t('Those are the sites you have used your OpenID on. Access control determines determines if you will be asked for approval when login into those sites using your OpenID. You can also completely deny access to those sites if you think they are malicious.'), + ); + + $form['submit'] = array( + '#type' => 'submit', + '#value' => t('Update'), + ); - $form['submit'] = array( - '#type' => 'submit', - '#value' => t('Save') + $access_options = array(OPENID_PROVIDER_DENY => t('Deny'), OPENID_PROVIDER_ASK => t('Ask'), OPENID_PROVIDER_ALLOW => t('Allow')); + while ($rp = db_fetch_object($result)) { + $rps[$rp->rpid] = ''; + $form['site'][$rp->rpid] = array( + '#value' => l($rp->realm, $rp->realm), + ); + $form['last_access'][$rp->rpid] = array( + '#value' => $rp->last_time, + ); + $form['access'][$rp->rpid] = array( + '#type' => 'radios', + '#options' => $access_options, + '#default_value' => $rp->access, ); } - else { - $form['none']['#value'] = t('No sites yet'); - } + $form['pager'] = array('#value' => theme('pager', NULL, 50, 0)); + $form['#theme'] = 'openid_provider_sites'; return $form; } @@ -106,8 +115,38 @@ * Form submit callback for openid_provider_sites. */ function openid_provider_sites_form_submit(&$form, &$form_state) { - foreach ($form_state['values']['rpid'] as $key => $value) { - db_query("UPDATE {openid_provider_relying_party} SET auto_release=%d WHERE rpid=%d", $value, $key); + foreach ($form_state['values'] as $key => $value) { + if (is_numeric($key)) { + db_query("UPDATE {openid_provider_relying_party} SET access=%d WHERE rpid=%d", ($value > 0), $key); + } } drupal_set_message(t('Settings saved.')); } + +/** + * Theme openid sites overview. + * + * @ingroup themeable + */ +function theme_openid_provider_sites($form) { + // If there are rows in this form, then $form['title'] contains a list of + // the title form elements. + $header = array(t('Access control'), t('Site'), t('Last access')); + foreach (element_children($form['site']) as $key) { + $row = array(); + $row[] = drupal_render($form['access'][$key]); + $row[] = drupal_render($form['site'][$key]); + $row[] = format_date(drupal_render(($form['last_access'][$key]))); + $rows[] = $row; + } + + unset($form['last_access']); + $output .= theme('table', $header, $rows); + if ($form['pager']['#value']) { + $output .= drupal_render($form['pager']); + } + + $output .= drupal_render($form); + + return $output; +}