X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/mfinanz.git/blobdiff_plain/8084ef359515031ec8429b49baf0ab09858f55d2..ecb08b787b2d44e2158c4b0f47d3989bbfe11429:/SL/Controller/Base.pm diff --git a/SL/Controller/Base.pm b/SL/Controller/Base.pm index 42bf6bd6e..f99b1e722 100644 --- a/SL/Controller/Base.pm +++ b/SL/Controller/Base.pm @@ -7,6 +7,8 @@ use parent qw(Rose::Object); use Carp; use IO::File; use List::Util qw(first); +use SL::Request qw(flatten); +use SL::MoreCommon qw(uri_encode); # # public/helper functions @@ -19,18 +21,32 @@ sub url_for { my %params = ref($_[0]) eq 'HASH' ? %{ $_[0] } : @_; my $controller = delete($params{controller}) || $self->_controller_name; - my $action = delete($params{action}) || 'dispatch'; - $params{action} = "${controller}/${action}"; - my $query = join('&', map { $::form->escape($_) . '=' . $::form->escape($params{$_}) } keys %params); + my $action = $params{action} || 'dispatch'; - return "controller.pl?${query}"; + my $script; + if ($controller =~ m/\.pl$/) { + # Old-style controller + $script = $controller; + } else { + $params{action} = "${controller}/${action}"; + $script = "controller.pl"; + } + + my $query = join '&', map { uri_encode($_->[0]) . '=' . uri_encode($_->[1]) } @{ flatten(\%params) }; + + return "${script}?${query}"; } sub redirect_to { my $self = shift; my $url = $self->url_for(@_); - print $::cgi->redirect($url); + if ($self->delay_flash_on_redirect) { + require SL::Helper::Flash; + SL::Helper::Flash::delay_flash(); + } + + print $::request->{cgi}->redirect($url); } sub render { @@ -152,6 +168,23 @@ sub _run_hooks { } } +# +# behaviour. override these +# + +sub delay_flash_on_redirect { + 0; +} + +sub get_auth_level { + # Ignore the 'action' parameter. + return 'user'; +} + +sub keep_auth_vars_in_form { + return 0; +} + # # private functions -- for use in Base only # @@ -329,7 +362,7 @@ containing the template code to interprete. Additionally the output will not be sent to the browser. Instead it is only returned to the caller. -If C<< $options->{raw}>> is trueish, the function will treat the input as +If C<< $options->{raw} >> is trueish, the function will treat the input as already parsed, and will not filter the input through Template. Unlike C, the input is taked as a reference. @@ -482,6 +515,28 @@ action. The hook's return values are discarded. +=item C + +May be overridden by a controller. If this method returns true, redirect_to +will delay all flash messages for the current request. Defaults to false for +compatibility reasons. + +=item C + +May be overridden by a controller. Determines what kind of +authentication is required for a particular action. Must return either +C (which means that authentication as an admin is required), +C (authentication as a normal user suffices) with a possible +future value C (which would require no authentication but is not +yet implemented). + +=item C + +May be overridden by a controller. If falsish (the default) all form +variables whose name starts with C<{AUTH}> are removed before the +request is routed. Only controllers that handle login requests +themselves should return trueish for this function. + =back =head2 PRIVATE FUNCTIONS