module Foundation where import Prelude import Yesod import Yesod.Static import Yesod.Auth import Auth.Proxied (authProxied) import Yesod.Default.Config import Yesod.Default.Util (addStaticContentExternal) import Yesod.Form.Jquery (YesodJquery(..)) import Network.HTTP.Conduit (Manager) import qualified Settings import Settings.Development (development) import qualified Database.Persist import Database.Persist.Sql (SqlPersistT) import Settings.StaticFiles import Settings (widgetFile, Extra (..)) import Model import Text.Jasmine (minifym) import Text.Hamlet (hamletFile) import Yesod.Core.Types (Logger) -- | The site argument for your application. This can be a good place to -- keep settings and values requiring initialization before your application -- starts running, such as database connections. Every handler will have -- access to the data present here. data App = App { settings :: AppConfig DefaultEnv Extra , getStatic :: Static -- ^ Settings for static file serving. , connPool :: Database.Persist.PersistConfigPool Settings.PersistConf -- ^ Database connection pool. , httpManager :: Manager , persistConfig :: Settings.PersistConf , appLogger :: Logger } -- Set up i18n messages. See the message folder. mkMessage "App" "messages" "en" -- This is where we define all of the routes in our application. For a full -- explanation of the syntax, please see: -- http://www.yesodweb.com/book/handler -- -- This function does three things: -- -- * Creates the route datatype AppRoute. Every valid URL in your -- application can be represented as a value of this type. -- * Creates the associated type: -- type instance Route App = AppRoute -- * Creates the value resourcesApp which contains information on the -- resources declared below. This is used in Handler.hs by the call to -- mkYesodDispatch -- -- What this function does *not* do is create a YesodSite instance for -- App. Creating that instance requires all of the handler functions -- for our application to be in scope. However, the handler functions -- usually require access to the AppRoute datatype. Therefore, we -- split these actions into two functions and place them in separate files. mkYesodData "App" $(parseRoutesFile "config/routes") type Form x = Html -> MForm (HandlerT App IO) (FormResult x, Widget) -- Please see the documentation for the Yesod typeclass. There are a number -- of settings which can be configured by overriding methods here. instance Yesod App where approot = ApprootMaster $ appRoot . settings -- Store session data on the client in encrypted cookies, -- default session idle timeout is 120 minutes makeSessionBackend _ = fmap Just $ defaultClientSessionBackend (120 * 60) -- 120 minutes "config/client_session_key.aes" defaultLayout widget = do master <- getYesod mmsg <- getMessage -- We break up the default layout into two components: -- default-layout is the contents of the body tag, and -- default-layout-wrapper is the entire page. Since the final -- value passed to hamletToRepHtml cannot be a widget, this allows -- you to use normal widget features in default-layout. pc <- widgetToPageContent $ do $(combineStylesheets 'StaticR [ css_normalize_css , css_bootstrap_css ]) $(widgetFile "default-layout") giveUrlRenderer $(hamletFile "templates/default-layout-wrapper.hamlet") -- This is done to provide an optimization for serving static files from -- a separate domain. Please see the staticRoot setting in Settings.hs urlRenderOverride y (StaticR s) = Just $ uncurry (joinPath y (Settings.staticRoot $ settings y)) $ renderRoute s urlRenderOverride _ _ = Nothing -- The page to be redirected to when authentication is required. authRoute _ = Just $ AuthR LoginR -- This function creates static content files in the static folder -- and names them based on a hash of their content. This allows -- expiration dates to be set far in the future without worry of -- users receiving stale content. addStaticContent = addStaticContentExternal minifym genFileName Settings.staticDir (StaticR . flip StaticRoute []) where -- Generate a unique filename based on the content itself genFileName lbs | development = "autogen-" ++ base64md5 lbs | otherwise = base64md5 lbs -- Place Javascript at bottom of the body tag so the rest of the page loads first jsLoader _ = BottomOfBody -- What messages should be logged. The following includes all messages when -- in development, and warnings and errors in production. shouldLog _ _source level = development || level == LevelWarn || level == LevelError makeLogger = return . appLogger isAuthorized (UserR u) True = isUserOrAssistant False u isAuthorized (UserR u) False = isUserOrAssistant True u isAuthorized (CategoryR _) True = isAdmin isAuthorized (CategoryR _) False = return Authorized isAuthorized (EmploymentR e) True = isAdmin isAuthorized (EmploymentR _) False = return Authorized isAuthorized (VacationR u) True = isUser u -- this should be impossible isAuthorized (VacationR u) False = isUserOrAdmin u isAuthorized _ _ = return Authorized isUser :: UserId -> Handler AuthResult isUser t = do ma <- maybeAuth return $ case ma of Nothing -> AuthenticationRequired Just (Entity u _) -> if t == u then Authorized else Unauthorized "That ain't your page." isUserOrAdmin :: UserId -> Handler AuthResult isUserOrAdmin t = do ma <- maybeAuth return $ case ma of Nothing -> AuthenticationRequired Just (Entity u v) -> if t == u || userIsAdmin v then Authorized else Unauthorized "You must be an admin" isAdmin :: Handler AuthResult isAdmin = do ma <- maybeAuth return $ case ma of Nothing -> AuthenticationRequired Just (Entity u v) -> if userIsAdmin v then Authorized else Unauthorized "You must be an admin" isUserOrAssistant :: Bool -> UserId -> Handler AuthResult isUserOrAssistant allowAdmin t = do ma <- maybeAuth case ma of Nothing -> return AuthenticationRequired Just (Entity u v) -> case t == u of True -> return Authorized False -> do mass <- runDB $ selectFirst [AssistantAssistant ==. u, AssistantAssisted ==. t] [] case mass of Nothing -> return (if allowAdmin && userIsAdmin v then Authorized else Unauthorized "That ain't your page.") Just _ -> return Authorized -- How to run database actions. instance YesodPersist App where type YesodPersistBackend App = SqlPersistT runDB = defaultRunDB persistConfig connPool instance YesodPersistRunner App where getDBRunner = defaultGetDBRunner connPool instance YesodAuth App where type AuthId App = UserId -- Where to send a user after successful login loginDest _ = HomeR -- Where to send a user after logout logoutDest _ = HomeR getAuthId creds = runDB $ do x <- getBy $ UniqueUser $ credsIdent creds case x of Just (Entity uid _) -> return $ Just uid Nothing -> if credsIdent creds == "" then return Nothing else fmap Just $ insert $ User (credsIdent creds) False authPlugins _ = [authProxied] authHttpManager = httpManager -- This instance is required to use forms. You can modify renderMessage to -- achieve customized and internationalized form validation messages. instance RenderMessage App FormMessage where renderMessage _ _ = defaultFormMessage -- | Get the 'Extra' value, used to hold data from the settings.yml file. getExtra :: Handler Extra getExtra = fmap (appExtra . settings) getYesod -- Note: previous versions of the scaffolding included a deliver function to -- send emails. Unfortunately, there are too many different options for us to -- give a reasonable default. Instead, the information is available on the -- wiki: -- -- https://github.com/yesodweb/yesod/wiki/Sending-email instance YesodJquery App where urlJqueryJs _ = Left (StaticR js_jquery_js) urlJqueryUiJs _ = Left (StaticR jquery_ui_jquery_ui_js) urlJqueryUiCss _ = Left (StaticR cupertino_jquery_ui_css) urlJqueryUiDateTimePicker _ = Left (StaticR js_jquery_ui_datetimepicker_js)