[geeklog-devel] Brainstorming: Admin Toolbox?

Tony Bibbs tony at tonybibbs.com
Mon Jul 12 16:40:50 EDT 2004 

Dirk Haun wrote:

>Gentlemen,
>
>I see a need for a set of scripts to do maintenance tasks and such (for
>example, I just wrote a tiny script that does an OPTIMIZE TABLE on all
>the  tables). It would be nice if there was a simple way to plug these
>sorts of scripts into Geeklog without having to make them full-blown plugins.
>
>Ideally, I would like to be able to just drop my script into some
>predefined location and have Geeklog pick it up automatically. An admin-
>only plugin "lite", so to speak.
>
>I could imagine a link, say, "Site Maintenance" or "Admin Toolbox" (Hi
>Tom), in the Admin block, which then presents a list of all the availble
>mini-plugins (with a short description?).
>  
>
K, I think an simple interface should be implemented.  Also, I'm a bit 
partial to an OO-design so how is this as a stubbed out class:

<?php

class GeeklogScriptlet {
    var $_author = null;
    var $_shortDesc = null;
    var $_longDesc = null;
    var $_version = null;
 
    function userCanRunScript() 
    {
        if (!SEC_inGroup('Root')) {
            return false;
        }
        return true;
    }

    function GeeklogScriptlet()
    {
        $_author = 'John or Jane Doe';
        $_shortDesc = 'Short Description goes here';
        $_longDesc = 'Long Description goes here';
    }

    function getAuthor()
    {
        return $this->_author;
    }

    function getShortDesc()
    {
        return $this->_shortDesc;
    }

    function getLongDesc()
    {
        return $this->_longDesc;
    }
   
    function getVersion()
    {
        return $this-_version;
    }

    function runScript()
    {
        // All the work of the script goes here.
    }
}

?>

>I'd like this to be
>- easy to install (one file per mini-plugin, one location)
>  
>
Using the class above, you could put all scripts in one directory 
outside the webtree or in a database.  Then you would create an main 
admin page e.g. /admin/runScriptlet.php?name=GeeklogScriptlet.  
Naturally the class above is meant to be abstract so people would 
inherit from it and change as needed.  This
will allow the security to be done once, etc.

My vote would be to put the contents of the script in a database to 
avoid permission issues on the files.  Plus by doing this we do advanced 
security checks.  For example, given this sort of stuff can potentially 
do harm, we should notice if this is the first time the script has been 
called and ask if they are sure they want to enable the script. We 
should also give them a chance to review the code at that time. 

--Tony

More information about the geeklog-devel mailing list