[geeklog-devel] Brainstorming: Admin Toolbox?
Tom Willett
tomw at pigstye.net
Mon Jul 12 17:18:28 EDT 2004
Looks good to me.
My vote would be to just place the scripts in a specific location.
The only suggestion that I would make is to make the permissions more
flexible. That way if root delegated authority to someone, they too could
access the script. Of course this would require either some sort of
database table to manage the permissions or editing of the script file to
add them. The latter is the easiest way.
--
Tom Willett
tomw at pigstye.net
---------- Original Message -----------
From: Tony Bibbs <tony at tonybibbs.com>
To: geeklog-devel at lists.geeklog.net
Sent: Mon, 12 Jul 2004 15:40:50 -0500
Subject: Re: [geeklog-devel] Brainstorming: Admin Toolbox?
> Dirk Haun wrote:
>
> >Gentlemen,
> >
> >I see a need for a set of scripts to do maintenance tasks and such (for
> >example, I just wrote a tiny script that does an OPTIMIZE TABLE on all
> >the tables). It would be nice if there was a simple way to plug these
> >sorts of scripts into Geeklog without having to make them full-blown
plugins.
> >
> >Ideally, I would like to be able to just drop my script into some
> >predefined location and have Geeklog pick it up automatically. An admin-
> >only plugin "lite", so to speak.
> >
> >I could imagine a link, say, "Site Maintenance" or "Admin Toolbox" (Hi
> >Tom), in the Admin block, which then presents a list of all the availble
> >mini-plugins (with a short description?).
> >
> >
> K, I think an simple interface should be implemented. Also, I'm a bit
> partial to an OO-design so how is this as a stubbed out class:
>
> <?php
>
> class GeeklogScriptlet {
> var $_author = null;
> var $_shortDesc = null;
> var $_longDesc = null;
> var $_version = null;
>
> function userCanRunScript()
> {
> if (!SEC_inGroup('Root')) {
> return false;
> }
> return true;
> }
>
> function GeeklogScriptlet()
> {
> $_author = 'John or Jane Doe';
> $_shortDesc = 'Short Description goes here';
> $_longDesc = 'Long Description goes here';
> }
>
> function getAuthor()
> {
> return $this->_author;
> }
>
> function getShortDesc()
> {
> return $this->_shortDesc;
> }
>
> function getLongDesc()
> {
> return $this->_longDesc;
> }
>
> function getVersion()
> {
> return $this-_version;
> }
>
> function runScript()
> {
> // All the work of the script goes here.
> }
> }
>
> ?>
>
> >I'd like this to be
> >- easy to install (one file per mini-plugin, one location)
> >
> >
> Using the class above, you could put all scripts in one directory
> outside the webtree or in a database. Then you would create an main
> admin page e.g. /admin/runScriptlet.php?name=GeeklogScriptlet.
> Naturally the class above is meant to be abstract so people would
> inherit from it and change as needed. This
> will allow the security to be done once, etc.
>
> My vote would be to put the contents of the script in a database to
> avoid permission issues on the files. Plus by doing this we do advanced
> security checks. For example, given this sort of stuff can potentially
> do harm, we should notice if this is the first time the script has been
> called and ask if they are sure they want to enable the script. We
> should also give them a chance to review the code at that time.
>
> --Tony
> _______________________________________________
> geeklog-devel mailing list
> geeklog-devel at lists.geeklog.net
> http://lists.geeklog.net/listinfo/geeklog-devel
------- End of Original Message -------
More information about the geeklog-devel
mailing list