diff --git a/.gitignore b/.gitignore index e639446..8fbd4e8 100755 --- a/.gitignore +++ b/.gitignore @@ -2,10 +2,8 @@ logs # Specific -Specific/ENABLE_ADMIN Specific/config.php Specific/config.system.php -Specific/virtualhosts/baikal.apache2 # Composer stuff composer.lock diff --git a/Core/Frameworks/Baikal/Model/Config/Standard.php b/Core/Frameworks/Baikal/Model/Config/Standard.php index e8bb846..1fe4cf4 100644 --- a/Core/Frameworks/Baikal/Model/Config/Standard.php +++ b/Core/Frameworks/Baikal/Model/Config/Standard.php @@ -45,14 +45,6 @@ class Standard extends \Baikal\Model\Config { "type" => "string", "comment" => "HTTP authentication type for WebDAV; default Digest" ), - "BAIKAL_ADMIN_ENABLED" => array( - "type" => "boolean", - "comment" => "Baïkal Web Admin ON/OFF switch; default TRUE", - ), - "BAIKAL_ADMIN_AUTOLOCKENABLED" => array( - "type" => "boolean", - "comment" => "Baïkal Web Admin autolock ON/OFF switch; default FALSE", - ), "BAIKAL_ADMIN_PASSWORDHASH" => array( "type" => "string", "comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin", @@ -65,8 +57,6 @@ class Standard extends \Baikal\Model\Config { "BAIKAL_CARD_ENABLED" => TRUE, "BAIKAL_CAL_ENABLED" => TRUE, "BAIKAL_DAV_AUTH_TYPE" => "Digest", - "BAIKAL_ADMIN_ENABLED" => TRUE, - "BAIKAL_ADMIN_AUTOLOCKENABLED" => FALSE, "BAIKAL_ADMIN_PASSWORDHASH" => "" ); @@ -117,24 +107,6 @@ class Standard extends \Baikal\Model\Config { $oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH")->setOption("placeholder", $sNotice); $oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH_CONFIRM")->setOption("placeholder", $sNotice); } - - $oMorpho->add(new \Formal\Element\Checkbox(array( - "prop" => "BAIKAL_ADMIN_ENABLED", - "label" => "Enable Web interface (recommended)", - "popover" => array( - "title" => "Warning !", - "content" => "If disabled, you'll lose access to this very admin interface !", - ), - ))); - - $oMorpho->add(new \Formal\Element\Checkbox(array( - "prop" => "BAIKAL_ADMIN_AUTOLOCKENABLED", - "label" => "Web interface autolock", - "popover" => array( - "title" => "Web admin autolock", - "content" => "If enabled, you'll have to create a file named ENABLE_ADMIN in the folder Specific/ prior to every admin use.

This enforces security, but might be uncomfortable if you use the admin frequently." - ) - ))); return $oMorpho; } @@ -207,12 +179,6 @@ define("BAIKAL_CAL_ENABLED", TRUE); # WebDAV authentication type; default Digest define("BAIKAL_DAV_AUTH_TYPE", "Digest"); -# Baïkal Web Admin ON/OFF switch; default TRUE -define("BAIKAL_ADMIN_ENABLED", TRUE); - -# Baïkal Web Admin autolock ON/OFF switch; default FALSE -define("BAIKAL_ADMIN_AUTOLOCKENABLED", FALSE); - # Baïkal Web admin password hash; Set via Baïkal Web Admin define("BAIKAL_ADMIN_PASSWORDHASH", ""); CODE; diff --git a/Core/Frameworks/BaikalAdmin/Controller/Install/Database.php b/Core/Frameworks/BaikalAdmin/Controller/Install/Database.php index e71be03..115bd76 100644 --- a/Core/Frameworks/BaikalAdmin/Controller/Install/Database.php +++ b/Core/Frameworks/BaikalAdmin/Controller/Install/Database.php @@ -60,8 +60,6 @@ class Database extends \Flake\Core\Controller { if($this->oForm->persisted()) { - \BaikalAdmin\Core\Auth::lockInstall(); - $sMessage = "

Baïkal is now installed, and it's database properly configured. For security reasons, this installation wizard is now disabled.

"; $sMessage . "

 

"; $sMessage .= "

Start using Baïkal

"; diff --git a/Core/Frameworks/BaikalAdmin/Core/Auth.php b/Core/Frameworks/BaikalAdmin/Core/Auth.php index ed58a60..048878f 100644 --- a/Core/Frameworks/BaikalAdmin/Core/Auth.php +++ b/Core/Frameworks/BaikalAdmin/Core/Auth.php @@ -27,55 +27,6 @@ namespace BaikalAdmin\Core; class Auth { - public static function assertEnabled() { - if(!defined("BAIKAL_ADMIN_ENABLED") || BAIKAL_ADMIN_ENABLED !== TRUE) { - die("

Baïkal Admin is disabled.

To enable it, set BAIKAL_ADMIN_ENABLED to TRUE in Specific/config.php"); - } - - self::assertUnlocked(); - } - - public static function assertUnlocked() { - - if(defined("BAIKAL_CONTEXT_INSTALL") && BAIKAL_CONTEXT_INSTALL === TRUE) { - $sToolName = "Baïkal Install Tool"; - $sFileName = "ENABLE_INSTALL"; - } else { - if(!defined("BAIKAL_ADMIN_AUTOLOCKENABLED") || BAIKAL_ADMIN_AUTOLOCKENABLED === FALSE) { - return TRUE; - } - - $sToolName = "Baïkal Admin"; - $sFileName = "ENABLE_ADMIN"; - } - - $sEnableFile = PROJECT_PATH_SPECIFIC . $sFileName; - - $bLocked = TRUE; - if(file_exists($sEnableFile)) { - - clearstatcache(); - $iTime = intval(filemtime($sEnableFile)); - if((time() - $iTime) < 3600) { - # file has been created/updated less than an hour ago; update it's mtime - if(is_writable($sEnableFile)) { - @file_put_contents($sEnableFile, ''); - } - $bLocked = FALSE; - } else { - // file has been created more than an hour ago - // delete and declare locked - if(!@unlink($sEnableFile)) { - die("

" . $sToolName . " is locked.

To unlock it, create (or re-create if it exists already) an empty file named " . $sFileName . " (uppercase, no file extension) in the Specific/ folder of Baïkal."); - } - } - } - - if($bLocked) { - die("

" . $sToolName . " is locked.

To unlock it, create (or re-create if it exists already) an empty file named " . $sFileName . " (uppercase, no file extension) in the Specific/ folder of Baïkal."); - } - } - public static function isAuthenticated() { if(isset($_SESSION["baikaladminauth"]) && $_SESSION["baikaladminauth"] === md5(BAIKAL_ADMIN_PASSWORDHASH)) { return TRUE; @@ -118,11 +69,4 @@ class Auth { return md5('admin:' . $sAuthRealm . ':' . $sPassword); } - public static function lockAdmin() { - @unlink(PROJECT_PATH_SPECIFIC . "ENABLE_ADMIN"); - } - - public static function lockInstall() { - @unlink(PROJECT_PATH_SPECIFIC . "ENABLE_INSTALL"); - } } diff --git a/Core/Frameworks/BaikalAdmin/WWWRoot/index.php b/Core/Frameworks/BaikalAdmin/WWWRoot/index.php index ea10540..4458d5f 100644 --- a/Core/Frameworks/BaikalAdmin/WWWRoot/index.php +++ b/Core/Frameworks/BaikalAdmin/WWWRoot/index.php @@ -53,9 +53,6 @@ require PROJECT_PATH_ROOT . 'vendor/autoload.php'; # Bootstrap BaikalAdmin \BaikalAdmin\Framework::bootstrap(); -# Assert that BaikalAdmin is enabled -\BaikalAdmin\Core\Auth::assertEnabled(); - # Create and setup a page object $oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html"); $oPage->injectHTTPHeaders(); diff --git a/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php b/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php index 77fc6b6..015500d 100644 --- a/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php +++ b/Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php @@ -52,9 +52,6 @@ require PROJECT_PATH_ROOT . "vendor/autoload.php"; # Bootstrap BaikalAdmin \BaikalAdmin\Framework::bootstrap(); -# Evaluate assertions -\BaikalAdmin\Core\Auth::assertUnlocked(); - # Create and setup a page object $oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html"); $oPage->injectHTTPHeaders(); diff --git a/Makefile b/Makefile index 21f3dfc..8a89bb3 100644 --- a/Makefile +++ b/Makefile @@ -12,7 +12,6 @@ dist: vendor/autoload.php mkdir -p $(BUILD_DIR) $(BUILD_DIR)/Specific $(BUILD_DIR)/Specific/db touch $(BUILD_DIR)/Specific/db/.empty cp -R $(BUILD_FILES) $(BUILD_DIR) - touch $(BUILD_DIR)/Specific/ENABLE_INSTALL composer install -d $(BUILD_DIR) rm $(BUILD_DIR)/composer.* cd build; zip -r baikal-$(VERSION).zip baikal/ @@ -26,3 +25,7 @@ vendor/autoload.php: composer.lock composer.lock: composer.json composer update + +clean: + # Wipe out all local data, and go back to a clean install + rm Specific/config.php Specific/config.system.php Specific/db/db.sqlite; true