forks/baikal
1
0
Fork 0
Code Releases Activity

Merge pull request #469 from fruux/remove_enable_admin_install

Browse source 
Remove ENABLE_INSTALL / ENABLE_ADMIN features
This commit is contained in:
Evert Pot 2016-03-12 19:34:13 -05:00
commit 59fdddcee3
7 changed files with 4 additions and 101 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.gitignore vendored
View file

@ -2,10 +2,8 @@
logs logs
# Specific # Specific
Specific/ENABLE_ADMIN
Specific/config.php Specific/config.php
Specific/config.system.php Specific/config.system.php
Specific/virtualhosts/baikal.apache2
# Composer stuff # Composer stuff
composer.lock composer.lock

34
Core/Frameworks/Baikal/Model/Config/Standard.php
View file

@ -45,14 +45,6 @@ class Standard extends \Baikal\Model\Config {
"type" => "string", "type" => "string",
"comment" => "HTTP authentication type for WebDAV; default Digest" "comment" => "HTTP authentication type for WebDAV; default Digest"
), ),
"BAIKAL_ADMIN_ENABLED" => array(
"type" => "boolean",
"comment" => "Baïkal Web Admin ON/OFF switch; default TRUE",
),
"BAIKAL_ADMIN_AUTOLOCKENABLED" => array(
"type" => "boolean",
"comment" => "Baïkal Web Admin autolock ON/OFF switch; default FALSE",
),
"BAIKAL_ADMIN_PASSWORDHASH" => array( "BAIKAL_ADMIN_PASSWORDHASH" => array(
"type" => "string", "type" => "string",
"comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin", "comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin",
@ -65,8 +57,6 @@ class Standard extends \Baikal\Model\Config {
"BAIKAL_CARD_ENABLED" => TRUE, "BAIKAL_CARD_ENABLED" => TRUE,
"BAIKAL_CAL_ENABLED" => TRUE, "BAIKAL_CAL_ENABLED" => TRUE,
"BAIKAL_DAV_AUTH_TYPE" => "Digest", "BAIKAL_DAV_AUTH_TYPE" => "Digest",
"BAIKAL_ADMIN_ENABLED" => TRUE,
"BAIKAL_ADMIN_AUTOLOCKENABLED" => FALSE,
"BAIKAL_ADMIN_PASSWORDHASH" => "" "BAIKAL_ADMIN_PASSWORDHASH" => ""
); );
@ -117,24 +107,6 @@ class Standard extends \Baikal\Model\Config {
$oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH")->setOption("placeholder", $sNotice); $oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH")->setOption("placeholder", $sNotice);
$oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH_CONFIRM")->setOption("placeholder", $sNotice); $oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH_CONFIRM")->setOption("placeholder", $sNotice);
} }
$oMorpho->add(new \Formal\Element\Checkbox(array(
"prop" => "BAIKAL_ADMIN_ENABLED",
"label" => "Enable Web interface (recommended)",
"popover" => array(
"title" => "Warning !",
"content" => "If disabled, you'll lose access to this very admin interface !",
),
)));
$oMorpho->add(new \Formal\Element\Checkbox(array(
"prop" => "BAIKAL_ADMIN_AUTOLOCKENABLED",
"label" => "Web interface autolock",
"popover" => array(
"title" => "Web admin autolock",
"content" => "If enabled, you'll have to create a file named <strong>ENABLE_ADMIN</strong> in the folder <strong>Specific/</strong> prior to every admin use.<br /><br />This enforces security, but might be uncomfortable if you use the admin frequently."
)
)));
return $oMorpho; return $oMorpho;
} }
@ -207,12 +179,6 @@ define("BAIKAL_CAL_ENABLED", TRUE);
# WebDAV authentication type; default Digest # WebDAV authentication type; default Digest
define("BAIKAL_DAV_AUTH_TYPE", "Digest"); define("BAIKAL_DAV_AUTH_TYPE", "Digest");
# Baïkal Web Admin ON/OFF switch; default TRUE
define("BAIKAL_ADMIN_ENABLED", TRUE);
# Baïkal Web Admin autolock ON/OFF switch; default FALSE
define("BAIKAL_ADMIN_AUTOLOCKENABLED", FALSE);
# Baïkal Web admin password hash; Set via Baïkal Web Admin # Baïkal Web admin password hash; Set via Baïkal Web Admin
define("BAIKAL_ADMIN_PASSWORDHASH", ""); define("BAIKAL_ADMIN_PASSWORDHASH", "");
CODE; CODE;

2
Core/Frameworks/BaikalAdmin/Controller/Install/Database.php
View file

@ -60,8 +60,6 @@ class Database extends \Flake\Core\Controller {
if($this->oForm->persisted()) { if($this->oForm->persisted()) {
\BaikalAdmin\Core\Auth::lockInstall();
$sMessage = "<p>Baïkal is now installed, and it's database properly configured. <strong>For security reasons, this installation wizard is now disabled.</strong></p>"; $sMessage = "<p>Baïkal is now installed, and it's database properly configured. <strong>For security reasons, this installation wizard is now disabled.</strong></p>";
$sMessage . "<p>&nbsp;</p>"; $sMessage . "<p>&nbsp;</p>";
$sMessage .= "<p><a class='btn btn-success' href='" . PROJECT_URI . "admin/'>Start using Baïkal</a></p>"; $sMessage .= "<p><a class='btn btn-success' href='" . PROJECT_URI . "admin/'>Start using Baïkal</a></p>";

56
Core/Frameworks/BaikalAdmin/Core/Auth.php
View file

@ -27,55 +27,6 @@
namespace BaikalAdmin\Core; namespace BaikalAdmin\Core;
class Auth { class Auth {
public static function assertEnabled() {
if(!defined("BAIKAL_ADMIN_ENABLED") || BAIKAL_ADMIN_ENABLED !== TRUE) {
die("<h1>Ba&iuml;kal Admin is disabled.</h1>To enable it, set BAIKAL_ADMIN_ENABLED to TRUE in <b>Specific/config.php</b>");
}
self::assertUnlocked();
}
public static function assertUnlocked() {
if(defined("BAIKAL_CONTEXT_INSTALL") && BAIKAL_CONTEXT_INSTALL === TRUE) {
$sToolName = "Ba&iuml;kal Install Tool";
$sFileName = "ENABLE_INSTALL";
} else {
if(!defined("BAIKAL_ADMIN_AUTOLOCKENABLED") || BAIKAL_ADMIN_AUTOLOCKENABLED === FALSE) {
return TRUE;
}
$sToolName = "Ba&iuml;kal Admin";
$sFileName = "ENABLE_ADMIN";
}
$sEnableFile = PROJECT_PATH_SPECIFIC . $sFileName;
$bLocked = TRUE;
if(file_exists($sEnableFile)) {
clearstatcache();
$iTime = intval(filemtime($sEnableFile));
if((time() - $iTime) < 3600) {
# file has been created/updated less than an hour ago; update it's mtime
if(is_writable($sEnableFile)) {
@file_put_contents($sEnableFile, '');
}
$bLocked = FALSE;
} else {
// file has been created more than an hour ago
// delete and declare locked
if(!@unlink($sEnableFile)) {
die("<h1>" . $sToolName . " is locked.</h1>To unlock it, create (or re-create if it exists already) an empty file named <strong>" . $sFileName . "</strong> (uppercase, no file extension) in the <b>Specific/</b> folder of Ba&iuml;kal.");
}
}
}
if($bLocked) {
die("<h1>" . $sToolName . " is locked.</h1>To unlock it, create (or re-create if it exists already) an empty file named <strong>" . $sFileName . "</strong> (uppercase, no file extension) in the <b>Specific/</b> folder of Ba&iuml;kal.");
}
}
public static function isAuthenticated() { public static function isAuthenticated() {
if(isset($_SESSION["baikaladminauth"]) && $_SESSION["baikaladminauth"] === md5(BAIKAL_ADMIN_PASSWORDHASH)) { if(isset($_SESSION["baikaladminauth"]) && $_SESSION["baikaladminauth"] === md5(BAIKAL_ADMIN_PASSWORDHASH)) {
return TRUE; return TRUE;
@ -118,11 +69,4 @@ class Auth {
return md5('admin:' . $sAuthRealm . ':' . $sPassword); return md5('admin:' . $sAuthRealm . ':' . $sPassword);
} }
public static function lockAdmin() {
@unlink(PROJECT_PATH_SPECIFIC . "ENABLE_ADMIN");
}
public static function lockInstall() {
@unlink(PROJECT_PATH_SPECIFIC . "ENABLE_INSTALL");
}
} }

3
Core/Frameworks/BaikalAdmin/WWWRoot/index.php
View file

@ -53,9 +53,6 @@ require PROJECT_PATH_ROOT . 'vendor/autoload.php';
# Bootstrap BaikalAdmin # Bootstrap BaikalAdmin
\BaikalAdmin\Framework::bootstrap(); \BaikalAdmin\Framework::bootstrap();
# Assert that BaikalAdmin is enabled
\BaikalAdmin\Core\Auth::assertEnabled();
# Create and setup a page object # Create and setup a page object
$oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html"); $oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html");
$oPage->injectHTTPHeaders(); $oPage->injectHTTPHeaders();

3
Core/Frameworks/BaikalAdmin/WWWRoot/install/index.php
View file

@ -52,9 +52,6 @@ require PROJECT_PATH_ROOT . "vendor/autoload.php";
# Bootstrap BaikalAdmin # Bootstrap BaikalAdmin
\BaikalAdmin\Framework::bootstrap(); \BaikalAdmin\Framework::bootstrap();
# Evaluate assertions
\BaikalAdmin\Core\Auth::assertUnlocked();
# Create and setup a page object # Create and setup a page object
$oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html"); $oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html");
$oPage->injectHTTPHeaders(); $oPage->injectHTTPHeaders();

5
Makefile
View file

@ -12,7 +12,6 @@ dist: vendor/autoload.php
mkdir -p $(BUILD_DIR) $(BUILD_DIR)/Specific $(BUILD_DIR)/Specific/db mkdir -p $(BUILD_DIR) $(BUILD_DIR)/Specific $(BUILD_DIR)/Specific/db
touch $(BUILD_DIR)/Specific/db/.empty touch $(BUILD_DIR)/Specific/db/.empty
cp -R $(BUILD_FILES) $(BUILD_DIR) cp -R $(BUILD_FILES) $(BUILD_DIR)
touch $(BUILD_DIR)/Specific/ENABLE_INSTALL
composer install -d $(BUILD_DIR) composer install -d $(BUILD_DIR)
rm $(BUILD_DIR)/composer.* rm $(BUILD_DIR)/composer.*
cd build; zip -r baikal-$(VERSION).zip baikal/ cd build; zip -r baikal-$(VERSION).zip baikal/
@ -26,3 +25,7 @@ vendor/autoload.php: composer.lock
composer.lock: composer.json composer.lock: composer.json
composer update composer update
clean:
# Wipe out all local data, and go back to a clean install
rm Specific/config.php Specific/config.system.php Specific/db/db.sqlite; true