Remove ENABLE_INSTALL / ENABLE_ADMIN features
This commit is contained in:
parent
dc882350e3
commit
f4398e32f6
8 changed files with 5 additions and 102 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -2,10 +2,8 @@
|
|||
logs
|
||||
|
||||
# Specific
|
||||
Specific/ENABLE_ADMIN
|
||||
Specific/config.php
|
||||
Specific/config.system.php
|
||||
Specific/virtualhosts/baikal.apache2
|
||||
|
||||
# Composer stuff
|
||||
composer.lock
|
||||
|
|
|
@ -24,5 +24,5 @@
|
|||
# This copyright notice MUST APPEAR in all copies of the script!
|
||||
#################################################################
|
||||
|
||||
define("BAIKAL_VERSION", "0.3.4");
|
||||
define("BAIKAL_VERSION", "0.4.0");
|
||||
define("BAIKAL_HOMEPAGE", "http://baikal-server.com");
|
||||
|
|
|
@ -45,14 +45,6 @@ class Standard extends \Baikal\Model\Config {
|
|||
"type" => "string",
|
||||
"comment" => "HTTP authentication type for WebDAV; default Digest"
|
||||
),
|
||||
"BAIKAL_ADMIN_ENABLED" => array(
|
||||
"type" => "boolean",
|
||||
"comment" => "Baïkal Web Admin ON/OFF switch; default TRUE",
|
||||
),
|
||||
"BAIKAL_ADMIN_AUTOLOCKENABLED" => array(
|
||||
"type" => "boolean",
|
||||
"comment" => "Baïkal Web Admin autolock ON/OFF switch; default FALSE",
|
||||
),
|
||||
"BAIKAL_ADMIN_PASSWORDHASH" => array(
|
||||
"type" => "string",
|
||||
"comment" => "Baïkal Web admin password hash; Set via Baïkal Web Admin",
|
||||
|
@ -65,8 +57,6 @@ class Standard extends \Baikal\Model\Config {
|
|||
"BAIKAL_CARD_ENABLED" => TRUE,
|
||||
"BAIKAL_CAL_ENABLED" => TRUE,
|
||||
"BAIKAL_DAV_AUTH_TYPE" => "Digest",
|
||||
"BAIKAL_ADMIN_ENABLED" => TRUE,
|
||||
"BAIKAL_ADMIN_AUTOLOCKENABLED" => FALSE,
|
||||
"BAIKAL_ADMIN_PASSWORDHASH" => ""
|
||||
);
|
||||
|
||||
|
@ -118,24 +108,6 @@ class Standard extends \Baikal\Model\Config {
|
|||
$oMorpho->element("BAIKAL_ADMIN_PASSWORDHASH_CONFIRM")->setOption("placeholder", $sNotice);
|
||||
}
|
||||
|
||||
$oMorpho->add(new \Formal\Element\Checkbox(array(
|
||||
"prop" => "BAIKAL_ADMIN_ENABLED",
|
||||
"label" => "Enable Web interface (recommended)",
|
||||
"popover" => array(
|
||||
"title" => "Warning !",
|
||||
"content" => "If disabled, you'll lose access to this very admin interface !",
|
||||
),
|
||||
)));
|
||||
|
||||
$oMorpho->add(new \Formal\Element\Checkbox(array(
|
||||
"prop" => "BAIKAL_ADMIN_AUTOLOCKENABLED",
|
||||
"label" => "Web interface autolock",
|
||||
"popover" => array(
|
||||
"title" => "Web admin autolock",
|
||||
"content" => "If enabled, you'll have to create a file named <strong>ENABLE_ADMIN</strong> in the folder <strong>Specific/</strong> prior to every admin use.<br /><br />This enforces security, but might be uncomfortable if you use the admin frequently."
|
||||
)
|
||||
)));
|
||||
|
||||
return $oMorpho;
|
||||
}
|
||||
|
||||
|
@ -207,12 +179,6 @@ define("BAIKAL_CAL_ENABLED", TRUE);
|
|||
# WebDAV authentication type; default Digest
|
||||
define("BAIKAL_DAV_AUTH_TYPE", "Digest");
|
||||
|
||||
# Baïkal Web Admin ON/OFF switch; default TRUE
|
||||
define("BAIKAL_ADMIN_ENABLED", TRUE);
|
||||
|
||||
# Baïkal Web Admin autolock ON/OFF switch; default FALSE
|
||||
define("BAIKAL_ADMIN_AUTOLOCKENABLED", FALSE);
|
||||
|
||||
# Baïkal Web admin password hash; Set via Baïkal Web Admin
|
||||
define("BAIKAL_ADMIN_PASSWORDHASH", "");
|
||||
CODE;
|
||||
|
|
|
@ -60,8 +60,6 @@ class Database extends \Flake\Core\Controller {
|
|||
|
||||
if($this->oForm->persisted()) {
|
||||
|
||||
\BaikalAdmin\Core\Auth::lockInstall();
|
||||
|
||||
$sMessage = "<p>Baïkal is now installed, and it's database properly configured. <strong>For security reasons, this installation wizard is now disabled.</strong></p>";
|
||||
$sMessage . "<p> </p>";
|
||||
$sMessage .= "<p><a class='btn btn-success' href='" . PROJECT_URI . "admin/'>Start using Baïkal</a></p>";
|
||||
|
|
|
@ -27,55 +27,6 @@
|
|||
namespace BaikalAdmin\Core;
|
||||
|
||||
class Auth {
|
||||
public static function assertEnabled() {
|
||||
if(!defined("BAIKAL_ADMIN_ENABLED") || BAIKAL_ADMIN_ENABLED !== TRUE) {
|
||||
die("<h1>Baïkal Admin is disabled.</h1>To enable it, set BAIKAL_ADMIN_ENABLED to TRUE in <b>Specific/config.php</b>");
|
||||
}
|
||||
|
||||
self::assertUnlocked();
|
||||
}
|
||||
|
||||
public static function assertUnlocked() {
|
||||
|
||||
if(defined("BAIKAL_CONTEXT_INSTALL") && BAIKAL_CONTEXT_INSTALL === TRUE) {
|
||||
$sToolName = "Baïkal Install Tool";
|
||||
$sFileName = "ENABLE_INSTALL";
|
||||
} else {
|
||||
if(!defined("BAIKAL_ADMIN_AUTOLOCKENABLED") || BAIKAL_ADMIN_AUTOLOCKENABLED === FALSE) {
|
||||
return TRUE;
|
||||
}
|
||||
|
||||
$sToolName = "Baïkal Admin";
|
||||
$sFileName = "ENABLE_ADMIN";
|
||||
}
|
||||
|
||||
$sEnableFile = PROJECT_PATH_SPECIFIC . $sFileName;
|
||||
|
||||
$bLocked = TRUE;
|
||||
if(file_exists($sEnableFile)) {
|
||||
|
||||
clearstatcache();
|
||||
$iTime = intval(filemtime($sEnableFile));
|
||||
if((time() - $iTime) < 3600) {
|
||||
# file has been created/updated less than an hour ago; update it's mtime
|
||||
if(is_writable($sEnableFile)) {
|
||||
@file_put_contents($sEnableFile, '');
|
||||
}
|
||||
$bLocked = FALSE;
|
||||
} else {
|
||||
// file has been created more than an hour ago
|
||||
// delete and declare locked
|
||||
if(!@unlink($sEnableFile)) {
|
||||
die("<h1>" . $sToolName . " is locked.</h1>To unlock it, create (or re-create if it exists already) an empty file named <strong>" . $sFileName . "</strong> (uppercase, no file extension) in the <b>Specific/</b> folder of Baïkal.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if($bLocked) {
|
||||
die("<h1>" . $sToolName . " is locked.</h1>To unlock it, create (or re-create if it exists already) an empty file named <strong>" . $sFileName . "</strong> (uppercase, no file extension) in the <b>Specific/</b> folder of Baïkal.");
|
||||
}
|
||||
}
|
||||
|
||||
public static function isAuthenticated() {
|
||||
if(isset($_SESSION["baikaladminauth"]) && $_SESSION["baikaladminauth"] === md5(BAIKAL_ADMIN_PASSWORDHASH)) {
|
||||
return TRUE;
|
||||
|
@ -118,11 +69,4 @@ class Auth {
|
|||
return md5('admin:' . $sAuthRealm . ':' . $sPassword);
|
||||
}
|
||||
|
||||
public static function lockAdmin() {
|
||||
@unlink(PROJECT_PATH_SPECIFIC . "ENABLE_ADMIN");
|
||||
}
|
||||
|
||||
public static function lockInstall() {
|
||||
@unlink(PROJECT_PATH_SPECIFIC . "ENABLE_INSTALL");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -53,9 +53,6 @@ require PROJECT_PATH_ROOT . 'vendor/autoload.php';
|
|||
# Bootstrap BaikalAdmin
|
||||
\BaikalAdmin\Framework::bootstrap();
|
||||
|
||||
# Assert that BaikalAdmin is enabled
|
||||
\BaikalAdmin\Core\Auth::assertEnabled();
|
||||
|
||||
# Create and setup a page object
|
||||
$oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html");
|
||||
$oPage->injectHTTPHeaders();
|
||||
|
|
|
@ -52,9 +52,6 @@ require PROJECT_PATH_ROOT . "vendor/autoload.php";
|
|||
# Bootstrap BaikalAdmin
|
||||
\BaikalAdmin\Framework::bootstrap();
|
||||
|
||||
# Evaluate assertions
|
||||
\BaikalAdmin\Core\Auth::assertUnlocked();
|
||||
|
||||
# Create and setup a page object
|
||||
$oPage = new \Flake\Controller\Page(BAIKALADMIN_PATH_TEMPLATES . "Page/index.html");
|
||||
$oPage->injectHTTPHeaders();
|
||||
|
|
5
Makefile
5
Makefile
|
@ -11,7 +11,6 @@ dist: vendor/autoload.php
|
|||
rm -r $(BUILD_DIR); true
|
||||
mkdir -p $(BUILD_DIR) $(BUILD_DIR)/Specific $(BUILD_DIR)/Specific/db
|
||||
cp -R $(BUILD_FILES) $(BUILD_DIR)
|
||||
touch $(BUILD_DIR)/Specific/ENABLE_INSTALL
|
||||
composer install -d $(BUILD_DIR)
|
||||
rm $(BUILD_DIR)/composer.*
|
||||
cd build; zip -r baikal-$(VERSION).zip baikal/
|
||||
|
@ -25,3 +24,7 @@ vendor/autoload.php: composer.lock
|
|||
|
||||
composer.lock: composer.json
|
||||
composer update
|
||||
|
||||
clean:
|
||||
# Wipe out all local data, and go back to a clean install
|
||||
rm Specific/config.php Specific/config.system.php Specific/db/db.sqlite; true
|
||||
|
|
Loading…
Reference in a new issue