diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2021-01-02 21:20:19 +0100 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2021-01-02 21:20:19 +0100 |
| commit | 9c6682e7edf8cbad828088cbeeef66c7ecefdd9a (patch) | |
| tree | c8c8a6ba34d49d22497a14ddaf18ae97d8cd5bb1 /app/Models/Auth.php | |
| parent | 7bc2cc5825547f5b5cf15005fda937e06065b45d (diff) | |
Avoid manual initialisations of system or user configuration (#3070)
* Avoid manual intialisations of system or user configuration
More consistent use of Context
* Simplify FreshRSS_Context::initUser
* Remove a few manual get_user_configuration
* A bit of debugging
* Fix context user init
* Fix install
* Fix concurrency
Concurrent requests could lead to bad race condition
* Fix actualize cron
Fix case when system i initialised several times
Diffstat (limited to 'app/Models/Auth.php')
| -rw-r--r-- | app/Models/Auth.php | 39 |
1 files changed, 16 insertions, 23 deletions
diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 9b18b8259..709a80f84 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -22,9 +22,8 @@ class FreshRSS_Auth { self::$login_ok = Minz_Session::param('loginOk', false); $current_user = Minz_Session::param('currentUser', ''); - if ($current_user === '') { - $conf = Minz_Configuration::get('system'); - $current_user = $conf->default_user; + if ($current_user == '') { + $current_user = FreshRSS_Context::$system_conf->default_user; Minz_Session::_params([ 'currentUser' => $current_user, 'csrf' => false, @@ -51,7 +50,6 @@ class FreshRSS_Auth { * @return boolean true if user can be connected, false else. */ private static function accessControl() { - FreshRSS_Context::$system_conf = Minz_Configuration::get('system'); $auth_type = FreshRSS_Context::$system_conf->auth_type; switch ($auth_type) { case 'form': @@ -103,19 +101,18 @@ class FreshRSS_Auth { * Gives access to the current user. */ public static function giveAccess() { - $current_user = Minz_Session::param('currentUser'); - $user_conf = get_user_configuration($current_user); - if ($user_conf == null) { + FreshRSS_Context::initUser(); + if (FreshRSS_Context::$user_conf == null) { self::$login_ok = false; return false; } - $system_conf = Minz_Configuration::get('system'); - switch ($system_conf->auth_type) { + switch (FreshRSS_Context::$system_conf->auth_type) { case 'form': - self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash; + self::$login_ok = Minz_Session::param('passwordHash') === FreshRSS_Context::$user_conf->passwordHash; break; case 'http_auth': + $current_user = Minz_Session::param('currentUser'); self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0; break; case 'none': @@ -140,11 +137,12 @@ class FreshRSS_Auth { * @return boolean true if user has corresponding access, false else. */ public static function hasAccess($scope = 'general') { - $systemConfiguration = Minz_Configuration::get('system'); + if (FreshRSS_Context::$user_conf == null) { + return false; + } $currentUser = Minz_Session::param('currentUser'); - $userConfiguration = get_user_configuration($currentUser); - $isAdmin = $userConfiguration && $userConfiguration->is_admin; - $default_user = $systemConfiguration->default_user; + $isAdmin = FreshRSS_Context::$user_conf->is_admin; + $default_user = FreshRSS_Context::$system_conf->default_user; $ok = self::$login_ok; switch ($scope) { case 'general': @@ -168,7 +166,6 @@ class FreshRSS_Auth { 'csrf' => false, 'REMOTE_USER' => false, ]); - $system_conf = Minz_Configuration::get('system'); $username = ''; $token_param = Minz_Request::param('token', ''); @@ -182,11 +179,11 @@ class FreshRSS_Auth { } } if ($username == '') { - $username = $system_conf->default_user; + $username = FreshRSS_Context::$system_conf->default_user; } Minz_Session::_param('currentUser', $username); - switch ($system_conf->auth_type) { + switch (FreshRSS_Context::$system_conf->auth_type) { case 'form': Minz_Session::_param('passwordHash'); FreshRSS_FormAuth::deleteCookie(); @@ -204,18 +201,14 @@ class FreshRSS_Auth { * Return if authentication is enabled on this instance of FRSS. */ public static function accessNeedsLogin() { - $conf = Minz_Configuration::get('system'); - $auth_type = $conf->auth_type; - return $auth_type !== 'none'; + return FreshRSS_Context::$system_conf->auth_type !== 'none'; } /** * Return if authentication requires a PHP action. */ public static function accessNeedsAction() { - $conf = Minz_Configuration::get('system'); - $auth_type = $conf->auth_type; - return $auth_type === 'form'; + return FreshRSS_Context::$system_conf->auth_type === 'form'; } public static function csrfToken() { |