diff options
| author |  Marien Fressinaud <dev@marienfressinaud.fr>
| 2015-01-05 16:54:16 +0100 |
|---|---|---|
| committer | Marien Fressinaud <dev@marienfressinaud.fr>
| 2015-01-05 16:54:16 +0100 |
| commit | 51a71ec4b9d62528054be8faee1576a8fd6d37f6 (patch) | |
| tree | f92299dd5314aef43e9e69e8fde317b9b7790213 /app | |
| parent | 7584364a4c2b407e97909e94ba274da62620abea (diff) | |
New configuration system (not working yet)
- Use only Minz_Configuration
- register() method to load a new configuration file
- get() to get a configuration
- new exceptions related to configuration
- fix a list configuration calls to have FRSS working
Current problems to resolve:
- How to handle configuration param verifications (i.e. check auth_type
is a value from none, http_auth, persona or form)
- We must use $conf = Minz_Configuration::get('system'); $general_conf = $conf->general;
to access global system configuration which is quite annoying. How to change that?
See https://github.com/FreshRSS/FreshRSS/issues/730
Diffstat (limited to 'app')
| -rw-r--r-- | app/Controllers/authController.php | 36 | ||||
| -rw-r--r-- | app/FreshRSS.php | 8 | ||||
| -rw-r--r-- | app/Models/Auth.php | 40 | ||||
| -rw-r--r-- | app/Models/Context.php | 4 | ||||
| -rw-r--r-- | app/Models/Factory.php | 16 | ||||
| -rw-r--r-- | app/Models/Feed.php | 3 | ||||
| -rw-r--r-- | app/layout/header.phtml | 13 | ||||
| -rw-r--r-- | app/layout/layout.phtml | 3 | ||||
| -rw-r--r-- | app/views/helpers/javascript_vars.phtml | 3 |
9 files changed, 79 insertions, 47 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index ccc32ec0d..f68ea8da5 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -27,6 +27,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { if (Minz_Request::isPost()) { $ok = true; + $system_conf = Minz_Configuration::get('system'); + $general = $system_conf->general; $current_token = FreshRSS_Context::$conf->token; $token = Minz_Request::param('token', $current_token); FreshRSS_Context::$conf->_token($token); @@ -39,18 +41,21 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $auth_type = Minz_Request::param('auth_type', 'none'); $unsafe_autologin = Minz_Request::param('unsafe_autologin', false); $api_enabled = Minz_Request::param('api_enabled', false); - if ($anon != Minz_Configuration::allowAnonymous() || - $auth_type != Minz_Configuration::authType() || - $anon_refresh != Minz_Configuration::allowAnonymousRefresh() || - $unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() || - $api_enabled != Minz_Configuration::apiEnabled()) { - - Minz_Configuration::_authType($auth_type); - Minz_Configuration::_allowAnonymous($anon); - Minz_Configuration::_allowAnonymousRefresh($anon_refresh); - Minz_Configuration::_enableAutologin($unsafe_autologin); - Minz_Configuration::_enableApi($api_enabled); - $ok &= Minz_Configuration::writeFile(); + if ($anon != $general['allow_anonymous'] || + $auth_type != $general['auth_type'] || + $anon_refresh != $general['allow_anonymous_refresh'] || + $unsafe_autologin != $general['unsafe_autologin_enabled'] || + $api_enabled != $general['api_enabled']) { + + // TODO: test values from form + $general['auth_type'] = $auth_type; + $general['allow_anonymous'] = $anon; + $general['allow_anonymous_refresh'] = $anon_refresh; + $general['unsafe_autologin_enabled'] = $unsafe_autologin; + $general['api_enabled'] = $api_enabled; + + $system_conf->general = $general; + $ok &= $system_conf->save(); } invalidateHttpCache(); @@ -76,7 +81,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::forward(array('c' => 'index', 'a' => 'index'), true); } - $auth_type = Minz_Configuration::authType(); + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; switch ($auth_type) { case 'form': Minz_Request::forward(array('c' => 'auth', 'a' => 'formLogin')); @@ -114,6 +120,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $file_mtime = @filemtime(PUBLIC_PATH . '/scripts/bcrypt.min.js'); Minz_View::appendScript(Minz_Url::display('/scripts/bcrypt.min.js?' . $file_mtime)); + $conf = Minz_Configuration::get('system'); + if (Minz_Request::isPost()) { $nonce = Minz_Session::param('nonce'); $username = Minz_Request::param('username', ''); @@ -154,7 +162,7 @@ class FreshRSS_auth_Controller extends Minz_ActionController { Minz_Request::bad(_t('feedback.auth.login.invalid'), array('c' => 'auth', 'a' => 'login')); } - } elseif (Minz_Configuration::unsafeAutologinEnabled()) { + } elseif ($conf->general['unsafe_autologin_enabled']) { $username = Minz_Request::param('u', ''); $password = Minz_Request::param('p', ''); Minz_Request::_param('p'); diff --git a/app/FreshRSS.php b/app/FreshRSS.php index 6114a5d1a..455f2fefd 100644 --- a/app/FreshRSS.php +++ b/app/FreshRSS.php @@ -6,6 +6,11 @@ class FreshRSS extends Minz_FrontController { Minz_Session::init('FreshRSS'); } + $current_user = Minz_Session::param('currentUser', '_'); + Minz_Configuration::register('user', + join_path(USERS_PATH, $current_user, 'config.php'), + join_path(USERS_PATH, '_', 'config.default.php')); + // Need to be called just after session init because it initializes // current user. FreshRSS_Auth::init(); @@ -57,7 +62,8 @@ class FreshRSS extends Minz_FrontController { Minz_View::appendScript(Minz_Url::display('/scripts/shortcut.js?' . @filemtime(PUBLIC_PATH . '/scripts/shortcut.js'))); Minz_View::appendScript(Minz_Url::display('/scripts/main.js?' . @filemtime(PUBLIC_PATH . '/scripts/main.js'))); - if (Minz_Configuration::authType() === 'persona') { + $conf = Minz_Configuration::get('system'); + if ($conf->general['auth_type'] === 'persona') { // TODO move it in a plugin // Needed for login AND logout with Persona. Minz_View::appendScript('https://login.persona.org/include.js'); diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 2971d65c8..84b4e3721 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -16,7 +16,8 @@ class FreshRSS_Auth { self::$login_ok = Minz_Session::param('loginOk', false); $current_user = Minz_Session::param('currentUser', ''); if ($current_user === '') { - $current_user = Minz_Configuration::defaultUser(); + $conf = Minz_Configuration::get('system'); + $current_user = $conf->general['default_user']; Minz_Session::_param('currentUser', $current_user); } @@ -40,7 +41,9 @@ class FreshRSS_Auth { * @return boolean true if user can be connected, false else. */ private static function accessControl() { - switch (Minz_Configuration::authType()) { + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; + switch ($auth_type) { case 'form': $credentials = FreshRSS_FormAuth::getCredentialsFromCookie(); $current_user = ''; @@ -79,22 +82,19 @@ class FreshRSS_Auth { * Gives access to the current user. */ public static function giveAccess() { - $current_user = Minz_Session::param('currentUser'); - try { - $conf = new FreshRSS_Configuration($current_user); - } catch(Minz_Exception $e) { - die($e->getMessage()); - } + $user_conf = Minz_Configuration::get('user'); + $system_conf = Minz_Configuration::get('system'); + $auth_type = $system_conf->general['auth_type']; - switch (Minz_Configuration::authType()) { + switch ($auth_type) { case 'form': - self::$login_ok = Minz_Session::param('passwordHash') === $conf->passwordHash; + self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash; break; case 'http_auth': self::$login_ok = strcasecmp($current_user, httpAuthUser()) === 0; break; case 'persona': - self::$login_ok = strcasecmp(Minz_Session::param('mail'), $conf->mail_login) === 0; + self::$login_ok = strcasecmp(Minz_Session::param('mail'), $user_conf->mail_login) === 0; break; case 'none': self::$login_ok = true; @@ -114,12 +114,14 @@ class FreshRSS_Auth { * @return boolean true if user has corresponding access, false else. */ public static function hasAccess($scope = 'general') { + $conf = Minz_Configuration::get('system'); + $default_user = $conf->general['default_user']; $ok = self::$login_ok; switch ($scope) { case 'general': break; case 'admin': - $ok &= Minz_Session::param('currentUser') === Minz_Configuration::defaultUser(); + $ok &= Minz_Session::param('currentUser') === $default_user; break; default: $ok = false; @@ -133,9 +135,10 @@ class FreshRSS_Auth { public static function removeAccess() { Minz_Session::_param('loginOk'); self::$login_ok = false; - Minz_Session::_param('currentUser', Minz_Configuration::defaultUser()); + $conf = Minz_Configuration::get('system'); + Minz_Session::_param('currentUser', $conf->general['default_user']); - switch (Minz_Configuration::authType()) { + switch ($conf->general['auth_type']) { case 'form': Minz_Session::_param('passwordHash'); FreshRSS_FormAuth::deleteCookie(); @@ -151,6 +154,15 @@ class FreshRSS_Auth { // TODO: extensions } } + + /** + * Return if authentication is enabled on this instance of FRSS. + */ + public static function accessNeedLogin() { + $conf = Minz_Configuration::get('system'); + $auth_type = $conf->general['auth_type']; + return $auth_type === 'form' || $auth_type === 'persona'; + } } diff --git a/app/Models/Context.php b/app/Models/Context.php index c8a65063a..9bbad9857 100644 --- a/app/Models/Context.php +++ b/app/Models/Context.php @@ -41,10 +41,10 @@ class FreshRSS_Context { */ public static function init() { // Init configuration. - $current_user = Minz_Session::param('currentUser'); try { - self::$conf = new FreshRSS_Configuration($current_user); + self::$conf = Minz_Configuration::get('user'); } catch(Minz_Exception $e) { + $current_user = Minz_Session::param('currentUser', '_'); Minz_Log::error('Cannot load configuration file of user `' . $current_user . '`'); die($e->getMessage()); } diff --git a/app/Models/Factory.php b/app/Models/Factory.php index 91cb84998..db09d155d 100644 --- a/app/Models/Factory.php +++ b/app/Models/Factory.php @@ -3,8 +3,8 @@ class FreshRSS_Factory { public static function createFeedDao($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_FeedDAOSQLite($username); } else { return new FreshRSS_FeedDAO($username); @@ -12,8 +12,8 @@ class FreshRSS_Factory { } public static function createEntryDao($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_EntryDAOSQLite($username); } else { return new FreshRSS_EntryDAO($username); @@ -21,8 +21,8 @@ class FreshRSS_Factory { } public static function createStatsDAO($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_StatsDAOSQLite($username); } else { return new FreshRSS_StatsDAO($username); @@ -30,8 +30,8 @@ class FreshRSS_Factory { } public static function createDatabaseDAO($username = null) { - $db = Minz_Configuration::dataBase(); - if ($db['type'] === 'sqlite') { + $conf = Minz_Configuration::get('system'); + if ($conf->db['type'] === 'sqlite') { return new FreshRSS_DatabaseDAOSQLite($username); } else { return new FreshRSS_DatabaseDAO($username); diff --git a/app/Models/Feed.php b/app/Models/Feed.php index 8f4b60097..071eafdf6 100644 --- a/app/Models/Feed.php +++ b/app/Models/Feed.php @@ -39,8 +39,9 @@ class FreshRSS_Feed extends Minz_Model { } public function hash() { + $conf = Minz_Configuration::get('system'); if ($this->hash === null) { - $this->hash = hash('crc32b', Minz_Configuration::salt() . $this->url); + $this->hash = hash('crc32b', $conf->general['salt'] . $this->url); } return $this->hash; } diff --git a/app/layout/header.phtml b/app/layout/header.phtml index ba13c2a45..2f16b5f63 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -1,5 +1,8 @@ <?php -if (Minz_Configuration::canLogIn()) { + +$conf = Minz_Configuration::get('system'); + +if (FreshRSS_Auth::accessNeedLogin()) { ?><ul class="nav nav-head nav-login"><?php if (FreshRSS_Auth::hasAccess()) { ?><li class="item"><?php echo _i('logout'); ?> <a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _t('gen.auth.logout'); ?></a></li><?php @@ -15,13 +18,13 @@ if (Minz_Configuration::canLogIn()) { <h1> <a href="<?php echo _url('index', 'index'); ?>"> <img class="logo" src="<?php echo _i('icon', true); ?>" alt="⊚" /> - <?php echo Minz_Configuration::title(); ?> + <?php echo $conf->general['title']; ?> </a> </h1> </div> <div class="item search"> - <?php if (FreshRSS_Auth::hasAccess() || Minz_Configuration::allowAnonymous()) { ?> + <?php if (FreshRSS_Auth::hasAccess() || $conf->general['allow_anonymous']) { ?> <form action="<?php echo _url('index', 'index'); ?>" method="get"> <div class="stick"> <?php $search = Minz_Request::param('search', ''); ?> @@ -76,14 +79,14 @@ if (Minz_Configuration::canLogIn()) { <li class="item"><a href="<?php echo _url('index', 'logs'); ?>"><?php echo _t('gen.menu.logs'); ?></a></li> <li class="item"><a href="<?php echo _url('index', 'about'); ?>"><?php echo _t('gen.menu.about'); ?></a></li> <?php - if (Minz_Configuration::canLogIn()) { + if (FreshRSS_Auth::accessNeedLogin()) { ?><li class="separator"></li> <li class="item"><a class="signout" href="<?php echo _url('auth', 'logout'); ?>"><?php echo _i('logout'), ' ', _t('gen.auth.logout'); ?></a></li><?php } ?> </ul> </div> </div> - <?php } elseif (Minz_Configuration::canLogIn()) { ?> + <?php } elseif (FreshRSS_Auth::accessNeedLogin()) { ?> <div class="item configure"> <?php echo _i('login'); ?><a class="signin" href="<?php echo _url('auth', 'login'); ?>"><?php echo _t('gen.auth.login'); ?></a> </div> diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml index 1827d6c26..656fbe9bc 100644 --- a/app/layout/layout.phtml +++ b/app/layout/layout.phtml @@ -10,6 +10,7 @@ <?php $this->renderHelper('javascript_vars'); ?> //]]></script> <?php + $conf = Minz_Configuration::get('system'); $url_base = Minz_Request::currentRequest(); if (FreshRSS_Context::$next_id !== '') { $url_next = $url_base; @@ -34,7 +35,7 @@ <link rel="apple-touch-icon" href="<?php echo Minz_Url::display('/themes/icons/apple-touch-icon.png'); ?>"> <meta name="apple-mobile-web-app-capable" content="yes" /> <meta name="apple-mobile-web-app-status-bar-style" content="black" /> - <meta name="apple-mobile-web-app-title" content="<?php echo Minz_Configuration::title(); ?>"> + <meta name="apple-mobile-web-app-title" content="<?php echo $conf->general['title'] ?>"> <meta name="msapplication-TileColor" content="#FFF" /> <meta name="robots" content="noindex,nofollow" /> </head> diff --git a/app/views/helpers/javascript_vars.phtml b/app/views/helpers/javascript_vars.phtml index 6577e0109..02f2014ee 100644 --- a/app/views/helpers/javascript_vars.phtml +++ b/app/views/helpers/javascript_vars.phtml @@ -1,6 +1,7 @@ "use strict"; <?php +$conf = Minz_Configuration::get('system'); $mark = FreshRSS_Context::$conf->mark_when; $mail = Minz_Session::param('mail', false); $auto_actualize = Minz_Session::param('actualize_feeds', false); @@ -29,7 +30,7 @@ echo 'var context={', 'does_lazyload:', FreshRSS_Context::$conf->lazyload ? 'true' : 'false', ',', 'sticky_post:', FreshRSS_Context::isStickyPostEnabled() ? 'true' : 'false', ',', 'html5_notif_timeout:', FreshRSS_Context::$conf->html5_notif_timeout, ',', - 'auth_type:"', Minz_Configuration::authType(), '",', + 'auth_type:"', $conf->general['auth_type'], '",', 'current_user_mail:', $mail ? ('"' . $mail . '"') : 'null', ',', 'current_view:"', Minz_Request::param('output', 'normal'), '"', "},\n"; |