From 4dd673157b05fea5fe3643f16e22d01bbf005fe9 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Thu, 13 Feb 2014 21:45:25 +0100 Subject: Add possibility to anonymous to refresh feeds Obviously, it's optional! (and deactivate by default) Need some more tests? See #351 --- app/Controllers/feedController.php | 4 +++- app/Controllers/usersController.php | 7 ++++++- app/i18n/en.php | 1 + app/i18n/fr.php | 1 + app/layout/nav_menu.phtml | 4 +++- app/views/configure/users.phtml | 10 ++++++++++ lib/Minz/Configuration.php | 19 ++++++++++++++++++- 7 files changed, 42 insertions(+), 4 deletions(-) diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 264607216..7114fc196 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -7,7 +7,9 @@ class FreshRSS_feed_Controller extends Minz_ActionController { $token_param = Minz_Request::param ('token', ''); $token_is_ok = ($token != '' && $token == $token_param); $action = Minz_Request::actionName (); - if (!($token_is_ok && $action === 'actualize')) { + if (!(($token_is_ok || Minz_Configuration::allowAnonymousRefresh()) && + $action === 'actualize') + ) { Minz_Error::error ( 403, array ('error' => array (Minz_Translate::t ('access_denied'))) diff --git a/app/Controllers/usersController.php b/app/Controllers/usersController.php index 8314b75fc..bb4f34c5e 100644 --- a/app/Controllers/usersController.php +++ b/app/Controllers/usersController.php @@ -54,11 +54,16 @@ class FreshRSS_users_Controller extends Minz_ActionController { $anon = Minz_Request::param('anon_access', false); $anon = ((bool)$anon) && ($anon !== 'no'); + $anon_refresh = Minz_Request::param('anon_refresh', false); + $anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no'); $auth_type = Minz_Request::param('auth_type', 'none'); if ($anon != Minz_Configuration::allowAnonymous() || - $auth_type != Minz_Configuration::authType()) { + $auth_type != Minz_Configuration::authType() || + $anon_refresh != Minz_Configuration::allowAnonymousRefresh()) { + Minz_Configuration::_authType($auth_type); Minz_Configuration::_allowAnonymous($anon); + Minz_Configuration::_allowAnonymousRefresh($anon_refresh); $ok &= Minz_Configuration::writeFile(); } } diff --git a/app/i18n/en.php b/app/i18n/en.php index 369853610..fd51eb1ca 100644 --- a/app/i18n/en.php +++ b/app/i18n/en.php @@ -175,6 +175,7 @@ return array ( 'password_form' => 'Password
(for the Web-form login method)', 'persona_connection_email' => 'Login mail address
(for Mozilla Persona)', 'allow_anonymous' => 'Allow anonymous reading of the articles of the default user (%s)', + 'allow_anonymous_refresh' => 'Allow anonymous refresh of the articles', 'auth_token' => 'Authentication token', 'explain_token' => 'Allows to access RSS output of the default user without authentication.
%s?output=rss&token=%s', 'login_configuration' => 'Login', diff --git a/app/i18n/fr.php b/app/i18n/fr.php index 275c3b1d8..17e26f493 100644 --- a/app/i18n/fr.php +++ b/app/i18n/fr.php @@ -175,6 +175,7 @@ return array ( 'default_user' => 'Nom de l’utilisateur par défaut (16 caractères alphanumériques maximum)', 'persona_connection_email' => 'Adresse courriel de connexion
(pour Mozilla Persona)', 'allow_anonymous' => 'Autoriser la lecture anonyme des articles de l’utilisateur par défaut (%s)', + 'allow_anonymous_refresh' => 'Autoriser le rafraîchissement anonyme des flux', 'auth_token' => 'Jeton d’identification', 'explain_token' => 'Permet d’accéder à la sortie RSS de l’utilisateur par défaut sans besoin de s’authentifier.
%s?output=rss&token=%s', 'login_configuration' => 'Identification', diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml index c807e6dd5..98064a6f7 100644 --- a/app/layout/nav_menu.phtml +++ b/app/layout/nav_menu.phtml @@ -6,9 +6,11 @@ - loginOk) { ?> + loginOk || Minz_Configuration::allowAnonymousRefresh()) { ?> + + loginOk) { ?> +
+
+ +
+
+
diff --git a/lib/Minz/Configuration.php b/lib/Minz/Configuration.php index 572b9984d..b3de9e39e 100644 --- a/lib/Minz/Configuration.php +++ b/lib/Minz/Configuration.php @@ -52,6 +52,7 @@ class Minz_Configuration { private static $delay_cache = 3600; private static $default_user = ''; private static $allow_anonymous = false; + private static $allow_anonymous_refresh = false; private static $auth_type = 'none'; private static $db = array ( @@ -118,6 +119,9 @@ class Minz_Configuration { public static function allowAnonymous() { return self::$allow_anonymous; } + public static function allowAnonymousRefresh() { + return self::$allow_anonymous_refresh; + } public static function authType() { return self::$auth_type; } @@ -131,6 +135,9 @@ class Minz_Configuration { public static function _allowAnonymous($allow = false) { self::$allow_anonymous = ((bool)$allow) && self::canLogIn(); } + public static function _allowAnonymousRefresh($allow = false) { + self::$allow_anonymous_refresh = ((bool)$allow) && self::allowAnonymous(); + } public static function _authType($value) { $value = strtolower($value); switch ($value) { @@ -170,6 +177,7 @@ class Minz_Configuration { 'title' => self::$title, 'default_user' => self::$default_user, 'allow_anonymous' => self::$allow_anonymous, + 'allow_anonymous_refresh' => self::$allow_anonymous_refresh, 'auth_type' => self::$auth_type, ), 'db' => self::$db, @@ -276,7 +284,16 @@ class Minz_Configuration { self::_authType($general['auth_type']); } if (isset ($general['allow_anonymous'])) { - self::$allow_anonymous = ((bool)($general['allow_anonymous'])) && ($general['allow_anonymous'] !== 'no'); + self::$allow_anonymous = ( + ((bool)($general['allow_anonymous'])) && + ($general['allow_anonymous'] !== 'no') + ); + } + if (isset ($general['allow_anonymous_refresh'])) { + self::$allow_anonymous_refresh = ( + ((bool)($general['allow_anonymous_refresh'])) && + ($general['allow_anonymous_refresh'] !== 'no') + ); } // Base de données -- cgit v1.2.3