From c5fe3bd6593d0a07c087d1e60ae2e4b8ab5f9fa9 Mon Sep 17 00:00:00 2001
From: Marien Fressinaud <dev@marienfressinaud.fr>
Date: Thu, 16 Oct 2014 15:25:46 +0200
Subject: Reorganize user pages

Three pages:

- User profil
- User management
- Authentication
---
 app/Controllers/authController.php | 60 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)

(limited to 'app/Controllers/authController.php')

diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php
index e30fa4b72..751ce1f3f 100644
--- a/app/Controllers/authController.php
+++ b/app/Controllers/authController.php
@@ -4,6 +4,66 @@
  * This controller handles action about authentication.
  */
 class FreshRSS_auth_Controller extends Minz_ActionController {
+	/**
+	 * This action handles authentication management page.
+	 *
+	 * Parameters are:
+	 *   - token (default: current token)
+	 *   - anon_access (default: false)
+	 *   - anon_refresh (default: false)
+	 *   - auth_type (default: none)
+	 *   - unsafe_autologin (default: false)
+	 *   - api_enabled (default: false)
+	 *
+	 * @todo move unsafe_autologin in an extension.
+	 */
+	public function indexAction() {
+		if (!FreshRSS_Auth::hasAccess('admin')) {
+			Minz_Error::error(403,
+			                  array('error' => array(_t('access_denied'))));
+		}
+
+		if (Minz_Request::isPost()) {
+			$ok = true;
+
+			$current_token = $this->view->conf->token;
+			$token = Minz_Request::param('token', $current_token);
+			$this->view->conf->_token($token);
+			$ok &= $this->view->conf->save();
+
+			$anon = Minz_Request::param('anon_access', false);
+			$anon = ((bool)$anon) && ($anon !== 'no');
+			$anon_refresh = Minz_Request::param('anon_refresh', false);
+			$anon_refresh = ((bool)$anon_refresh) && ($anon_refresh !== 'no');
+			$auth_type = Minz_Request::param('auth_type', 'none');
+			$unsafe_autologin = Minz_Request::param('unsafe_autologin', false);
+			$api_enabled = Minz_Request::param('api_enabled', false);
+			if ($anon != Minz_Configuration::allowAnonymous() ||
+				$auth_type != Minz_Configuration::authType() ||
+				$anon_refresh != Minz_Configuration::allowAnonymousRefresh() ||
+				$unsafe_autologin != Minz_Configuration::unsafeAutologinEnabled() ||
+				$api_enabled != Minz_Configuration::apiEnabled()) {
+
+				Minz_Configuration::_authType($auth_type);
+				Minz_Configuration::_allowAnonymous($anon);
+				Minz_Configuration::_allowAnonymousRefresh($anon_refresh);
+				Minz_Configuration::_enableAutologin($unsafe_autologin);
+				Minz_Configuration::_enableApi($api_enabled);
+				$ok &= Minz_Configuration::writeFile();
+			}
+
+			invalidateHttpCache();
+
+			if ($ok) {
+				Minz_Request::good('configuration_updated',
+				                   array('c' => 'auth', 'a' => 'index'));
+			} else {
+				Minz_Request::bad('error_occurred',
+				                  array('c' => 'auth', 'a' => 'index'));
+			}
+		}
+	}
+
 	/**
 	 * This action handles the login page.
 	 *
-- 
cgit v1.2.3