From d27efeec04c7c41cf0f52bc7f89879e66f2e44a9 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Tue, 6 Jan 2015 17:38:31 +0100 Subject: Fix Controllers to use the correct config system See https://github.com/FreshRSS/FreshRSS/issues/730 --- lib/lib_rss.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/lib_rss.php') diff --git a/lib/lib_rss.php b/lib/lib_rss.php index d450ec858..3a929631e 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -119,7 +119,8 @@ function html_only_entity_decode($text) { } function customSimplePie() { - $limits = Minz_Configuration::limits(); + $system_conf = Minz_Configuration::get('system'); + $limits = $system_conf->limits; $simplePie = new SimplePie(); $simplePie->set_useragent(_t('gen.freshrss') . '/' . FRESHRSS_VERSION . ' (' . PHP_OS . '; ' . FRESHRSS_WEBSITE . ') ' . SIMPLEPIE_NAME . '/' . SIMPLEPIE_VERSION); $simplePie->set_cache_location(CACHE_PATH); -- cgit v1.2.3 From dd41642ce617ccf873974d884043c21c1fe10223 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Tue, 6 Jan 2015 21:40:19 +0100 Subject: Fix calls to FreshRSS_Configuration Replaced by a get_user_configuration() function in lib_rss. This function register a new configuration based on the given username and return the corresponding configuration. See https://github.com/FreshRSS/FreshRSS/issues/730 --- app/Controllers/authController.php | 33 +++++++++++++------------------- app/Controllers/javascriptController.php | 2 +- lib/lib_rss.php | 23 ++++++++++++++++++++++ 3 files changed, 37 insertions(+), 21 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index 02b8119e9..e1f895412 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -121,12 +121,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $username = Minz_Request::param('username', ''); $challenge = Minz_Request::param('challenge', ''); - // TODO #730: change the way to get the configuration - try { - $conf = new FreshRSS_Configuration($username); - } catch(Minz_Exception $e) { - // $username is not a valid user, nor the configuration file! - Minz_Log::warning('Login failure: ' . $e->getMessage()); + $conf = get_user_configuration($username); + if (is_null($conf)) { Minz_Request::bad(_t('feedback.auth.login.invalid'), array('c' => 'auth', 'a' => 'login')); } @@ -167,12 +163,8 @@ class FreshRSS_auth_Controller extends Minz_ActionController { return; } - // TODO #730: change the way to get the configuration - try { - $conf = new FreshRSS_Configuration($username); - } catch(Minz_Exception $e) { - // $username is not a valid user, nor the configuration file! - Minz_Log::warning('Login failure: ' . $e->getMessage()); + $conf = get_user_configuration($username); + if (is_null($conf)) { return; } @@ -240,14 +232,12 @@ class FreshRSS_auth_Controller extends Minz_ActionController { $persona_file = DATA_PATH . '/persona/' . $email . '.txt'; if (($current_user = @file_get_contents($persona_file)) !== false) { $current_user = trim($current_user); - // TODO #730: change the way to get the configuration - try { - $conf = new FreshRSS_Configuration($current_user); + $conf = get_user_configuration($current_user); + if (!is_null($conf)) { $login_ok = strcasecmp($email, $conf->mail_login) === 0; - } catch (Minz_Exception $e) { - //Permission denied or conf file does not exist + } else { $reason = 'Invalid configuration for user ' . - '[' . $current_user . '] ' . $e->getMessage(); + '[' . $current_user . ']'; } } } else { @@ -309,8 +299,11 @@ class FreshRSS_auth_Controller extends Minz_ActionController { return; } - // TODO #730 - $conf = new FreshRSS_Configuration(FreshRSS_Context::$system_conf->default_user); + $conf = get_user_configuration(FreshRSS_Context::$system_conf->default_user); + if (is_null($conf)) { + return; + } + // Admin user must have set its master password. if (!$conf->passwordHash) { $this->view->message = array( diff --git a/app/Controllers/javascriptController.php b/app/Controllers/javascriptController.php index acd3fef69..421cf6f72 100755 --- a/app/Controllers/javascriptController.php +++ b/app/Controllers/javascriptController.php @@ -29,7 +29,7 @@ class FreshRSS_javascript_Controller extends Minz_ActionController { if (ctype_alnum($user)) { try { $salt = FreshRSS_Context::$system_conf->salt; - $conf = new FreshRSS_Configuration($user); + $conf = get_user_configuration($user); $s = $conf->passwordHash; if (strlen($s) >= 60) { $this->view->salt1 = substr($s, 0, 29); //CRYPT_BLOWFISH Salt: "$2a$", a two digit cost parameter, "$", and 22 characters from the alphabet "./0-9A-Za-z". diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 3a929631e..8bfc6eb10 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -237,6 +237,29 @@ function listUsers() { return $final_list; } + +/** + * Register and return the configuration for a given user. + * + * Note this function has been created to generate temporary configuration + * objects. If you need a long-time configuration, please don't use this function. + * + * @param $username the name of the user of which we want the configuration. + * @return a Minz_Configuration object, null if the configuration cannot be loaded. + */ +function get_user_configuration($username) { + $namespace = time() . '_user_' . $username; + try { + Minz_Configuration::register($namespace, + join_path(USERS_PATH, $username, 'config.php'), + join_path(USERS_PATH, '_', 'config.default.php')); + return Minz_Configuration::get($namespace); + } catch(Minz_ConfigurationException $e) { + return null; + } +} + + function httpAuthUser() { return isset($_SERVER['REMOTE_USER']) ? $_SERVER['REMOTE_USER'] : ''; } -- cgit v1.2.3 From 8e6ab12e89504e3c44f766d319ac00cc7d58810a Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Tue, 6 Jan 2015 22:43:24 +0100 Subject: Fix a bug in FreshRSS_Auth::giveAccess() See https://github.com/FreshRSS/FreshRSS/issues/730 --- app/Models/Auth.php | 6 +++--- lib/lib_rss.php | 8 ++++++-- 2 files changed, 9 insertions(+), 5 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Models/Auth.php b/app/Models/Auth.php index 917e151ca..4e7a71947 100644 --- a/app/Models/Auth.php +++ b/app/Models/Auth.php @@ -82,11 +82,11 @@ class FreshRSS_Auth { * Gives access to the current user. */ public static function giveAccess() { - $user_conf = Minz_Configuration::get('user'); + $current_user = Minz_Session::param('currentUser'); + $user_conf = get_user_configuration($current_user); $system_conf = Minz_Configuration::get('system'); - $auth_type = $system_conf->auth_type; - switch ($auth_type) { + switch ($system_conf->auth_type) { case 'form': self::$login_ok = Minz_Session::param('passwordHash') === $user_conf->passwordHash; break; diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 8bfc6eb10..14b6e854d 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -253,10 +253,14 @@ function get_user_configuration($username) { Minz_Configuration::register($namespace, join_path(USERS_PATH, $username, 'config.php'), join_path(USERS_PATH, '_', 'config.default.php')); - return Minz_Configuration::get($namespace); - } catch(Minz_ConfigurationException $e) { + } catch (Minz_ConfigurationNamespaceException $e) { + // namespace already exists, do nothing. + } catch (Minz_FileNotExistException $e) { + Minz_Log::warning($e->getMessage()); return null; } + + return Minz_Configuration::get($namespace); } -- cgit v1.2.3 From 09545b0a654c6bec9ddae9632de71860e8b07c08 Mon Sep 17 00:00:00 2001 From: Marien Fressinaud Date: Wed, 7 Jan 2015 15:37:24 +0100 Subject: Fix calls to remove_query_by_get() The function has been moved into lib_rss.php See https://github.com/FreshRSS/FreshRSS/issues/730 --- app/Controllers/categoryController.php | 6 ++++-- app/Controllers/feedController.php | 3 ++- lib/lib_rss.php | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 3 deletions(-) (limited to 'lib/lib_rss.php') diff --git a/app/Controllers/categoryController.php b/app/Controllers/categoryController.php index c90e55ea7..e65c146de 100644 --- a/app/Controllers/categoryController.php +++ b/app/Controllers/categoryController.php @@ -141,7 +141,8 @@ class FreshRSS_category_Controller extends Minz_ActionController { } // Remove related queries. - FreshRSS_Context::$user_conf->remove_query_by_get('c_' . $id); + FreshRSS_Context::$user_conf->queries = remove_query_by_get( + 'c_' . $id, FreshRSS_Context::$user_conf->queries); FreshRSS_Context::$user_conf->save(); Minz_Request::good(_t('feedback.sub.category.deleted'), $url_redirect); @@ -177,7 +178,8 @@ class FreshRSS_category_Controller extends Minz_ActionController { // Remove related queries foreach ($feeds as $feed) { - FreshRSS_Context::$user_conf->remove_query_by_get('f_' . $feed->id()); + FreshRSS_Context::$user_conf->queries = remove_query_by_get( + 'f_' . $feed->id(), FreshRSS_Context::$user_conf->queries); } FreshRSS_Context::$user_conf->save(); diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index c22669361..c110fda4e 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -477,7 +477,8 @@ class FreshRSS_feed_Controller extends Minz_ActionController { // TODO: Delete old favicon // Remove related queries - FreshRSS_Context::$user_conf->remove_query_by_get('f_' . $id); + FreshRSS_Context::$user_conf->queries = remove_query_by_get( + 'f_' . $id, FreshRSS_Context::$user_conf->queries); FreshRSS_Context::$user_conf->save(); Minz_Request::good(_t('feedback.sub.feed.deleted'), $redirect_url); diff --git a/lib/lib_rss.php b/lib/lib_rss.php index 14b6e854d..ffd56eae4 100644 --- a/lib/lib_rss.php +++ b/lib/lib_rss.php @@ -387,3 +387,20 @@ function recursive_unlink($dir) { } return rmdir($dir); } + + +/** + * Remove queries where $get is appearing. + * @param $get the get attribute which should be removed. + * @param $queries an array of queries. + * @return the same array whithout those where $get is appearing. + */ +function remove_query_by_get($get, $queries) { + $final_queries = array(); + foreach ($queries as $key => $query) { + if (empty($query['get']) || $query['get'] !== $get) { + $final_queries[$key] = $query; + } + } + return $final_queries; +} -- cgit v1.2.3