flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Removed getPrivateInfo from Application class.

Browse source
This commit is contained in:
flash 2018-10-05 09:33:26 +02:00
parent 3c41231985
commit 7ab2c69f5c
5 changed files with 30 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
misuzu.php
View file

@ -322,20 +322,22 @@ MIG;
empty($userDisplayInfo) ? ip_remote_address() : $_COOKIE['msz_sid'] empty($userDisplayInfo) ? ip_remote_address() : $_COOKIE['msz_sid']
); );
$privateInfo = $app->getPrivateInfo(); if (!$misuzuBypassLockdown && boolval(config_get_default(false, 'Private', 'enabled'))) {
if (!$misuzuBypassLockdown && $privateInfo['enabled']) {
if (user_session_active()) { if (user_session_active()) {
$generalPerms = perms_get_user(MSZ_PERMS_GENERAL, $userDisplayInfo['user_id']); $privatePermission = intval(config_get_default(0, 'Private', 'permission'));
if ($privateInfo['permission'] && !perms_check($generalPerms, $privateInfo['permission'])) { if ($privatePermission > 0) {
unset($userDisplayInfo); $generalPerms = perms_get_user(MSZ_PERMS_GENERAL, $userDisplayInfo['user_id']);
user_session_stop(); // au revoir
if (!perms_check($generalPerms, $privatePermission)) {
unset($userDisplayInfo);
user_session_stop(); // au revoir
}
} }
} else { } else {
http_response_code(401); http_response_code(401);
echo tpl_render('auth.private', [ echo tpl_render('auth.private', [
'private_info'=> $privateInfo, 'private_message'=> config_get_default('', 'Private', 'message'),
]); ]);
exit; exit;
} }

28
public/auth.php
View file

@ -15,8 +15,12 @@ $usernameValidationErrors = [
'in-use' => 'This username is already taken!', 'in-use' => 'This username is already taken!',
]; ];
$preventRegistration = $app->disableRegistration(); $siteIsPrivate = boolval(config_get_default(false, 'Private', 'enabled'));
$preventPasswordReset = ($privateInfo['enabled'] ?? false) && !($privateInfo['password_reset'] ?? true); $loginPermission = $siteIsPrivate ? intval(config_get_default(0, 'Private', 'permission')) : 0;
$canResetPassword = $siteIsPrivate ? boolval(config_get_default(false, 'Private', 'password_reset')) : true;
$canCreateAccount = !$siteIsPrivate
&& !boolval(config_get_default(false, 'Auth', 'lockdown'))
&& !boolval(config_get_default(false, 'Auth', 'prevent_registration'));
$authUsername = $isSubmission ? ($_POST['auth']['username'] ?? '') : ($_GET['username'] ?? ''); $authUsername = $isSubmission ? ($_POST['auth']['username'] ?? '') : ($_GET['username'] ?? '');
$authEmail = $isSubmission ? ($_POST['auth']['email'] ?? '') : ($_GET['email'] ?? ''); $authEmail = $isSubmission ? ($_POST['auth']['email'] ?? '') : ($_GET['email'] ?? '');
@ -24,8 +28,8 @@ $authPassword = $_POST['auth']['password'] ?? '';
$authVerification = $_POST['auth']['verification'] ?? ''; $authVerification = $_POST['auth']['verification'] ?? '';
tpl_vars([ tpl_vars([
'prevent_registration' => $preventRegistration, 'can_create_account' => $canCreateAccount,
'prevent_password_reset' => $preventPasswordReset, 'can_reset_password' => $canResetPassword,
'auth_mode' => $authMode, 'auth_mode' => $authMode,
'auth_username' => $authUsername, 'auth_username' => $authUsername,
'auth_email' => $authEmail, 'auth_email' => $authEmail,
@ -59,7 +63,7 @@ switch ($authMode) {
break; break;
} }
if ($preventPasswordReset) { if (!$canResetPassword) {
header('Location: /'); header('Location: /');
return; return;
} }
@ -151,7 +155,7 @@ switch ($authMode) {
break; break;
case 'forgot': case 'forgot':
if (user_session_active() || $preventPasswordReset) { if (user_session_active() || !$canResetPassword) {
header('Location: /'); header('Location: /');
break; break;
} }
@ -300,10 +304,10 @@ MSG;
user_login_attempt_record(true, $userId, $ipAddress, $userAgent); user_login_attempt_record(true, $userId, $ipAddress, $userAgent);
if (!empty($privateInfo['permission'])) { if ($loginPermission > 0) {
$generalPerms = perms_get_user(MSZ_PERMS_GENERAL, $userId); $generalPerms = perms_get_user(MSZ_PERMS_GENERAL, $userId);
if (!perms_check($generalPerms, $privateInfo['permission'])) { if (!perms_check($generalPerms, $loginPermission)) {
$authLoginError = 'Your credentials were correct, but your account lacks the proper permissions to use this website.'; $authLoginError = 'Your credentials were correct, but your account lacks the proper permissions to use this website.';
break; break;
} }
@ -327,8 +331,8 @@ MSG;
if (!empty($authLoginError)) { if (!empty($authLoginError)) {
tpl_var('auth_login_error', $authLoginError); tpl_var('auth_login_error', $authLoginError);
} elseif (!empty($privateInfo['enabled'])) { } elseif ($siteIsPrivate) {
tpl_var('auth_register_message', $privateInfo['message'] ?? ''); tpl_var('auth_register_message', config_get_default('', 'Private', 'message'));
} }
echo tpl_render('auth.auth'); echo tpl_render('auth.auth');
@ -342,8 +346,8 @@ MSG;
$authRegistrationError = ''; $authRegistrationError = '';
while ($isSubmission) { while ($isSubmission) {
if ($preventRegistration) { if (!$canCreateAccount) {
$authRegistrationError = 'Registration is not allowed on this instance.'; $authRegistrationError = 'You may not create an account right now.';
break; break;
} }

7
src/Application.php
View file

@ -124,15 +124,10 @@ final class Application
public function disableRegistration(): bool public function disableRegistration(): bool
{ {
return $this->underLockdown() return $this->underLockdown()
|| $this->getPrivateInfo()['enabled'] || boolval(config_get_default(false, 'Private', 'enabled'))
|| boolval(config_get_default(false, 'Auth', 'prevent_registration')); || boolval(config_get_default(false, 'Auth', 'prevent_registration'));
} }
public function getPrivateInfo(): array
{
return config_get_default(['enabled' => false], 'Private');
}
// used in some of the user functions still, fix that // used in some of the user functions still, fix that
public static function getInstance(): Application public static function getInstance(): Application
{ {

4
templates/auth/auth.twig
View file

@ -8,7 +8,7 @@
auth_register_message is defined auth_register_message is defined
) }} ) }}
{% if not prevent_registration %} {% if can_create_account %}
<form class="container container--new auth" method="post" action=""> <form class="container container--new auth" method="post" action="">
<input type="hidden" name="auth[mode]" value="register"> <input type="hidden" name="auth[mode]" value="register">
{{ 'register'|csrf|raw }} {{ 'register'|csrf|raw }}
@ -43,7 +43,7 @@
</form> </form>
{% endif %} {% endif %}
{% if not prevent_password_reset %} {% if can_reset_password %}
<form class="container container--new auth" method="post" action=""> <form class="container container--new auth" method="post" action="">
<input type="hidden" name="auth[mode]" value="forgot"> <input type="hidden" name="auth[mode]" value="forgot">
{{ 'passforgot'|csrf|raw }} {{ 'passforgot'|csrf|raw }}

2
templates/auth/private.twig
View file

@ -4,7 +4,7 @@
{% block content %} {% block content %}
{{ auth_login( {{ auth_login(
auth_username|default(''), auth_username|default(''),
auth_login_error|default(private_info.message|default('')), auth_login_error|default(private_message|default('')),
auth_login_error is not defined auth_login_error is not defined
) }} ) }}
{% endblock %} {% endblock %}