Removed lockdown feature for now.

2023-07-19 19:04:57 +00:00 · 2023-07-19 19:04:57 +00:00 · f5d8914991
commit f5d8914991
parent a09c8b7ef6
3 changed files with 0 additions and 32 deletions
--- a/public/index.php
+++ b/public/index.php
@ -55,7 +55,6 @@ $globals = $cfg->getValues([
    'eeprom.app:s',
    ['auth.secret:s', 'meow'],
    ['csrf.secret:s', 'soup'],
-    'private.enabled:b',
 ]);

 Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
@ -146,29 +145,6 @@ CSRF::init(
    (UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
 );

-if($globals['private.enabled']) {
-    $onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
-    $onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
-    $misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
-
-    if(!$misuzuBypassLockdown) {
-        if(UserSession::hasCurrent()) {
-            ['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
-
-            if(!empty($privatePermCat) && $privatePermVal > 0) {
-                if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
-                    // au revoir
-                    UserSession::unsetCurrent();
-                    User::unsetCurrent();
-                }
-            }
-        } elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
-            url_redirect('auth-login');
-            exit;
-        }
-    }
-}
-
 if(!empty($userInfo))
    Template::set('current_user', $userInfo);
 if(!empty($userInfoReal))