resolves #497 added feature to disable auth with a default user
This commit is contained in:
Marc Aschmann
parent
53bddf33a2
commit
1dcc483ccb
|
|
@ -14,6 +14,7 @@ use b8\Exception\HttpException;
|
|||
use b8\Http\Response;
|
||||
use b8\Http\Response\RedirectResponse;
|
||||
use b8\View;
|
||||
use Symfony\Component\Yaml\Parser;
|
||||
|
||||
/**
|
||||
* PHPCI Front Controller
|
||||
|
|
@ -43,11 +44,32 @@ class Application extends b8\Application
|
|||
return false;
|
||||
};
|
||||
|
||||
// load settings to check if there's a configured default user and auth disabled
|
||||
$skipAuth = function () {
|
||||
$parser = new Parser();
|
||||
$yaml = file_get_contents(APPLICATION_PATH . 'PHPCI/config.yml');
|
||||
$settings = $parser->parse($yaml);
|
||||
if ((!empty($settings['phpci']['authentication_settings']['state'])
|
||||
&& 1 == (int)$settings['phpci']['authentication_settings']['state'])
|
||||
&& !empty($settings['phpci']['authentication_settings']['user_id'])
|
||||
) {
|
||||
$user = b8\Store\Factory::getStore('User')
|
||||
->getByPrimaryKey($settings['phpci']['authentication_settings']['user_id']);
|
||||
|
||||
if ($user) {
|
||||
$_SESSION['user'] = $user;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return false;
|
||||
};
|
||||
|
||||
// Handler for the route we're about to register, checks for a valid session where necessary:
|
||||
$routeHandler = function (&$route, Response &$response) use (&$request, $validateSession) {
|
||||
$routeHandler = function (&$route, Response &$response) use (&$request, $validateSession, $skipAuth) {
|
||||
$skipValidation = in_array($route['controller'], array('session', 'webhook', 'build-status'));
|
||||
|
||||
if (!$skipValidation && !$validateSession()) {
|
||||
if (!$skipValidation && !$validateSession() && !$skipAuth()) {
|
||||
if ($request->isAjax()) {
|
||||
$response->setResponseCode(401);
|
||||
$response->setContent('');
|
||||
|
|
|
|||
|
|
@ -41,13 +41,19 @@ class SettingsController extends Controller
|
|||
$this->view->settings = $this->settings;
|
||||
|
||||
$emailSettings = array();
|
||||
$authenticationSettings = array();
|
||||
|
||||
if (isset($this->settings['phpci']['email_settings'])) {
|
||||
$emailSettings = $this->settings['phpci']['email_settings'];
|
||||
}
|
||||
|
||||
if (isset($this->settings['phpci']['authentication_settings'])) {
|
||||
$authenticationSettings = $this->settings['phpci']['authentication_settings'];
|
||||
}
|
||||
|
||||
$this->view->github = $this->getGithubForm();
|
||||
$this->view->emailSettings = $this->getEmailForm($emailSettings);
|
||||
$this->view->authenticationSettings = $this->getAuthenticationForm($authenticationSettings);
|
||||
$this->view->isWriteable = $this->canWriteConfig();
|
||||
|
||||
if (!empty($this->settings['phpci']['github']['token'])) {
|
||||
|
|
@ -86,6 +92,23 @@ class SettingsController extends Controller
|
|||
die;
|
||||
}
|
||||
|
||||
public function authentication()
|
||||
{
|
||||
$this->settings['phpci']['authentication_settings']['state'] = $this->getParam('disable_authentication', 0);
|
||||
$this->settings['phpci']['authentication_settings']['user_id'] = $_SESSION['user_id'];
|
||||
|
||||
$error = $this->storeSettings();
|
||||
|
||||
if ($error) {
|
||||
header('Location: ' . PHPCI_URL . 'settings?saved=2');
|
||||
} else {
|
||||
header('Location: ' . PHPCI_URL . 'settings?saved=1');
|
||||
}
|
||||
|
||||
die;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Github redirects users back to this URL when t
|
||||
*/
|
||||
|
|
@ -236,6 +259,36 @@ class SettingsController extends Controller
|
|||
return $form;
|
||||
}
|
||||
|
||||
protected function getAuthenticationForm($values = array())
|
||||
{
|
||||
$form = new Form();
|
||||
$form->setMethod('POST');
|
||||
$form->setAction(PHPCI_URL . 'settings/authentication');
|
||||
$form->addField(new Form\Element\Csrf('csrf'));
|
||||
|
||||
$field = new Form\Element\Checkbox('disable_authentication');
|
||||
$field->setCheckedValue(1);
|
||||
$field->setRequired(false);
|
||||
$field->setLabel('Disable Authentication?');
|
||||
$field->setContainerClass('form-group');
|
||||
$field->setValue(0);
|
||||
|
||||
if (isset($values['state'])) {
|
||||
$field->setValue((int)$values['state']);
|
||||
}
|
||||
|
||||
$form->addField($field);
|
||||
|
||||
$field = new Form\Element\Submit();
|
||||
$field->setValue('Save »');
|
||||
$field->setClass('btn btn-success pull-right');
|
||||
$form->addField($field);
|
||||
|
||||
$form->setValues($values);
|
||||
|
||||
return $form;
|
||||
}
|
||||
|
||||
protected function getGithubUser($token)
|
||||
{
|
||||
$http = new HttpClient('https://api.github.com');
|
||||
|
|
|
|||
|
|
@ -96,6 +96,27 @@
|
|||
<?php print $emailSettings; ?>
|
||||
</div>
|
||||
|
||||
<div class="col-lg-4">
|
||||
<!-- nothing -->
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="box">
|
||||
<div class="row">
|
||||
<div class="col-lg-12">
|
||||
<h3 class="title">Authentication Settings</h3>
|
||||
|
||||
<p class="alert alert-warning clearfix">
|
||||
Be careful: This setting disables authentication and uses your preconfigured admin account for all actions within phpci with admin rights.
|
||||
</p>
|
||||
|
||||
</div>
|
||||
|
||||
<div class="col-lg-8">
|
||||
<?php print $authenticationSettings; ?>
|
||||
</div>
|
||||
|
||||
<div class="col-lg-4">
|
||||
<!-- nothing -->
|
||||
</div>
|
||||
|
|
|
|||
Loading…
Reference in a new issue