Merge pull request #961 from thewilli/private-shaarli-login-redirect

added option to redirect all anonymous users to login page
author: VirtualTam <virtualtam+github@flibidi.net> 2017-09-18 21:25:02 +0200
committer: GitHub <noreply@github.com> 2017-09-18 21:25:02 +0200
commit: fc1c1b8869817f5864c72d57385761b9124603da (patch)
tree: 4798f2e5ac2547cac90cfe5f316f3a5664f2cc4f
parent: ceb738c59163b47e9c875764c9d3223bbc1eba24 (diff)
parent: 27e21231e168e5a2a89563b2538a4f86df24e582 (diff)
download: Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.tar.gz
Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.tar.zst
Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.zip
3 files changed, 20 insertions, 0 deletions
diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php
index fdd5b3d7..32f6ef6d 100644
--- a/application/config/ConfigManager.php
+++ b/application/config/ConfigManager.php
@@ -327,6 +327,7 @@ class ConfigManager
        $this->setEmpty('privacy.default_private_links', false);
        $this->setEmpty('privacy.hide_public_links', false);
+        $this->setEmpty('privacy.force_login', false);
        $this->setEmpty('privacy.hide_timestamps', false);
        // default state of the 'remember me' checkbox of the login form
        $this->setEmpty('privacy.remember_user_default', true);
diff --git a/doc/md/Shaarli-configuration.md b/doc/md/Shaarli-configuration.md
index d90e95eb..37486414 100644
--- a/doc/md/Shaarli-configuration.md
+++ b/doc/md/Shaarli-configuration.md
@@ -90,6 +90,7 @@ _These settings should not be edited_
 - **default_private_links**: Check the private checkbox by default for every new link.  
 - **hide_public_links**: All links are hidden while logged out.  
+- **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page.
 - **hide_timestamps**: Timestamps are hidden.
 - **remember_user_default**: Default state of the login page's *remember me* checkbox
    - `true`: checked by default, `false`: unchecked by default
@@ -194,6 +195,7 @@ _These settings should not be edited_
    "privacy": {
        "default_private_links": true,
        "hide_public_links": false,
+        "force_login": false,
        "hide_timestamps": false,
        "remember_user_default": true
    },
diff --git a/index.php b/index.php
index 218d317d..fb00a9fa 100644
--- a/index.php
+++ b/index.php
@@ -718,6 +718,23 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
    $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : '';
    $targetPage = Router::findPage($query, $_GET, isLoggedIn());
+    if (
+        // if the user isn't logged in
+        !isLoggedIn() &&
+        // and Shaarli doesn't have public content...
+        $conf->get('privacy.hide_public_links') &&
+        // and is configured to enforce the login
+        $conf->get('privacy.force_login') &&
+        // and the current page isn't already the login page
+        $targetPage !== Router::$PAGE_LOGIN &&
+        // and the user is not requesting a feed (which would lead to a different content-type as expected)
+        $targetPage !== Router::$PAGE_FEED_ATOM &&
+        $targetPage !== Router::$PAGE_FEED_RSS
+    ) {
+        // force current page to be the login page
+        $targetPage = Router::$PAGE_LOGIN;
+    }
    // Call plugin hooks for header, footer and includes, specifying which page will be rendered.
    // Then assign generated data to RainTPL.
    $common_hooks = array(
author	VirtualTam <virtualtam+github@flibidi.net>	2017-09-18 21:25:02 +0200
committer	GitHub <noreply@github.com>	2017-09-18 21:25:02 +0200
commit	fc1c1b8869817f5864c72d57385761b9124603da (patch)
tree	4798f2e5ac2547cac90cfe5f316f3a5664f2cc4f
parent	ceb738c59163b47e9c875764c9d3223bbc1eba24 (diff)
parent	27e21231e168e5a2a89563b2538a4f86df24e582 (diff)
download	Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.tar.gz Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.tar.zst Shaarli-fc1c1b8869817f5864c72d57385761b9124603da.zip