diff options
author | Willi Eggeling <thewilli@gmail.com> | 2017-08-31 00:39:15 +0200 |
---|---|---|
committer | Willi Eggeling <thewilli@gmail.com> | 2017-09-03 11:46:49 +0200 |
commit | 27e21231e168e5a2a89563b2538a4f86df24e582 (patch) | |
tree | 851c51115ce4d01dd30e57a048f8ed8b2a3c4e1b | |
parent | 96a1c79456b27892b9221707803f29585565b9dc (diff) | |
download | Shaarli-27e21231e168e5a2a89563b2538a4f86df24e582.tar.gz Shaarli-27e21231e168e5a2a89563b2538a4f86df24e582.tar.zst Shaarli-27e21231e168e5a2a89563b2538a4f86df24e582.zip |
added option to redirect all anonymous users to login page
- new setting *force_login* added and documented
- if both, *force_login* and *hide_public_links* are set to true, all requests
(except for the feeds) are redirected to the login page
-rw-r--r-- | application/config/ConfigManager.php | 1 | ||||
-rw-r--r-- | doc/md/Shaarli-configuration.md | 2 | ||||
-rw-r--r-- | index.php | 17 |
3 files changed, 20 insertions, 0 deletions
diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php index fdd5b3d7..32f6ef6d 100644 --- a/application/config/ConfigManager.php +++ b/application/config/ConfigManager.php | |||
@@ -327,6 +327,7 @@ class ConfigManager | |||
327 | 327 | ||
328 | $this->setEmpty('privacy.default_private_links', false); | 328 | $this->setEmpty('privacy.default_private_links', false); |
329 | $this->setEmpty('privacy.hide_public_links', false); | 329 | $this->setEmpty('privacy.hide_public_links', false); |
330 | $this->setEmpty('privacy.force_login', false); | ||
330 | $this->setEmpty('privacy.hide_timestamps', false); | 331 | $this->setEmpty('privacy.hide_timestamps', false); |
331 | // default state of the 'remember me' checkbox of the login form | 332 | // default state of the 'remember me' checkbox of the login form |
332 | $this->setEmpty('privacy.remember_user_default', true); | 333 | $this->setEmpty('privacy.remember_user_default', true); |
diff --git a/doc/md/Shaarli-configuration.md b/doc/md/Shaarli-configuration.md index d90e95eb..37486414 100644 --- a/doc/md/Shaarli-configuration.md +++ b/doc/md/Shaarli-configuration.md | |||
@@ -90,6 +90,7 @@ _These settings should not be edited_ | |||
90 | 90 | ||
91 | - **default_private_links**: Check the private checkbox by default for every new link. | 91 | - **default_private_links**: Check the private checkbox by default for every new link. |
92 | - **hide_public_links**: All links are hidden while logged out. | 92 | - **hide_public_links**: All links are hidden while logged out. |
93 | - **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page. | ||
93 | - **hide_timestamps**: Timestamps are hidden. | 94 | - **hide_timestamps**: Timestamps are hidden. |
94 | - **remember_user_default**: Default state of the login page's *remember me* checkbox | 95 | - **remember_user_default**: Default state of the login page's *remember me* checkbox |
95 | - `true`: checked by default, `false`: unchecked by default | 96 | - `true`: checked by default, `false`: unchecked by default |
@@ -194,6 +195,7 @@ _These settings should not be edited_ | |||
194 | "privacy": { | 195 | "privacy": { |
195 | "default_private_links": true, | 196 | "default_private_links": true, |
196 | "hide_public_links": false, | 197 | "hide_public_links": false, |
198 | "force_login": false, | ||
197 | "hide_timestamps": false, | 199 | "hide_timestamps": false, |
198 | "remember_user_default": true | 200 | "remember_user_default": true |
199 | }, | 201 | }, |
@@ -718,6 +718,23 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history) | |||
718 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; | 718 | $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; |
719 | $targetPage = Router::findPage($query, $_GET, isLoggedIn()); | 719 | $targetPage = Router::findPage($query, $_GET, isLoggedIn()); |
720 | 720 | ||
721 | if ( | ||
722 | // if the user isn't logged in | ||
723 | !isLoggedIn() && | ||
724 | // and Shaarli doesn't have public content... | ||
725 | $conf->get('privacy.hide_public_links') && | ||
726 | // and is configured to enforce the login | ||
727 | $conf->get('privacy.force_login') && | ||
728 | // and the current page isn't already the login page | ||
729 | $targetPage !== Router::$PAGE_LOGIN && | ||
730 | // and the user is not requesting a feed (which would lead to a different content-type as expected) | ||
731 | $targetPage !== Router::$PAGE_FEED_ATOM && | ||
732 | $targetPage !== Router::$PAGE_FEED_RSS | ||
733 | ) { | ||
734 | // force current page to be the login page | ||
735 | $targetPage = Router::$PAGE_LOGIN; | ||
736 | } | ||
737 | |||
721 | // Call plugin hooks for header, footer and includes, specifying which page will be rendered. | 738 | // Call plugin hooks for header, footer and includes, specifying which page will be rendered. |
722 | // Then assign generated data to RainTPL. | 739 | // Then assign generated data to RainTPL. |
723 | $common_hooks = array( | 740 | $common_hooks = array( |