aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorWilli Eggeling <thewilli@gmail.com>2017-08-31 00:39:15 +0200
committerWilli Eggeling <thewilli@gmail.com>2017-09-03 11:46:49 +0200
commit27e21231e168e5a2a89563b2538a4f86df24e582 (patch)
tree851c51115ce4d01dd30e57a048f8ed8b2a3c4e1b
parent96a1c79456b27892b9221707803f29585565b9dc (diff)
downloadShaarli-27e21231e168e5a2a89563b2538a4f86df24e582.tar.gz
Shaarli-27e21231e168e5a2a89563b2538a4f86df24e582.tar.zst
Shaarli-27e21231e168e5a2a89563b2538a4f86df24e582.zip
added option to redirect all anonymous users to login page
- new setting *force_login* added and documented - if both, *force_login* and *hide_public_links* are set to true, all requests (except for the feeds) are redirected to the login page
-rw-r--r--application/config/ConfigManager.php1
-rw-r--r--doc/md/Shaarli-configuration.md2
-rw-r--r--index.php17
3 files changed, 20 insertions, 0 deletions
diff --git a/application/config/ConfigManager.php b/application/config/ConfigManager.php
index fdd5b3d7..32f6ef6d 100644
--- a/application/config/ConfigManager.php
+++ b/application/config/ConfigManager.php
@@ -327,6 +327,7 @@ class ConfigManager
327 327
328 $this->setEmpty('privacy.default_private_links', false); 328 $this->setEmpty('privacy.default_private_links', false);
329 $this->setEmpty('privacy.hide_public_links', false); 329 $this->setEmpty('privacy.hide_public_links', false);
330 $this->setEmpty('privacy.force_login', false);
330 $this->setEmpty('privacy.hide_timestamps', false); 331 $this->setEmpty('privacy.hide_timestamps', false);
331 // default state of the 'remember me' checkbox of the login form 332 // default state of the 'remember me' checkbox of the login form
332 $this->setEmpty('privacy.remember_user_default', true); 333 $this->setEmpty('privacy.remember_user_default', true);
diff --git a/doc/md/Shaarli-configuration.md b/doc/md/Shaarli-configuration.md
index d90e95eb..37486414 100644
--- a/doc/md/Shaarli-configuration.md
+++ b/doc/md/Shaarli-configuration.md
@@ -90,6 +90,7 @@ _These settings should not be edited_
90 90
91- **default_private_links**: Check the private checkbox by default for every new link. 91- **default_private_links**: Check the private checkbox by default for every new link.
92- **hide_public_links**: All links are hidden while logged out. 92- **hide_public_links**: All links are hidden while logged out.
93- **force_login**: if **hide_public_links** and this are set to `true`, all anonymous users are redirected to the login page.
93- **hide_timestamps**: Timestamps are hidden. 94- **hide_timestamps**: Timestamps are hidden.
94- **remember_user_default**: Default state of the login page's *remember me* checkbox 95- **remember_user_default**: Default state of the login page's *remember me* checkbox
95 - `true`: checked by default, `false`: unchecked by default 96 - `true`: checked by default, `false`: unchecked by default
@@ -194,6 +195,7 @@ _These settings should not be edited_
194 "privacy": { 195 "privacy": {
195 "default_private_links": true, 196 "default_private_links": true,
196 "hide_public_links": false, 197 "hide_public_links": false,
198 "force_login": false,
197 "hide_timestamps": false, 199 "hide_timestamps": false,
198 "remember_user_default": true 200 "remember_user_default": true
199 }, 201 },
diff --git a/index.php b/index.php
index 218d317d..fb00a9fa 100644
--- a/index.php
+++ b/index.php
@@ -718,6 +718,23 @@ function renderPage($conf, $pluginManager, $LINKSDB, $history)
718 $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : ''; 718 $query = (isset($_SERVER['QUERY_STRING'])) ? $_SERVER['QUERY_STRING'] : '';
719 $targetPage = Router::findPage($query, $_GET, isLoggedIn()); 719 $targetPage = Router::findPage($query, $_GET, isLoggedIn());
720 720
721 if (
722 // if the user isn't logged in
723 !isLoggedIn() &&
724 // and Shaarli doesn't have public content...
725 $conf->get('privacy.hide_public_links') &&
726 // and is configured to enforce the login
727 $conf->get('privacy.force_login') &&
728 // and the current page isn't already the login page
729 $targetPage !== Router::$PAGE_LOGIN &&
730 // and the user is not requesting a feed (which would lead to a different content-type as expected)
731 $targetPage !== Router::$PAGE_FEED_ATOM &&
732 $targetPage !== Router::$PAGE_FEED_RSS
733 ) {
734 // force current page to be the login page
735 $targetPage = Router::$PAGE_LOGIN;
736 }
737
721 // Call plugin hooks for header, footer and includes, specifying which page will be rendered. 738 // Call plugin hooks for header, footer and includes, specifying which page will be rendered.
722 // Then assign generated data to RainTPL. 739 // Then assign generated data to RainTPL.
723 $common_hooks = array( 740 $common_hooks = array(