aboutsummaryrefslogtreecommitdiff
path: root/flakes/mypackages/pkgs/webapps/spip
diff options
context:
space:
mode:
authorIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-04 01:35:06 +0200
committerIsmaël Bouya <ismael.bouya@normalesup.org>2023-10-04 02:11:48 +0200
commit1a64deeb894dc95e2645a75771732c6cc53a79ad (patch)
tree1b9df4838f894577a09b9b260151756272efeb53 /flakes/mypackages/pkgs/webapps/spip
parentfa25ffd4583cc362075cd5e1b4130f33306103f0 (diff)
downloadNix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.gz
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.tar.zst
Nix-1a64deeb894dc95e2645a75771732c6cc53a79ad.zip
Squash changes containing private information
There were a lot of changes since the previous commit, but a lot of them contained personnal information about users. All thos changes got stashed into a single commit (history is kept in a different place) and private information was moved in a separate private repository
Diffstat (limited to 'flakes/mypackages/pkgs/webapps/spip')
-rw-r--r--flakes/mypackages/pkgs/webapps/spip/default.nix32
-rw-r--r--flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch60
-rw-r--r--flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php18
3 files changed, 110 insertions, 0 deletions
diff --git a/flakes/mypackages/pkgs/webapps/spip/default.nix b/flakes/mypackages/pkgs/webapps/spip/default.nix
new file mode 100644
index 0000000..20d5c8c
--- /dev/null
+++ b/flakes/mypackages/pkgs/webapps/spip/default.nix
@@ -0,0 +1,32 @@
1{ siteName ? "spip"
2, siteDir ? runCommand "empty" { preferLocalBuild = true; } "mkdir -p $out"
3, environment ? "prod"
4, ldap ? false
5, varDir ? "/var/lib/${siteName}_${environment}"
6, lib, fetchzip, runCommand, stdenv }:
7let
8 app = stdenv.mkDerivation rec {
9 name = "${siteName}-${environment}-spip-${version}";
10 version = "3.2.7";
11 src = fetchzip {
12 url = "https://files.spip.net/spip/archives/SPIP-v${version}.zip";
13 sha256 = "0n4kc95nhn524zbb11bpfjs965pm4v026s3m3q44pl8nyms91r33";
14 };
15 paches = lib.optionals ldap [ ./spip_ldap_patch.patch ];
16 buildPhase = ''
17 rm -rf IMG local tmp config/remove.txt
18 ln -sf ${./spip_mes_options.php} config/mes_options.php
19 echo "Require all denied" > "config/.htaccess"
20 ln -sf ${varDir}/{IMG,local} .
21 '';
22 installPhase = ''
23 cp -a . $out
24 cp -a ${siteDir}/* $out
25 '';
26 passthru = {
27 inherit siteName siteDir environment varDir;
28 webRoot = app;
29 spipConfig = ./spip_mes_options.php;
30 };
31 };
32in app
diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch
new file mode 100644
index 0000000..653c909
--- /dev/null
+++ b/flakes/mypackages/pkgs/webapps/spip/spip_ldap_patch.patch
@@ -0,0 +1,60 @@
1--- old/ecrire/auth/ldap.php 2017-06-08 21:58:17.000000000 +0200
2+++ new/ecrire/auth/ldap.php 2017-06-10 02:54:02.687954143 +0200
3@@ -171,24 +171,41 @@
4 $desc = isset($ldap['attributes']) && $ldap['attributes'] ? $ldap['attributes'] : $GLOBALS['ldap_attributes'] ;
5
6 $logins = is_array($desc['login']) ? $desc['login'] : array($desc['login']);
7+ if (isset($GLOBALS['ldap_search'])) {
8+ $search_query = str_replace("%user%", $login_search, $GLOBALS['ldap_search']);
9+ $result = @ldap_search($ldap_link, $ldap_base, $search_query, array("dn"));
10+ $info = @ldap_get_entries($ldap_link, $result);
11+ // Ne pas accepter les resultats si plus d'une entree
12+ // (on veut un attribut unique)
13
14- // Tenter une recherche pour essayer de retrouver le DN
15- foreach ($logins as $att) {
16- $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn"));
17- $info = @ldap_get_entries($ldap_link, $result);
18- // Ne pas accepter les resultats si plus d'une entree
19- // (on veut un attribut unique)
20+ if (is_array($info) and $info['count'] == 1) {
21+ $dn = $info[0]['dn'];
22+ if (!$checkpass) {
23+ return $dn;
24+ }
25+ if (@ldap_bind($ldap_link, $dn, $pass)) {
26+ return $dn;
27+ }
28+ }
29+ } else {
30+ // Tenter une recherche pour essayer de retrouver le DN
31+ foreach ($logins as $att) {
32+ $result = @ldap_search($ldap_link, $ldap_base, "$att=$login_search", array("dn"));
33+ $info = @ldap_get_entries($ldap_link, $result);
34+ // Ne pas accepter les resultats si plus d'une entree
35+ // (on veut un attribut unique)
36
37- if (is_array($info) and $info['count'] == 1) {
38- $dn = $info[0]['dn'];
39- if (!$checkpass) {
40- return $dn;
41- }
42- if (@ldap_bind($ldap_link, $dn, $pass)) {
43- return $dn;
44- }
45- }
46- }
47+ if (is_array($info) and $info['count'] == 1) {
48+ $dn = $info[0]['dn'];
49+ if (!$checkpass) {
50+ return $dn;
51+ }
52+ if (@ldap_bind($ldap_link, $dn, $pass)) {
53+ return $dn;
54+ }
55+ }
56+ }
57+ }
58
59 if ($checkpass and !isset($dn)) {
60 // Si echec, essayer de deviner le DN
diff --git a/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php
new file mode 100644
index 0000000..8db8389
--- /dev/null
+++ b/flakes/mypackages/pkgs/webapps/spip/spip_mes_options.php
@@ -0,0 +1,18 @@
1<?php // /!\ Important: There must be no blank space before &lt;?php or after ?&gt;
2// This file was inspired from the spip contrib website
3// http://www.spip.net/fr_article3811.html
4
5$config_dir = getenv('SPIP_CONFIG_DIR') . '/';
6$var_dir = getenv('SPIP_VAR_DIR') . '/';
7
8$cookie_prefix = str_replace('.', '_', getenv("SPIP_SITE"));
9$table_prefix = 'spip';
10
11spip_initialisation(
12 $config_dir,
13 _DIR_RACINE . _NOM_PERMANENTS_ACCESSIBLES,
14 $var_dir . _NOM_TEMPORAIRES_INACCESSIBLES,
15 _DIR_RACINE . _NOM_TEMPORAIRES_ACCESSIBLES
16);
17
18?>