mirror of
https://github.com/e107inc/e107.git
synced 2025-06-05 18:35:01 +02:00
Disable system/xup/test by default
Now guests can't snoop there unless the admin allows it. Documentation has been improved accordingly.
This commit is contained in:
Nick Liu
parent
c260152b57
commit
bc4ade5a27
@ -91,6 +91,15 @@ class core_system_xup_controller extends eController
|
||||
|
||||
public function actionTest()
|
||||
{
|
||||
require_once(e_PLUGIN . "social/SocialLoginConfigManager.php");
|
||||
$manager = new SocialLoginConfigManager(e107::getConfig());
|
||||
|
||||
if (!$manager->isFlagActive($manager::ENABLE_BIT_TEST_PAGE))
|
||||
{
|
||||
e107::getRedirect()->redirect(SITEURL);
|
||||
return;
|
||||
}
|
||||
|
||||
echo '<h3>'.LAN_XUP_ERRM_07.'</h3>';
|
||||
|
||||
if(getperms('0'))
|
||||
@ -122,8 +131,6 @@ class core_system_xup_controller extends eController
|
||||
|
||||
|
||||
$testUrl = SITEURL."?route=system/xup/test";
|
||||
require_once(e_PLUGIN . "social/SocialLoginConfigManager.php");
|
||||
$manager = new SocialLoginConfigManager(e107::getConfig());
|
||||
$providers = $manager->getValidConfiguredProviderConfigs();
|
||||
|
||||
foreach($providers as $key=>$var)
|
||||
|
||||
@ -124,7 +124,7 @@ define("LAN_XUP_ERRM_04", "Signup failed! User already signed in.");
|
||||
define("LAN_XUP_ERRM_05", "Signup failed! User already exists. Please use 'login' instead.");
|
||||
define("LAN_XUP_ERRM_06", "Signup failed! Can't access user email - registration without an email is impossible.");
|
||||
define("LAN_XUP_ERRM_07", "Social Login Tester");
|
||||
define("LAN_XUP_ERRM_08", "Please logout of e107 before testing the new-user login/signup procedure.");
|
||||
define("LAN_XUP_ERRM_08", "Please log out of e107 before testing the user login/signup procedure.");
|
||||
define("LAN_XUP_ERRM_09", "Test login only with [x]");
|
||||
define("LAN_XUP_ERRM_10", "Test signup/login with [x]");
|
||||
define("LAN_XUP_ERRM_11", "Logged in:");
|
||||
|
||||
@ -13,6 +13,11 @@ require_once(e_HANDLER . "user_handler.php");
|
||||
class SocialLoginConfigManager
|
||||
{
|
||||
const SOCIAL_LOGIN_PREF = "social_login";
|
||||
|
||||
const SOCIAL_LOGIN_FLAGS = "social_login_active";
|
||||
const ENABLE_BIT_GLOBAL = 0;
|
||||
const ENABLE_BIT_TEST_PAGE = 1;
|
||||
|
||||
/**
|
||||
* @var e_pref
|
||||
*/
|
||||
@ -28,6 +33,31 @@ class SocialLoginConfigManager
|
||||
$this->config = $config;
|
||||
}
|
||||
|
||||
/**
|
||||
* Check a social login boolean (toggle) setting
|
||||
* @param int $bit Which setting to check
|
||||
* @return boolean TRUE if the setting is enabled, FALSE otherwise
|
||||
*/
|
||||
public function isFlagActive($bit = self::ENABLE_BIT_GLOBAL)
|
||||
{
|
||||
return (bool)($this->config->get(self::SOCIAL_LOGIN_FLAGS) & 1 << $bit);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set a social login boolean (toggle) setting
|
||||
* @param int $bit Which setting to change
|
||||
* @param boolean $active TRUE to enable the setting, FALSE to disable the setting
|
||||
*/
|
||||
public function setFlag($bit, $active)
|
||||
{
|
||||
$flags = $this->config->get(self::SOCIAL_LOGIN_FLAGS);
|
||||
if (!is_numeric($flags)) $flags = 0x0;
|
||||
|
||||
$flags = $flags & ~(1 << $bit) | ($active << $bit);
|
||||
$this->config->set(self::SOCIAL_LOGIN_FLAGS, $flags);
|
||||
$this->saveConfig();
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks whether the specified social login provider is enabled
|
||||
* @param $providerName string The un-normalized name of the provider to check
|
||||
@ -60,7 +90,7 @@ class SocialLoginConfigManager
|
||||
* $options['keys']['id'] string The OAuth1 client key or OAuth2 client ID
|
||||
* $options['keys']['secret'] string The OAuth1 or OAuth2 client secret
|
||||
* $options['scope'] string OAuth2 scopes, space-delimited
|
||||
* @see SocialLoginConfigManager::saveProviderConfig() to commit to database.
|
||||
* @see SocialLoginConfigManager::saveConfig() to commit to database.
|
||||
*
|
||||
*/
|
||||
public function setProviderConfig($providerName, $options)
|
||||
@ -97,7 +127,7 @@ class SocialLoginConfigManager
|
||||
return count($array);
|
||||
}
|
||||
|
||||
public function saveProviderConfig()
|
||||
public function saveConfig()
|
||||
{
|
||||
$this->config->save(true, false, false);
|
||||
}
|
||||
|
||||
@ -114,7 +114,9 @@ class social_ui extends e_admin_ui
|
||||
|
||||
protected $social_external = array();
|
||||
|
||||
public function init()
|
||||
const TEST_URL = SITEURL."?route=system/xup/test";
|
||||
|
||||
public function init()
|
||||
{
|
||||
$this->social_login_config_manager = new SocialLoginConfigManager(e107::getConfig());
|
||||
|
||||
@ -126,7 +128,10 @@ class social_ui extends e_admin_ui
|
||||
{
|
||||
$this->social_login_config_manager->setProviderConfig($provider_name, $raw_updated_social_login);
|
||||
}
|
||||
$cfg->setPref('social_login_active', $_POST['social_login_active']);
|
||||
$social_login_flags =
|
||||
!!$_POST['social_login_active'] << SocialLoginConfigManager::ENABLE_BIT_GLOBAL |
|
||||
!!$_POST['social_login_test_page'] << SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE;
|
||||
$cfg->setPref(SocialLoginConfigManager::SOCIAL_LOGIN_FLAGS, $social_login_flags);
|
||||
$cfg->setPref('xurl', $_POST['xurl']);
|
||||
$cfg->save(true, true, true);
|
||||
|
||||
@ -195,9 +200,7 @@ class social_ui extends e_admin_ui
|
||||
|
||||
function renderHelp()
|
||||
{
|
||||
$this->testUrl = SITEURL."?route=system/xup/test";
|
||||
|
||||
$notice = "".LAN_SOCIAL_ADMIN_08." <br /><a href='".$this->testUrl."' rel='external'>".$this->testUrl."</a>";
|
||||
$notice = "".LAN_SOCIAL_ADMIN_08." <br /><a href='".self::TEST_URL."' rel='external'>".self::TEST_URL."</a>";
|
||||
|
||||
$callBack = SITEURL."index.php";
|
||||
$notice .= "<br /><br />".LAN_SOCIAL_ADMIN_09."</br ><a href='".$callBack."'>".$callBack."</a>";
|
||||
@ -213,6 +216,7 @@ class social_ui extends e_admin_ui
|
||||
$ns = e107::getRender();
|
||||
$frm = e107::getForm();
|
||||
$pref = e107::pref('core');
|
||||
$slcm = $this->social_login_config_manager;
|
||||
|
||||
require_once("social_setup.php");
|
||||
$social_setup = new social_setup();
|
||||
@ -228,17 +232,27 @@ class social_ui extends e_admin_ui
|
||||
</colgroup>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td><label for='social-login-active'>".LAN_SOCIAL_ADMIN_02."</label>
|
||||
<td><label for='social-login-active-1'>".LAN_SOCIAL_ADMIN_02."</label>
|
||||
</td>
|
||||
<td>
|
||||
".$frm->radio_switch('social_login_active', $pref['social_login_active'])."
|
||||
".$frm->radio_switch('social_login_active', $slcm->isFlagActive($slcm::ENABLE_BIT_GLOBAL))."
|
||||
<div class='smalltext field-help'>".LAN_SOCIAL_ADMIN_07." </div>
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
<label for='social-login-test-mode-1'>
|
||||
<a href='".self::TEST_URL."' target='_blank'>".LAN_SOCIAL_ADMIN_TEST_PAGE_TOGGLE."</a>
|
||||
</label>
|
||||
</td>
|
||||
<td>
|
||||
".$frm->radio_switch('social_login_test_page', $slcm->isFlagActive($slcm::ENABLE_BIT_TEST_PAGE))."
|
||||
<div class='smalltext field-help'>".LAN_SOCIAL_ADMIN_TEST_PAGE_INFO." </div>
|
||||
</td>
|
||||
</tr>";
|
||||
|
||||
$supported_providers = $this->social_login_config_manager->getSupportedProviders();
|
||||
$configured_providers = $this->social_login_config_manager->getConfiguredProviders();
|
||||
$supported_providers = $slcm->getSupportedProviders();
|
||||
$configured_providers = $slcm->getConfiguredProviders();
|
||||
$unconfigured_providers = array_diff($supported_providers, $configured_providers);
|
||||
$unsupported_providers = array_diff($configured_providers, $supported_providers);
|
||||
$configured_providers = array_diff($configured_providers, $unsupported_providers);
|
||||
|
||||
@ -15,8 +15,6 @@ define("LAN_SOCIAL_ADMIN_04", "Provider");
|
||||
define("LAN_SOCIAL_ADMIN_05", "Key/ID");
|
||||
define("LAN_SOCIAL_ADMIN_06", "Secret");
|
||||
define("LAN_SOCIAL_ADMIN_07", "Allows users to signup/login with their social media accounts. When enabled, this option will still allow users to signup/login even if the core user registration system above is disabled.");
|
||||
define("LAN_SOCIAL_ADMIN_08", "Note: In most cases you will need to obtain an id and secret key from one of the providers.\nClick the blue links to the right to configure.\n\nYou may test your configuration with the following URL:");
|
||||
define("LAN_SOCIAL_ADMIN_09", "Your callback URL is: ");
|
||||
define("LAN_SOCIAL_ADMIN_10", "Get a key from the provider");
|
||||
define("LAN_SOCIAL_ADMIN_11", "Your");
|
||||
define("LAN_SOCIAL_ADMIN_12", "page");
|
||||
@ -57,6 +55,11 @@ define("LAN_SOCIAL_UPDATE_REQUIRED",
|
||||
"A <a href=\"" . e_ADMIN_ABS . "e107_update.php\">database update</a> is required to continue using this plugin."
|
||||
);
|
||||
|
||||
define("LAN_SOCIAL_ADMIN_TEST_PAGE_TOGGLE", "Test Page");
|
||||
define("LAN_SOCIAL_ADMIN_TEST_PAGE_INFO", "Enable or disable the social login test page");
|
||||
define("LAN_SOCIAL_ADMIN_08", "Note: In most cases, you will need to obtain an application ID and secret key from social login providers.\nIf a provider's name is a link, that link should take you to the login application configuration documentation.\n\nYou may test your configuration with the following URL after enabling the \"".LAN_SOCIAL_ADMIN_TEST_PAGE_TOGGLE."\" option:");
|
||||
define("LAN_SOCIAL_ADMIN_09", "Your callback URL is: ");
|
||||
|
||||
define("LAN_SOCIAL_LOGIN_SECTION_UNSUPPORTED", "Broken Configured Providers");
|
||||
define("LAN_SOCIAL_LOGIN_SECTION_CONFIGURED", "Manage Existing Providers");
|
||||
define("LAN_SOCIAL_LOGIN_SECTION_UNCONFIGURED", "Add New Providers");
|
||||
|
||||
@ -68,7 +68,7 @@ class social_setup
|
||||
}
|
||||
}
|
||||
|
||||
$manager->saveProviderConfig();
|
||||
$manager->saveConfig();
|
||||
}
|
||||
|
||||
private function upgradeDenormalizedProviderQuirks($denormalizedProviderName)
|
||||
|
||||
@ -55,6 +55,24 @@ class SocialLoginConfigManagerTest extends \Codeception\Test\Unit
|
||||
$this->manager = new SocialLoginConfigManager($this->pref);
|
||||
}
|
||||
|
||||
public function testFlagSetting()
|
||||
{
|
||||
$this->pref->set(SocialLoginConfigManager::SOCIAL_LOGIN_FLAGS, 0x0);
|
||||
$this->manager = new SocialLoginConfigManager($this->pref);
|
||||
$this->assertFalse($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_GLOBAL));
|
||||
$this->assertFalse($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE));
|
||||
|
||||
$this->manager->setFlag(SocialLoginConfigManager::ENABLE_BIT_GLOBAL, 0);
|
||||
$this->manager->setFlag(SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE, 1);
|
||||
$this->assertFalse($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_GLOBAL));
|
||||
$this->assertTrue($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE));
|
||||
|
||||
$this->manager->setFlag(SocialLoginConfigManager::ENABLE_BIT_GLOBAL, 1);
|
||||
$this->manager->setFlag(SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE, 0);
|
||||
$this->assertTrue($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_GLOBAL));
|
||||
$this->assertFalse($this->manager->isFlagActive(SocialLoginConfigManager::ENABLE_BIT_TEST_PAGE));
|
||||
}
|
||||
|
||||
public function testIsProviderEnabled()
|
||||
{
|
||||
$this->assertTrue($this->manager->isProviderEnabled('Twitter'));
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user