deon/phpldapadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Force PLA to not allow guests viewing the site, and thus requiring a login.

Browse Source 
This should close #288
This commit is contained in:
Deon George 2025-02-26 17:19:23 +11:00
parent f20d9891f2
commit 0684424328
8 changed files with 74 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/Classes/LDAP/Server.php
View File

@ -214,7 +214,7 @@ final class Server
* @throws ObjectNotFoundException * @throws ObjectNotFoundException
* @testedin TranslateOidTest::testRootDSE(); * @testedin TranslateOidTest::testRootDSE();
*/ */
public static function rootDSE(?string $connection=NULL,Carbon $cachetime=NULL): ?Model public static function rootDSE(?string $connection=NULL,?Carbon $cachetime=NULL): ?Model
{ {
$e = new Entry; $e = new Entry;

26
app/Http/Middleware/AllowAnonymous.php Normal file
View File

@ -0,0 +1,26 @@
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cookie;
class AllowAnonymous
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
*/
public function handle(Request $request,Closure $next): mixed
{
if (((! Cookie::has('username_encrypt')) || (! Cookie::has('password_encrypt'))) && (! config('pla.allow_guest',FALSE)))
return redirect()
->to('/login');
return $next($request);
}
}

9
app/Providers/AppServiceProvider.php
View File

@ -31,10 +31,9 @@ class AppServiceProvider extends ServiceProvider
$this->loadViewsFrom(__DIR__.'/../../resources/themes/architect/views/','architect'); $this->loadViewsFrom(__DIR__.'/../../resources/themes/architect/views/','architect');
// Enable pluck on collections to work on private values // Enable pluck on collections to work on private values
Collection::macro('ppluck', function ($attr) { Collection::macro('ppluck',
return $this->map(function (object $item) use ($attr) { fn($attr)=>$this
return $item->{$attr}; ->map(fn($item)=>$item->{$attr})
})->values(); ->values());
});
} }
} }

3
bootstrap/app.php
View File

@ -5,7 +5,7 @@ use Illuminate\Foundation\Application;
use Illuminate\Foundation\Configuration\Exceptions; use Illuminate\Foundation\Configuration\Exceptions;
use Illuminate\Foundation\Configuration\Middleware; use Illuminate\Foundation\Configuration\Middleware;
use App\Http\Middleware\{ApplicationSession,CheckUpdate,SwapinAuthUser}; use App\Http\Middleware\{AllowAnonymous,ApplicationSession,CheckUpdate,SwapinAuthUser};
return Application::configure(basePath: dirname(__DIR__)) return Application::configure(basePath: dirname(__DIR__))
->withRouting( ->withRouting(
@ -25,6 +25,7 @@ return Application::configure(basePath: dirname(__DIR__))
EncryptCookies::class, EncryptCookies::class,
ApplicationSession::class, ApplicationSession::class,
SwapinAuthUser::class, SwapinAuthUser::class,
AllowAnonymous::class,
]); ]);
$middleware->trustProxies(at: [ $middleware->trustProxies(at: [

12
config/pla.php
View File

@ -31,6 +31,18 @@ return [
], ],
*/ */
/*
|--------------------------------------------------------------------------
| Allow Guest
|--------------------------------------------------------------------------
|
| This will determine whether a user can connect to PLA and show the tree
| before they have logged in.
|
*/
'allow_guest' => env('LDAP_ALLOW_GUEST',FALSE),
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
| Custom Date Format | Custom Date Format

15
routes/api.php
View File

@ -15,12 +15,9 @@ use App\Http\Controllers\APIController;
| |
*/ */
Route::group([],function() { Route::controller(APIController::class)->group(function() {
Route::get('bases',[APIController::class,'bases']); Route::get('bases','bases');
Route::get('children',[APIController::class,'children']); Route::get('children','children');
Route::post('schema/view',[APIController::class,'schema_view']); Route::post('schema/view','schema_view');
Route::post('schema/objectclass/attrs/{id}',[APIController::class,'schema_objectclass_attrs']); Route::post('schema/objectclass/attrs/{id}','schema_objectclass_attrs');
}); });
Route::group(['middleware'=>'auth:api','prefix'=>'user'],function() {
});

18
routes/channels.php
View File

@ -1,18 +0,0 @@
<?php
use Illuminate\Support\Facades\Broadcast;
/*
|--------------------------------------------------------------------------
| Broadcast Channels
|--------------------------------------------------------------------------
|
| Here you may register all of the event broadcasting channels that your
| application supports. The given channel authorization callbacks are
| used to check if an authenticated user can listen to the channel.
|
*/
Broadcast::channel('App.User.{id}', function ($user, $id) {
return (int) $user->id === (int) $id;
});

41
routes/web.php
View File

@ -2,8 +2,9 @@
use Illuminate\Support\Facades\Route; use Illuminate\Support\Facades\Route;
use App\Http\Controllers\{HomeController,ImportController}; use App\Http\Controllers\HomeController;
use App\Http\Controllers\Auth\LoginController; use App\Http\Controllers\Auth\LoginController;
use App\Http\Middleware\AllowAnonymous;
/* /*
|-------------------------------------------------------------------------- |--------------------------------------------------------------------------
@ -25,24 +26,28 @@ Auth::routes([
'register' => FALSE, 'register' => FALSE,
]); ]);
Route::get('/',[HomeController::class,'home']);
Route::get('info',[HomeController::class,'info']);
Route::post('dn',[HomeController::class,'dn_frame']);
Route::get('debug',[HomeController::class,'debug']);
Route::get('import',[HomeController::class,'import_frame']);
Route::get('schema',[HomeController::class,'schema_frame']);
Route::get('logout',[LoginController::class,'logout']); Route::get('logout',[LoginController::class,'logout']);
Route::group(['prefix'=>'user'],function() { Route::controller(HomeController::class)->group(function() {
Route::get('image',[HomeController::class,'user_image']); Route::middleware(AllowAnonymous::class)->group(function() {
}); Route::get('/','home');
Route::get('info','info');
Route::post('dn','dn_frame');
Route::get('debug','debug');
Route::get('import','import_frame');
Route::get('schema','schema_frame');
Route::get('entry/export/{id}',[HomeController::class,'entry_export']); Route::group(['prefix'=>'user'],function() {
Route::post('entry/password/check/',[HomeController::class,'entry_password_check']); Route::get('image','user_image');
Route::post('entry/attr/add/{id}',[HomeController::class,'entry_attr_add']); });
Route::post('entry/objectclass/add/{id}',[HomeController::class,'entry_objectclass_add']);
Route::post('entry/update/commit',[HomeController::class,'entry_update']);
Route::post('entry/update/pending',[HomeController::class,'entry_pending_update']);
Route::post('import/process/{type}',[HomeController::class,'import']); Route::get('entry/export/{id}','entry_export');
Route::post('entry/password/check/','entry_password_check');
Route::post('entry/attr/add/{id}','entry_attr_add');
Route::post('entry/objectclass/add/{id}','entry_objectclass_add');
Route::post('entry/update/commit','entry_update');
Route::post('entry/update/pending','entry_pending_update');
Route::post('import/process/{type}','import');
});
});