Force PLA to not allow guests viewing the site, and thus requiring a login.
This should close #288
This commit is contained in:
parent
f20d9891f2
commit
0684424328
@ -214,7 +214,7 @@ final class Server
|
||||
* @throws ObjectNotFoundException
|
||||
* @testedin TranslateOidTest::testRootDSE();
|
||||
*/
|
||||
public static function rootDSE(?string $connection=NULL,Carbon $cachetime=NULL): ?Model
|
||||
public static function rootDSE(?string $connection=NULL,?Carbon $cachetime=NULL): ?Model
|
||||
{
|
||||
$e = new Entry;
|
||||
|
||||
|
||||
26
app/Http/Middleware/AllowAnonymous.php
Normal file
26
app/Http/Middleware/AllowAnonymous.php
Normal file
@ -0,0 +1,26 @@
|
||||
<?php
|
||||
|
||||
namespace App\Http\Middleware;
|
||||
|
||||
use Closure;
|
||||
use Illuminate\Http\Request;
|
||||
use Illuminate\Support\Facades\Cookie;
|
||||
|
||||
class AllowAnonymous
|
||||
{
|
||||
/**
|
||||
* Handle an incoming request.
|
||||
*
|
||||
* @param \Illuminate\Http\Request $request
|
||||
* @param \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse) $next
|
||||
* @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
|
||||
*/
|
||||
public function handle(Request $request,Closure $next): mixed
|
||||
{
|
||||
if (((! Cookie::has('username_encrypt')) || (! Cookie::has('password_encrypt'))) && (! config('pla.allow_guest',FALSE)))
|
||||
return redirect()
|
||||
->to('/login');
|
||||
|
||||
return $next($request);
|
||||
}
|
||||
}
|
||||
@ -31,10 +31,9 @@ class AppServiceProvider extends ServiceProvider
|
||||
$this->loadViewsFrom(__DIR__.'/../../resources/themes/architect/views/','architect');
|
||||
|
||||
// Enable pluck on collections to work on private values
|
||||
Collection::macro('ppluck', function ($attr) {
|
||||
return $this->map(function (object $item) use ($attr) {
|
||||
return $item->{$attr};
|
||||
})->values();
|
||||
});
|
||||
Collection::macro('ppluck',
|
||||
fn($attr)=>$this
|
||||
->map(fn($item)=>$item->{$attr})
|
||||
->values());
|
||||
}
|
||||
}
|
||||
@ -5,7 +5,7 @@ use Illuminate\Foundation\Application;
|
||||
use Illuminate\Foundation\Configuration\Exceptions;
|
||||
use Illuminate\Foundation\Configuration\Middleware;
|
||||
|
||||
use App\Http\Middleware\{ApplicationSession,CheckUpdate,SwapinAuthUser};
|
||||
use App\Http\Middleware\{AllowAnonymous,ApplicationSession,CheckUpdate,SwapinAuthUser};
|
||||
|
||||
return Application::configure(basePath: dirname(__DIR__))
|
||||
->withRouting(
|
||||
@ -25,6 +25,7 @@ return Application::configure(basePath: dirname(__DIR__))
|
||||
EncryptCookies::class,
|
||||
ApplicationSession::class,
|
||||
SwapinAuthUser::class,
|
||||
AllowAnonymous::class,
|
||||
]);
|
||||
|
||||
$middleware->trustProxies(at: [
|
||||
|
||||
@ -31,6 +31,18 @@ return [
|
||||
],
|
||||
*/
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Allow Guest
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| This will determine whether a user can connect to PLA and show the tree
|
||||
| before they have logged in.
|
||||
|
|
||||
*/
|
||||
|
||||
'allow_guest' => env('LDAP_ALLOW_GUEST',FALSE),
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Custom Date Format
|
||||
|
||||
@ -15,12 +15,9 @@ use App\Http\Controllers\APIController;
|
||||
|
|
||||
*/
|
||||
|
||||
Route::group([],function() {
|
||||
Route::get('bases',[APIController::class,'bases']);
|
||||
Route::get('children',[APIController::class,'children']);
|
||||
Route::post('schema/view',[APIController::class,'schema_view']);
|
||||
Route::post('schema/objectclass/attrs/{id}',[APIController::class,'schema_objectclass_attrs']);
|
||||
});
|
||||
|
||||
Route::group(['middleware'=>'auth:api','prefix'=>'user'],function() {
|
||||
Route::controller(APIController::class)->group(function() {
|
||||
Route::get('bases','bases');
|
||||
Route::get('children','children');
|
||||
Route::post('schema/view','schema_view');
|
||||
Route::post('schema/objectclass/attrs/{id}','schema_objectclass_attrs');
|
||||
});
|
||||
@ -1,18 +0,0 @@
|
||||
<?php
|
||||
|
||||
use Illuminate\Support\Facades\Broadcast;
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
| Broadcast Channels
|
||||
|--------------------------------------------------------------------------
|
||||
|
|
||||
| Here you may register all of the event broadcasting channels that your
|
||||
| application supports. The given channel authorization callbacks are
|
||||
| used to check if an authenticated user can listen to the channel.
|
||||
|
|
||||
*/
|
||||
|
||||
Broadcast::channel('App.User.{id}', function ($user, $id) {
|
||||
return (int) $user->id === (int) $id;
|
||||
});
|
||||
@ -2,8 +2,9 @@
|
||||
|
||||
use Illuminate\Support\Facades\Route;
|
||||
|
||||
use App\Http\Controllers\{HomeController,ImportController};
|
||||
use App\Http\Controllers\HomeController;
|
||||
use App\Http\Controllers\Auth\LoginController;
|
||||
use App\Http\Middleware\AllowAnonymous;
|
||||
|
||||
/*
|
||||
|--------------------------------------------------------------------------
|
||||
@ -25,24 +26,28 @@ Auth::routes([
|
||||
'register' => FALSE,
|
||||
]);
|
||||
|
||||
Route::get('/',[HomeController::class,'home']);
|
||||
Route::get('info',[HomeController::class,'info']);
|
||||
Route::post('dn',[HomeController::class,'dn_frame']);
|
||||
Route::get('debug',[HomeController::class,'debug']);
|
||||
Route::get('import',[HomeController::class,'import_frame']);
|
||||
Route::get('schema',[HomeController::class,'schema_frame']);
|
||||
|
||||
Route::get('logout',[LoginController::class,'logout']);
|
||||
|
||||
Route::group(['prefix'=>'user'],function() {
|
||||
Route::get('image',[HomeController::class,'user_image']);
|
||||
Route::controller(HomeController::class)->group(function() {
|
||||
Route::middleware(AllowAnonymous::class)->group(function() {
|
||||
Route::get('/','home');
|
||||
Route::get('info','info');
|
||||
Route::post('dn','dn_frame');
|
||||
Route::get('debug','debug');
|
||||
Route::get('import','import_frame');
|
||||
Route::get('schema','schema_frame');
|
||||
|
||||
Route::group(['prefix'=>'user'],function() {
|
||||
Route::get('image','user_image');
|
||||
});
|
||||
|
||||
Route::get('entry/export/{id}','entry_export');
|
||||
Route::post('entry/password/check/','entry_password_check');
|
||||
Route::post('entry/attr/add/{id}','entry_attr_add');
|
||||
Route::post('entry/objectclass/add/{id}','entry_objectclass_add');
|
||||
Route::post('entry/update/commit','entry_update');
|
||||
Route::post('entry/update/pending','entry_pending_update');
|
||||
|
||||
Route::post('import/process/{type}','import');
|
||||
});
|
||||
});
|
||||
|
||||
Route::get('entry/export/{id}',[HomeController::class,'entry_export']);
|
||||
Route::post('entry/password/check/',[HomeController::class,'entry_password_check']);
|
||||
Route::post('entry/attr/add/{id}',[HomeController::class,'entry_attr_add']);
|
||||
Route::post('entry/objectclass/add/{id}',[HomeController::class,'entry_objectclass_add']);
|
||||
Route::post('entry/update/commit',[HomeController::class,'entry_update']);
|
||||
Route::post('entry/update/pending',[HomeController::class,'entry_pending_update']);
|
||||
|
||||
Route::post('import/process/{type}',[HomeController::class,'import']);
|
||||
Loading…
x
Reference in New Issue
Block a user