upload_password & admin ynh user in place of simple admin password

conf/config.local.php

@@ -35,7 +35,8 @@ $cfg['lang'] = 'auto';
 $cfg['style'] = 'modern';
 $cfg['rewrite'] = false;
 /* An empty admin password will disable the admin interface. */
-$cfg['admin_password'] = 'test';
+$cfg['admin_password'] = '';
+$cfg['admin_user'] = 'YNH_ADMIN_USER';
 /* preview: false (will download file) or true (will preview in browser if
  * possible) . */
 $cfg['preview'] = false;
@@ -53,7 +54,7 @@ $cfg['enable_crypt'] = false;
 /* Split lenght of link refenrece. */
 $cfg['link_name_lenght'] = 8;
 /* Upload password. Empty string disable the password. */
-$cfg['upload_password'] = '';
+$cfg['upload_password'] = 'YNH_UPLOAD_PASSWORD';
 
 if ((basename (__FILE__) != 'config.local.php')
     && file_exists (JIRAFEAU_ROOT.'lib/config.local.php'))

conf/user_list.py

@@ -0,0 +1,3 @@
+import sys, json
+userlist=json.loads(sys.stdin.readlines()[0])["Users"]
+print "{0}".format("\n".join(i["Username"] for i in userlist))

manifest.json

@@ -27,6 +27,20 @@
                 "example": "/jirafeau",
                 "default": "/jirafeau"
             },
+            {
+                "name": "admin_user",
+                "ask": {
+                    "en": "Choose an admin user (will be able to access admin.php page)"
+                },
+                "example": "johndoe"
+            },
+            {
+                "name": "upload_password",
+                "ask": {
+                    "en": "Set the password granting upload permissions (leave empty to allow anybody to upload)"
+                },
+                "example": "supersecretpassword"
+            },
             {
                 "name": "is_public",
                 "ask": {

scripts/install

@@ -3,7 +3,9 @@
 # Retrieve arguments
 domain=$1
 path=$2
-is_public=$3
+admin_user=$3
+upload_password=$4
+is_public=$5
 
 # Check domain/path availability
 sudo yunohost app checkurl $domain$path -a jirafeau
@@ -11,6 +13,13 @@ if [[ ! $? -eq 0 ]]; then
     exit 1
 fi
 
+# Chack that admin user is an existing account
+sudo yunohost user list | python ../conf/user_list.py | grep "^$admin_user$"
+if [[ ! $? -eq 0 ]]; then
+    echo "Error : the chosen admin user does not exist"
+    exit 1
+fi
+
 final_path=/var/www/jirafeau
 var_root=/home/yunohost.app/jirafeau
 
@@ -20,6 +29,8 @@ sudo cp -r ../sources/* $final_path
 sed -i "s@YNH_DOMAIN@$domain@g" ../conf/config.local.php
 sed -i "s@YNH_WWW_PATH@$path@g" ../conf/config.local.php
 sed -i "s@YNH_VAR_ROOT@$var_root@g" ../conf/config.local.php
+sed -i "s@YNH_ADMIN_USER@$admin_user@g" ../conf/config.local.php
+sed -i "s@YNH_UPLOAD_PASSWORD@$upload_password@g" ../conf/config.local.php
 sudo cp ../conf/config.local.php $final_path/lib
 sudo rm $final_path/install.php
 
@@ -53,7 +64,7 @@ sudo chmod 644 $finalphpini
 
 if [ $is_public = "Yes" ];
 then
-  sudo yunohost app setting jirafeau skipped_uris -v "/" 
+  sudo yunohost app setting jirafeau unprotected_uris -v "/" 
 fi
 
 sudo service php5-fpm restart

sources/admin.php

@@ -43,7 +43,14 @@ if (file_exists (JIRAFEAU_ROOT . 'install.php'))
     exit;
 }
 
+if (!$cfg['admin_user'] || $_SERVER['PHP_AUTH_USER'] != $cfg['admin_user'])
+{
+    header('Location: index.php');
+    exit;
+}
+
 /* Disable admin interface if we have a empty admin password. */
+/*
 if (!$cfg['admin_password'])
 {
     require (JIRAFEAU_ROOT . 'lib/template/header.php');
@@ -53,15 +60,21 @@ if (!$cfg['admin_password'])
     require (JIRAFEAU_ROOT.'lib/template/footer.php');
     exit;
 }
+*/
 
 /* Check session. */
+/*
 session_start();
+*/
 
 /* Unlog if asked. */
+/*
 if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0))
     $_SESSION['admin_auth'] = false;
+*/
 
 /* Check password. */
+/*
 if (isset ($_POST['admin_password']))
 {
     if (strcmp ($cfg['admin_password'], $_POST['admin_password']) == 0)
@@ -76,7 +89,10 @@ if (isset ($_POST['admin_password']))
         exit;
     }
 }
+*/
+
 /* Ask for password. */
+/*
 elseif (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
 {
     require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?>
@@ -106,6 +122,7 @@ elseif (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
     require (JIRAFEAU_ROOT.'lib/template/footer.php');
     exit;
 }
+*/
 
 /* Operations may take a long time.
  * Be sure PHP's safe mode is off.