From 7faecf9ce1f8d8e7e9f01ff989974d6f329ccb4a Mon Sep 17 00:00:00 2001
From: Julien Malik <julien.malik@gmail.com>
Date: Mon, 13 Jan 2014 21:36:14 +0100
Subject: [PATCH] upload_password & admin ynh user in place of simple admin
 password

---
 conf/config.local.php |  5 +++--
 conf/user_list.py     |  3 +++
 manifest.json         | 14 ++++++++++++++
 scripts/install       | 15 +++++++++++++--
 sources/admin.php     | 17 +++++++++++++++++
 5 files changed, 50 insertions(+), 4 deletions(-)
 create mode 100644 conf/user_list.py

diff --git a/conf/config.local.php b/conf/config.local.php
index e486f8b..38b2da5 100644
--- a/conf/config.local.php
+++ b/conf/config.local.php
@@ -35,7 +35,8 @@ $cfg['lang'] = 'auto';
 $cfg['style'] = 'modern';
 $cfg['rewrite'] = false;
 /* An empty admin password will disable the admin interface. */
-$cfg['admin_password'] = 'test';
+$cfg['admin_password'] = '';
+$cfg['admin_user'] = 'YNH_ADMIN_USER';
 /* preview: false (will download file) or true (will preview in browser if
  * possible) . */
 $cfg['preview'] = false;
@@ -53,7 +54,7 @@ $cfg['enable_crypt'] = false;
 /* Split lenght of link refenrece. */
 $cfg['link_name_lenght'] = 8;
 /* Upload password. Empty string disable the password. */
-$cfg['upload_password'] = '';
+$cfg['upload_password'] = 'YNH_UPLOAD_PASSWORD';
 
 if ((basename (__FILE__) != 'config.local.php')
     && file_exists (JIRAFEAU_ROOT.'lib/config.local.php'))
diff --git a/conf/user_list.py b/conf/user_list.py
new file mode 100644
index 0000000..52994aa
--- /dev/null
+++ b/conf/user_list.py
@@ -0,0 +1,3 @@
+import sys, json
+userlist=json.loads(sys.stdin.readlines()[0])["Users"]
+print "{0}".format("\n".join(i["Username"] for i in userlist))
diff --git a/manifest.json b/manifest.json
index 5d555c3..cedf8ba 100644
--- a/manifest.json
+++ b/manifest.json
@@ -27,6 +27,20 @@
                 "example": "/jirafeau",
                 "default": "/jirafeau"
             },
+            {
+                "name": "admin_user",
+                "ask": {
+                    "en": "Choose an admin user (will be able to access admin.php page)"
+                },
+                "example": "johndoe"
+            },
+            {
+                "name": "upload_password",
+                "ask": {
+                    "en": "Set the password granting upload permissions (leave empty to allow anybody to upload)"
+                },
+                "example": "supersecretpassword"
+            },
             {
                 "name": "is_public",
                 "ask": {
diff --git a/scripts/install b/scripts/install
index a3e1322..2888336 100755
--- a/scripts/install
+++ b/scripts/install
@@ -3,7 +3,9 @@
 # Retrieve arguments
 domain=$1
 path=$2
-is_public=$3
+admin_user=$3
+upload_password=$4
+is_public=$5
 
 # Check domain/path availability
 sudo yunohost app checkurl $domain$path -a jirafeau
@@ -11,6 +13,13 @@ if [[ ! $? -eq 0 ]]; then
     exit 1
 fi
 
+# Chack that admin user is an existing account
+sudo yunohost user list | python ../conf/user_list.py | grep "^$admin_user$"
+if [[ ! $? -eq 0 ]]; then
+    echo "Error : the chosen admin user does not exist"
+    exit 1
+fi
+
 final_path=/var/www/jirafeau
 var_root=/home/yunohost.app/jirafeau
 
@@ -20,6 +29,8 @@ sudo cp -r ../sources/* $final_path
 sed -i "s@YNH_DOMAIN@$domain@g" ../conf/config.local.php
 sed -i "s@YNH_WWW_PATH@$path@g" ../conf/config.local.php
 sed -i "s@YNH_VAR_ROOT@$var_root@g" ../conf/config.local.php
+sed -i "s@YNH_ADMIN_USER@$admin_user@g" ../conf/config.local.php
+sed -i "s@YNH_UPLOAD_PASSWORD@$upload_password@g" ../conf/config.local.php
 sudo cp ../conf/config.local.php $final_path/lib
 sudo rm $final_path/install.php
 
@@ -53,7 +64,7 @@ sudo chmod 644 $finalphpini
 
 if [ $is_public = "Yes" ];
 then
-  sudo yunohost app setting jirafeau skipped_uris -v "/" 
+  sudo yunohost app setting jirafeau unprotected_uris -v "/" 
 fi
 
 sudo service php5-fpm restart
diff --git a/sources/admin.php b/sources/admin.php
index 5ae2d6e..ad11843 100755
--- a/sources/admin.php
+++ b/sources/admin.php
@@ -43,7 +43,14 @@ if (file_exists (JIRAFEAU_ROOT . 'install.php'))
     exit;
 }
 
+if (!$cfg['admin_user'] || $_SERVER['PHP_AUTH_USER'] != $cfg['admin_user'])
+{
+    header('Location: index.php');
+    exit;
+}
+
 /* Disable admin interface if we have a empty admin password. */
+/*
 if (!$cfg['admin_password'])
 {
     require (JIRAFEAU_ROOT . 'lib/template/header.php');
@@ -53,15 +60,21 @@ if (!$cfg['admin_password'])
     require (JIRAFEAU_ROOT.'lib/template/footer.php');
     exit;
 }
+*/
 
 /* Check session. */
+/*
 session_start();
+*/
 
 /* Unlog if asked. */
+/*
 if (isset ($_POST['action']) && (strcmp ($_POST['action'], 'logout') == 0))
     $_SESSION['admin_auth'] = false;
+*/
 
 /* Check password. */
+/*
 if (isset ($_POST['admin_password']))
 {
     if (strcmp ($cfg['admin_password'], $_POST['admin_password']) == 0)
@@ -76,7 +89,10 @@ if (isset ($_POST['admin_password']))
         exit;
     }
 }
+*/
+
 /* Ask for password. */
+/*
 elseif (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
 {
     require (JIRAFEAU_ROOT . 'lib/template/header.php'); ?>
@@ -106,6 +122,7 @@ elseif (!isset ($_SESSION['admin_auth']) || $_SESSION['admin_auth'] != true)
     require (JIRAFEAU_ROOT.'lib/template/footer.php');
     exit;
 }
+*/
 
 /* Operations may take a long time.
  * Be sure PHP's safe mode is off.