From a97f3058abf7220db518e4ff84aa32c26be06a78 Mon Sep 17 00:00:00 2001
From: zamentur <valentin@grimaud.me>
Date: Sat, 21 Jun 2014 16:16:15 +0200
Subject: [PATCH] Add permission control on poll creation.

---
 conf/nginx.conf        |  9 ++++-----
 conf/nginx.conf-public | 38 --------------------------------------
 manifest.json          |  9 +++++++++
 scripts/install        | 11 +++++++++--
 scripts/upgrade        | 11 ++++++++++-
 5 files changed, 32 insertions(+), 46 deletions(-)
 delete mode 100644 conf/nginx.conf-public

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 1873df9..02344bd 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -9,13 +9,12 @@ location PATHTOCHANGE {
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
            fastcgi_pass unix:/var/run/php5-fpm-opensondage.sock;
            include fastcgi_params;
-           fastcgi_param   REMOTE_USER   $remote_user;
-           fastcgi_param  PATH_INFO $fastcgi_path_info;
+           fastcgi_param REMOTE_USER $remote_user;
+           fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param HTTPS on;
        }
-
-  # Include SSOWAT user panel.
-  include conf.d/yunohost_panel.conf.inc;
+	# Include SSOWAT user panel.
+	include conf.d/yunohost_panel.conf.inc;
 }
 
 location ~ ^PATHTOCHANGE/(data|config|\.ht|db_structure\.xml|README) {
diff --git a/conf/nginx.conf-public b/conf/nginx.conf-public
deleted file mode 100644
index c21507b..0000000
--- a/conf/nginx.conf-public
+++ /dev/null
@@ -1,38 +0,0 @@
-location PATHTOCHANGE {
-       alias ALIASTOCHANGE;
-       if ($scheme = http) {
-            rewrite ^ https://$server_name$request_uri? permanent;
-       }
-       index index.php;
-       try_files $uri $uri/ /index.php;
-       location ~ [^/]\.php(/|$) {
-           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-           fastcgi_pass unix:/var/run/php5-fpm-opensondage.sock;
-           include fastcgi_params;
-           fastcgi_param REMOTE_USER $remote_user;
-           fastcgi_param PATH_INFO $fastcgi_path_info;
-           fastcgi_param HTTPS on;
-       }
-}
-
-location ~ ^PATHTOCHANGE/admin {
-       if ($scheme = http) {
-            rewrite ^ https://$server_name$request_uri? permanent;
-       }
-       index index.php;
-       try_files $uri $uri/ /index.php;
-       location ~ [^/]\.php(/|$) {
-           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-           fastcgi_pass unix:/var/run/php5-fpm-opensondage.sock;
-           include fastcgi_params;
-           fastcgi_param REMOTE_USER $remote_user;
-           fastcgi_param PATH_INFO $fastcgi_path_info;
-           fastcgi_param HTTPS on;
-       }
-	# Include SSOWAT user panel.
-	include conf.d/yunohost_panel.conf.inc;
-}
-
-location ~ ^PATHTOCHANGE/(data|config|\.ht|db_structure\.xml|README) {
-       deny all;
-}
diff --git a/manifest.json b/manifest.json
index 504534f..73f5c3e 100644
--- a/manifest.json
+++ b/manifest.json
@@ -56,6 +56,15 @@
                 },
                 "choices": ["en_GB", "fr_FR","es_ES", "de_DE"],
                 "default": "en_GB"
+            },
+            {
+                "name": "public_site",
+                "ask": {
+                    "en": "Could non member create poll ?",
+                    "fr": "Une personne non membre peut elle créer un sondage ?"
+                },
+                "choices": ["Yes", "No"],
+                "default": "Yes"
             }
 
 
diff --git a/scripts/install b/scripts/install
index e325cff..c3b2936 100755
--- a/scripts/install
+++ b/scripts/install
@@ -6,6 +6,7 @@ path=$2
 admin=$3
 legal=$4
 language=$5
+public_site=$6
 
 # Check if admin exists
 sudo yunohost user list --json | grep -q "\"username\": \"$admin\""
@@ -16,6 +17,7 @@ fi
 sudo yunohost app setting opensondage admin -v $admin
 sudo yunohost app setting opensondage language -v $language
 sudo yunohost app setting opensondage legal -v $legal
+sudo yunohost app setting opensondage public_site -v $public_site
 
 # Check domain/path availability
 sudo yunohost app checkurl $domain$path -a opensondage
@@ -63,8 +65,13 @@ sudo cp ../conf/nginx.conf /etc/nginx/conf.d/$domain.d/opensondage.conf
 
 # Reload Nginx and regenerate SSOwat conf
 sudo service nginx reload
-sudo yunohost app setting opensondage skipped_uris -v "/"                
-sudo yunohost app setting opensondage protected_uris -v "/admin"
+sudo yunohost app setting opensondage skipped_uris -v "/"  
+if [ $public_site = "No" ];
+then              
+	sudo yunohost app setting opensondage protected_uris -v "/admin,/index.php,/choix_sondage.php,/info_sondage.php" 
+else              
+	sudo yunohost app setting opensondage protected_uris -v "/admin"
+fi
 sudo yunohost app ssowatconf
 
 # Db installation
diff --git a/scripts/upgrade b/scripts/upgrade
index 312cd32..0c37747 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -6,6 +6,7 @@ path=$(sudo yunohost app setting opensondage path)
 admin=$(sudo yunohost app setting opensondage admin)
 legal=$(sudo yunohost app setting opensondage legal)
 language=$(sudo yunohost app setting opensondage language)
+public_site=$(sudo yunohost app setting opensondage public_site)
 
 root_pwd=$(sudo cat /etc/yunohost/mysql)
 
@@ -21,7 +22,7 @@ sudo sed -i "s/yunoadmin/$admin/g" $final_path/variables.php
 sudo sed -i "s/I18NTOCHANGE/$language/g" $final_path/variables.php
 sudo sed -i "s@yunourl@$domain$path@g" $final_path/variables.php
 sudo sed -i "s@yunodomain@$domain@g" $final_path/variables.php
-sudo sed -i "s°yunoinfolegal°$legal°g" $final_path/variables.php
+sudo sed -i "s@yunoinfolegal@$legal@g" $final_path/variables.php
 
 
 
@@ -89,3 +90,11 @@ sudo chmod 644 $finalphpini
 sudo service php5-fpm restart
 # Reload Nginx
 sudo service nginx reload
+sudo yunohost app setting opensondage skipped_uris -v "/"  
+if [ $public_site = "No" ];
+then              
+	sudo yunohost app setting opensondage protected_uris -v "/admin,/index.php,/choix_sondage.php,/info_sondage.php" 
+else              
+	sudo yunohost app setting opensondage protected_uris -v "/admin"
+fi
+sudo yunohost app ssowatconf