From 5228bf4f0cedbc55c50d311120e6b413e124b421 Mon Sep 17 00:00:00 2001 From: JimboJoe Date: Sun, 2 Apr 2017 23:47:54 +0200 Subject: [PATCH 1/6] [fix] Fix tile not displayed when app is installed on root (bug #285) (#71) * Fix proposal for bug #285 (YunoHost tile is not displayed when the app is installed on root path) * Fix access to administration page --- access.lua | 67 +++++++++++++++++++++++++++--------------------------- 1 file changed, 34 insertions(+), 33 deletions(-) diff --git a/access.lua b/access.lua index d629ea7..ece6113 100644 --- a/access.lua +++ b/access.lua @@ -281,16 +281,48 @@ if conf["skipped_regex"] then end +-- +-- 6. Specific files (used in YunoHost) +-- +-- We want to serve specific portal assets right at the root of the domain. +-- +-- For example: `https://mydomain.org/ynhpanel.js` will serve the +-- `/yunohost/sso/assets/js/ynhpanel.js` file. +-- + +if hlp.is_logged_in() then + if string.match(ngx.var.uri, "^/ynhpanel.js$") then + hlp.serve("/yunohost/sso/assets/js/ynhpanel.js") + end + if string.match(ngx.var.uri, "^/ynhpanel.css$") then + hlp.serve("/yunohost/sso/assets/css/ynhpanel.css") + end + if string.match(ngx.var.uri, "^/ynhpanel.json$") then + hlp.serve("/yunohost/sso/assets/js/ynhpanel.json") + end + + -- If user has no access to this URL, redirect him to the portal + if not hlp.has_access() then + return hlp.redirect(conf.portal_url) + end + + -- If the user is authenticated and has access to the URL, set the headers + -- and let it be + hlp.set_headers() + return hlp.pass() +end + + -- --- 6. Unprotected URLs +-- 7. Unprotected URLs -- -- If the URL matches one of the `unprotected_urls` in the configuration file, -- it means that the URL should not be protected by the SSO *but* headers have -- to be sent if the user is already authenticated. -- -- It means that you can let anyone access to an app, but if a user has already --- been authenticated on the portal, he can have its authentication headers +-- been authenticated on the portal, he can have his authentication headers -- passed to the app. -- @@ -321,37 +353,6 @@ if conf["unprotected_regex"] then end --- --- 7. Specific files (used in YunoHost) --- --- We want to serve specific portal assets right at the root of the domain. --- --- For example: `https://mydomain.org/ynhpanel.js` will serve the --- `/yunohost/sso/assets/js/ynhpanel.js` file. --- - -if hlp.is_logged_in() then - if string.match(ngx.var.uri, "^/ynhpanel.js$") then - hlp.serve("/yunohost/sso/assets/js/ynhpanel.js") - end - if string.match(ngx.var.uri, "^/ynhpanel.css$") then - hlp.serve("/yunohost/sso/assets/css/ynhpanel.css") - end - if string.match(ngx.var.uri, "^/ynhpanel.json$") then - hlp.serve("/yunohost/sso/assets/js/ynhpanel.json") - end - - -- If user has no access to this URL, redirect him to the portal - if not hlp.has_access() then - return hlp.redirect(conf.portal_url) - end - - -- If the user is authenticated and has access to the URL, sen the headers - -- and let it be - hlp.set_headers() - return hlp.pass() -end - -- -- 8. Basic HTTP Authentication From d0709ff1f35e22b93025f1bad0cf9f03b14cad45 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 3 Apr 2017 01:35:16 +0200 Subject: [PATCH 2/6] Adding link to bugtracker --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index fcd03ba..f302e8f 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,11 @@ A simple LDAP SSO for nginx, written in Lua Translation status +Issues +------ + +- [Please report issues on YunoHost bugtracker](https://dev.yunohost.org/projects/yunohost/issues) (no registration needed). + Requirements ------------ From 4450ba8f95b6a20632d5a156b98ec89f97001267 Mon Sep 17 00:00:00 2001 From: Fabian Gruber Date: Tue, 21 Mar 2017 15:41:02 +0100 Subject: [PATCH 3/6] [i18n] Translated using Weblate (German) Currently translated at 100.0% (41 of 41 strings) --- portal/locales/de.json | 82 +++++++++++++++++++++--------------------- 1 file changed, 42 insertions(+), 40 deletions(-) diff --git a/portal/locales/de.json b/portal/locales/de.json index 67b2d56..493d58d 100644 --- a/portal/locales/de.json +++ b/portal/locales/de.json @@ -1,41 +1,43 @@ { - "add_forward": "E-Mail Weiterleitung hinzufügen", - "add_mail": "E-Mail Alias hinzufügen", - "cancel": "Abbrechen", - "change_password": "Passwort ändern", - "confirm": "Bestätigen", - "current_password": "Aktuelles Passwort", - "edit": "Bearbeiten", - "footerlink_administration": "Verwaltung", - "footerlink_documentation": "Dokumentation", - "footerlink_edit": "Mein Profil bearbeiten", - "footerlink_support": "Support", - "fullname": "Vollständiger Name", - "information": "Deine Informationen", - "information_updated": "Informationen wurden aktualisiert", - "invalid_domain": "Ungültige Domain angegeben", - "invalid_mail": "Ungültige E-Mail Adresse", - "invalid_mailforward": "Ungültige E-Mail Weiterleitung", - "logged_out": "Ausgeloggt", - "login": "Anmelden", - "logout": "Abmelden", - "mail_addresses": "E-Mail Adressen", - "mail_already_used": "Diese E-Mail Adresse wird bereits verwendet:", - "mail_forward": "E-Mail Weiterleitung", - "missing_required_fields": "Benötigte Felder fehlen", - "new_forward": "neueweiterleitung@anderedomain.org", - "new_mail": "neuemail@meinedomain.org", - "new_password": "Neues Passwort", - "ok": "OK", - "password": "Passwort", - "password_changed": "Passwort erfolgreich geändert", - "password_changed_error": "Beim Ändern des Passworts ist ein Fehler aufgetreten", - "password_not_match": "Die neuen Passwörter stimmen nicht überein", - "please_login": "Bitte logge dich ein, um auf diesen Inhalt zu zugreifen", - "please_login_from_portal": "Bitte logge dich am Portal ein", - "portal": "YunoHost Portal", - "user_saving_fail": "Ein Fehler trat beim Speichern der Änderungen auf", - "username": "Benutzername", - "wrong_current_password": "Aktuelles Passwort ist falsch", - "wrong_username_password": "Falscher Benutzername oder Passwort" -} \ No newline at end of file + "add_forward": "E-Mail Weiterleitung hinzufügen", + "add_mail": "E-Mail Alias hinzufügen", + "cancel": "Abbrechen", + "change_password": "Passwort ändern", + "confirm": "Bestätigen", + "current_password": "Aktuelles Passwort", + "edit": "Bearbeiten", + "footerlink_administration": "Verwaltung", + "footerlink_documentation": "Dokumentation", + "footerlink_edit": "Mein Profil bearbeiten", + "footerlink_support": "Support", + "fullname": "Vollständiger Name", + "information": "Deine Informationen", + "information_updated": "Informationen wurden aktualisiert", + "invalid_domain": "Ungültige Domain angegeben", + "invalid_mail": "Ungültige E-Mail Adresse", + "invalid_mailforward": "Ungültige E-Mail Weiterleitung", + "logged_out": "Ausgeloggt", + "login": "Anmelden", + "logout": "Abmelden", + "mail_addresses": "E-Mail Adressen", + "mail_already_used": "Diese E-Mail Adresse wird bereits verwendet:", + "mail_forward": "E-Mail Weiterleitung", + "missing_required_fields": "Benötigte Felder fehlen", + "new_forward": "neueweiterleitung@anderedomain.org", + "new_mail": "neuemail@meinedomain.org", + "new_password": "Neues Passwort", + "ok": "OK", + "password": "Passwort", + "password_changed": "Passwort erfolgreich geändert", + "password_changed_error": "Beim Ändern des Passworts ist ein Fehler aufgetreten", + "password_not_match": "Die neuen Passwörter stimmen nicht überein", + "please_login": "Bitte logge dich ein, um auf diesen Inhalt zu zugreifen", + "please_login_from_portal": "Bitte logge dich am Portal ein", + "portal": "YunoHost Portal", + "user_saving_fail": "Ein Fehler trat beim Speichern der Änderungen auf", + "username": "Benutzername", + "wrong_current_password": "Aktuelles Passwort ist falsch", + "wrong_username_password": "Falscher Benutzername oder Passwort", + "redirection_error_invalid_url": "Fehler bei Weiterleitung: Ungültige URL", + "redirection_error_unmanaged_domain": "Fehler bei Weiterleitung: Nicht-verwaltete Domain" +} From 2a648b8475953d513a87aa52a6f69bac935f2540 Mon Sep 17 00:00:00 2001 From: Jeroen Keerl Date: Fri, 7 Apr 2017 22:57:30 +0200 Subject: [PATCH 4/6] [i18n] Translated using Weblate (Dutch) Currently translated at 95.1% (39 of 41 strings) --- portal/locales/nl.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/portal/locales/nl.json b/portal/locales/nl.json index 91a6712..0fbd32c 100644 --- a/portal/locales/nl.json +++ b/portal/locales/nl.json @@ -16,7 +16,7 @@ "invalid_domain": "Ongeldig domein", "invalid_mail": "Ongeldig emailadres", "invalid_mailforward": "Ongeldig email-forward adres ", - "logged_out": "Uitgelogd ", + "logged_out": "Uitgelogd", "login": "Inloggen", "logout": "Uitloggen", "mail_addresses": "Emailadressen", From 442147bbbe286d3e89b5a8e637973514d35c37af Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Mon, 24 Apr 2017 13:03:07 -0400 Subject: [PATCH 5/6] Update changelog for 2.6.5 release --- debian/changelog | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/debian/changelog b/debian/changelog index 8cd6ea5..01155fe 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +ssowat (2.6.5) testing; urgency=low + + * [fix] Fix tile not displayed when app is installed on root (bug #285) (#71) + * Update translations for German and Dutch + +Thanks to all contributors and translators (JimboJoe, Fabian Gruber, Jeroen Keerl) ! + + -- Alexandre Aubin Mon, 24 Apr 2017 13:01:23 -0400 + ssowat (2.6.4) stable; urgency=low * [fix] Remove help-link in portal as they don't link to nothing. Fix #68 From c019f9d208c286b637908bfbfcf283c16a13e3a2 Mon Sep 17 00:00:00 2001 From: Laurent Peuch Date: Fri, 12 May 2017 15:42:29 +0200 Subject: [PATCH 6/6] [fix] check users ACL on http basic auth --- access.lua | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/access.lua b/access.lua index ece6113..3964af0 100644 --- a/access.lua +++ b/access.lua @@ -373,6 +373,12 @@ if auth_header then user = hlp.authenticate(user, password) if user then hlp.set_headers(user) + + -- If user has no access to this URL, redirect him to the portal + if not hlp.has_access(user) then + return hlp.redirect(conf.portal_url) + end + return hlp.pass() end end