[Pkg-owncloud-commits] [owncloud] 112/239: Add "single user mode" which restricts access to users in the admin group

David Prévot taffit at moszumanska.debian.org
Fri Nov 29 01:32:26 UTC 2013 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit 71c1327691225a0a517aa3929a48743f95b177d0
Author: Robin Appelman <icewind at owncloud.com>
Date:   Mon Nov 25 15:08:24 2013 +0100

    Add "single user mode" which restricts access to users in the admin group
    
    This can be enabled by setting 'singleuser' to true in config.php
---
 lib/base.php | 19 ++++++++++++++++++-
 public.php   |  1 +
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/lib/base.php b/lib/base.php
index 865d174..b361ac3 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -230,6 +230,22 @@ class OC {
 		}
 	}
 
+	public static function checkSingleUserMode() {
+		$user = OC_User::getUserSession()->getUser();
+		$group = OC_Group::getManager()->get('admin');
+		if ($user && OC_Config::getValue('singleuser', false) && !$group->inGroup($user)) {
+			// send http status 503
+			header('HTTP/1.1 503 Service Temporarily Unavailable');
+			header('Status: 503 Service Temporarily Unavailable');
+			header('Retry-After: 120');
+
+			// render error page
+			$tmpl = new OC_Template('', 'singleuser.user', 'guest');
+			$tmpl->printPage();
+			die();
+		}
+	}
+
 	public static function checkUpgrade($showTemplate = true) {
 		if (OC_Config::getValue('installed', false)) {
 			$installedVersion = OC_Config::getValue('version', '0.0.0');
@@ -652,11 +668,12 @@ class OC {
 		// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
 		OC::tryBasicAuthLogin();
 
-		if (!self::$CLI) {
+		if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
 			try {
 				if (!OC_Config::getValue('maintenance', false)) {
 					OC_App::loadApps();
 				}
+				self::checkSingleUserMode();
 				OC::getRouter()->match(OC_Request::getRawPathInfo());
 				return;
 			} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
diff --git a/public.php b/public.php
index 203372f..767295b 100644
--- a/public.php
+++ b/public.php
@@ -5,6 +5,7 @@ try {
 
 	require_once 'lib/base.php';
 	OC::checkMaintenanceMode();
+	OC::checkSingleUserMode();
 	if (!isset($_GET['service'])) {
 		header('HTTP/1.0 404 Not Found');
 		exit;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git

More information about the Pkg-owncloud-commits mailing list