[Pkg-owncloud-commits] [owncloud] 12/22: Add a trusted domain wizard

David Prévot taffit at moszumanska.debian.org
Fri Aug 29 14:48:57 UTC 2014 

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to branch master
in repository owncloud.

commit 0a2e4711631c404f55a8c41f8609e6b403c7e408
Author: Lukas Reschke <lukas at owncloud.com>
Date:   Thu Aug 21 22:22:35 2014 +0200

    Add a trusted domain wizard
    
    Adds a little button to the trusted domain warning, if an admin clicks on the warning he will be redirected to ownCloud and asked whether he want to trust this domain.
    
    By far not the cleanest code, or clean at all, but does the job and I don't see a reason to make a lot of changes for this little improvement.
---
 core/css/styles.css                |  4 ++++
 core/templates/untrustedDomain.php | 19 +++++++++++++++++++
 lib/base.php                       |  7 +++----
 settings/ajax/setsecurity.php      | 12 ++++++++++--
 settings/js/admin.js               | 16 ++++++++++++++++
 5 files changed, 52 insertions(+), 6 deletions(-)

diff --git a/core/css/styles.css b/core/css/styles.css
index 8e4154b..35db006 100644
--- a/core/css/styles.css
+++ b/core/css/styles.css
@@ -611,6 +611,10 @@ label.infield {
 	margin-left: -200px !important;
 }
 
+.error-wide .button {
+	color: black !important;
+}
+
 /* Fixes for log in page, TODO should be removed some time */
 #body-login .update,
 #body-login .error {
diff --git a/core/templates/untrustedDomain.php b/core/templates/untrustedDomain.php
new file mode 100644
index 0000000..b661834
--- /dev/null
+++ b/core/templates/untrustedDomain.php
@@ -0,0 +1,19 @@
+<?php /** @var $_ array */ ?>
+
+<ul class="error-wide">
+	<li class='error'>
+		<?php p($l->t('You are accessing the server from an untrusted domain.')); ?><br/>
+
+		<p class='hint'>
+			<?php p($l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.')); ?>
+			<br/>
+			<?php p($l->t('Depending on your configuration, as an administrator you might also be able to use the button below to trust this domain.')); ?>
+			<br/><br/>
+			<p style="text-align:center;">
+				<a href="<?php print_unescaped(OC_Helper::makeURLAbsolute(\OCP\Util::linkToRoute('settings_admin'))); ?>?trustDomain=<?php p($_['domain']); ?>" class="button">
+					<?php p($l->t('Add "%s" as trusted domain', array($_['domain']))); ?>
+				</a>
+			</p>
+		</p>
+	</li>
+</ul>
diff --git a/lib/base.php b/lib/base.php
index ed0830c..ab3e34a 100644
--- a/lib/base.php
+++ b/lib/base.php
@@ -670,10 +670,9 @@ class OC {
 
 			header('HTTP/1.1 400 Bad Request');
 			header('Status: 400 Bad Request');
-			OC_Template::printErrorPage(
-				$l->t('You are accessing the server from an untrusted domain.'),
-				$l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.')
-			);
+			$tmpl = new OCP\Template('core', 'untrustedDomain', 'guest');
+			$tmpl->assign('domain', $_SERVER['SERVER_NAME']);
+			$tmpl->printPage();
 			return;
 		}
 
diff --git a/settings/ajax/setsecurity.php b/settings/ajax/setsecurity.php
index 675d7ec..3cb1d05 100644
--- a/settings/ajax/setsecurity.php
+++ b/settings/ajax/setsecurity.php
@@ -1,6 +1,6 @@
 <?php
 /**
- * Copyright (c) 2013, Lukas Reschke <lukas at statuscode.ch>
+ * Copyright (c) 2013-2014, Lukas Reschke <lukas at owncloud.com>
  * This file is licensed under the Affero General Public License version 3 or later.
  * See the COPYING-README file.
  */
@@ -8,6 +8,14 @@
 OC_Util::checkAdminUser();
 OCP\JSON::callCheck();
 
-OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
+if(isset($_POST['enforceHTTPS'])) {
+	OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
+}
+
+if(isset($_POST['trustedDomain'])) {
+	$trustedDomains = OC_Config::getValue('trusted_domains');
+	$trustedDomains[] = $_POST['trustedDomain'];
+	OC_Config::setValue('trusted_domains', $trustedDomains);
+}
 
 echo 'true';
diff --git a/settings/js/admin.js b/settings/js/admin.js
index a202feb..b09704f 100644
--- a/settings/js/admin.js
+++ b/settings/js/admin.js
@@ -38,6 +38,22 @@ var SharingGroupList = {
 };
 
 $(document).ready(function(){
+	var params = OC.Util.History.parseUrlQuery();
+
+	// Hack to add a trusted domain
+	if (params.trustDomain) {
+		OC.dialogs.confirm(t('core', 'Are you really sure you want add "{domain}" as trusted domain?', {domain: params.trustDomain}),
+			t('core', 'Add trusted domain'), function(answer) {
+				if(answer) {
+					$.ajax({
+						type: 'POST',
+						url: OC.generateUrl('settings/ajax/setsecurity.php'),
+						data: { trustedDomain: params.trustDomain}
+					});
+				}
+			});
+	}
+
 
 	$('select#excludedGroups[multiple]').each(function (index, element) {
 		SharingGroupList.applyMultipleSelect($(element));

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git

More information about the Pkg-owncloud-commits mailing list