Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allows disabling UI via an environment variable #148

Merged
merged 2 commits into from
Jul 11, 2018
Merged

Allows disabling UI via an environment variable #148

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
0297285
Disable UI via environment variable
moufmouf Jul 11, 2018
3fa93f9
Fixing env variable check
moufmouf Jul 11, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 8 additions & 0 deletions doc/installing_mouf.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,3 +107,11 @@ Mouf UI is designed to be used on a development environment, not on a production
If you are running a production server (if you are not on a development environment), it is more secure
to prevent Apache from writing to the application directories (or to open those rights on a very
restrictive basis). In this scenario, you don't need to share write rights with Apache.

Also, you might want to completely prevent users from accessing the UI. You can disable Mouf UI
by setting the `MOUF_UI` environment variable to 0.

```
# Disable Mouf UI via environment variable:
MOUF_UI=0
```
17 changes: 14 additions & 3 deletions src-dev/Mouf/Controllers/MoufInstallController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@
* For the full copyright and license information, please view the LICENSE.txt
* file that was distributed with this source code.
*/
namespace Mouf\Controllers;
namespace Mouf\Controllers;

use Mouf\Html\Template\TemplateInterface;

use Mouf\Html\Widgets\MessageService\Service\UserMessageInterface;
Expand All @@ -19,7 +19,7 @@

use Mouf\Html\HtmlElement\HtmlBlock;

use Mouf\Mvc\Splash\Controllers\Controller;
use Mouf\Mvc\Splash\Controllers\Controller;


/**
Expand Down Expand Up @@ -49,6 +49,17 @@ class MoufInstallController extends Controller {
*/
public function index() {

$moufUI = getenv('MOUF_UI');
if ($moufUI !== false) {
$moufUI = (bool) $moufUI;
if (!$moufUI) {
header('HTTP/1.1 403 Forbidden');
echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
exit;
}
}
unset($moufUI);

if (!extension_loaded("curl")) {
$this->contentBlock->addFile(dirname(__FILE__)."/../../views/mouf_installer/missing_curl.php", $this);
} else {
Expand Down
29 changes: 20 additions & 9 deletions src/direct/utils/check_rights.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,20 +1,31 @@
<?php
/*
* This file is part of the Mouf core package.
*
* (c) 2012 David Negrier <david@mouf-php.com>
*
* For the full copyright and license information, please view the LICENSE.txt
* file that was distributed with this source code.
*/

/*
* This file is part of the Mouf core package.
*
* (c) 2012 David Negrier <david@mouf-php.com>
*
* For the full copyright and license information, please view the LICENSE.txt
* file that was distributed with this source code.
*/
/**
* This file should be included at the beginning of each file of the "/direct" folder.
* It checks that the rights are ok.
* The user is allowed access to the file if he is logged, or if he is requesting the file from localhost
* (because it could be a request from Mouf itself via Curl, and therefore not logged).
*/

$moufUI = getenv('MOUF_UI');
if ($moufUI !== false) {
$moufUI = (bool) $moufUI;
if (!$moufUI) {
header('HTTP/1.1 403 Forbidden');
echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
exit;
}
}
unset($moufUI);

// TODO: remove this condition when everything is migrated to the new cookie propagation method.
if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR'] /*|| $_SERVER['REMOTE_ADDR'] == '::1'*/) {
return;
Expand Down
13 changes: 12 additions & 1 deletion src/mouf_router.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,15 @@
<?php
<?php
$moufUI = getenv('MOUF_UI');
if ($moufUI !== false) {
$moufUI = (bool) $moufUI;
if (!$moufUI) {
header('HTTP/1.1 403 Forbidden');
echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
exit;
}
}
unset($moufUI);

if (!file_exists(__DIR__.'/../../../../mouf/no_commit/MoufUsers.php')) {

$rootUrl = $_SERVER['BASE']."/";
Expand Down
18 changes: 9 additions & 9 deletions src/splash.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,13 @@
<?php
/*
* This file is part of the Mouf core package.
*
* (c) 2012 David Negrier <david@mouf-php.com>
*
* For the full copyright and license information, please view the LICENSE.txt
* file that was distributed with this source code.
*/
/*
* This file is part of the Mouf core package.
*
* (c) 2012 David Negrier <david@mouf-php.com>
*
* For the full copyright and license information, please view the LICENSE.txt
* file that was distributed with this source code.
*/
// Let's load the Mouf file, and the MoufAdmin file.
// The MoufAdmin will replace the Mouf configuration file.
if (file_exists(dirname(__FILE__).'/../MoufComponents.php')) {
Expand Down