mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add security section to admin menu 

Currently it only allows the admin to enable or disable the HTTPS
enforcement, but in the future it could be expanded to further options.

The HTTPS enforcement only allows the admin to enforce it, if he is
connected via HTTPS. (To prevent admins to enable it without a proper
SSL setup)
This commit is contained in:
Lukas Reschke 2013-01-11 14:18:51 +01:00
parent 60489764f3
commit 466cdab680
5 changed files with 56 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
settings/admin.php
View File

@ -33,6 +33,16 @@ $tmpl->assign('internetconnectionworking', OC_Util::isinternetconnectionworking(
$tmpl->assign('islocaleworking', OC_Util::issetlocaleworking());
$tmpl->assign('backgroundjobs_mode', OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax'));
$tmpl->assign('shareAPIEnabled', OC_Appconfig::getValue('core', 'shareapi_enabled', 'yes'));
// Check if connected using HTTPS
if (OC_Request::serverProtocol() == 'https') {
$connectedHTTPS = true;
} else {
$connectedHTTPS = false;
}
$tmpl->assign('isConnectedViaHTTPS', $connectedHTTPS);
$tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue( "forcessl", false));
$tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes'));
$tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'));
$tmpl->assign('sharePolicy', OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global'));

13
settings/ajax/setsecurity.php Normal file
View File

@ -0,0 +1,13 @@
<?php
/**
* Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
OC_Util::checkAdminUser();
OCP\JSON::callCheck();
OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
echo 'true';

4
settings/js/admin.js
View File

@ -30,4 +30,8 @@ $(document).ready(function(){
}
OC.AppConfig.setValue('core', $(this).attr('name'), value);
});
$('#security').change(function(){
$.post(OC.filePath('settings','ajax','setsecurity.php'), { enforceHTTPS: $('#enforceHTTPSEnabled').val() },function(){} );
});
});

2
settings/routes.php
View File

@ -58,6 +58,8 @@ $this->create('settings_ajax_getlog', '/settings/ajax/getlog.php')
->actionInclude('settings/ajax/getlog.php');
$this->create('settings_ajax_setloglevel', '/settings/ajax/setloglevel.php')
->actionInclude('settings/ajax/setloglevel.php');
$this->create('settings_ajax_setsecurity', '/settings/ajax/setsecurity.php')
->actionInclude('settings/ajax/setsecurity.php');
// apps/user_openid
$this->create('settings_ajax_openid', '/settings/ajax/openid.php')

27
settings/templates/admin.php
View File

@ -132,6 +132,33 @@ if (!$_['internetconnectionworking']) {
</table>
</fieldset>
<fieldset class="personalblock" id="security">
<legend><strong><?php echo $l->t('Security');?></strong></legend>
<table class="nostyle">
<tr>
<td id="enable">
<input type="checkbox" name="forcessl" id="enforceHTTPSEnabled"
<?php if ($_['enforceHTTPSEnabled']) {
echo 'checked="checked" ';
echo 'value="false"';
} else {
echo 'value="true"';
}
?>
<?php if (!$_['isConnectedViaHTTPS']) echo 'disabled'; ?> />
<label for="forcessl"><?php echo $l->t('Enforce HTTPS');?></label><br/>
<em><?php echo $l->t('Enforces the clients to connect to ownCloud via an encrypted connection.'); ?></em>
<?php if (!$_['isConnectedViaHTTPS']) {
echo "<br/><em>";
echo $l->t('Please connect to this ownCloud instance via HTTPS to enable or disable the SSL enforcement.');
echo "</em>";
}
?></em>
</td>
</tr>
</table>
</fieldset>
<fieldset class="personalblock">
<legend><strong><?php echo $l->t('Log');?></strong></legend>
<?php echo $l->t('Log level');?> <select name='loglevel' id='loglevel'>