Merge pull request #6036 from owncloud/single-user-mode
Add "single user mode"
This commit is contained in:
Morris Jobke
commit
d7d7d9b8e3
|
|
@ -235,4 +235,7 @@ $CONFIG = array(
|
|||
'openssl' => array(
|
||||
//'config' => '/absolute/location/of/openssl.cnf',
|
||||
),
|
||||
|
||||
/* whether usage of the instance should be restricted to admin users only */
|
||||
'singleuser' => false,
|
||||
);
|
||||
|
|
|
|||
|
|
@ -0,0 +1,51 @@
|
|||
<?php
|
||||
/**
|
||||
* Copyright (c) 2013 Robin Appelman <icewind@owncloud.com>
|
||||
* This file is licensed under the Affero General Public License version 3 or
|
||||
* later.
|
||||
* See the COPYING-README file.
|
||||
*/
|
||||
|
||||
namespace OC\Core\Command\Maintenance;
|
||||
|
||||
use Symfony\Component\Console\Command\Command;
|
||||
use Symfony\Component\Console\Input\InputInterface;
|
||||
use Symfony\Component\Console\Input\InputOption;
|
||||
use Symfony\Component\Console\Output\OutputInterface;
|
||||
|
||||
class SingleUser extends Command {
|
||||
|
||||
protected function configure() {
|
||||
$this
|
||||
->setName('maintenance:singleuser')
|
||||
->setDescription('set single user mode')
|
||||
->addOption(
|
||||
'on',
|
||||
null,
|
||||
InputOption::VALUE_NONE,
|
||||
'enable single user mode'
|
||||
)
|
||||
->addOption(
|
||||
'off',
|
||||
null,
|
||||
InputOption::VALUE_NONE,
|
||||
'disable single user mode'
|
||||
);
|
||||
}
|
||||
|
||||
protected function execute(InputInterface $input, OutputInterface $output) {
|
||||
if ($input->getOption('on')) {
|
||||
\OC_Config::setValue('singleuser', true);
|
||||
$output->writeln('Single user mode enabled');
|
||||
} elseif ($input->getOption('off')) {
|
||||
\OC_Config::setValue('singleuser', false);
|
||||
$output->writeln('Single user mode disabled');
|
||||
} else {
|
||||
if (\OC_Config::getValue('singleuser', false)) {
|
||||
$output->writeln('Single user mode is currently enabled');
|
||||
} else {
|
||||
$output->writeln('Single user mode is currently disabled');
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -10,6 +10,7 @@
|
|||
$application->add(new OC\Core\Command\Status);
|
||||
$application->add(new OC\Core\Command\Db\GenerateChangeScript());
|
||||
$application->add(new OC\Core\Command\Upgrade());
|
||||
$application->add(new OC\Core\Command\Maintenance\SingleUser());
|
||||
$application->add(new OC\Core\Command\App\Disable());
|
||||
$application->add(new OC\Core\Command\App\Enable());
|
||||
$application->add(new OC\Core\Command\App\ListApps());
|
||||
|
|
|
|||
|
|
@ -0,0 +1,10 @@
|
|||
<ul>
|
||||
<li class='update'>
|
||||
<?php p($l->t('This ownCloud instance is currently in single user mode.')) ?><br /><br />
|
||||
<?php p($l->t('This means only administrators can use the instance.')) ?><br /><br />
|
||||
<?php p($l->t('Contact your system administrator if this message persists or appeared unexpectedly.')) ?>
|
||||
<br /><br />
|
||||
<?php p($l->t('Thank you for your patience.')); ?><br /><br />
|
||||
<a class="button" <?php print_unescaped(OC_User::getLogoutAttribute()); ?>><?php p($l->t('Log out')); ?></a>
|
||||
</li>
|
||||
</ul>
|
||||
19
lib/base.php
19
lib/base.php
|
|
@ -238,6 +238,22 @@ class OC {
|
|||
}
|
||||
}
|
||||
|
||||
public static function checkSingleUserMode() {
|
||||
$user = OC_User::getUserSession()->getUser();
|
||||
$group = OC_Group::getManager()->get('admin');
|
||||
if ($user && OC_Config::getValue('singleuser', false) && !$group->inGroup($user)) {
|
||||
// send http status 503
|
||||
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
||||
header('Status: 503 Service Temporarily Unavailable');
|
||||
header('Retry-After: 120');
|
||||
|
||||
// render error page
|
||||
$tmpl = new OC_Template('', 'singleuser.user', 'guest');
|
||||
$tmpl->printPage();
|
||||
die();
|
||||
}
|
||||
}
|
||||
|
||||
public static function checkUpgrade($showTemplate = true) {
|
||||
if (OC_Config::getValue('installed', false)) {
|
||||
$installedVersion = OC_Config::getValue('version', '0.0.0');
|
||||
|
|
@ -667,11 +683,12 @@ class OC {
|
|||
// Test it the user is already authenticated using Apaches AuthType Basic... very usable in combination with LDAP
|
||||
OC::tryBasicAuthLogin();
|
||||
|
||||
if (!self::$CLI) {
|
||||
if (!self::$CLI and (!isset($_GET["logout"]) or ($_GET["logout"] !== 'true'))) {
|
||||
try {
|
||||
if (!OC_Config::getValue('maintenance', false)) {
|
||||
OC_App::loadApps();
|
||||
}
|
||||
self::checkSingleUserMode();
|
||||
OC::getRouter()->match(OC_Request::getRawPathInfo());
|
||||
return;
|
||||
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ try {
|
|||
|
||||
require_once 'lib/base.php';
|
||||
OC::checkMaintenanceMode();
|
||||
OC::checkSingleUserMode();
|
||||
if (!isset($_GET['service'])) {
|
||||
header('HTTP/1.0 404 Not Found');
|
||||
exit;
|
||||
|
|
|
|||
Loading…
Reference in New Issue