From 71718db8f051cfbda6f4c90ac82563472cb8319d Mon Sep 17 00:00:00 2001 From: RainLoop Date: Sun, 1 Oct 2017 20:54:50 +0300 Subject: [PATCH] Small fixes --- .scrutinizer.yml | 16 --- build/plugin.xml | 122 ------------------ build/rsa.php | 13 -- build/{test.php => test_connection.php} | 0 build/test_ssl_connection.php | 30 +++++ dev/Settings/Admin/General.js | 2 + dev/Stores/Admin/App.js | 10 ++ gulpfile.js | 33 +++++ rainloop/v/0.0.0/app/.htaccess | 24 +--- .../libraries/RainLoop/Config/Application.php | 4 +- .../app/localization/admin/_source.en.yml | 1 + .../Views/Admin/AdminSettingsGeneral.html | 15 ++- rainloop/v/0.0.0/include.php | 8 +- 13 files changed, 101 insertions(+), 177 deletions(-) delete mode 100644 .scrutinizer.yml delete mode 100644 build/plugin.xml delete mode 100644 build/rsa.php rename build/{test.php => test_connection.php} (100%) create mode 100644 build/test_ssl_connection.php diff --git a/.scrutinizer.yml b/.scrutinizer.yml deleted file mode 100644 index e2fb68e96..000000000 --- a/.scrutinizer.yml +++ /dev/null @@ -1,16 +0,0 @@ -filter: - path: - - 'rainloop-webmail/rainloop/v/0.0.0/app/libraries/MailSo/*' - - 'rainloop-webmail/rainloop/v/0.0.0/app/libraries/RainLoop/*' - - 'dev/*' - - '/*.js' - excluded_paths: - - '*.min.js' - - '*/min/*' - - '*.min.css' - - 'vendors/*' - - 'build/*' - - 'data/*' -checks: - javascript: true - php: true \ No newline at end of file diff --git a/build/plugin.xml b/build/plugin.xml deleted file mode 100644 index d3d1721d0..000000000 --- a/build/plugin.xml +++ /dev/null @@ -1,122 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/build/rsa.php b/build/rsa.php deleted file mode 100644 index 998d2e7e7..000000000 --- a/build/rsa.php +++ /dev/null @@ -1,13 +0,0 @@ -createKey(1024); - -var_dump($key); diff --git a/build/test.php b/build/test_connection.php similarity index 100% rename from build/test.php rename to build/test_connection.php diff --git a/build/test_ssl_connection.php b/build/test_ssl_connection.php new file mode 100644 index 000000000..4bb167b2b --- /dev/null +++ b/build/test_ssl_connection.php @@ -0,0 +1,30 @@ + array( + 'verify_host' => true, + 'verify_peer' => true, + 'verify_peer_name' => true, + 'allow_self_signed' => false + ) +); + +$streamContext = stream_context_create($streamContextSettings); + +$errorStr = ''; +$errorNo = 0; + +$connection = stream_socket_client($host.':'.$port, $errorNo, $errorStr, 5, STREAM_CLIENT_CONNECT, $streamContext); +if (is_resource($connection)) { + echo ' = OK'; + fclose($connection); +} else { + echo ' = ERROR ([#'.$errorNo.'] '.$errorStr.')'; +} diff --git a/dev/Settings/Admin/General.js b/dev/Settings/Admin/General.js index ad298e276..988c6abb2 100644 --- a/dev/Settings/Admin/General.js +++ b/dev/Settings/Admin/General.js @@ -44,6 +44,8 @@ class GeneralAdminSettings this.weakPassword = AppAdminStore.weakPassword; this.newMoveToFolder = AppAdminStore.newMoveToFolder; + this.dataFolderAccess = AppAdminStore.dataFolderAccess; + this.mainAttachmentLimit = ko.observable(pInt(settingsGet('AttachmentLimit')) / (Magics.BitLength1024 * Magics.BitLength1024)).extend({posInterer: 25}); this.uploadData = settingsGet('PhpUploadSizes'); diff --git a/dev/Stores/Admin/App.js b/dev/Stores/Admin/App.js index cd22f3150..8b60055eb 100644 --- a/dev/Stores/Admin/App.js +++ b/dev/Stores/Admin/App.js @@ -13,6 +13,8 @@ class AppAdminStore extends AbstractAppStore this.weakPassword = ko.observable(false); this.useLocalProxyForExternalImages = ko.observable(false); + + this.dataFolderAccess = ko.observable(false); } populate() { @@ -23,6 +25,14 @@ class AppAdminStore extends AbstractAppStore this.weakPassword(!!settingsGet('WeakPassword')); this.useLocalProxyForExternalImages(!!settingsGet('UseLocalProxyForExternalImages')); + + if (settingsGet('Auth')) { + this.checkDataFolder(); + } + } + + checkDataFolder() { + $.get('./data/VERSION?' + window.Math.random()).then((value) => this.dataFolderAccess(true)); } } diff --git a/gulpfile.js b/gulpfile.js index 76ac623ad..4df6e8e17 100644 --- a/gulpfile.js +++ b/gulpfile.js @@ -577,6 +577,36 @@ gulp.task('rainloop:owncloud:copy-dist', ['rainloop:owncloud:shortname'], functi }); }); +gulp.task('plugins:build', [], function() { + + var name = argv.name || ''; + if (true === name || !name) { + throw new Error('Empty name parameter'); + } + + var + source = 'plugins/' + name, + vesrion = fs.readFileSync(source + '/VERSION', 'utf8') + ; + + cfg.destPath = 'build/dist/plugins/'; + cfg.zipFile = name + '-' + vesrion + '.zip'; + + fs.mkdirSync(cfg.destPath, '0777', true); + + return gulp.src(source + '/**/*', {base: source}) + .pipe(require('gulp-zip')(cfg.zipFile)) + .pipe(gulp.dest(cfg.destPath)); +}); + +gulp.task('plugins:build:copy-dist', ['plugins:build'], function(callback) { + var newPath = cfg.destPath.replace('build/dist/plugins', 'dist/plugins'); + fs.mkdirSync(newPath, '0777', true); + copyFile(cfg.destPath + cfg.zipFile, newPath + cfg.zipFile, callback); +}); + +gulp.task('plugins:build:docker', ['plugins:build', 'plugins:build:copy-dist']); + // main gulp.task('moment', ['moment:locales']); gulp.task('js', ['js:libs', 'js:min', 'js:validate']); @@ -627,3 +657,6 @@ gulp.task('v', ['js:validate']); gulp.task('b', ['build']); gulp.task('o', ['owncloud']); + +gulp.task('p', ['plugins:build']); +gulp.task('p:d', ['plugins:build:docker']); diff --git a/rainloop/v/0.0.0/app/.htaccess b/rainloop/v/0.0.0/app/.htaccess index 4e7fc3b65..503b1b581 100644 --- a/rainloop/v/0.0.0/app/.htaccess +++ b/rainloop/v/0.0.0/app/.htaccess @@ -1,19 +1,9 @@ - - -Deny from All - -= 2.4> -Require all denied - - - - -Deny from all - - -Require all denied - - + + Require all denied + + + Deny from all + -Options -Indexes + Options -Indexes \ No newline at end of file diff --git a/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php b/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php index f32bc6bdd..7a34a38dc 100644 --- a/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php +++ b/rainloop/v/0.0.0/app/libraries/RainLoop/Config/Application.php @@ -383,7 +383,7 @@ Enables caching in the system'), 'allow_prefetch' => array(true), 'allow_smart_html_links' => array(true), 'cache_system_data' => array(true), - 'date_from_headers' => array(false), + 'date_from_headers' => array(true), 'autocreate_system_folders' => array(true), 'allow_message_append' => array(false), 'disable_iconv_if_mbstring_supported' => array(false), @@ -391,7 +391,7 @@ Enables caching in the system'), 'log_ajax_response_write_limit' => array(300), 'allow_html_editor_source_button' => array(false), 'allow_html_editor_biti_buttons' => array(false), - 'allow_ctrl_enter_on_compose' => array(false), + 'allow_ctrl_enter_on_compose' => array(true), 'try_to_detect_hidden_images' => array(false), 'hide_dangerous_actions' => array(false), 'use_app_debug_js' => array(false), diff --git a/rainloop/v/0.0.0/app/localization/admin/_source.en.yml b/rainloop/v/0.0.0/app/localization/admin/_source.en.yml index de025ab37..920616d21 100644 --- a/rainloop/v/0.0.0/app/localization/admin/_source.en.yml +++ b/rainloop/v/0.0.0/app/localization/admin/_source.en.yml @@ -35,6 +35,7 @@ en: LABEL_ALLOW_IDENTITIES: "Allow multiple identities" LABEL_ALLOW_TEMPLATES: "Allow templates" ALERT_WARNING: "Warning!" + ALERT_DATA_ACCESS: "RainLoop data folder is accessible. Please configure your web server to hide the data folder from external access. Read more here:" HTML_ALERT_WEAK_PASSWORD: | You are using the default admin password.
diff --git a/rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsGeneral.html b/rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsGeneral.html index a297c34a2..91d5ca020 100644 --- a/rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsGeneral.html +++ b/rainloop/v/0.0.0/app/templates/Views/Admin/AdminSettingsGeneral.html @@ -1,11 +1,20 @@
-
+


+
+
+

+
+ +   + https://rainloop.net/docs/installation +
+
@@ -13,7 +22,7 @@
- +    @@ -29,7 +38,7 @@
- +    diff --git a/rainloop/v/0.0.0/include.php b/rainloop/v/0.0.0/include.php index 6563cd0fc..5b51731dd 100644 --- a/rainloop/v/0.0.0/include.php +++ b/rainloop/v/0.0.0/include.php @@ -16,8 +16,6 @@ define('APP_VERSION_ROOT_PATH', APP_INDEX_ROOT_PATH.'rainloop/v/'.APP_VERSION.'/'); define('APP_USE_APC_CACHE', true); - define('APP_DEFAULT_DENY_ALL_HTACCESS', @file_exists(APP_VERSION_ROOT_PATH.'app/.htaccess') ? - @file_get_contents(APP_VERSION_ROOT_PATH.'app/.htaccess') : ''); if (function_exists('date_default_timezone_set')) { @@ -151,8 +149,10 @@ @file_put_contents(APP_DATA_FOLDER_PATH.'VERSION', APP_VERSION); @file_put_contents(APP_DATA_FOLDER_PATH.'index.html', 'Forbidden'); @file_put_contents(APP_DATA_FOLDER_PATH.'index.php', 'Forbidden'); - if (0 < strlen(APP_DEFAULT_DENY_ALL_HTACCESS)) { - @file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', APP_DEFAULT_DENY_ALL_HTACCESS); + + if (!@file_exists(APP_DATA_FOLDER_PATH.'.htaccess') && @file_exists(APP_VERSION_ROOT_PATH.'app/.htaccess')) + { + @file_put_contents(APP_DATA_FOLDER_PATH.'.htaccess', @file_get_contents(APP_VERSION_ROOT_PATH.'app/.htaccess')); } if (!@is_dir(APP_PRIVATE_DATA))