mirror of
https://github.com/the-djmaze/snappymail.git
synced 2024-09-20 07:35:55 +08:00
add more security settings (allow_admin_panel, core_install_access_domains)
+ small fixes
This commit is contained in:
parent
6ffa712a05
commit
df1c369a9d
17
_include.php
17
_include.php
|
@ -8,7 +8,7 @@
|
|||
function __get_custom_data_full_path()
|
||||
{
|
||||
return '';
|
||||
return '/var/rainloop-data-folder/'; // custom data folder path
|
||||
return '/var/external-rainloop-data-folder/'; // custom data folder path
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -17,19 +17,6 @@ function __get_custom_data_full_path()
|
|||
*/
|
||||
function __get_private_data_folder_internal_name($siteName)
|
||||
{
|
||||
return '_default_'; // default domain folder name
|
||||
return ''; // default value
|
||||
return $siteName;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $siteName
|
||||
* @return string
|
||||
*/
|
||||
function __get_core_install_access_site($siteName)
|
||||
{
|
||||
return $siteName; // allow all
|
||||
|
||||
return in_array($siteName, array(
|
||||
'domain.com', 'domain.net'
|
||||
)) ? $siteName : '';
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"name": "RainLoop",
|
||||
"title": "RainLoop Webmail",
|
||||
"version": "1.4.0",
|
||||
"release": "506",
|
||||
"release": "507",
|
||||
"description": "Simple, modern & fast web-based email client",
|
||||
"homepage": "http://rainloop.net",
|
||||
"main": "Gruntfile.js",
|
||||
|
|
|
@ -269,7 +269,8 @@ class Http
|
|||
*/
|
||||
public function GetScheme()
|
||||
{
|
||||
return ('on' === \strtolower($this->GetServer('HTTPS'))) ? 'https' : 'http';
|
||||
$sHttps = \strtolower($this->GetServer('HTTPS', ''));
|
||||
return ('on' === $sHttps || ('' === $sHttps && '443' === (string) $this->GetServer('SERVER_PORT', ''))) ? 'https' : 'http';
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
@ -2256,7 +2256,10 @@ class Actions
|
|||
|
||||
private function rainLoopCoreAccess()
|
||||
{
|
||||
return $this->Http()->CheckLocalhost(APP_SITE) || APP_SITE === APP_CORE_INSTALL_ACCESS_SITE;
|
||||
$sCoreAccess = \strtolower(\preg_replace('/[\s,;]+/', ' ',
|
||||
$this->Config()->Get('security', 'core_install_access_domains', '')));
|
||||
|
||||
return '' === $sCoreAccess || APP_SITE === $sCoreAccess;
|
||||
}
|
||||
|
||||
private function getRepositoryDataByUrl($sRepo, &$bReal = false)
|
||||
|
|
|
@ -87,7 +87,9 @@ class Application extends \RainLoop\Config\AbstractConfig
|
|||
|
||||
'custom_server_signature' => array('RainLoop'),
|
||||
'admin_login' => array('admin', 'Login and password for web admin panel'),
|
||||
'admin_password' => array('12345')
|
||||
'admin_password' => array('12345'),
|
||||
'allow_admin_panel' => array(true, 'Access settings'),
|
||||
'core_install_access_domains' => array('')
|
||||
),
|
||||
|
||||
'login' => array(
|
||||
|
|
|
@ -94,11 +94,11 @@ class Service
|
|||
|
||||
$this->oActions->ParseQueryAuthString();
|
||||
|
||||
if (defined('APP_INSTALLED_START') && defined('APP_INSTALLED_VERSION') && APP_INSTALLED_START &&
|
||||
if (defined('APP_INSTALLED_START') && defined('APP_INSTALLED_VERSION') &&
|
||||
APP_INSTALLED_START && !APP_INSTALLED_VERSION &&
|
||||
$this->oActions->Config()->Get('labs', 'usage_statistics', true))
|
||||
{
|
||||
$this->oActions->KeenIO(APP_INSTALLED_VERSION ? 'Upgrade' : 'Install',
|
||||
APP_INSTALLED_VERSION ? array('previos-version' => APP_INSTALLED_VERSION) : array());
|
||||
$this->oActions->KeenIO('Install');
|
||||
}
|
||||
|
||||
$bCached = false;
|
||||
|
@ -115,6 +115,13 @@ class Service
|
|||
$this->oActions->Plugins()->RunHook('filter.http-paths', array(&$aPaths));
|
||||
|
||||
$bAdmin = !empty($aPaths[0]) && \in_array(\strtolower($aPaths[0]), array('admin', 'cp'));
|
||||
if ($bAdmin && !$this->oActions->Config()->Get('security', 'allow_admin_panel', true))
|
||||
{
|
||||
echo $this->oActions->ErrorTemplates('Access Denied.',
|
||||
'Access to the RainLoop Webmail Admin Panel is not allowed!', true);
|
||||
|
||||
return $this;
|
||||
}
|
||||
|
||||
if (0 < \count($aPaths) && !empty($aPaths[0]) && !$bAdmin)
|
||||
{
|
||||
|
|
|
@ -56,8 +56,10 @@
|
|||
</div>
|
||||
<br />
|
||||
<div class="error-desc">
|
||||
<br />
|
||||
{{ErrorDesc}}
|
||||
<br />
|
||||
<br />
|
||||
<div class="browsers">
|
||||
<a href="http://www.google.com/chrome/" target="_blank" style="background: url('{{BaseWebStaticPath}}browsers/chrome.gif') no-repeat 50% 6px;">Google Chrome</a>
|
||||
<a href="http://www.mozilla-europe.org/" target="_blank" style="background: url('{{BaseWebStaticPath}}browsers/firefox.gif') no-repeat 50% 7px;">Mozilla Firefox</a>
|
||||
|
|
|
@ -43,8 +43,10 @@
|
|||
</div>
|
||||
<br />
|
||||
<div class="error-desc">
|
||||
<br />
|
||||
{{ErrorDesc}}
|
||||
<br />
|
||||
<br />
|
||||
<div style="display: {{BackLinkVisibility}}">
|
||||
<br />
|
||||
<a href="{{BackHref}}">{{BackLink}}</a>
|
||||
|
|
|
@ -26,9 +26,6 @@
|
|||
define('APP_PRIVATE_DATA_NAME', 0 === strlen($sPrivateDataFolderInternalName) ? APP_DEFAULT_PRIVATE_DATA_NAME : $sPrivateDataFolderInternalName);
|
||||
define('APP_MULTIPLY', 0 < strlen($sPrivateDataFolderInternalName) && APP_DEFAULT_PRIVATE_DATA_NAME !== APP_PRIVATE_DATA_NAME);
|
||||
|
||||
define('APP_CORE_INSTALL_ACCESS_SITE', function_exists('__get_core_install_access_site') ?
|
||||
__get_core_install_access_site(APP_SITE) : APP_SITE);
|
||||
|
||||
define('APP_DUMMY', '********');
|
||||
define('APP_DEV_VERSION', '0.0.0');
|
||||
define('APP_API_PATH', 'http://api.rainloop.net/');
|
||||
|
|
Loading…
Reference in a new issue