Removed lockdown feature for now.
This commit is contained in:
parent
029c1ff20e
commit
24d61cc60e
|
|
@ -1,8 +1,6 @@
|
|||
<?php
|
||||
namespace Misuzu;
|
||||
|
||||
$misuzuBypassLockdown = true;
|
||||
|
||||
function ghcb_strip_prefix(string $line): string {
|
||||
$findColon = mb_strpos($line, ':');
|
||||
return trim($findColon === false || $findColon >= 10 ? $line : mb_substr($line, $findColon + 1));
|
||||
|
|
|
|||
|
|
@ -55,7 +55,6 @@ $globals = $cfg->getValues([
|
|||
'eeprom.app:s',
|
||||
['auth.secret:s', 'meow'],
|
||||
['csrf.secret:s', 'soup'],
|
||||
'private.enabled:b',
|
||||
]);
|
||||
|
||||
Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
|
||||
|
|
@ -146,29 +145,6 @@ CSRF::init(
|
|||
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
|
||||
);
|
||||
|
||||
if($globals['private.enabled']) {
|
||||
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
|
||||
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
|
||||
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
|
||||
|
||||
if(!$misuzuBypassLockdown) {
|
||||
if(UserSession::hasCurrent()) {
|
||||
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
|
||||
|
||||
if(!empty($privatePermCat) && $privatePermVal > 0) {
|
||||
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
|
||||
// au revoir
|
||||
UserSession::unsetCurrent();
|
||||
User::unsetCurrent();
|
||||
}
|
||||
}
|
||||
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
|
||||
url_redirect('auth-login');
|
||||
exit;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if(!empty($userInfo))
|
||||
Template::set('current_user', $userInfo);
|
||||
if(!empty($userInfoReal))
|
||||
|
|
|
|||
|
|
@ -2,7 +2,6 @@
|
|||
namespace Misuzu\Http\Handlers;
|
||||
|
||||
use Misuzu\GitInfo;
|
||||
use Misuzu\MisuzuContext;
|
||||
use Misuzu\Users\User;
|
||||
use Misuzu\Users\UserNotFoundException;
|
||||
use Misuzu\Users\Assets\StaticUserImageAsset;
|
||||
|
|
@ -10,11 +9,6 @@ use Misuzu\Users\Assets\UserImageAssetInterface;
|
|||
use Misuzu\Users\Assets\UserAssetScalableInterface;
|
||||
|
||||
final class AssetsHandler extends Handler {
|
||||
public function __construct(MisuzuContext $context) {
|
||||
$GLOBALS['misuzuBypassLockdown'] = true;
|
||||
parent::__construct($context);
|
||||
}
|
||||
|
||||
private function canViewAsset($request, User $assetUser): bool {
|
||||
return !$assetUser->isBanned() || (
|
||||
User::hasCurrent()
|
||||
|
|
|
|||
Loading…
Reference in a new issue