Removed lockdown feature for now.

This commit is contained in:
flash 2023-07-19 19:04:57 +00:00
parent 029c1ff20e
commit 24d61cc60e
3 changed files with 0 additions and 32 deletions

View file

@ -1,8 +1,6 @@
<?php <?php
namespace Misuzu; namespace Misuzu;
$misuzuBypassLockdown = true;
function ghcb_strip_prefix(string $line): string { function ghcb_strip_prefix(string $line): string {
$findColon = mb_strpos($line, ':'); $findColon = mb_strpos($line, ':');
return trim($findColon === false || $findColon >= 10 ? $line : mb_substr($line, $findColon + 1)); return trim($findColon === false || $findColon >= 10 ? $line : mb_substr($line, $findColon + 1));

View file

@ -55,7 +55,6 @@ $globals = $cfg->getValues([
'eeprom.app:s', 'eeprom.app:s',
['auth.secret:s', 'meow'], ['auth.secret:s', 'meow'],
['csrf.secret:s', 'soup'], ['csrf.secret:s', 'soup'],
'private.enabled:b',
]); ]);
Template::init($msz, $twigCache ?? null, MSZ_DEBUG); Template::init($msz, $twigCache ?? null, MSZ_DEBUG);
@ -146,29 +145,6 @@ CSRF::init(
(UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1')) (UserSession::hasCurrent() ? UserSession::getCurrent()->getToken() : ($_SERVER['REMOTE_ADDR'] ?? '::1'))
); );
if($globals['private.enabled']) {
$onLoginPage = $_SERVER['PHP_SELF'] === url('auth-login');
$onPasswordPage = parse_url($_SERVER['PHP_SELF'], PHP_URL_PATH) === url('auth-forgot');
$misuzuBypassLockdown = !empty($misuzuBypassLockdown) || $onLoginPage;
if(!$misuzuBypassLockdown) {
if(UserSession::hasCurrent()) {
['private.perm.cat' => $privatePermCat, 'private.perm.val' => $privatePermVal] = $cfg->getValues(['private.perm.cat:s', 'private.perm.val:i']);
if(!empty($privatePermCat) && $privatePermVal > 0) {
if(!perms_check_user($privatePermCat, User::getCurrent()->getId(), $privatePermVal)) {
// au revoir
UserSession::unsetCurrent();
User::unsetCurrent();
}
}
} elseif(!$onLoginPage && !($onPasswordPage && $cfg->getBoolean('private.allow_password_reset', true))) {
url_redirect('auth-login');
exit;
}
}
}
if(!empty($userInfo)) if(!empty($userInfo))
Template::set('current_user', $userInfo); Template::set('current_user', $userInfo);
if(!empty($userInfoReal)) if(!empty($userInfoReal))

View file

@ -2,7 +2,6 @@
namespace Misuzu\Http\Handlers; namespace Misuzu\Http\Handlers;
use Misuzu\GitInfo; use Misuzu\GitInfo;
use Misuzu\MisuzuContext;
use Misuzu\Users\User; use Misuzu\Users\User;
use Misuzu\Users\UserNotFoundException; use Misuzu\Users\UserNotFoundException;
use Misuzu\Users\Assets\StaticUserImageAsset; use Misuzu\Users\Assets\StaticUserImageAsset;
@ -10,11 +9,6 @@ use Misuzu\Users\Assets\UserImageAssetInterface;
use Misuzu\Users\Assets\UserAssetScalableInterface; use Misuzu\Users\Assets\UserAssetScalableInterface;
final class AssetsHandler extends Handler { final class AssetsHandler extends Handler {
public function __construct(MisuzuContext $context) {
$GLOBALS['misuzuBypassLockdown'] = true;
parent::__construct($context);
}
private function canViewAsset($request, User $assetUser): bool { private function canViewAsset($request, User $assetUser): bool {
return !$assetUser->isBanned() || ( return !$assetUser->isBanned() || (
User::hasCurrent() User::hasCurrent()