MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Browse Source

Update readme; remove username composition; default pre-auth to false

microsub
J. King 7 years ago
parent
b8e091177b
commit
a485913535
4 changed files with 29 additions and 38 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 46
      README.md
  2. 5
      lib/Conf.php
  3. 15
      lib/User.php
  4. 1
      tests/User/TestAuthorization.php

46
README.md
View File

@ -1,31 +1,37 @@
Arsse: Advanced RSS Environment
The Advanced RSS Environment
===============================
TODO: Fill in stuff
The Arsse is a news aggregator server which implements [version 1.2](https://github.com/nextcloud/news/blob/master/docs/externalapi/Legacy.md) of [NextCloud News](https://github.com/nextcloud/news)'s client-server synchronization protocol. Unlike most other aggregator servers, the Arsse does not include a Web front-end (though one is planned as a separate project), and it relies on existing protocols to maximize compatibility with existing clients.
At present the software should be considered in an "alpha" state: though its core subsystems are covered by unit tests and should be free of major bugs, not everything has been rigorously tested. Additionally, though the NextCloud News protocol is fully supported, many features one would expect from other similar software have yet to be implemented. Areas of future work include:
- Support for more database engines (PostgreSQL, MySQL, MariaDB)
- Providing more sync protocols (Tiny Tiny RSS, Fever, others)
- Tools for managing users (manual insertion into the database is currently required)
- Better packaging and configuration samples
Requirements
------------
Arsse has the following requirements:
- A Web server; example configuration currently exists for:
- nginx
- Apache 2
- A Web server
- PHP 7.0.7 or newer with the following extensions:
- [intl](http://php.net/manual/en/book.intl.php)
- [json](http://php.net/manual/en/book.json.php)
- [hash](http://php.net/manual/en/book.hash.php)
- One of the following supported databases, and the PHP extension to use it:
- SQLite 3.8.3 or newer
- PostgreSQL 8.4 or newer
- MySQL 8.0.1 or newer
- MariaDB 10.2.2 or newer
- The ability to run background services on the server; service files currently exist for:
- systemd
- launchd
- sysvinit
**FIXME:** The requirements listed are prospective and not representative of the actual requirements as of this writing. Currently only SQLite is supported, no Web server configuration has yet been written, and no background process yet exists, never mind service files to run it.
- [intl](http://php.net/manual/en/book.intl.php), [json](http://php.net/manual/en/book.json.php), and [hash](http://php.net/manual/en/book.hash.php)
- [dom](http://php.net/manual/en/book.dom.php), [simplexml](http://php.net/manual/en/book.simplexml.php), and [iconv](http://php.net/manual/en/book.iconv.php) (for picoFeed)
- [sqlite3](http://php.net/manual/en/book.sqlite3.php)
- The ability to run daemon processes on the server
Installation
------------
TODO: Work out how the system should be installed
If installing from the Git repository rather than a download package, you will need [Composer](https://getcomposer.org/) to fetch required PHP libraries. Once Composer is installed, dependencies may be downloaded with the following command:
``` sh
php composer.phar install -o --no-dev
```
License
-------
@ -39,7 +45,7 @@ To run the test suite, you must have [Composer](https://getcomposer.org/) instal
``` sh
# first install dependencies
composer install
php composer.phar install
# run the tests
./tests/test
```

5
lib/Conf.php
View File

@ -49,10 +49,7 @@ class Conf {
/** @var string Class of the user management driver in use (Internal by default) */
public $userDriver = User\Internal\Driver::class;
/** @var boolean Whether users are already authenticated by the Web server before the application is executed */
public $userPreAuth = true;
/** @var boolean Whether to automatically append the hostname to form a user@host combination before performing authentication
* @deprecated */
public $userComposeNames = true;
public $userPreAuth = false;
/** @var integer Desired length of temporary user passwords */
public $userTempPasswordLength = 20;

15
lib/User.php
View File

@ -81,7 +81,7 @@ class User {
return false;
}
// if actor is a domain admin/manager and domains don't match, deny the request
if(Arsse::$conf->userComposeNames && $this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
if($this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
$test = "@".$this->actor["domain"];
if(substr($affectedUser,-1*strlen($test)) != $test) {
return false;
@ -128,9 +128,6 @@ class User {
} else {
$out = ["user" => "", "password" => ""];
}
if(Arsse::$conf->userComposeNames && $out["user"] != "") {
$out["user"] = $this->composeName($out["user"]);
}
$this->id = $out["user"];
return $out;
}
@ -308,7 +305,7 @@ class User {
public function propertiesGet(string $user, bool $withAvatar = false): array {
// prepare default values
$domain = null;
if(Arsse::$conf->userComposeNames) {
if(strrpos($user,"@")!==false) {
$domain = substr($user,strrpos($user,"@")+1);
}
$init = [
@ -424,14 +421,6 @@ class User {
}
}
protected function composeName(string $user): string {
if(preg_match("/.+?@[^@]+$/",$user)) {
return $user;
} else {
return $user."@".$_SERVER['HTTP_HOST'];
}
}
protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string {
// temporarily disable authorization checks, to avoid potential problems
$this->authorizationEnabled(false);

1
tests/User/TestAuthorization.php
View File

@ -49,7 +49,6 @@ class TestAuthorization extends Test\AbstractTest {
$conf = new Conf();
$conf->userDriver = $drv;
$conf->userPreAuth = false;
$conf->userComposeNames = true;
Arsse::$conf = $conf;
if($db !== null) {
Arsse::$db = new $db();

Write Preview
Loading…
Cancel
Save