MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
Browse Source

Update readme; remove username composition; default pre-auth to false

microsub
J. King 7 years ago
parent
b8e091177b
commit
a485913535
4 changed files with 29 additions and 38 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 46
      README.md
  2. 5
      lib/Conf.php
  3. 15
      lib/User.php
  4. 1
      tests/User/TestAuthorization.php

46
README.md
View File

@ -1,31 +1,37 @@
Arsse: Advanced RSS Environment The Advanced RSS Environment
=============================== ===============================
TODO: Fill in stuff The Arsse is a news aggregator server which implements [version 1.2](https://github.com/nextcloud/news/blob/master/docs/externalapi/Legacy.md) of [NextCloud News](https://github.com/nextcloud/news)'s client-server synchronization protocol. Unlike most other aggregator servers, the Arsse does not include a Web front-end (though one is planned as a separate project), and it relies on existing protocols to maximize compatibility with existing clients.
At present the software should be considered in an "alpha" state: though its core subsystems are covered by unit tests and should be free of major bugs, not everything has been rigorously tested. Additionally, though the NextCloud News protocol is fully supported, many features one would expect from other similar software have yet to be implemented. Areas of future work include:
- Support for more database engines (PostgreSQL, MySQL, MariaDB)
- Providing more sync protocols (Tiny Tiny RSS, Fever, others)
- Tools for managing users (manual insertion into the database is currently required)
- Better packaging and configuration samples
Requirements Requirements
------------ ------------
Arsse has the following requirements: Arsse has the following requirements:
- A Web server; example configuration currently exists for: - A Web server
- nginx
- Apache 2
- PHP 7.0.7 or newer with the following extensions: - PHP 7.0.7 or newer with the following extensions:
- [intl](http://php.net/manual/en/book.intl.php) - [intl](http://php.net/manual/en/book.intl.php), [json](http://php.net/manual/en/book.json.php), and [hash](http://php.net/manual/en/book.hash.php)
- [json](http://php.net/manual/en/book.json.php) - [dom](http://php.net/manual/en/book.dom.php), [simplexml](http://php.net/manual/en/book.simplexml.php), and [iconv](http://php.net/manual/en/book.iconv.php) (for picoFeed)
- [hash](http://php.net/manual/en/book.hash.php) - [sqlite3](http://php.net/manual/en/book.sqlite3.php)
- One of the following supported databases, and the PHP extension to use it: - The ability to run daemon processes on the server
- SQLite 3.8.3 or newer
- PostgreSQL 8.4 or newer Installation
- MySQL 8.0.1 or newer ------------
- MariaDB 10.2.2 or newer
- The ability to run background services on the server; service files currently exist for: TODO: Work out how the system should be installed
- systemd
- launchd If installing from the Git repository rather than a download package, you will need [Composer](https://getcomposer.org/) to fetch required PHP libraries. Once Composer is installed, dependencies may be downloaded with the following command:
- sysvinit
``` sh
**FIXME:** The requirements listed are prospective and not representative of the actual requirements as of this writing. Currently only SQLite is supported, no Web server configuration has yet been written, and no background process yet exists, never mind service files to run it. php composer.phar install -o --no-dev
```
License License
------- -------
@ -39,7 +45,7 @@ To run the test suite, you must have [Composer](https://getcomposer.org/) instal
``` sh ``` sh
# first install dependencies # first install dependencies
composer install php composer.phar install
# run the tests # run the tests
./tests/test ./tests/test
``` ```

5
lib/Conf.php
View File

@ -49,10 +49,7 @@ class Conf {
/** @var string Class of the user management driver in use (Internal by default) */ /** @var string Class of the user management driver in use (Internal by default) */
public $userDriver = User\Internal\Driver::class; public $userDriver = User\Internal\Driver::class;
/** @var boolean Whether users are already authenticated by the Web server before the application is executed */ /** @var boolean Whether users are already authenticated by the Web server before the application is executed */
public $userPreAuth = true; public $userPreAuth = false;
/** @var boolean Whether to automatically append the hostname to form a user@host combination before performing authentication
* @deprecated */
public $userComposeNames = true;
/** @var integer Desired length of temporary user passwords */ /** @var integer Desired length of temporary user passwords */
public $userTempPasswordLength = 20; public $userTempPasswordLength = 20;

15
lib/User.php
View File

@ -81,7 +81,7 @@ class User {
return false; return false;
} }
// if actor is a domain admin/manager and domains don't match, deny the request // if actor is a domain admin/manager and domains don't match, deny the request
if(Arsse::$conf->userComposeNames && $this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) { if($this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
$test = "@".$this->actor["domain"]; $test = "@".$this->actor["domain"];
if(substr($affectedUser,-1*strlen($test)) != $test) { if(substr($affectedUser,-1*strlen($test)) != $test) {
return false; return false;
@ -128,9 +128,6 @@ class User {
} else { } else {
$out = ["user" => "", "password" => ""]; $out = ["user" => "", "password" => ""];
} }
if(Arsse::$conf->userComposeNames && $out["user"] != "") {
$out["user"] = $this->composeName($out["user"]);
}
$this->id = $out["user"]; $this->id = $out["user"];
return $out; return $out;
} }
@ -308,7 +305,7 @@ class User {
public function propertiesGet(string $user, bool $withAvatar = false): array { public function propertiesGet(string $user, bool $withAvatar = false): array {
// prepare default values // prepare default values
$domain = null; $domain = null;
if(Arsse::$conf->userComposeNames) { if(strrpos($user,"@")!==false) {
$domain = substr($user,strrpos($user,"@")+1); $domain = substr($user,strrpos($user,"@")+1);
} }
$init = [ $init = [
@ -424,14 +421,6 @@ class User {
} }
} }
protected function composeName(string $user): string {
if(preg_match("/.+?@[^@]+$/",$user)) {
return $user;
} else {
return $user."@".$_SERVER['HTTP_HOST'];
}
}
protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string { protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string {
// temporarily disable authorization checks, to avoid potential problems // temporarily disable authorization checks, to avoid potential problems
$this->authorizationEnabled(false); $this->authorizationEnabled(false);

1
tests/User/TestAuthorization.php
View File

@ -49,7 +49,6 @@ class TestAuthorization extends Test\AbstractTest {
$conf = new Conf(); $conf = new Conf();
$conf->userDriver = $drv; $conf->userDriver = $drv;
$conf->userPreAuth = false; $conf->userPreAuth = false;
$conf->userComposeNames = true;
Arsse::$conf = $conf; Arsse::$conf = $conf;
if($db !== null) { if($db !== null) {
Arsse::$db = new $db(); Arsse::$db = new $db();

Write Preview
Loading…
Cancel
Save