Update readme; remove username composition; default pre-auth to false

This commit is contained in:
J. King 2017-08-18 10:20:43 -04:00
parent b8e091177b
commit a485913535
4 changed files with 28 additions and 37 deletions

View file

@ -1,31 +1,37 @@
Arsse: Advanced RSS Environment
The Advanced RSS Environment
===============================
TODO: Fill in stuff
The Arsse is a news aggregator server which implements [version 1.2](https://github.com/nextcloud/news/blob/master/docs/externalapi/Legacy.md) of [NextCloud News](https://github.com/nextcloud/news)'s client-server synchronization protocol. Unlike most other aggregator servers, the Arsse does not include a Web front-end (though one is planned as a separate project), and it relies on existing protocols to maximize compatibility with existing clients.
At present the software should be considered in an "alpha" state: though its core subsystems are covered by unit tests and should be free of major bugs, not everything has been rigorously tested. Additionally, though the NextCloud News protocol is fully supported, many features one would expect from other similar software have yet to be implemented. Areas of future work include:
- Support for more database engines (PostgreSQL, MySQL, MariaDB)
- Providing more sync protocols (Tiny Tiny RSS, Fever, others)
- Tools for managing users (manual insertion into the database is currently required)
- Better packaging and configuration samples
Requirements
------------
Arsse has the following requirements:
- A Web server; example configuration currently exists for:
- nginx
- Apache 2
- A Web server
- PHP 7.0.7 or newer with the following extensions:
- [intl](http://php.net/manual/en/book.intl.php)
- [json](http://php.net/manual/en/book.json.php)
- [hash](http://php.net/manual/en/book.hash.php)
- One of the following supported databases, and the PHP extension to use it:
- SQLite 3.8.3 or newer
- PostgreSQL 8.4 or newer
- MySQL 8.0.1 or newer
- MariaDB 10.2.2 or newer
- The ability to run background services on the server; service files currently exist for:
- systemd
- launchd
- sysvinit
- [intl](http://php.net/manual/en/book.intl.php), [json](http://php.net/manual/en/book.json.php), and [hash](http://php.net/manual/en/book.hash.php)
- [dom](http://php.net/manual/en/book.dom.php), [simplexml](http://php.net/manual/en/book.simplexml.php), and [iconv](http://php.net/manual/en/book.iconv.php) (for picoFeed)
- [sqlite3](http://php.net/manual/en/book.sqlite3.php)
- The ability to run daemon processes on the server
**FIXME:** The requirements listed are prospective and not representative of the actual requirements as of this writing. Currently only SQLite is supported, no Web server configuration has yet been written, and no background process yet exists, never mind service files to run it.
Installation
------------
TODO: Work out how the system should be installed
If installing from the Git repository rather than a download package, you will need [Composer](https://getcomposer.org/) to fetch required PHP libraries. Once Composer is installed, dependencies may be downloaded with the following command:
``` sh
php composer.phar install -o --no-dev
```
License
-------
@ -39,7 +45,7 @@ To run the test suite, you must have [Composer](https://getcomposer.org/) instal
``` sh
# first install dependencies
composer install
php composer.phar install
# run the tests
./tests/test
```

View file

@ -49,10 +49,7 @@ class Conf {
/** @var string Class of the user management driver in use (Internal by default) */
public $userDriver = User\Internal\Driver::class;
/** @var boolean Whether users are already authenticated by the Web server before the application is executed */
public $userPreAuth = true;
/** @var boolean Whether to automatically append the hostname to form a user@host combination before performing authentication
* @deprecated */
public $userComposeNames = true;
public $userPreAuth = false;
/** @var integer Desired length of temporary user passwords */
public $userTempPasswordLength = 20;

View file

@ -81,7 +81,7 @@ class User {
return false;
}
// if actor is a domain admin/manager and domains don't match, deny the request
if(Arsse::$conf->userComposeNames && $this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
if($this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
$test = "@".$this->actor["domain"];
if(substr($affectedUser,-1*strlen($test)) != $test) {
return false;
@ -128,9 +128,6 @@ class User {
} else {
$out = ["user" => "", "password" => ""];
}
if(Arsse::$conf->userComposeNames && $out["user"] != "") {
$out["user"] = $this->composeName($out["user"]);
}
$this->id = $out["user"];
return $out;
}
@ -308,7 +305,7 @@ class User {
public function propertiesGet(string $user, bool $withAvatar = false): array {
// prepare default values
$domain = null;
if(Arsse::$conf->userComposeNames) {
if(strrpos($user,"@")!==false) {
$domain = substr($user,strrpos($user,"@")+1);
}
$init = [
@ -424,14 +421,6 @@ class User {
}
}
protected function composeName(string $user): string {
if(preg_match("/.+?@[^@]+$/",$user)) {
return $user;
} else {
return $user."@".$_SERVER['HTTP_HOST'];
}
}
protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string {
// temporarily disable authorization checks, to avoid potential problems
$this->authorizationEnabled(false);

View file

@ -49,7 +49,6 @@ class TestAuthorization extends Test\AbstractTest {
$conf = new Conf();
$conf->userDriver = $drv;
$conf->userPreAuth = false;
$conf->userComposeNames = true;
Arsse::$conf = $conf;
if($db !== null) {
Arsse::$db = new $db();