diff options
| author | Lukas Reschke <lukas@owncloud.com> | 2014-08-21 22:22:35 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@owncloud.com> | 2014-08-21 22:22:35 +0200 |
| commit | 97b536e3dfd35d1e51ecf866ccb433745c33309a (patch) | |
| tree | ae39f9099f410e5bcd9dbd4c58b24faa2752a4c7 | |
| parent | 52d5429768acdb87b2dc2efedc89eb4ad0d29139 (diff) | |
| download | nextcloud-server-97b536e3dfd35d1e51ecf866ccb433745c33309a.tar.gz nextcloud-server-97b536e3dfd35d1e51ecf866ccb433745c33309a.zip | |
Add a trusted domain wizard
Adds a little button to the trusted domain warning, if an admin clicks on the warning he will be redirected to ownCloud and asked whether he want to trust this domain.
By far not the cleanest code, or clean at all, but does the job and I don't see a reason to make a lot of changes for this little improvement.
| -rw-r--r-- | core/css/styles.css | 4 | ||||
| -rw-r--r-- | core/templates/untrustedDomain.php | 19 | ||||
| -rw-r--r-- | lib/base.php | 7 | ||||
| -rw-r--r-- | settings/ajax/setsecurity.php | 12 | ||||
| -rw-r--r-- | settings/js/admin.js | 16 |
5 files changed, 52 insertions, 6 deletions
diff --git a/core/css/styles.css b/core/css/styles.css index f1ce49cfe20..292fb83a056 100644 --- a/core/css/styles.css +++ b/core/css/styles.css @@ -611,6 +611,10 @@ label.infield { margin-left: -200px !important; } +.error-wide .button { + color: black !important; +} + /* Fixes for log in page, TODO should be removed some time */ #body-login .update, #body-login .error { diff --git a/core/templates/untrustedDomain.php b/core/templates/untrustedDomain.php new file mode 100644 index 00000000000..b661834318d --- /dev/null +++ b/core/templates/untrustedDomain.php @@ -0,0 +1,19 @@ +<?php /** @var $_ array */ ?> + +<ul class="error-wide"> + <li class='error'> + <?php p($l->t('You are accessing the server from an untrusted domain.')); ?><br/> + + <p class='hint'> + <?php p($l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.')); ?> + <br/> + <?php p($l->t('Depending on your configuration, as an administrator you might also be able to use the button below to trust this domain.')); ?> + <br/><br/> + <p style="text-align:center;"> + <a href="<?php print_unescaped(OC_Helper::makeURLAbsolute(\OCP\Util::linkToRoute('settings_admin'))); ?>?trustDomain=<?php p($_['domain']); ?>" class="button"> + <?php p($l->t('Add "%s" as trusted domain', array($_['domain']))); ?> + </a> + </p> + </p> + </li> +</ul> diff --git a/lib/base.php b/lib/base.php index 759a4177031..499ef29f304 100644 --- a/lib/base.php +++ b/lib/base.php @@ -689,10 +689,9 @@ class OC { ) { header('HTTP/1.1 400 Bad Request'); header('Status: 400 Bad Request'); - OC_Template::printErrorPage( - $l->t('You are accessing the server from an untrusted domain.'), - $l->t('Please contact your administrator. If you are an administrator of this instance, configure the "trusted_domain" setting in config/config.php. An example configuration is provided in config/config.sample.php.') - ); + $tmpl = new OCP\Template('core', 'untrustedDomain', 'guest'); + $tmpl->assign('domain', $_SERVER['SERVER_NAME']); + $tmpl->printPage(); return; } diff --git a/settings/ajax/setsecurity.php b/settings/ajax/setsecurity.php index 675d7eced47..3cb1d05ee63 100644 --- a/settings/ajax/setsecurity.php +++ b/settings/ajax/setsecurity.php @@ -1,6 +1,6 @@ <?php /** - * Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch> + * Copyright (c) 2013-2014, Lukas Reschke <lukas@owncloud.com> * This file is licensed under the Affero General Public License version 3 or later. * See the COPYING-README file. */ @@ -8,6 +8,14 @@ OC_Util::checkAdminUser(); OCP\JSON::callCheck(); -OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN)); +if(isset($_POST['enforceHTTPS'])) { + OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN)); +} + +if(isset($_POST['trustedDomain'])) { + $trustedDomains = OC_Config::getValue('trusted_domains'); + $trustedDomains[] = $_POST['trustedDomain']; + OC_Config::setValue('trusted_domains', $trustedDomains); +} echo 'true'; diff --git a/settings/js/admin.js b/settings/js/admin.js index a202feb4f65..b09704f87b7 100644 --- a/settings/js/admin.js +++ b/settings/js/admin.js @@ -38,6 +38,22 @@ var SharingGroupList = { }; $(document).ready(function(){ + var params = OC.Util.History.parseUrlQuery(); + + // Hack to add a trusted domain + if (params.trustDomain) { + OC.dialogs.confirm(t('core', 'Are you really sure you want add "{domain}" as trusted domain?', {domain: params.trustDomain}), + t('core', 'Add trusted domain'), function(answer) { + if(answer) { + $.ajax({ + type: 'POST', + url: OC.generateUrl('settings/ajax/setsecurity.php'), + data: { trustedDomain: params.trustDomain} + }); + } + }); + } + $('select#excludedGroups[multiple]').each(function (index, element) { SharingGroupList.applyMultipleSelect($(element)); |