From 466cdab680d74cad2cbb902efa3e3c2f9e35f767 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 11 Jan 2013 14:18:51 +0100
Subject: Add security section to admin menu

Currently it only allows the admin to enable or disable the HTTPS
enforcement, but in the future it could be expanded to further options.

The HTTPS enforcement only allows the admin to enforce it, if he is
connected via HTTPS. (To prevent admins to enable it without a proper
SSL setup)
---
 settings/ajax/setsecurity.php | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 settings/ajax/setsecurity.php

(limited to 'settings/ajax')

diff --git a/settings/ajax/setsecurity.php b/settings/ajax/setsecurity.php
new file mode 100644
index 00000000000..16a85aade81
--- /dev/null
+++ b/settings/ajax/setsecurity.php
@@ -0,0 +1,13 @@
+<?php
+/**
+ * Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch>
+ * This file is licensed under the Affero General Public License version 3 or later.
+ * See the COPYING-README file.
+ */
+
+OC_Util::checkAdminUser();
+OCP\JSON::callCheck();
+
+OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
+
+echo 'true';
\ No newline at end of file
-- 
cgit v1.2.3


From 9b9f5b1a8ac6b08c7d9220f5581344c7bc9cdfce Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 11 Jan 2013 17:09:36 +0100
Subject: Remove setContentTypeHeader()

`OC_JSON::success` and `OC_JSON::error` are calling
`OC_JSON::encodedPrint`, which already sets these headers. So this two
calls are uneeded duplicates.
---
 settings/ajax/disableapp.php | 1 -
 settings/ajax/enableapp.php  | 1 -
 2 files changed, 2 deletions(-)

(limited to 'settings/ajax')

diff --git a/settings/ajax/disableapp.php b/settings/ajax/disableapp.php
index a39b06b9c7d..e89de928eac 100644
--- a/settings/ajax/disableapp.php
+++ b/settings/ajax/disableapp.php
@@ -1,7 +1,6 @@
 <?php
 OC_JSON::checkAdminUser();
 OCP\JSON::callCheck();
-OC_JSON::setContentTypeHeader();
 
 OC_App::disable($_POST['appid']);
 
diff --git a/settings/ajax/enableapp.php b/settings/ajax/enableapp.php
index f4d5c53adef..18202dc39e9 100644
--- a/settings/ajax/enableapp.php
+++ b/settings/ajax/enableapp.php
@@ -2,7 +2,6 @@
 
 OC_JSON::checkAdminUser();
 OCP\JSON::callCheck();
-OC_JSON::setContentTypeHeader();
 
 $appid = OC_App::enable($_POST['appid']);
 if($appid !== false) {
-- 
cgit v1.2.3


From 1631ee4d607f90d573264c1801e5f6955bdcb974 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Fri, 11 Jan 2013 17:22:15 +0100
Subject: Move to apps repo

This belongs to the apps repo.
---
 settings/ajax/openid.php | 16 ----------------
 1 file changed, 16 deletions(-)
 delete mode 100644 settings/ajax/openid.php

(limited to 'settings/ajax')

diff --git a/settings/ajax/openid.php b/settings/ajax/openid.php
deleted file mode 100644
index 23c43c3c48e..00000000000
--- a/settings/ajax/openid.php
+++ /dev/null
@@ -1,16 +0,0 @@
-<?php
-
-$l=OC_L10N::get('settings');
-
-OC_JSON::checkLoggedIn();
-OCP\JSON::callCheck();
-OC_JSON::checkAppEnabled('user_openid');
-
-// Get data
-if( isset( $_POST['identity'] ) ) {
-	$identity=$_POST['identity'];
-	OC_Preferences::setValue(OC_User::getUser(), 'user_openid', 'identity', $identity);
-	OC_JSON::success(array("data" => array( "message" => $l->t("OpenID Changed") )));
-}else{
-	OC_JSON::error(array("data" => array( "message" => $l->t("Invalid request") )));
-}
-- 
cgit v1.2.3