0ct0pu5/typemill
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'version144' into develop

Browse source
This commit is contained in:
trendschau 2021-01-22 22:16:52 +01:00
commit 1d7d082280
15 changed files with 246 additions and 83 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
system/Controllers/MetaApiController.php
View file

@ -26,15 +26,17 @@ class MetaApiController extends ContentController
$metatabs = $writeYaml->getYaml('system' . DIRECTORY_SEPARATOR . 'author', 'metatabs.yaml');
# add radio buttons to choose posts or pages for folder.
if($folder)
# the fields for user or role based access
if(!isset($this->settings['pageaccess']) || $this->settings['pageaccess'] === NULL )
{
$metatabs['meta']['fields']['contains'] = [
'type' => 'radio',
'label' => 'This folder contains:',
'options' => ['pages' => 'PAGES (sort in navigation with drag & drop)', 'posts' => 'POSTS (sorted by publish date, for news or blogs)'],
'class' => 'medium'
];
unset($metatabs['meta']['fields']['alloweduser']);
unset($metatabs['meta']['fields']['allowedrole']);
}
# add radio buttons to choose posts or pages for folder.
if(!$folder)
{
unset($metatabs['meta']['fields']['contains']);
}
# loop through all plugins
@ -352,6 +354,7 @@ class MetaApiController extends ContentController
return $response->withJson(array('metadata' => $metaInput, 'structure' => $structure, 'item' => $this->item, 'errors' => false));
}
# can be deleted ??
private function customfieldsPrepareForEdit($customfields)
{
# to edit fields in vue we have to transform the arrays in yaml into an array of objects like [{key: abc, value: xyz}{...}]
@ -374,6 +377,7 @@ class MetaApiController extends ContentController
return $customfieldsForEdit;
}
# can be deleted?
private function customfieldsPrepareForSave($customfields, $arrayFeatureOn)
{
# we have to convert the incoming array of objects from vue [{key: abc, value: xyz}{...}] into key-value arrays for yaml.

115
system/Controllers/PageController.php
View file

@ -19,6 +19,7 @@ use Typemill\Events\OnMetaLoaded;
use Typemill\Events\OnMarkdownLoaded;
use Typemill\Events\OnContentArrayLoaded;
use Typemill\Events\OnHtmlLoaded;
use Typemill\Events\OnRestrictionsLoaded;
use Typemill\Extensions\ParsedownExtension;
class PageController extends Controller
@ -213,10 +214,50 @@ class PageController extends Controller
/* set safe mode to escape javascript and html in markdown */
$parsedown->setSafeMode(true);
# check access restriction here
$restricted = $this->checkRestrictions($metatabs['meta']);
if($restricted)
{
# convert markdown into array of markdown block-elements
$markdownBlocks = $parsedown->markdownToArrayBlocks($contentMD);
# infos that plugins need to add restriction content
$restrictions = [
'restricted' => $restricted,
'defaultContent' => true,
'markdownBlocks' => $markdownBlocks,
];
# dispatch the data
$restrictions = $this->c->dispatcher->dispatch('onRestrictionsLoaded', new OnRestrictionsLoaded( $restrictions ))->getData();
# use the returned markdown
$markdownBlocks = $restrictions['markdownBlocks'];
# if no plugin has disabled the default behavior
if($restrictions['defaultContent'])
{
# cut the restricted content
$shortenedPage = $this->cutRestrictedContent($markdownBlocks);
# check if there is customized content
$restrictionnotice = ( isset($this->settings['restrictionnotice']) && $this->settings['restrictionnotice'] != '' ) ? $this->settings['restrictionnotice'] : 'You are not allowed to access this content.';
# add notice to shortened content
$shortenedPage[] = $restrictionnotice;
# Use the shortened page
$markdownBlocks = $shortenedPage;
}
# finally transform the markdown blocks back to pure markdown text
$contentMD = $parsedown->arrayBlocksToMarkdown($markdownBlocks);
}
/* parse markdown-file to content-array */
$contentArray = $parsedown->text($contentMD);
$contentArray = $this->c->dispatcher->dispatch('onContentArrayLoaded', new OnContentArrayLoaded($contentArray))->getData();
/* parse markdown-content-array to content-string */
$contentHTML = $parsedown->markup($contentArray);
$contentHTML = $this->c->dispatcher->dispatch('onHtmlLoaded', new OnHtmlLoaded($contentHTML))->getData();
@ -426,4 +467,76 @@ class PageController extends Controller
return false;
}
# checks if a page has a restriction in meta and if the current user is blocked by that restriction
protected function checkRestrictions($meta)
{
# check if content restrictions are active
if(isset($this->settings['pageaccess']) && $this->settings['pageaccess'])
{
# check if page is restricted to certain user
if(isset($meta['alloweduser']) && $meta['alloweduser'] && $meta['alloweduser'] !== '' )
{
if(isset($_SESSION['user']) && $_SESSION['user'] == $meta['alloweduser'])
{
# user has access to the page, so there are no restrictions
return false;
}
# otherwise return array with type of restriction and allowed username
return [ 'alloweduser' => $meta['alloweduser'] ];
}
# check if page is restricted to certain userrole
if(isset($meta['allowedrole']) && $meta['allowedrole'] && $meta['allowedrole'] !== '' )
{
# var_dump($this->c->acl->inheritsRole('editor', 'member'));
# die();
if(
isset($_SESSION['role'])
AND (
$_SESSION['role'] == 'administrator'
OR $_SESSION['role'] == $meta['allowedrole']
OR $this->c->acl->inheritsRole($_SESSION['role'], $meta['allowedrole'])
)
)
{
# role has access to page, so there are no restrictions
return false;
}
return [ 'allowedrole' => $meta['allowedrole'] ];
}
}
return false;
}
protected function cutRestrictedContent($markdown)
{
#initially add only the title of the page.
$restrictedMarkdown = [$markdown[0]];
unset($markdown[0]);
if(isset($this->settings['hrdelimiter']) && $this->settings['hrdelimiter'] !== NULL )
{
foreach ($markdown as $block)
{
$firstCharacters = substr($block, 0, 3);
if($firstCharacters == '---' OR $firstCharacters == '***')
{
return $restrictedMarkdown;
}
$restrictedMarkdown[] = $block;
}
# no delimiter found, so use the title only
$restrictedMarkdown = [$restrictedMarkdown[0]];
}
return $restrictedMarkdown;
}
}

9
system/Controllers/SettingsController.php
View file

@ -51,9 +51,6 @@ class SettingsController extends Controller
# set navigation active
$navigation['System']['active'] = true;
# set option for registered website
$options = ['' => 'all', 'registered' => 'registered users only'];
return $this->render($response, 'settings/system.twig', array(
'settings' => $settings,
'acl' => $this->c->acl,
@ -62,7 +59,6 @@ class SettingsController extends Controller
'languages' => $languages,
'locale' => $locale,
'formats' => $defaultSettings['formats'],
'access' => $options,
'route' => $route->getName()
));
}
@ -94,8 +90,11 @@ class SettingsController extends Controller
'language' => $newSettings['language'],
'langattr' => $newSettings['langattr'],
'editor' => $newSettings['editor'],
'access' => $newSettings['access'],
'formats' => $newSettings['formats'],
'access' => isset($newSettings['access']) ? true : null,
'pageaccess' => isset($newSettings['pageaccess']) ? true : null,
'hrdelimiter' => isset($newSettings['hrdelimiter']) ? true : null,
'restrictionnotice' => $newSettings['restrictionnotice'],
'headlineanchors' => isset($newSettings['headlineanchors']) ? $newSettings['headlineanchors'] : null,
'displayErrorDetails' => isset($newSettings['displayErrorDetails']) ? true : null,
'twigcache' => isset($newSettings['twigcache']) ? true : null,

14
system/Events/OnRestrictionsLoaded.php Normal file
View file

@ -0,0 +1,14 @@
<?php
namespace Typemill\Events;
use Symfony\Component\EventDispatcher\Event;
/**
* Event for page restrictions.
*/
class OnRestrictionsLoaded extends BaseEvent
{
}

13
system/Extensions/TwigUserExtension.php
View file

@ -16,23 +16,12 @@ class TwigUserExtension extends \Twig_Extension
public function isLoggedin()
{
// configure session
ini_set('session.cookie_httponly', 1 );
ini_set('session.use_strict_mode', 1);
ini_set('session.cookie_samesite', 'lax');
session_name('typemill-session');
// start session
session_start();
if(isset($_SESSION['user']))
if(isset($_SESSION['login']) && $_SESSION['login'])
{
return true;
}
session_destroy();
return false;
}
public function isRole($role)

2
system/Models/Validation.php
View file

@ -283,6 +283,8 @@ class Validation
$v->rule('in', 'editor', ['raw', 'visual']);
$v->rule('values_allowed', 'formats', $formats);
$v->rule('in', 'copyright', $copyright);
$v->rule('noHTML', 'restrictionnotice');
$v->rule('lengthBetween', 'restrictionnotice', 2, 1000 );
$v->rule('iplist', 'trustedproxies');
return $this->validationResult($v, $name);

3
system/Settings.php
View file

@ -159,6 +159,9 @@ class Settings
'author' => true,
'year' => true,
'access' => true,
'pageaccess' => true,
'hrdelimiter' => true,
'restrictionnotice' => true,
'headlineanchors' => true,
'theme' => true,
'editor' => true,

16
system/author/layouts/layout.twig
View file

@ -16,8 +16,8 @@
<link rel="apple-touch-icon" sizes="144x144" href="{{ base_url }}/system/author/img/favicon-144.png" />
<link rel="apple-touch-icon" sizes="180x180" href="{{ base_url }}/system/author/img/favicon-180.png" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/tachyons.min.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/tachyons.min.css?20210108" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20210108" />
{{ assets.renderCSS() }}
@ -39,16 +39,16 @@
</article>
<footer></footer>
</div>
<script src="{{ base_url }}/system/author/js/axios.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/axios.min.js?20210108"></script>
<script>
const myaxios = axios.create();
myaxios.defaults.baseURL = "{{ base_url }}";
</script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-shared.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/author.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/typemillutils.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-shared.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/author.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/typemillutils.js?20210108"></script>
<script>
typemillUtilities.start()
</script>

4
system/author/layouts/layoutAuth.twig
View file

@ -17,7 +17,7 @@
<link rel="apple-touch-icon" sizes="144x144" href="{{ base_url }}/system/author/img/favicon-144.png" />
<link rel="apple-touch-icon" sizes="180x180" href="{{ base_url }}/system/author/img/favicon-180.png" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20210108" />
{{ assets.renderCSS() }}
@ -31,6 +31,6 @@
{% block content %}{% endblock %}
</div>
<script src="{{ base_url }}/system/author/js/auth.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/auth.js?20210108"></script>
</body>
</html>

2
system/author/layouts/layoutBlank.twig
View file

@ -16,7 +16,7 @@
<link rel="apple-touch-icon" sizes="144x144" href="{{ base_url }}/system/author/img/favicon-144.png" />
<link rel="apple-touch-icon" sizes="180x180" href="{{ base_url }}/system/author/img/favicon-180.png" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20210108" />
</head>
<body>

30
system/author/layouts/layoutBlox.twig
View file

@ -17,7 +17,7 @@
<link rel="apple-touch-icon" sizes="180x180" href="{{ base_url }}/system/author/img/favicon-180.png" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/tachyons.min.css" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20210108" />
{{ assets.renderCSS() }}
@ -41,17 +41,17 @@
</article>
<footer></footer>
</div>
<script src="{{ base_url }}/system/author/js/axios.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/axios.min.js?20210108"></script>
<script>
const myaxios = axios.create();
myaxios.defaults.baseURL = "{{ base_url }}";
</script>
<script src="{{ base_url }}/system/author/js/typemillutils.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/author.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-publishcontroller.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-blox-config.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/typemillutils.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/author.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-publishcontroller.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-blox-config.js?20210108"></script>
<script>
let formatConfig = {{ settings.formats|json_encode() }};
let language = {{ settings.language|json_encode() }};
@ -61,13 +61,13 @@
{{ assets.renderEditorJS() }}
<script src="{{ base_url }}/system/author/js/vue-blox.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-posts.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/sortable.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vuedraggable.umd.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-navi.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-shared.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-meta.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-blox.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-posts.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/sortable.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vuedraggable.umd.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-navi.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-shared.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-meta.js?20210108"></script>
{{ assets.renderJS() }}

22
system/author/layouts/layoutEditor.twig
View file

@ -16,7 +16,7 @@
<link rel="apple-touch-icon" sizes="144x144" href="{{ base_url }}/system/author/img/favicon-144.png" />
<link rel="apple-touch-icon" sizes="180x180" href="{{ base_url }}/system/author/img/favicon-180.png" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20201130" />
<link rel="stylesheet" href="{{ base_url }}/system/author/css/style.css?20210108" />
{{ assets.renderCSS() }}
@ -40,16 +40,16 @@
</article>
<footer></footer>
</div>
<script src="{{ base_url }}/system/author/js/axios.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/axios.min.js?20210108"></script>
<script>
const myaxios = axios.create();
myaxios.defaults.baseURL = "{{ base_url }}";
</script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/sortable.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vuedraggable.umd.min.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/author.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/autosize.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/sortable.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vuedraggable.umd.min.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/author.js?20210108"></script>
<script>
let language = {{ settings.language|json_encode() }};
@ -59,10 +59,10 @@
{{ assets.renderEditorJS() }}
<script src="{{ base_url }}/system/author/js/vue-publishcontroller.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-editor.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-meta.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-navi.js?20201130"></script>
<script src="{{ base_url }}/system/author/js/vue-publishcontroller.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-editor.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-meta.js?20210108"></script>
<script src="{{ base_url }}/system/author/js/vue-navi.js?20210108"></script>
{{ assets.renderJS() }}

31
system/author/metatabs.yaml
View file

@ -58,11 +58,26 @@ meta:
label: Hide
checkboxlabel: Hide page from navigation
class: medium
# roles:
# type: select
# label: Show page to
# class: medium
# options:
# public: Public (standard)
# members: Members only (logged in)
# customers: Customers only (paying)
allowedrole:
type: select
label: For access the user must have this minimum role
class: medium
options:
false: All
member: Member
author: Author
editor: Editor
administrator: Administrator
description: Select the lowest userrole. Higher roles will have access too.
alloweduser:
type: text
label: Only the following user has access
class: medium
description: Only this certain user will have access to this site.
contains:
type: radio
label: This folder contains
class: medium
options:
pages: PAGES (sort in navigation with drag & drop)
posts: POSTS (sorted by publish date, for news or blogs)

45
system/author/settings/system.twig
View file

@ -30,7 +30,7 @@
{% endif %}
</div><div class="medium{{ errors.settings.author ? ' error' : '' }}">
<label for="settings[author]">{{ __('Author') }}</label>
<input type="text" name="settings[author]" id="author" pattern="[^()/><\]\{\}\?\$@#!*%§=[\\\x22;:|]{2,40}" value="{{ old.settings.author ? old.settings.author : __(settings.author) }}" title="{{ __('Use 2 to 40 characters') }} {{ __('Only the following special characters are allowed') }} a,b a.b a-b a_b a&b a+b" />
<input type="text" name="settings[author]" id="author" pattern="[^()/><\]\{\}\?\$@#!*%§=[\\\x22;:|]{2,40}" value="{{ old.settings.author ? old.settings.author : settings.author }}" title="{{ __('Use 2 to 40 characters') }} {{ __('Only the following special characters are allowed') }} a,b a.b a-b a_b a&b a+b" />
{% if errors.settings.author %}
<span class="error">{{ errors.settings.author | first }}</span>
{% endif %}
@ -69,16 +69,6 @@
</div><div class="medium">
<label for="settings[sitemap]">{{ __('Google Sitemap') }} <small>({{ __('Readonly') }})</small></label>
<input type="text" name="settings[sitemap]" id="sitemap" readonly value="{{ base_url }}/cache/sitemap.xml" />
</div><div class="medium{{ errors.settings.access ? ' error' : '' }}">
<label for="settings[access]">{{ __('Website visible for') }}</label>
<select name="settings[access]" id="access">
{% for key,option in access %}
<option value="{{ key }}"{% if (key == old.settings.access or key == settings.access) %} selected{% endif %}>{{ __(option) }}</option>
{% endfor %}
</select>
{% if errors.settings.access %}
<span class="error">{{ errors.settings.access | first }}</span>
{% endif %}
</div>
<hr>
<header class="headline">
@ -149,6 +139,39 @@
{% endfor %}
</div>
<hr>
<header class="headline">
<h2>{{ __('Access Control') }}</h2>
<p>{{ __('Limit the access for the whole website or for each page individually. If you activate the website restriction or the page restrictions, then sessions will be used in frontend.') }}</p>
</header>
<div class="large{{ errors.settings.access ? ' error' : '' }}">
<label for="settings[access]">{{ __('Website Restriction') }}</label>
<label class="control-group">{{ __('Show the website only to authenticated users and redirect all other users to the login page.') }}
<input name="settings[access]" type="checkbox" {% if (settings.access or old.settings.access) %} checked {% endif %}>
<span class="checkmark"></span>
</label>
</div>
<div class="large{{ errors.settings.pageaccess ? ' error' : '' }}">
<label for="settings[pageaccess]">{{ __('Page Restrictions - Activate') }}</label>
<label class="control-group">{{ __('Activate individual restrictions for pages in the meta-tab of each page.') }}
<input name="settings[pageaccess]" type="checkbox" {% if (settings.pageaccess or old.settings.pageaccess) %} checked {% endif %}>
<span class="checkmark"></span>
</label>
</div>
<div class="large{{ errors.settings.hrdelimiter ? ' error' : '' }}">
<label for="settings[hrdelimiter]">{{ __('Page Restrictions - Cut Restricted Content') }}</label>
<label class="control-group">{{ __('Cut restricted content after the first hr-element on a page (per default content will be cut after title).') }}
<input name="settings[hrdelimiter]" type="checkbox" {% if (settings.hrdelimiter or old.settings.hrdelimiter) %} checked {% endif %}>
<span class="checkmark"></span>
</label>
</div>
<div class="large{{ errors.settings.restrictionnotice ? ' error' : '' }}">
<label for="settings[restrictionnotice]">{{ __('Page Restrictions - Notice') }} <small>({{ __('use markdown') }})</small></label>
<textarea id="restrictionnotice" rows="8" name="settings[restrictionnotice]">{{ old.settings.restrictionnotice ? old.settings.restrictionnotice : settings.restrictionnotice }}</textarea>
{% if errors.settings.restrictionnotice %}
<span class="error">{{ errors.settings.restrictionnotice | first }}</span>
{% endif %}
</div>
<hr>
<header class="headline">
<h2>{{ __('Developer') }}</h2>
<p>{{ __('The following options are only for developers') }}</p>

3
system/system.php
View file

@ -181,11 +181,12 @@ $container['assets'] = function($c) use ($uri)
********************************/
# if website is restricted to registered user
if(isset($settings['settings']['access']) && $settings['settings']['access'] == 'registered')
if( ( isset($settings['settings']['access']) && $settings['settings']['access'] ) || ( isset($settings['settings']['pageaccess']) && $settings['settings']['pageaccess'] ) )
{
# activate session for all routes
$session_segments = [$uri->getPath()];
}
foreach($session_segments as $segment)
{
if(substr( $uri->getPath(), 0, strlen($segment) ) === $segment)