Add setting to disable registrations
A new services['auth'] setting is available.
This commit is contained in:
Miraty
parent
cbf49408d1
commit
337e7ab27e
10 changed files with 68 additions and 50 deletions
|
|
@ -30,12 +30,13 @@ Pretty string sometimes prefixed to the service name. Can be empty.
|
|||
|
||||
### `services[]`
|
||||
|
||||
Keys `reg`, `ns` and `ht` are required.
|
||||
Keys `auth`, `reg`, `ns` and `ht` are required.
|
||||
|
||||
Values can be:
|
||||
* `enabled`: the service is provided as usual
|
||||
* `error`: the service is temporarily unavailable for maintenance/debugging
|
||||
* `disabled`: the service is ignored everywhere ; this installation never provides it
|
||||
* `enabled`: The service is provided as usual.
|
||||
* `no-registration` (`auth` only): Same as `enabled`, but no new account can be created.
|
||||
* `error`: For maintenance/debugging purposes, the service is temporarily unavailable. When used on the `auth` service, users can't submit any form, but this doesn't prevent already logged in SFTP users to act on the filesystem.
|
||||
* `disabled` (`reg`, `ns` and `ht` only): The service is ignored everywhere, this installation never provides it.
|
||||
|
||||
## `[dns]`
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,7 @@ const LF = "\n";
|
|||
|
||||
exec(CONF['dns']['kdig_path'] . ' torproject.org AAAA', $output, $return_code);
|
||||
if (preg_match('/^;; Flags: qr rd ra ad;/Dm', implode("\n", $output)) !== 1)
|
||||
exit('Unable to do a DNSSEC-validated DNS query.');
|
||||
exit('Unable to do a DNSSEC-validated DNS query.' . LF);
|
||||
|
||||
if (CONF['common']['services']['ns'] === 'rest') {
|
||||
echo 'a';
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ public_domains[] = "servnest.test"
|
|||
prefix = ""
|
||||
service_name = "ServNest"
|
||||
service_emoji = "🪺"
|
||||
services[auth] = "enabled"
|
||||
services[reg] = "enabled"
|
||||
services[ns] = "enabled"
|
||||
services[ht] = "enabled"
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
msgid ""
|
||||
msgstr ""
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2023-05-02 19:17+0200\n"
|
||||
"POT-Creation-Date: 2023-05-10 01:29+0200\n"
|
||||
"Language: fr\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
|
||||
|
|
@ -274,7 +274,7 @@ msgstr "Supprimer un accès"
|
|||
msgid "Delete an existing HTTP access from a subdirectory of the SFTP space"
|
||||
msgstr "Retirer un accès HTTP existant d'un sous-dossier de l'espace SFTP"
|
||||
|
||||
#: router.php:136 view.php:39
|
||||
#: router.php:137 view.php:39
|
||||
msgid "This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it."
|
||||
msgstr "Ce service est en cours de maintenance. Aucune action ne peut être effectuée avant qu'ane administrataire termine de le réparer."
|
||||
|
||||
|
|
@ -332,12 +332,12 @@ msgstr "Adresse IP malformée."
|
|||
msgid "Domain malformed."
|
||||
msgstr "Domaine malformé."
|
||||
|
||||
#: fn/ns.php:40 pg-act/ns/edit.php:25
|
||||
#: fn/ns.php:31 pg-act/ns/edit.php:25
|
||||
#, php-format
|
||||
msgid "TTLs shorter than %s seconds are forbidden."
|
||||
msgstr "Les TTLs plus courts que %s secondes sont interdits."
|
||||
|
||||
#: fn/ns.php:42 pg-act/ns/edit.php:27
|
||||
#: fn/ns.php:33 pg-act/ns/edit.php:27
|
||||
#, php-format
|
||||
msgid "TTLs longer than %s seconds are forbidden."
|
||||
msgstr "Les TTLs plus longs que %s secondes sont interdits."
|
||||
|
|
@ -371,7 +371,11 @@ msgstr "Clé de passe actuelle incorrecte."
|
|||
msgid "Password updated."
|
||||
msgstr "Clé de passe mise à jour."
|
||||
|
||||
#: pg-act/auth/register.php:10 pg-act/auth/username.php:11
|
||||
#: pg-act/auth/register.php:4 pg-view/auth/register.php:3
|
||||
msgid "Registrations are currently closed on this installation."
|
||||
msgstr "Les inscriptions sont actuellement fermées sur cette installation."
|
||||
|
||||
#: pg-act/auth/register.php:13 pg-act/auth/username.php:11
|
||||
msgid "This username is already taken."
|
||||
msgstr "Cet identifiant est déjà pris."
|
||||
|
||||
|
|
@ -589,15 +593,16 @@ msgstr "L'identifiant interne du compte actuel est %s."
|
|||
msgid "New?"
|
||||
msgstr "Nouvele ?"
|
||||
|
||||
#: pg-view/auth/login.php:1 pg-view/auth/register.php:14
|
||||
#: pg-view/auth/login.php:1 pg-view/auth/register.php:16
|
||||
msgid "Create an account"
|
||||
msgstr "Créer un compte"
|
||||
|
||||
#: pg-view/auth/login.php:4 pg-view/auth/register.php:4 pg-view/ht/index.php:64
|
||||
#: pg-view/auth/login.php:4 pg-view/auth/register.php:6 pg-view/ht/index.php:64
|
||||
msgid "Username"
|
||||
msgstr "Identifiant"
|
||||
|
||||
#: pg-view/auth/login.php:8 pg-view/auth/register.php:9 pg-view/ht/index.php:68
|
||||
#: pg-view/auth/login.php:8 pg-view/auth/register.php:11
|
||||
#: pg-view/ht/index.php:68
|
||||
msgid "Password"
|
||||
msgstr "Clé de passe"
|
||||
|
||||
|
|
@ -618,7 +623,7 @@ msgstr "Mettre à jour la clé de passe"
|
|||
msgid "Already have an account?"
|
||||
msgstr "Déjà un compte ?"
|
||||
|
||||
#: pg-view/auth/register.php:10
|
||||
#: pg-view/auth/register.php:12
|
||||
#, php-format
|
||||
msgid "Minimum %1$s characters, or %2$s characters if it contains lowercase, uppercase and digit."
|
||||
msgstr "Minimum %1$s caractères, ou %2$s caractères si elle contient minuscule, majuscule et chiffre."
|
||||
|
|
@ -652,7 +657,7 @@ msgstr "Un certificat Let's Encrypt sera obtenu."
|
|||
msgid "The domain must have the following records when the form is being processed."
|
||||
msgstr "Le domaine doit avoir les enregistrements suivant pendant le traitement du formulaire."
|
||||
|
||||
#: pg-view/ht/add-dns.php:25 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
|
||||
#: pg-view/ht/add-dns.php:29 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
|
||||
#: pg-view/ns/zone-add.php:6 pg-view/reg/ds.php:8 pg-view/reg/glue.php:8
|
||||
#: pg-view/reg/glue.php:15 pg-view/reg/ns.php:8 pg-view/reg/print.php:2
|
||||
#: pg-view/reg/print.php:16 pg-view/reg/register.php:7
|
||||
|
|
@ -660,12 +665,12 @@ msgstr "Le domaine doit avoir les enregistrements suivant pendant le traitement
|
|||
msgid "Domain"
|
||||
msgstr "Domaine"
|
||||
|
||||
#: pg-view/ht/add-dns.php:27 pg-view/ht/add-onion.php:2
|
||||
#: pg-view/ht/add-dns.php:31 pg-view/ht/add-onion.php:2
|
||||
#: pg-view/ht/add-subdomain.php:4 pg-view/ht/add-subpath.php:4
|
||||
msgid "Target directory"
|
||||
msgstr "Dossier ciblé"
|
||||
|
||||
#: pg-view/ht/add-dns.php:36 pg-view/ht/add-onion.php:11
|
||||
#: pg-view/ht/add-dns.php:40 pg-view/ht/add-onion.php:11
|
||||
#: pg-view/ht/add-subdomain.php:13 pg-view/ht/add-subpath.php:13
|
||||
msgid "Setup access"
|
||||
msgstr "Créer l'accès"
|
||||
|
|
@ -753,36 +758,36 @@ msgstr "Configuration par <code>.htaccess</code>"
|
|||
msgid "You can change the way the HTTP server answers to requests in a directory by setting some directives in a file named <code>.htaccess</code> at the root of this directory. Only the following directives are allowed:"
|
||||
msgstr "Vous pouvez modifier la façon dont le serveur HTTP répond aux requêtes dans un dossier en indiquant des directives dans un fichier nommé <code>.htaccess</code> à la racine de ce dossier. Seules les directives suivantes sont autorisées :"
|
||||
|
||||
#: pg-view/ht/index.php:161
|
||||
#: pg-view/ht/index.php:163
|
||||
msgid "Accounts capabilities"
|
||||
msgstr "Capacités des comptes"
|
||||
|
||||
#: pg-view/ht/index.php:163
|
||||
#: pg-view/ht/index.php:165
|
||||
msgid "Testing"
|
||||
msgstr "De test"
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
#, php-format
|
||||
msgid "%s of SFTP quota"
|
||||
msgstr "Quota SFTP de %s"
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
msgid "<abbr title=\"gibibyte\">GiB</abbr>"
|
||||
msgstr "<abbr title=\"gibioctet\">Gio</abbr>"
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
msgid "<abbr title=\"mebibyte\">MiB</abbr>"
|
||||
msgstr "<abbr title=\"mébioctet\">Mio</abbr>"
|
||||
|
||||
#: pg-view/ht/index.php:167
|
||||
#: pg-view/ht/index.php:169
|
||||
msgid "Let's Encrypt certificate from the staging environment (not trusted by clients)"
|
||||
msgstr "Certificat Let's Encrypt de test (n'est pas reconnu par les clients)"
|
||||
|
||||
#: pg-view/ht/index.php:170
|
||||
#: pg-view/ht/index.php:172
|
||||
msgid "Approved"
|
||||
msgstr "Approuvé"
|
||||
|
||||
#: pg-view/ht/index.php:174
|
||||
#: pg-view/ht/index.php:176
|
||||
msgid "Stable Let's Encrypt certificates"
|
||||
msgstr "Vrai certificat Let's Encrypt"
|
||||
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: PACKAGE VERSION\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2023-05-02 19:17+0200\n"
|
||||
"POT-Creation-Date: 2023-05-10 01:29+0200\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
|
@ -286,7 +286,7 @@ msgstr ""
|
|||
msgid "Delete an existing HTTP access from a subdirectory of the SFTP space"
|
||||
msgstr ""
|
||||
|
||||
#: router.php:136 view.php:39
|
||||
#: router.php:137 view.php:39
|
||||
msgid "This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it."
|
||||
msgstr ""
|
||||
|
||||
|
|
@ -344,12 +344,12 @@ msgstr ""
|
|||
msgid "Domain malformed."
|
||||
msgstr ""
|
||||
|
||||
#: fn/ns.php:40 pg-act/ns/edit.php:25
|
||||
#: fn/ns.php:31 pg-act/ns/edit.php:25
|
||||
#, php-format
|
||||
msgid "TTLs shorter than %s seconds are forbidden."
|
||||
msgstr ""
|
||||
|
||||
#: fn/ns.php:42 pg-act/ns/edit.php:27
|
||||
#: fn/ns.php:33 pg-act/ns/edit.php:27
|
||||
#, php-format
|
||||
msgid "TTLs longer than %s seconds are forbidden."
|
||||
msgstr ""
|
||||
|
|
@ -383,7 +383,11 @@ msgstr ""
|
|||
msgid "Password updated."
|
||||
msgstr ""
|
||||
|
||||
#: pg-act/auth/register.php:10 pg-act/auth/username.php:11
|
||||
#: pg-act/auth/register.php:4 pg-view/auth/register.php:3
|
||||
msgid "Registrations are currently closed on this installation."
|
||||
msgstr ""
|
||||
|
||||
#: pg-act/auth/register.php:13 pg-act/auth/username.php:11
|
||||
msgid "This username is already taken."
|
||||
msgstr ""
|
||||
|
||||
|
|
@ -601,15 +605,16 @@ msgstr ""
|
|||
msgid "New?"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/auth/login.php:1 pg-view/auth/register.php:14
|
||||
#: pg-view/auth/login.php:1 pg-view/auth/register.php:16
|
||||
msgid "Create an account"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/auth/login.php:4 pg-view/auth/register.php:4 pg-view/ht/index.php:64
|
||||
#: pg-view/auth/login.php:4 pg-view/auth/register.php:6 pg-view/ht/index.php:64
|
||||
msgid "Username"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/auth/login.php:8 pg-view/auth/register.php:9 pg-view/ht/index.php:68
|
||||
#: pg-view/auth/login.php:8 pg-view/auth/register.php:11
|
||||
#: pg-view/ht/index.php:68
|
||||
msgid "Password"
|
||||
msgstr ""
|
||||
|
||||
|
|
@ -630,7 +635,7 @@ msgstr ""
|
|||
msgid "Already have an account?"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/auth/register.php:10
|
||||
#: pg-view/auth/register.php:12
|
||||
#, php-format
|
||||
msgid "Minimum %1$s characters, or %2$s characters if it contains lowercase, uppercase and digit."
|
||||
msgstr ""
|
||||
|
|
@ -664,7 +669,7 @@ msgstr ""
|
|||
msgid "The domain must have the following records when the form is being processed."
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/add-dns.php:25 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
|
||||
#: pg-view/ht/add-dns.php:29 pg-view/ns/form.ns.php:8 pg-view/ns/print.php:32
|
||||
#: pg-view/ns/zone-add.php:6 pg-view/reg/ds.php:8 pg-view/reg/glue.php:8
|
||||
#: pg-view/reg/glue.php:15 pg-view/reg/ns.php:8 pg-view/reg/print.php:2
|
||||
#: pg-view/reg/print.php:16 pg-view/reg/register.php:7
|
||||
|
|
@ -672,12 +677,12 @@ msgstr ""
|
|||
msgid "Domain"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/add-dns.php:27 pg-view/ht/add-onion.php:2
|
||||
#: pg-view/ht/add-dns.php:31 pg-view/ht/add-onion.php:2
|
||||
#: pg-view/ht/add-subdomain.php:4 pg-view/ht/add-subpath.php:4
|
||||
msgid "Target directory"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/add-dns.php:36 pg-view/ht/add-onion.php:11
|
||||
#: pg-view/ht/add-dns.php:40 pg-view/ht/add-onion.php:11
|
||||
#: pg-view/ht/add-subdomain.php:13 pg-view/ht/add-subpath.php:13
|
||||
msgid "Setup access"
|
||||
msgstr ""
|
||||
|
|
@ -765,36 +770,36 @@ msgstr ""
|
|||
msgid "You can change the way the HTTP server answers to requests in a directory by setting some directives in a file named <code>.htaccess</code> at the root of this directory. Only the following directives are allowed:"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:161
|
||||
#: pg-view/ht/index.php:163
|
||||
msgid "Accounts capabilities"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:163
|
||||
#: pg-view/ht/index.php:165
|
||||
msgid "Testing"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
#, php-format
|
||||
msgid "%s of SFTP quota"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
msgid "<abbr title=\"gibibyte\">GiB</abbr>"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:166 pg-view/ht/index.php:173
|
||||
#: pg-view/ht/index.php:168 pg-view/ht/index.php:175
|
||||
msgid "<abbr title=\"mebibyte\">MiB</abbr>"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:167
|
||||
#: pg-view/ht/index.php:169
|
||||
msgid "Let's Encrypt certificate from the staging environment (not trusted by clients)"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:170
|
||||
#: pg-view/ht/index.php:172
|
||||
msgid "Approved"
|
||||
msgstr ""
|
||||
|
||||
#: pg-view/ht/index.php:174
|
||||
#: pg-view/ht/index.php:176
|
||||
msgid "Stable Let's Encrypt certificates"
|
||||
msgstr ""
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,8 @@
|
|||
<?php
|
||||
|
||||
if (CONF['common']['services']['auth'] !== 'enabled')
|
||||
output(403, _('Registrations are currently closed on this installation.'));
|
||||
|
||||
checkPasswordFormat($_POST['password']);
|
||||
|
||||
checkUsernameFormat($_POST['username']);
|
||||
|
|
|
|||
|
|
@ -1,5 +1,7 @@
|
|||
<p><?= _('Already have an account?') ?> <a href="login"><?= _('Log in') ?></a></p>
|
||||
|
||||
<?= (CONF['common']['services']['auth'] !== 'enabled') ? '<p><strong>' . _('Registrations are currently closed on this installation.') . '</strong></p>' : '' ?>
|
||||
|
||||
<form method="post">
|
||||
<label for="username"><?= _('Username') ?></label>
|
||||
<br>
|
||||
|
|
@ -11,5 +13,6 @@
|
|||
</details>
|
||||
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="<?= PLACEHOLDER_PASSWORD ?>">
|
||||
<br>
|
||||
<input type="submit" value="<?= _('Create an account') ?>">
|
||||
<input<?= (CONF['common']['services']['auth'] !== 'enabled') ? ' disabled=""' : '' ?> type="submit" value="<?= _('Create an account') ?>">
|
||||
</form>
|
||||
|
||||
|
|
|
|||
|
|
@ -2,8 +2,8 @@
|
|||
<dl>
|
||||
<?php
|
||||
|
||||
foreach (array_merge(['auth' => 'enabled'], CONF['common']['services']) as $service => $status) {
|
||||
if ($status !== 'enabled' AND $status !== 'error')
|
||||
foreach (CONF['common']['services'] as $service => $status) {
|
||||
if ($status === 'disabled')
|
||||
continue;
|
||||
?>
|
||||
<?= ($status === 'error') ? '<s>' : '' ?>
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ function displayFinalMessage($data) {
|
|||
}
|
||||
|
||||
if ($_POST !== []) {
|
||||
if (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] !== 'enabled')
|
||||
if (!in_array(CONF['common']['services']['auth'], ['enabled', 'no-registration'], true) OR (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] !== 'enabled'))
|
||||
output(503, _('This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it.'));
|
||||
|
||||
// Protect against cross-site request forgery if a POST request is received
|
||||
|
|
|
|||
2
view.php
2
view.php
|
|
@ -35,7 +35,7 @@ echo str_repeat('</li></ul>', count(TITLES_LINEAGE));
|
|||
<main>
|
||||
<?php
|
||||
|
||||
if (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] === 'error')
|
||||
if (CONF['common']['services']['auth'] === 'error' OR (in_array(SERVICE, SERVICES_USER, true) AND CONF['common']['services'][SERVICE] === 'error'))
|
||||
echo '<p><strong>' . _('This service is currently under maintenance. No action can be taken on it until an administrator finishes repairing it.') . '</strong></p>';
|
||||
|
||||
require ROOT_PATH . '/pg-view/' . PAGE_ADDRESS . '.php';
|
||||
|
|
|
|||
Loading…
Reference in a new issue