Commit 466cdab6 authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Add security section to admin menu

Currently it only allows the admin to enable or disable the HTTPS
enforcement, but in the future it could be expanded to further options.

The HTTPS enforcement only allows the admin to enforce it, if he is
connected via HTTPS. (To prevent admins to enable it without a proper
SSL setup)
parent 60489764
......@@ -33,6 +33,16 @@ $tmpl->assign('internetconnectionworking', OC_Util::isinternetconnectionworking(
$tmpl->assign('islocaleworking', OC_Util::issetlocaleworking());
$tmpl->assign('backgroundjobs_mode', OC_Appconfig::getValue('core', 'backgroundjobs_mode', 'ajax'));
$tmpl->assign('shareAPIEnabled', OC_Appconfig::getValue('core', 'shareapi_enabled', 'yes'));
// Check if connected using HTTPS
if (OC_Request::serverProtocol() == 'https') {
$connectedHTTPS = true;
} else {
$connectedHTTPS = false;
}
$tmpl->assign('isConnectedViaHTTPS', $connectedHTTPS);
$tmpl->assign('enforceHTTPSEnabled', OC_Config::getValue( "forcessl", false));
$tmpl->assign('allowLinks', OC_Appconfig::getValue('core', 'shareapi_allow_links', 'yes'));
$tmpl->assign('allowResharing', OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'));
$tmpl->assign('sharePolicy', OC_Appconfig::getValue('core', 'shareapi_share_policy', 'global'));
......
<?php
/**
* Copyright (c) 2013, Lukas Reschke <lukas@statuscode.ch>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*/
OC_Util::checkAdminUser();
OCP\JSON::callCheck();
OC_Config::setValue( 'forcessl', filter_var($_POST['enforceHTTPS'], FILTER_VALIDATE_BOOLEAN));
echo 'true';
\ No newline at end of file
......@@ -30,4 +30,8 @@ $(document).ready(function(){
}
OC.AppConfig.setValue('core', $(this).attr('name'), value);
});
$('#security').change(function(){
$.post(OC.filePath('settings','ajax','setsecurity.php'), { enforceHTTPS: $('#enforceHTTPSEnabled').val() },function(){} );
});
});
......@@ -58,6 +58,8 @@ $this->create('settings_ajax_getlog', '/settings/ajax/getlog.php')
->actionInclude('settings/ajax/getlog.php');
$this->create('settings_ajax_setloglevel', '/settings/ajax/setloglevel.php')
->actionInclude('settings/ajax/setloglevel.php');
$this->create('settings_ajax_setsecurity', '/settings/ajax/setsecurity.php')
->actionInclude('settings/ajax/setsecurity.php');
// apps/user_openid
$this->create('settings_ajax_openid', '/settings/ajax/openid.php')
......
......@@ -132,6 +132,33 @@ if (!$_['internetconnectionworking']) {
</table>
</fieldset>
<fieldset class="personalblock" id="security">
<legend><strong><?php echo $l->t('Security');?></strong></legend>
<table class="nostyle">
<tr>
<td id="enable">
<input type="checkbox" name="forcessl" id="enforceHTTPSEnabled"
<?php if ($_['enforceHTTPSEnabled']) {
echo 'checked="checked" ';
echo 'value="false"';
} else {
echo 'value="true"';
}
?>
<?php if (!$_['isConnectedViaHTTPS']) echo 'disabled'; ?> />
<label for="forcessl"><?php echo $l->t('Enforce HTTPS');?></label><br/>
<em><?php echo $l->t('Enforces the clients to connect to ownCloud via an encrypted connection.'); ?></em>
<?php if (!$_['isConnectedViaHTTPS']) {
echo "<br/><em>";
echo $l->t('Please connect to this ownCloud instance via HTTPS to enable or disable the SSL enforcement.');
echo "</em>";
}
?></em>
</td>
</tr>
</table>
</fieldset>
<fieldset class="personalblock">
<legend><strong><?php echo $l->t('Log');?></strong></legend>
<?php echo $l->t('Log level');?> <select name='loglevel' id='loglevel'>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment