diff --git a/config.php.sample b/config.php.sample index bf902aaa..a9537ed0 100644 --- a/config.php.sample +++ b/config.php.sample @@ -7,3 +7,4 @@ define('PSM_DB_HOST', 'localhost'); define('PSM_DB_PORT', '3306'); //3306 is the default port for MySQL. If no specfic port is used, leave it empty. define('PSM_BASE_URL', ''); define('PSM_WEBCRON_KEY', ''); +define('PSM_PUBLIC', false); diff --git a/docs/faq.rst b/docs/faq.rst index 04f6e05a..13c8454f 100644 --- a/docs/faq.rst +++ b/docs/faq.rst @@ -10,7 +10,7 @@ Users What are the differences between the user levels? ------------------------------------------------- -There are 2 user levels available: regular user and administrator. +There are 3 user levels available: anonymous, regular user and administrator. Administrators: @@ -24,6 +24,16 @@ Regular users: * View the history and logs of their assigned servers. * Run the updater on their assigned servers. +Anonymous: +Only meant for user '__PUBLIC__' and can't be assigned to any other user. + +* View the status of their assigned servers without password. + +I removed user '__PUBLIC__', what now? +-------------------------------------- + +* Go to users -> create new user. +* Set the username to '__PUBLIC__', level to 'anonymous' and the rest is up to you. Servers +++++++ @@ -101,6 +111,14 @@ After upgrading, my email stopped working. Run 'php composer.phar update' and you should be good to go! +Setting up a public page. +------------------------- + +1. Set PSM_PUBLIC to true in config.php. +2. If not yet existing, create a user with username '__PUBLIC__'. See Users -> "I removed user '__PUBLIC__', what now?" for help. +3. Add servers to user '__PUBLIC__'. +4. Go to /public.php. + Notifications +++++++++++++ diff --git a/public.php b/public.php new file mode 100644 index 00000000..9848ffbd --- /dev/null +++ b/public.php @@ -0,0 +1,40 @@ +. + * + * @package phpservermon + * @author Tim Zandbergen + * @copyright Copyright (c) 2008-2017 Pepijn Over + * @license http://www.gnu.org/licenses/gpl.txt GNU GPL v3 + * @version Release: @package_version@ + * @link http://www.phpservermonitor.org/ + * @since phpservermon 3.6.0 + **/ + +namespace { + define('PSM_PUBLIC_PAGE', true); + + require __DIR__ . '/src/bootstrap.php'; + + $router->run('server_status'); + + // By destroying the session the login will show when going to another page + session_destroy(); + +} diff --git a/src/bootstrap.php b/src/bootstrap.php index 9037beef..e6dd3338 100644 --- a/src/bootstrap.php +++ b/src/bootstrap.php @@ -108,6 +108,19 @@ namespace { } } + // check for a public page var + // This should be defined in the config + if (!defined('PSM_PUBLIC')) { + define('PSM_PUBLIC', false); + } + + // check for a public page + // This variable is for internal use + // and should not be changed by the user manualy + if (!defined('PSM_PUBLIC_PAGE')) { + define('PSM_PUBLIC_PAGE', false); + } + $lang = psm_get_conf('language', 'en_US'); psm_load_lang($lang); } diff --git a/src/lang/en_US.lang.php b/src/lang/en_US.lang.php index c8e6fbe5..ff6895ac 100644 --- a/src/lang/en_US.lang.php +++ b/src/lang/en_US.lang.php @@ -106,7 +106,10 @@ $sm_lang = array( 'level' => 'Level', 'level_10' => 'Administrator', 'level_20' => 'User', - 'level_description' => 'Administrators have full access: they can manage servers, users and edit the global configuration.
Users can only view and run the updater for the servers that have been assigned to them.', + 'level_30' => 'Anonymous', + 'level_description' => 'Administrators have full access: they can manage servers, users and edit the + global configuration.
Users can only view and run the updater for the + servers that have been assigned to them.', 'mobile' => 'Mobile', 'email' => 'Email', 'pushover' => 'Pushover', @@ -154,6 +157,7 @@ $sm_lang = array( 'error_user_password_invalid' => 'The entered password is invalid.', 'error_user_password_no_match' => 'The entered passwords do not match.', 'error_user_admin_cant_be_deleted' => 'You can\'t remove the last administrator.', + 'error_user_cant_be_anonymous' => 'Only user \'__public__\' can have the level anonymous.' ), 'log' => array( 'title' => 'Log entries', diff --git a/src/psm/Module/AbstractController.php b/src/psm/Module/AbstractController.php index 284a0fef..d5cc0187 100644 --- a/src/psm/Module/AbstractController.php +++ b/src/psm/Module/AbstractController.php @@ -124,7 +124,7 @@ abstract class AbstractController implements ControllerInterface * @var int $user_level_required * @see setMinUserLevelRequired() */ - protected $user_level_required = PSM_USER_USER; + protected $user_level_required = (PSM_PUBLIC && PSM_PUBLIC_PAGE) ? PSM_USER_ANONYMOUS : PSM_USER_USER; /** * Required user level for certain actions diff --git a/src/psm/Module/User/Controller/UserController.php b/src/psm/Module/User/Controller/UserController.php index 91f0e423..ba55a0e2 100644 --- a/src/psm/Module/User/Controller/UserController.php +++ b/src/psm/Module/User/Controller/UserController.php @@ -282,12 +282,25 @@ class UserController extends AbstractController $user_validator->username($clean['user_name'], $user_id); $user_validator->email($clean['email']); $user_validator->level($clean['level']); + + // Won't allow anonymous level for users other than __PUBLIC__ + if ($clean['user_name'] !== "__PUBLIC__" && (int) $clean['level'] === (int) PSM_USER_ANONYMOUS) { + $this->addMessage(psm_get_lang('users', 'error_user_cant_be_anonymous'), 'error'); + $clean['level'] = PSM_USER_USER; + } // always validate password for new users, // but only validate it for existing users when they change it. - if ($user_id == 0 || ($user_id > 0 && $clean['password'] != '')) { + if (($user_id == 0 || ($user_id > 0 && $clean['password'] != '')) && $clean['user_name'] != '__PUBLIC__') { $user_validator->password($clean['password'], $clean['password_repeat']); } + + // Auto generate password for __PUBLIC__ user + if ($clean['user_name'] === '__PUBLIC__') { + $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%&*_"; + $clean['password'] = substr(str_shuffle($chars), 0, 24); + } + if ($user_id > 0) { $user_validator->userId($user_id); } diff --git a/src/psm/Service/User.php b/src/psm/Service/User.php index fb50e475..fce6213b 100644 --- a/src/psm/Service/User.php +++ b/src/psm/Service/User.php @@ -100,6 +100,17 @@ class User } $this->session = $session; + if (PSM_PUBLIC === true && PSM_PUBLIC_PAGE === true) { + $query_user = $this->db_connection->prepare('SELECT * FROM ' . + PSM_DB_PREFIX . 'users WHERE user_name = :user_name and level = :level'); + $query_user->bindValue(':user_name', "__PUBLIC__", \PDO::PARAM_STR); + $query_user->bindValue(':level', PSM_USER_ANONYMOUS, \PDO::PARAM_STR); + $query_user->execute(); + + // get result row (as an object) + $this->setUserLoggedIn($query_user->fetchObject()->user_id); + } + if ((!defined('PSM_INSTALL') || !PSM_INSTALL)) { // check the possible login actions: // 1. login via session data (happens each time user opens a page on your php project AFTER diff --git a/src/psm/Util/Install/Installer.php b/src/psm/Util/Install/Installer.php index fa011771..ab9e5fef 100644 --- a/src/psm/Util/Install/Installer.php +++ b/src/psm/Util/Install/Installer.php @@ -724,7 +724,6 @@ class Installer ('jabber_username', ''), ('jabber_domain', ''), ('jabber_password', '');"; - $this->execSQL($queries); } @@ -754,6 +753,11 @@ class Installer ADD `discord` VARCHAR( 255 ) NOT NULL AFTER `mobile`;"; $queries[] = "ALTER TABLE `" . PSM_DB_PREFIX . "servers` ADD `discord` ENUM( 'yes','no' ) NOT NULL DEFAULT 'yes' AFTER `sms`;"; + $queries[] = "INSERT INTO `" . PSM_DB_PREFIX . "users` ( + `user_name`, `level`, `name`, `email`) + VALUES ('__PUBLIC__', 30, 'Public page', 'publicpage@psm.psm')"; $this->execSQL($queries); + + $this->log('Public page is now available. Added user \'__PUBLIC__\'. See documentation for more info.'); } } diff --git a/src/psm/Util/User/UserValidator.php b/src/psm/Util/User/UserValidator.php index 65f322e0..b7277ce8 100644 --- a/src/psm/Util/User/UserValidator.php +++ b/src/psm/Util/User/UserValidator.php @@ -39,7 +39,7 @@ class UserValidator * Available editable user levels * @var array $user_levels */ - protected $user_levels = array(PSM_USER_ADMIN, PSM_USER_USER); + protected $user_levels = array(PSM_USER_ADMIN, PSM_USER_USER, PSM_USER_ANONYMOUS); /** * User service diff --git a/src/templates/default/static/js/scripts.js b/src/templates/default/static/js/scripts.js index acd8b2ca..5184e3fb 100644 --- a/src/templates/default/static/js/scripts.js +++ b/src/templates/default/static/js/scripts.js @@ -51,6 +51,7 @@ $().ready(function () { } $('#label').focus(); }); + $("#type").change(function () { switch ($("select#type option:checked").val()) { case "website": @@ -103,6 +104,21 @@ $("select#popular_ports").change(function () { } }).change(); +$("#user_name").change(function () +{ + switch ($("#user_name").val()) { + case "__PUBLIC__": + $('#password').parent().slideUp(); + $('#password_repeat').parent().slideUp(); + $("select#level").val('30'); + $("#name").val('Public page'); + break; + default: + $('#password').parent().slideDown(); + $('#password_repeat').parent().slideDown(); + } +}).change(); + function psm_xhr(mod, params, method, on_complete, options) { method = (typeof method === 'undefined') ? 'GET' : method;