Skip to content
This repository was archived by the owner on Sep 23, 2023. It is now read-only.

Allow site config to be overridden by trusted users #112

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Allow site config to be overridden by trusted users #112

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion config.default.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,14 @@
'key' => null,
'secret' => null,
// OAuth admins can delete any wiki
'admins' => []
'admins' => [],
// These users can override site configs. This is the same level of trust as V+2,
// as those users can also execute arbitrary code.
'configurers' => [],
// Same as above, but regexes e.g. / \(WMF\)$/
'configurersMatch' => [],
// Instructions to request 'configurers' user status, e.g. "File a request <a href=...>here</a>."
'configurersRequestHtml' => '',
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested config for us:
Request approval by creating a <a href="https://github.com/MatmaRex/patchdemo/issues/new">new issue</a>.

],
// Conduit API key for bot cross-posting to Phabricator
'conduitApiKey' => null,
Expand Down
8 changes: 8 additions & 0 deletions css/common.css
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,14 @@ summary > .oo-ui-labelElement-label:not( .oo-ui-inline-help ) {
padding-left: 2px;
}

.form-siteConfig .oo-ui-inputWidget-input {
font-family: monospace, monospace;
}

.form-siteConfig-message {
font-style: italic;
}

@media ( min-width: 721px ) {
.enableNotifications {
margin-left: 40%;
Expand Down
22 changes: 22 additions & 0 deletions includes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
include 'config.default.php';
if ( file_exists( 'config.php' ) ) {
include 'config.php';
// TODO: Make this recursive
$config = array_merge( $config, $localConfig );
}

Expand Down Expand Up @@ -406,6 +407,27 @@ function can_delete( string $creator = null ): bool {
return ( $username && $username === $creator ) || can_admin();
}

function can_configure(): bool {
global $config, $user, $useOAuth;
if ( !$useOAuth ) {
// Unauthenticated site
return true;
}
$username = $user ? $user->username : null;
$admins = $config[ 'oauth' ][ 'admins' ];
$configurers = $config[ 'oauth' ][ 'configurers' ];
if ( $username && in_array( $username, $admins, true ) ) {
return true;
}
$configurersMatch = $config[ 'oauth' ][ 'configurersMatch' ];
foreach ( $configurersMatch as $pattern ) {
if ( preg_match( $pattern, $username ) ) {
return true;
}
}
return false;
}

function can_admin(): bool {
global $config, $user, $useOAuth;
if ( !$useOAuth ) {
Expand Down
19 changes: 19 additions & 0 deletions index.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,6 +139,25 @@
'align' => 'left',
]
),
new OOUI\FieldLayout(
can_configure() ?
new OOUI\MultilineTextInputWidget( [
'classes' => [ 'form-siteConfig' ],
'name' => 'siteConfig',
'placeholder' => "e.g. \$wgSitename = 'Test wiki';",
'rows' => 3,
] ) :
new OOUI\LabelWidget( [
'classes' => [ 'form-siteConfig-message' ],
'label' => new OOUI\HtmlSnippet( 'Only approved users can modify site config. ' . $config['oauth']['configurersRequestHtml'] ),
] ),
[
'label' => 'Site config:',
'help' => new OOUI\HtmlSnippet( 'This config will be <strong>public</strong> on the wiki\'s main page.' ),
'helpInline' => true,
'align' => 'left',
]
),
new DetailsFieldLayout(
new OOUI\CheckboxMultiselectInputWidget( [
'classes' => [ 'form-repos' ],
Expand Down
13 changes: 13 additions & 0 deletions new.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
$patches = trim( $_POST['patches'] );
$announce = !empty( $_POST['announce'] );
$language = trim( $_POST['language'] );
$siteConfig = can_configure() ? trim( $_POST['siteConfig'] ) : '';

$namePath = substr( md5( $branch . $patches . time() ), 0, 10 );
$server = detectProtocol() . '://' . $_SERVER['HTTP_HOST'];
Expand Down Expand Up @@ -303,6 +304,17 @@ function set_progress( float $pc, string $label ) {
$allowedRepos[] = 'mediawiki/extensions/MobileFrontendContentProvider';
}

if ( $siteConfig ) {
$mainPage .= "\n;Extra config\n";
$tag = 'pre';
$attrs = '';
if ( in_array( 'mediawiki/extensions/SyntaxHighlight_GeSHi', $allowedRepos ) ) {
$tag = 'syntaxhighlight';
$attrs = ' lang="php"';
}
$mainPage .= "<$tag$attrs style=\"margin-left: 1.6em\">\n$siteConfig\n</$tag>";
}

foreach ( array_keys( $repos ) as $repo ) {
// Unchecked the checkbox
if ( $repo !== 'mediawiki/core' && !in_array( $repo, $allowedRepos ) ) {
Expand Down Expand Up @@ -416,6 +428,7 @@ static function ( string $repo ) use ( $repos ): bool {
'SERVERPATH' => $serverPath,
'LANGUAGE' => $language,
'REPOSITORIES' => $reposString,
'SITECONFIG' => $siteConfig,
]
);
if ( $error ) {
Expand Down
3 changes: 3 additions & 0 deletions new/install.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@ while IFS=' ' read -r repo dir; do
fi
done <<< "$REPOSITORIES"

# apply settings from install form
echo "$SITECONFIG" >> $PATCHDEMO/wikis/$NAME/w/LocalSettings.php

# create htaccess
echo "RewriteEngine On
# main rewrite rule
Expand Down