rssbridge: add option to allow public access

These modifications are copied after the wordpress public access configurator. Signed-off-by: nbenedek <contact@nbenedek.me> Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
2026-01-21 07:55:00 +00:00 · 2022-10-16 13:03:07 +02:00 · 2022-10-16 13:03:07 +02:00 · 63278f0bcd
commit 63278f0bcd
parent 50c6cfd6ac
5 changed files with 88 additions and 15 deletions
--- a/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf
+++ b/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf
@ -1,21 +1,27 @@
 ##
 ## On all sites, provide RSS-Bridge on a default path: /rss-bridge
 ## Allow valid LDAP users from groups 'feed-reader' and 'admin'.
+## Allow public access if 'is_public' file exists.
 ##
 Alias /rss-bridge /usr/share/rss-bridge

 <Location /rss-bridge>
-    <If "%{QUERY_STRING} =~ /format=[^H]/">
-        # Formats: Atom, Json, Mrss and Plaintext
-        Include includes/freedombox-auth-ldap.conf
-        Require ldap-group cn=admin,ou=groups,dc=thisbox
-        Require ldap-group cn=feed-reader,ou=groups,dc=thisbox
-    </If>
-    <Else>
-        # Formats: Html and all other pages
-        Include includes/freedombox-single-sign-on.conf
-        <IfModule mod_auth_pubtkt.c>
-            TKTAuthToken "feed-reader" "admin"
-        </IfModule>
-    </Else>
+    <IfFile !/etc/rss-bridge/is_public>
+        <If "%{QUERY_STRING} =~ /format=[^H]/">
+            # Formats: Atom, Json, Mrss and Plaintext
+            Include includes/freedombox-auth-ldap.conf
+            Require ldap-group cn=admin,ou=groups,dc=thisbox
+            Require ldap-group cn=feed-reader,ou=groups,dc=thisbox
+        </If>
+        <Else>
+            # Formats: Html and all other pages
+            Include includes/freedombox-single-sign-on.conf
+            <IfModule mod_auth_pubtkt.c>
+                TKTAuthToken "feed-reader" "admin"
+            </IfModule>
+        </Else>
+    </IfFile>
+    <IfFile /etc/rss-bridge/is_public>
+        Require all granted
+    </IfFile>
 </Location>
--- a/plinth/modules/rssbridge/forms.py
+++ b/plinth/modules/rssbridge/forms.py
@ -0,0 +1,14 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
+"""Django forms for configuring RSS-Bridge."""
+
+from django import forms
+from django.utils.translation import gettext_lazy as _
+
+
+class RSSBridgeForm(forms.Form):
+    """RSS-Bridge configuration form."""
+
+    is_public = forms.BooleanField(
+        label=_('Allow Public Access'), help_text=_(
+            'Allow this application to be used by anyone who can reach it.'),
+        required=False)
--- a/plinth/modules/rssbridge/privileged.py
+++ b/plinth/modules/rssbridge/privileged.py
@ -2,12 +2,32 @@
 """Configure RSS-Bridge."""

 import pathlib
+from plinth import action_utils

 from plinth.actions import privileged

+PUBLIC_ACCESS_FILE = '/etc/rss-bridge/is_public'
+

@privileged
 def setup():
    """Configure RSS-Bridge by enable all bridges."""
    enable_list = pathlib.Path('/etc/rss-bridge/whitelist.txt')
    enable_list.write_text('*\n', encoding='utf-8')
+
+
+@privileged
+def set_public(enable: bool):
+    """Allow/disallow public access."""
+    public_access_file = pathlib.Path(PUBLIC_ACCESS_FILE)
+    if enable:
+        public_access_file.touch()
+    else:
+        public_access_file.unlink(missing_ok=True)
+
+    action_utils.service_reload('apache2')
+
+
+def is_public() -> bool:
+    """Return whether public access is enabled."""
+    return pathlib.Path(PUBLIC_ACCESS_FILE).exists()
--- a/plinth/modules/rssbridge/urls.py
+++ b/plinth/modules/rssbridge/urls.py
@ -5,9 +5,9 @@ URLs for the RSS-Bridge module.

 from django.urls import re_path

-from plinth.views import AppView
+from .views import RSSBridgeAppView

 urlpatterns = [
-    re_path(r'^apps/rssbridge/$', AppView.as_view(app_id='rssbridge'),
+    re_path(r'^apps/rssbridge/$', RSSBridgeAppView.as_view(app_id='rssbridge'),
            name='index'),
 ]
--- a/plinth/modules/rssbridge/views.py
+++ b/plinth/modules/rssbridge/views.py
@ -0,0 +1,33 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
+"""FreedomBox app for configuring RSS-Bridge."""
+
+from django.contrib import messages
+from django.utils.translation import gettext as _
+
+from plinth import views
+
+from . import privileged
+from .forms import RSSBridgeForm
+
+
+class RSSBridgeAppView(views.AppView):
+    """Serve configuration page."""
+
+    form_class = RSSBridgeForm
+    app_id = 'rssbridge'
+
+    def get_initial(self):
+        """Get the current RSS-Bridge settings."""
+        status = super().get_initial()
+        status['is_public'] = privileged.is_public()
+        return status
+
+    def form_valid(self, form):
+        """Apply the changes submitted in the form."""
+        old_status = form.initial
+        new_status = form.cleaned_data
+        if old_status['is_public'] != new_status['is_public']:
+            privileged.set_public(new_status['is_public'])
+            messages.success(self.request, _('Configuration updated'))
+
+        return super().form_valid(form)