From 63278f0bcdcc0f02d21af3928fcaa6fc6fd564b2 Mon Sep 17 00:00:00 2001 From: nbenedek Date: Sun, 16 Oct 2022 13:03:07 +0200 Subject: [PATCH] rssbridge: add option to allow public access These modifications are copied after the wordpress public access configurator. Signed-off-by: nbenedek Reviewed-by: Sunil Mohan Adapa --- .../apache2/conf-available/rss-bridge.conf | 32 ++++++++++-------- plinth/modules/rssbridge/forms.py | 14 ++++++++ plinth/modules/rssbridge/privileged.py | 20 +++++++++++ plinth/modules/rssbridge/urls.py | 4 +-- plinth/modules/rssbridge/views.py | 33 +++++++++++++++++++ 5 files changed, 88 insertions(+), 15 deletions(-) create mode 100644 plinth/modules/rssbridge/forms.py create mode 100644 plinth/modules/rssbridge/views.py diff --git a/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf b/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf index e3aaf2059..2c7e892ca 100644 --- a/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf +++ b/plinth/modules/rssbridge/data/etc/apache2/conf-available/rss-bridge.conf @@ -1,21 +1,27 @@ ## ## On all sites, provide RSS-Bridge on a default path: /rss-bridge ## Allow valid LDAP users from groups 'feed-reader' and 'admin'. +## Allow public access if 'is_public' file exists. ## Alias /rss-bridge /usr/share/rss-bridge - - # Formats: Atom, Json, Mrss and Plaintext - Include includes/freedombox-auth-ldap.conf - Require ldap-group cn=admin,ou=groups,dc=thisbox - Require ldap-group cn=feed-reader,ou=groups,dc=thisbox - - - # Formats: Html and all other pages - Include includes/freedombox-single-sign-on.conf - - TKTAuthToken "feed-reader" "admin" - - + + + # Formats: Atom, Json, Mrss and Plaintext + Include includes/freedombox-auth-ldap.conf + Require ldap-group cn=admin,ou=groups,dc=thisbox + Require ldap-group cn=feed-reader,ou=groups,dc=thisbox + + + # Formats: Html and all other pages + Include includes/freedombox-single-sign-on.conf + + TKTAuthToken "feed-reader" "admin" + + + + + Require all granted + diff --git a/plinth/modules/rssbridge/forms.py b/plinth/modules/rssbridge/forms.py new file mode 100644 index 000000000..69c1be9db --- /dev/null +++ b/plinth/modules/rssbridge/forms.py @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: AGPL-3.0-or-later +"""Django forms for configuring RSS-Bridge.""" + +from django import forms +from django.utils.translation import gettext_lazy as _ + + +class RSSBridgeForm(forms.Form): + """RSS-Bridge configuration form.""" + + is_public = forms.BooleanField( + label=_('Allow Public Access'), help_text=_( + 'Allow this application to be used by anyone who can reach it.'), + required=False) diff --git a/plinth/modules/rssbridge/privileged.py b/plinth/modules/rssbridge/privileged.py index 51778f89a..ad31fb541 100644 --- a/plinth/modules/rssbridge/privileged.py +++ b/plinth/modules/rssbridge/privileged.py @@ -2,12 +2,32 @@ """Configure RSS-Bridge.""" import pathlib +from plinth import action_utils from plinth.actions import privileged +PUBLIC_ACCESS_FILE = '/etc/rss-bridge/is_public' + @privileged def setup(): """Configure RSS-Bridge by enable all bridges.""" enable_list = pathlib.Path('/etc/rss-bridge/whitelist.txt') enable_list.write_text('*\n', encoding='utf-8') + + +@privileged +def set_public(enable: bool): + """Allow/disallow public access.""" + public_access_file = pathlib.Path(PUBLIC_ACCESS_FILE) + if enable: + public_access_file.touch() + else: + public_access_file.unlink(missing_ok=True) + + action_utils.service_reload('apache2') + + +def is_public() -> bool: + """Return whether public access is enabled.""" + return pathlib.Path(PUBLIC_ACCESS_FILE).exists() diff --git a/plinth/modules/rssbridge/urls.py b/plinth/modules/rssbridge/urls.py index 5df049814..03786488d 100644 --- a/plinth/modules/rssbridge/urls.py +++ b/plinth/modules/rssbridge/urls.py @@ -5,9 +5,9 @@ URLs for the RSS-Bridge module. from django.urls import re_path -from plinth.views import AppView +from .views import RSSBridgeAppView urlpatterns = [ - re_path(r'^apps/rssbridge/$', AppView.as_view(app_id='rssbridge'), + re_path(r'^apps/rssbridge/$', RSSBridgeAppView.as_view(app_id='rssbridge'), name='index'), ] diff --git a/plinth/modules/rssbridge/views.py b/plinth/modules/rssbridge/views.py new file mode 100644 index 000000000..3b5dc19ad --- /dev/null +++ b/plinth/modules/rssbridge/views.py @@ -0,0 +1,33 @@ +# SPDX-License-Identifier: AGPL-3.0-or-later +"""FreedomBox app for configuring RSS-Bridge.""" + +from django.contrib import messages +from django.utils.translation import gettext as _ + +from plinth import views + +from . import privileged +from .forms import RSSBridgeForm + + +class RSSBridgeAppView(views.AppView): + """Serve configuration page.""" + + form_class = RSSBridgeForm + app_id = 'rssbridge' + + def get_initial(self): + """Get the current RSS-Bridge settings.""" + status = super().get_initial() + status['is_public'] = privileged.is_public() + return status + + def form_valid(self, form): + """Apply the changes submitted in the form.""" + old_status = form.initial + new_status = form.cleaned_data + if old_status['is_public'] != new_status['is_public']: + privileged.set_public(new_status['is_public']) + messages.success(self.request, _('Configuration updated')) + + return super().form_valid(form)