From f20e8205d8d3c0ebbfa2953283a297099cf35801 Mon Sep 17 00:00:00 2001 From: cytopia Date: Wed, 30 Jan 2019 15:05:48 +0100 Subject: [PATCH 1/4] Refs #476 Enable autologin for phpPgAdmin --- .../phppgadmin-5.6.0/conf/config.inc.php | 13 ++++++++++ .../phppgadmin-5.6.0/libraries/lib.inc.php | 6 +++-- .../htdocs/vendor/phppgadmin-5.6.0/logout.php | 6 +++-- env-example | 26 +++++++++++++++++-- 4 files changed, 45 insertions(+), 6 deletions(-) diff --git a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/conf/config.inc.php b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/conf/config.inc.php index e718751f..a6afb214 100644 --- a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/conf/config.inc.php +++ b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/conf/config.inc.php @@ -20,6 +20,19 @@ // Database port on server (5432 is the PostgreSQL default) $conf['servers'][0]['port'] = 5432; + // ---- Auto-login + if (getenv('DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN') == 1) { + $_REQUEST['server']= 'pgsql:5432:allow'; + if(session_id() == ''){ + //session has not started + session_name('PPA_ID'); + session_start(); + } + $_SESSION['sharedUsername'] = getenv('PGSQL_ROOT_USER'); + $_SESSION['sharedPassword'] = getenv('PGSQL_ROOT_PASSWORD'); + } + // ---- end of Auto-login + // Database SSL mode // Possible options: disable, allow, prefer, require // To require SSL on older servers use option: legacy diff --git a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/libraries/lib.inc.php b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/libraries/lib.inc.php index 88c32004..19b23947 100644 --- a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/libraries/lib.inc.php +++ b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/libraries/lib.inc.php @@ -55,8 +55,10 @@ // Start session (if not auto-started) if (!ini_get('session.auto_start')) { - session_name('PPA_ID'); - session_start(); + if (session_id() == '') { + session_name('PPA_ID'); + session_start(); + } } // Do basic PHP configuration checks diff --git a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/logout.php b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/logout.php index faed8dc8..999d97f7 100644 --- a/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/logout.php +++ b/.devilbox/www/htdocs/vendor/phppgadmin-5.6.0/logout.php @@ -7,8 +7,10 @@ */ if (!ini_get('session.auto_start')) { - session_name('PPA_ID'); - session_start(); + if (session_id() == '') { + session_name('PPA_ID'); + session_start(); + } } unset($_SESSION); session_destroy(); diff --git a/env-example b/env-example index 36446270..6eff272e 100644 --- a/env-example +++ b/env-example @@ -6,10 +6,22 @@ ### All the following settings are applied during ### $ docker-compose up ### -### No need to rebuild any dockers! +### No need to rebuild any docker images! ### -### For custom variables, scroll to the bottom +### IMPORTANT: +### ---------- +### When changing any values ensure to stop, rm and restart: +### $ docker-compose stop +### $ docker-compose rm -f +### $ docker-compose up ### +### NOTE: +### ----- +### For you own custom variables, scroll to the bottom +### + +# The following line will disable any shellcheck warnings throughout this file +# shellcheck disable=SC2034,SC2125 ### @@ -212,6 +224,16 @@ DEVILBOX_UI_ENABLE=1 DEVILBOX_VENDOR_PHPMYADMIN_AUTOLOGIN=1 +### +### Automatically be logged in into phpPgAdmin +### +### Example: +### DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN=1 +### DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN=0 +### +DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN=1 + + ################################################################################ ### From a1fc1863fbbc42b927e23144d2c2c85398366b36 Mon Sep 17 00:00:00 2001 From: cytopia Date: Wed, 30 Jan 2019 15:06:05 +0100 Subject: [PATCH 2/4] Refs #476 Adjust tests for phpPgAdmin autologin --- .tests/intra-tests/vendor-phppgadmin.sh | 206 ++++++++++++++---------- 1 file changed, 117 insertions(+), 89 deletions(-) diff --git a/.tests/intra-tests/vendor-phppgadmin.sh b/.tests/intra-tests/vendor-phppgadmin.sh index 1aef6e3a..bfb30112 100755 --- a/.tests/intra-tests/vendor-phppgadmin.sh +++ b/.tests/intra-tests/vendor-phppgadmin.sh @@ -109,107 +109,135 @@ fi ### -### Login (get token URL) +### Evaluate successful phpPgAdmin login ### + +printf "[TEST] Evaluate successful phpPgAdmin login" # 1st Try -printf "[TEST] Retrieve phpPgAdmin token page" -if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then +if [ "$(curl -sS "localhost${URL}redirect.php?subject=server&server=pgsql%3A5432%3Aallow&" | tac | tac | grep -Ec 'data">(Database|Owner|Collation|Tablespace)')" != "4" ]; then # 2nd Try sleep 1 - if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then + if [ "$(curl -sS "localhost${URL}redirect.php?subject=server&server=pgsql%3A5432%3Aallow&" | tac | tac | grep -Ec 'data">(Database|Owner|Collation|Tablespace)')" != "4" ]; then # 3rd Try sleep 1 - if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then - printf "\r[FAIL] Retrieve phpPgAdmin login page\n" - curl -sS localhost/${URL}servers.php || true - curl -sSI localhost/${URL}servers.php || true - rm -f cookie.txt + if [ "$(curl -sS "localhost${URL}redirect.php?subject=server&server=pgsql%3A5432%3Aallow&" | tac | tac | grep -Ec 'data">(Database|Owner|Collation|Tablespace)')" != "4" ]; then + printf "\r[FAIL] Evaluate successful phpPgAdmin login\n" + curl -sS "localhost/${URL}redirect.php?subject=server&server=pgsql%3A5432%3Aallow&" || true + curl -sSI "localhost/${URL}redirect.php?subject=server&server=pgsql%3A5432%3Aallow&" || true exit 1 else - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" - printf "\r[OK] Retrieve phpPgAdmin token page (3 rounds): ${TOKEN_URL}\n" + printf "\r[OK] Evaluate successful phpPgAdmin login (3 rounds)\n" fi else - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" - printf "\r[OK] Retrieve phpPgAdmin login token (2 rounds): ${TOKEN_URL}\n" + printf "\r[OK] Evaluate successful phpPgAdmin login (2 rounds)\n" fi else - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" - TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" - printf "\r[OK] Retrieve phpPgAdmin token page (1 round): ${TOKEN_URL}\n" + printf "\r[OK] Evaluate successful phpPgAdmin login (1 round)\n" fi -### -### Login (get Login Token) -### -TOKEN= -printf "[TEST] Retrieve phpPgAdmin login token" -# 1st Try -if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then - # 2nd Try - sleep 1 - if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then - # 3rd Try - sleep 1 - if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then - printf "\r[FAIL] Retrieve phpPgAdmin login token\n" - curl -sS "${TOKEN_URL_URL}" || true - curl -sSI "${TOKEN_URL_URL}" || true - rm -f cookie.txt - exit 1 - else - TOKEN="$( echo "${TOKEN}" | head -1 )" - printf "\r[OK] Retrieve phpPgAdmin login token (3 rounds): ${TOKEN}\n" - fi - else - TOKEN="$( echo "${TOKEN}" | head -1 )" - printf "\r[OK] Retrieve phpPgAdmin login token (2 rounds): ${TOKEN}\n" - fi -else - TOKEN="$( echo "${TOKEN}" | head -1 )" - printf "\r[OK] Retrieve phpPgAdmin login token (1 round): ${TOKEN}\n" -fi - - -### -### Login -### - -printf "[TEST] Submit phpPgAdmin POST login" -# 1st Try -if ! curl -sS -c cookie.txt -b cookie.txt \ - -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ - localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then - # 2nd Try - sleep 1 - if ! curl -sS -c cookie.txt -b cookie.txt \ - -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ - localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then - # 3rd Try - sleep 1 - if ! curl -sS -c cookie.txt -b cookie.txt \ - -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ - localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then - printf "\r[FAIL] Submit phpPgAdmin POST login\n" - curl -sS -c cookie.txt -b cookie.txt \ - -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ - localhost${URL}redirect.php || true - curl -sSI -c cookie.txt -b cookie.txt \ - -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ - localhost${URL}redirect.php || true - rm -f cookie.txt || true - exit 1 - else - printf "\r[OK] Submit phpPgAdmin POST login (3 rounds)\n" - fi - else - printf "\r[OK] Submit phpPgAdmin POST login (2 rounds)\n" - fi -else - printf "\r[OK] Submit phpPgAdmin POST login (1 round)\n" -fi - -rm -f cookie.txt || true +#### +#### Login (get token URL) +#### +## 1st Try +#printf "[TEST] Retrieve phpPgAdmin token page" +#if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then +# # 2nd Try +# sleep 1 +# if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then +# # 3rd Try +# sleep 1 +# if ! TOKEN_URL="$( curl -sS -c cookie.txt localhost${URL}servers.php | tac | tac | grep -Eo "\"redirect\.php\?subject=server.+\"" )"; then +# printf "\r[FAIL] Retrieve phpPgAdmin login page\n" +# curl -sS localhost/${URL}servers.php || true +# curl -sSI localhost/${URL}servers.php || true +# rm -f cookie.txt +# exit 1 +# else +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" +# printf "\r[OK] Retrieve phpPgAdmin token page (3 rounds): ${TOKEN_URL}\n" +# fi +# else +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" +# printf "\r[OK] Retrieve phpPgAdmin login token (2 rounds): ${TOKEN_URL}\n" +# fi +#else +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/"//g' )" +# TOKEN_URL="$( echo "${TOKEN_URL}" | sed 's/&/\&/g' )" +# printf "\r[OK] Retrieve phpPgAdmin token page (1 round): ${TOKEN_URL}\n" +#fi +# +# +#### +#### Login (get Login Token) +#### +#TOKEN= +#printf "[TEST] Retrieve phpPgAdmin login token" +## 1st Try +#if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then +# # 2nd Try +# sleep 1 +# if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then +# # 3rd Try +# sleep 1 +# if ! TOKEN="$( curl -sS -c cookie.txt -b cookie.txt "localhost${URL}${TOKEN_URL}" | tac | tac | grep -Eo "loginPassword_[a-zA-Z0-9]+" )"; then +# printf "\r[FAIL] Retrieve phpPgAdmin login token\n" +# curl -sS "${TOKEN_URL_URL}" || true +# curl -sSI "${TOKEN_URL_URL}" || true +# rm -f cookie.txt +# exit 1 +# else +# TOKEN="$( echo "${TOKEN}" | head -1 )" +# printf "\r[OK] Retrieve phpPgAdmin login token (3 rounds): ${TOKEN}\n" +# fi +# else +# TOKEN="$( echo "${TOKEN}" | head -1 )" +# printf "\r[OK] Retrieve phpPgAdmin login token (2 rounds): ${TOKEN}\n" +# fi +#else +# TOKEN="$( echo "${TOKEN}" | head -1 )" +# printf "\r[OK] Retrieve phpPgAdmin login token (1 round): ${TOKEN}\n" +#fi +# +# +#### +#### Login +#### +# +#printf "[TEST] Submit phpPgAdmin POST login" +## 1st Try +#if ! curl -sS -c cookie.txt -b cookie.txt \ +# -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ +# localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then +# # 2nd Try +# sleep 1 +# if ! curl -sS -c cookie.txt -b cookie.txt \ +# -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ +# localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then +# # 3rd Try +# sleep 1 +# if ! curl -sS -c cookie.txt -b cookie.txt \ +# -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ +# localhost${URL}redirect.php 2>/dev/null | grep -q "Create database"; then +# printf "\r[FAIL] Submit phpPgAdmin POST login\n" +# curl -sS -c cookie.txt -b cookie.txt \ +# -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ +# localhost${URL}redirect.php || true +# curl -sSI -c cookie.txt -b cookie.txt \ +# -d "subject=server&server=pgsql%3A5432%3Aallow&loginServer=pgsql%3A5432%3Aallow&loginUsername=postgres&${TOKEN}=&loginSubmit=Login" \ +# localhost${URL}redirect.php || true +# rm -f cookie.txt || true +# exit 1 +# else +# printf "\r[OK] Submit phpPgAdmin POST login (3 rounds)\n" +# fi +# else +# printf "\r[OK] Submit phpPgAdmin POST login (2 rounds)\n" +# fi +#else +# printf "\r[OK] Submit phpPgAdmin POST login (1 round)\n" +#fi +# +#rm -f cookie.txt || true From 47ed08d61bf3cd39bbc20e58f20a86e733a0e809 Mon Sep 17 00:00:00 2001 From: cytopia Date: Wed, 30 Jan 2019 15:06:29 +0100 Subject: [PATCH 3/4] Refs #476 Adjust documentation for phpPgAdmin autologin --- docs/configuration-files/env-file.rst | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/docs/configuration-files/env-file.rst b/docs/configuration-files/env-file.rst index 0c9c17da..7b456d79 100644 --- a/docs/configuration-files/env-file.rst +++ b/docs/configuration-files/env-file.rst @@ -525,6 +525,20 @@ password here as well, you should set the value to ``0``. +-------------------------------------------+----------------+-------------------+ +DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN +------------------------------------ + +By default phpPgAdmin will autologin without having to specify username or password. The phpPgAdmin +vendor is not protected once you protect the Intranet. If you want users to enter username and +password here as well, you should set the value to ``0``. + ++-------------------------------------------+----------------+-------------------+ +| Name | Allowed values | Default value | ++===========================================+================+===================+ +| ``DEVILBOX_VENDOR_PHPPGADMIN_AUTOLOGIN`` | ``0`` or ``1`` | ``1`` | ++-------------------------------------------+----------------+-------------------+ + + Docker image versions ===================== From 4ee37cb9a90ee1f758d7f6260d02d7a7713ac68d Mon Sep 17 00:00:00 2001 From: cytopia Date: Wed, 30 Jan 2019 15:06:48 +0100 Subject: [PATCH 4/4] Bump version --- .devilbox/www/config.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devilbox/www/config.php b/.devilbox/www/config.php index 6d4446e8..f78db620 100644 --- a/.devilbox/www/config.php +++ b/.devilbox/www/config.php @@ -14,7 +14,7 @@ putenv('RES_OPTIONS=retrans:1 retry:1 timeout:1 attempts:1'); $DEVILBOX_VERSION = 'v0.15'; -$DEVILBOX_DATE = '2019-01-29'; +$DEVILBOX_DATE = '2019-01-30'; $DEVILBOX_API_PAGE = 'devilbox-api/status.json'; //