From ec0ac57a62103329ec3ec21bb7fc1fc5fa78f1f1 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 15 Sep 2021 03:04:39 +0530 Subject: [PATCH 01/27] Add all_sites subcommand --- auth-command.php | 2 +- src/Auth_Command.php | 42 +++++++++++++++++++++++++++++++++++++++++- 2 files changed, 42 insertions(+), 2 deletions(-) diff --git a/auth-command.php b/auth-command.php index aa0a8cc..e055edf 100644 --- a/auth-command.php +++ b/auth-command.php @@ -9,4 +9,4 @@ require_once $autoload; } -EE::add_command( 'auth', 'Auth_Command' ); +EE::add_command( 'auth', 'Auth_Command' ); \ No newline at end of file diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 1e36e9f..1ce8e72 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -16,6 +16,7 @@ use EE\Model\Auth; use EE\Model\Whitelist; +use EE\Model\Site; use Symfony\Component\Filesystem\Filesystem; use function EE\Auth\Utils\verify_htpasswd_is_present; use function EE\Site\Utils\auto_site_name; @@ -91,6 +92,45 @@ public function create( $args, $assoc_args ) { } } + /** + * Creates http authentication for a all the sites available. + * + * ## OPTIONS + * + * [--user=] + * : Username for http auth. + * + * [--pass=] + * : Password for http auth. + * + * ## EXAMPLES + * + * # Add auth on all sites with predefined username and password + * $ ee auth all_sites --user=test --pass=password + * + */ + public function all_sites( $args, $assoc_args ) { + verify_htpasswd_is_present(); + + $user = \EE\Utils\get_flag_value( $assoc_args, 'user' ); + $passwd = \EE\Utils\get_flag_value( $assoc_args, 'pass' ); + + // check if username and password is set. + if ( empty( $user ) || empty( $passwd ) ) { + EE::error( 'Invalid usage. Correct usage: ee auth all_sites --user --pass' ); + return; + } + + $sites = Site::all(); + + // run through all the available sites. + foreach( $sites as $site ) { + EE::line( 'Adding auth to ' . $site->site_url ); + $this->create_auth( $assoc_args, 'default', $site->site_url ); + EE::line( '===================' ); + } + } + /** * Cleans and Validate IP addresses * Converts input separated by comma, spaces and new-lines in array @@ -167,7 +207,7 @@ private function create_auth( array $assoc_args, bool $global, string $site_url EE::log( 'Reloading global reverse proxy.' ); reload_global_nginx_proxy(); - EE::success( sprintf( 'Auth successfully updated for `%s` scope. New values added:', $this->site_data->site_url ) ); + EE::success( sprintf( 'Auth successfully updated for `%s` scope. New values added:', $site_url ) ); EE::line( 'User: ' . $user ); EE::line( 'Pass: ' . $pass ); From f467b8d5e9c94b54ea3c740b21f8e0a377846e70 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 15 Sep 2021 03:30:44 +0530 Subject: [PATCH 02/27] Add ignore-existing, silent flags --- src/Auth_Command.php | 33 ++++++++++++++++++++++++++++----- 1 file changed, 28 insertions(+), 5 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 1ce8e72..0c58559 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -93,7 +93,7 @@ public function create( $args, $assoc_args ) { } /** - * Creates http authentication for a all the sites available. + * Creates http authentication for all the available. * * ## OPTIONS * @@ -102,7 +102,13 @@ public function create( $args, $assoc_args ) { * * [--pass=] * : Password for http auth. + * + * [--ignore-existing] + * : Ignores the sites which already have the user added. * + * [--silent] + * : Does not make a fuss. + * * ## EXAMPLES * * # Add auth on all sites with predefined username and password @@ -112,8 +118,10 @@ public function create( $args, $assoc_args ) { public function all_sites( $args, $assoc_args ) { verify_htpasswd_is_present(); - $user = \EE\Utils\get_flag_value( $assoc_args, 'user' ); - $passwd = \EE\Utils\get_flag_value( $assoc_args, 'pass' ); + $user = \EE\Utils\get_flag_value( $assoc_args, 'user' ); + $passwd = \EE\Utils\get_flag_value( $assoc_args, 'pass' ); + $ignore_existing = \EE\Utils\get_flag_value( $assoc_args, 'ignore-existing' ); + $silent = \EE\Utils\get_flag_value( $assoc_args, 'silent' ); // check if username and password is set. if ( empty( $user ) || empty( $passwd ) ) { @@ -125,9 +133,24 @@ public function all_sites( $args, $assoc_args ) { // run through all the available sites. foreach( $sites as $site ) { - EE::line( 'Adding auth to ' . $site->site_url ); + $query_conditions = [ + 'site_url' => $site->site_url, + 'username' => $user, + ]; + + $existing_auths = Auth::where( $query_conditions ); + + if ( ! empty( $existing_auths ) && $ignore_existing) { + $silent ? '' : EE::warning( sprintf( '`%1$s` already exists on `%2$s`. Ignoring...', $user, $site->site_url ) ); + $silent ? '' : EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); + continue; + } + + $silent ? '' : EE::line( sprintf( 'Adding auth to %s', $site->site_url ) ); + $this->create_auth( $assoc_args, 'default', $site->site_url ); - EE::line( '===================' ); + + $silent ? '' : EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); } } From 2ec948da1dc105e95b54b8f096eebaa895dedec2 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 15 Sep 2021 13:56:46 +0530 Subject: [PATCH 03/27] Add delete all-sites command --- src/Auth_Command.php | 63 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 0c58559..f9a6393 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -112,8 +112,9 @@ public function create( $args, $assoc_args ) { * ## EXAMPLES * * # Add auth on all sites with predefined username and password - * $ ee auth all_sites --user=test --pass=password + * $ ee auth all-sites --user=test --pass=password * + * @subcommand all-sites */ public function all_sites( $args, $assoc_args ) { verify_htpasswd_is_present(); @@ -610,9 +611,15 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * * [] * : Name of website / `global` for global scope. + * + * [] + * : Delete authentication on all sites. * * [--user=] * : Username that needs to be deleted. + * + * [--pass=] + * : Username with this password that needs to be deleted. * * [--ip] * : IP to remove. Default removes all. @@ -642,6 +649,11 @@ public function delete( $args, $assoc_args ) { verify_htpasswd_is_present(); + if ( 'all-sites' === $args[0] ) { + $this->delete_all( $assoc_args ); + return; + } + $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ip = EE\Utils\get_flag_value( $assoc_args, 'ip' ); @@ -715,6 +727,55 @@ public function delete( $args, $assoc_args ) { reload_global_nginx_proxy(); } } + + /** + * Deletes authentication on all the sites (matching a criteria) + * + * @param array $assoc_args associated arguments passed form the CLI. + * + * @return void + */ + private function delete_all( $assoc_args ) { + EE::confirm( 'This action will delete authentication on all the sites. Do you wish to continue?' ); + $args = array(); + + if ( ! empty( $assoc_args['user'] ) ) { + $args['username'] = $assoc_args['user']; + } + + if ( ! empty( $assoc_args['pass'] ) ) { + $args['password'] = $assoc_args['pass']; + } + + + if ( ! empty( $args ) ) { + $sites = Auth::where( $args ); + } else { + $sites = Auth::all(); + } + + if ( empty( $sites ) ) { + $optional_text = ( ! empty( $assoc_args['pass'] ) ) ? sprintf( 'and password `%s`', $assoc_args['pass'] ) : ''; + empty( $args ) ? EE::error( 'No sites found' ) : EE::error( sprintf( 'No sites auth with username `%1$s` %2$s', $assoc_args['user'], $optional_text ) ); + return; + } + + foreach( $sites as $site ) { + if ( 'default_admin_tools' === $site->site_url ) { + continue; + } + + $args = array( $site->site_url ); + + $assoc_args = array( + 'user' => $site->username, + ); + + $this->delete( $args, $assoc_args ); + EE::line( sprintf( 'Deleted authentication on %1$s', $site->site_url ) ); + EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); + } + } /** * Lists http authentication users of a site. From f1d451334cc9fd2638c172cfcedaebd9f43a41d9 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 15 Sep 2021 14:06:09 +0530 Subject: [PATCH 04/27] Update READMe.md; add docs --- README.md | 50 +++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 8afb10a..8b7d7a0 100644 --- a/README.md +++ b/README.md @@ -27,6 +27,18 @@ ee auth # Delete auth from a site $ ee auth delete example.com --user=test + # Add auth to all sites + $ ee auth all-sites --user=test --pass=test + + # Delete auth from all sites + $ ee auth delete all-sites + + # Delete auth from all sites with username + $ ee auth delete all-sites --user=test + + # Delete auth from all sites with username and password + $ ee auth delete all-sites --user=test --pass=test + ### ee auth create @@ -72,13 +84,34 @@ ee auth create [] [--user=] [--pass=] [--ip=] $ ee auth create global --ip=8.8.8.8,1.1.1.1 +### ee auth all-sites + +Creates http authentication for all available sites. + +~~~ +ee auth all-sites [--user=] [--pass=] +~~~ + +**OPTIONS** + + [--user=] + Username for http auth. + + [--pass=] + Password for http auth. + +**EXAMPLES** + + # Add auth on all sites with username and password + $ ee auth all-sites --user=test --pass=test + ### ee auth delete Deletes http authentication for a site. Default: removes http authentication from site. If `--user` is passed it removes that specific user. ~~~ -ee auth delete [] [--user=] [--ip] +ee auth delete [/] [--user=] [--pass=] [--ip] ~~~ **OPTIONS** @@ -86,9 +119,15 @@ ee auth delete [] [--user=] [--ip] [] Name of website / `global` for global scope. + [] + Delete auth from all sites available. + [--user=] Username that needs to be deleted. + [--user=] + Password that needs to be matched while using all-sites. + [--ip] IP to remove. Default removes all. @@ -103,6 +142,15 @@ ee auth delete [] [--user=] [--ip] # Remove global auth on all sites (but not admin tools) with default username(easyengine) $ ee auth delete global + # Remove auth on all sites (but not admin tools) + $ ee auth delete all-sites + + # Remove auth on all sites (but not admin tools) with username + $ ee auth delete all-sites --user=test + + # Remove auth on all sites (but not admin tools) with username and password + $ ee auth delete all-sites --user=test --pass=test + # Remove specific whitelisted IPs on site $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 From d96bb7daa9037fc86b79d8eb224370c97f1c7a66 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 15 Sep 2021 14:06:28 +0530 Subject: [PATCH 05/27] Fix logic --- src/Auth_Command.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index f9a6393..e8f756e 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -736,17 +736,19 @@ public function delete( $args, $assoc_args ) { * @return void */ private function delete_all( $assoc_args ) { - EE::confirm( 'This action will delete authentication on all the sites. Do you wish to continue?' ); $args = array(); if ( ! empty( $assoc_args['user'] ) ) { $args['username'] = $assoc_args['user']; } - if ( ! empty( $assoc_args['pass'] ) ) { + if ( ! empty( $assoc_args['pass'] ) && ! empty( $assoc_args['user'] ) ) { $args['password'] = $assoc_args['pass']; + } else { + EE::error( 'Incorrect usage. Please supply the username using --user' ); } + EE::confirm( 'This action will delete authentication on all the sites. Do you wish to continue?' ); if ( ! empty( $args ) ) { $sites = Auth::where( $args ); From ff87fdfd2c113761a8a6c9f537272deef55278e1 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Fri, 17 Sep 2021 23:08:19 +0530 Subject: [PATCH 06/27] Add auth support --- src/Auth_Command.php | 165 ++++++++++++++++++++++++++++++------------- src/auth-utils.php | 4 +- 2 files changed, 119 insertions(+), 50 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index e8f756e..cfabb0a 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -17,11 +17,13 @@ use EE\Model\Auth; use EE\Model\Whitelist; use EE\Model\Site; +use EE\Model\Option; use Symfony\Component\Filesystem\Filesystem; use function EE\Auth\Utils\verify_htpasswd_is_present; use function EE\Site\Utils\auto_site_name; use function EE\Site\Utils\get_site_info; use function EE\Site\Utils\reload_global_nginx_proxy; +// use function EE\Service\Utils\ensure_global_network_initialized; class Auth_Command extends EE_Command { @@ -46,7 +48,7 @@ public function __construct() { * ## OPTIONS * * [] - * : Name of website / `global` for global scope. + * : Name of website / `global` for global scope / 'admin-tools' for admin-tools. * * [--user=] * : Username for http auth. @@ -56,6 +58,9 @@ public function __construct() { * * [--ip=] * : IP to whitelist. + * + * [--show-updated] + * : Shows updated `admin-tools` auth if site-name == admin-tools. * * ## EXAMPLES * @@ -81,6 +86,11 @@ public function create( $args, $assoc_args ) { verify_htpasswd_is_present(); + if ( 'admin-tools' === $args[0] ) { + $this->admin_tools_create_auth( $assoc_args ); + return; + } + $global = $this->populate_info( $args, __FUNCTION__ ); $ips = \EE\Utils\get_flag_value( $assoc_args, 'ip' ); $site_url = $global ? 'default' : $this->site_data->site_url; @@ -96,24 +106,24 @@ public function create( $args, $assoc_args ) { * Creates http authentication for all the available. * * ## OPTIONS - * + * * [--user=] * : Username for http auth. * * [--pass=] * : Password for http auth. - * + * * [--ignore-existing] * : Ignores the sites which already have the user added. * * [--silent] * : Does not make a fuss. - * + * * ## EXAMPLES * * # Add auth on all sites with predefined username and password * $ ee auth all-sites --user=test --pass=password - * + * * @subcommand all-sites */ public function all_sites( $args, $assoc_args ) { @@ -130,18 +140,18 @@ public function all_sites( $args, $assoc_args ) { return; } - $sites = Site::all(); + $sites = Site::all(); // run through all the available sites. - foreach( $sites as $site ) { - $query_conditions = [ + foreach ( $sites as $site ) { + $query_conditions = array( 'site_url' => $site->site_url, 'username' => $user, - ]; + ); $existing_auths = Auth::where( $query_conditions ); - if ( ! empty( $existing_auths ) && $ignore_existing) { + if ( ! empty( $existing_auths ) && $ignore_existing ) { $silent ? '' : EE::warning( sprintf( '`%1$s` already exists on `%2$s`. Ignoring...', $user, $site->site_url ) ); $silent ? '' : EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); continue; @@ -155,6 +165,8 @@ public function all_sites( $args, $assoc_args ) { } } + + /** * Cleans and Validate IP addresses * Converts input separated by comma, spaces and new-lines in array @@ -185,8 +197,8 @@ private function clean_and_validate_ips( string $ips ) { /** * Creates http auth * - * @param array $assoc_args Assoc args passed to command - * @param bool $global Enable auth on global + * @param array $assoc_args Assoc args passed to command + * @param bool $global Enable auth on global * @param string $site_url URL of site * * @throws Exception @@ -194,16 +206,16 @@ private function clean_and_validate_ips( string $ips ) { private function create_auth( array $assoc_args, bool $global, string $site_url ) { $user = \EE\Utils\get_flag_value( $assoc_args, 'user', 'ee-' . EE\Utils\random_password( 6 ) ); $pass = \EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); - $auth_data = [ + $auth_data = array( 'site_url' => $site_url, 'username' => $user, 'password' => $pass, - ]; + ); - $query_conditions = [ + $query_conditions = array( 'site_url' => $site_url, 'username' => $user, - ]; + ); $query_conditions['username'] = $user; $error_message = "Auth for user $user already exists for this site. To update it, use `ee auth update`'"; @@ -215,6 +227,7 @@ private function create_auth( array $assoc_args, bool $global, string $site_url } $admin_tools_auth = Auth::get_global_admin_tools_auth(); + EE::warning( $site_url ); if ( 'default' === $site_url && ! empty( $admin_tools_auth ) ) { $admin_tools_auth[0]->site_url = 'default'; $admin_tools_auth[0]->save(); @@ -254,10 +267,10 @@ private function create_whitelist( string $site_url, string $ips ) { foreach ( $user_ips as $ip ) { Whitelist::create( - [ + array( 'site_url' => $site_url, 'ip' => $ip, - ] + ) ); } @@ -282,9 +295,9 @@ private function populate_info( $args, $command ) { $global = false; if ( isset( $args[0] ) && 'global' === $args[0] ) { - $this->site_data = (object) [ + $this->site_data = (object) array( 'site_url' => $args[0], - ]; + ); $global = true; } else { $args = auto_site_name( $args, 'auth', $command ); @@ -296,6 +309,7 @@ private function populate_info( $args, $command ) { /** * Regenerate admin-tools auth if needed when global auth is deleted. + * * @throws Exception * @throws \EE\ExitException */ @@ -341,7 +355,7 @@ private function generate_global_auth_files() { $sites = array_unique( array_column( - Auth::all( [ 'site_url' ] ), + Auth::all( array( 'site_url' ) ), 'site_url' ) ); @@ -388,7 +402,7 @@ private function generate_global_whitelist() { $sites = array_unique( array_column( - Whitelist::all( [ 'site_url' ] ), + Whitelist::all( array( 'site_url' ) ), 'site_url' ) ); @@ -475,7 +489,6 @@ private function put_ips_to_file( string $file, array $ips ) { * * # Update whitelisted IPs on all sites * $ ee auth update global --ip=8.8.8.8,1.1.1.1 - * */ public function update( $args, $assoc_args ) { @@ -483,7 +496,7 @@ public function update( $args, $assoc_args ) { $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; - $ips = EE\Utils\get_flag_value( $assoc_args, 'ip' ); + $ips = EE\Utils\get_flag_value( $assoc_args, 'ip' ); if ( $ips ) { $this->update_whitelist( $site_url, $ips ); @@ -541,10 +554,10 @@ private function update_whitelist( string $site_url, string $ips ) { foreach ( $user_ips as $ip ) { $existing_ips = Whitelist::where( - [ + array( 'site_url' => $site_url, 'ip' => $ip, - ] + ) ); if ( ! empty( $existing_ips ) ) { @@ -553,10 +566,10 @@ private function update_whitelist( string $site_url, string $ips ) { } Whitelist::create( - [ + array( 'site_url' => $site_url, 'ip' => $ip, - ] + ) ); } @@ -582,9 +595,9 @@ private function update_whitelist( string $site_url, string $ips ) { */ private function get_auths( $site_url, $user, $error_if_empty = true ) { - $where_conditions = [ + $where_conditions = array( 'site_url' => $site_url, - ]; + ); $user_error_msg = ''; if ( $user ) { @@ -611,13 +624,13 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * * [] * : Name of website / `global` for global scope. - * + * * [] * : Delete authentication on all sites. * * [--user=] * : Username that needs to be deleted. - * + * * [--pass=] * : Username with this password that needs to be deleted. * @@ -643,13 +656,12 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * * # Remove whitelisted IPs on all sites * $ ee auth delete global --ip=1.1.1.1 - * */ public function delete( $args, $assoc_args ) { verify_htpasswd_is_present(); - if ( 'all-sites' === $args[0] ) { + if ( 'all-sites' === $args[0] ) { $this->delete_all( $assoc_args ); return; } @@ -659,7 +671,7 @@ public function delete( $args, $assoc_args ) { $ip = EE\Utils\get_flag_value( $assoc_args, 'ip' ); if ( ! $ip ) { - $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); + $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); $auths = $this->get_auths( $site_url, $user ); foreach ( $auths as $auth ) { @@ -684,9 +696,11 @@ public function delete( $args, $assoc_args ) { } else { if ( true === $ip ) { - $whitelists = Whitelist::where( [ - 'site_url' => $site_url, - ] ); + $whitelists = Whitelist::where( + array( + 'site_url' => $site_url, + ) + ); foreach ( $whitelists as $whitelist ) { $whitelist->delete(); @@ -696,10 +710,10 @@ public function delete( $args, $assoc_args ) { foreach ( $user_ips as $ip ) { $existing_ips = Whitelist::where( - [ + array( 'site_url' => $site_url, 'ip' => $ip, - ] + ) ); if ( empty( $existing_ips ) ) { @@ -708,10 +722,10 @@ public function delete( $args, $assoc_args ) { } $whitelist = Whitelist::where( - [ + array( 'site_url' => $site_url, 'ip' => $ip, - ] + ) ); $whitelist[0]->delete(); @@ -727,7 +741,7 @@ public function delete( $args, $assoc_args ) { reload_global_nginx_proxy(); } } - + /** * Deletes authentication on all the sites (matching a criteria) * @@ -762,7 +776,7 @@ private function delete_all( $assoc_args ) { return; } - foreach( $sites as $site ) { + foreach ( $sites as $site ) { if ( 'default_admin_tools' === $site->site_url ) { continue; } @@ -809,9 +823,12 @@ private function delete_all( $assoc_args ) { * * # List all global auth * $ ee auth list global - * */ public function list( $args, $assoc_args ) { + if ( ! empty( $args[0]) && 'admin-tools' === $args[0] ) { + $this->admin_tools_list_auth(); + return; + } $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; @@ -820,7 +837,7 @@ public function list( $args, $assoc_args ) { if ( $ip ) { $whitelists = Whitelist::where( 'site_url', $site_url ); - $formatter = new EE\Formatter( $assoc_args, [ 'ip' ] ); + $formatter = new EE\Formatter( $assoc_args, array( 'ip' ) ); $formatter->display_items( $whitelists ); } else { $log_msg = ''; @@ -843,7 +860,7 @@ public function list( $args, $assoc_args ) { if ( empty( $auths ) ) { EE::warning( sprintf( 'Auth does not exists on %s', $site_url ) ); } else { - $formatter = new EE\Formatter( $assoc_args, [ 'username', 'password' ] ); + $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); $formatter->display_items( $auths ); } } @@ -851,10 +868,62 @@ public function list( $args, $assoc_args ) { EE::log( PHP_EOL . $log_msg ); } if ( ! empty( $auths_global ) ) { - $formatter = new EE\Formatter( $assoc_args, [ 'username', 'password' ] ); + $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); $formatter->display_items( $auths_global ); } } } + + /** + * Helper function for ee auth create admin-tools + * Creates auth for `default_admin_tools` + * + * @param array $assoc_argsassoc arguments passed to ee auth create + * + * @return void + */ + private function admin_tools_create_auth( $assoc_args ) { + verify_htpasswd_is_present(); + + if ( empty( $assoc_args['user'] ) ) { + EE::error( 'Username cannot be empty. See: --user' ); + return; + } // no random usernames allowed. + + $user = $assoc_args['user']; + $pass = $assoc_args['pass'] ?? EE\Utils\random_password(); // if no password specified, use rand. + $show_updated_auth = $assoc_args['show-updated'] ?? false; // prints updated auth list. + + + // prepare data to be passed to create(). + $columns = array( + 'site_url' => 'default_admin_tools', + 'username' => $user, + 'password' => $pass, + ); + + // Use create() with site_url='default_admin_tools'. + // \EE\Model\Auth::create( $columns ); + + // Prepare and execute command to create updated htpasswd file. + // EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); + + EE::success( 'Added auth to `admin-tools`' ); + + if ( $show_updated_auth ) { + EE::line( 'Updated auth list: ' ); + EE::run_command( array( + 'auth', + 'list', + 'admin-tools', + ) + ); + } + } + + private function admin_tools_list_auth() { + $curr_admin_tools_auths = Auth::get_global_admin_tools_auth(); + print_r( $curr_admin_tools_auths ); + } } diff --git a/src/auth-utils.php b/src/auth-utils.php index dde463e..01a20e1 100644 --- a/src/auth-utils.php +++ b/src/auth-utils.php @@ -30,11 +30,11 @@ function init_global_admin_tools_auth( $display_log = true ) { verify_htpasswd_is_present(); $pass = \EE\Utils\random_password(); - $auth_data = [ + $auth_data = array( 'site_url' => 'default_admin_tools', 'username' => 'easyengine', 'password' => $pass, - ]; + ); Auth::create( $auth_data ); From 483669c2a006f4da50c567ebbdb19034562d50e4 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Sat, 18 Sep 2021 00:01:40 +0530 Subject: [PATCH 07/27] Add auth support --- src/Auth_Command.php | 41 +++++++++++++++++++++++++++-------------- 1 file changed, 27 insertions(+), 14 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index cfabb0a..1b66641 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -799,7 +799,7 @@ private function delete_all( $assoc_args ) { * ## OPTIONS * * [] - * : Name of website / `global` for global scope. + * : Name of website / `global` for global scope / 'admin-tools' for admin tool auths only. * * [--ip] * : Show whitelisted IPs of site. @@ -903,27 +903,40 @@ private function admin_tools_create_auth( $assoc_args ) { ); // Use create() with site_url='default_admin_tools'. - // \EE\Model\Auth::create( $columns ); + \EE\Model\Auth::create( $columns ); // Prepare and execute command to create updated htpasswd file. - // EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); + EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); EE::success( 'Added auth to `admin-tools`' ); - + EE::line( sprintf( 'Username: %s', $user ) ); + EE::line( sprintf( 'Password: %s', $pass ) ); + EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); + if ( $show_updated_auth ) { - EE::line( 'Updated auth list: ' ); - EE::run_command( array( - 'auth', - 'list', - 'admin-tools', - ) - ); + EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); } } - + + /** + * Helper function for ee auth list admin-tools. + * Prints all the auths on site_name=default_admin_tools. + * + * @return void + */ private function admin_tools_list_auth() { - $curr_admin_tools_auths = Auth::get_global_admin_tools_auth(); - print_r( $curr_admin_tools_auths ); + $auths = $this->get_auths( 'default_admin_tools', false, false ); + + if ( empty( $auths ) ) { + EE::warning( sprintf( 'Auth does not exists on `default_admin_tools`' ) ); + } else { + EE::line( 'Following auth exists on admin-tools (default_admin_tools):' ); + $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); + $formatter->display_items( $auths ); + } + if ( ! empty( $log_msg ) ) { + EE::log( PHP_EOL . $log_msg ); + } } } From 7932affe2101350e52b670c56aa4d45546d5e185 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Sat, 18 Sep 2021 00:03:24 +0530 Subject: [PATCH 08/27] Change file structure --- src/Auth_Command.php | 86 ++++++++++++++++++++++---------------------- 1 file changed, 42 insertions(+), 44 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 1b66641..9a05616 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -165,7 +165,49 @@ public function all_sites( $args, $assoc_args ) { } } + /** + * Helper function for ee auth create admin-tools + * Creates auth for `default_admin_tools` + * + * @param array $assoc_argsassoc arguments passed to ee auth create + * + * @return void + */ + private function admin_tools_create_auth( $assoc_args ) { + verify_htpasswd_is_present(); + + if ( empty( $assoc_args['user'] ) ) { + EE::error( 'Username cannot be empty. See: --user' ); + return; + } // no random usernames allowed. + + $user = $assoc_args['user']; + $pass = $assoc_args['pass'] ?? EE\Utils\random_password(); // if no password specified, use rand. + $show_updated_auth = $assoc_args['show-updated'] ?? false; // prints updated auth list. + + + // prepare data to be passed to create(). + $columns = array( + 'site_url' => 'default_admin_tools', + 'username' => $user, + 'password' => $pass, + ); + // Use create() with site_url='default_admin_tools'. + \EE\Model\Auth::create( $columns ); + + // Prepare and execute command to create updated htpasswd file. + EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); + + EE::success( 'Added auth to `admin-tools`' ); + EE::line( sprintf( 'Username: %s', $user ) ); + EE::line( sprintf( 'Password: %s', $pass ) ); + EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); + + if ( $show_updated_auth ) { + EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); + } + } /** * Cleans and Validate IP addresses @@ -873,51 +915,7 @@ public function list( $args, $assoc_args ) { } } } - - /** - * Helper function for ee auth create admin-tools - * Creates auth for `default_admin_tools` - * - * @param array $assoc_argsassoc arguments passed to ee auth create - * - * @return void - */ - private function admin_tools_create_auth( $assoc_args ) { - verify_htpasswd_is_present(); - - if ( empty( $assoc_args['user'] ) ) { - EE::error( 'Username cannot be empty. See: --user' ); - return; - } // no random usernames allowed. - - $user = $assoc_args['user']; - $pass = $assoc_args['pass'] ?? EE\Utils\random_password(); // if no password specified, use rand. - $show_updated_auth = $assoc_args['show-updated'] ?? false; // prints updated auth list. - - - // prepare data to be passed to create(). - $columns = array( - 'site_url' => 'default_admin_tools', - 'username' => $user, - 'password' => $pass, - ); - // Use create() with site_url='default_admin_tools'. - \EE\Model\Auth::create( $columns ); - - // Prepare and execute command to create updated htpasswd file. - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); - - EE::success( 'Added auth to `admin-tools`' ); - EE::line( sprintf( 'Username: %s', $user ) ); - EE::line( sprintf( 'Password: %s', $pass ) ); - EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); - - if ( $show_updated_auth ) { - EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); - } - } - /** * Helper function for ee auth list admin-tools. * Prints all the auths on site_name=default_admin_tools. From 689f023070878f0d2aca636d39fefaf2c1190334 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Sat, 18 Sep 2021 02:28:56 +0530 Subject: [PATCH 09/27] Add update functionality; fix issue with multiple admin-tool auths --- src/Auth_Command.php | 116 ++++++++++++++++++++++++++++--------------- 1 file changed, 77 insertions(+), 39 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 9a05616..f745138 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -58,7 +58,7 @@ public function __construct() { * * [--ip=] * : IP to whitelist. - * + * * [--show-updated] * : Shows updated `admin-tools` auth if site-name == admin-tools. * @@ -173,17 +173,18 @@ public function all_sites( $args, $assoc_args ) { * * @return void */ - private function admin_tools_create_auth( $assoc_args ) { + private function admin_tools_create_auth( $assoc_args ) { verify_htpasswd_is_present(); - - if ( empty( $assoc_args['user'] ) ) { - EE::error( 'Username cannot be empty. See: --user' ); + + $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); + + if ( ! $user ) { + EE::error( 'Please provide auth user with --user flag' ); return; } // no random usernames allowed. - $user = $assoc_args['user']; - $pass = $assoc_args['pass'] ?? EE\Utils\random_password(); // if no password specified, use rand. - $show_updated_auth = $assoc_args['show-updated'] ?? false; // prints updated auth list. + $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); + $show_updated_auth = EE\Utils\get_flag_value( $assoc_args, 'show-updated', false ); // prints updated auth list. // prepare data to be passed to create(). @@ -202,9 +203,9 @@ private function admin_tools_create_auth( $assoc_args ) { EE::success( 'Added auth to `admin-tools`' ); EE::line( sprintf( 'Username: %s', $user ) ); EE::line( sprintf( 'Password: %s', $pass ) ); - EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); - + if ( $show_updated_auth ) { + EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); } } @@ -270,6 +271,15 @@ private function create_auth( array $assoc_args, bool $global, string $site_url $admin_tools_auth = Auth::get_global_admin_tools_auth(); EE::warning( $site_url ); + + /** + * @todo + * This is hard-coded. + * This changes the first auth of `admin-tools` to `default`. + * Hence, breaking the functionality of `list` command. + * + * IMO, `global` and `admin-tools` should have a distinct scope. + */ if ( 'default' === $site_url && ! empty( $admin_tools_auth ) ) { $admin_tools_auth[0]->site_url = 'default'; $admin_tools_auth[0]->save(); @@ -372,38 +382,40 @@ private function regen_admin_tools_auth() { */ private function generate_global_auth_files() { - $global_admin_tools_auth = Auth::get_global_admin_tools_auth(); + $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); - if ( ! empty( $global_admin_tools_auth ) ) { - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $global_admin_tools_auth->username, $global_admin_tools_auth->password ) ); - } else { - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); - $auths = Auth::get_global_auths(); - - if ( empty( $auths ) ) { - $this->regen_admin_tools_auth(); + foreach ( $global_admin_tools_auths as $global_admin_tools_auth ) { + if ( ! empty( $global_admin_tools_auth ) ) { + EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $global_admin_tools_auth->username, $global_admin_tools_auth->password ) ); } else { - foreach ( $auths as $key => $auth ) { - $flags = 'b'; - - if ( 0 === $key ) { - $flags = 'bc'; + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); + $auths = Auth::get_global_auths(); + + if ( empty( $auths ) ) { + $this->regen_admin_tools_auth(); + } else { + foreach ( $auths as $key => $auth ) { + $flags = 'b'; + + if ( 0 === $key ) { + $flags = 'bc'; + } + + EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); } - - EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); } - } - - $sites = array_unique( - array_column( - Auth::all( array( 'site_url' ) ), - 'site_url' - ) - ); - - foreach ( $sites as $site ) { - $this->generate_site_auth_files( $site ); + + $sites = array_unique( + array_column( + Auth::all( array( 'site_url' ) ), + 'site_url' + ) + ); + + foreach ( $sites as $site ) { + $this->generate_site_auth_files( $site ); + } } } } @@ -533,9 +545,13 @@ private function put_ips_to_file( string $file, array $ips ) { * $ ee auth update global --ip=8.8.8.8,1.1.1.1 */ public function update( $args, $assoc_args ) { - verify_htpasswd_is_present(); + if ( ! empty( $args[0] ) && 'admin-tools' === $args[0] ) { + $this->admin_tools_update_auth( $assoc_args ); + return; + } + $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ips = EE\Utils\get_flag_value( $assoc_args, 'ip' ); @@ -547,6 +563,28 @@ public function update( $args, $assoc_args ) { } } + private function admin_tools_update_auth( $assoc_args ) { + $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); + + if ( !$user ) { + EE::error( 'Please provide auth user with --user flag' ); + } + + $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); // user a random password if no password is supplied. + + // get all the current occurences of the username. + $auths = $this->get_auths( 'default_admin_tools', $user ); + + foreach( $auths as $auth ) { + $auth->password = $pass; + $auth->save(); + } // update each occurence of the username with a new + + $this->generate_global_auth_files(); // renew htpasswd file. + + EE::success( sprintf( 'Auth for %s successfully updated.', $user, $pass ) ); + } + /** * Update whitelist IPs * From d476d1f89af5cc53581e4bd0b9dbf99feae4b511 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Sat, 18 Sep 2021 02:37:36 +0530 Subject: [PATCH 10/27] Fix documentation; add output messages --- src/Auth_Command.php | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index f745138..bfbb65f 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -562,7 +562,15 @@ public function update( $args, $assoc_args ) { $this->update_auth( $assoc_args, $site_url ); } } - + + /** + * Helper function for ee auth update admin-tools. + * Updates existing auths for admin-tools based on --user. + * + * @param array $assoc_args assoc arguments passed from the function. + * + * @return void + */ private function admin_tools_update_auth( $assoc_args ) { $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); @@ -583,6 +591,11 @@ private function admin_tools_update_auth( $assoc_args ) { $this->generate_global_auth_files(); // renew htpasswd file. EE::success( sprintf( 'Auth for %s successfully updated.', $user, $pass ) ); + + EE::line( 'Updated details:' ); + $auth = $this->get_auths( 'default_admin_tools', $user, false ); + $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); + $formatter->display_items( $auths ); } /** From cf037f990b15ce817e4df6a81af55da36c25a2b9 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Sat, 18 Sep 2021 02:49:21 +0530 Subject: [PATCH 11/27] Add delete function --- src/Auth_Command.php | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index bfbb65f..68c1e17 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -757,6 +757,9 @@ public function delete( $args, $assoc_args ) { if ( 'all-sites' === $args[0] ) { $this->delete_all( $assoc_args ); return; + } elseif ( 'admin-tools' ) { + $this->admin_tools_delete_auth( $assoc_args ); + return; } $global = $this->populate_info( $args, __FUNCTION__ ); @@ -886,6 +889,29 @@ private function delete_all( $assoc_args ) { } } + private function admin_tools_delete_auth( $assoc_args ) { + $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); + + if ( ! $user ) { + EE::error( 'Please provide auth user with --user flag' ); + return; + } + + $auth_match = Auth::where( array( + 'site_url' => 'default_admin_tools', + 'username' => $user, + ) ); + + if ( empty( $auth_match ) ) { + EE::error( sprintf( 'No matching auths on `admin-tools` for %s', $user ) ); + return; + } + + EE::confirm( sprintf( 'Do you want to delete auth for `%s` on `admin-tools`? This action is IRREVERSIBLE.', $user ) ); + + var_dump( $auth_match ); + } + /** * Lists http authentication users of a site. * From b96b021399524fd03d1d9572b6362b2b7055f3d7 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Mon, 20 Sep 2021 15:08:41 +0530 Subject: [PATCH 12/27] Add delete function; change generate_global_auth_files logic --- src/Auth_Command.php | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 68c1e17..df0f522 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -378,12 +378,18 @@ private function regen_admin_tools_auth() { /** * Generates auth files for global auth and all sites. * + * @param bool $clean_admin_auths syncs the auth_user table with htpasswd file (default: false). * @throws Exception */ - private function generate_global_auth_files() { + private function generate_global_auth_files( $clean_admin_auths = false ) { $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); + if ( $clean_admin_auths ) { + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); + EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); + } + foreach ( $global_admin_tools_auths as $global_admin_tools_auth ) { if ( ! empty( $global_admin_tools_auth ) ) { EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $global_admin_tools_auth->username, $global_admin_tools_auth->password ) ); @@ -909,7 +915,14 @@ private function admin_tools_delete_auth( $assoc_args ) { EE::confirm( sprintf( 'Do you want to delete auth for `%s` on `admin-tools`? This action is IRREVERSIBLE.', $user ) ); - var_dump( $auth_match ); + $auth_match[0]->delete(); + + $this->generate_global_auth_files( true ); + + $success_message = sprintf( 'Deleted `%s` on admin-tools.', $user ); + EE::success( $success_message ); + EE::log( 'Reloading global reverse proxy.' ); + reload_global_nginx_proxy(); } /** From 42820a537b0f04562ca79fb70b62221db5e24e57 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Mon, 20 Sep 2021 17:37:42 +0530 Subject: [PATCH 13/27] Fix PHPCS issues; remove comments; add docs --- src/Auth_Command.php | 90 +++++++++++++++++++++++++------------------- 1 file changed, 51 insertions(+), 39 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index df0f522..5af6e40 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -17,14 +17,15 @@ use EE\Model\Auth; use EE\Model\Whitelist; use EE\Model\Site; -use EE\Model\Option; use Symfony\Component\Filesystem\Filesystem; use function EE\Auth\Utils\verify_htpasswd_is_present; use function EE\Site\Utils\auto_site_name; use function EE\Site\Utils\get_site_info; use function EE\Site\Utils\reload_global_nginx_proxy; -// use function EE\Service\Utils\ensure_global_network_initialized; +/** + * Class Auth_Command + */ class Auth_Command extends EE_Command { /** @@ -48,7 +49,7 @@ public function __construct() { * ## OPTIONS * * [] - * : Name of website / `global` for global scope / 'admin-tools' for admin-tools. + * : Name of website / `global` for global scope / 'admin-tools' for default_admin_tools. * * [--user=] * : Username for http auth. @@ -60,7 +61,7 @@ public function __construct() { * : IP to whitelist. * * [--show-updated] - * : Shows updated `admin-tools` auth if site-name == admin-tools. + * : Shows updated `admin-tools` auth (if site-name == admin-tools). * * ## EXAMPLES * @@ -76,6 +77,12 @@ public function __construct() { * # Add auth on site with default username and random password * $ ee auth create example.com --pass=password * + * # Add auth on admin-tools with username and random password + * $ ee auth create admin-tools --user=test + * + * # Add auth on admin-tools with username and password + * $ ee auth create admin-tools --user=password + * * # Whitelist IP on site * $ ee auth create example.com --ip=8.8.8.8,1.1.1.1 * @@ -103,7 +110,7 @@ public function create( $args, $assoc_args ) { } /** - * Creates http authentication for all the available. + * Creates http authentication for all the available sites. * * ## OPTIONS * @@ -153,23 +160,20 @@ public function all_sites( $args, $assoc_args ) { if ( ! empty( $existing_auths ) && $ignore_existing ) { $silent ? '' : EE::warning( sprintf( '`%1$s` already exists on `%2$s`. Ignoring...', $user, $site->site_url ) ); - $silent ? '' : EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); continue; } $silent ? '' : EE::line( sprintf( 'Adding auth to %s', $site->site_url ) ); $this->create_auth( $assoc_args, 'default', $site->site_url ); - - $silent ? '' : EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); } } /** - * Helper function for ee auth create admin-tools + * Helper function for `ee auth create admin-tools` * Creates auth for `default_admin_tools` * - * @param array $assoc_argsassoc arguments passed to ee auth create + * @param array $assoc_argsassoc arguments passed to ee auth create. * * @return void */ @@ -205,7 +209,6 @@ private function admin_tools_create_auth( $assoc_args ) { EE::line( sprintf( 'Password: %s', $pass ) ); if ( $show_updated_auth ) { - EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); } } @@ -272,14 +275,6 @@ private function create_auth( array $assoc_args, bool $global, string $site_url $admin_tools_auth = Auth::get_global_admin_tools_auth(); EE::warning( $site_url ); - /** - * @todo - * This is hard-coded. - * This changes the first auth of `admin-tools` to `default`. - * Hence, breaking the functionality of `list` command. - * - * IMO, `global` and `admin-tools` should have a distinct scope. - */ if ( 'default' === $site_url && ! empty( $admin_tools_auth ) ) { $admin_tools_auth[0]->site_url = 'default'; $admin_tools_auth[0]->save(); @@ -388,7 +383,7 @@ private function generate_global_auth_files( $clean_admin_auths = false ) { if ( $clean_admin_auths ) { $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); - } + } // Clean the existing `admin-tools` auth for proper synchronization. foreach ( $global_admin_tools_auths as $global_admin_tools_auth ) { if ( ! empty( $global_admin_tools_auth ) ) { @@ -525,7 +520,7 @@ private function put_ips_to_file( string $file, array $ips ) { * ## OPTIONS * * [] - * : Name of website / `global` for global auth. + * : Name of website / `global` for global auth / `admin-tools` for default_admin_tools. * * [--user=] * : Username for http auth. @@ -543,6 +538,12 @@ private function put_ips_to_file( string $file, array $ips ) { * * # Update auth password on site with predefined username and password * $ ee auth update example.com --user=test --pass=password + * + * # Update auth password on admin-tools auth with username and random password + * $ ee auth update admin-tools --user=test + * + * # Update auth password on admin-tools with predefined username and password + * $ ee auth update admin-tools --user=test --pass=password * * # Update whitelisted IPs on site * $ ee auth update example.com --ip=8.8.8.8,1.1.1.1 @@ -570,8 +571,8 @@ public function update( $args, $assoc_args ) { } /** - * Helper function for ee auth update admin-tools. - * Updates existing auths for admin-tools based on --user. + * Helper function for `ee auth update admin-tools` + * Updates existing auths of admin-tools based for a user * * @param array $assoc_args assoc arguments passed from the function. * @@ -584,17 +585,16 @@ private function admin_tools_update_auth( $assoc_args ) { EE::error( 'Please provide auth user with --user flag' ); } - $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); // user a random password if no password is supplied. + $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); // Use a random password if no password is supplied. - // get all the current occurences of the username. - $auths = $this->get_auths( 'default_admin_tools', $user ); + $auths = $this->get_auths( 'default_admin_tools', $user ); // Get all the current occurences of the username. foreach( $auths as $auth ) { $auth->password = $pass; $auth->save(); - } // update each occurence of the username with a new + } // Update each occurence of the username with a newer one. - $this->generate_global_auth_files(); // renew htpasswd file. + $this->generate_global_auth_files(); // Renew htpasswd file. EE::success( sprintf( 'Auth for %s successfully updated.', $user, $pass ) ); @@ -722,7 +722,7 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * ## OPTIONS * * [] - * : Name of website / `global` for global scope. + * : Name of website / `global` for global scope / `admin-tools` for default_admin_tools. * * [] * : Delete authentication on all sites. @@ -746,6 +746,9 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * * # Remove global auth on all sites (but not admin tools) with default username(easyengine) * $ ee auth delete global + * + * # Remove auth on `admin-tools` with custom username + * $ ee auth delete admin-tools --user=test * * # Remove specific whitelisted IPs on site * $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 @@ -891,17 +894,24 @@ private function delete_all( $assoc_args ) { $this->delete( $args, $assoc_args ); EE::line( sprintf( 'Deleted authentication on %1$s', $site->site_url ) ); - EE::line( '+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+' ); } } - + + /** + * Helper function for `ee auth delete admin-tools --user` + * Deletes `admin-tools` user with a pre-defined username + * + * @param array $assoc_args Assoc arguments passed via the CLI. + * + * @return void + */ private function admin_tools_delete_auth( $assoc_args ) { $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); if ( ! $user ) { EE::error( 'Please provide auth user with --user flag' ); return; - } + } // Output an error if no username is supplied. $auth_match = Auth::where( array( 'site_url' => 'default_admin_tools', @@ -911,13 +921,13 @@ private function admin_tools_delete_auth( $assoc_args ) { if ( empty( $auth_match ) ) { EE::error( sprintf( 'No matching auths on `admin-tools` for %s', $user ) ); return; - } + } // Output an error if no matching auth records are found. EE::confirm( sprintf( 'Do you want to delete auth for `%s` on `admin-tools`? This action is IRREVERSIBLE.', $user ) ); - $auth_match[0]->delete(); + $auth_match[0]->delete(); // Delete the record from `auth_users`. - $this->generate_global_auth_files( true ); + $this->generate_global_auth_files( true ); // Renew the htpasswd file. $success_message = sprintf( 'Deleted `%s` on admin-tools.', $user ); EE::success( $success_message ); @@ -931,7 +941,7 @@ private function admin_tools_delete_auth( $assoc_args ) { * ## OPTIONS * * [] - * : Name of website / `global` for global scope / 'admin-tools' for admin tool auths only. + * : Name of website / `global` for global scope / 'admin-tools' for default_admin_tools. * * [--ip] * : Show whitelisted IPs of site. @@ -955,6 +965,9 @@ private function admin_tools_delete_auth( $assoc_args ) { * * # List all global auth * $ ee auth list global + * + * # List all admin-tools auth + * $ ee auth list admin-tools */ public function list( $args, $assoc_args ) { if ( ! empty( $args[0]) && 'admin-tools' === $args[0] ) { @@ -1007,8 +1020,8 @@ public function list( $args, $assoc_args ) { } /** - * Helper function for ee auth list admin-tools. - * Prints all the auths on site_name=default_admin_tools. + * Helper function for ee auth list admin-tools + * Prints all the auths on site_name=default_admin_tools * * @return void */ @@ -1027,4 +1040,3 @@ private function admin_tools_list_auth() { } } } - From 89aaca2c0c1ee2b2a0f85968ad7d5fc84b9b3c28 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Mon, 20 Sep 2021 21:09:27 +0530 Subject: [PATCH 14/27] Fix unused methods; fix docs --- README.md | 73 ++++++++---------------- src/Auth_Command.php | 130 +++---------------------------------------- 2 files changed, 30 insertions(+), 173 deletions(-) diff --git a/README.md b/README.md index 8b7d7a0..2879c76 100644 --- a/README.md +++ b/README.md @@ -27,17 +27,11 @@ ee auth # Delete auth from a site $ ee auth delete example.com --user=test - # Add auth to all sites - $ ee auth all-sites --user=test --pass=test + # Add auth to admin-tools + $ ee auth create admin-tools --user=test --pass=test - # Delete auth from all sites - $ ee auth delete all-sites - - # Delete auth from all sites with username - $ ee auth delete all-sites --user=test - - # Delete auth from all sites with username and password - $ ee auth delete all-sites --user=test --pass=test + # Delete auth from admin-tools + $ ee auth delete admin-tools --user=test @@ -52,7 +46,7 @@ ee auth create [] [--user=] [--pass=] [--ip=] **OPTIONS** [] - Name of website / `global` for global scope. + Name of website / `global` for global scope / `admin-tools` for admin-tools. [--user=] Username for http auth. @@ -77,6 +71,12 @@ ee auth create [] [--user=] [--pass=] [--ip=] # Add auth on site with default username and random password $ ee auth create example.com --pass=password + # Add auth on admin-tools with predefined username and random password + $ ee auth create admin-tools --user=test + + # Add auth on admin-tools with predefined username and password + $ ee auth create admin-tools --user=test -pass=password + # Whitelist IP on site $ ee auth create example.com --ip=8.8.8.8,1.1.1.1 @@ -84,50 +84,23 @@ ee auth create [] [--user=] [--pass=] [--ip=] $ ee auth create global --ip=8.8.8.8,1.1.1.1 -### ee auth all-sites - -Creates http authentication for all available sites. - -~~~ -ee auth all-sites [--user=] [--pass=] -~~~ - -**OPTIONS** - - [--user=] - Username for http auth. - - [--pass=] - Password for http auth. - -**EXAMPLES** - - # Add auth on all sites with username and password - $ ee auth all-sites --user=test --pass=test - ### ee auth delete Deletes http authentication for a site. Default: removes http authentication from site. If `--user` is passed it removes that specific user. ~~~ -ee auth delete [/] [--user=] [--pass=] [--ip] +ee auth delete [] [--user=] [--pass=] [--ip] ~~~ **OPTIONS** [] - Name of website / `global` for global scope. - - [] - Delete auth from all sites available. + Name of website / `global` for global scope / `admin-tools` for admin-tools. [--user=] Username that needs to be deleted. - [--user=] - Password that needs to be matched while using all-sites. - [--ip] IP to remove. Default removes all. @@ -142,14 +115,8 @@ ee auth delete [/] [--user=] [--pass=] [--ip] # Remove global auth on all sites (but not admin tools) with default username(easyengine) $ ee auth delete global - # Remove auth on all sites (but not admin tools) - $ ee auth delete all-sites - - # Remove auth on all sites (but not admin tools) with username - $ ee auth delete all-sites --user=test - - # Remove auth on all sites (but not admin tools) with username and password - $ ee auth delete all-sites --user=test --pass=test + # Remove auth on admin-tools with specific username + $ ee auth delete admin-tools --user=test # Remove specific whitelisted IPs on site $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 @@ -173,7 +140,7 @@ ee auth list [] [--ip] [--format=] **OPTIONS** [] - Name of website / `global` for global scope. + Name of website / `global` for global scope / `admin-tools` for admin-tools. [--ip] Show whitelisted IPs of site. @@ -198,6 +165,9 @@ ee auth list [] [--ip] [--format=] # List all global auth $ ee auth list global + # List all admin-tools auth + $ ee auth list admin-tools + ### ee auth update @@ -211,7 +181,7 @@ ee auth update [] [--user=] [--pass=] [--ip=] **OPTIONS** [] - Name of website / `global` for global auth. + Name of website / `global` for global auth / `admin-tools` for admin-tools. [--user=] Username for http auth. @@ -230,6 +200,9 @@ ee auth update [] [--user=] [--pass=] [--ip=] # Update auth password on site with predefined username and password $ ee auth update example.com --user=test --pass=password + # Update auth password on admin-tools with predefined username and password + $ ee auth update admin-tools --user=test --password=password + # Update whitelisted IPs on site $ ee auth update example.com --ip=8.8.8.8,1.1.1.1 diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 5af6e40..5657adc 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -49,7 +49,7 @@ public function __construct() { * ## OPTIONS * * [] - * : Name of website / `global` for global scope / 'admin-tools' for default_admin_tools. + * : Name of website / `global` for global scope / 'admin-tools' for admin-tools. * * [--user=] * : Username for http auth. @@ -109,69 +109,9 @@ public function create( $args, $assoc_args ) { } } - /** - * Creates http authentication for all the available sites. - * - * ## OPTIONS - * - * [--user=] - * : Username for http auth. - * - * [--pass=] - * : Password for http auth. - * - * [--ignore-existing] - * : Ignores the sites which already have the user added. - * - * [--silent] - * : Does not make a fuss. - * - * ## EXAMPLES - * - * # Add auth on all sites with predefined username and password - * $ ee auth all-sites --user=test --pass=password - * - * @subcommand all-sites - */ - public function all_sites( $args, $assoc_args ) { - verify_htpasswd_is_present(); - - $user = \EE\Utils\get_flag_value( $assoc_args, 'user' ); - $passwd = \EE\Utils\get_flag_value( $assoc_args, 'pass' ); - $ignore_existing = \EE\Utils\get_flag_value( $assoc_args, 'ignore-existing' ); - $silent = \EE\Utils\get_flag_value( $assoc_args, 'silent' ); - - // check if username and password is set. - if ( empty( $user ) || empty( $passwd ) ) { - EE::error( 'Invalid usage. Correct usage: ee auth all_sites --user --pass' ); - return; - } - - $sites = Site::all(); - - // run through all the available sites. - foreach ( $sites as $site ) { - $query_conditions = array( - 'site_url' => $site->site_url, - 'username' => $user, - ); - - $existing_auths = Auth::where( $query_conditions ); - - if ( ! empty( $existing_auths ) && $ignore_existing ) { - $silent ? '' : EE::warning( sprintf( '`%1$s` already exists on `%2$s`. Ignoring...', $user, $site->site_url ) ); - continue; - } - - $silent ? '' : EE::line( sprintf( 'Adding auth to %s', $site->site_url ) ); - - $this->create_auth( $assoc_args, 'default', $site->site_url ); - } - } - /** * Helper function for `ee auth create admin-tools` - * Creates auth for `default_admin_tools` + * Creates auth for `admin-tools` * * @param array $assoc_argsassoc arguments passed to ee auth create. * @@ -520,7 +460,7 @@ private function put_ips_to_file( string $file, array $ips ) { * ## OPTIONS * * [] - * : Name of website / `global` for global auth / `admin-tools` for default_admin_tools. + * : Name of website / `global` for global auth / `admin-tools` for admin-tools. * * [--user=] * : Username for http auth. @@ -722,10 +662,7 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * ## OPTIONS * * [] - * : Name of website / `global` for global scope / `admin-tools` for default_admin_tools. - * - * [] - * : Delete authentication on all sites. + * : Name of website / `global` for global scope / `admin-tools` for admin-tools. * * [--user=] * : Username that needs to be deleted. @@ -763,10 +700,7 @@ public function delete( $args, $assoc_args ) { verify_htpasswd_is_present(); - if ( 'all-sites' === $args[0] ) { - $this->delete_all( $assoc_args ); - return; - } elseif ( 'admin-tools' ) { + if ( 'admin-tools' ) { $this->admin_tools_delete_auth( $assoc_args ); return; } @@ -847,56 +781,6 @@ public function delete( $args, $assoc_args ) { } } - /** - * Deletes authentication on all the sites (matching a criteria) - * - * @param array $assoc_args associated arguments passed form the CLI. - * - * @return void - */ - private function delete_all( $assoc_args ) { - $args = array(); - - if ( ! empty( $assoc_args['user'] ) ) { - $args['username'] = $assoc_args['user']; - } - - if ( ! empty( $assoc_args['pass'] ) && ! empty( $assoc_args['user'] ) ) { - $args['password'] = $assoc_args['pass']; - } else { - EE::error( 'Incorrect usage. Please supply the username using --user' ); - } - - EE::confirm( 'This action will delete authentication on all the sites. Do you wish to continue?' ); - - if ( ! empty( $args ) ) { - $sites = Auth::where( $args ); - } else { - $sites = Auth::all(); - } - - if ( empty( $sites ) ) { - $optional_text = ( ! empty( $assoc_args['pass'] ) ) ? sprintf( 'and password `%s`', $assoc_args['pass'] ) : ''; - empty( $args ) ? EE::error( 'No sites found' ) : EE::error( sprintf( 'No sites auth with username `%1$s` %2$s', $assoc_args['user'], $optional_text ) ); - return; - } - - foreach ( $sites as $site ) { - if ( 'default_admin_tools' === $site->site_url ) { - continue; - } - - $args = array( $site->site_url ); - - $assoc_args = array( - 'user' => $site->username, - ); - - $this->delete( $args, $assoc_args ); - EE::line( sprintf( 'Deleted authentication on %1$s', $site->site_url ) ); - } - } - /** * Helper function for `ee auth delete admin-tools --user` * Deletes `admin-tools` user with a pre-defined username @@ -941,7 +825,7 @@ private function admin_tools_delete_auth( $assoc_args ) { * ## OPTIONS * * [] - * : Name of website / `global` for global scope / 'admin-tools' for default_admin_tools. + * : Name of website / `global` for global scope / 'admin-tools' for admin-tools. * * [--ip] * : Show whitelisted IPs of site. @@ -1021,7 +905,7 @@ public function list( $args, $assoc_args ) { /** * Helper function for ee auth list admin-tools - * Prints all the auths on site_name=default_admin_tools + * Prints all the auths on `admin-tools` * * @return void */ From 2a98cc2ec27ac378aaf37af14dad7dcde9739eab Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Mon, 20 Sep 2021 21:10:57 +0530 Subject: [PATCH 15/27] Fix docs --- README.md | 2 +- src/Auth_Command.php | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/README.md b/README.md index 2879c76..36ea706 100644 --- a/README.md +++ b/README.md @@ -90,7 +90,7 @@ ee auth create [] [--user=] [--pass=] [--ip=] Deletes http authentication for a site. Default: removes http authentication from site. If `--user` is passed it removes that specific user. ~~~ -ee auth delete [] [--user=] [--pass=] [--ip] +ee auth delete [] [--user=] [--ip] ~~~ **OPTIONS** diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 5657adc..7493ecf 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -667,9 +667,6 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * [--user=] * : Username that needs to be deleted. * - * [--pass=] - * : Username with this password that needs to be deleted. - * * [--ip] * : IP to remove. Default removes all. * From 67432d6b675b5306dfcde819394be2a59006e142 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Mon, 20 Sep 2021 21:11:46 +0530 Subject: [PATCH 16/27] Add newline at EOF --- auth-command.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/auth-command.php b/auth-command.php index e055edf..aa0a8cc 100644 --- a/auth-command.php +++ b/auth-command.php @@ -9,4 +9,4 @@ require_once $autoload; } -EE::add_command( 'auth', 'Auth_Command' ); \ No newline at end of file +EE::add_command( 'auth', 'Auth_Command' ); From 3d900e800f6525f75dd9f3c07f4abd45027f6235 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 00:18:08 +0530 Subject: [PATCH 17/27] Modify populate_info(); Change logic Earlier, we used admin_tools_create_auth() to create auth specifically for default_admin_tools it created a lot of redundant code. We are able to replicate the same by adding an else if {} in populate_info() method. --- src/Auth_Command.php | 53 ++++---------------------------------------- 1 file changed, 4 insertions(+), 49 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 7493ecf..fda3be2 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -93,11 +93,6 @@ public function create( $args, $assoc_args ) { verify_htpasswd_is_present(); - if ( 'admin-tools' === $args[0] ) { - $this->admin_tools_create_auth( $assoc_args ); - return; - } - $global = $this->populate_info( $args, __FUNCTION__ ); $ips = \EE\Utils\get_flag_value( $assoc_args, 'ip' ); $site_url = $global ? 'default' : $this->site_data->site_url; @@ -109,50 +104,6 @@ public function create( $args, $assoc_args ) { } } - /** - * Helper function for `ee auth create admin-tools` - * Creates auth for `admin-tools` - * - * @param array $assoc_argsassoc arguments passed to ee auth create. - * - * @return void - */ - private function admin_tools_create_auth( $assoc_args ) { - verify_htpasswd_is_present(); - - $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); - - if ( ! $user ) { - EE::error( 'Please provide auth user with --user flag' ); - return; - } // no random usernames allowed. - - $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); - $show_updated_auth = EE\Utils\get_flag_value( $assoc_args, 'show-updated', false ); // prints updated auth list. - - - // prepare data to be passed to create(). - $columns = array( - 'site_url' => 'default_admin_tools', - 'username' => $user, - 'password' => $pass, - ); - - // Use create() with site_url='default_admin_tools'. - \EE\Model\Auth::create( $columns ); - - // Prepare and execute command to create updated htpasswd file. - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $user, $pass ) ); - - EE::success( 'Added auth to `admin-tools`' ); - EE::line( sprintf( 'Username: %s', $user ) ); - EE::line( sprintf( 'Password: %s', $pass ) ); - - if ( $show_updated_auth ) { - EE::run_command( array( 'auth', 'list', 'admin-tools' ) ); - } - } - /** * Cleans and Validate IP addresses * Converts input separated by comma, spaces and new-lines in array @@ -286,6 +237,10 @@ private function populate_info( $args, $command ) { 'site_url' => $args[0], ); $global = true; + } else if ( isset( $args[0] ) && 'admin-tools' === $args[0] ) { + $this->site_data = (object) array( + 'site_url' => 'default_admin_tools', + ); } else { $args = auto_site_name( $args, 'auth', $command ); $this->site_data = get_site_info( $args, true, true, false ); From 65c170e261d117da47125273a2cc5c5ffa03e820 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 02:10:44 +0530 Subject: [PATCH 18/27] Fix logic; Remove unused code Remove all admin_tools_ prefixed functions. Functionality was replaced by modifying populate_info() method. --- src/Auth_Command.php | 121 +++---------------------------------------- 1 file changed, 6 insertions(+), 115 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index fda3be2..42bf1d5 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -164,7 +164,7 @@ private function create_auth( array $assoc_args, bool $global, string $site_url } $admin_tools_auth = Auth::get_global_admin_tools_auth(); - EE::warning( $site_url ); + EE::warning( sprintf( 'Creating auth on site_url: %s', $site_url ) ); if ( 'default' === $site_url && ! empty( $admin_tools_auth ) ) { $admin_tools_auth[0]->site_url = 'default'; @@ -179,13 +179,12 @@ private function create_auth( array $assoc_args, bool $global, string $site_url $this->generate_site_auth_files( $site_url ); } - EE::log( 'Reloading global reverse proxy.' ); - reload_global_nginx_proxy(); - EE::success( sprintf( 'Auth successfully updated for `%s` scope. New values added:', $site_url ) ); EE::line( 'User: ' . $user ); EE::line( 'Pass: ' . $pass ); + EE::log( 'Reloading global reverse proxy.' ); + reload_global_nginx_proxy(); } /** @@ -449,11 +448,6 @@ private function put_ips_to_file( string $file, array $ips ) { public function update( $args, $assoc_args ) { verify_htpasswd_is_present(); - if ( ! empty( $args[0] ) && 'admin-tools' === $args[0] ) { - $this->admin_tools_update_auth( $assoc_args ); - return; - } - $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ips = EE\Utils\get_flag_value( $assoc_args, 'ip' ); @@ -465,40 +459,6 @@ public function update( $args, $assoc_args ) { } } - /** - * Helper function for `ee auth update admin-tools` - * Updates existing auths of admin-tools based for a user - * - * @param array $assoc_args assoc arguments passed from the function. - * - * @return void - */ - private function admin_tools_update_auth( $assoc_args ) { - $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); - - if ( !$user ) { - EE::error( 'Please provide auth user with --user flag' ); - } - - $pass = EE\Utils\get_flag_value( $assoc_args, 'pass', EE\Utils\random_password() ); // Use a random password if no password is supplied. - - $auths = $this->get_auths( 'default_admin_tools', $user ); // Get all the current occurences of the username. - - foreach( $auths as $auth ) { - $auth->password = $pass; - $auth->save(); - } // Update each occurence of the username with a newer one. - - $this->generate_global_auth_files(); // Renew htpasswd file. - - EE::success( sprintf( 'Auth for %s successfully updated.', $user, $pass ) ); - - EE::line( 'Updated details:' ); - $auth = $this->get_auths( 'default_admin_tools', $user, false ); - $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); - $formatter->display_items( $auths ); - } - /** * Update whitelist IPs * @@ -649,14 +609,8 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * $ ee auth delete global --ip=1.1.1.1 */ public function delete( $args, $assoc_args ) { - verify_htpasswd_is_present(); - if ( 'admin-tools' ) { - $this->admin_tools_delete_auth( $assoc_args ); - return; - } - $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ip = EE\Utils\get_flag_value( $assoc_args, 'ip' ); @@ -733,44 +687,6 @@ public function delete( $args, $assoc_args ) { } } - /** - * Helper function for `ee auth delete admin-tools --user` - * Deletes `admin-tools` user with a pre-defined username - * - * @param array $assoc_args Assoc arguments passed via the CLI. - * - * @return void - */ - private function admin_tools_delete_auth( $assoc_args ) { - $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); - - if ( ! $user ) { - EE::error( 'Please provide auth user with --user flag' ); - return; - } // Output an error if no username is supplied. - - $auth_match = Auth::where( array( - 'site_url' => 'default_admin_tools', - 'username' => $user, - ) ); - - if ( empty( $auth_match ) ) { - EE::error( sprintf( 'No matching auths on `admin-tools` for %s', $user ) ); - return; - } // Output an error if no matching auth records are found. - - EE::confirm( sprintf( 'Do you want to delete auth for `%s` on `admin-tools`? This action is IRREVERSIBLE.', $user ) ); - - $auth_match[0]->delete(); // Delete the record from `auth_users`. - - $this->generate_global_auth_files( true ); // Renew the htpasswd file. - - $success_message = sprintf( 'Deleted `%s` on admin-tools.', $user ); - EE::success( $success_message ); - EE::log( 'Reloading global reverse proxy.' ); - reload_global_nginx_proxy(); - } - /** * Lists http authentication users of a site. * @@ -806,11 +722,6 @@ private function admin_tools_delete_auth( $assoc_args ) { * $ ee auth list admin-tools */ public function list( $args, $assoc_args ) { - if ( ! empty( $args[0]) && 'admin-tools' === $args[0] ) { - $this->admin_tools_list_auth(); - return; - } - $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ip = \EE\Utils\get_flag_value( $assoc_args, 'ip' ); @@ -833,7 +744,7 @@ public function list( $args, $assoc_args ) { EE::error( 'Auth does not exists on global.' ); } $format = \EE\Utils\get_flag_value( $assoc_args, 'format' ); - if ( 'table' === $format ) { + if ( 'table' === $format && 'admin-tools' !== $args[0] ) { $log_msg = $admin_tools_auth ? 'Following auth is applied only on admin-tools.' : 'Following global auth is enabled on server.'; } if ( 'default' !== $site_url ) { @@ -848,31 +759,11 @@ public function list( $args, $assoc_args ) { if ( ! empty( $log_msg ) ) { EE::log( PHP_EOL . $log_msg ); } - if ( ! empty( $auths_global ) ) { + // Only output global auths if admin-tools auths are not requested. + if ( ! empty( $auths_global ) && 'admin-tools' !== $args[0] ) { $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); $formatter->display_items( $auths_global ); } } } - - /** - * Helper function for ee auth list admin-tools - * Prints all the auths on `admin-tools` - * - * @return void - */ - private function admin_tools_list_auth() { - $auths = $this->get_auths( 'default_admin_tools', false, false ); - - if ( empty( $auths ) ) { - EE::warning( sprintf( 'Auth does not exists on `default_admin_tools`' ) ); - } else { - EE::line( 'Following auth exists on admin-tools (default_admin_tools):' ); - $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); - $formatter->display_items( $auths ); - } - if ( ! empty( $log_msg ) ) { - EE::log( PHP_EOL . $log_msg ); - } - } } From 58f95208753f696f4126bb090e100b86761514e6 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 02:42:27 +0530 Subject: [PATCH 19/27] Improve outputs on ee auth list --- src/Auth_Command.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 42bf1d5..4816434 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -743,23 +743,29 @@ public function list( $args, $assoc_args ) { if ( empty( $auths_global ) ) { EE::error( 'Auth does not exists on global.' ); } + $format = \EE\Utils\get_flag_value( $assoc_args, 'format' ); + if ( 'table' === $format && 'admin-tools' !== $args[0] ) { $log_msg = $admin_tools_auth ? 'Following auth is applied only on admin-tools.' : 'Following global auth is enabled on server.'; - } + } + if ( 'default' !== $site_url ) { $auths = $this->get_auths( $site_url, false, false ); if ( empty( $auths ) ) { EE::warning( sprintf( 'Auth does not exists on %s', $site_url ) ); } else { + $msg = sprintf( 'Following auth exists on `%s`.', ( 'admin-tools' !== $args[0] ? $site_url : 'admin-tools' ) ); + EE::line( $msg ); $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); $formatter->display_items( $auths ); } } - if ( ! empty( $log_msg ) ) { + + if ( ! empty( $log_msg ) && 'admin-tools' !== $args[0] ) { EE::log( PHP_EOL . $log_msg ); } - // Only output global auths if admin-tools auths are not requested. + // Only output global auths if admin-tools auths are not explicitly requested. if ( ! empty( $auths_global ) && 'admin-tools' !== $args[0] ) { $formatter = new EE\Formatter( $assoc_args, array( 'username', 'password' ) ); $formatter->display_items( $auths_global ); From 4481db4f496b882ae99ec4a73e2feb3af6002f19 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 02:52:03 +0530 Subject: [PATCH 20/27] Add confirmation message upon deletion; Add --y flag to delete --- src/Auth_Command.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 4816434..4cd335e 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -584,7 +584,10 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * * [--ip] * : IP to remove. Default removes all. - * + * + * [--y] + * : Do not ask for confirmation. + * * ## EXAMPLES * * # Remove auth on site and its admin tools with default username(easyengine) @@ -599,6 +602,9 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * # Remove auth on `admin-tools` with custom username * $ ee auth delete admin-tools --user=test * + * # Remove auth on `admin-tools` with custom username without asking for confirmation + * $ ee auth delete admin-tools --user=test --y + * * # Remove specific whitelisted IPs on site * $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 * @@ -614,11 +620,15 @@ public function delete( $args, $assoc_args ) { $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ip = EE\Utils\get_flag_value( $assoc_args, 'ip' ); + $no_conf = EE\Utils\get_flag_value( $assoc_args, 'y' ); if ( ! $ip ) { $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); $auths = $this->get_auths( $site_url, $user ); + $del_conf_msg = sprintf( 'Are you sure that you want to delete `%1$s` on `%2$s`?', $user, ( 'admin-tools' !== $args[0] ? $site_url : 'admin-tools' ) ); + $no_conf ? '' : EE::confirm( $del_conf_msg ); + foreach ( $auths as $auth ) { $auth->delete(); } From f83314da7637aca1352f71ff24836a9767d0050c Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 14:58:04 +0530 Subject: [PATCH 21/27] Replace --y with --yes --- src/Auth_Command.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 4cd335e..89173fd 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -585,7 +585,7 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * [--ip] * : IP to remove. Default removes all. * - * [--y] + * [--yes] * : Do not ask for confirmation. * * ## EXAMPLES @@ -603,7 +603,7 @@ private function get_auths( $site_url, $user, $error_if_empty = true ) { * $ ee auth delete admin-tools --user=test * * # Remove auth on `admin-tools` with custom username without asking for confirmation - * $ ee auth delete admin-tools --user=test --y + * $ ee auth delete admin-tools --user=test --yes * * # Remove specific whitelisted IPs on site * $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 @@ -620,14 +620,13 @@ public function delete( $args, $assoc_args ) { $global = $this->populate_info( $args, __FUNCTION__ ); $site_url = $global ? 'default' : $this->site_data->site_url; $ip = EE\Utils\get_flag_value( $assoc_args, 'ip' ); - $no_conf = EE\Utils\get_flag_value( $assoc_args, 'y' ); if ( ! $ip ) { $user = EE\Utils\get_flag_value( $assoc_args, 'user' ); $auths = $this->get_auths( $site_url, $user ); $del_conf_msg = sprintf( 'Are you sure that you want to delete `%1$s` on `%2$s`?', $user, ( 'admin-tools' !== $args[0] ? $site_url : 'admin-tools' ) ); - $no_conf ? '' : EE::confirm( $del_conf_msg ); + EE::confirm( $del_conf_msg, $assoc_args ); foreach ( $auths as $auth ) { $auth->delete(); From 86ff66f9d5f49caee91d8fffd2bb5361456a7832 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 22:10:06 +0530 Subject: [PATCH 22/27] Fix ee auth delete global; Modify ee auth list global `ee auth delete global` had unexpected behaviour, it works expectedly now. `ee auth list global` showed admin-tools auth, it will exclusively show default auths now. --- src/Auth_Command.php | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 89173fd..2bb5924 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -742,12 +742,7 @@ public function list( $args, $assoc_args ) { $formatter->display_items( $whitelists ); } else { $log_msg = ''; - $auths_global = Auth::get_global_admin_tools_auth(); - $admin_tools_auth = true; - if ( empty( $auths_global ) ) { - $auths_global = Auth::get_global_auths(); - $admin_tools_auth = false; - } + $auths_global = Auth::get_global_auths(); if ( empty( $auths_global ) ) { EE::error( 'Auth does not exists on global.' ); @@ -756,7 +751,7 @@ public function list( $args, $assoc_args ) { $format = \EE\Utils\get_flag_value( $assoc_args, 'format' ); if ( 'table' === $format && 'admin-tools' !== $args[0] ) { - $log_msg = $admin_tools_auth ? 'Following auth is applied only on admin-tools.' : 'Following global auth is enabled on server.'; + $log_msg = 'Following global auth is enabled on server.'; } if ( 'default' !== $site_url ) { From 5791b011289510adaed9e1c0317730563cc56f81 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 22:19:25 +0530 Subject: [PATCH 23/27] Remove --show-updated flag support --- src/Auth_Command.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 2bb5924..c5d6f3b 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -60,9 +60,6 @@ public function __construct() { * [--ip=] * : IP to whitelist. * - * [--show-updated] - * : Shows updated `admin-tools` auth (if site-name == admin-tools). - * * ## EXAMPLES * * # Add auth on site with default username(easyengine) and random password @@ -757,7 +754,7 @@ public function list( $args, $assoc_args ) { if ( 'default' !== $site_url ) { $auths = $this->get_auths( $site_url, false, false ); if ( empty( $auths ) ) { - EE::warning( sprintf( 'Auth does not exists on %s', $site_url ) ); + EE::error( sprintf( 'Auth does not exists on %s', $site_url ) ); } else { $msg = sprintf( 'Following auth exists on `%s`.', ( 'admin-tools' !== $args[0] ? $site_url : 'admin-tools' ) ); EE::line( $msg ); From 1c17c07b6df6808af7705329aba2214140b2d6f5 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Wed, 22 Sep 2021 22:21:04 +0530 Subject: [PATCH 24/27] Reverted to EasyEngine/auth-command:master version --- README.md | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 36ea706..8afb10a 100644 --- a/README.md +++ b/README.md @@ -27,12 +27,6 @@ ee auth # Delete auth from a site $ ee auth delete example.com --user=test - # Add auth to admin-tools - $ ee auth create admin-tools --user=test --pass=test - - # Delete auth from admin-tools - $ ee auth delete admin-tools --user=test - ### ee auth create @@ -46,7 +40,7 @@ ee auth create [] [--user=] [--pass=] [--ip=] **OPTIONS** [] - Name of website / `global` for global scope / `admin-tools` for admin-tools. + Name of website / `global` for global scope. [--user=] Username for http auth. @@ -71,12 +65,6 @@ ee auth create [] [--user=] [--pass=] [--ip=] # Add auth on site with default username and random password $ ee auth create example.com --pass=password - # Add auth on admin-tools with predefined username and random password - $ ee auth create admin-tools --user=test - - # Add auth on admin-tools with predefined username and password - $ ee auth create admin-tools --user=test -pass=password - # Whitelist IP on site $ ee auth create example.com --ip=8.8.8.8,1.1.1.1 @@ -96,7 +84,7 @@ ee auth delete [] [--user=] [--ip] **OPTIONS** [] - Name of website / `global` for global scope / `admin-tools` for admin-tools. + Name of website / `global` for global scope. [--user=] Username that needs to be deleted. @@ -115,9 +103,6 @@ ee auth delete [] [--user=] [--ip] # Remove global auth on all sites (but not admin tools) with default username(easyengine) $ ee auth delete global - # Remove auth on admin-tools with specific username - $ ee auth delete admin-tools --user=test - # Remove specific whitelisted IPs on site $ ee auth delete example.com --ip=1.1.1.1,8.8.8.8 @@ -140,7 +125,7 @@ ee auth list [] [--ip] [--format=] **OPTIONS** [] - Name of website / `global` for global scope / `admin-tools` for admin-tools. + Name of website / `global` for global scope. [--ip] Show whitelisted IPs of site. @@ -165,9 +150,6 @@ ee auth list [] [--ip] [--format=] # List all global auth $ ee auth list global - # List all admin-tools auth - $ ee auth list admin-tools - ### ee auth update @@ -181,7 +163,7 @@ ee auth update [] [--user=] [--pass=] [--ip=] **OPTIONS** [] - Name of website / `global` for global auth / `admin-tools` for admin-tools. + Name of website / `global` for global auth. [--user=] Username for http auth. @@ -200,9 +182,6 @@ ee auth update [] [--user=] [--pass=] [--ip=] # Update auth password on site with predefined username and password $ ee auth update example.com --user=test --pass=password - # Update auth password on admin-tools with predefined username and password - $ ee auth update admin-tools --user=test --password=password - # Update whitelisted IPs on site $ ee auth update example.com --ip=8.8.8.8,1.1.1.1 From d49da4b28b5f1466bec6b3fa4c7f2fbf3000eec5 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Thu, 23 Sep 2021 00:57:49 +0530 Subject: [PATCH 25/27] Change generate_global_auth_files() logic --- src/Auth_Command.php | 53 +++++++++++++++++++++++++++++++++++++++----- 1 file changed, 48 insertions(+), 5 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index c5d6f3b..20ec3d2 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -161,17 +161,19 @@ private function create_auth( array $assoc_args, bool $global, string $site_url } $admin_tools_auth = Auth::get_global_admin_tools_auth(); + $global_auths = Auth::get_global_auths(); + EE::warning( sprintf( 'Creating auth on site_url: %s', $site_url ) ); - if ( 'default' === $site_url && ! empty( $admin_tools_auth ) ) { - $admin_tools_auth[0]->site_url = 'default'; - $admin_tools_auth[0]->save(); - } + // if ( 'default' === $site_url && ! empty( $global_auths ) ) { + // $global_auths[0]->site_url = 'default'; + // $global_auths[0]->save(); + // } Auth::create( $auth_data ); if ( 'default' === $site_url ) { - $this->generate_global_auth_files(); + $this->generate_global_auth_files( true ); } else { $this->generate_site_auth_files( $site_url ); } @@ -262,6 +264,7 @@ private function regen_admin_tools_auth() { } /** + * @todo * Generates auth files for global auth and all sites. * * @param bool $clean_admin_auths syncs the auth_user table with htpasswd file (default: false). @@ -270,10 +273,14 @@ private function regen_admin_tools_auth() { private function generate_global_auth_files( $clean_admin_auths = false ) { $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); + $global_auths = Auth::get_global_auths(); if ( $clean_admin_auths ) { $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); + + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); + EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); } // Clean the existing `admin-tools` auth for proper synchronization. foreach ( $global_admin_tools_auths as $global_admin_tools_auth ) { @@ -310,6 +317,42 @@ private function generate_global_auth_files( $clean_admin_auths = false ) { } } } + + foreach ( $global_auths as $global_auth ) { + if ( ! empty( $global_auth ) ) { + EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $global_auth->username, $global_auth->password ) ); + } else { + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); + $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); + $auths = Auth::get_global_auths(); + + if ( empty( $auths ) ) { + $this->regen_admin_tools_auth(); + } else { + foreach ( $auths as $key => $auth ) { + $flags = 'b'; + + if ( 0 === $key ) { + $flags = 'bc'; + } + + EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); + } + } + + $sites = array_unique( + array_column( + Auth::all( array( 'site_url' ) ), + 'site_url' + ) + ); + + foreach ( $sites as $site ) { + $this->generate_site_auth_files( $site ); + } + } + } + } /** From b08f84a5c4d8194dfce8a67c1765ba17d865af6f Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Thu, 23 Sep 2021 14:03:29 +0530 Subject: [PATCH 26/27] Fix ee auth create global not working Changelog: - separated logic for generate_global_auth_files() for default and default_admin_tools - add generate_default_auth_files() to handle generation of default (global) auths --- src/Auth_Command.php | 127 +++++++++++++++++-------------------------- 1 file changed, 51 insertions(+), 76 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 20ec3d2..980c110 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -173,7 +173,7 @@ private function create_auth( array $assoc_args, bool $global, string $site_url Auth::create( $auth_data ); if ( 'default' === $site_url ) { - $this->generate_global_auth_files( true ); + $this->generate_global_auth_files( $site_url ); } else { $this->generate_site_auth_files( $site_url ); } @@ -267,92 +267,67 @@ private function regen_admin_tools_auth() { * @todo * Generates auth files for global auth and all sites. * - * @param bool $clean_admin_auths syncs the auth_user table with htpasswd file (default: false). + * @param bool $clean_auths syncs the auth_user table with htpasswd file (default: false). * @throws Exception */ - private function generate_global_auth_files( $clean_admin_auths = false ) { - - $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); - $global_auths = Auth::get_global_auths(); - - if ( $clean_admin_auths ) { + private function generate_global_auth_files( $site = 'default', $clean_auths = false ) { + if ( $clean_auths && 'default_admin_tools' === $site ) { $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); - + } else if ( $clean_auths && 'default' === $site ) { $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); - } // Clean the existing `admin-tools` auth for proper synchronization. + } // Clean the existing `admin-tools` | `global` auths for proper synchronization. + + $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); + $global_auths = Auth::get_global_auths(); - foreach ( $global_admin_tools_auths as $global_admin_tools_auth ) { - if ( ! empty( $global_admin_tools_auth ) ) { - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default_admin_tools %s %s', EE_PROXY_TYPE, $global_admin_tools_auth->username, $global_admin_tools_auth->password ) ); - } else { - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); - $auths = Auth::get_global_auths(); - - if ( empty( $auths ) ) { - $this->regen_admin_tools_auth(); - } else { - foreach ( $auths as $key => $auth ) { - $flags = 'b'; - - if ( 0 === $key ) { - $flags = 'bc'; - } - - EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); - } - } - - $sites = array_unique( - array_column( - Auth::all( array( 'site_url' ) ), - 'site_url' - ) - ); - - foreach ( $sites as $site ) { - $this->generate_site_auth_files( $site ); - } - } + switch ( $site ) { + case 'default_admin_tools': + EE::log( 'Generating auth file(s) for `default_admin_tools`...' ); + break; + case 'default': + EE::log( 'Generating auth file(s) for `default`...' ); + $this->generate_default_auth_files( $global_auths ); + break; + default: + return; } + } - foreach ( $global_auths as $global_auth ) { - if ( ! empty( $global_auth ) ) { - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $global_auth->username, $global_auth->password ) ); - } else { - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default_admin_tools' ); - $this->fs->remove( EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); - $auths = Auth::get_global_auths(); - - if ( empty( $auths ) ) { - $this->regen_admin_tools_auth(); - } else { - foreach ( $auths as $key => $auth ) { - $flags = 'b'; - - if ( 0 === $key ) { - $flags = 'bc'; - } - - EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); - } - } - - $sites = array_unique( - array_column( - Auth::all( array( 'site_url' ) ), - 'site_url' - ) - ); - - foreach ( $sites as $site ) { - $this->generate_site_auth_files( $site ); + private function generate_default_auth_files( $auths ) { + foreach ( $auths as $auth ) { + if ( ! empty( $auth ) ) { + EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $auth->username, $auth->password ) ); + } + } + + $auths = Auth::get_global_auths(); + + if ( empty( $auths ) ) { + $this->regen_admin_tools_auth(); + } else { + foreach ( $auths as $key => $auth ) { + $flags = 'b'; + + if ( 0 === $key ) { + $flags = 'bc'; } + + EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); } } + $sites = array_unique( + array_column( + Auth::all( array( 'site_url' ) ), + 'site_url' + ) + ); + + foreach ( $sites as $site ) { + $this->generate_site_auth_files( $site ); + } } /** @@ -522,7 +497,7 @@ private function update_auth( array $assoc_args, string $site_url ) { } if ( 'default' === $site_url ) { - $this->generate_global_auth_files(); + $this->generate_global_auth_files( $site_url ); } else { $this->generate_site_auth_files( $site_url ); } @@ -673,7 +648,7 @@ public function delete( $args, $assoc_args ) { } if ( 'default' === $site_url ) { - $this->generate_global_auth_files(); + $this->generate_global_auth_files( $site_url ); } else { $this->generate_site_auth_files( $site_url ); } From fe6928bb013b3b1d5d1d26ec5b36f0394bae4036 Mon Sep 17 00:00:00 2001 From: Danish Shakeel Date: Thu, 23 Sep 2021 14:15:29 +0530 Subject: [PATCH 27/27] Restructure code --- src/Auth_Command.php | 22 +++------------------- 1 file changed, 3 insertions(+), 19 deletions(-) diff --git a/src/Auth_Command.php b/src/Auth_Command.php index 980c110..e95a888 100644 --- a/src/Auth_Command.php +++ b/src/Auth_Command.php @@ -264,7 +264,6 @@ private function regen_admin_tools_auth() { } /** - * @todo * Generates auth files for global auth and all sites. * * @param bool $clean_auths syncs the auth_user table with htpasswd file (default: false). @@ -279,26 +278,11 @@ private function generate_global_auth_files( $site = 'default', $clean_auths = f EE::warning( 'Cleaned htpasswd at ' . EE_ROOT_DIR . '/services/nginx-proxy/htpasswd/default' ); } // Clean the existing `admin-tools` | `global` auths for proper synchronization. - $global_admin_tools_auths = Auth::get_global_admin_tools_auth(); - $global_auths = Auth::get_global_auths(); - - switch ( $site ) { - case 'default_admin_tools': - EE::log( 'Generating auth file(s) for `default_admin_tools`...' ); - break; - case 'default': - EE::log( 'Generating auth file(s) for `default`...' ); - $this->generate_default_auth_files( $global_auths ); - break; - default: - return; - } - } + $auths = 'default_admin_tools' === $site ? Auth::get_global_admin_tools_auth() : Auth::get_global_auths(); - private function generate_default_auth_files( $auths ) { foreach ( $auths as $auth ) { if ( ! empty( $auth ) ) { - EE::exec( sprintf( 'docker exec %s htpasswd -bc /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $auth->username, $auth->password ) ); + EE::exec( sprintf( 'docker exec %1$s htpasswd -bc /etc/nginx/htpasswd/%2$s %3$s %4$s', EE_PROXY_TYPE, $site, $auth->username, $auth->password ) ); } } @@ -314,7 +298,7 @@ private function generate_default_auth_files( $auths ) { $flags = 'bc'; } - EE::exec( sprintf( 'docker exec %s htpasswd -%s /etc/nginx/htpasswd/default %s %s', EE_PROXY_TYPE, $flags, $auth->username, $auth->password ) ); + EE::exec( sprintf( 'docker exec %1$s htpasswd -%2$s /etc/nginx/htpasswd/%3$ %4$s %5$s', EE_PROXY_TYPE, $flags, $site, $auth->username, $auth->password ) ); } }