diff options
| -rw-r--r-- | app/controllers/admin_controller.rb | 3 | ||||
| -rw-r--r-- | app/views/user/sign.rhtml | 4 | ||||
| -rw-r--r-- | config/general.yml-example | 1 | ||||
| -rw-r--r-- | doc/CHANGES.md | 2 | ||||
| -rw-r--r-- | doc/INSTALL.md | 2 | ||||
| -rw-r--r-- | lib/configuration.rb | 1 | ||||
| -rw-r--r-- | spec/controllers/admin_public_body_controller_spec.rb | 13 |
7 files changed, 22 insertions, 4 deletions
diff --git a/app/controllers/admin_controller.rb b/app/controllers/admin_controller.rb index d93e68dab..e90f03187 100644 --- a/app/controllers/admin_controller.rb +++ b/app/controllers/admin_controller.rb @@ -79,7 +79,7 @@ class AdminController < ApplicationController return else if session[:using_admin].nil? || session[:admin_name].nil? - if params[:emergency].nil? + if params[:emergency].nil? || Configuration::disable_emergency_user if authenticated?( :web => _("To log into the administrative interface"), :email => _("Then you can log into the administrative interface"), @@ -89,7 +89,6 @@ class AdminController < ApplicationController session[:using_admin] = 1 session[:admin_name] = @user.url_name else - session[:using_admin] = nil session[:user_id] = nil session[:admin_name] = nil diff --git a/app/views/user/sign.rhtml b/app/views/user/sign.rhtml index 6a1979155..5e8cced91 100644 --- a/app/views/user/sign.rhtml +++ b/app/views/user/sign.rhtml @@ -12,7 +12,9 @@ <% end %> </p> <% if @post_redirect.post_params["controller"] == "admin_general" %> - <p id="superuser_message">Don't have a superuser account yet? <%= link_to "Sign in as the emergency user", @post_redirect.uri + "?emergency=1" %></p> + <% unless Configuration::disable_emergency_user %> + <p id="superuser_message">Don't have a superuser account yet? <%= link_to "Sign in as the emergency user", @post_redirect.uri + "?emergency=1" %></p> + <% end %> <% end %> <%= render :partial => 'signin', :locals => { :sign_in_as_existing_user => true } %> diff --git a/config/general.yml-example b/config/general.yml-example index 5005fda77..17e1aa552 100644 --- a/config/general.yml-example +++ b/config/general.yml-example @@ -88,6 +88,7 @@ BLACKHOLE_PREFIX: 'do-not-reply-to-this-address' # The emergency user ADMIN_USERNAME: 'adminxxxx' ADMIN_PASSWORD: 'passwordx' +DISABLE_EMERGENCY_USER: false # Set this to true, and the admin interface will be available to anonymous users SKIP_ADMIN_AUTH: false diff --git a/doc/CHANGES.md b/doc/CHANGES.md index 9f1127e34..debf9d7c7 100644 --- a/doc/CHANGES.md +++ b/doc/CHANGES.md @@ -9,11 +9,13 @@ * Improvements to the accessibility of the search boxes (Nathan Jenkins) * Only one email sent when asking for admin attention to a request [issue #789](https://github.com/mysociety/alaveteli/pull/864) (Matthew Landauer) * A number of XSS escaping fixes for Version 0.7 (Matthew Landauer) +* The emergency admin account can now be disabled ## Upgrade notes * Check out this version and run `rails-post-deploy` as usual. * Remove adminbootstrap from the THEME_URLS or THEME_URL config variable, and remove vendor/plugins/adminbootstraptheme, and the softlink public/adminbootstraptheme. * There is a new config variable FORCE_SSL, which defaults to true, meaning that Alaveteli will redirect all "http" requests to "https", set the Strict-Transport-Security header and flag all cookies as "secure". For more information about running your install over SSL/TLS, see the [install guide](https://github.com/mysociety/alaveteli/blob/develop/doc/INSTALL.md#set-up-production-web-server). If you don't want to run over SSL/TLS, add the config variable FORCE_SSL to your config/general.yml and set it to false. +* If you would like to disable the emergency user account, set DISABLE_EMERGENCY_USER to true in you config/general.yml # Version 0.7 ## Highlighted features diff --git a/doc/INSTALL.md b/doc/INSTALL.md index c8ce6390f..2156f4c4a 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -301,7 +301,7 @@ There is an emergency user account which can be accessed via `/admin?emergency=1`, using the credentials `ADMIN_USERNAME` and `ADMIN_PASSWORD`, which are set in `general.yml`. To bootstrap the first `super` level accounts, you will need to log in as the emergency -user. +user. You can disable the emergency user account by setting `DISABLE_EMERGENCY_USER` to `true` in `general.yml`. Users with the superuser role also have extra privileges in the website frontend, such as being able to categorise any request, being diff --git a/lib/configuration.rb b/lib/configuration.rb index f155ed7a4..fca48782e 100644 --- a/lib/configuration.rb +++ b/lib/configuration.rb @@ -6,6 +6,7 @@ module Configuration DEFAULTS = { :ADMIN_PASSWORD => '', :ADMIN_USERNAME => '', + :DISABLE_EMERGENCY_USER => false, :AVAILABLE_LOCALES => '', :BLACKHOLE_PREFIX => 'do-not-reply-to-this-address', :BLOG_FEED => '', diff --git a/spec/controllers/admin_public_body_controller_spec.rb b/spec/controllers/admin_public_body_controller_spec.rb index 504ddc5cc..28182a3cd 100644 --- a/spec/controllers/admin_public_body_controller_spec.rb +++ b/spec/controllers/admin_public_body_controller_spec.rb @@ -215,6 +215,19 @@ describe AdminPublicBodyController, "when administering public bodies and paying PublicBody.count.should == n - 1 end + it "doesn't let people with good emergency account credentials log in if the emergency user is disabled" do + setup_emergency_credentials('biz', 'fuz') + Configuration.stub!(:disable_emergency_user).and_return(true) + n = PublicBody.count + basic_auth_login(@request, "biz", "fuz") + post :show, { :id => public_bodies(:humpadink_public_body).id, :emergency => 1} + session[:using_admin].should == nil + n = PublicBody.count + post :destroy, { :id => public_bodies(:forlorn_public_body).id } + session[:using_admin].should == nil + PublicBody.count.should == n + end + it "allows superusers to do stuff" do session[:user_id] = users(:admin_user).id @request.env["HTTP_AUTHORIZATION"] = "" |