NEW Add option SELLYOURSAAS_DASHBOARD_OFF to disallow login/access to

dashboard

Author: eldy

ChangeLog.md

@@ -3,6 +3,7 @@
 
 ## Unreleased
 
+* NEW Add option SELLYOURSAAS_DASHBOARD_OFF to disallow login/access to dashboard
 * NEW Add warning on support page if contact info are not complete
 * NEW Add badge with number of deployment server on tab title of deployment servers.
 * NEW Add the tab for histori of events info on a deployment server card.

admin/setup.php

@@ -21,6 +21,10 @@
  *     \brief      Page administration module SellYourSaas
  */
 
+/**
+ * @var	Conf 	$conf
+ * @var	DoliDB 	$db
+ */
 
 if (! defined('NOSCANPOSTFORINJECTION')) {
 	define('NOSCANPOSTFORINJECTION', '1');
@@ -231,12 +235,12 @@
 print '<span class="opacitymedium">'.$langs->trans("Prerequisites")." :</span><br>\n";
 print 'Function <b>idn_to_ascii</b> available: '.(function_exists('idn_to_ascii') ? img_picto('', 'tick', 'class="paddingrightonly"').yn(1) : img_picto('', 'warning', 'class="paddingrightonly"').yn(0)).'<br>';
 print 'Function <b>checkdnsrr</b> available: '.(function_exists('checkdnsrr') ? img_picto('', 'tick', 'class="paddingrightonly"').yn(1) : img_picto('', 'warning', 'class="paddingrightonly"').yn(0)).'<br>';
-print 'Parameter <b>allow_url_fopen</b> is on: '.(ini_get('allow_url_fopen') ? img_picto('', 'tick', 'class="paddingrightonly"').yn(1) : img_picto('', 'warning', 'class="paddingrightonly"').yn(0)).'<br>';
+print 'Parameter <b>allow_url_fopen</b> is on: '.(ini_get('allow_url_fopen') ? img_picto('', 'tick', 'class="paddingrightonly"').yn(1).' (may be used by deployed applications)' : img_picto('', 'warning', 'class="paddingrightonly"').yn(0)).'<br>';
 $arrayoffunctionsdisabled = explode(',', ini_get('disable_functions'));
 if (in_array('exec', $arrayoffunctionsdisabled)) {
 	print "Parameter <b>disable_functions</b>: ".img_picto('', 'error', 'class="paddingrightonly"')." Bad. Must not contain 'exec'<br>";
 } else {
-	print 'Parameter <b>disable_functions</b>: '.img_picto('', 'tick', 'class="paddingrightonly"').' does not contains: exec<br>';
+	print 'Parameter <b>disable_functions</b>: '.img_picto('', 'tick', 'class="paddingrightonly"').' does not contains: exec (used by Dolibarr)<br>';
 }
 if (in_array('popen', $arrayoffunctionsdisabled)) {
 	print "Parameter <b>disable_functions</b>: ".img_picto('', 'error', 'class="paddingrightonly"')." Bad. Must not contain 'popen'<br>";
@@ -299,28 +303,32 @@
 }
 
 print '<tr class="oddeven"><td class="fieldrequired">'.$langs->trans("SellYourSaasMainEmail").'</td>';
-print '<td>';
+print '<td class="nowraponall">';
+print img_picto('', 'email', 'class="pictofixedwidth"');
 print '<input type="text" name="SELLYOURSAAS_MAIN_EMAIL" value="'.getDolGlobalString('SELLYOURSAAS_MAIN_EMAIL').'" class="minwidth300">';
 print '</td>';
 print '<td><span class="opacitymedium small">[email protected]</span></td>';
 print '</tr>';
 
 print '<tr class="oddeven"><td>'.$langs->trans("SellYourSaasMainEmail").' (Premium)</td>';
-print '<td>';
+print '<td class="nowraponall">';
+print img_picto('', 'email', 'class="pictofixedwidth"');
 print '<input type="text" name="SELLYOURSAAS_MAIN_EMAIL_PREMIUM" value="'.getDolGlobalString('SELLYOURSAAS_MAIN_EMAIL_PREMIUM').'" class="minwidth300">';
 print '</td>';
 print '<td><span class="opacitymedium small">[email protected]</span></td>';
 print '</tr>';
 
 print '<tr class="oddeven"><td class="fieldrequired">'.$langs->trans("SellYourSaasSupervisionEmail").'</td>';
-print '<td>';
+print '<td class="nowraponall">';
+print img_picto('', 'email', 'class="pictofixedwidth"');
 print '<input type="text" name="SELLYOURSAAS_SUPERVISION_EMAIL" value="'.getDolGlobalString('SELLYOURSAAS_SUPERVISION_EMAIL').'" class="minwidth300">';
 print '</td>';
 print '<td><span class="opacitymedium small">[email protected]</span></td>';
 print '</tr>';
 
 print '<tr class="oddeven"><td class="fieldrequired">'.$langs->trans("SellYourSaasNoReplyEmail").'</td>';
-print '<td>';
+print '<td class="nowraponall">';
+print img_picto('', 'email', 'class="pictofixedwidth"');
 print '<input type="text" name="SELLYOURSAAS_NOREPLY_EMAIL" value="'.getDolGlobalString('SELLYOURSAAS_NOREPLY_EMAIL').'" class="minwidth300">';
 print '</td>';
 print '<td><span class="opacitymedium small">[email protected]</span></td>';
@@ -371,7 +379,14 @@
 */
 
 print '<tr class="oddeven"><td class="fieldrequired">'.$langs->trans("SellYourSaasAccountUrl").'</td>';
-print '<td>';
+print '<td class="nowraponall">';
+if (getDolGlobalString('SELLYOURSAAS_ACCOUNT_URL')) {
+	print '<a href="'.getDolGlobalString('SELLYOURSAAS_ACCOUNT_URL').'" target="_blank">';
+}
+print img_picto('', 'url', 'class="pictofixedwidth"');
+if (getDolGlobalString('SELLYOURSAAS_ACCOUNT_URL')) {
+	print '</a>';
+}
 print '<input class="minwidth300" type="text" name="SELLYOURSAAS_ACCOUNT_URL" value="'.getDolGlobalString('SELLYOURSAAS_ACCOUNT_URL').'">';
 print '</td>';
 print '<td><span class="opacitymedium small wordbreak">https://myaccount.mysaasdomainname.com<br>Note: The virtual host for this domain must point to <strong>'.dol_buildpath('sellyoursaas/myaccount').'</strong></span></td>';
@@ -381,10 +396,17 @@
 	print '<!-- suffix = '.$suffix.' -->'."\n";
 
 	print '<tr class="oddeven"><td>'.($service ? $service.' - ' : '').$langs->trans("SellYourSaasPricesUrl").'</td>';
-	print '<td>';
+	print '<td class="nowraponall">';
 	$constname = 'SELLYOURSAAS_PRICES_URL'.$suffix;
+	if (getDolGlobalString($constname)) {
+		print '<a href="'.getDolGlobalString($constname).'" target="_blank">';
+	}
+	print img_picto('', 'url', 'class="pictofixedwidth"');
+	if (getDolGlobalString($constname)) {
+		print '</a>';
+	}
 	print '<!-- constname = '.$constname.' -->';
-	print '<input class="minwidth300" type="text" name="SELLYOURSAAS_PRICES_URL'.$suffix.'" value="'.getDolGlobalString('SELLYOURSAAS_PRICES_URL'.$suffix).'">';
+	print '<input class="minwidth300" type="text" name="SELLYOURSAAS_PRICES_URL'.$suffix.'" value="'.getDolGlobalString($constname).'">';
 	print '</td>';
 	print '<td><span class="opacitymedium small">https://myaccount.mysaasdomainname.com/prices.html</span></td>';
 	print '</tr>';

backoffice/index.php

@@ -110,6 +110,14 @@
 	dolibarr_set_const($db, "SELLYOURSAAS_ANNOUNCE", GETPOST("SELLYOURSAAS_ANNOUNCE", 'none'), 'chaine', 0, '', $conf->entity);
 }
 
+if ($action == 'setSELLYOURSAAS_DASHBOARD_OFF') {
+	if (GETPOST('value')) {
+		dolibarr_set_const($db, 'SELLYOURSAAS_DASHBOARD_OFF', 1, 'chaine', 0, '', $conf->entity);
+		dolibarr_set_const($db, 'SELLYOURSAAS_DISABLE_NEW_INSTANCES', 1, 'chaine', 0, '', $conf->entity);
+	} else {
+		dolibarr_set_const($db, 'SELLYOURSAAS_DASHBOARD_OFF', 0, 'chaine', 0, '', $conf->entity);
+	}
+}
 if ($action == 'setSELLYOURSAAS_DISABLE_NEW_INSTANCES') {
 	if (GETPOST('value')) {
 		dolibarr_set_const($db, 'SELLYOURSAAS_DISABLE_NEW_INSTANCES', 1, 'chaine', 0, '', $conf->entity);
@@ -265,6 +273,23 @@
 print '<td>';
 print $langs->trans('Website').' & '.$langs->trans('CustomerAccountArea');
 print '</td></tr>';
+print '<tr class="oddeven"><td>';
+$enabledisabledashboard='';
+if (!getDolGlobalString('SELLYOURSAAS_DASHBOARD_OFF')) {
+	// Button off, click to enable
+	$enabledisabledashboard.='<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=setSELLYOURSAAS_DASHBOARD_OFF&token='.newToken().'&value=1'.$param.'">';
+	$enabledisabledashboard.=img_picto($langs->trans("Enabled"), 'switch_on', '', false, 0, 0, '', 'valignmiddle paddingright');
+	$enabledisabledashboard.='</a>';
+} else {
+	// Button on, click to disable
+	$enabledisabledashboard.='<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=setSELLYOURSAAS_DASHBOARD_OFF&token='.newToken().'&value=0'.$param.'">';
+	$enabledisabledashboard.=img_picto($langs->trans('Disabled'), 'switch_off', '', false, 0, 0, '', 'error valignmiddle paddingright');
+	$enabledisabledashboard.='</a>';
+}
+print $enabledisabledashboard;
+print $langs->trans("EnableDashboards");
+print '</td></tr>';
+
 print '<tr class="oddeven"><td>';
 $enabledisablehtml='';
 if (getDolGlobalString('SELLYOURSAAS_DISABLE_NEW_INSTANCES')) {
@@ -291,6 +316,7 @@
 }
 
 print '</td></tr>';
+
 print '<tr class="oddeven"><td>';
 $enabledisableannounce='';
 if (!getDolGlobalString('SELLYOURSAAS_ANNOUNCE_ON')) {

langs/en_US/sellyoursaas.lang

@@ -497,6 +497,7 @@ TooManyInstancesForSameIpvpn=You reach the limit of the number of instances crea
 TooManyInstancesForSameIpThisHour=You reach the limit of the number of instances created in one hour from the same location. Please try later (Your IP is %s).
 TooManyRequestPleaseTryLater=Too many pending requests. Please try later.
 InstanceCreationBlockedForSecurityPurpose=Creation of your instance has been blocked for security purpose. It seems you come from a non legitimate network or traffic analysis flags suspecious activity. Please contact us (<b>%s</b>) if you think this is an error (your last point IP is %s, abuse code: %s)
+EnableDashboards=Enable dashboards (customer, reseller). Login forbidden if off.
 EnableNewInstance=Enable new registration/instances
 CustomerAccountArea=Customer accounts area
 MasterServer=Master server
@@ -951,3 +952,5 @@ MyModuleCustomersBilling=My module customer billing
 SupplierModule=Module
 YouAreAModuleProvider=You are a module provider
 YouAreTheProviderOfTheFollowingModules=You provides the following modules
+DashboardServiceIsTemporarlyOffline=Dashboard access is temporarly offline for maintenance purpose.
+PleaseGoBackInFewHours=Please go back in few hours...

myaccount/index.php

@@ -94,7 +94,12 @@
 if (! $res) {
 	die("Include of main fails. Try to create a link from mydolibarr/htdocs/main.inc.php to .../sellyoursaas/myaccount/main.inc.php");
 }
-
+/**
+ * @var Conf		$conf
+ * @var DoliDB		$db
+ * @var	Translate 	$langs
+ * @var Societe		$mysoc
+ */
 require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
@@ -213,7 +218,7 @@
 	}
 
 	$_SESSION=array();
-	$_SESSION['dol_loginmesg']=$langs->trans("SorryAccountDeleted", $sellyoursaasemail);
+	$_SESSION['dol_loginmesg'] = $langs->trans("SorryAccountDeleted", $sellyoursaasemail);
 	//header("Location: index.php?username=".urlencode(GETPOST('username','alpha')));
 	header("Location: index.php?usernamebis=".urlencode(GETPOST('username', 'alpha')));
 	exit;
@@ -2309,6 +2314,7 @@
 
 $form = new Form($db);
 
+
 if ($welcomecid > 0) {
 	// Here $_POST is empty, $GET has just welcomecid=..., $_SESSION['dol_loginsellyoursaas'] is socid =382
 	/*var_dump($_POST);
@@ -2378,6 +2384,19 @@
 
 llxHeader($head, $langs->trans("MyAccount"), '', '', 0, 0, $arrayofjs, $arrayofcss, '', 'myaccount');
 
+
+// Test if dashboard is allowed or not
+if (getDolGlobalString('SELLYOURSAAS_DASHBOARD_OFF')) {
+	print '<center><div class="warning"><br><br><br>';
+	print $langs->trans("DashboardServiceIsTemporarlyOffline");
+	print '<br>';
+	print $langs->trans("PleaseGoBackInFewHours");
+	print '<br><br><br></div></center>';
+
+	llxFooter();
+	exit;
+}
+
 ?>
 
 <div id="waitMask" style="display:none;">

myaccount/tpl/loginmyaccount.tpl.php

@@ -16,9 +16,11 @@
  */
 
 // Need global variable to be defined by caller (like dol_loginfunction)
+// $conf
 // $title
 // $urllogo
 // $focus_element
+// $captcha_refresh
 // Caller can also set 	$morelogincontent = array(['options']=>array('js'=>..., 'table'=>...);
 
 // Protection to avoid direct call of template
@@ -207,6 +209,21 @@
 </div>
 	<?php
 }
+
+
+// Test if dashboard is allowed or not
+if (getDolGlobalString('SELLYOURSAAS_DASHBOARD_OFF')) {
+	print '<center><div class="warning"><br><br><br>';
+	print $langs->trans("DashboardServiceIsTemporarlyOffline");
+	print '<br>';
+	print $langs->trans("PleaseGoBackInFewHours");
+	print '<br><br><br></div></center>';
+
+	print '</body>';
+	print '</html>';
+	exit;
+}
+
 ?>