Merge pull request #148 from moufmouf/ui_disable

Allows disabling UI via an environment variable

Author: moufmouf

doc/installing_mouf.md

@@ -107,3 +107,11 @@ Mouf UI is designed to be used on a development environment, not on a production
 If you are running a production server (if you are not on a development environment), it is more secure
 to prevent Apache from writing to the application directories (or to open those rights on a very
 restrictive basis). In this scenario, you don't need to share write rights with Apache. 
+
+Also, you might want to completely prevent users from accessing the UI. You can disable Mouf UI
+by setting the `MOUF_UI` environment variable to 0.
+
+```
+# Disable Mouf UI via environment variable:
+MOUF_UI=0
+```

src-dev/Mouf/Controllers/MoufInstallController.php

@@ -7,8 +7,8 @@
  * For the full copyright and license information, please view the LICENSE.txt
  * file that was distributed with this source code.
  */
-namespace Mouf\Controllers;
-
+namespace Mouf\Controllers;
+
 use Mouf\Html\Template\TemplateInterface;
 
 use Mouf\Html\Widgets\MessageService\Service\UserMessageInterface;
@@ -19,7 +19,7 @@
 
 use Mouf\Html\HtmlElement\HtmlBlock;
 
-use Mouf\Mvc\Splash\Controllers\Controller;
+use Mouf\Mvc\Splash\Controllers\Controller;
 
 
 /**
@@ -49,6 +49,17 @@ class MoufInstallController extends Controller {
 	 */
 	public function index() {
 
+        $moufUI = getenv('MOUF_UI');
+        if ($moufUI !== false) {
+            $moufUI = (bool) $moufUI;
+            if (!$moufUI) {
+                header('HTTP/1.1 403 Forbidden');
+                echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
+                exit;
+            }
+        }
+        unset($moufUI);
+
 		if (!extension_loaded("curl")) {
 			$this->contentBlock->addFile(dirname(__FILE__)."/../../views/mouf_installer/missing_curl.php", $this);
 		} else {

src/direct/utils/check_rights.php

@@ -1,20 +1,31 @@
 <?php
-/*
- * This file is part of the Mouf core package.
- *
- * (c) 2012 David Negrier <[email protected]>
- *
- * For the full copyright and license information, please view the LICENSE.txt
- * file that was distributed with this source code.
- */
- 
+/*
+ * This file is part of the Mouf core package.
+ *
+ * (c) 2012 David Negrier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE.txt
+ * file that was distributed with this source code.
+ */
+ 
 /**
  * This file should be included at the beginning of each file of the "/direct" folder.
  * It checks that the rights are ok.
  * The user is allowed access to the file if he is logged, or if he is requesting the file from localhost
  * (because it could be a request from Mouf itself via Curl, and therefore not logged).
  */
 
+$moufUI = getenv('MOUF_UI');
+if ($moufUI !== false) {
+    $moufUI = (bool) $moufUI;
+    if (!$moufUI) {
+        header('HTTP/1.1 403 Forbidden');
+        echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
+        exit;
+    }
+}
+unset($moufUI);
+
 // TODO: remove this condition when everything is migrated to the new cookie propagation method.
 if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR'] /*|| $_SERVER['REMOTE_ADDR'] == '::1'*/) {
 	return;

src/mouf_router.php

@@ -1,4 +1,15 @@
-<?php 
+<?php
+$moufUI = getenv('MOUF_UI');
+if ($moufUI !== false) {
+    $moufUI = (bool) $moufUI;
+    if (!$moufUI) {
+        header('HTTP/1.1 403 Forbidden');
+        echo 'Error! Access to Mouf UI is forbidden on this environment (env variable MOUF_UI is set to 0)';
+        exit;
+    }
+}
+unset($moufUI);
+
 if (!file_exists(__DIR__.'/../../../../mouf/no_commit/MoufUsers.php')) {
 
 	$rootUrl = $_SERVER['BASE']."/";

src/splash.php

@@ -1,13 +1,13 @@
 <?php
-/*
- * This file is part of the Mouf core package.
- *
- * (c) 2012 David Negrier <[email protected]>
- *
- * For the full copyright and license information, please view the LICENSE.txt
- * file that was distributed with this source code.
- */
- 
+/*
+ * This file is part of the Mouf core package.
+ *
+ * (c) 2012 David Negrier <[email protected]>
+ *
+ * For the full copyright and license information, please view the LICENSE.txt
+ * file that was distributed with this source code.
+ */
+
 // Let's load the Mouf file, and the MoufAdmin file.
 // The MoufAdmin will replace the Mouf configuration file.
 if (file_exists(dirname(__FILE__).'/../MoufComponents.php')) {