4 лет назад · 3d332994b5
--- a/src/client/js/services/AdminGeneralSecurityContainer.js
+++ b/src/client/js/services/AdminGeneralSecurityContainer.js
@@ -18,6 +18,7 @@ export default class AdminGeneralSecurityContainer extends Container {
 
				 
			
 
				     this.state = {
			
 
				       retrieveError: null,
			
 
				+      sessionMaxAge: null,
			
 
				       wikiMode: '',
			
 
				       // set dummy value tile for using suspense
			
 
				       currentRestrictGuestMode: this.dummyCurrentRestrictGuestMode,
			
@@ -51,6 +52,7 @@ export default class AdminGeneralSecurityContainer extends Container {
 
				       currentPageCompleteDeletionAuthority: generalSetting.pageCompleteDeletionAuthority,
			
 
				       isShowRestrictedByOwner: !generalSetting.hideRestrictedByOwner,
			
 
				       isShowRestrictedByGroup: !generalSetting.hideRestrictedByGroup,
			
 
				+      sessionMaxAge: generalSetting.sessionMaxAge,
			
 
				       wikiMode: generalSetting.wikiMode,
			
 
				       isLocalEnabled: generalAuth.isLocalEnabled,
			
 
				       isLdapEnabled: generalAuth.isLdapEnabled,
			
@@ -79,6 +81,13 @@ export default class AdminGeneralSecurityContainer extends Container {
 
				     return this.state.wikiMode === 'public' || this.state.wikiMode === 'private';
			
 
				   }
			
 
				 
			
 
				+  /**
			
 
				+   * setter for sessionMaxAge
			
 
				+   */
			
 
				+  setSessionMaxAge(sessionMaxAge) {
			
 
				+    this.setState({ sessionMaxAge });
			
 
				+  }
			
 
				+
			
 
				   /**
			
 
				    * Change restrictGuestMode
			
 
				    */
			
@@ -115,6 +124,7 @@ export default class AdminGeneralSecurityContainer extends Container {
 
				   async updateGeneralSecuritySetting() {
			
 
				 
			
 
				     let requestParams = {
			
 
				+      sessionMaxAge: this.state.sessionMaxAge,
			
 
				       restrictGuestMode: this.state.currentRestrictGuestMode,
			
 
				       pageCompleteDeletionAuthority: this.state.currentPageCompleteDeletionAuthority,
			
 
				       hideRestrictedByGroup: !this.state.isShowRestrictedByGroup,
			
--- a/src/server/routes/apiv3/security-setting.js
+++ b/src/server/routes/apiv3/security-setting.js
@@ -12,6 +12,7 @@ const removeNullPropertyFromObject = require('../../../lib/util/removeNullProper
 
				 
			
 
				 const validator = {
			
 
				   generalSetting: [
			
 
				+    body('sessionMaxAge').optional({ checkFalsy: true }).trim().isInt(),
			
 
				     body('restrictGuestMode').if(value => value != null).isString().isIn([
			
 
				       'Deny', 'Readonly',
			
 
				     ]),
			
@@ -361,6 +362,7 @@ module.exports = (crowi) => {
 
				         hideRestrictedByOwner: await crowi.configManager.getConfig('crowi', 'security:list-policy:hideRestrictedByOwner'),
			
 
				         hideRestrictedByGroup: await crowi.configManager.getConfig('crowi', 'security:list-policy:hideRestrictedByGroup'),
			
 
				         wikiMode: await crowi.configManager.getConfig('crowi', 'security:wikiMode'),
			
 
				+        sessionMaxAge: await crowi.configManager.getConfig('crowi', 'security:sessionMaxAge'),
			
 
				       },
			
 
				       localSetting: {
			
 
				         useOnlyEnvVarsForSomeOptions: await crowi.configManager.getConfig('crowi', 'security:passport-local:useOnlyEnvVarsForSomeOptions'),
			
@@ -566,7 +568,8 @@ module.exports = (crowi) => {
 
				    *                  $ref: '#/components/schemas/GeneralSetting'
			
 
				    */
			
 
				   router.put('/general-setting', loginRequiredStrictly, adminRequired, csrf, validator.generalSetting, apiV3FormValidator, async(req, res) => {
			
 
				-    const requestParams = {
			
 
				+    const updateData = {
			
 
				+      'security:sessionMaxAge': parseInt(req.body.sessionMaxAge),
			
 
				       'security:restrictGuestMode': req.body.restrictGuestMode,
			
 
				       'security:pageCompleteDeletionAuthority': req.body.pageCompleteDeletionAuthority,
			
 
				       'security:list-policy:hideRestrictedByOwner': req.body.hideRestrictedByOwner,
			
@@ -575,11 +578,12 @@ module.exports = (crowi) => {
 
				     const wikiMode = await crowi.configManager.getConfig('crowi', 'security:wikiMode');
			
 
				     if (wikiMode === 'private' || wikiMode === 'public') {
			
 
				       logger.debug('security:restrictGuestMode will not be changed because wiki mode is forced to set');
			
 
				-      delete requestParams['security:restrictGuestMode'];
			
 
				+      delete updateData['security:restrictGuestMode'];
			
 
				     }
			
 
				     try {
			
 
				-      await crowi.configManager.updateConfigsInTheSameNamespace('crowi', requestParams);
			
 
				+      await crowi.configManager.updateConfigsInTheSameNamespace('crowi', updateData);
			
 
				       const securitySettingParams = {
			
 
				+        sessionMaxAge: await crowi.configManager.getConfig('crowi', 'security:sessionMaxAge'),
			
 
				         restrictGuestMode: await crowi.configManager.getConfig('crowi', 'security:restrictGuestMode'),
			
 
				         pageCompleteDeletionAuthority: await crowi.configManager.getConfig('crowi', 'security:pageCompleteDeletionAuthority'),
			
 
				         hideRestrictedByOwner: await crowi.configManager.getConfig('crowi', 'security:list-policy:hideRestrictedByOwner'),