11 lat temu · 839f6d0d87
--- a/app.js
+++ b/app.js
@@ -51,18 +51,20 @@ app.use(express.session({
 
				 }));
			
 
				 app.use(flash());
			
 
				 
			
 
				-config = require('./models/config')(app);
			
 
				+configModel = require('./models/config')(app);
			
 
				 
			
 
				 async.series([
			
 
				   function (next) {
			
 
				-    config.getConfigArray(function(err, doc) {
			
 
				+    configModel.getConfigArray(function(err, doc) {
			
 
				       app.set('config', doc);
			
 
				 
			
 
				       return next();
			
 
				     });
			
 
				   }, function (next) {
			
 
				+    var config = app.set('config');
			
 
				+
			
 
				     models = require('./models')(app);
			
 
				-    models.Config = config;
			
 
				+    models.Config = configModel;
			
 
				 
			
 
				     // configure application
			
 
				     app.use(function(req, res, next) {
			
@@ -97,6 +99,16 @@ async.series([
 
				       next();
			
 
				     });
			
 
				 
			
 
				+    app.use(function(req, res, next) {
			
 
				+      if (config.crowi['security:basicName'] && config.crowi['security:basicSecret']) {
			
 
				+        return express.basicAuth(
			
 
				+          config.crowi['security:basicName'],
			
 
				+          config.crowi['security:basicSecret'])(req, res, next);
			
 
				+      } else {
			
 
				+        next();
			
 
				+      }
			
 
				+    });
			
 
				+
			
 
				     app.use(function(req, res, next) {
			
 
				       var config = app.set('config');
			
 
				       if (config.crowi['facebook:appId'] && config.crowi['facebook:secret']) {
			
--- a/form/admin/sec.js
+++ b/form/admin/sec.js
@@ -4,7 +4,9 @@ var form = require('express-form')
 
				   , field = form.field;
			
 
				 
			
 
				 module.exports = form(
			
 
				-  field('settingForm[sec:registrationMode]').required(),
			
 
				-  field('settingForm[sec:registrationWhiteList]')
			
 
				+  field('settingForm[security:basicName]'),
			
 
				+  field('settingForm[security:basicSecret]'),
			
 
				+  field('settingForm[security:registrationMode]').required(),
			
 
				+  field('settingForm[security:registrationWhiteList]')
			
 
				 );
			
 
				 
			
--- a/lib/middlewares.js
+++ b/lib/middlewares.js
@@ -99,8 +99,7 @@ exports.applicationNotInstalled = function() {
 
				   return function(req, res, next) {
			
 
				     var config = req.config;
			
 
				 
			
 
				-    debug('config.crowi', Object.keys(config.crowi).length);
			
 
				-    if (Object.keys(config.crowi).length != 0) {
			
 
				+    if (Object.keys(config.crowi).length !== 0) {
			
 
				       return res.render('500', { error: 'Application already installed.' });
			
 
				     }
			
 
				 
			
--- a/routes/admin.js
+++ b/routes/admin.js
@@ -159,8 +159,6 @@ module.exports = function(app) {
 
				   actions.api.appSetting = function(req, res) {
			
 
				     var form = req.body.settingForm;
			
 
				 
			
 
				-    debug("posted form", req.form);
			
 
				-    debug("posted form", form);
			
 
				     if (req.form.isValid) {
			
 
				       Config.updateNamespaceByArray('crowi', form, function(err, config) {
			
 
				         Config.updateConfigCache('crowi', config)
			
--- a/views/admin/app.html
+++ b/views/admin/app.html
@@ -68,7 +68,25 @@
 
				       <legend>セキュリティ設定</legend>
			
 
				 
			
 
				         <div class="form-group">
			
 
				-          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">公開設定</label>
			
 
				+          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">Basic認証</label>
			
 
				+          <div class="col-xs-3">
			
 
				+            <label for="">ID</label>
			
 
				+            <input class="form-control" type="text" name="settingForm[security:basicName]"   value="{{ settingForm['security:basicName']|default('') }}">
			
 
				+          </div>
			
 
				+          <div class="col-xs-3">
			
 
				+            <label for="">パスワード</label>
			
 
				+            <input class="form-control" type="text" name="settingForm[security:basicSecret]" value="{{ settingForm['security:basicSecret']|default('') }}">
			
 
				+          </div>
			
 
				+          <div class="col-xs-offset-3 col-xs-9">
			
 
				+            <p class="help-block">
			
 
				+              Basic認証を設定すると、ページ全体に共通の認証がかかります。<br>
			
 
				+              IDとパスワードは暗号化されずに送信されるのでご注意下さい。<br>
			
 
				+            </p>
			
 
				+          </div>
			
 
				+        </div>
			
 
				+
			
 
				+        <div class="form-group">
			
 
				+          <label for="settingForm[security:registrationMode]" class="col-xs-3 control-label">登録の制限</label>
			
 
				           <div class="col-xs-6">
			
 
				             <select class="form-control" name="settingForm[security:registrationMode]" value="{{ settingForm['security:registrationMode'] }}">
			
 
				               <option value="Open">公開 (だれでも登録可能)</option>
			
@@ -81,7 +99,7 @@
 
				 
			
 
				         <div class="form-group">
			
 
				           <label for="settingForm[security:registrationWhiteList]" class="col-xs-3 control-label">登録許可メールアドレスの<br>ホワイトリスト</label>
			
 
				-          <div class="col-xs-6">
			
 
				+          <div class="col-xs-8">
			
 
				             <textarea class="form-control" type="textarea" name="settingForm[security:registrationWhiteList]" placeholder="例: @crowi.wiki">{{ settingForm['security:registrationWhiteList']|join('\n') }}</textarea>
			
 
				             <p class="help-block">登録可能なメールアドレスを制限することができます。例えば、会社で使う場合、<code>@crowi.wiki</code> などと記載すると、その会社のメールアドレスを持っている人のみ登録可能になります。<br>
			
 
				             1行に1メールアドレス入力してください。</p>