Possible to see ldap status page by accessing secret url

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1255 44740490-163a-0410-bde0-09ae8108e29a

Possible to see ldap status page by accessing secret url
2835d833 · Andreas Åkre Solberg · 5caf0150 · 2835d833 · 2835d833
Commit 2835d833 authored 16 years ago by Andreas Åkre Solberg
--- a/modules/ldapstatus/templates/ldapsinglehost.php
+++ b/modules/ldapstatus/templates/ldapsinglehost.php
@@ -62,6 +62,15 @@ foreach ($this->data['res'] AS $tag => $res) {
 #	echo ('failed: ' . $tag . '[' . $res[0] . ']'); }
 }

+if (array_key_exists('secretURL', $this->data)) {
+	
+	echo('<p>This page can be accessed by this secret URL:<br />');
+	echo('<pre  style="border: 1px solid #aaa; background: yellow; padding: .4em; margin: .2em;">');
+	echo(htmlentities($this->data['secretURL']));
+	echo('</pre></p>');
+	
+}
+
 echo('<p>Status:</p>');
 if ($ok) {
 	echo('<div class="inbox" style="border: 1px solid #aaa; background: yellow; padding: .4em; margin: .2em;">');

--- a/modules/ldapstatus/www/index.php
+++ b/modules/ldapstatus/www/index.php
@@ -4,13 +4,41 @@
 $config = SimpleSAML_Configuration::getInstance();
 $session = SimpleSAML_Session::getInstance();

-if (!$session->isValid('login-admin') ) {
-	SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
-		array('RelayState' => SimpleSAML_Utilities::selfURL())
+$isAdmin = FALSE;
+$secretURL = NULL;
+if (array_key_exists('orgtest', $_REQUEST)) {
+	$secretKey = sha1('ldapstatus|' . $config->getValue('secret') . '|' . $_REQUEST['orgtest']);
+	$secretURL = SimpleSAML_Utilities::addURLparameter(
+		SimpleSAML_Utilities::selfURLNoQuery(), array(
+			'orgtest' => $_REQUEST['orgtest'],
+			'key' => $secretKey,
+		)
 	);
+	if (array_key_exists('key', $_REQUEST) && $_REQUEST['key'] == $secretKey ) {
+		// OK Access
+	} else {
+		if (!$session->isValid('login-admin') ) {
+			SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
+				array('RelayState' => SimpleSAML_Utilities::selfURL())
+			);
+		}
+		$isAdmin = TRUE;
+	}
+
+} else {
+
+	// Require admin access to overview page...
+	if (!$session->isValid('login-admin') ) {
+		SimpleSAML_Utilities::redirect('/' . $config->getBaseURL() . 'auth/login-admin.php',
+			array('RelayState' => SimpleSAML_Utilities::selfURL())
+		);
+	}
+	$isAdmin = TRUE;
+
 }


+
 function backtrace() {
 	return join(' - ', debug_backtrace());
 }
@@ -95,6 +123,7 @@ if (array_key_exists('orgtest', $_REQUEST)) {
 	
 	$t->data['res'] = $res;
 	$t->data['org'] = $orgs[$_REQUEST['orgtest']];
+	if ($isAdmin) $t->data['secretURL'] = $secretURL;
 	$t->show();
 	exit;