From 764a5a809b1eeb987c6d0ad7f7d11800f2532f29 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Sun, 7 Oct 2018 12:23:59 +0200
Subject: [PATCH] Add logoff button for admin-interface

---
 lib/SimpleSAML/Utils/Auth.php                 | 20 +++++++++++++++++++
 .../dictionaries/frontpage.definition.json    |  3 +++
 .../dictionaries/frontpage.translation.json   |  4 ++++
 modules/core/locales/en/LC_MESSAGES/core.po   |  3 +++
 modules/core/locales/nl/LC_MESSAGES/core.po   |  3 +++
 modules/core/templates/_frontpage_menu.twig   |  1 +
 modules/core/www/frontpage_auth.php           |  2 ++
 modules/core/www/frontpage_config.php         |  3 ++-
 modules/core/www/frontpage_federation.php     |  3 ++-
 modules/core/www/frontpage_welcome.php        |  2 ++
 templates/index.twig                          |  1 +
 www/admin/index.php                           |  4 +++-
 12 files changed, 46 insertions(+), 3 deletions(-)

diff --git a/lib/SimpleSAML/Utils/Auth.php b/lib/SimpleSAML/Utils/Auth.php
index ad6c4df4b..93dd52922 100644
--- a/lib/SimpleSAML/Utils/Auth.php
+++ b/lib/SimpleSAML/Utils/Auth.php
@@ -31,6 +31,26 @@ class Auth
         return Module::getModuleURL('core/login-admin.php', array('ReturnTo' => $returnTo));
     }
 
+
+    /**
+     * Retrieve a admin logout URL.
+     *
+     * @param string|NULL $returnTo The URL the user should arrive on after admin authentication. Defaults to null.
+     *
+     * @return string A URL which can be used for logging out.
+     * @throws \InvalidArgumentException If $returnTo is neither a string nor null.
+     */
+    public static function getAdminLogoutURL($returnTo = null)
+    {
+        if (!(is_string($returnTo) || is_null($returnTo))) {
+            throw new \InvalidArgumentException('Invalid input parameters.');
+        }
+
+        $as = new \SimpleSAML\Auth\Simple('admin');
+        return $as->getLogoutURL($returnTo = null);
+    }
+
+
     /**
      * Check whether the current user is admin.
      *
diff --git a/modules/core/dictionaries/frontpage.definition.json b/modules/core/dictionaries/frontpage.definition.json
index 582cbeeb1..bb5b229a8 100644
--- a/modules/core/dictionaries/frontpage.definition.json
+++ b/modules/core/dictionaries/frontpage.definition.json
@@ -131,6 +131,9 @@
 	"loggedin_as_admin": {
 		"en": "You are logged in as administrator"
 	},
+	"logout": {
+		"en": "Logout"
+	},
 	"auth": {
 		"en": "Authentication"
 	},
diff --git a/modules/core/dictionaries/frontpage.translation.json b/modules/core/dictionaries/frontpage.translation.json
index 407776d91..0cb5eed17 100644
--- a/modules/core/dictionaries/frontpage.translation.json
+++ b/modules/core/dictionaries/frontpage.translation.json
@@ -1355,6 +1355,10 @@
 		"ro": "V-a\u021bi autentificat ca administrator",
 		"el": "\u03a3\u03c5\u03bd\u03b4\u03b5\u03b4\u03b5\u03bc\u03ad\u03bd\u03bf\u03c2 \u03c9\u03c2 \u03b4\u03b9\u03b1\u03c7\u03b5\u03b9\u03c1\u03b9\u03c3\u03c4\u03ae\u03c2"
 	},
+	"logout": {
+		"en": "Logout",
+		"nl": "Uitloggen"
+	},
 	"auth": {
 		"no": "Autentisering",
 		"sv": "Autentisering",
diff --git a/modules/core/locales/en/LC_MESSAGES/core.po b/modules/core/locales/en/LC_MESSAGES/core.po
index 38593a5ec..470d08a3d 100644
--- a/modules/core/locales/en/LC_MESSAGES/core.po
+++ b/modules/core/locales/en/LC_MESSAGES/core.po
@@ -166,6 +166,9 @@ msgstr "You are logged in as administrator"
 msgid "{core:frontpage:auth}"
 msgstr "Authentication"
 
+msgid "{core:frontpage:logout}"
+msgstr "Logout"
+
 msgid "{core:no_metadata:suggestion_user_link}"
 msgstr ""
 "If you are an user who received this error after following a link on a "
diff --git a/modules/core/locales/nl/LC_MESSAGES/core.po b/modules/core/locales/nl/LC_MESSAGES/core.po
index 95f5aa885..d6404e871 100644
--- a/modules/core/locales/nl/LC_MESSAGES/core.po
+++ b/modules/core/locales/nl/LC_MESSAGES/core.po
@@ -36,6 +36,9 @@ msgstr "Suggesties om dit probleem op te lossen:"
 msgid "{core:frontpage:login_as_admin}"
 msgstr "Login als beheerder"
 
+msgid "{core:frontpage:logout}"
+msgstr "Uitloggen"
+
 msgid "{core:short_sso_interval:warning}"
 msgstr ""
 "We hebben waargenomen dat u slechts een paar seconden geleden al "
diff --git a/modules/core/templates/_frontpage_menu.twig b/modules/core/templates/_frontpage_menu.twig
index d19592356..d177ba56a 100644
--- a/modules/core/templates/_frontpage_menu.twig
+++ b/modules/core/templates/_frontpage_menu.twig
@@ -20,6 +20,7 @@
     <div class="pure-u-1-3">
     {% if isadmin %}
         <p class="float-r youareadmin">{{ '{core:frontpage:loggedin_as_admin}'|trans }}</p>
+        <a href="{{ logouturl }}">{{ '{core:frontpage:logout}'|trans }}</a>
     {% else %}
         <p class="float-r youareadmin">
             <a href="{{ loginurl }}">{{ '{core:frontpage:login_as_admin}'|trans }}</a>
diff --git a/modules/core/www/frontpage_auth.php b/modules/core/www/frontpage_auth.php
index 3a89257de..804f3cd6f 100644
--- a/modules/core/www/frontpage_auth.php
+++ b/modules/core/www/frontpage_auth.php
@@ -10,6 +10,7 @@ if ($config->getBoolean('admin.protectindexpage', false)) {
 }
 $loginurl = \SimpleSAML\Utils\Auth::getAdminLoginURL();
 $isadmin = \SimpleSAML\Utils\Auth::isAdmin();
+$logouturl = \SimpleSAML\Utils\Auth::getAdminLogoutURL();
 
 $links = array();
 $links_welcome = array();
@@ -35,6 +36,7 @@ $t = new \SimpleSAML\XHTML\Template($config, 'core:frontpage_auth.tpl.php');
 $t->data['pageid'] = 'frontpage_auth';
 $t->data['isadmin'] = $isadmin;
 $t->data['loginurl'] = $loginurl;
+$t->data['logouturl'] = $logouturl;
 
 $t->data['header'] = $t->getTranslator()->t('{core:frontpage:page_title}');
 $t->data['links'] = $links;
diff --git a/modules/core/www/frontpage_config.php b/modules/core/www/frontpage_config.php
index 273a821a6..ae7a7d6ba 100644
--- a/modules/core/www/frontpage_config.php
+++ b/modules/core/www/frontpage_config.php
@@ -10,7 +10,7 @@ if ($config->getBoolean('admin.protectindexpage', false)) {
 }
 $loginurl = \SimpleSAML\Utils\Auth::getAdminLoginURL();
 $isadmin = \SimpleSAML\Utils\Auth::isAdmin();
-
+$logouturl = \SimpleSAML\Utils\Auth::getAdminLogoutURL();
 
 $warnings = array();
 
@@ -168,6 +168,7 @@ $t->data['pageid'] = 'frontpage_config';
 $t->data['header'] = $translator->t('{core:frontpage:page_title}');
 $t->data['isadmin'] = $isadmin;
 $t->data['loginurl'] = $loginurl;
+$t->data['logouturl'] = $logouturl;
 
 foreach ($warnings as &$warning) {
     if (is_array($warning)) {
diff --git a/modules/core/www/frontpage_federation.php b/modules/core/www/frontpage_federation.php
index 3ab034ecf..74d5bbb5d 100644
--- a/modules/core/www/frontpage_federation.php
+++ b/modules/core/www/frontpage_federation.php
@@ -8,6 +8,7 @@ $session = \SimpleSAML\Session::getSessionFromRequest();
 if ($config->getBoolean('admin.protectindexpage', false)) {
     \SimpleSAML\Utils\Auth::requireAdmin();
 }
+$logouturl = \SimpleSAML\Utils\Auth::getAdminLogoutURL();
 $loginurl = \SimpleSAML\Utils\Auth::getAdminLoginURL();
 $isadmin = \SimpleSAML\Utils\Auth::isAdmin();
 
@@ -158,7 +159,7 @@ $mtype = array(
 $t->data['pageid'] = 'frontpage_federation';
 $t->data['isadmin'] = $isadmin;
 $t->data['loginurl'] = $loginurl;
-
+$t->data['logouturl'] = $logouturl;
 
 $t->data['links'] = $links;
 $t->data['links_welcome'] = $links_welcome;
diff --git a/modules/core/www/frontpage_welcome.php b/modules/core/www/frontpage_welcome.php
index 46a3c0bc5..9650fb372 100644
--- a/modules/core/www/frontpage_welcome.php
+++ b/modules/core/www/frontpage_welcome.php
@@ -8,6 +8,7 @@ $session = \SimpleSAML\Session::getSessionFromRequest();
 if ($config->getBoolean('admin.protectindexpage', false)) {
     SimpleSAML\Utils\Auth::requireAdmin();
 }
+$logouturl = \SimpleSAML\Utils\Auth::getAdminLogoutURL();
 $loginurl = \SimpleSAML\Utils\Auth::getAdminLoginURL();
 $isadmin = \SimpleSAML\Utils\Auth::isAdmin();
 
@@ -36,6 +37,7 @@ $t = new \SimpleSAML\XHTML\Template($config, 'core:frontpage_welcome.tpl.php');
 $t->data['pageid'] = 'frontpage_welcome';
 $t->data['isadmin'] = $isadmin;
 $t->data['loginurl'] = $loginurl;
+$t->data['logouturl'] = $logouturl;
 
 $t->data['links'] = $links;
 $t->data['links_welcome'] = $links_welcome;
diff --git a/templates/index.twig b/templates/index.twig
index e472da799..e80a9ad70 100644
--- a/templates/index.twig
+++ b/templates/index.twig
@@ -6,6 +6,7 @@
             <li class="ui-state-default ui-corner-top"><a href="/{{ baseurlpath }}module.php/core/frontpage_auth.php">Authentication</a></li>
             <li class="ui-state-default ui-corner-top"><a href="/{{ baseurlpath }}module.php/core/frontpage_federation.php">Federation</a></li>
         </ul>
+        <a class='float-r' href='{{ logouturl }}'>{{ '{core:frontpage:logout}'|trans }}</a>
         <div id="portalcontent" class="ui-tabs-panel ui-widget-content ui-corner-bottom">
 
         <div style="clear: both" class="enablebox mini">
diff --git a/www/admin/index.php b/www/admin/index.php
index 28bec413b..ca17976f2 100644
--- a/www/admin/index.php
+++ b/www/admin/index.php
@@ -16,12 +16,14 @@ $adminpages = array(
     'sandbox.php' => 'Sandbox for testing changes to layout and css',
 );
 
+$logouturl = \SimpleSAML\Utils\Auth::getAdminLogoutURL();
+
 $template = new \SimpleSAML\XHTML\Template($config, 'index.php');
 
 $template->data['pagetitle'] = 'Admin';
 $template->data['adminpages'] = $adminpages;
 $template->data['remaining']  = $session->getAuthData('admin', 'Expire') - time();
 $template->data['valid'] = 'na';
-$template->data['logout'] = null;
+$template->data['logouturl'] = $logouturl;
 
 $template->show();
-- 
GitLab