From 88582df4967fd7664cd47e3e70d3550970db3552 Mon Sep 17 00:00:00 2001 From: skodak Date: Thu, 29 Jan 2009 22:54:41 +0000 Subject: [PATCH] MDL-17458 refactored guest and admin user creation + refactored roles install + added protection for installation hijacking + added reliable session test right before editting of admin account --- admin/index.php | 47 +++++++++++++++++++----- index.php | 2 +- lang/en_utf8/admin.php | 2 ++ lib/accesslib.php | 65 --------------------------------- lib/adminlib.php | 50 -------------------------- lib/db/install.php | 81 ++++++++++++++++++++++++++++++++++++++++-- lib/moodlelib.php | 27 -------------- 7 files changed, 121 insertions(+), 153 deletions(-) diff --git a/admin/index.php b/admin/index.php index 1e9c4f25c0..6c2203bc94 100644 --- a/admin/index.php +++ b/admin/index.php @@ -326,25 +326,56 @@ require_once("$CFG->dirroot/lib/locallib.php"); upgrade_local_db(); // Return here afterwards +/// indicate that this site is fully configured except the admin password + if (empty($CFG->rolesactive)) { + set_config('rolesactive', 1); + set_config('adminsetuppending', 1); + // we neeed this redirect to setup proper session + upgrade_finished("index.php?sessionstarted=1&lang=$CFG->lang"); + } + /// make sure admin user is created - this is the last step because we need /// session to be working properly in order to edit admin account - if (empty($CFG->rolesactive)) { + if (!empty($CFG->adminsetuppending)) { $sessionstarted = optional_param('sessionstarted', 0, PARAM_BOOL); if (!$sessionstarted) { - // we neeed this redirect to setup proper session - upgrade_finished("index.php?sessionstarted=1&lang=$CFG->lang"); + redirect("index.php?sessionstarted=1&lang=$CFG->lang"); + } else { + $sessionverify = optional_param('sessionverify', 0, PARAM_BOOL); + if (!$sessionverify) { + $SESSION->sessionverify = 1; + redirect("index.php?sessionstarted=1&sessionverify=1&lang=$CFG->lang"); + } else { + if (empty($SESSION->sessionverify)) { + print_error('installsessionerror', 'admin', "index.php?sessionstarted=1&lang=$CFG->lang"); + } + unset($SESSION->sessionverify); + } + } + + $adminuser = get_complete_user_data('username', 'admin'); + + if ($adminuser->password === 'adminsetuppending') { + // prevent installation hijacking + if ($adminuser->lastip !== getremoteaddr()) { + print_error('installhijacked', 'admin'); + } + // login user and let him set password and admin details + $adminuser->newadminuser = 1; + message_set_default_message_preferences($adminuser); + complete_user_login($adminuser, false); + redirect("$CFG->wwwroot/user/editadvanced.php?id=$adminuser->id"); // Edit thyself + + } else { + unset_config('adminsetuppending'); } - $adminuser = create_admin_user(); - $adminuser->newadminuser = 1; - complete_user_login($adminuser, false); - redirect("$CFG->wwwroot/user/editadvanced.php?id=$adminuser->id"); // Edit thyself } else { /// just make sure upgrade logging is properly terminated upgrade_finished('upgradesettings.php'); } - // Turn xmlstrictheaders back on now. +// Turn xmlstrictheaders back on now. $CFG->xmlstrictheaders = $origxmlstrictheaders; unset($origxmlstrictheaders); diff --git a/index.php b/index.php index dec4d08f77..f06d7d9470 100644 --- a/index.php +++ b/index.php @@ -47,7 +47,7 @@ define('BLOCK_R_MAX_WIDTH', $rmax); // check if major upgrade needed - also present in login/index.php - if (empty($CFG->version) or (int)$CFG->version < 2009011900) { //1.9 or older + if (empty($CFG->version) or (int)$CFG->version < 2009011900 or !empty($CFG->adminsetuppending)) { //1.9 or older @require_logout(); redirect("$CFG->wwwroot/$CFG->admin/"); } diff --git a/lang/en_utf8/admin.php b/lang/en_utf8/admin.php index 8ae5833d2c..a33f63afdb 100644 --- a/lang/en_utf8/admin.php +++ b/lang/en_utf8/admin.php @@ -458,7 +458,9 @@ $string['importtimezonesfailed'] = 'No sources found! (Bad news)'; $string['includemoduleuserdata'] = 'Include module user data'; $string['incompatibleblocks'] = 'Incompatible blocks'; $string['install'] = 'Install selected language pack'; +$string['installhijacked'] = 'Installation must be finished from the origianl IP address, sorry.'; $string['installedlangs'] = 'Installed language packs'; +$string['installsessionerror'] = 'Can not initialise PHP session, please verify that your browser accepts cookies.'; $string['intcachemax'] = 'Int. cache max'; $string['invalidsection'] = 'Invalid section.'; $string['invaliduserchangeme'] = 'Username \"changeme\" is reserved -- you cannot create an account with it.'; diff --git a/lib/accesslib.php b/lib/accesslib.php index 11fb043adf..f0b765ae84 100755 --- a/lib/accesslib.php +++ b/lib/accesslib.php @@ -1823,71 +1823,6 @@ function check_enrolment_plugins(&$user) { unset($inprogress[$user->id]); // Unset the flag } -/** - * Installs the roles system. - * This function runs on a fresh install only now - */ -function moodle_install_roles() { - global $DB; -/// Create a system wide context for assignemnt. - $systemcontext = $context = get_context_instance(CONTEXT_SYSTEM); - -/// Create default/legacy roles and capabilities. -/// (1 legacy capability per legacy role at system level). - - $adminrole = create_role(get_string('administrator'), 'admin', - get_string('administratordescription'), 'moodle/legacy:admin'); - $coursecreatorrole = create_role(get_string('coursecreators'), 'coursecreator', - get_string('coursecreatorsdescription'), 'moodle/legacy:coursecreator'); - $editteacherrole = create_role(get_string('defaultcourseteacher'), 'editingteacher', - get_string('defaultcourseteacherdescription'), 'moodle/legacy:editingteacher'); - $noneditteacherrole = create_role(get_string('noneditingteacher'), 'teacher', - get_string('noneditingteacherdescription'), 'moodle/legacy:teacher'); - $studentrole = create_role(get_string('defaultcoursestudent'), 'student', - get_string('defaultcoursestudentdescription'), 'moodle/legacy:student'); - $guestrole = create_role(get_string('guest'), 'guest', - get_string('guestdescription'), 'moodle/legacy:guest'); - $userrole = create_role(get_string('authenticateduser'), 'user', - get_string('authenticateduserdescription'), 'moodle/legacy:user'); - -/// Now is the correct moment to install capabilities - after creation of legacy roles, but before assigning of roles - $systemcontext = get_context_instance(CONTEXT_SYSTEM); - if (!assign_capability('moodle/site:doanything', CAP_ALLOW, $adminrole, $systemcontext->id)) { - print_error('cannotassignanthing'); - } - update_capabilities('moodle'); - -/// Upgrade guest (only 1 entry). - if ($guestuser = $DB->get_record('user', array('username'=>'guest'))) { - role_assign($guestrole, $guestuser->id, 0, $systemcontext->id); - } - -/// Insert the correct records for legacy roles - allow_assign($coursecreatorrole, $noneditteacherrole); - allow_assign($coursecreatorrole, $editteacherrole); - allow_assign($coursecreatorrole, $studentrole); - allow_assign($coursecreatorrole, $guestrole); - - allow_assign($editteacherrole, $noneditteacherrole); - allow_assign($editteacherrole, $studentrole); - allow_assign($editteacherrole, $guestrole); - -/// Set up default allow override matrix - //See MDL-15841 TODO FOR MOODLE 2.0 XXX - //allow_override($editteacherrole, $noneditteacherrole); - //allow_override($editteacherrole, $studentrole); - //allow_override($editteacherrole, $guestrole); - -/// Set up the context levels where you can assign each role. - set_role_contextlevels($adminrole, get_default_contextlevels('admin')); - set_role_contextlevels($coursecreatorrole, get_default_contextlevels('coursecreator')); - set_role_contextlevels($editteacherrole, get_default_contextlevels('editingteacher')); - set_role_contextlevels($noneditteacherrole, get_default_contextlevels('teacher')); - set_role_contextlevels($studentrole, get_default_contextlevels('student')); - set_role_contextlevels($guestrole, get_default_contextlevels('guest')); - set_role_contextlevels($userrole, get_default_contextlevels('user')); -} - /** * Returns array of all legacy roles. */ diff --git a/lib/adminlib.php b/lib/adminlib.php index 7705a2dd86..43f8d42c54 100644 --- a/lib/adminlib.php +++ b/lib/adminlib.php @@ -230,56 +230,6 @@ function set_cron_lock($name, $until, $ignorecurrent=false) { return true; } -function create_admin_user($user_input=NULL) { - global $CFG, $DB; - - $user = new object(); - $user->auth = 'manual'; - $user->firstname = get_string('admin'); - $user->lastname = get_string('user'); - $user->username = 'admin'; - $user->password = hash_internal_user_password('admin'); - $user->email = 'root@localhost'; - $user->confirmed = 1; - $user->mnethostid = $CFG->mnet_localhost_id; - $user->lang = $CFG->lang; - $user->maildisplay = 1; - $user->timemodified = time(); - - if ($user_input) { // do we want to override any defaults? - foreach ($user_input as $key=>$value) { - $user->$key = $value; - } - } - $user->id = $DB->insert_record('user', $user); - - if (!$user = $DB->get_record('user', array('id'=>$user->id))) { // Double check. - print_error('invaliduserid'); - } - - // Assign the default admin roles to the new user. - if (!$adminroles = get_roles_with_capability('moodle/legacy:admin', CAP_ALLOW)) { - print_error('noadminrole', 'message'); - } - - $systemcontext = get_context_instance(CONTEXT_SYSTEM); - foreach ($adminroles as $adminrole) { - role_assign($adminrole->id, $user->id, 0, $systemcontext->id); - } - - //set default message preferences - if (!message_set_default_message_preferences($user)){ - print_error('cannotsavemessageprefs', 'message'); - } - - $user = get_complete_user_data('username', 'admin'); - - // indicate that this site is fully configured - set_config('rolesactive', 1); - - return $user; -} - /** * Test if and critical warnings are present * @return bool diff --git a/lib/db/install.php b/lib/db/install.php index 270d37c275..81f4ca4b24 100644 --- a/lib/db/install.php +++ b/lib/db/install.php @@ -105,6 +105,7 @@ function xmldb_main_install() { $mnet_app->sso_jump_url = '/auth/xmlrpc/jump.php'; $DB->insert_record('mnet_application', $mnet_app); + /// insert log entries - replaces statements section in install.xml update_log_display_entry('user', 'view', 'user', 'CONCAT(firstname,\' \',lastname)'); update_log_display_entry('course', 'user report', 'user', 'CONCAT(firstname,\' \',lastname)'); @@ -127,9 +128,85 @@ function xmldb_main_install() { /// Create guest record - create_guest_record(); + $guest = new object(); + $guest->auth = 'manual'; + $guest->username = 'guest'; + $guest->password = hash_internal_user_password('guest'); + $guest->firstname = get_string('guestuser'); + $guest->lastname = ' '; + $guest->email = 'root@localhost'; + $guest->description = get_string('guestuserinfo'); + $guest->mnethostid = $CFG->mnet_localhost_id; + $guest->confirmed = 1; + $guest->lang = $CFG->lang; + $guest->timemodified= time(); + $guest->id = $DB->insert_record('user', $guest); + + +/// Now create admin user + $admin = new object(); + $admin->auth = 'manual'; + $admin->firstname = get_string('admin'); + $admin->lastname = get_string('user'); + $admin->username = 'admin'; + $admin->password = 'adminsetuppending'; + $admin->email = 'root@localhost'; + $admin->confirmed = 1; + $admin->mnethostid = $CFG->mnet_localhost_id; + $admin->lang = $CFG->lang; + $admin->maildisplay = 1; + $admin->timemodified = time(); + $admin->lastip = getremoteaddr(); // installation hijacking prevention + $admin->id = $DB->insert_record('user', $admin); + /// Install the roles system. - moodle_install_roles(); + $adminrole = create_role(get_string('administrator'), 'admin', + get_string('administratordescription'), 'moodle/legacy:admin'); + $coursecreatorrole = create_role(get_string('coursecreators'), 'coursecreator', + get_string('coursecreatorsdescription'), 'moodle/legacy:coursecreator'); + $editteacherrole = create_role(get_string('defaultcourseteacher'), 'editingteacher', + get_string('defaultcourseteacherdescription'), 'moodle/legacy:editingteacher'); + $noneditteacherrole = create_role(get_string('noneditingteacher'), 'teacher', + get_string('noneditingteacherdescription'), 'moodle/legacy:teacher'); + $studentrole = create_role(get_string('defaultcoursestudent'), 'student', + get_string('defaultcoursestudentdescription'), 'moodle/legacy:student'); + $guestrole = create_role(get_string('guest'), 'guest', + get_string('guestdescription'), 'moodle/legacy:guest'); + $userrole = create_role(get_string('authenticateduser'), 'user', + get_string('authenticateduserdescription'), 'moodle/legacy:user'); + + /// Now is the correct moment to install capabilities - after creation of legacy roles, but before assigning of roles + assign_capability('moodle/site:doanything', CAP_ALLOW, $adminrole, $syscontext->id); + update_capabilities('moodle'); + + /// assign default roles + role_assign($guestrole, $guest->id, 0, $syscontext->id); + role_assign($adminrole, $admin->id, 0, $syscontext->id); + + /// Insert the correct records for legacy roles + allow_assign($coursecreatorrole, $noneditteacherrole); + allow_assign($coursecreatorrole, $editteacherrole); + allow_assign($coursecreatorrole, $studentrole); + allow_assign($coursecreatorrole, $guestrole); + + allow_assign($editteacherrole, $noneditteacherrole); + allow_assign($editteacherrole, $studentrole); + allow_assign($editteacherrole, $guestrole); + + /// Set up default allow override matrix + //See MDL-15841 TODO FOR MOODLE 2.0 XXX + //allow_override($editteacherrole, $noneditteacherrole); + //allow_override($editteacherrole, $studentrole); + //allow_override($editteacherrole, $guestrole); + + /// Set up the context levels where you can assign each role. + set_role_contextlevels($adminrole, get_default_contextlevels('admin')); + set_role_contextlevels($coursecreatorrole, get_default_contextlevels('coursecreator')); + set_role_contextlevels($editteacherrole, get_default_contextlevels('editingteacher')); + set_role_contextlevels($noneditteacherrole, get_default_contextlevels('teacher')); + set_role_contextlevels($studentrole, get_default_contextlevels('student')); + set_role_contextlevels($guestrole, get_default_contextlevels('guest')); + set_role_contextlevels($userrole, get_default_contextlevels('user')); } \ No newline at end of file diff --git a/lib/moodlelib.php b/lib/moodlelib.php index c8928a26a2..2bff0679eb 100644 --- a/lib/moodlelib.php +++ b/lib/moodlelib.php @@ -2813,33 +2813,6 @@ function get_user_fieldnames() { return $fieldarray; } -/** - * Creates the default "guest" user. Used both from - * admin/index.php and login/index.php - * @return mixed user object created or boolean false if the creation has failed - */ -function create_guest_record() { - global $CFG, $DB; - - $guest = new object(); - $guest->auth = 'manual'; - $guest->username = 'guest'; - $guest->password = hash_internal_user_password('guest'); - $guest->firstname = get_string('guestuser'); - $guest->lastname = ' '; - $guest->email = 'root@localhost'; - $guest->description = get_string('guestuserinfo'); - $guest->mnethostid = $CFG->mnet_localhost_id; - $guest->confirmed = 1; - $guest->lang = $CFG->lang; - $guest->timemodified= time(); - - $id = $DB->insert_record('user', $guest); - $guest = $DB->get_record('user', array('id'=>$id)); - - return $guest; -} - /** * Creates a bare-bones user record * -- 2.39.5