This commit is contained in:
the-djmaze 2023-04-18 09:45:03 +02:00
parent c7cc250b1e
commit ad07c5b472
2 changed files with 16 additions and 12 deletions

View file

@ -35,13 +35,18 @@ class SnappyMailHelper
{
static::loadApp();
$oConfig = \RainLoop\Api::Config();
if (false !== \stripos(\php_sapi_name(), 'cli')) {
return;
}
try {
$oActions = \RainLoop\Api::Actions();
$oConfig = \RainLoop\Api::Config();
if (isset($_GET[$oConfig->Get('security', 'admin_panel_key', 'admin')])) {
if ($oConfig->Get('security', 'allow_admin_panel', true)
&& \OC_User::isAdminUser(\OC::$server->getUserSession()->getUser()->getUID())
&& !$oActions->IsAdminLoggined(false)
&& \OC_User::isAdminUser(\OC::$server->getUserSession()->getUser()->getUID())
&& !$oActions->IsAdminLoggined(false)
) {
$sRand = \MailSo\Base\Utils::Sha1Rand();
if ($oActions->Cacher(null, true)->Set(\RainLoop\KeyPathHelper::SessionAdminKey($sRand), \time())) {
@ -88,16 +93,16 @@ class SnappyMailHelper
}
}
}
if ($handle) {
\header_remove('Content-Security-Policy');
\RainLoop\Service::Handle();
// https://github.com/the-djmaze/snappymail/issues/1069
exit;
}
} catch (\Throwable $e) {
// Ignore login failure
}
if ($handle) {
\header_remove('Content-Security-Policy');
\RainLoop\Service::Handle();
// https://github.com/the-djmaze/snappymail/issues/1069
exit;
}
}
public static function getLoginCredentials() : array

View file

@ -11,8 +11,7 @@ abstract class Service
{
static $bOne = null;
if (null === $bOne) {
$bOne = false === \stripos(\php_sapi_name(), 'cli')
&& static::RunResult();
$bOne = static::RunResult();
}
return $bOne;