Skip to content

Commit

Permalink
- Bug fix for elasticsearch installation
Browse files Browse the repository at this point in the history
- Made changes to shell scripts which were using 'sudo'
- Added better rbac control and automated permission creation, giving Master all access when you go to the route
- Made some changes for audit issue on command line while running './yii'
- Added RBAC Gui to the menu
- Added RouteAccessControl
- Made better control for Checking user logged in and re-route to login page
- Added some performance enhancements
  • Loading branch information
deadmantfa committed Feb 27, 2021
1 parent b9cd8f8 commit 323e081
Show file tree
Hide file tree
Showing 36 changed files with 1,194 additions and 733 deletions.
6 changes: 5 additions & 1 deletion Vagrantfile
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ domains = {
adminer: 'db.' + options['domain'],
kibana: 'kibana.' + options['domain'],
requirements: 'req.' + options['domain'],
elasticsearch: 'es.' + options['domain'],
websocket: 'ws.' + options['domain']
}

Expand Down Expand Up @@ -72,10 +73,13 @@ Vagrant.configure(2) do |config|
config.hostmanager.include_offline = true
config.hostmanager.aliases = domains.values

# Elasticsearch
config.vm.network "forwarded_port", guest: 9200, host: 9200

# provisioners
config.vm.provision 'shell', path: './vagrant/provision/once-as-root.sh', args: [options['timezone'], options['domain'], options['database'], options['database_test'], options['ip'], domains[:websocket]]
config.vm.provision 'shell', path: './vagrant/provision/once-as-vagrant.sh', args: [options['github_token'], options['email'], options['username'], options['password'], options['role']], privileged: false
config.vm.provision 'shell', path: './vagrant/provision/always-as-root.sh', run: 'always'
# post-install message (vagrant console)
config.vm.post_up_message = "Frontend URL: https://#{domains[:frontend]}\nBackend URL: https://#{domains[:backend]}\nAPI URL: https://#{domains[:api]}\nAdminer URL: https://#{domains[:adminer]}\nKibana URL: https://#{domains[:kibana]}\nWebsocket URL: https://#{domains[:websocket]}\nRequirements URL: https://#{domains[:requirements]}\n\n\nAfter Install run the following on Ubuntu (Linux):\nsudo cp -R vagrant/nginx/ssl/root/*.crt /usr/local/share/ca-certificates/.\nsudo update-ca-certificates\n\n\nFor more information to install CA ROOt Certificates visit:\nhttps://www.bounca.org/tutorials/install_root_certificate.html\n\nYou might need to add the root certificate in Chrome -> Settings -> Manage Certificates -> Authorities -> Import -> Trust Everything"
config.vm.post_up_message = "Frontend URL: https://#{domains[:frontend]}\nBackend URL: https://#{domains[:backend]}\nAPI URL: https://#{domains[:api]}\nAdminer URL: https://#{domains[:adminer]}\nElasticsearch URL: https://#{domains[:elasticsearch]}\nKibana URL: https://#{domains[:kibana]}\nWebsocket URL: https://#{domains[:websocket]}\nRequirements URL: https://#{domains[:requirements]}\n\n\nAfter Install run the following on Ubuntu (Linux):\nsudo cp -R vagrant/nginx/ssl/root/*.crt /usr/local/share/ca-certificates/.\nsudo update-ca-certificates\n\n\nFor more information to install CA ROOt Certificates visit:\nhttps://www.bounca.org/tutorials/install_root_certificate.html\n\nYou might need to add the root certificate in Chrome -> Settings -> Manage Certificates -> Authorities -> Import -> Trust Everything"
end
6 changes: 3 additions & 3 deletions api/tests/_bootstrap.php
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
<?php
defined('YII_DEBUG') or define('YII_DEBUG', true);
defined('YII_ENV') or define('YII_ENV', 'test');
defined('YII_APP_BASE_PATH') or define('YII_APP_BASE_PATH', __DIR__ . '/../../');
defined('YII_DEBUG') || define('YII_DEBUG', true);
defined('YII_ENV') || define('YII_ENV', 'test');
defined('YII_APP_BASE_PATH') || define('YII_APP_BASE_PATH', __DIR__ . '/../../');

require_once YII_APP_BASE_PATH . '/vendor/autoload.php';
require_once YII_APP_BASE_PATH . '/vendor/yiisoft/yii2/Yii.php';
Expand Down
121 changes: 0 additions & 121 deletions api/web/css/site.css

This file was deleted.

1 change: 1 addition & 0 deletions backend/assets/AdminLtePluginAsset.php
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ class AdminLtePluginAsset extends AssetBundle
{
public $sourcePath = '@vendor/almasaeed2010/adminlte/plugins';
public $css = [
'//fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700&display=swap',
'icheck-bootstrap/icheck-bootstrap.min.css',
// more plugin CSS here
];
Expand Down
2 changes: 1 addition & 1 deletion backend/assets/AppAsset.php
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ class AppAsset extends AssetBundle
* @inheritdoc
*/
public $js = [
// 'js/notifications.js',
'//unpkg.com/default-passive-events@2.0.0/dist/index.js'
];

/**
Expand Down
32 changes: 32 additions & 0 deletions backend/components/Controller.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
<?php

namespace backend\components;

use yii\filters\VerbFilter;
use yii\web\Controller as YiiController;
use yii\web\ErrorAction;

class Controller extends YiiController
{
public function actions(): array
{
return [
'error' => [
'class' => ErrorAction::class,
],
];
}


public function behaviors(): array
{
return [
'verbs' => [
'class' => VerbFilter::class,
'actions' => [
'delete' => ['post'],
],
],
];
}
}
22 changes: 22 additions & 0 deletions backend/components/RbacGridView.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
<?php


namespace backend\components;


use kartik\grid\GridView;

class RbacGridView extends GridView
{
/**
* @inheritdoc
* @var string
*/
public $layout = '
{items}
<div class="row">
<div class="col-md-6">{summary}</div>
<div class="col-md-6 text-right">{pager}</div>
</div>';

}
91 changes: 78 additions & 13 deletions backend/config/main.php
Original file line number Diff line number Diff line change
@@ -1,13 +1,24 @@
<?php

use bedezign\yii2\audit\Audit;
use bedezign\yii2\audit\components\web\ErrorHandler;
use common\components\RouteAccessControl;
use common\models\User;
use Da\User\Contracts\MailChangeStrategyInterface;
use mirocow\elasticsearch\log\ElasticsearchTarget;
use Da\User\Controller\SecurityController;
use Da\User\Event\FormEvent;
use Da\User\Event\UserEvent;
use Da\User\Module as UserModule;
use justcoded\yii2\rbac\widgets\RbacActiveForm;
use justcoded\yii2\rbac\widgets\RbacGridView;
use kartik\grid\Module as GridModule;
use webzop\notifications\channels\ScreenChannel;
use webzop\notifications\channels\WebChannel;
use webzop\notifications\Module as NotificationModule;
use yii\bootstrap4\ActiveForm;
use yii\helpers\Url;
use yii\web\JsonParser;
use yii\web\MultipartFormDataParser;

$params = array_merge(
require __DIR__ . '/../../common/config/params.php',
Expand All @@ -21,9 +32,10 @@
'basePath' => dirname(__DIR__),
'bootstrap' => ['log'],
'controllerNamespace' => 'backend\controllers',
'defaultRoute' => '/user/security/login',
'modules' => [
'user' => [
'class' => Da\User\Module::class,
'class' => UserModule::class,
'maxPasswordAge' => 30,
'emailChangeStrategy' => MailChangeStrategyInterface::TYPE_SECURE,
'administrators' => ['deadmantfa'],
Expand All @@ -35,9 +47,37 @@
'classMap' => [
'User' => User::class,
],
'controllerMap' => [
'security' => [
'class' => SecurityController::class,
'on ' . UserEvent::EVENT_AFTER_LOGOUT => static function () {
Yii::$app->layout = 'main-login';
Yii::$app->setHomeUrl(Url::to(['/user/login']));
},
'on ' . FormEvent::EVENT_AFTER_LOGIN => static function () {
Yii::$app->layout = 'main';
Yii::$app->setHomeUrl(Url::to(['/site/index']));
},
],
],
'mailParams' => [
'fromEmail' => static function () {
return [Yii::$app->params['senderEmail'] => Yii::$app->params['senderName']];
}
],
],
'audit' => [
'layout' => '@backend/views/layouts/main',
'class' => Audit::class,
'layout' => '@app/views/layouts/main.php',
'accessRoles' => ['Master']
],
'gridview' => [
'class' => GridModule::class
// enter optional module parameters below - only if you need to
// use your own export download action or custom translation
// message source
// 'downloadAction' => 'gridview/export/download',
// 'i18n' => []
],
'notifications' => [
'class' => NotificationModule::class,
Expand Down Expand Up @@ -74,23 +114,20 @@
],
],
'components' => [
'assetManager' => [
'linkAssets' => true,
],
'request' => [
'csrfParam' => '_csrf-backend',
'parsers' => [
'application/json' => JsonParser::class,
'multipart/form-data' => MultipartFormDataParser::class
],
],
'session' => [
// this is the name of the session cookie used for login on the backend
'name' => 'advanced-backend',
],
'log' => [
'targets' => [
[
'class' => ElasticsearchTarget::class,
'levels' => ['error', 'warning'],
'index' => 'yii-log',
'type' => 'backend',
],
],
],
'errorHandler' => [
'class' => ErrorHandler::class,
'errorAction' => 'site/error',
Expand All @@ -116,5 +153,33 @@
]
]
],
'container' => [
'definitions' => [
RbacGridView::class => [
'class' => RbacGridView::class,
],
RbacActiveForm::class => [
'class' => ActiveForm::class,
],
],
],
'as routeAccess' => [
'class' => RouteAccessControl::class,
'allowActions' => [
'user/login',
'user/security/login',
'user/registration/resend',
],
'autoCreatePermissions' => true
],

'on beforeRequest' => static function () {
Yii::$app->layout = Yii::$app->user->isGuest ?
'@app/views/layouts/main-login.php' : // or just use 'GuestUser' and
'@app/views/layouts/main.php';
Yii::$app->setHomeUrl(Yii::$app->user->isGuest ?
Url::to('/user/login') : // or just use 'GuestUser' and
Url::to('/site/index'));
},
'params' => $params,
];
1 change: 1 addition & 0 deletions backend/config/params.php
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
<?php
return [
'adminEmail' => 'admin@example.com',
'bsVersion' => '4.x',
];
Loading

0 comments on commit 323e081

Please sign in to comment.