Check permissions on config files, fixes #837

- red warning on the settings page if the config.php file is not writeable - failed changes in settings due to the config.php file not being writeable logged
2016-01-12 10:44:06 +01:00 · 2016-01-12 10:44:06 +01:00 · 1caebfe1a0
parent 710828d397
commit 1caebfe1a0
2 changed files with 19 additions and 1 deletions
--- a/app/Controller/ServersController.php
+++ b/app/Controller/ServersController.php
@ -791,6 +791,21 @@ class ServersController extends AppController {
 		if ($this->request->is('post')) {
 			$this->autoRender = false;
 			$this->loadModel('Log');
+			if (!is_writeable(APP . 'Config/config.php')) {
+				$this->Log->create();
+				$result = $this->Log->save(array(
+						'org' => $this->Auth->user('Organisation')['name'],
+						'model' => 'Server',
+						'model_id' => 0,
+						'email' => $this->Auth->user('email'),
+						'action' => 'serverSettingsEdit',
+						'user_id' => $this->Auth->user('id'),
+						'title' => 'Server setting issue',
+						'change' => 'There was an issue witch changing ' . $setting . ' to ' . $this->request->data['Server']['value']  . '. The error message returned is: app/Config.config.php is not writeable to the apache user. No changes were made.',
+				));
+				return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => 'app/Config.config.php is not writeable to the apache user.')),'status'=>200));
+			}
+			
 			if (isset($found['beforeHook'])) {
 				$beforeResult = call_user_func_array(array($this->Server, $found['beforeHook']), array($setting, $this->request->data['Server']['value']));
 				if ($beforeResult !== true) {
@ -805,7 +820,7 @@ class ServersController extends AppController {
 							'title' => 'Server setting issue',
 							'change' => 'There was an issue witch changing ' . $setting . ' to ' . $this->request->data['Server']['value']  . '. The error message returned is: ' . $beforeResult . 'No changes were made.',
 					));
-					return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $afterResult)),'status'=>200));
+					return new CakeResponse(array('body'=> json_encode(array('saved' => false, 'errors' => $beforeResult)),'status'=>200));
 				}
 			}
 			if ($found['type'] == 'boolean') {
--- a/app/View/Servers/server_settings.ctp
+++ b/app/View/Servers/server_settings.ctp
@ -1,4 +1,7 @@
 <div class="server index">
+	<?php if ($writeableFiles['Config/config.php'] != 0): ?>
+	<div class="bold" style="background-color:red;width:100%;color:white;"><span style="padding-left:10px;">Warning: app/Config/config.php is not writeable. This means that any setting changes made here will NOT be saved.</span></div>
+	<?php endif; ?>
 	<h2>Server settings</h2>
 	<?php
 		echo $this->element('healthElements/tabs');