From 2db7a1d001db18391a2baf2f30b33dc198e23484 Mon Sep 17 00:00:00 2001
From: Sam Minnee <sam@silverstripe.com>
Date: Sun, 15 Nov 2009 21:24:58 +0000
Subject: [PATCH] API CHANGE: Replaced BasicAuth::enable() with
 BasicAuth::protect_entire_site() API CHANGE: BasicAuth::requireLogin() no
 longer has an option to automatically log you in.  You can call logIn() on
 the object returned, instead.

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@91603 467b73ca-7a2a-4603-9d3b-597d59a354a9
---
 cli/CliController.php       |  1 -
 conf/ConfigureFromEnv.php   |  2 +-
 core/control/Controller.php | 11 +++----
 security/BasicAuth.php      | 64 +++++++++++++++++++++++++++++--------
 4 files changed, 55 insertions(+), 23 deletions(-)

diff --git a/cli/CliController.php b/cli/CliController.php
index 260b5b317..4ebeb172b 100755
--- a/cli/CliController.php
+++ b/cli/CliController.php
@@ -11,7 +11,6 @@
  */
 abstract class CliController extends Controller {
     function init() {
-		$this->disableBasicAuth();
 		parent::init();
 		// Unless called from the command line, all CliControllers need ADMIN privileges
 		if(!Director::is_cli() && !Permission::check("ADMIN")) return Security::permissionFailure();
diff --git a/conf/ConfigureFromEnv.php b/conf/ConfigureFromEnv.php
index d72667323..e650563f6 100644
--- a/conf/ConfigureFromEnv.php
+++ b/conf/ConfigureFromEnv.php
@@ -98,7 +98,7 @@ if(defined('SS_DEFAULT_ADMIN_USERNAME')) {
 	Security::setDefaultAdmin(SS_DEFAULT_ADMIN_USERNAME, SS_DEFAULT_ADMIN_PASSWORD);
 }
 if(defined('SS_USE_BASIC_AUTH') && SS_USE_BASIC_AUTH) {
-	BasicAuth::enable();
+	BasicAuth::protect_entire_site();
 }
 
 if(defined('SS_ERROR_LOG')) {
diff --git a/core/control/Controller.php b/core/control/Controller.php
index f35ae2e9b..837df1774 100755
--- a/core/control/Controller.php
+++ b/core/control/Controller.php
@@ -75,10 +75,7 @@ class Controller extends RequestHandler {
 	 * @uses BasicAuth::requireLogin()
 	 */
 	function init() {
-		// Test and development sites should be secured, via basic-auth
-		if(Director::isTest() && $this->basicAuthEnabled && Security::database_is_ready()) {
-			BasicAuth::requireLogin("SilverStripe test website. Use your CMS login", "ADMIN");
-		}		
+		if($this->basicAuthEnabled) BasicAuth::protect_site_if_necessary();
 
 		// Directly access the session variable just in case the Group or Member tables don't yet exist
 		if(Session::get('loggedInAs') && Security::database_is_ready()) {
@@ -349,9 +346,9 @@ class Controller extends RequestHandler {
 	}
   
 	/**
-	 * Call this to disable basic authentication on test sites.
-	 * must be called in the init() method
-	 * @deprecated Use BasicAuth::disable() instead?  This is used in CliController - it should be updated.
+	 * Call this to disable site-wide basic authentication for a specific contoller.
+	 * This must be called before Controller::init().  That is, you must call it in your controller's
+	 * init method before it calls parent::init().
 	 */
 	function disableBasicAuth() {
 		$this->basicAuthEnabled = false;
diff --git a/security/BasicAuth.php b/security/BasicAuth.php
index 351971e2a..6ae3ed53e 100755
--- a/security/BasicAuth.php
+++ b/security/BasicAuth.php
@@ -1,17 +1,21 @@
 <?php
 /**
  * Provides an interface to HTTP basic authentication.
+ * 
+ * This utility class can be used to secure any request with basic authentication.  To do so,
+ * {@link BasicAuth::requireLogin()} from your Controller's init() method or action handler method.
+ * 
+ * It also has a function to protect your entire site.  See {@link BasicAuth::protect_entire_site()}
+ * for more information.
+ * 
  * @package sapphire
  * @subpackage security
  */
 class BasicAuth extends Object {
-	
 	/**
-	 * Site-wide basic auth is disabled by default but can be enabled as needed in _config.php by calling BasicAuth::enable()
-	 * @var boolean
+	 * Flag set by {@link self::protect_entire_site()}
 	 */
-	static protected $enabled = false;
-	static protected $autologin = false;
+	private static $entire_site_protected = true;
 
 	/**
 	 * Require basic authentication.  Will request a username and password if none is given.
@@ -23,10 +27,8 @@ class BasicAuth extends Object {
 	 * @return Member $member 
 	 */
 	static function requireLogin($realm, $permissionCode) {
-		if(!self::$enabled) return true;
 		if(!Security::database_is_ready() || Director::is_cli()) return true;
 		
-		
 		if(isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
 			$member = MemberAuthenticator::authenticate(array(
 				'Email' => $_SERVER['PHP_AUTH_USER'], 
@@ -35,9 +37,6 @@ class BasicAuth extends Object {
 			
 			if($member) {
 				$authenticated = true;
-				if(self::$autologin) {
-					$member->logIn();
-				}
 			}
 		}
 		
@@ -68,12 +67,49 @@ class BasicAuth extends Object {
 		
 		return $member;
 	}
+		
+	/**
+	 * Enable protection of the entire site with basic authentication.
+	 * 
+	 * This log-in uses the Member database for authentication, but doesn't interfere with the
+	 * regular log-in form. This can be useful for test sites, where you want to hide the site
+	 * away from prying eyes, but still be able to test the regular log-in features of the site.
+	 * 
+	 * If you are including conf/ConfigureFromEnv.php in your _config.php file, you can also enable
+	 * this feature by adding this line to your _ss_environment.php:
+	 * 
+	 * define('SS_USE_BASIC_AUTH', true);
+	 * 
+	 * @param $protect Set this to false to disable protection.
+	 */
+	static function protect_entire_site($protect = true) {
+		return self::$entire_site_protected = $protect;
+	}
 	
-	static function enable($auto = false) {
-		self::$enabled = true;
-		self::$autologin = $auto;
+	/**
+	 * @deprecated Use BasicAuth::protect_entire_site() instead.
+	 */
+	static function enable() {
+		user_error("BasicAuth::enable() is deprated.  Use BasicAuth::protect_entire_site() instead.", E_USER_NOTICE);
+		return self::protect_entire_site();
 	}
+
+	/**
+	 * @deprecated Use BasicAuth::protect_entire_site(false) instead.
+	 */
 	static function disable() {
-		self::$enabled = false;
+		user_error("BasicAuth::disable() is deprated.  Use BasicAuth::protect_entire_site(false) instead.", E_USER_NOTICE);
+		return self::protect_entire_site(false);
 	}
+
+	/**
+	 * Call {@link BasicAuth::requireLogin()} if {@link BasicAuth::protect_entire_site()} has been called.
+	 * This is a helper function used by Controller.
+	 */
+	static function protect_site_if_necessary() {
+		if(self::$entire_site_protected) {
+			self::requireLogin("SilverStripe test website. Use your CMS login.", "ADMIN");
+		}
+	}
+
 }