viscous/espocrm
1
0
Fork 0
mirror of https://github.com/espocrm/espocrm.git synced 2026-03-03 02:27:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

public folder

Browse Source
This commit is contained in:
Yuri Kuznetsov
2021-07-06 13:46:49 +03:00
parent 1da5f7e223
commit 36d6a72317
22 changed files with 185 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
.htaccess
View File

@@ -1,24 +1,42 @@
<ifModule mod_headers.c>
Header always set Access-Control-Allow-Methods "POST, GET, PUT, PATCH, DELETE"
Header always set Access-Control-Allow-Methods "POST, GET, PUT, PATCH, DELETE"
</ifModule>
DirectoryIndex index.php index.html
DirectoryIndex index.php
Options -Indexes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteEngine On
# PROTECTED DIRECTORIES
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^/?(api|client)/ - [F]
# Forbid access. Not actual as redirect to `public` is applied.
# An extra security measure if redirect not fired.
RewriteRule ^/?data/ - [F]
RewriteRule ^/?application/ - [F]
RewriteRule ^/?custom/ - [F]
RewriteRule ^/?vendor/ - [F]
RewriteRule /?web\.config - [F]
RewriteRule ^/?data/ - [F]
RewriteRule ^/?application/ - [F]
RewriteRule ^/?custom/ - [F]
RewriteRule ^/?vendor/ - [F]
RewriteRule ^/?client/?$ - [F]
#END PROTECTED DIRECTORIES
# Forbid `public` dir.
RewriteCond %{ENV:REDIRECT_STATUS} !=200
RewriteRule ^/?public/? - [F,L]
RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
# Skip redirect for `client` dir.
RewriteRule ^client/ - [L]
RewriteRule /?web\.config - [F]
</IfModule>
# Skip redirect for `node_modules` dir. Actual only for dev environment.
RewriteRule ^node_modules/ - [L]
# Store base path.
RewriteCond %{REQUEST_URI}::$1 ^(.*?/)(.*)::\2$
RewriteRule ^(.*)$ - [E=BASE:%1]
# Add trailing slash.
RewriteCond %{DOCUMENT_ROOT}/%{ENV:BASE}/public/$1 -d
RewriteRule ^(.*?[^/])$ %{REQUEST_URI}/ [L,R=301,NE]
# Rewrite to `public` dir.
RewriteRule ^((?!public/).*)$ %{ENV:BASE}/public/$1 [L,NC]
RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
</IfModule>

16
Gruntfile.js
View File

@@ -177,14 +177,13 @@ module.exports = grunt => {
expand: true,
dot: true,
src: [
'api/**',
'application/**',
'custom/**',
'data/.data',
'install/**',
'portal/**',
'vendor/**',
'html/**',
'public/**',
'install/**',
'bootstrap.php',
'cron.php',
'daemon.php',
@@ -195,7 +194,6 @@ module.exports = grunt => {
'extension.php',
'websocket.php',
'command.php',
'oauth-callback.php',
'index.php',
'LICENSE.txt',
'.htaccess',
@@ -234,11 +232,11 @@ module.exports = grunt => {
mode: '755'
},
src: [
'build/EspoCRM-<%= pkg.version %>/install',
'build/EspoCRM-<%= pkg.version %>/portal',
'build/EspoCRM-<%= pkg.version %>/api',
'build/EspoCRM-<%= pkg.version %>/api/v1',
'build/EspoCRM-<%= pkg.version %>/api/v1/portal-access',
'build/EspoCRM-<%= pkg.version %>/public/install',
'build/EspoCRM-<%= pkg.version %>/public/portal',
'build/EspoCRM-<%= pkg.version %>/public/api',
'build/EspoCRM-<%= pkg.version %>/public/api/v1',
'build/EspoCRM-<%= pkg.version %>/public/api/v1/portal-access',
'build/EspoCRM-<%= pkg.version %>',
],
},

12
application/Espo/Core/Portal/Utils/Url.php
View File

@@ -40,8 +40,11 @@ class Url
}
$url = $_SERVER['REQUEST_URI'];
$scriptName = $_SERVER['SCRIPT_NAME'];
return explode('/', $url)[count(explode('/', $_SERVER['SCRIPT_NAME'])) - 1] ?? null;
$scriptNameModified = str_replace('public/api/', 'api/', $scriptName);
return explode('/', $url)[count(explode('/', $scriptNameModified)) - 1] ?? null;
}
public static function detectPortalId(): ?string
@@ -53,8 +56,11 @@ class Url
}
$url = $_SERVER['REQUEST_URI'];
$scriptName = $_SERVER['SCRIPT_NAME'];
$portalId = explode('/', $url)[count(explode('/', $_SERVER['SCRIPT_NAME'])) - 1] ?? null;
$scriptNameModified = str_replace('public/api/', 'api/', $scriptName);
$portalId = explode('/', $url)[count(explode('/', $scriptNameModified)) - 1] ?? null;
if (strpos($url, '=') !== false) {
$portalId = null;
@@ -70,7 +76,7 @@ class Url
return null;
}
$portalId = explode('/', $url)[count(explode('/', $_SERVER['SCRIPT_NAME'])) - 1] ?? null;
$portalId = explode('/', $url)[count(explode('/', $scriptNameModified)) - 1] ?? null;
if ($portalId === '') {
$portalId = null;

5
application/Espo/Core/Utils/Route.php
View File

@@ -174,7 +174,10 @@ class Route
public static function detectBasePath(): string
{
$scriptName = parse_url($_SERVER['SCRIPT_NAME'] , PHP_URL_PATH);
$scriptDir = dirname($scriptName);
$scriptNameModified = str_replace('public/api/', 'api/', $scriptName);
$scriptDir = dirname($scriptNameModified);
$uri = parse_url('http://any.com' . $_SERVER['REQUEST_URI'], PHP_URL_PATH);

62
index.php
View File

@@ -27,20 +27,58 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
include "bootstrap.php";
$path = getcwd();
use Espo\Core\{
Application,
ApplicationRunners\Client,
ApplicationRunners\EntryPoint,
};
echo <<<EOL
<h2>For apache webserver</h2>
$app = new Application();
<h4>Non-production environment</h4>
if (filter_has_var(INPUT_GET, 'entryPoint')) {
$app->run(EntryPoint::class);
<p>
You need to enable `.htaccess` usage in the apache configuration. Add the code:
</p>
exit;
}
<pre>
<code>
&ltDirectory $path>
AllowOverride All
&lt/Directory>
</code>
</pre>
$app->run(Client::class);
<h4>Poduction environment</h4>
<p>
It's recommended to configure the document root to look at the `public`
directory and create an alias for the `client` directory. The code to add to the apache configuration:
</p>
<pre>
<code>
DocumentRoot $path/public/
Alias /client/ $path/client/
</code>
</pre>
<p>
And allow override for the `public` directory:
</p>
<pre>
<code>
&ltDirectory $path/public/>
AllowOverride All
&lt/Directory>
</code>
</pre>
<p>
More detals in the <a href="https://docs.espocrm.com/administration/apache-server-configuration/">documentation</a>.
</p>
<h2>For nginx webserver</h2>
<p>
You need to configure the document root to look at the `public` directory and create an alias for the `client` directory. More detals in the <a href="https://docs.espocrm.com/administration/nginx-server-configuration/">documentation</a>.
</p>
EOL;

2
install/core/tpl/index.tpl
View File

@@ -6,7 +6,7 @@
<meta content="utf-8" http-equiv="encoding">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
{if $isBuild}
{if $isBuilt}
<script type="text/javascript" src="../client/espo.min.js"></script>
{else}
{foreach from=$libFileList item=file}

2
api/v1/portal-access/.htaccess → public/api/v1/.htaccess
View File

@@ -11,4 +11,4 @@ RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
RewriteRule /?web\.config - [F]
RewriteRule /?web\.config - [F]

2
api/v1/index.php → public/api/v1/index.php
View File

@@ -27,7 +27,7 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
require_once('../../bootstrap.php');
require_once('../../../bootstrap.php');
use Espo\Core\{
Application,

0
api/v1/.htaccess → public/api/v1/portal-access/.htaccess
View File

8
api/v1/portal-access/index.php → public/api/v1/portal-access/index.php
View File

@@ -27,7 +27,7 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
require_once('../../../bootstrap.php');
require_once('../../../../bootstrap.php');
use Espo\Core\{
Portal\Application,
@@ -37,4 +37,10 @@ use Espo\Core\{
$portalId = Url::detectPortalIdForApi();
if ($portalId === null || $portalId === '') {
echo "No portal ID";
exit;
}
(new Application($portalId))->run(Api::class);

6
api/v1/web.config → public/api/v1/portal-access/web.config
View File

@@ -5,9 +5,9 @@
<rewrite>
<rules>
<rule name="rule 1G" stopProcessing="true">
<match url="^" />
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
<match url="^" />
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>

4
api/v1/portal-access/web.config → public/api/v1/web.config
View File

@@ -1,15 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="rule 1G" stopProcessing="true">
<match url="^" />
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>

46
public/index.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
/************************************************************************
* This file is part of EspoCRM.
*
* EspoCRM - Open Source CRM application.
* Copyright (C) 2014-2021 Yurii Kuznietsov, Taras Machyshyn, Oleksii Avramenko
* Website: https://www.espocrm.com
*
* EspoCRM is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* EspoCRM is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with EspoCRM. If not, see http://www.gnu.org/licenses/.
*
* The interactive user interfaces in modified source and object code versions
* of this program must display Appropriate Legal Notices, as required under
* Section 5 of the GNU General Public License version 3.
*
* In accordance with Section 7(b) of the GNU General Public License version 3,
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
include "../bootstrap.php";
use Espo\Core\{
Application,
ApplicationRunners\Client,
ApplicationRunners\EntryPoint,
};
$app = new Application();
if (filter_has_var(INPUT_GET, 'entryPoint')) {
$app->run(EntryPoint::class);
exit;
}
$app->run(Client::class);

0
install/css/install.css → public/install/css/install.css
View File

0
install/img/devices.png → public/install/img/devices.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 171 KiB

After

Width:  |  Height:  |  Size: 171 KiB

24
install/index.php → public/install/index.php
View File

@@ -31,14 +31,14 @@ if (session_status() !== \PHP_SESSION_ACTIVE) {
session_start();
}
require_once('../bootstrap.php');
require_once('../../bootstrap.php');
use Espo\Core\Utils\Util;
use Espo\Core\Utils\Client\DevModeJsFileListProvider;
use Espo\Core\Utils\File\Manager as FileManager;
if (!isset($postData)) {
require_once('core/PostData.php');
require_once('install/core/PostData.php');
$postData = new PostData();
}
@@ -48,7 +48,7 @@ $allPostData = $postData->getAll();
// action
$action = (!empty($allPostData['action']))? $allPostData['action'] : 'main';
require_once('core/Utils.php');
require_once('install/core/Utils.php');
if (!Utils::checkActionExists($action)) {
die('This page does not exist.');
@@ -75,7 +75,7 @@ if (!empty($allPostData)) {
// get user selected language
$userLang = (!empty($_SESSION['install']['user-lang']))? $_SESSION['install']['user-lang'] : 'en_US';
require_once 'core/Language.php';
require_once 'install/core/Language.php';
$language = new Language();
@@ -84,9 +84,9 @@ $langs = $language->get($userLang);
$sanitizedLangs = Util::sanitizeHtml($langs);
//END: get user selected language
$config = include('core/config.php');
$config = include('install/core/config.php');
require_once 'core/SystemHelper.php';
require_once 'install/core/SystemHelper.php';
$systemHelper = new SystemHelper();
@@ -118,8 +118,8 @@ if (!$systemHelper->initWritable()) {
require_once ('install/vendor/smarty/libs/Smarty.class.php');
require_once 'core/Installer.php';
require_once 'core/Utils.php';
require_once 'install/core/Installer.php';
require_once 'install/core/Utils.php';
$smarty = new Smarty();
$installer = new Installer();
@@ -185,8 +185,10 @@ switch ($action) {
break;
}
$actionFile = 'core/actions/'.$action.'.php';
$tplName = $action.'.tpl';
$actionFile = 'install/core/actions/' . $action . '.php';
$tplName = $action . '.tpl';
$smarty->assign('tplName', $tplName);
$smarty->assign('action', ucfirst($action));
@@ -201,7 +203,7 @@ if (!empty($actionFile) && file_exists('install/core/tpl/' . $tplName)) {
/* check if EspoCRM is built */
$isBuilt = file_exists('client/espo.min.js');
$smarty->assign('isBuilt', true);
$smarty->assign('isBuilt', $isBuilt);
if (!$isBuilt) {
$libListProvider = new DevModeJsFileListProvider(new FileManager());

0
install/js/install.js → public/install/js/install.js
View File

2
oauth-callback.php → public/oauth-callback.php
View File

@@ -27,7 +27,7 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
include "bootstrap.php";
include "../bootstrap.php";
use Espo\Core\{
Application,

4
portal/.htaccess → public/portal/.htaccess
View File

@@ -9,4 +9,6 @@ RewriteEngine On
RewriteRule .* - [E=HTTP_ESPO_CGI_AUTH:%{HTTP:Authorization}]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [QSA,L]
RewriteRule ^ index.php [QSA,L]
RewriteRule /?web\.config - [F]

2
portal/index.php → public/portal/index.php
View File

@@ -27,7 +27,7 @@
* these Appropriate Legal Notices must retain the display of the "EspoCRM" word.
************************************************************************/
include "../bootstrap.php";
include "../../bootstrap.php";
use Espo\Core\{
Application,

10
portal/web.config → public/portal/web.config
View File

@@ -1,15 +1,13 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="rule 1G" stopProcessing="true">
<match url="^" />
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
<match url="^" />
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
</configuration>

0
robots.txt → public/robots.txt
View File