Custom logo HTML (#4369)

* Custom logo HTML Add option for custom HTML logo/title in the main Web UI view. Can potentially be different per user. #fix https://github.com/FreshRSS/FreshRSS/pull/3830/files#r850472247 * logo_html in main config With new `./data/config.custom.php` to provide custom values before install * Docker documentation * whitespace * Auto relax CSP to allow images for HTML logo * Documentation
2022-05-23 14:03:19 +02:00 · 2022-05-23 14:03:19 +02:00 · f89819bd64
parent 8668ca7230
commit f89819bd64
13 changed files with 94 additions and 8 deletions
--- a/Docker/README.md
+++ b/Docker/README.md
@ -205,6 +205,16 @@ In the FreshRSS setup, you will then specify the name of the container (`freshrs

 ## More deployment options

+### Provide default global settings
+
+An optional configuration file can be mounted to `/var/www/FreshRSS/data/config.custom.php` to provide custom settings before the FreshRSS setup,
+on the model of [`config.default.php`](../config.default.php).
+
+### Provide default user settings
+
+An optional configuration file can be mounted to `/var/www/FreshRSS/data/config-user.default.php` to provide custom user settings before a user is created,
+on the model of [`config-user.default.php`](../config-user.default.php).
+
 ### Custom Apache configuration (advanced users)

 The FreshRSS Docker image uses the [Web server Apache](https://httpd.apache.org/) internally.
@ -294,6 +304,10 @@ services:
    volumes:
      - data:/var/www/FreshRSS/data
      - extensions:/var/www/FreshRSS/extensions
+      # Optional file providing custom global settings (used before a FreshRSS install)
+      - ./config.custom.php:/var/www/FreshRSS/data/config.custom.php
+      # Optional file providing custom user settings (used before a new user is created)
+      - ./config-user.custom.php:/var/www/FreshRSS/data/config-user.custom.php
    ports:
      # If you want to open a port 8080 on the local machine:
      - "8080:80"
--- a/app/Controllers/statsController.php
+++ b/app/Controllers/statsController.php
@ -17,6 +17,7 @@ class FreshRSS_stats_Controller extends FreshRSS_ActionController {

 		$this->_csp([
 			'default-src' => "'self'",
+			'img-src' => '* data:',
 			'style-src' => "'self' 'unsafe-inline'",
 		]);

--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@ -32,6 +32,14 @@ class FreshRSS extends Minz_FrontController {
 			die($message);
 		}

+		if (FreshRSS_Context::$system_conf->logo_html != '') {
+			// Relax Content Security Policy to allow external images if a custom logo HTML is used
+			Minz_ActionController::_defaultCsp([
+				'default-src' => "'self'",
+				'img-src' => '* data:',
+			]);
+		}
+
 		// Load list of extensions and enable the "system" ones.
 		Minz_ExtensionManager::init();

--- a/app/Models/SystemConfiguration.php
+++ b/app/Models/SystemConfiguration.php
@ -17,6 +17,7 @@
 * @property-read string $http_auth_auto_register_email_field
 * @property-read string $language
 * @property array<string,int> $limits
+ * @property-read string $logo_html
 * @property-read string $meta_description
 * @property-read bool $pubsubhubbub_enabled
 * @property-read string $salt
--- a/app/install.php
+++ b/app/install.php
@ -145,6 +145,14 @@ function saveStep2() {
 			$config_array['auth_type'] = Minz_Session::param('auth_type');
 		}

+		$customConfigPath = DATA_PATH . '/config.custom.php';
+		if (file_exists($customConfigPath)) {
+			$customConfig = include($customConfigPath);
+			if (is_array($customConfig)) {
+				$config_array = array_merge($customConfig, $config_array);
+			}
+		}
+
 		@unlink(DATA_PATH . '/config.php');	//To avoid access-rights problems
 		file_put_contents(DATA_PATH . '/config.php', "<?php\n return " . var_export($config_array, true) . ";\n");

--- a/app/layout/header.phtml
+++ b/app/layout/header.phtml
@ -1,7 +1,13 @@
 <header class="header">
 	<div class="item title">
 		<a href="<?= _url('index', 'index') ?>">
-			<img class="logo" src="<?= _i('FreshRSS-logo', true) ?>" alt="" />
+			<?php if (FreshRSS_Context::$system_conf->logo_html == '') { ?>
+				<img class="logo" src="<?= _i('FreshRSS-logo', true) ?>" alt="FreshRSS" />
+			<?php
+				} else {
+					echo FreshRSS_Context::$system_conf->logo_html;
+				}
+			?>
 		</a>
 	</div>

--- a/app/layout/simple.phtml
+++ b/app/layout/simple.phtml
@ -30,7 +30,13 @@
 	<div class="header">
 		<div class="item title">
 			<a href="<?= _url('index', 'index') ?>">
-				<img class="logo" src="<?= _i('FreshRSS-logo', true) ?>" alt="" />
+				<?php if (FreshRSS_Context::$system_conf->logo_html == '') { ?>
+					<img class="logo" src="<?= _i('FreshRSS-logo', true) ?>" alt="FreshRSS" />
+				<?php
+					} else {
+						echo FreshRSS_Context::$system_conf->logo_html;
+					}
+				?>
 			</a>
 		</div>

--- a/cli/README.md
+++ b/cli/README.md
@ -49,6 +49,8 @@ cd /usr/share/FreshRSS
 # Same parameters as for do-install.php. Used to update an existing installation.
 ```

+> ℹ️ More options for [the configuration of your instance](../config.default.php#L3-L5) may be set in `./data/config.custom.php` before the install process, or in `./data/config.php` after the install process.
+
 ### User

 ```sh
@ -59,7 +61,11 @@ cd /usr/share/FreshRSS

 ./cli/update-user.php --user username [ ... ]
 # Same options as create-user.php, except --no_default_feeds which is only available for create-user.php
+```

+> ℹ️ More options for [the configuration of users](../config-user.default.php#L3-L5) may be set in `./data/config-user.custom.php` prior to creating new users, or in `./data/users/*/config.php` for existing users.
+
+```sh
 ./cli/actualize-user.php --user username
 # Fetch feeds for the specified user

--- a/cli/do-install.php
+++ b/cli/do-install.php
@ -46,6 +46,14 @@ $config = array(
 		'db' => FreshRSS_Context::$system_conf->db,
 	);

+$customConfigPath = DATA_PATH . '/config.custom.php';
+if (file_exists($customConfigPath)) {
+	$customConfig = include($customConfigPath);
+	if (is_array($customConfig)) {
+		$config = array_merge($customConfig, $config);
+	}
+}
+
 foreach ($params as $param) {
 	$param = rtrim($param, ':');
 	if (isset($options[$param])) {
--- a/config.default.php
+++ b/config.default.php
@ -1,7 +1,8 @@
 <?php

 # Do not modify this file, which defines default values,
-# but edit `./data/config.php` instead, after the install process is completed.
+# but instead edit `./data/config.php` after the install process is completed,
+# or edit `./data/config.custom.php` before the install process.
 return array(

 	# Set to `development` to get additional error messages,
@ -30,6 +31,11 @@ return array(
 	# Meta description used when `allow_robots` is true.
 	'meta_description' => '',

+	# Override logo of this FreshRSS instance in the Web user interface.
+	# It is rendered inside an <a>...</a> element and must be valid HTML or text.
+	# Example: '<img class="logo" src="https://example.net/Hello.png" alt="Logo Example" /> Hello'
+	'logo_html' => '',
+
 	# Name of the user that has administration rights.
 	'default_user' => '_',

--- a/data/.gitignore
+++ b/data/.gitignore
@ -1,7 +1,8 @@
 .htpasswd
+config-user.custom.php
+config.custom.php
 config.php
 config.php.bak.php
-config-user.custom.php
 force-https.txt
 last_update.txt
 no-cache.txt
--- a/docs/en/admins/03_Installation.md
+++ b/docs/en/admins/03_Installation.md
@ -16,7 +16,10 @@ Before you begin, make sure that you’ve read the [prerequisites](02_Prerequisi

 6. Using your supported web browser of choice, navigate to the address you’ve installed your server to complete the installation from the GUI.[^3]

-7. You can then customize [the configuration of your instance](https://github.com/FreshRSS/FreshRSS/blob/edge/config.default.php#L3-L4), [the default configuration for new users](https://github.com/FreshRSS/FreshRSS/blob/edge/config-user.default.php#L3-L5) or [the default set of feeds for new users](https://github.com/FreshRSS/FreshRSS/blob/edge/opml.default.xml#L2-L5).
+7. In configuration files, you can customize advanced settings:
+	* [the configuration of your instance](https://github.com/FreshRSS/FreshRSS/blob/edge/config.default.php#L3-L5) in `./data/config.custom.php` before the install process, or in `./data/config.php` after the install process;
+	* [the default configuration for new users](https://github.com/FreshRSS/FreshRSS/blob/edge/config-user.default.php#L3-L5) in `./data/config-user.custom.php`, or in `./data/users/*/config.php` for existing users;
+	* [the default set of feeds for new users](https://github.com/FreshRSS/FreshRSS/blob/edge/opml.default.xml#L2-L5) in `./data/opml.xml`.

 ---

--- a/lib/Minz/ActionController.php
+++ b/lib/Minz/ActionController.php
@ -8,15 +8,22 @@
 * The Minz_ActionController class is a controller in the MVC paradigm
 */
 class Minz_ActionController {
-	protected $view;
-	private $csp_policies = array(
+
+	/** @var array<string,string> */
+	private static $csp_default = [
 		'default-src' => "'self'",
-	);
+	];
+
+	/** @var array<string,string> */
+	private $csp_policies;
+
+	protected $view;

 	// Gives the possibility to override the default View type.
 	public static $viewType = 'Minz_View';

 	public function __construct () {
+		$this->csp_policies = self::$csp_default;
 		if (class_exists(self::$viewType)) {
 			$this->view = new self::$viewType();
 		} else {
@ -34,6 +41,17 @@ class Minz_ActionController {
 		return $this->view;
 	}

+	/**
+	 * Set default CSP policies.
+	 * @param array<string,string> $policies An array where keys are directives and values are sources.
+	 */
+	public static function _defaultCsp($policies) {
+		if (!isset($policies['default-src'])) {
+			Minz_Log::warning('Default CSP policy is not declared', ADMIN_LOG);
+		}
+		self::$csp_default = $policies;
+	}
+
 	/**
 	 * Set CSP policies.
 	 *