From 4865c36cf656a3efc0c25168cdc5a1f098532c8b Mon Sep 17 00:00:00 2001 From: Thomas Weinert Date: Wed, 21 Oct 2020 16:59:37 +0200 Subject: [PATCH] [FEATURE] Add Cookie Consent Options And Logic Allow to require a consent cookie for the frontend session id cookie. --- .../Administration/Settings/SettingGroups.php | 13 ++++- src/system/Papaya/Configuration/CMS.php | 6 +++ .../Papaya/Content/Configuration/Setting.php | 5 ++ src/system/Papaya/Session.php | 51 ++++++++++++++----- src/system/papaya_page.php | 2 +- 5 files changed, 60 insertions(+), 17 deletions(-) diff --git a/src/system/Papaya/Administration/Settings/SettingGroups.php b/src/system/Papaya/Administration/Settings/SettingGroups.php index 6ceb2327..2d1ce88e 100644 --- a/src/system/Papaya/Administration/Settings/SettingGroups.php +++ b/src/system/Papaya/Administration/Settings/SettingGroups.php @@ -516,7 +516,14 @@ class SettingGroups implements Access, \IteratorAggregate { CMS::SESSION_SECURE => FlagSetting::class, CMS::SESSION_START => FlagSetting::class, CMS::SESSION_DOMAIN => HostNameSetting::class, - CMS::SESSION_PATH => PathSetting::class + CMS::SESSION_PATH => PathSetting::class, + CMS::SESSION_CONSENT_COOKIE_REQUIRE => FlagSetting::class, + CMS::SESSION_CONSENT_COOKIE_NAME => [ + TextSetting::class, 50, '(^[a-z\d_]+$)' + ], + CMS::SESSION_CONSENT_COOKIE_VALUES => [ + TextSetting::class, 500 + ] ], self::FEATURES => [ CMS::PROTECT_FORM_CHANGES => FlagSetting::class, @@ -555,7 +562,9 @@ public function getProfile($setting) { $profileClass = $profileData; $profileData = []; } - return new $profileClass(...$profileData); + $profile = new $profileClass(...$profileData); + $profile->papaya($this->papaya()); + return $profile; } return NULL; } diff --git a/src/system/Papaya/Configuration/CMS.php b/src/system/Papaya/Configuration/CMS.php index a81d4b6b..34564d87 100644 --- a/src/system/Papaya/Configuration/CMS.php +++ b/src/system/Papaya/Configuration/CMS.php @@ -285,6 +285,9 @@ class CMS extends GlobalValues { const SESSION_NAME = 'PAPAYA_SESSION_NAME'; const SESSION_START = 'PAPAYA_SESSION_START'; const SESSION_ACTIVATION = 'PAPAYA_SESSION_ACTIVATION'; + const SESSION_CONSENT_COOKIE_REQUIRE = 'PAPAYA_SESSION_CONSENT_COOKIE_REQUIRE'; + const SESSION_CONSENT_COOKIE_NAME = 'PAPAYA_SESSION_CONSENT_COOKIE_NAME'; + const SESSION_CONSENT_COOKIE_VALUES = 'PAPAYA_SESSION_CONSENT_COOKIE_VALUES'; const SESSION_DOMAIN = 'PAPAYA_SESSION_DOMAIN'; const SESSION_PATH = 'PAPAYA_SESSION_PATH'; const SESSION_SECURE = 'PAPAYA_SESSION_SECURE'; @@ -567,6 +570,9 @@ class CMS extends GlobalValues { self::SESSION_HTTP_ONLY => TRUE, self::SESSION_ID_FALLBACK => 'rewrite', self::SESSION_CACHE => 'private', + self::SESSION_CONSENT_COOKIE_REQUIRE => false, + self::SESSION_CONSENT_COOKIE_NAME => 'cookieconsent_status', + self::SESSION_CONSENT_COOKIE_VALUES => 'allow,dismiss', self::DB_DISCONNECT_SESSIONSTART => FALSE, //internal path options diff --git a/src/system/Papaya/Content/Configuration/Setting.php b/src/system/Papaya/Content/Configuration/Setting.php index 982db366..11ae0eb1 100644 --- a/src/system/Papaya/Content/Configuration/Setting.php +++ b/src/system/Papaya/Content/Configuration/Setting.php @@ -45,5 +45,10 @@ class Setting protected function _createKey() { return new Database\Record\Key\Fields($this, $this->_tableName, ['name']); } + + protected function _insertRecord() + { + return parent::_insertRecord(); // TODO: Change the autogenerated stub + } } } diff --git a/src/system/Papaya/Session.php b/src/system/Papaya/Session.php index 3eed6fa2..8e28a910 100644 --- a/src/system/Papaya/Session.php +++ b/src/system/Papaya/Session.php @@ -16,6 +16,7 @@ use Papaya\BaseObject\DeclaredProperties; use Papaya\BaseObject\Interfaces\Properties; + use Papaya\Configuration\CMS; use Papaya\Session\Id as SessionId; use Papaya\Session\Redirect as RedirectAlias; use Papaya\Session\Values as SessionValues; @@ -324,23 +325,45 @@ public function activate($redirect = FALSE) { private function configure() { $options = $this->papaya()->options; $wrapper = $this->wrapper(); - $defaults = $wrapper->getCookieParameters(); - $wrapper->setCookieParameters( - [ - 'lifetime' => $defaults['lifetime'], - 'path' => $options->get( - 'PAPAYA_SESSION_PATH', '/', new Filter\NotEmpty() - ), - 'domain' => $options->get( - 'PAPAYA_SESSION_DOMAIN', $defaults['domain'], new Filter\NotEmpty() - ), - 'secure' => $this->isSecureOnly(), - 'httponly' => $options->get(\Papaya\Configuration\CMS::SESSION_HTTP_ONLY, $defaults['httponly']), - ] - ); + if ($this->hasCookieConsent()) { + $defaults = $wrapper->getCookieParameters(); + $wrapper->setCookieParameters( + [ + 'lifetime' => $defaults['lifetime'], + 'path' => $options->get( + 'PAPAYA_SESSION_PATH', '/', new Filter\NotEmpty() + ), + 'domain' => $options->get( + 'PAPAYA_SESSION_DOMAIN', $defaults['domain'], new Filter\NotEmpty() + ), + 'secure' => $this->isSecureOnly(), + 'httponly' => $options->get(\Papaya\Configuration\CMS::SESSION_HTTP_ONLY, $defaults['httponly']), + ] + ); + } else { + ini_set('session.use_cookies', '0'); + } $wrapper->setCacheLimiter($this->options()->cache); } + private function hasCookieConsent() { + $options = $this->papaya()->options; + if ( + $this->isAdministration() || + !$options->get(CMS::SESSION_CONSENT_COOKIE_REQUIRE, FALSE) + ) { + return TRUE; + } + $name = $options->get(CMS::SESSION_CONSENT_COOKIE_NAME, ''); + if ($name && isset($_COOKIE[$name]) && ($value = $_COOKIE[$name])) { + $posibilites = array_map( + static function($posibility) { return trim($posibility); }, + explode(',', $options->get(CMS::SESSION_CONSENT_COOKIE_VALUES)) + ); + return in_array($value, $posibilites); + } + } + /** * Trigger redirects for session id storage/removal in browser if needed. * diff --git a/src/system/papaya_page.php b/src/system/papaya_page.php index 2c996265..9749918f 100644 --- a/src/system/papaya_page.php +++ b/src/system/papaya_page.php @@ -1112,7 +1112,7 @@ function initPageMode() { $pageStatus->load($this->topicId); if ($pageStatus->sessionMode == 0) { $this->allowSession = $this->papaya()->options->get( - 'PAPAYA_SESSION_ACTIVATION', \Papaya\Session::ACTIVATION_ALWAYS + \Papaya\Configuration\CMS::SESSION_ACTIVATION, \Papaya\Session::ACTIVATION_ALWAYS ); } else { $this->allowSession = $pageStatus->sessionMode;