Merge pull request #12 from crowdsecurity/customize-colors

user can customize public pages

Author: mobula9

composer.json

@@ -9,7 +9,7 @@
         }
     ],
     "require": {
-        "crowdsec/bouncer": "^0.8.6"
+        "crowdsec/bouncer": "^0.9.0"
     },
     "require-dev": {
         "bramus/monolog-colored-line-formatter": "^3.0",

composer.lock

@@ -4,6 +4,11 @@
 git checkout -b <branch-name>
 git commit # as much as necessary.
 
+# If the bouncer version has been bumped
+# Update <project>/composer.json with the last version then:
+export CONTAINER_NAME=`echo "wordpress$WORDPRESS_VERSION" | tr . -`
+docker-compose exec $CONTAINER_NAME composer update --working-dir /var/www/html/wp-content/plugins/cs-wordpress-bouncer --prefer-source
+
 # Rename branch if necessary
 git branch -m <new-name>
 git push origin :<old-name> && git push -u origin <new-name>

docs/workflows.md

@@ -2,8 +2,9 @@
 
 require_once __DIR__.'/notice.php';
 
-require_once __DIR__.'/advanced-settings.php';
 require_once __DIR__.'/settings.php';
+require_once __DIR__.'/theme.php';
+require_once __DIR__.'/advanced-settings.php';
 
 add_action('admin_notices', [new AdminNotice(), 'displayAdminNotice']);
 
@@ -232,12 +233,16 @@ function addFieldSelect(string $optionName, string $label, string $optionGroup,
         add_menu_page('CrowdSec Plugin', 'CrowdSec', 'manage_options', 'crowdsec_plugin', function () {
             require_once CROWDSEC_PLUGIN_PATH.'/inc/templates/settings.php';
         }, 'dashicons-shield', 110);
+        add_submenu_page('crowdsec_plugin', 'Theme customization', 'Theme customization', 'manage_options', 'crowdsec_theme_settings', function () {
+            require_once CROWDSEC_PLUGIN_PATH.'/inc/templates/theme.php';
+        });
         add_submenu_page('crowdsec_plugin', 'Advanced', 'Advanced', 'manage_options', 'crowdsec_advanced_settings', function () {
             require_once CROWDSEC_PLUGIN_PATH.'/inc/templates/advanced-settings.php';
         });
 
         add_action('admin_init', function () {
             adminSettings();
+            themeSettings();
             adminAdvancedSettings();
         });
     });

inc/admin/init.php

@@ -0,0 +1,141 @@
+<?php
+
+function themeSettings()
+{
+    /******************************************
+     ** Section "Captcha wall text contents" **
+     *****************************************/
+
+    add_settings_section('crowdsec_theme_captcha_texts', 'Adapt the wording of the Captcha Wall', function () {
+        echo 'You can customize the text display on the captcha wall.';
+    }, 'crowdsec_theme_settings');
+
+    // Field "crowdsec_theme_text_captcha_wall_tab_title"
+    addFieldString('crowdsec_theme_text_captcha_wall_tab_title', 'Browser tab text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The text in the browser tab of the captcha wall page.</p>', 'Tab text', 'width: 150px;', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_title"
+    addFieldString('crowdsec_theme_text_captcha_wall_title', 'Title text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The title text of the captcha wall page.</p>', 'Subtitle text', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_subtitle"
+    addFieldString('crowdsec_theme_text_captcha_wall_subtitle', 'Subtitle text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The subtitle text of the captcha wall page.</p>', 'Subtitle text', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_refresh_image_link"
+    addFieldString('crowdsec_theme_text_captcha_wall_refresh_image_link', 'Refresh image text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The "refresh image" text of the captcha wall page.</p>', 'Refresh image text', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_captcha_placeholder"
+    addFieldString('crowdsec_theme_text_captcha_wall_captcha_placeholder', 'Input placeholder', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The "refresh image" text of the captcha wall page.</p>', 'Captcha input placeholder', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_send_button"
+    addFieldString('crowdsec_theme_text_captcha_wall_send_button', 'Send button text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The "refresh image" text of the captcha wall page.</p>', 'Send button text', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_error_message"
+    addFieldString('crowdsec_theme_text_captcha_wall_error_message', 'Error message', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>The "error message" text of the captcha wall page when a captcha is not successfuly resolved.</p>', 'Error message', '', 'text');
+
+    // Field "crowdsec_theme_text_captcha_wall_footer"
+    addFieldString('crowdsec_theme_text_captcha_wall_footer', 'Footer custom message', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_captcha_texts', function ($input) {
+        return $input;
+    }, '<p>You can add a custom footer text.</p>', 'Custom footer text', '', 'text');
+
+    /**************************************
+     ** Section "Ban wall text contents" **
+     *************************************/
+
+    add_settings_section('crowdsec_theme_ban_texts', 'Adapt the wording of the Ban Wall', function () {
+        echo 'You can customize the text display on the ban wall.';
+    }, 'crowdsec_theme_settings');
+
+    // Field "crowdsec_theme_text_ban_wall_tab_title"
+    addFieldString('crowdsec_theme_text_ban_wall_tab_title', 'Browser tab text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_ban_texts', function ($input) {
+        return $input;
+    }, '<p>The text in the browser tab of the ban wall page.</p>', 'Tab text', 'width: 150px;', 'text');
+
+    // Field "crowdsec_theme_text_ban_wall_title"
+    addFieldString('crowdsec_theme_text_ban_wall_title', 'Title text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_ban_texts', function ($input) {
+        return $input;
+    }, '<p>The title text of the ban wall page.</p>', 'Subtitle text', '', 'text');
+
+    // Field "crowdsec_theme_text_ban_wall_subtitle"
+    addFieldString('crowdsec_theme_text_ban_wall_subtitle', 'Subtitle text', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_ban_texts', function ($input) {
+        return $input;
+    }, '<p>The subtitle text of the ban wall page.</p>', 'Subtitle text', '', 'text');
+
+    // Field "crowdsec_theme_text_ban_wall_footer"
+    addFieldString('crowdsec_theme_text_ban_wall_footer', 'Footer custom message', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_ban_texts', function ($input) {
+        return $input;
+    }, '<p>You can add a custom footer text.</p>', 'Custom footer text', '', 'text');
+
+    /**********************
+     ** Section "Colors" **
+     *********************/
+
+    add_settings_section('crowdsec_theme_colors', 'Use your own colors!', function () {
+        echo 'You can customize remediation wall colors (ban wall and captcha wall).';
+    }, 'crowdsec_theme_settings');
+
+    // Field "crowdsec_theme_color_text_primary"
+    addFieldString('crowdsec_theme_color_text_primary', 'Primary text color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The color used for primary text on the two pages.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_text_secondary"
+    addFieldString('crowdsec_theme_color_text_secondary', 'Secondary text color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The color used for secondary text on the two pages.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_text_button"
+    addFieldString('crowdsec_theme_color_text_button', 'Button text color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The color of the text of the button on the captcha wall page.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_text_error_message"
+    addFieldString('crowdsec_theme_color_text_error_message', 'Error message text color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The color used for the error message (when captcha resolution failed).</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_background_page"
+    addFieldString('crowdsec_theme_color_background_page', 'Page background color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The background color used of the two pages.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_background_container"
+    addFieldString('crowdsec_theme_color_background_container', 'Container background color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The background color used for the central block on the two pages</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_background_button"
+    addFieldString('crowdsec_theme_color_background_button', 'Button background color', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The background color used for the captcha validation button.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    // Field "crowdsec_theme_color_background_button_hover"
+    addFieldString('crowdsec_theme_color_background_button_hover', 'Button background color (hover)', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_colors', function ($input) {
+        return $input;
+    }, '<p>The background color used for the captcha validation button when it\'s hover.</p>', 'CSS color', 'width: 100px;', 'text');
+
+    /**************************
+     ** Section "Custom CSS" **
+     *************************/
+
+    add_settings_section('crowdsec_theme_css', 'Use your own CSS code!', function () {
+        echo 'You can customize remediation walls with CSS code (ban wall and captcha wall).';
+    }, 'crowdsec_theme_settings');
+
+    // Field "crowdsec_theme_custom_css"
+    addFieldString('crowdsec_theme_custom_css', 'Custom CSS code', 'crowdsec_plugin_theme_settings', 'crowdsec_theme_settings', 'crowdsec_theme_css', function ($input) {
+        return $input;
+    }, '<p>The CSS code to use in the remediation wall (ban wall and captcha wall).</p>', 'CSS code...', '', 'text');
+}

inc/admin/theme.php

@@ -37,14 +37,69 @@ function shouldTrustXforwardedFor(string $ip): bool
     function displayCaptchaWall()
     {
         header('HTTP/1.0 401 Unauthorized');
-        echo Bouncer::getCaptchaHtmlTemplate($_SESSION['crowdsec_captcha_resolution_failed'], $_SESSION['crowdsec_captcha_inline_image'], '', !get_option('crowdsec_hide_mentions'));
+        $config = [
+            'hide_crowdsec_mentions' => (bool) get_option('crowdsec_hide_mentions'),
+            'color' => [
+              'text' => [
+                'primary' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_primary'), \ENT_QUOTES),
+                'secondary' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_secondary'), \ENT_QUOTES),
+                'button' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_button'), \ENT_QUOTES),
+                'error_message' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_error_message'), \ENT_QUOTES),
+              ],
+              'background' => [
+                'page' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_page'), \ENT_QUOTES),
+                'container' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_container'), \ENT_QUOTES),
+                'button' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_button'), \ENT_QUOTES),
+                'button_hover' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_button_hover'), \ENT_QUOTES),
+              ],
+            ],
+            'text' => [
+              'captcha_wall' => [
+                'tab_title' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_tab_title'), \ENT_QUOTES),
+                'title' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_title'), \ENT_QUOTES),
+                'subtitle' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_subtitle'), \ENT_QUOTES),
+                'refresh_image_link' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_refresh_image_link'), \ENT_QUOTES),
+                'captcha_placeholder' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_captcha_placeholder'), \ENT_QUOTES),
+                'send_button' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_send_button'), \ENT_QUOTES),
+                'error_message' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_error_message'), \ENT_QUOTES),
+                'footer' => wp_specialchars_decode(get_option('crowdsec_theme_text_captcha_wall_footer'), \ENT_QUOTES),
+              ],
+            ],
+            'custom_css' => get_option('crowdsec_theme_custom_css'),
+          ];
+        echo Bouncer::getCaptchaHtmlTemplate($_SESSION['crowdsec_captcha_resolution_failed'], $_SESSION['crowdsec_captcha_inline_image'], '', $config);
         die();
     }
 
     function handleBanRemediation()
     {
         header('HTTP/1.0 403 Forbidden');
-        echo Bouncer::getAccessForbiddenHtmlTemplate(!get_option('crowdsec_hide_mentions'));
+        $config = [
+            'hide_crowdsec_mentions' => (bool) get_option('crowdsec_hide_mentions'),
+            'color' => [
+              'text' => [
+                'primary' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_primary', \ENT_QUOTES)),
+                'secondary' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_secondary', \ENT_QUOTES)),
+                'error_message' => wp_specialchars_decode(get_option('crowdsec_theme_color_text_error_message', \ENT_QUOTES)),
+              ],
+              'background' => [
+                'page' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_page', \ENT_QUOTES)),
+                'container' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_container', \ENT_QUOTES)),
+                'button' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_button', \ENT_QUOTES)),
+                'button_hover' => wp_specialchars_decode(get_option('crowdsec_theme_color_background_button_hover', \ENT_QUOTES)),
+              ],
+            ],
+            'text' => [
+              'ban_wall' => [
+                'tab_title' => wp_specialchars_decode(get_option('crowdsec_theme_text_ban_wall_tab_title', \ENT_QUOTES)),
+                'title' => wp_specialchars_decode(get_option('crowdsec_theme_text_ban_wall_title', \ENT_QUOTES)),
+                'subtitle' => wp_specialchars_decode(get_option('crowdsec_theme_text_ban_wall_subtitle', \ENT_QUOTES)),
+                'footer' => wp_specialchars_decode(get_option('crowdsec_theme_text_ban_wall_footer', \ENT_QUOTES)),
+              ],
+            ],
+            'custom_css' => wp_specialchars_decode(get_option('crowdsec_theme_custom_css', \ENT_QUOTES)),
+          ];
+        echo Bouncer::getAccessForbiddenHtmlTemplate($config);
         die();
     }