From 50ebae7276393bd6cb818dccadbfe238242e902f Mon Sep 17 00:00:00 2001
From: =?utf8?q?Tim=20D=C3=BCsterhus?= <duesterhus@woltlab.com>
Date: Thu, 4 May 2023 16:10:23 +0200
Subject: [PATCH] Allow managing the landing pages in enterprise mode

see #4843
---
 .../acp/templates/applicationManagement.tpl   | 100 +++++++++---------
 .../form/ApplicationManagementForm.class.php  |  71 +++++++------
 .../group/option/UserGroupOption.class.php    |   1 -
 3 files changed, 90 insertions(+), 82 deletions(-)

diff --git a/wcfsetup/install/files/acp/templates/applicationManagement.tpl b/wcfsetup/install/files/acp/templates/applicationManagement.tpl
index ef4dcbf5bf..2f53269816 100644
--- a/wcfsetup/install/files/acp/templates/applicationManagement.tpl
+++ b/wcfsetup/install/files/acp/templates/applicationManagement.tpl
@@ -17,59 +17,61 @@
 {include file='formNotice' action='edit'}
 
 <form method="post" action="{link controller='ApplicationManagement'}{/link}">
-	<section class="section">
-		<h2 class="sectionTitle">{lang}wcf.acp.application.management.domain{/lang}</h2>
+	{if !ENABLE_ENTERPRISE_MODE || $__wcf->user->hasOwnerAccess()}
+		<section class="section">
+			<h2 class="sectionTitle">{lang}wcf.acp.application.management.domain{/lang}</h2>
 
-		<dl{if $errorField == 'domainName'} class="formError"{/if}>
-			<dt><label for="domainName">{lang}wcf.acp.application.management.domainName{/lang}</label></dt>
-			<dd>
-				<div class="inputAddon">
-					<span class="inputPrefix">https://</span>
-					<input type="text" name="domainName" id="domainName" value="{$domainName}" class="long">
-				</div>
-				{if $errorField == 'domainName'}
-					<small class="innerError">
-						{if $errorType == 'empty'}
-							{lang}wcf.global.form.error.empty{/lang}
-						{else}
-							{lang}wcf.acp.application.management.domainName.error.{$errorType}{/lang}
-						{/if}
-					</small>
-				{/if}
-				<small>{lang}wcf.acp.application.management.domainName.description{/lang}</small>
-			</dd>
-		</dl>
+			<dl{if $errorField == 'domainName'} class="formError"{/if}>
+				<dt><label for="domainName">{lang}wcf.acp.application.management.domainName{/lang}</label></dt>
+				<dd>
+					<div class="inputAddon">
+						<span class="inputPrefix">https://</span>
+						<input type="text" name="domainName" id="domainName" value="{$domainName}" class="long">
+					</div>
+					{if $errorField == 'domainName'}
+						<small class="innerError">
+							{if $errorType == 'empty'}
+								{lang}wcf.global.form.error.empty{/lang}
+							{else}
+								{lang}wcf.acp.application.management.domainName.error.{$errorType}{/lang}
+							{/if}
+						</small>
+					{/if}
+					<small>{lang}wcf.acp.application.management.domainName.description{/lang}</small>
+				</dd>
+			</dl>
 
-		<dl{if $errorField == 'cookieDomain'} class="formError"{/if}>
-			<dt><label for="cookieDomain">{lang}wcf.acp.application.management.cookieDomain{/lang}</label></dt>
-			<dd>
-				<input type="text" name="cookieDomain" id="cookieDomain" value="{$cookieDomain}" class="long">
-				{if $errorField == 'cookieDomain'}
-					<small class="innerError">
-						{if $errorType == 'empty'}
-							{lang}wcf.global.form.error.empty{/lang}
-						{else}
-							{lang}wcf.acp.application.management.cookieDomain.error.{$errorType}{/lang}
-						{/if}
-					</small>
-				{/if}
-				<small>{lang}wcf.acp.application.management.cookieDomain.description{/lang}</small>
-			</dd>
-		</dl>
-	</section>
+			<dl{if $errorField == 'cookieDomain'} class="formError"{/if}>
+				<dt><label for="cookieDomain">{lang}wcf.acp.application.management.cookieDomain{/lang}</label></dt>
+				<dd>
+					<input type="text" name="cookieDomain" id="cookieDomain" value="{$cookieDomain}" class="long">
+					{if $errorField == 'cookieDomain'}
+						<small class="innerError">
+							{if $errorType == 'empty'}
+								{lang}wcf.global.form.error.empty{/lang}
+							{else}
+								{lang}wcf.acp.application.management.cookieDomain.error.{$errorType}{/lang}
+							{/if}
+						</small>
+					{/if}
+					<small>{lang}wcf.acp.application.management.cookieDomain.description{/lang}</small>
+				</dd>
+			</dl>
+		</section>
 
-	{* Keep the cookie domain in sync if it was previously identical. *}
-	{if $domainName === $cookieDomain}
-		<script>
-			(() => {
-				const domainName = document.getElementById("domainName");
-				const cookieDomain = document.getElementById("cookieDomain");
+		{* Keep the cookie domain in sync if it was previously identical. *}
+		{if $domainName === $cookieDomain}
+			<script>
+				(() => {
+					const domainName = document.getElementById("domainName");
+					const cookieDomain = document.getElementById("cookieDomain");
 
-				domainName.addEventListener("input", () => {
-					cookieDomain.value = domainName.value;
-				});
-			})();
-		</script>
+					domainName.addEventListener("input", () => {
+						cookieDomain.value = domainName.value;
+					});
+				})();
+			</script>
+		{/if}
 	{/if}
 
 	<section class="section">
diff --git a/wcfsetup/install/files/lib/acp/form/ApplicationManagementForm.class.php b/wcfsetup/install/files/lib/acp/form/ApplicationManagementForm.class.php
index da4a1c9662..974d9de171 100644
--- a/wcfsetup/install/files/lib/acp/form/ApplicationManagementForm.class.php
+++ b/wcfsetup/install/files/lib/acp/form/ApplicationManagementForm.class.php
@@ -81,12 +81,15 @@ final class ApplicationManagementForm extends AbstractForm
     {
         parent::readFormParameters();
 
-        if (isset($_POST['cookieDomain'])) {
-            $this->cookieDomain = StringUtil::trim($_POST['cookieDomain']);
-        }
-        if (isset($_POST['domainName'])) {
-            $this->domainName = StringUtil::trim($_POST['domainName']);
+        if (!ENABLE_ENTERPRISE_MODE || WCF::getUser()->hasOwnerAccess()) {
+            if (isset($_POST['cookieDomain'])) {
+                $this->cookieDomain = StringUtil::trim($_POST['cookieDomain']);
+            }
+            if (isset($_POST['domainName'])) {
+                $this->domainName = StringUtil::trim($_POST['domainName']);
+            }
         }
+
         if (isset($_POST['landingPageID']) && \is_array($_POST['landingPageID'])) {
             $this->landingPageID = ArrayUtil::toIntegerArray($_POST['landingPageID']);
         }
@@ -96,29 +99,31 @@ final class ApplicationManagementForm extends AbstractForm
     {
         parent::validate();
 
-        if (empty($this->domainName)) {
-            throw new UserInputException('domainName');
-        }
+        if (!ENABLE_ENTERPRISE_MODE || WCF::getUser()->hasOwnerAccess()) {
+            if (empty($this->domainName)) {
+                throw new UserInputException('domainName');
+            }
 
-        $regex = new Regex('^https?\://');
-        $this->domainName = FileUtil::removeTrailingSlash($regex->replace($this->domainName, ''));
-        $this->cookieDomain = FileUtil::removeTrailingSlash($regex->replace($this->cookieDomain, ''));
+            $regex = new Regex('^https?\://');
+            $this->domainName = FileUtil::removeTrailingSlash($regex->replace($this->domainName, ''));
+            $this->cookieDomain = FileUtil::removeTrailingSlash($regex->replace($this->cookieDomain, ''));
 
-        // domain may not contain path components
-        $regex = new Regex('[/#\?&]');
-        if ($regex->match($this->domainName)) {
-            throw new UserInputException('domainName', 'containsPath');
-        } elseif ($regex->match($this->cookieDomain)) {
-            throw new UserInputException('cookieDomain', 'containsPath');
-        }
+            // domain may not contain path components
+            $regex = new Regex('[/#\?&]');
+            if ($regex->match($this->domainName)) {
+                throw new UserInputException('domainName', 'containsPath');
+            } elseif ($regex->match($this->cookieDomain)) {
+                throw new UserInputException('cookieDomain', 'containsPath');
+            }
 
-        // strip port from cookie domain
-        $regex = new Regex(':[0-9]+$');
-        $this->cookieDomain = $regex->replace($this->cookieDomain, '');
+            // strip port from cookie domain
+            $regex = new Regex(':[0-9]+$');
+            $this->cookieDomain = $regex->replace($this->cookieDomain, '');
 
-        // check if cookie domain shares the same domain (may exclude subdomains)
-        if (!\str_ends_with($regex->replace($this->domainName, ''), $this->cookieDomain)) {
-            throw new UserInputException('cookieDomain', 'invalid');
+            // check if cookie domain shares the same domain (may exclude subdomains)
+            if (!\str_ends_with($regex->replace($this->domainName, ''), $this->cookieDomain)) {
+                throw new UserInputException('cookieDomain', 'invalid');
+            }
         }
 
         foreach ($this->landingPageID as $landingPageID) {
@@ -154,14 +159,16 @@ final class ApplicationManagementForm extends AbstractForm
     {
         parent::save();
 
-        $sql = "UPDATE  wcf" . WCF_N . "_application
-                SET     domainName = ?,
-                        cookieDomain = ?";
-        $statement = WCF::getDB()->prepareStatement($sql);
-        $statement->execute([
-            $this->domainName,
-            $this->cookieDomain,
-        ]);
+        if (!ENABLE_ENTERPRISE_MODE || WCF::getUser()->hasOwnerAccess()) {
+            $sql = "UPDATE  wcf" . WCF_N . "_application
+                    SET     domainName = ?,
+                            cookieDomain = ?";
+            $statement = WCF::getDB()->prepareStatement($sql);
+            $statement->execute([
+                $this->domainName,
+                $this->cookieDomain,
+            ]);
+        }
 
         $sql = "UPDATE  wcf" . WCF_N . "_application
                 SET     landingPageID = ?
diff --git a/wcfsetup/install/files/lib/data/user/group/option/UserGroupOption.class.php b/wcfsetup/install/files/lib/data/user/group/option/UserGroupOption.class.php
index 1702c46f1d..d8d4f5b7b3 100644
--- a/wcfsetup/install/files/lib/data/user/group/option/UserGroupOption.class.php
+++ b/wcfsetup/install/files/lib/data/user/group/option/UserGroupOption.class.php
@@ -27,7 +27,6 @@ class UserGroupOption extends Option
      */
     const ENTERPRISE_BLACKLIST = [
         // Configuration
-        'admin.configuration.canManageApplication',
         'admin.configuration.package.canUpdatePackage',
         'admin.configuration.package.canEditServer',
 
-- 
2.20.1