From 211f3d04abad2bd39f266e8ea73cfb6aa7d9bcb6 Mon Sep 17 00:00:00 2001
From: luccioman <luccioman@users.noreply.github.com>
Date: Mon, 2 Apr 2018 19:48:11 +0200
Subject: [PATCH] Added hint message inciting to check accounts settings on
 fresh install

When unrestricted access from localhost is set and the accounts config
page has not been visited at all.
---
 htroot/Status.html     | 6 ++++++
 htroot/Status.java     | 4 ++++
 locales/fr.lng         | 2 ++
 locales/master.lng.xlf | 6 ++++++
 4 files changed, 18 insertions(+)

diff --git a/htroot/Status.html b/htroot/Status.html
index 58c311463..21081eb18 100644
--- a/htroot/Status.html
+++ b/htroot/Status.html
@@ -82,6 +82,12 @@
    
     <!-- warnings -->
     
+    #(warningUnrestrictedLocalAccess)#::
+    <dt class="hintIcon"><img src="env/grafics/bad.png" width="32" height="32" alt="bad"/></dt>
+    <dd class="hint">Access is unrestricted from localhost (this includes administration features). 
+    	Please check the <a href="ConfigAccounts_p.html">accounts configuration</a> page to ensure that the settings match the security level you need.</dd>
+    #(/warningUnrestrictedLocalAccess)#
+    
     #(warningGoOnline)#::
     <dt class="hintIcon"><img src="env/grafics/bad.png" width="32" height="32" alt="bad"/></dt>
     <dd class="hint">The peer must go online to get a peer address.
diff --git a/htroot/Status.java b/htroot/Status.java
index 507e6d18e..091981c60 100644
--- a/htroot/Status.java
+++ b/htroot/Status.java
@@ -140,6 +140,10 @@ public class Status
 
         if ( sb.getConfigBool(SwitchboardConstants.ADMIN_ACCOUNT_FOR_LOCALHOST, false) ) {
             prop.put("unrestrictedLocalAccess", 1);
+            if(sb.getConfig(SwitchboardConstants.SERVER_SERVLETS_CALLED, "").indexOf("ConfigAccounts_p.html", 0) < 0) {
+            	/* Encourage checking accounts config page to be sure that unrestricted local access is desired */
+            	prop.put("warningUnrestrictedLocalAccess", true);	
+            }
         }
 
         // resource observer status
diff --git a/locales/fr.lng b/locales/fr.lng
index aeb76575b..b4e4ca12b 100644
--- a/locales/fr.lng
+++ b/locales/fr.lng
@@ -2135,6 +2135,8 @@ Please open the <a href="ConfigAccounts_p.html">accounts configuration</a> page
 and set an administration password.==et d&eacute;finir un mot de passe administrateur.
 You have not published your peer seed yet. This happens automatically, just wait.==Votre noeud n'est pas encore connu du r&eacute;seau. Attendez quelques instants, cela se d&eacute;roule automatiquement.
 Your network configuration is in private mode. Your peer seed will not be published.== La configuration de votre r&eacute;seau est en mode priv&eacute;. Votre noeud restera inconnu du r&eacute;seau.
+Access is unrestricted from localhost (this includes administration features).==Aucune restriction d'accès (cela inclut les fonctions d'administration) n'est définie pour les connexions depuis un navigateur local (localhost).
+Please check the <a href="ConfigAccounts_p.html">accounts configuration</a> page to ensure that the settings match the security level you need.==Veuillez vérifier la page de configuration des <a href="ConfigAccounts_p.html">comptes</a> pour vous assurer que les réglages satisfont le niveau de sécurité souhaité.
 The peer must go online to get a peer address.==Le noeud doit aller en ligne afin de recevoir une adresse.
 You cannot be reached from outside.==Votre noeud ne peut pas &ecirc;tre atteint depuis l'ext&eacute;rieur.
 A possible reason is that you are behind a firewall, NAT or Router.==Il est possible que vous soyez derri&egrave;re un pare-feu, un NAT ou un routeur.
diff --git a/locales/master.lng.xlf b/locales/master.lng.xlf
index d6519aae6..1a05fd045 100644
--- a/locales/master.lng.xlf
+++ b/locales/master.lng.xlf
@@ -8221,6 +8221,12 @@
     <trans-unit id="e24b0b3d" xml:space="preserve" approved="no" translate="yes">
        <source>and set an administration password.</source>
     </trans-unit>
+    <trans-unit id="f6c053fa" xml:space="preserve" approved="no" translate="yes">
+       <source>Access is unrestricted from localhost (this includes administration features).</source>
+    </trans-unit>
+    <trans-unit id="ad48a7e2" xml:space="preserve" approved="no" translate="yes">
+       <source>Please check the &lt;a href="ConfigAccounts_p.html"&gt;accounts configuration&lt;/a&gt; page to ensure that the settings match the security level you need.</source>
+    </trans-unit>
     <trans-unit id="7623b0bd" xml:space="preserve" approved="no" translate="yes">
        <source>You have not published your peer seed yet. This happens automatically, just wait.</source>
     </trans-unit>