[TASK] Install Tool Improve Default File/Directory permission warnings 92/28492/3
authorErnesto Baschny <ernst@cron-it.de>
Tue, 18 Mar 2014 14:19:00 +0000 (15:19 +0100)
committerAnja Leichsenring <aleichsenring@ab-softlab.de>
Thu, 20 Mar 2014 18:58:32 +0000 (19:58 +0100)
The recommended setup (660/770) should generate a green "ok" and not a
Notice. It now also includes a comment if group read/writeable about
the potential risk and if configured a hint to BE/createGroup.

Also display errors in case the configured mask does not include user
read/writeable flags.

Resolves: #57025
Releases: 6.2
Change-Id: If42d505e0b1bac10cfca1d7b76faec058989ccb2
Reviewed-on: https://review.typo3.org/28492
Reviewed-by: Christian Kuhn
Tested-by: Christian Kuhn
Reviewed-by: Markus Klein
Reviewed-by: Anja Leichsenring
Tested-by: Anja Leichsenring
typo3/sysext/install/Classes/FolderStructure/DefaultPermissionsCheck.php

index 3a94238..f45215f 100644 (file)
@@ -77,27 +77,45 @@ class DefaultPermissionsCheck {
                        'ur' => (($dec & 0400) == 0400),
                        'setgid' => (($dec & 02000) == 02000),
                );
-               $extraMessage = '.';
-               if ($perms['ow']) {
+               $extraMessage = '';
+               $groupPermissions = FALSE;
+               if (!$perms['uw'] || !$perms['ur']) {
+                       $permissionStatus = new \TYPO3\CMS\Install\Status\ErrorStatus();
+                       $extraMessage = ' (not read or writable by the user)';
+               } elseif ($perms['ow']) {
                        $permissionStatus = new \TYPO3\CMS\Install\Status\ErrorStatus();
                        $extraMessage = ' (writable by anyone on the server)';
                } elseif ($perms['or']) {
                        $permissionStatus = new \TYPO3\CMS\Install\Status\WarningStatus();
                        $extraMessage = ' (readable by anyone on the server)';
                } elseif ($perms['gw']) {
-                       $permissionStatus = new \TYPO3\CMS\Install\Status\NoticeStatus();
+                       $permissionStatus = new \TYPO3\CMS\Install\Status\OkStatus();
+                       $extraMessage = ' (group writeable)';
+                       $groupPermissions = TRUE;
                } elseif ($perms['gr']) {
-                       $permissionStatus = new \TYPO3\CMS\Install\Status\NoticeStatus();
+                       $permissionStatus = new \TYPO3\CMS\Install\Status\OkStatus();
+                       $extraMessage = ' (group readable)';
+                       $groupPermissions = TRUE;
                } else {
                        $permissionStatus = new \TYPO3\CMS\Install\Status\OkStatus();
                }
                $permissionStatus->setTitle($this->names[$which] . ' (BE/' . $which . ')');
-               $permissionStatus->setMessage('Currently configured as ' . $GLOBALS['TYPO3_CONF_VARS']['BE'][$which] .
-                       $extraMessage . '.' .
-                       ' Recommended: ' . $this->recommended[$which] . '. Make sure that your' .
-                       ' server environment supports this before changing it.'
-               );
+               $message = 'Recommended: ' . $this->recommended[$which] . '.';
+               $message .= ' Currently configured as ';
+               if ($GLOBALS['TYPO3_CONF_VARS']['BE'][$which] === $this->recommended[$which]) {
+                       $message .= 'recommended';
+               } else {
+                       $message .= $GLOBALS['TYPO3_CONF_VARS']['BE'][$which];
+               }
+               $message .= $extraMessage . '.';
+               if ($groupPermissions) {
+                       $message .= ' This is fine as long as the webserver\'s group only comprises trusted users.';
+                       if (!empty($GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'])) {
+                               $message .= ' Your site is configured (BE/createGroup) to write as group \'' . $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] . '\'.';
+                       }
+               }
+               $permissionStatus->setMessage($message);
                return $permissionStatus;
        }
 
-}
\ No newline at end of file
+}