Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
services
t3o sites
extensions.typo3.org
extensions.typo3.org
Commits
381002f5
Commit
381002f5
authored
Jul 25, 2017
by
Thomas Löffler
Browse files
Integrates review form for security into upload history
parent
f580af68
Pipeline
#1757
passed with stages
in 2 minutes and 54 seconds
Changes
5
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
html/typo3conf/ext/ter/resources/static/constants.txt
View file @
381002f5
plugin.tx_ter_pi1 {
pid =
reviewersFrontendUsergroupUid =
adminFrontendUsergroupUid =
2
reviewersFrontendUsergroupUid =
2
adminFrontendUsergroupUid =
3
mirrorsFrontendUsergroupUid =
wsdlNamespace =
}
html/typo3conf/ext/ter_fe2/Classes/Controller/ReviewController.php
View file @
381002f5
...
...
@@ -52,12 +52,12 @@ class ReviewController extends \T3o\TerFe2\Controller\AbstractTerBasedController
* Set unsecure flag of all given versions
*
* @param \T3o\TerFe2\Domain\Model\Extension $extension The extension to update
* @param mixed $
u
nsecureVersions Version UIDs or empty string of no version was selected
* @param mixed $
i
nsecureVersions Version UIDs or empty string of no version was selected
* @return void
*/
public
function
updateAction
(
\
T3o\TerFe2\Domain\Model\Extension
$extension
,
$
u
nsecureVersions
)
public
function
updateAction
(
\
T3o\TerFe2\Domain\Model\Extension
$extension
,
$
i
nsecureVersions
)
{
$
u
nsecureVersions
=
(
is_array
(
$
u
nsecureVersions
)
?
$
u
nsecureVersions
:
array
());
$
i
nsecureVersions
=
(
is_array
(
$
i
nsecureVersions
)
?
$
i
nsecureVersions
:
array
());
$extensionKey
=
$extension
->
getExtKey
();
$versions
=
$extension
->
getVersions
();
$persist
=
FALSE
;
...
...
@@ -67,7 +67,7 @@ class ReviewController extends \T3o\TerFe2\Controller\AbstractTerBasedController
$actionParameters
=
array
(
'extension'
=>
$extension
);
$reviewState
=
0
;
if
(
in_array
(
$version
->
getUid
(),
$
u
nsecureVersions
))
{
if
(
in_array
(
$version
->
getUid
(),
$
i
nsecureVersions
))
{
$reviewState
=
-
1
;
}
...
...
html/typo3conf/ext/ter_fe2/Resources/Private/Partials/ExtensionUploadHistoryList.html
View file @
381002f5
{namespace terfe2=
T3o
\
TerFe2
\
ViewHelpers
}
<html
xmlns:terfe2=
"http://typo3.org/ns/
T3o
/
TerFe2
/
ViewHelpers
"
data-namespace-typo3-fluid=
"true"
>
<table
class=
"table table-hover"
>
<thead>
<f:security.ifHasRole
role=
"{settings.reviewerGroupUid}"
>
<f:then>
<f:form
action=
"update"
method=
"post"
controller=
"Review"
name=
"extension"
object=
"{extension}"
>
<table
class=
"table table-hover"
>
<thead>
<tr>
<th
class=
"col-sm-1 text-center"
><i
class=
"fa fa-bug"
></i></th>
<th
class=
"col-sm-2"
><i
class=
"fa fa-info"
></i>
Version
</th>
<th
class=
"col-sm-4"
><i
class=
"fa fa-comment-o"
></i>
Upload comment
</th>
<th
class=
"col-sm-3"
>
Supports TYPO3 version
</th>
<th
class=
"col-sm-2"
><i
class=
"fa fa-download"
></i>
Download
</th>
</tr>
</thead>
<tbody>
<f:for
each=
"{versionHistory}"
as=
"version"
>
<tr
{
f:if
(
condition:
'{
version
}
==
{
version.extension.lastVersion
}',
then:
'
class=
"table-success"
')}{
f:if
(
condition:
'{
version.reviewState
}
==
-1
',
then:
'
class=
"table-danger"
')}
>
<td
class=
"align-middle text-center"
>
<f:form.checkbox
name=
"insecureVersions[]"
value=
"{version.uid}"
checked=
"{version.reviewState} == -1"
/>
</td>
<td
class=
"align-middle"
>
<strong>
{version.versionString}
</strong>
/
<span
class=
"ter-ext-state-{extension.lastVersion.state}"
>
{extension.lastVersion.state}
</span>
<br
/>
<small>
<f:format.date
format=
"F d, Y"
>
{version.uploadDate}
</f:format.date>
</small>
</td>
<td
class=
"align-middle"
>
<f:format.nl2br>
{version.uploadComment}
</f:format.nl2br>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.typo3Dependency}"
>
<strong>
{version.typo3Dependency.versionString}
</strong>
</f:if>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.reviewState} != -1"
>
<f:then>
<f:link.action
controller=
"Extension"
action=
"download"
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}"
class=
"btn btn-primary"
>
<f:translate
key=
"download_zip"
/>
</f:link.action>
</f:then>
<f:else>
<f:security.ifHasRole
role=
"{settings.reviewerGroupUid}"
>
<f:then>
<f:link.action
controller=
"Extension"
action=
"download"
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
class=
"ter-download-icon ter-download-icon-zip"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}"
>
<f:translate
key=
"download_zip"
/>
</f:link.action>
</f:then>
</f:security.ifHasRole>
</f:else>
</f:if>
</td>
</tr>
</f:for>
</tbody>
</table>
<button
type=
"button"
class=
"btn btn-primary"
>
Mark as insecure
</button>
</f:form>
</f:then>
<f:else>
<table
class=
"table table-hover"
>
<thead>
<tr>
<th
class=
"col-sm-
3
"
><i
class=
"fa fa-info"
></i>
Version
</th>
<th
class=
"col-sm-
4
"
><i
class=
"fa fa-comment-o"
></i>
Upload comment
</th>
<th
class=
"col-sm-
2
"
><i
class=
"fa fa-info"
></i>
Version
</th>
<th
class=
"col-sm-
5
"
><i
class=
"fa fa-comment-o"
></i>
Upload comment
</th>
<th
class=
"col-sm-3"
>
Supports TYPO3 version
</th>
<th
class=
"col-sm-2"
><i
class=
"fa fa-download"
></i>
Download
</th>
</tr>
</thead>
<tbody>
<f:for
each=
"{versionHistory}"
as=
"version"
>
<tr
<
f:if
condition=
"{version} == {version.extension.lastVersion}"
>
class="table-success"
</f:if>
<f:if
condition=
"{version.reviewState} == -1"
>
class="table-danger"
</f:if>
>
<td
class=
"align-middle"
>
<strong>
{version.versionString}
</strong>
/
<span
class=
"ter-ext-state-{extension.lastVersion.state}"
>
{extension.lastVersion.state}
</span>
<br
/>
<small>
<f:format.date
format=
"F d, Y"
>
{version.uploadDate}
</f:format.date>
</small>
</td>
<td
class=
"align-middle"
>
<f:format.nl2br>
{version.uploadComment}
</f:format.nl2br>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.typo3Dependency}"
>
<strong>
{version.typo3Dependency.versionString}
</strong>
</f:if>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.reviewState} != -1"
>
<f:then>
<f:link.action
controller=
"Extension"
action=
"download"
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}"
class=
"btn btn-primary"
>
<f:translate
key=
"download_zip"
/>
</f:link.action>
</f:then>
<f:else>
<f:security.ifHasRole
role=
"{settings.reviewerGroupUid}"
>
</thead>
<tbody>
<f:for
each=
"{versionHistory}"
as=
"version"
>
<tr
{
f:if
(
condition:
'{
version
}
==
{
version.extension.lastVersion
}',
then:
'
class=
"table-success"
')}{
f:if
(
condition:
'{
version.reviewState
}
==
-1
',
then:
'
class=
"table-danger"
')}
>
<td
class=
"align-middle"
>
<strong>
{version.versionString}
</strong>
/
<span
class=
"ter-ext-state-{extension.lastVersion.state}"
>
{extension.lastVersion.state}
</span>
<br
/>
<small>
<f:format.date
format=
"F d, Y"
>
{version.uploadDate}
</f:format.date>
</small>
</td>
<td
class=
"align-middle"
>
<f:format.nl2br>
{version.uploadComment}
</f:format.nl2br>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.typo3Dependency}"
>
<strong>
{version.typo3Dependency.versionString}
</strong>
</f:if>
</td>
<td
class=
"align-middle"
>
<f:if
condition=
"{version.reviewState} != -1"
>
<f:then>
<f:link.action
controller=
"Extension"
action=
"download"
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
class=
"ter-download-icon ter-download-icon-zip
"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}
"
>
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}
"
class=
"btn btn-primary
"
>
<f:translate
key=
"download_zip"
/>
</f:link.action>
</f:then>
</f:security.ifHasRole>
</f:else>
</f:if>
</td>
</tr>
</f:for>
</tbody>
</table>
<f:else>
<f:security.ifHasRole
role=
"{settings.reviewerGroupUid}"
>
<f:then>
<f:link.action
controller=
"Extension"
action=
"download"
arguments=
"{extension : extension, versionString : version.versionString, format : 'zip'}"
class=
"ter-download-icon ter-download-icon-zip"
title=
"{f:translate(key:'filesize')}: {version.zipFileSize -> terfe2:filesize()}"
>
<f:translate
key=
"download_zip"
/>
</f:link.action>
</f:then>
</f:security.ifHasRole>
</f:else>
</f:if>
</td>
</tr>
</f:for>
</tbody>
</table>
</f:else>
</f:security.ifHasRole>
</html>
html/typo3conf/ext/ter_fe2/Resources/Private/Partials/ReviewForm.html
deleted
100644 → 0
View file @
f580af68
<h3>
<f:translate
key=
"header.review_form"
/>
</h3>
<div
class=
"ter-ext-single-review"
>
<f:form
method=
"post"
action=
"update"
controller=
"Review"
name=
"extension"
object=
"{extension}"
>
<label
for=
"versionReview"
>
<f:translate
key=
"review_versions"
/>
:
</label>
<div
class=
"ter-ext-single-versions"
id=
"versionReview"
>
<table
cellpadding=
"0"
cellspacing=
"0"
border=
"0"
>
<f:for
each=
"{extension.reverseVersionsByVersionNumber}"
as=
"version"
iteration=
"versionIterator"
>
<tr
class=
"{f:if(condition:'{versionIterator.isOdd}', then: 'odd', else: 'even')}"
>
<td
class=
"ter-ext-single-versions-input"
>
<f:form.checkbox
name=
"unsecureVersions[]"
id=
"version-{version.uid}"
value=
"{version.uid}"
checked=
"{version.reviewState} == -1"
/>
</td>
<td
class=
"ter-ext-single-versions-label"
>
<label
for=
"version-{version.uid}"
>
{version.versionString}
</label>
</td>
</tr>
</f:for>
</table>
</div>
<f:form.submit
value=
"{f:translate(key:'update_review')}"
class=
"bu"
/>
</f:form>
</div>
\ No newline at end of file
html/typo3conf/ext/ter_fe2/Resources/Private/Templates/Extension/Show.html
View file @
381002f5
...
...
@@ -93,16 +93,6 @@
</div>
</f:if>
<f:if
condition=
"{settings.show.reviewForm}"
>
<f:security.ifHasRole
role=
"{settings.reviewerGroupUid}"
>
<div
class=
"hide-tab tab-content lite-tab-panes-black"
>
<div
class=
"ter-ext-single"
style=
"padding-top: 10px;"
>
<f:render
partial=
"ReviewForm"
arguments=
"{extension: extension}"
/>
</div>
</div>
</f:security.ifHasRole>
</f:if>
<div
class=
"socialshareprivacy"
></div>
<f:link.page
pageUid=
"1"
class=
"btn btn-success mb-3"
>
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment