Commit 4eee7f08 authored by Oliver Bartsch's avatar Oliver Bartsch Committed by Christian Kuhn
Browse files

[TASK] Do not require sudo mode in development context

The sudo mode, introduced in #92836, is required whenever
the install tool is accessed in the backend.

Especially in development context accessing the install
tool is a frequent task, e.g. for clearing all caches,
to test global configuration or to run the database
analyzer.

Therefore, the sudo mode is now not longer required
while the installations application context is set
to "Development".

Resolves: #93160
Releases: master, 10.4, 9.5
Change-Id: If61fa08847181491c01417d301a6bc1f480bae1b
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/68097

Tested-by: default avatarTYPO3com <noreply@typo3.com>
Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
parent 964eeb20
......@@ -20,6 +20,7 @@ use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Core\Authentication\AbstractAuthenticationService;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Http\HtmlResponse;
......@@ -176,6 +177,9 @@ class BackendModuleController
if ($this->getSessionService()->isAuthorizedBackendUserSession()) {
return null;
}
if (Environment::getContext()->isDevelopment()) {
return null;
}
$redirectUri = $this->getBackendUserConfirmationUri([
'targetController' => $targetController,
'targetHash' => GeneralUtility::hmac($targetController, BackendModuleController::class),
......
<?php
declare(strict_types = 1);
namespace TYPO3\CMS\Install\Tests\Functional\Controller;
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
use TYPO3\CMS\Core\Core\ApplicationContext;
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Install\Controller\BackendModuleController;
use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
class BackendModuleControllerTest extends FunctionalTestCase
{
/**
* @test
* @dataProvider environmentContextIsRespectedTestDataProvider
*
* @param string $module
*/
public function environmentContextIsRespectedTest(string $module): void
{
$subject = new BackendModuleController();
$action = $module . 'Action';
self::assertIsCallable([$subject, $action]);
// Ensure we are not in development context
self::assertFalse(Environment::getContext()->isDevelopment());
// Sudo mode is required
self::assertEquals(403, $subject->{$action}()->getStatusCode());
// Initialize environment with development context
Environment::initialize(
new ApplicationContext('Development'),
Environment::isComposerMode(),
Environment::isComposerMode(),
Environment::getProjectPath(),
Environment::getPublicPath(),
Environment::getVarPath(),
Environment::getConfigPath(),
Environment::getBackendPath() . '/index.php',
Environment::isWindows() ? 'WINDOWS' : 'UNIX'
);
// Authorized redirect to the install tool is performed, sudo mode is not required
$response = $subject->{$action}();
self::assertEquals(303, $response->getStatusCode());
self::assertNotEmpty($response->getHeader('location'));
self::assertStringContainsString(
'install.php?install[controller]=' . $module . '&install[context]=backend',
$response->getHeaderLine('location')
);
}
public function environmentContextIsRespectedTestDataProvider(): \Generator
{
yield 'maintenance module' => ['maintenance'];
yield 'settings module' => ['settings'];
yield 'upgrade module' => ['upgrade'];
yield 'environment module' => ['environment'];
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment