Merge pull request #6436 from kuzmany/import-theme-settings-extensions

Allowed file extensions configuration for installed theme
mautic · Nov 10, 2018 · 1e34435 · 1e34435
2 parents 25f2717 + 75e0086
commit 1e34435
Show file tree

Hide file tree

Showing 8 changed files with 203 additions and 64 deletions.
diff --git a/app/bundles/CoreBundle/Config/config.php b/app/bundles/CoreBundle/Config/config.php
@@ -175,6 +175,9 @@
                     'mautic.helper.core_parameters',
                 ],
             ],
+            'mautic.core.configbundle.subscriber.theme' => [
+                'class'     => \Mautic\CoreBundle\EventListener\ConfigThemeSubscriber::class,
+            ],
             'mautic.webpush.js.subscriber' => [
                 'class' => 'Mautic\CoreBundle\EventListener\BuildJsSubscriber',
             ],
@@ -259,6 +262,10 @@
                 ],
                 'alias' => 'coreconfig',
             ],
+            'mautic.form.type.themeconfig' => [
+                'class' => \Mautic\CoreBundle\Form\Type\ConfigThemeType::class,
+                'alias' => 'themeconfig',
+            ],
             'mautic.form.type.coreconfig.iplookup_download_data_store_button' => [
                 'class'     => 'Mautic\CoreBundle\Form\Type\IpLookupDownloadDataStoreButtonType',
                 'alias'     => 'iplookup_download_data_store_button',
@@ -724,6 +731,7 @@
                     'mautic.helper.paths',
                     'mautic.helper.templating',
                     'translator',
+                    'mautic.helper.core_parameters',
                 ],
                 'methodCalls' => [
                     'setDefaultTheme' => [
@@ -971,48 +979,49 @@
     ],
 
     'parameters' => [
-        'site_url'             => '',
-        'webroot'              => '',
-        'cache_path'           => '%kernel.root_dir%/cache',
-        'log_path'             => '%kernel.root_dir%/logs',
-        'image_path'           => 'media/images',
-        'tmp_path'             => '%kernel.root_dir%/cache',
-        'theme'                => 'Mauve',
-        'db_driver'            => 'pdo_mysql',
-        'db_host'              => '127.0.0.1',
-        'db_port'              => 3306,
-        'db_name'              => '',
-        'db_user'              => '',
-        'db_password'          => '',
-        'db_table_prefix'      => '',
-        'db_server_version'    => '5.5',
-        'locale'               => 'en_US',
-        'secret_key'           => '',
-        'dev_hosts'            => null,
-        'trusted_hosts'        => null,
-        'trusted_proxies'      => null,
-        'rememberme_key'       => hash('sha1', uniqid(mt_rand())),
-        'rememberme_lifetime'  => 31536000, //365 days in seconds
-        'rememberme_path'      => '/',
-        'rememberme_domain'    => '',
-        'default_pagelimit'    => 30,
-        'default_timezone'     => 'UTC',
-        'date_format_full'     => 'F j, Y g:i a T',
-        'date_format_short'    => 'D, M d',
-        'date_format_dateonly' => 'F j, Y',
-        'date_format_timeonly' => 'g:i a',
-        'ip_lookup_service'    => 'maxmind_download',
-        'ip_lookup_auth'       => '',
-        'ip_lookup_config'     => [],
-        'transifex_username'   => '',
-        'transifex_password'   => '',
-        'update_stability'     => 'stable',
-        'cookie_path'          => '/',
-        'cookie_domain'        => '',
-        'cookie_secure'        => null,
-        'cookie_httponly'      => false,
-        'do_not_track_ips'     => [],
-        'do_not_track_bots'    => [
+        'site_url'                        => '',
+        'webroot'                         => '',
+        'cache_path'                      => '%kernel.root_dir%/cache',
+        'log_path'                        => '%kernel.root_dir%/logs',
+        'image_path'                      => 'media/images',
+        'tmp_path'                        => '%kernel.root_dir%/cache',
+        'theme'                           => 'Mauve',
+        'theme_import_allowed_extensions' => ['json', 'twig', 'css', 'js', 'htm', 'html', 'txt', 'jpg', 'jpeg', 'png', 'gif'],
+        'db_driver'                       => 'pdo_mysql',
+        'db_host'                         => '127.0.0.1',
+        'db_port'                         => 3306,
+        'db_name'                         => '',
+        'db_user'                         => '',
+        'db_password'                     => '',
+        'db_table_prefix'                 => '',
+        'db_server_version'               => '5.5',
+        'locale'                          => 'en_US',
+        'secret_key'                      => '',
+        'dev_hosts'                       => null,
+        'trusted_hosts'                   => null,
+        'trusted_proxies'                 => null,
+        'rememberme_key'                  => hash('sha1', uniqid(mt_rand())),
+        'rememberme_lifetime'             => 31536000, //365 days in seconds
+        'rememberme_path'                 => '/',
+        'rememberme_domain'               => '',
+        'default_pagelimit'               => 30,
+        'default_timezone'                => 'UTC',
+        'date_format_full'                => 'F j, Y g:i a T',
+        'date_format_short'               => 'D, M d',
+        'date_format_dateonly'            => 'F j, Y',
+        'date_format_timeonly'            => 'g:i a',
+        'ip_lookup_service'               => 'maxmind_download',
+        'ip_lookup_auth'                  => '',
+        'ip_lookup_config'                => [],
+        'transifex_username'              => '',
+        'transifex_password'              => '',
+        'update_stability'                => 'stable',
+        'cookie_path'                     => '/',
+        'cookie_domain'                   => '',
+        'cookie_secure'                   => null,
+        'cookie_httponly'                 => false,
+        'do_not_track_ips'                => [],
+        'do_not_track_bots'               => [
             'MSNBOT',
             'msnbot-media',
             'bingbot',

diff --git a/app/bundles/CoreBundle/EventListener/ConfigSubscriber.php b/app/bundles/CoreBundle/EventListener/ConfigSubscriber.php
@@ -57,11 +57,14 @@ public static function getSubscribedEvents()
 
     public function onConfigGenerate(ConfigBuilderEvent $event)
     {
+        $coreParams = $event->getParametersFromConfig('MauticCoreBundle');
+        unset($coreParams['theme']);
+        unset($coreParams['theme_import_allowed_extensions']);
         $event->addForm([
             'bundle'     => 'CoreBundle',
             'formAlias'  => 'coreconfig',
             'formTheme'  => 'MauticCoreBundle:FormTheme\Config',
-            'parameters' => $event->getParametersFromConfig('MauticCoreBundle'),
+            'parameters' => $coreParams,
         ]);
     }
 

diff --git a/app/bundles/CoreBundle/EventListener/ConfigThemeSubscriber.php b/app/bundles/CoreBundle/EventListener/ConfigThemeSubscriber.php
@@ -0,0 +1,44 @@
+<?php
+
+/*
+ * @copyright   2014 Mautic Contributors. All rights reserved
+ * @author      Mautic
+ *
+ * @link        http://mautic.org
+ *
+ * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
+ */
+
+namespace Mautic\CoreBundle\EventListener;
+
+use Mautic\ConfigBundle\ConfigEvents;
+use Mautic\ConfigBundle\Event\ConfigBuilderEvent;
+
+/**
+ * Class ConfigSubscriber.
+ */
+class ConfigThemeSubscriber extends CommonSubscriber
+{
+    /**
+     * @return array
+     */
+    public static function getSubscribedEvents()
+    {
+        return [
+            ConfigEvents::CONFIG_ON_GENERATE => ['onConfigGenerate', 0],
+        ];
+    }
+
+    public function onConfigGenerate(ConfigBuilderEvent $event)
+    {
+        $event->addForm([
+            'bundle'     => 'CoreBundle',
+            'formAlias'  => 'themeconfig',
+            'formTheme'  => 'MauticCoreBundle:FormTheme\Config',
+            'parameters' => [
+                    'theme'                           => $event->getParametersFromConfig('MauticCoreBundle')['theme'],
+                    'theme_import_allowed_extensions' => $event->getParametersFromConfig('MauticCoreBundle')['theme_import_allowed_extensions'],
+                ],
+        ]);
+    }
+}
diff --git a/app/bundles/CoreBundle/Form/Type/ConfigThemeType.php b/app/bundles/CoreBundle/Form/Type/ConfigThemeType.php
@@ -0,0 +1,60 @@
+<?php
+
+/*
+ * @copyright   2014 Mautic Contributors. All rights reserved
+ * @author      Mautic
+ *
+ * @link        http://mautic.org
+ *
+ * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
+ */
+
+namespace Mautic\CoreBundle\Form\Type;
+
+use Mautic\CoreBundle\Form\DataTransformer\ArrayStringTransformer;
+use Symfony\Component\Form\AbstractType;
+use Symfony\Component\Form\FormBuilderInterface;
+
+/**
+ * Class ConfigType.
+ */
+class ConfigThemeType extends AbstractType
+{
+    /**
+     * @param FormBuilderInterface $builder
+     * @param array                $options
+     */
+    public function buildForm(FormBuilderInterface $builder, array $options)
+    {
+        $builder->add(
+            'theme',
+            'theme_list',
+            [
+                'label' => 'mautic.core.config.form.theme',
+                'attr'  => [
+                    'class'   => 'form-control',
+                    'tooltip' => 'mautic.page.form.template.help',
+                ],
+            ]
+        );
+        $arrayStringTransformer = new ArrayStringTransformer();
+        $builder->add(
+            $builder->create('theme_import_allowed_extensions', 'text', [
+                'label'      => 'mautic.core.config.form.theme.import.allowed.extensions',
+                'label_attr' => ['class' => 'control-label'],
+                'attr'       => [
+                    'class'   => 'form-control',
+                ],
+                'required' => false,
+            ])->addViewTransformer($arrayStringTransformer)
+        );
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function getName()
+    {
+        return 'themeconfig';
+    }
+}
diff --git a/app/bundles/CoreBundle/Form/Type/ConfigType.php b/app/bundles/CoreBundle/Form/Type/ConfigType.php
@@ -198,18 +198,6 @@ public function buildForm(FormBuilderInterface $builder, array $options)
             ]
         );
 
-        $builder->add(
-            'theme',
-            'theme_list',
-            [
-                'label' => 'mautic.core.config.form.theme',
-                'attr'  => [
-                    'class'   => 'form-control',
-                    'tooltip' => 'mautic.page.form.template.help',
-                ],
-            ]
-        );
-
         // Get the list of available languages
         $languages   = $this->langHelper->fetchLanguages(false, false);
         $langChoices = [];

diff --git a/app/bundles/CoreBundle/Helper/ThemeHelper.php b/app/bundles/CoreBundle/Helper/ThemeHelper.php
@@ -82,18 +82,25 @@ class ThemeHelper
         'vibrant',
     ];
 
+    /**
+     * @var CoreParametersHelper
+     */
+    private $coreParametersHelper;
+
     /**
      * ThemeHelper constructor.
      *
-     * @param PathsHelper         $pathsHelper
-     * @param TemplatingHelper    $templatingHelper
-     * @param TranslatorInterface $translator
+     * @param PathsHelper          $pathsHelper
+     * @param TemplatingHelper     $templatingHelper
+     * @param TranslatorInterface  $translator
+     * @param CoreParametersHelper $coreParametersHelper
      */
-    public function __construct(PathsHelper $pathsHelper, TemplatingHelper $templatingHelper, TranslatorInterface $translator)
+    public function __construct(PathsHelper $pathsHelper, TemplatingHelper $templatingHelper, TranslatorInterface $translator, CoreParametersHelper $coreParametersHelper)
     {
-        $this->pathsHelper      = $pathsHelper;
-        $this->templatingHelper = $templatingHelper;
-        $this->translator       = $translator;
+        $this->pathsHelper          = $pathsHelper;
+        $this->templatingHelper     = $templatingHelper;
+        $this->translator           = $translator;
+        $this->coreParametersHelper = $coreParametersHelper;
     }
 
     /**
@@ -430,7 +437,7 @@ public function install($zipFile)
             throw new \Exception($this->getExtractError($archive));
         } else {
             $containsConfig    = false;
-            $allowedExtensions = ['', 'json', 'twig', 'css', 'js', 'htm', 'html', 'txt', 'jpg', 'jpeg', 'png', 'gif', 'tiff', 'ico', 'icns', 'eot', 'woff', 'svg'];
+            $allowedExtensions = $this->coreParametersHelper->getParameter('theme_import_allowed_extensions');
             $allowedFiles      = [];
             for ($i = 0; $i < $zipper->numFiles; ++$i) {
                 $entry     = $zipper->getNameIndex($i);
@@ -442,7 +449,7 @@ public function install($zipFile)
                 }
 
                 // Filter out dangerous files like .php
-                if (in_array(strtolower($extension), $allowedExtensions)) {
+                if (empty($extension) || in_array(strtolower($extension), $allowedExtensions)) {
                     $allowedFiles[] = $entry;
                 }
             }

diff --git a/app/bundles/CoreBundle/Translations/en_US/messages.ini b/app/bundles/CoreBundle/Translations/en_US/messages.ini
@@ -1,3 +1,5 @@
+mautic.config.tab.themeconfig="Theme Settings"
+mautic.core.config.form.theme.import.allowed.extensions="Allowed file extensions from package installation"
 mautic.config.tab.coreconfig="System Settings"
 mautic.config.tab.frequency_rules="Default Frequency Rule"
 mautic.core.ab_test.confirm_make_winner="Warning: making %name% the winner will set it as the main item/parent, unpublish the other variants, stop the A/B test, and reset current A/B test stats. Are you sure you want to do this?"

diff --git a/app/bundles/CoreBundle/Views/FormTheme/Config/_config_themeconfig_widget.html.php b/app/bundles/CoreBundle/Views/FormTheme/Config/_config_themeconfig_widget.html.php
@@ -0,0 +1,26 @@
+<?php
+
+/*
+ * @copyright   2014 Mautic Contributors. All rights reserved
+ * @author      Mautic
+ *
+ * @link        http://mautic.org
+ *
+ * @license     GNU/GPLv3 http://www.gnu.org/licenses/gpl-3.0.html
+ */
+?>
+
+<div class="panel panel-primary">
+    <div class="panel-heading">
+        <h3 class="panel-title"><?php echo $view['translator']->trans('mautic.config.tab.themeconfig'); ?></h3>
+    </div>
+    <div class="panel-body">
+        <?php foreach ($form->children as $name => $f): ?>
+            <div class="row">
+                <div class="col-md-6">
+                    <?php echo $view['form']->row($f); ?>
+                </div>
+            </div>
+        <?php endforeach; ?>
+    </div>
+</div>