-
-
Notifications
You must be signed in to change notification settings - Fork 528
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Protect important directories #14374
Conversation
Thanks for taking time to create this PR and help make MODX better. It seems that you are a first-time contributor. To prevent us from merging this PR it's important that you sign the Contributor License Agreement (CLA). If you have signed the CLA already please let us know. If you have any questions feel free to post them. |
@JoshuaLuckers thanks for link to CLA. I have already signed today. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would love to see a more descriptive error message with an explanation of why user can to do such action.
Added. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please only include the English lexicon entries. Lexicons in other languages are managed via CrowdIn and they might get overwritten when translations are imported.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Everything works as described
* | ||
* @return array | ||
*/ | ||
public function getProtectedPathDirectories() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it make sense to make it static as it returns constants? Not a request, but just a question for discussion.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The code seems OK for me and works as expected.
* upstream/pr/14374: Fixed comment Fixed comment Removed ru lexicons for rename and delete actions Added lexicons (en, ru) for rename and delete actions Fix new directory name check in processor browser/directory/rename Fix processor description browser/directory/rename Fixed issue modxcms#14114
What does it do?
Added list of protected directories, that can not be renamed or removed from manager:
Renaming or removing this directories will cause error with message "Access Denied".
Also, this PR contain 2 small fixes in processor browser/directory/rename
Why is it needed?
Description from issue:
Right click on any of these folders, rename or delete them and you are in trouble. Could also reduce impact of malicious actions by people with low morals or a short temper.
Related issue(s)/PR(s)
#14114