Skip to content
Snippets Groups Projects
Verified Commit aedb18e7 authored by Lee Rowlands's avatar Lee Rowlands
Browse files

Back to dev.

parents 953a1170 47b600aa
No related branches found
No related tags found
No related merge requests found
Showing
with 368 additions and 95 deletions
......@@ -82,7 +82,7 @@ class Drupal {
/**
* The current system version.
*/
const VERSION = '8.6.2-dev';
const VERSION = '8.6.3-dev';
/**
* Core API compatibility.
......
......@@ -248,6 +248,16 @@ public static function isExternal($path) {
* Exception thrown when a either $url or $bath_url are not fully qualified.
*/
public static function externalIsLocal($url, $base_url) {
// Some browsers treat \ as / so normalize to forward slashes.
$url = str_replace('\\', '/', $url);
// Leading control characters may be ignored or mishandled by browsers, so
// assume such a path may lead to an non-local location. The \p{C} character
// class matches all UTF-8 control, unassigned, and private characters.
if (preg_match('/^\p{C}/u', $url) !== 0) {
return FALSE;
}
$url_parts = parse_url($url);
$base_parts = parse_url($base_url);
......
......@@ -8,7 +8,6 @@
use Drupal\Core\Routing\RequestContext;
use Drupal\Core\Utility\UnroutedUrlAssemblerInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\KernelEvents;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
use Symfony\Component\HttpFoundation\RedirectResponse;
......@@ -129,36 +128,6 @@ protected function getDestinationAsAbsoluteUrl($destination, $scheme_and_host) {
return $destination;
}
/**
* Sanitize the destination parameter to prevent open redirect attacks.
*
* @param \Symfony\Component\HttpKernel\Event\GetResponseEvent $event
* The Event to process.
*/
public function sanitizeDestination(GetResponseEvent $event) {
$request = $event->getRequest();
// Sanitize the destination parameter (which is often used for redirects) to
// prevent open redirect attacks leading to other domains. Sanitize both
// $_GET['destination'] and $_REQUEST['destination'] to protect code that
// relies on either, but do not sanitize $_POST to avoid interfering with
// unrelated form submissions. The sanitization happens here because
// url_is_external() requires the variable system to be available.
$query_info = $request->query;
$request_info = $request->request;
if ($query_info->has('destination') || $request_info->has('destination')) {
// If the destination is an external URL, remove it.
if ($query_info->has('destination') && UrlHelper::isExternal($query_info->get('destination'))) {
$query_info->remove('destination');
$request_info->remove('destination');
}
// If there's still something in $_REQUEST['destination'] that didn't come
// from $_GET, check it too.
if ($request_info->has('destination') && (!$query_info->has('destination') || $request_info->get('destination') != $query_info->get('destination')) && UrlHelper::isExternal($request_info->get('destination'))) {
$request_info->remove('destination');
}
}
}
/**
* Registers the methods in this class that should be listeners.
*
......@@ -167,7 +136,6 @@ public function sanitizeDestination(GetResponseEvent $event) {
*/
public static function getSubscribedEvents() {
$events[KernelEvents::RESPONSE][] = ['checkRedirectUrl'];
$events[KernelEvents::REQUEST][] = ['sanitizeDestination', 100];
return $events;
}
......
......@@ -18,6 +18,20 @@
*/
class PhpMail implements MailInterface {
/**
* The configuration factory.
*
* @var \Drupal\Core\Config\ConfigFactoryInterface
*/
protected $configFactory;
/**
* PhpMail constructor.
*/
public function __construct() {
$this->configFactory = \Drupal::configFactory();
}
/**
* Concatenates and wraps the email body for plain-text mails.
*
......@@ -86,7 +100,10 @@ public function mail(array $message) {
// On most non-Windows systems, the "-f" option to the sendmail command
// is used to set the Return-Path. There is no space between -f and
// the value of the return path.
$additional_headers = isset($message['Return-Path']) ? '-f' . $message['Return-Path'] : '';
// We validate the return path, unless it is equal to the site mail, which
// we assume to be safe.
$site_mail = $this->configFactory->get('system.site')->get('mail');
$additional_headers = isset($message['Return-Path']) && ($site_mail === $message['Return-Path'] || static::_isShellSafe($message['Return-Path'])) ? '-f' . $message['Return-Path'] : '';
$mail_result = @mail(
$message['to'],
$mail_subject,
......@@ -112,4 +129,33 @@ public function mail(array $message) {
return $mail_result;
}
/**
* Disallows potentially unsafe shell characters.
*
* Functionally similar to PHPMailer::isShellSafe() which resulted from
* CVE-2016-10045. Note that escapeshellarg and escapeshellcmd are inadequate
* for this purpose.
*
* @param string $string
* The string to be validated.
*
* @return bool
* True if the string is shell-safe.
*
* @see https://github.com/PHPMailer/PHPMailer/issues/924
* @see https://github.com/PHPMailer/PHPMailer/blob/v5.2.21/class.phpmailer.php#L1430
*
* @todo Rename to ::isShellSafe() and/or discuss whether this is the correct
* location for this helper.
*/
protected static function _isShellSafe($string) {
if (escapeshellcmd($string) !== $string || !in_array(escapeshellarg($string), ["'$string'", "\"$string\""])) {
return FALSE;
}
if (preg_match('/[^a-zA-Z0-9@_\-.]/', $string) !== 0) {
return FALSE;
}
return TRUE;
}
}
......@@ -43,6 +43,15 @@ public function processOutbound($path, &$options = [], Request $request = NULL,
if (empty($options['alias'])) {
$langcode = isset($options['language']) ? $options['language']->getId() : NULL;
$path = $this->aliasManager->getAliasByPath($path, $langcode);
// Ensure the resulting path has at most one leading slash, to prevent it
// becoming an external URL without a protocol like //example.com. This
// is done in \Drupal\Core\Routing\UrlGenerator::generateFromRoute()
// also, to protect against this problem in arbitrary path processors,
// but it is duplicated here to protect any other URL generation code
// that might call this method separately.
if (strpos($path, '//') === 0) {
$path = '/' . ltrim($path, '/');
}
}
return $path;
}
......
......@@ -297,6 +297,11 @@ public function generateFromRoute($name, $parameters = [], $options = [], $colle
if ($options['path_processing']) {
$path = $this->processPath($path, $options, $generated_url);
}
// Ensure the resulting path has at most one leading slash, to prevent it
// becoming an external URL without a protocol like //example.com.
if (strpos($path, '//') === 0) {
$path = '/' . ltrim($path, '/');
}
// The contexts base URL is already encoded
// (see Symfony\Component\HttpFoundation\Request).
$path = str_replace($this->decodedChars[0], $this->decodedChars[1], rawurlencode($path));
......
......@@ -90,7 +90,8 @@ protected static function processParameterBag(ParameterBag $bag, $whitelist, $lo
}
if ($bag->has('destination')) {
$destination_dangerous_keys = static::checkDestination($bag->get('destination'), $whitelist);
$destination = $bag->get('destination');
$destination_dangerous_keys = static::checkDestination($destination, $whitelist);
if (!empty($destination_dangerous_keys)) {
// The destination is removed rather than sanitized because the URL
// generator service is not available and this method is called very
......@@ -101,6 +102,16 @@ protected static function processParameterBag(ParameterBag $bag, $whitelist, $lo
trigger_error(sprintf('Potentially unsafe destination removed from %s parameter bag because it contained the following keys: %s', $bag_name, implode(', ', $destination_dangerous_keys)));
}
}
// Sanitize the destination parameter (which is often used for redirects)
// to prevent open redirect attacks leading to other domains.
if (UrlHelper::isExternal($destination)) {
// The destination is removed because it is an external URL.
$bag->remove('destination');
$sanitized = TRUE;
if ($log_sanitized_keys) {
trigger_error(sprintf('Potentially unsafe destination removed from %s parameter bag because it points to an external URL.', $bag_name));
}
}
}
return $sanitized;
}
......
......@@ -3,6 +3,8 @@
namespace Drupal\Tests\block\Functional\Views;
use Drupal\Component\Serialization\Json;
use Drupal\Component\Utility\Crypt;
use Drupal\Core\Site\Settings;
use Drupal\Core\Url;
use Drupal\Tests\block\Functional\AssertBlockAppearsTrait;
use Drupal\Tests\system\Functional\Cache\AssertPageCacheContextsAndTagsTrait;
......@@ -360,14 +362,16 @@ public function testBlockContextualLinks() {
$this->drupalGet('test-page');
$id = 'block:block=' . $block->id() . ':langcode=en|entity.view.edit_form:view=test_view_block:location=block&name=test_view_block&display_id=block_1&langcode=en';
$id_token = Crypt::hmacBase64($id, Settings::getHashSalt() . $this->container->get('private_key')->get());
$cached_id = 'block:block=' . $cached_block->id() . ':langcode=en|entity.view.edit_form:view=test_view_block:location=block&name=test_view_block&display_id=block_1&langcode=en';
$cached_id_token = Crypt::hmacBase64($cached_id, Settings::getHashSalt() . $this->container->get('private_key')->get());
// @see \Drupal\contextual\Tests\ContextualDynamicContextTest:assertContextualLinkPlaceHolder()
$this->assertRaw('<div' . new Attribute(['data-contextual-id' => $id]) . '></div>', format_string('Contextual link placeholder with id @id exists.', ['@id' => $id]));
$this->assertRaw('<div' . new Attribute(['data-contextual-id' => $cached_id]) . '></div>', format_string('Contextual link placeholder with id @id exists.', ['@id' => $cached_id]));
$this->assertRaw('<div' . new Attribute(['data-contextual-id' => $id, 'data-contextual-token' => $id_token]) . '></div>', format_string('Contextual link placeholder with id @id exists.', ['@id' => $id]));
$this->assertRaw('<div' . new Attribute(['data-contextual-id' => $cached_id, 'data-contextual-token' => $cached_id_token]) . '></div>', format_string('Contextual link placeholder with id @id exists.', ['@id' => $cached_id]));
// Get server-rendered contextual links.
// @see \Drupal\contextual\Tests\ContextualDynamicContextTest:renderContextualLinks()
$post = ['ids[0]' => $id, 'ids[1]' => $cached_id];
$post = ['ids[0]' => $id, 'ids[1]' => $cached_id, 'tokens[0]' => $id_token, 'tokens[1]' => $cached_id_token];
$url = 'contextual/render?_format=json,destination=test-page';
$this->getSession()->getDriver()->getClient()->request('POST', $url, $post);
$this->assertResponse(200);
......
......@@ -16,5 +16,6 @@ class ModerationStateConstraint extends Constraint {
public $message = 'Invalid state transition from %from to %to';
public $invalidStateMessage = 'State %state does not exist on %workflow workflow';
public $invalidTransitionAccess = 'You do not have access to transition from %original_state to %new_state';
}
......@@ -2,10 +2,13 @@
namespace Drupal\content_moderation\Plugin\Validation\Constraint;
use Drupal\content_moderation\StateTransitionValidationInterface;
use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
use Drupal\Core\Entity\ContentEntityInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Drupal\content_moderation\ModerationInformationInterface;
use Drupal\Core\Session\AccountInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\Validator\Constraint;
use Symfony\Component\Validator\ConstraintValidator;
......@@ -29,6 +32,20 @@ class ModerationStateConstraintValidator extends ConstraintValidator implements
*/
protected $moderationInformation;
/**
* The current user.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $currentUser;
/**
* The state transition validation service.
*
* @var \Drupal\content_moderation\StateTransitionValidationInterface
*/
protected $stateTransitionValidation;
/**
* Creates a new ModerationStateConstraintValidator instance.
*
......@@ -36,10 +53,16 @@ class ModerationStateConstraintValidator extends ConstraintValidator implements
* The entity type manager.
* @param \Drupal\content_moderation\ModerationInformationInterface $moderation_information
* The moderation information.
* @param \Drupal\Core\Session\AccountInterface $current_user
* The current user.
* @param \Drupal\content_moderation\StateTransitionValidationInterface $state_transition_validation
* The state transition validation service.
*/
public function __construct(EntityTypeManagerInterface $entity_type_manager, ModerationInformationInterface $moderation_information) {
public function __construct(EntityTypeManagerInterface $entity_type_manager, ModerationInformationInterface $moderation_information, AccountInterface $current_user, StateTransitionValidationInterface $state_transition_validation) {
$this->entityTypeManager = $entity_type_manager;
$this->moderationInformation = $moderation_information;
$this->currentUser = $current_user;
$this->stateTransitionValidation = $state_transition_validation;
}
/**
......@@ -48,7 +71,9 @@ public function __construct(EntityTypeManagerInterface $entity_type_manager, Mod
public static function create(ContainerInterface $container) {
return new static(
$container->get('entity_type.manager'),
$container->get('content_moderation.moderation_information')
$container->get('content_moderation.moderation_information'),
$container->get('current_user'),
$container->get('content_moderation.state_transition_validation')
);
}
......@@ -76,32 +101,59 @@ public function validate($value, Constraint $constraint) {
return;
}
$new_state = $workflow->getTypePlugin()->getState($entity->moderation_state->value);
$original_state = $this->getOriginalOrInitialState($entity);
// If a new state is being set and there is an existing state, validate
// there is a valid transition between them.
if (!$original_state->canTransitionTo($new_state->id())) {
$this->context->addViolation($constraint->message, [
'%from' => $original_state->label(),
'%to' => $new_state->label(),
]);
}
else {
// If we're sure the transition exists, make sure the user has permission
// to use it.
if (!$this->stateTransitionValidation->isTransitionValid($workflow, $original_state, $new_state, $this->currentUser)) {
$this->context->addViolation($constraint->invalidTransitionAccess, [
'%original_state' => $original_state->label(),
'%new_state' => $new_state->label(),
]);
}
}
}
/**
* Gets the original or initial state of the given entity.
*
* When a state is being validated, the original state is used to validate
* that a valid transition exists for target state and the user has access
* to the transition between those two states. If the entity has been
* moderated before, we can load the original unmodified revision and
* translation for this state.
*
* If the entity is new we need to load the initial state from the workflow.
* Even if a value was assigned to the moderation_state field, the initial
* state is used to compute an appropriate transition for the purposes of
* validation.
*
* @return \Drupal\workflows\StateInterface
* The original or default moderation state.
*/
protected function getOriginalOrInitialState(ContentEntityInterface $entity) {
$state = NULL;
$workflow_type = $this->moderationInformation->getWorkflowForEntity($entity)->getTypePlugin();
if (!$entity->isNew() && !$this->isFirstTimeModeration($entity)) {
$original_entity = $this->entityTypeManager->getStorage($entity->getEntityTypeId())->loadRevision($entity->getLoadedRevisionId());
if (!$entity->isDefaultTranslation() && $original_entity->hasTranslation($entity->language()->getId())) {
$original_entity = $original_entity->getTranslation($entity->language()->getId());
}
// If the state of the original entity doesn't exist on the workflow,
// we cannot do any further validation of transitions, because none will
// be setup for a state that doesn't exist. Instead allow any state to
// take its place.
if (!$workflow->getTypePlugin()->hasState($original_entity->moderation_state->value)) {
return;
}
$new_state = $workflow->getTypePlugin()->getState($entity->moderation_state->value);
$original_state = $workflow->getTypePlugin()->getState($original_entity->moderation_state->value);
if (!$original_state->canTransitionTo($new_state->id())) {
$this->context->addViolation($constraint->message, [
'%from' => $original_state->label(),
'%to' => $new_state->label(),
]);
if ($workflow_type->hasState($original_entity->moderation_state->value)) {
$state = $workflow_type->getState($original_entity->moderation_state->value);
}
}
return $state ?: $workflow_type->getInitialState($entity);
}
/**
......
......@@ -4,7 +4,9 @@
use Drupal\Core\Entity\ContentEntityInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\workflows\StateInterface;
use Drupal\workflows\Transition;
use Drupal\workflows\WorkflowInterface;
/**
* Validates whether a certain state transition is allowed.
......@@ -47,4 +49,12 @@ public function getValidTransitions(ContentEntityInterface $entity, AccountInter
});
}
/**
* {@inheritdoc}
*/
public function isTransitionValid(WorkflowInterface $workflow, StateInterface $original_state, StateInterface $new_state, AccountInterface $user) {
$transition = $workflow->getTypePlugin()->getTransitionFromStateToState($original_state->id(), $new_state->id());
return $user->hasPermission('use ' . $workflow->id() . ' transition ' . $transition->id());
}
}
......@@ -4,6 +4,8 @@
use Drupal\Core\Entity\ContentEntityInterface;
use Drupal\Core\Session\AccountInterface;
use Drupal\workflows\StateInterface;
use Drupal\workflows\WorkflowInterface;
/**
* Validates whether a certain state transition is allowed.
......@@ -23,4 +25,21 @@ interface StateTransitionValidationInterface {
*/
public function getValidTransitions(ContentEntityInterface $entity, AccountInterface $user);
/**
* Checks if a transition between two states if valid for the given user.
*
* @param \Drupal\workflows\WorkflowInterface $workflow
* The workflow entity.
* @param \Drupal\workflows\StateInterface $original_state
* The original workflow state.
* @param \Drupal\workflows\StateInterface $new_state
* The new workflow state.
* @param \Drupal\Core\Session\AccountInterface $user
* The user to validate.
*
* @return bool
* Returns TRUE if transition is valid, otherwise FALSE.
*/
public function isTransitionValid(WorkflowInterface $workflow, StateInterface $original_state, StateInterface $new_state, AccountInterface $user);
}
......@@ -158,32 +158,15 @@ public function testNoContentModerationPermissions() {
]);
$this->drupalLogin($limited_user);
// Check the user can add content, but can't see the moderation state
// select.
// Check the user can see the content entity form, but can't see the
// moderation state select or save the entity form.
$this->drupalGet('node/add/moderated_content');
$session_assert->statusCodeEquals(200);
$session_assert->fieldNotExists('moderation_state[0][state]');
$this->drupalPostForm(NULL, [
'title[0][value]' => 'moderated content',
], 'Save');
// Manually move the content to archived because the user doesn't have
// permission to do this.
$node = $this->getNodeByTitle('moderated content');
$node->moderation_state->value = 'archived';
$node->save();
// Check the user can see the current state but not the select.
$this->drupalGet('node/' . $node->id() . '/edit');
$session_assert->statusCodeEquals(200);
$session_assert->pageTextContains('Archived');
$session_assert->fieldNotExists('moderation_state[0][state]');
$this->drupalPostForm(NULL, [], 'Save');
// When saving they should still be on the edit form, and see the validation
// error message.
$session_assert->pageTextContains('Edit Moderated content moderated content');
$session_assert->pageTextContains('Invalid state transition from Archived to Archived');
$session_assert->pageTextContains('You do not have access to transition from Draft to Draft');
}
}
......@@ -7,6 +7,7 @@
use Drupal\node\Entity\Node;
use Drupal\node\Entity\NodeType;
use Drupal\Tests\content_moderation\Traits\ContentModerationTestTrait;
use Drupal\Tests\user\Traits\UserCreationTrait;
/**
* @coversDefaultClass \Drupal\content_moderation\Plugin\Validation\Constraint\ModerationStateConstraintValidator
......@@ -15,6 +16,7 @@
class EntityStateChangeValidationTest extends KernelTestBase {
use ContentModerationTestTrait;
use UserCreationTrait;
/**
* {@inheritdoc}
......@@ -29,6 +31,13 @@ class EntityStateChangeValidationTest extends KernelTestBase {
'workflows',
];
/**
* An admin user.
*
* @var \Drupal\Core\Session\AccountInterface
*/
protected $adminUser;
/**
* {@inheritdoc}
*/
......@@ -40,6 +49,9 @@ protected function setUp() {
$this->installEntitySchema('user');
$this->installEntitySchema('content_moderation_state');
$this->installConfig('content_moderation');
$this->installSchema('system', ['sequences']);
$this->adminUser = $this->createUser(array_keys($this->container->get('user.permissions')->getPermissions()));
}
/**
......@@ -48,6 +60,8 @@ protected function setUp() {
* @covers ::validate
*/
public function testValidTransition() {
$this->setCurrentUser($this->adminUser);
$node_type = NodeType::create([
'type' => 'example',
]);
......@@ -76,6 +90,8 @@ public function testValidTransition() {
* @covers ::validate
*/
public function testInvalidTransition() {
$this->setCurrentUser($this->adminUser);
$node_type = NodeType::create([
'type' => 'example',
]);
......@@ -125,6 +141,7 @@ public function testInvalidState() {
* Test validation with content that has no initial state or an invalid state.
*/
public function testInvalidStateWithoutExisting() {
$this->setCurrentUser($this->adminUser);
// Create content without moderation enabled for the content type.
$node_type = NodeType::create([
'type' => 'example',
......@@ -156,15 +173,24 @@ public function testInvalidStateWithoutExisting() {
// validating.
$workflow->getTypePlugin()->deleteState('deleted_state');
$workflow->save();
// When there is an invalid state, the content will revert to "draft". This
// will allow a draft to draft transition.
$node->moderation_state->value = 'draft';
$violations = $node->validate();
$this->assertCount(0, $violations);
// This will disallow a draft to archived transition.
$node->moderation_state->value = 'archived';
$violations = $node->validate();
$this->assertCount(1, $violations);
}
/**
* Test state transition validation with multiple languages.
*/
public function testInvalidStateMultilingual() {
$this->setCurrentUser($this->adminUser);
ConfigurableLanguage::createFromLangcode('fr')->save();
$node_type = NodeType::create([
'type' => 'example',
......@@ -220,6 +246,8 @@ public function testInvalidStateMultilingual() {
* Tests that content without prior moderation information can be moderated.
*/
public function testExistingContentWithNoModeration() {
$this->setCurrentUser($this->adminUser);
$node_type = NodeType::create([
'type' => 'example',
]);
......@@ -254,6 +282,8 @@ public function testExistingContentWithNoModeration() {
* Tests that content without prior moderation information can be translated.
*/
public function testExistingMultilingualContentWithNoModeration() {
$this->setCurrentUser($this->adminUser);
// Enable French.
ConfigurableLanguage::createFromLangcode('fr')->save();
......@@ -293,4 +323,81 @@ public function testExistingMultilingualContentWithNoModeration() {
$node_fr->save();
}
/**
* @dataProvider transitionAccessValidationTestCases
*/
public function testTransitionAccessValidation($permissions, $target_state, $messages) {
$node_type = NodeType::create([
'type' => 'example',
]);
$node_type->save();
$workflow = $this->createEditorialWorkflow();
$workflow->getTypePlugin()->addState('foo', 'Foo');
$workflow->getTypePlugin()->addTransition('draft_to_foo', 'Draft to foo', ['draft'], 'foo');
$workflow->getTypePlugin()->addTransition('foo_to_foo', 'Foo to foo', ['foo'], 'foo');
$workflow->getTypePlugin()->addEntityTypeAndBundle('node', 'example');
$workflow->save();
$this->setCurrentUser($this->createUser($permissions));
$node = Node::create([
'type' => 'example',
'title' => 'Test content',
'moderation_state' => $target_state,
]);
$this->assertTrue($node->isNew());
$violations = $node->validate();
$this->assertCount(count($messages), $violations);
foreach ($messages as $i => $message) {
$this->assertEquals($message, $violations->get($i)->getMessage());
}
}
/**
* Test cases for ::testTransitionAccessValidation.
*/
public function transitionAccessValidationTestCases() {
return [
'Invalid transition, no permissions validated' => [
[],
'archived',
['Invalid state transition from <em class="placeholder">Draft</em> to <em class="placeholder">Archived</em>'],
],
'Valid transition, missing permission' => [
[],
'published',
['You do not have access to transition from <em class="placeholder">Draft</em> to <em class="placeholder">Published</em>'],
],
'Valid transition, granted published permission' => [
['use editorial transition publish'],
'published',
[],
],
'Valid transition, granted draft permission' => [
['use editorial transition create_new_draft'],
'draft',
[],
],
'Valid transition, incorrect permission granted' => [
['use editorial transition create_new_draft'],
'published',
['You do not have access to transition from <em class="placeholder">Draft</em> to <em class="placeholder">Published</em>'],
],
// Test with an additional state and set of transitions, since the
// "published" transition can start from either "draft" or "published", it
// does not capture bugs that fail to correctly distinguish the initial
// workflow state from the set state of a new entity.
'Valid transition, granted foo permission' => [
['use editorial transition draft_to_foo'],
'foo',
[],
],
'Valid transition, incorrect foo permission granted' => [
['use editorial transition foo_to_foo'],
'foo',
['You do not have access to transition from <em class="placeholder">Draft</em> to <em class="placeholder">Foo</em>'],
],
];
}
}
......@@ -191,13 +191,19 @@ function _contextual_links_to_id($contextual_links) {
/**
* Unserializes the result of _contextual_links_to_id().
*
* @see _contextual_links_to_id
* Note that $id is user input. Before calling this method the ID should be
* checked against the token stored in the 'data-contextual-token' attribute
* which is passed via the 'tokens' request parameter to
* \Drupal\contextual\ContextualController::render().
*
* @param string $id
* A serialized representation of a #contextual_links property value array.
*
* @return array
* The value for a #contextual_links property.
*
* @see _contextual_links_to_id()
* @see \Drupal\contextual\ContextualController::render()
*/
function _contextual_id_to_links($id) {
$contextual_links = [];
......
<?php
/**
* @file
* Post update functions for Contextual Links.
*/
/**
* Ensure new page loads use the updated JS and get the updated markup.
*/
function contextual_post_update_fixed_endpoint_and_markup() {
// Empty update to trigger a change to css_js_query_string and invalidate
// cached markup.
}
......@@ -168,12 +168,16 @@
// Collect the IDs for all contextual links placeholders.
const ids = [];
$placeholders.each(function() {
ids.push($(this).attr('data-contextual-id'));
ids.push({
id: $(this).attr('data-contextual-id'),
token: $(this).attr('data-contextual-token'),
});
});
// Update all contextual links placeholders whose HTML is cached.
const uncachedIDs = _.filter(ids, contextualID => {
const html = storage.getItem(`Drupal.contextual.${contextualID}`);
const uncachedIDs = [];
const uncachedTokens = [];
ids.forEach(contextualID => {
const html = storage.getItem(`Drupal.contextual.${contextualID.id}`);
if (html && html.length) {
// Initialize after the current execution cycle, to make the AJAX
// request for retrieving the uncached contextual links as soon as
......@@ -182,13 +186,14 @@
// Drupal.contextual.collection.
window.setTimeout(() => {
initContextual(
$context.find(`[data-contextual-id="${contextualID}"]`),
$context.find(`[data-contextual-id="${contextualID.id}"]`),
html,
);
});
return false;
return;
}
return true;
uncachedIDs.push(contextualID.id);
uncachedTokens.push(contextualID.token);
});
// Perform an AJAX request to let the server render the contextual links
......@@ -197,7 +202,7 @@
$.ajax({
url: Drupal.url('contextual/render'),
type: 'POST',
data: { 'ids[]': uncachedIDs },
data: { 'ids[]': uncachedIDs, 'tokens[]': uncachedTokens },
dataType: 'json',
success(results) {
_.each(results, (html, contextualID) => {
......
......@@ -95,25 +95,31 @@
var ids = [];
$placeholders.each(function () {
ids.push($(this).attr('data-contextual-id'));
ids.push({
id: $(this).attr('data-contextual-id'),
token: $(this).attr('data-contextual-token')
});
});
var uncachedIDs = _.filter(ids, function (contextualID) {
var html = storage.getItem('Drupal.contextual.' + contextualID);
var uncachedIDs = [];
var uncachedTokens = [];
ids.forEach(function (contextualID) {
var html = storage.getItem('Drupal.contextual.' + contextualID.id);
if (html && html.length) {
window.setTimeout(function () {
initContextual($context.find('[data-contextual-id="' + contextualID + '"]'), html);
initContextual($context.find('[data-contextual-id="' + contextualID.id + '"]'), html);
});
return false;
return;
}
return true;
uncachedIDs.push(contextualID.id);
uncachedTokens.push(contextualID.token);
});
if (uncachedIDs.length > 0) {
$.ajax({
url: Drupal.url('contextual/render'),
type: 'POST',
data: { 'ids[]': uncachedIDs },
data: { 'ids[]': uncachedIDs, 'tokens[]': uncachedTokens },
dataType: 'json',
success: function success(results) {
_.each(results, function (html, contextualID) {
......
......@@ -2,8 +2,10 @@
namespace Drupal\contextual;
use Drupal\Component\Utility\Crypt;
use Drupal\Core\DependencyInjection\ContainerInjectionInterface;
use Drupal\Core\Render\RendererInterface;
use Drupal\Core\Site\Settings;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request;
......@@ -63,8 +65,16 @@ public function render(Request $request) {
throw new BadRequestHttpException(t('No contextual ids specified.'));
}
$tokens = $request->request->get('tokens');
if (!isset($tokens)) {
throw new BadRequestHttpException(t('No contextual ID tokens specified.'));
}
$rendered = [];
foreach ($ids as $id) {
foreach ($ids as $key => $id) {
if (!isset($tokens[$key]) || !Crypt::hashEquals($tokens[$key], Crypt::hmacBase64($id, Settings::getHashSalt() . \Drupal::service('private_key')->get()))) {
throw new BadRequestHttpException('Invalid contextual ID specified.');
}
$element = [
'#type' => 'contextual_links',
'#contextual_links' => _contextual_id_to_links($id),
......
......@@ -2,6 +2,8 @@
namespace Drupal\contextual\Element;
use Drupal\Component\Utility\Crypt;
use Drupal\Core\Site\Settings;
use Drupal\Core\Template\Attribute;
use Drupal\Core\Render\Element\RenderElement;
use Drupal\Component\Render\FormattableMarkup;
......@@ -43,7 +45,12 @@ public function getInfo() {
* @see _contextual_links_to_id()
*/
public static function preRenderPlaceholder(array $element) {
$element['#markup'] = new FormattableMarkup('<div@attributes></div>', ['@attributes' => new Attribute(['data-contextual-id' => $element['#id']])]);
$token = Crypt::hmacBase64($element['#id'], Settings::getHashSalt() . \Drupal::service('private_key')->get());
$attribute = new Attribute([
'data-contextual-id' => $element['#id'],
'data-contextual-token' => $token,
]);
$element['#markup'] = new FormattableMarkup('<div@attributes></div>', ['@attributes' => $attribute]);
return $element;
}
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment