Issue #3449889 by anybody, lrwebks: Allow excluding specific forms by form id:...

11e1f140 · Julian Pustkuchen · 08dc220e · 11e1f140 · 11e1f140 · 11e1f140
Commit 11e1f140 authored 11 months ago by Julian Pustkuchen
--- a/config/schema/protected_forms.schema.yml
+++ b/config/schema/protected_forms.schema.yml
@@ -34,4 +34,4 @@ protected_forms.settings:
          label: 'Excluded form IDs'
          sequence:
            type: string
-            label: 'Excluded form IDs'
+            label: 'Excluded form ID'
--- a/protected_forms.install
+++ b/protected_forms.install
@@ -103,3 +103,17 @@ function protected_forms_update_8004() {
    'user_pass',
  ])->save();
 }
+
+/**
+ * Fix structure of new 'excluded_forms' settings.
+ */
+function protected_forms_update_8005() {
+  // protected_forms_update_8004 introduced a wrong structure for excluded_forms parent.
+  $settings = \Drupal::configFactory()->getEditable('protected_forms.settings');
+  $settings->set('protected_forms.excluded_forms', [
+    'user_login_form',
+    'user_register_form',
+    'user_pass',
+  ])->clear('excluded_forms')
+  ->save();
+}
\ No newline at end of file
--- a/src/Form/ProtectedFormsForm.php
+++ b/src/Form/ProtectedFormsForm.php
@@ -267,9 +267,9 @@ class ProtectedFormsForm extends ConfigFormBase {
    $form['excluded_forms'] = [
      '#type' => 'textarea',
      '#title' => $this->t('Excluded form IDs'),
-      '#default_value' => implode("\n", $config->get('protected_forms.excluded_forms')),
+      '#default_value' => implode("\n", $config->get('protected_forms.excluded_forms') ?? []),
      '#required' => FALSE,
-      '#description' => $this->t('Enter form IDs to exclude from the protection, typically public forms like log-ins. Separate the IDs with new lines.'),
+      '#description' => $this->t('Form IDs to exclude from the protection. One Form ID per line. Typically login related forms, to unprotect user names and email addresses that may contain rejected patterns.'),
    ];

    // Give users option to enable/disable logging if Database Logging is on.
@@ -312,7 +312,7 @@ class ProtectedFormsForm extends ConfigFormBase {
    $config->set('protected_forms.allowed_patterns', $form_state->getValue('allowed_patterns'));
    $config->set('protected_forms.reject_patterns', $form_state->getValue('reject_patterns'));
    $config->set('protected_forms.log_rejected', $form_state->getValue('log_rejected'));
-    $config->set('protected_forms.excluded_forms', explode("\n", $form_state->getValue('excluded_forms')));
+    $config->set('protected_forms.excluded_forms', array_map('trim', explode("\n", $form_state->getValue('excluded_forms'))));
    $config->save();
    return parent::submitForm($form, $form_state);
  }