tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

BUG Register new sub tasks to fix files affected by CVE-2020-9280 and CVE-2019-12245

Browse Source
This commit is contained in:
Serge Latyntcev 2020-03-09 10:30:10 +13:00 committed by Maxime Rainville
parent 052ce6916c
commit 9779e42963
1 changed files with 73 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
src/Dev/Tasks/MigrateFileTask.php
View File

@ -9,6 +9,8 @@ use Psr\Log\LoggerInterface;
use SilverStripe\AssetAdmin\Helper\ImageThumbnailHelper; use SilverStripe\AssetAdmin\Helper\ImageThumbnailHelper;
use SilverStripe\Assets\Dev\Tasks\LegacyThumbnailMigrationHelper; use SilverStripe\Assets\Dev\Tasks\LegacyThumbnailMigrationHelper;
use SilverStripe\Assets\Dev\Tasks\FileMigrationHelper; use SilverStripe\Assets\Dev\Tasks\FileMigrationHelper;
use SilverStripe\Assets\Dev\Tasks\FolderMigrationHelper;
use SilverStripe\Assets\Dev\Tasks\NormaliseAccessMigrationHelper;
use SilverStripe\Assets\Storage\AssetStore; use SilverStripe\Assets\Storage\AssetStore;
use SilverStripe\Assets\Storage\FileHashingService; use SilverStripe\Assets\Storage\FileHashingService;
use SilverStripe\Control\Director; use SilverStripe\Control\Director;
@ -17,6 +19,7 @@ use SilverStripe\Core\Injector\Injector;
use SilverStripe\Logging\PreformattedEchoHandler; use SilverStripe\Logging\PreformattedEchoHandler;
use SilverStripe\Dev\BuildTask; use SilverStripe\Dev\BuildTask;
use SilverStripe\Assets\Dev\Tasks\SecureAssetsMigrationHelper; use SilverStripe\Assets\Dev\Tasks\SecureAssetsMigrationHelper;
use SilverStripe\UserForms\Task\RecoverUploadLocationsHelper;
use \Bramus\Monolog\Formatter\ColoredLineFormatter; use \Bramus\Monolog\Formatter\ColoredLineFormatter;
/** /**
@ -30,12 +33,18 @@ class MigrateFileTask extends BuildTask
protected $defaultSubtasks = [ protected $defaultSubtasks = [
'move-files', 'move-files',
'migrate-folders',
'move-thumbnails', 'move-thumbnails',
'generate-cms-thumbnails', 'generate-cms-thumbnails',
'fix-folder-permissions', 'fix-folder-permissions',
'fix-secureassets', 'fix-secureassets',
]; ];
protected $optInSubtasks = [
'normalise-access',
'relocate-userform-uploads-2020-9280'
];
private static $dependencies = [ private static $dependencies = [
'logger' => '%$' . LoggerInterface::class, 'logger' => '%$' . LoggerInterface::class,
]; ];
@ -81,13 +90,24 @@ class MigrateFileTask extends BuildTask
->setLogger($this->logger) ->setLogger($this->logger)
->run(); ->run();
// TODO Split file migration helper into two tasks, $this->extend('postFileMigrationSubtask', $subtask);
// and report back on their process counts consistently here }
// if ($count) { }
// $this->logger->info("{$count} File objects upgraded");
// } else { $subtask = 'migrate-folders';
// $this->logger->info("No File objects needed upgrading"); if (in_array($subtask, $subtasks)) {
// } if (!class_exists(FolderMigrationHelper::class)) {
$this->logger->error("No folder migration helper detected");
} else {
$this->extend('preFileMigrationSubtask', $subtask);
$this->logger->notice("######################################################");
$this->logger->notice("Migrating folder database records ({$subtask})");
$this->logger->notice("######################################################");
FolderMigrationHelper::singleton()
->setLogger($this->logger)
->run();
$this->extend('postFileMigrationSubtask', $subtask); $this->extend('postFileMigrationSubtask', $subtask);
} }
@ -195,6 +215,45 @@ class MigrateFileTask extends BuildTask
} }
} }
$subtask = 'normalise-access';
if (in_array($subtask, $subtasks)) {
if (!class_exists(NormaliseAccessMigrationHelper::class)) {
$this->logger->error("No normalise access migration helper detected");
} else {
$this->extend('preFileMigrationSubtask', $subtask);
$this->logger->notice("######################################################");
$this->logger->notice("Migrating filesystem and database records ({$subtask})");
$this->logger->notice("######################################################");
NormaliseAccessMigrationHelper::singleton()
->setLogger($this->logger)
->run();
$this->extend('postFileMigrationSubtask', $subtask);
}
}
$subtask = 'relocate-userform-uploads-2020-9280';
if (in_array($subtask, $subtasks)) {
if (!class_exists(RecoverUploadLocationsHelper::class)) {
$this->logger->error("No UserForms helper detected");
} else {
$this->extend('preFileMigrationSubtask', $subtask);
$this->logger->notice("######################################################");
$this->logger->notice("Recovering UserForm uploaded file locations ({$subtask})");
$this->logger->notice("######################################################");
RecoverUploadLocationsHelper::singleton()
->setLogger($this->logger)
->run();
$this->extend('postFileMigrationSubtask', $subtask);
}
}
$this->logger->info("Done!");
$this->extend('postFileMigration'); $this->extend('postFileMigration');
$this->logger->info("Done!"); $this->logger->info("Done!");
@ -236,8 +295,13 @@ TXT;
protected function validateArgs($args) protected function validateArgs($args)
{ {
if (!empty($args['only'])) { if (!empty($args['only'])) {
if (array_diff(explode(',', $args['only']), $this->defaultSubtasks)) { $only = explode(',', $args['only']);
throw new \InvalidArgumentException('Invalid subtasks detected: ' . $args['only']);
$diff = array_diff($only, $this->defaultSubtasks);
$diff = array_diff($diff, $this->optInSubtasks);
if ($diff) {
throw new \InvalidArgumentException('Invalid subtasks detected: ' . implode(', ', $diff));
} }
} }
} }