fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
125a69932307fbd0c1fb8d54342c12582377d106
luos/workflow/engine/methods/setup/pluginsChange.php
Brayan Pereyra 125a699323 Update and fix the issues in pluginsChange.php
2025-09-05 16:38:12 +00:00

97 lines
3.7 KiB
PHP
Raw Blame History

<?php
/**
* pluginsChange.php
* If the feature is enable and the code_scanner_scope was enable with the argument enable_plugin, will check the code
* Review when a plugin was enable
*
* @link https://wiki.processmaker.com/3.0/Plugins#Enable_and_Disable_a_Plugin
*/
use ProcessMaker\Plugins\PluginRegistry;
function handlePluginChange() {
try {
// Validar parámetros de entrada
if (!isset($_GET['id']) || !isset($_GET['status'])) {
throw new InvalidArgumentException('Missing required parameters');
}
$pluginFile = $_GET['id'];
$pluginStatus = $_GET['status'];
// Validar formato del archivo de plugin
if (!preg_match('/^[a-zA-Z0-9_-]+\.php$/', $pluginFile)) {
throw new InvalidArgumentException('Invalid plugin file format');
}
// Validar status
if (!in_array($pluginStatus, ['0', '1'], true)) {
throw new InvalidArgumentException('Invalid plugin status');
}
// Sanitizar nombre del plugin
$pluginName = basename(str_replace(".php", "", $pluginFile));
if (!preg_match('/^[a-zA-Z0-9_-]+$/', $pluginName)) {
throw new InvalidArgumentException('Invalid plugin name format');
}
// Validar rutas de forma segura
$pluginFilePath = realpath(PATH_PLUGINS . $pluginFile);
$pluginDirPath = realpath(PATH_PLUGINS . $pluginName);
$pluginsDir = realpath(PATH_PLUGINS);
if (!$pluginFilePath || strpos($pluginFilePath, $pluginsDir) !== 0) {
throw new SecurityException('Plugin file outside allowed directory');
}
if (!is_file($pluginFilePath)) {
throw new FileNotFoundException('Plugin file not found');
}
$oPluginRegistry = PluginRegistry::loadSingleton();
if ($pluginStatus === '1') {
// Deshabilitar plugin
$details = $oPluginRegistry->getPluginDetails($pluginFile);
if ($details) {
$oPluginRegistry->disablePlugin($details->getNamespace());
$oPluginRegistry->savePlugin($details->getNamespace());
G::auditLog("DisablePlugin", "Plugin Name: " . $details->getNamespace());
return ['success' => true, 'action' => 'disabled', 'plugin' => $details->getNamespace()];
}
} else {
// Habilitar plugin
if ($pluginDirPath && is_dir($pluginDirPath)) {
require_once($pluginFilePath);
$details = $oPluginRegistry->getPluginDetails($pluginFile);
if ($details) {
$oPluginRegistry->enablePlugin($details->getNamespace());
$oPluginRegistry->setupPlugins();
$oPluginRegistry->savePlugin($details->getNamespace());
G::auditLog("EnablePlugin", "Plugin Name: " . $details->getNamespace());
return ['success' => true, 'action' => 'enabled', 'plugin' => $details->getNamespace()];
}
} else {
throw new FileNotFoundException('Plugin directory not found');
}
}
return ['success' => false, 'error' => 'Plugin operation failed'];
} catch (Exception $e) {
G::auditLog('PluginChange', 'Error: ' . $e->getMessage());
return ['success' => false, 'error' => $e->getMessage()];
}
}
// Ejecutar y devolver respuesta JSON
try {
$result = handlePluginChange();
header('Content-Type: application/json');
echo json_encode($result);
} catch (Exception $e) {
header('Content-Type: application/json');
http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Invalid request']);
}
Reference in New Issue View Git Blame Copy Permalink