fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c3fb995759f21331b3321c1b07d8a1abd2c2b3ae
luos/workflow/engine/methods/setup/pluginsChange.php
Victor Saisa Lopez d30090a0bf HOR-722 "(Code Scanner) Se debe poder configurar..." SOLVED 
Issue:
    (Code Scanner) Se debe poder configurar enable_blacklist = 1 en el env.ini de cada workspace
Cause:
    Nuevo requerimiento de funciones
Solution:
    Se a implementado el "Code Scanner" por workspace esto con el file "/path/to/processmaker/shared/sites/myWorkspace/env.ini",
    estableciendo la directiva "enable_blacklist = 1". Caso contrario se hara uso del file "/path/to/processmaker/workflow/engine/config/env.ini"
Note:
    Se deberan revisar los siguientes modulos:
        - Escaneo de codigo al importar un plugin (no se aplica a plugins enterprise)
        - Escaneo de codigo al habilitar un plugin (si el plugin ya se encuentra fisicamente en el directorio de los plugins)
        - Escaneo de codigo al importar un proceso
        - Escaneo de codigo al crear/modificar codigo de un trigger
        - Escaneo de codigo al ejecutar un caso que tenga seteados triggers en sus steps (si el trigger tiene codigo
          no deseado, no se ejecuta el trigger)
        - Se ha agregado la opcion "check-plugin-disabled-code" al comando "./gulliver", el mismo muestra
          informacion sobre los plugins con codigo no deseado.
              Ej: $ ./gulliver check-plugin-disabled-code [enterprise-plugin|custom-plugin|all|<plugin-name>]
        - Se ha agregado la opcion "check-workspace-disabled-code" al comando "./processmaker", el mismo muestra
          informacion sobre los workspaces con codigo no deseado en sus triggers.
              Ej: $ ./processmaker check-workspace-disabled-code <myWorkspace>
2016-07-18 17:54:28 -04:00

94 lines
4.0 KiB
PHP
Executable File
Raw Blame History

<?php
/**
* pluginsChange.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
// lets display the items
$pluginFile = $_GET['id'];
$pluginStatus = $_GET['status'];
$items = array ();
G::LoadClass( 'plugin' );
//here we are enabling or disabling the plugin and all related options registered.
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$path = PATH_PLUGINS . $pluginFile;
$path = $filter->validateInput($path, 'path');
$oPluginRegistry = & PMPluginRegistry::getSingleton();
if ($handle = opendir( PATH_PLUGINS )) {
while (false !== ($file = readdir( $handle ))) {
if (strpos( $file, '.php', 1 ) && $file == $pluginFile) {
if ($pluginStatus == '1') {
//print "change to disable";
$details = $oPluginRegistry->getPluginDetails( $pluginFile );
$oPluginRegistry->disablePlugin( $details->sNamespace );
$size = file_put_contents( PATH_DATA_SITE . 'plugin.singleton', $oPluginRegistry->serializeInstance() );
G::auditLog("DisablePlugin", "Plugin Name: ".$details->sNamespace);
//print "size saved : $size <br>";
} else {
$pluginName = str_replace(".php", "", $pluginFile);
if (is_file(PATH_PLUGINS . $pluginName . ".php") && is_dir(PATH_PLUGINS . $pluginName)) {
/*----------------------------------********---------------------------------*/
if (!$oPluginRegistry->isEnterprisePlugin($pluginName) &&
PMLicensedFeatures::getSingleton()->verifyfeature('B0oWlBLY3hHdWY0YUNpZEtFQm5CeTJhQlIwN3IxMEkwaG4=')
) {
//Check disabled code
G::LoadClass("codeScanner");
$cs = new CodeScanner(SYS_SYS);
$arrayFoundDisabledCode = array_merge($cs->checkDisabledCode("FILE", PATH_PLUGINS . $pluginName . ".php"), $cs->checkDisabledCode("PATH", PATH_PLUGINS . $pluginName));
if (!empty($arrayFoundDisabledCode)) {
$response = array();
$response["status"] = "DISABLED-CODE";
$response["message"] = G::LoadTranslation("ID_DISABLED_CODE_PLUGIN");
echo G::json_encode($response);
exit(0);
}
}
/*----------------------------------********---------------------------------*/
//print "change to ENABLED";
require_once($path);
$details = $oPluginRegistry->getPluginDetails($pluginFile);
$oPluginRegistry->enablePlugin($details->sNamespace);
$oPluginRegistry->setupPlugins(); //get and setup enabled plugins
$size = file_put_contents(PATH_DATA_SITE . "plugin.singleton", $oPluginRegistry->serializeInstance());
G::auditLog("EnablePlugin", "Plugin Name: " . $details->sNamespace);
//print "size saved : $size <br>";
}
}
}
}
closedir( $handle );
}
//$oPluginRegistry->showArrays();
//G::Header('location: pluginsList');
Reference in New Issue View Git Blame Copy Permalink