Skip to content

Commit

Permalink
SuiteCRM 8.4.2 Release
Browse files Browse the repository at this point in the history
  • Loading branch information
jack7anderson7 committed Nov 9, 2023
1 parent 53706bf commit 117dd81
Show file tree
Hide file tree
Showing 15 changed files with 181 additions and 29 deletions.
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<img width="180px" height="41px" src="https://suitecrm.com/wp-content/uploads/2017/12/logo.png" align="right" />
</a>

# SuiteCRM 8.4.1
# SuiteCRM 8.4.2

[![LICENSE](https://img.shields.io/github/license/suitecrm/suitecrm.svg)](https://github.com/salesagility/suitecrm/blob/hotfix/LICENSE.txt)
[![contributions welcome](https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat)](https://github.com/salesagility/SuiteCRM-Core/issues)
Expand Down
2 changes: 1 addition & 1 deletion VERSION
Original file line number Diff line number Diff line change
@@ -1 +1 @@
8.4.1
8.4.2
6 changes: 6 additions & 0 deletions config/core_services.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,8 @@ services:
$adminOnlyModuleActions: '%system.admin_only_module_actions%'
$navbarAdministrationOverrides: '%navbar.administration_override%'
$quickActions: '%quick_actions%'
$graphqlShowDocs: '%graphql.graphql_show_docs%'

_instanceof:
App\Process\Service\ProcessHandlerInterface:
tags: [ 'app.process.handler' ]
Expand Down Expand Up @@ -288,6 +290,10 @@ services:
alias: App\Routes\Service\LegacyRouteHandler
public: true

graphql.introspection_manager:
alias: App\Security\GraphqlIntrospectionManager
public: true

entity_manager:
alias: doctrine.orm.entity_manager
public: true
Expand Down
4 changes: 2 additions & 2 deletions config/packages/api_platform.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@ api_platform:
graphql:
default_ide: graphql-playground
graphiql:
enabled: true
graphql_playground:
enabled: false
graphql_playground:
enabled: true
mapping:
paths: ['%kernel.project_dir%/core']
patch_formats:
Expand Down
51 changes: 31 additions & 20 deletions config/packages/security.php
Original file line number Diff line number Diff line change
Expand Up @@ -97,10 +97,16 @@
['path' => '^/$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api/graphql', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api/graphql/graphiql*', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/', 'roles' => 'IS_AUTHENTICATED_FULLY']
];


$appEnv = $env['APP_ENV'] ?? 'prod';
$showDocs = $env['GRAPHQL_SHOW_DOCS'] ?? ($appEnv === 'dev');
if ($showDocs === 'false' || $showDocs === false) {
$baseAccessControl = array_merge([['path' => '^/docs', 'roles' => 'NO_ACCESS']], $baseAccessControl);
}

$containerConfig->parameters()->set('auth.logout.redirect', false);
$containerConfig->parameters()->set('auth.logout.path', 'logout');

Expand Down Expand Up @@ -244,6 +250,29 @@
$samlMainFirewallConfig['saml']['user_factory'] = 'saml_user_factory';
}

$samlAccessControl = [
['path' => '^/login$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/session-status$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/logout$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/login', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/metadata', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/acs', 'roles' => 'ROLE_USER'],
['path' => '^/saml/logout', 'roles' => 'ROLE_USER'],
['path' => '^/logged-out', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/login', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/session-status', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/logout', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/$', 'roles' => 'ROLE_USER'],
['path' => '^/api', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api/graphql', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/', 'roles' => 'IS_AUTHENTICATED_FULLY']
];

if (!$showDocs) {
$samlAccessControl = array_merge([['path' => '^/docs', 'roles' => 'NO_ACCESS']], $samlAccessControl);
}

$containerConfig->extension('security', [
'providers' => [
'app_user_provider' => [
Expand Down Expand Up @@ -293,25 +322,7 @@
]
],
]),
'access_control' => [
['path' => '^/login$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/session-status$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/logout$', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/login', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/metadata', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/saml/acs', 'roles' => 'ROLE_USER'],
['path' => '^/saml/logout', 'roles' => 'ROLE_USER'],
['path' => '^/logged-out', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/login', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/session-status', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/auth/logout', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/$', 'roles' => 'ROLE_USER'],
['path' => '^/api', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api/graphql', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/api/graphql/graphiql*', 'roles' => 'IS_AUTHENTICATED_ANONYMOUSLY'],
['path' => '^/', 'roles' => 'IS_AUTHENTICATED_FULLY']
]
'access_control' => $samlAccessControl
]);


Expand Down
2 changes: 1 addition & 1 deletion config/routes/api_platform.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,4 @@ swagger_ui:

graphiql:
path: /docs/graphql
controller: api_platform.graphql.action.graphiql
controller: api_platform.graphql.action.graphql_playground
2 changes: 2 additions & 0 deletions config/services/graphql/graphql_allow_introspection.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
parameters:
graphql.graphql_show_docs: '%env(default::bool:GRAPHQL_SHOW_DOCS)%'
2 changes: 1 addition & 1 deletion core/app/common/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "common",
"version": "8.4.1",
"version": "8.4.2",
"peerDependencies": {
"@angular/common": "^12.1.0",
"@angular/core": "^12.1.0",
Expand Down
2 changes: 1 addition & 1 deletion core/app/core/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "core",
"version": "8.4.1",
"version": "8.4.2",
"peerDependencies": {
"@angular/common": "^12.1.0",
"@angular/core": "^12.1.0",
Expand Down
11 changes: 11 additions & 0 deletions core/backend/Kernel.php
Original file line number Diff line number Diff line change
Expand Up @@ -129,4 +129,15 @@ public function getLegacyRoute(Request $request): array

return [];
}

/**
* Enable/disable graphql introspection
* @return void
*/
public function configureGraphqlIntrospection(): void
{
if ($this->container->has('graphql.introspection_manager')) {
$this->container->get('graphql.introspection_manager')->configure();
}
}
}
56 changes: 56 additions & 0 deletions core/backend/Migrations/Version20231108164138.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
<?php

declare(strict_types=1);

namespace App\Migrations;

use Doctrine\DBAL\Schema\Schema;
use Doctrine\Migrations\AbstractMigration;
use Psr\Log\LoggerInterface;
use Symfony\Component\DependencyInjection\ContainerAwareInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;

/**
* Auto-generated Migration: Please modify to your needs!
*/
final class Version20231108164138 extends BaseMigration implements ContainerAwareInterface
{
use EnvHandlingMigrationTrait;

/**
* @var ContainerInterface
*/
protected $container;

/**
* @var LoggerInterface
*/
protected $upgradeLogger;

public function getDescription() : string
{
return 'Remove pdf from allowed_preview';
}

public function up(Schema $schema) : void
{
$systemConfigsHandler = $this->container->get('app.system-configs');
$systemConfigs = $systemConfigsHandler->getConfigs();
if (isset($systemConfigs['allowed_preview']) && in_array('pdf', $systemConfigs['allowed_preview'])) {
$key = array_search('pdf', $systemConfigs['allowed_preview']);
unset($systemConfigs['allowed_preview'][$key]);
$systemConfigsHandler->updateSystemConfig($systemConfigs);
$this->log('Removed PDF from allowed_preview inside config file.');
return;
}

$this->log('PDF was not found in allowed_preview config skipping...');

}

public function down(Schema $schema) : void
{
// this down() migration is auto-generated, please modify it to your needs

}
}
64 changes: 64 additions & 0 deletions core/backend/Security/GraphqlIntrospectionManager.php
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
<?php
/**
* SuiteCRM is a customer relationship management program developed by SalesAgility Ltd.
* Copyright (C) 2023 SalesAgility Ltd.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU Affero General Public License version 3 as published by the
* Free Software Foundation with the addition of the following permission added
* to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
* IN WHICH THE COPYRIGHT IS OWNED BY SALESAGILITY, SALESAGILITY DISCLAIMS THE
* WARRANTY OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
* details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* In accordance with Section 7(b) of the GNU Affero General Public License
* version 3, these Appropriate Legal Notices must retain the display of the
* "Supercharged by SuiteCRM" logo. If the display of the logos is not reasonably
* feasible for technical reasons, the Appropriate Legal Notices must display
* the words "Supercharged by SuiteCRM".
*/

namespace App\Security;

use GraphQL\Validator\DocumentValidator;
use GraphQL\Validator\Rules\DisableIntrospection;

class GraphqlIntrospectionManager
{
/**
* @var bool|null
*/
private $graphqlShowDocs;

/**
* @param bool|null $graphqlShowDocs
*/
public function __construct(
?bool $graphqlShowDocs
) {
$this->graphqlShowDocs = $graphqlShowDocs;
}

/**
* Enable/disable graphql introspection
* @return void
*/
public function configure(): void
{
$env = $_ENV ?? [];
$appEnv = $env['APP_ENV'] ?? 'prod';
$showDocs = $this->graphqlShowDocs ?? ($appEnv === 'dev');

if ($showDocs === false) {
DocumentValidator::addRule(new DisableIntrospection());
}
}

}
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "suitecrm",
"version": "8.4.1",
"version": "8.4.2",
"scripts": {
"ng": "ng",
"start": "npm run start:shell",
Expand Down
1 change: 1 addition & 0 deletions public/index.php
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@
}

} else {
$kernel->configureGraphqlIntrospection();
$response = $kernel->handle($request);
$response->send();
$kernel->terminate($request, $response);
Expand Down
3 changes: 2 additions & 1 deletion public/legacy/modules/AOP_Case_Updates/AOP_Case_Updates.php
Original file line number Diff line number Diff line change
Expand Up @@ -106,7 +106,8 @@ public function bean_implements($interface)
*/
public function save($check_notify = false)
{
$this->name = SugarCleaner::cleanHtml($this->name);

$this->name = SugarCleaner::cleanHtml($this->name ?? '');
$this->parseDescription();
parent::save($check_notify);
if (file_exists('custom/modules/AOP_Case_Updates/CaseUpdatesHook.php')) {
Expand Down

0 comments on commit 117dd81

Please sign in to comment.