SecurityCenterModuleInstaller::upgrade() - Code Metrics - Inspection of "Merge remote-tracking branch 'origin/1.5'" - zikula/core - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( d55b57...69f249 )

by Craig

created 2017-04-06 10:45 UTC

SecurityCenterModuleInstaller::upgrade() C

↳ Parent: SecurityCenterModuleInstaller

Complexity

Conditions	8
Paths	26

Size

Total Lines	32
Code Lines	19

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	8
eloc	19
nc	26
nop	1
dl	0
loc	32
rs	5.3846
c	0
b	0
f	0

<?php

/*
 * This file is part of the Zikula package.
 *
 * Copyright Zikula Foundation - http://zikula.org/
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace Zikula\SecurityCenterModule;

use Zikula\ExtensionsModule\Api\VariableApi;
use Zikula\Bundle\CoreBundle\HttpKernel\ZikulaKernel;
use Zikula\Core\AbstractExtensionInstaller;

/**
 * Installation routines for the security center module.
 */
class SecurityCenterModuleInstaller extends AbstractExtensionInstaller
{
    /**
     * Initialise the security center module.
     *
     * @return bool true on success, false otherwise
     */
    public function install()
    {
        // create the table
        try {
            $this->schemaTool->create([
                'Zikula\SecurityCenterModule\Entity\IntrusionEntity'
            ]);
        } catch (\Exception $e) {
            return false;
        }

        // Set up an initial value for a module variable.
        $this->setVar('itemsperpage', 10);

        // We use config vars for the rest of the configuration as config vars
        $this->setSystemVar('updatecheck', 1);
        $this->setSystemVar('updatefrequency', 7);
        $this->setSystemVar('updatelastchecked', 0);
        $this->setSystemVar('updateversion', ZikulaKernel::VERSION);
        $this->setSystemVar('keyexpiry', 0);
        $this->setSystemVar('sessionauthkeyua', 0);
        $this->setSystemVar('secure_domain', '');
        $this->setSystemVar('signcookies', 1);
        $this->setSystemVar('signingkey', sha1(mt_rand(0, time())));
        $this->setSystemVar('seclevel', 'Medium');
        $this->setSystemVar('secmeddays', 7);
        $this->setSystemVar('secinactivemins', 20);
        $this->setSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_FILE);
        $this->setSystemVar('sessionsavepath', '');
        $this->setSystemVar('gc_probability', 100);
        $this->setSystemVar('sessioncsrftokenonetime', 1);  // 1 means use same token for entire session
        $this->setSystemVar('sessionrandregenerate', 1);
        $this->setSystemVar('sessionregenerate', 1);
        $this->setSystemVar('sessionregeneratefreq', 10);
        $this->setSystemVar('sessionipcheck', 0);
        $this->setSystemVar('sessionname', '_zsid');

        $this->setSystemVar('filtergetvars', 1);
        $this->setSystemVar('filterpostvars', 1);
        $this->setSystemVar('filtercookievars', 1);

        // HTML Purifier cache dir
        $this->container->get('zikula.cache_clearer')->clear('purifier');

        // HTML Purifier default settings
        $purifierDefaultConfig = $this->container->get('zikula_security_center_module.helper.purifier_helper')->getPurifierConfig(['forcedefault' => true]);
        $this->setVar('htmlpurifierConfig', serialize($purifierDefaultConfig));

        // create vars for phpids usage
        $this->setSystemVar('useids', 0);
        $this->setSystemVar('idsmail', 0);
        $this->setSystemVar('idsrulepath', 'system/SecurityCenterModule/Resources/config/phpids_zikula_default.xml');
        $this->setSystemVar('idssoftblock', 1);                // do not block requests, but warn for debugging
        $this->setSystemVar('idsfilter', 'xml');               // filter type
        $this->setSystemVar('idsimpactthresholdone', 1);       // db logging
        $this->setSystemVar('idsimpactthresholdtwo', 10);      // mail admin
        $this->setSystemVar('idsimpactthresholdthree', 25);    // block request
        $this->setSystemVar('idsimpactthresholdfour', 75);     // kick user, destroy session
        $this->setSystemVar('idsimpactmode', 1);               // per request per default
        $this->setSystemVar('idshtmlfields', ['POST.__wysiwyg']);
        $this->setSystemVar('idsjsonfields', ['POST.__jsondata']);
        $this->setSystemVar('idsexceptions', [
            'GET.__utmz',
            'GET.__utmc',
            'REQUEST.linksorder', 'POST.linksorder',
            'REQUEST.fullcontent', 'POST.fullcontent',
            'REQUEST.summarycontent', 'POST.summarycontent',
            'REQUEST.filter.page', 'POST.filter.page',
            'REQUEST.filter.value', 'POST.filter.value'
        ]);

        $this->setSystemVar('outputfilter', 1);

        $this->setSystemVar('htmlentities', 1);

        // default values for AllowableHTML
        $defhtml = [
            '!--' => 2,
            'a' => 2,
            'abbr' => 1,
            'acronym' => 1,
            'address' => 1,
            'applet' => 0,
            'area' => 0,
            'article' => 1,
            'aside' => 1,
            'audio' => 0,
            'b' => 1,
            'base' => 0,
            'basefont' => 0,
            'bdo' => 0,
            'big' => 0,
            'blockquote' => 2,
            'br' => 2,
            'button' => 0,
            'canvas' => 0,
            'caption' => 1,
            'center' => 2,
            'cite' => 1,
            'code' => 0,
            'col' => 1,
            'colgroup' => 1,
            'command' => 0,
            'datalist' => 0,
            'dd' => 1,
            'del' => 0,
            'details' => 1,
            'dfn' => 0,
            'dir' => 0,
            'div' => 2,
            'dl' => 1,
            'dt' => 1,
            'em' => 2,
            'embed' => 0,
            'fieldset' => 1,
            'figcaption' => 0,
            'figure' => 0,
            'footer' => 0,
            'font' => 0,
            'form' => 0,
            'h1' => 1,
            'h2' => 1,
            'h3' => 1,
            'h4' => 1,
            'h5' => 1,
            'h6' => 1,
            'header' => 0,
            'hgroup' => 0,
            'hr' => 2,
            'i' => 1,
            'iframe' => 0,
            'img' => 2,
            'input' => 0,
            'ins' => 0,
            'keygen' => 0,
            'kbd' => 0,
            'label' => 1,
            'legend' => 1,
            'li' => 2,
            'map' => 0,
            'mark' => 0,
            'menu' => 0,
            'marquee' => 0,
            'meter' => 0,
            'nav' => 0,
            'nobr' => 0,
            'object' => 0,
            'ol' => 2,
            'optgroup' => 0,
            'option' => 0,
            'output' => 0,
            'p' => 2,
            'param' => 0,
            'pre' => 2,
            'progress' => 0,
            'q' => 0,
            'rp' => 0,
            'rt' => 0,
            'ruby' => 0,
            's' => 0,
            'samp' => 0,
            'script' => 0,
            'section' => 0,
            'select' => 0,
            'small' => 0,
            'source' => 0,
            'span' => 2,
            'strike' => 0,
            'strong' => 2,
            'sub' => 1,
            'summary' => 1,
            'sup' => 0,
            'table' => 2,
            'tbody' => 1,
            'td' => 2,
            'textarea' => 0,
            'tfoot' => 1,
            'th' => 2,
            'thead' => 0,
            'time' => 0,
            'tr' => 2,
            'tt' => 2,
            'u' => 0,
            'ul' => 2,
            'var' => 0,
            'video' => 0,
            'wbr' => 0
        ];
        $this->setSystemVar('AllowableHTML', $defhtml);

        // Initialisation successful
        return true;
    }

    /**
     * upgrade the SecurityCenter module from an old version
     *
     * @param string $oldVersion version number string to upgrade from
     *
     * @return bool|string true on success, last valid version string or false if fails
     */
    public function upgrade($oldVersion)
    {
        switch ($oldVersion) {
            case '1.5.0':

                // avoid storing absolute pathes in module vars
                $variableApi = $this->container->get('zikula_extensions_module.api.variable');

                // delete obsolete variable
                $variableApi->del(VariableApi::CONFIG, 'htmlpurifierlocation');

                // only update this value if it has not been customised
                if (false !== strpos($variableApi->get(VariableApi::CONFIG, 'idsrulepath'), 'phpids_zikula_default')) {
                    $this->setSystemVar('idsrulepath', 'system/SecurityCenterModule/Resources/config/phpids_zikula_default.xml');
                }
            case '1.5.1':

                // set the session information in /src/app/config/dynamic/generated.yml
                $configDumper = $this->container->get('zikula.dynamic_config_dumper');
                $sessionStoreToFile = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_DATABASE);
                $sessionHandlerId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'session.handler.native_file' : 'zikula_core.bridge.http_foundation.doctrine_session_handler';
                $configDumper->setParameter('zikula.session.handler_id', $sessionHandlerId);
                $sessionStorageId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'zikula_core.bridge.http_foundation.zikula_session_storage_file' : 'zikula_core.bridge.http_foundation.zikula_session_storage_doctrine';
                $configDumper->setParameter('zikula.session.storage_id', $sessionStorageId); // Symfony default is 'session.storage.native'
                $sessionSavePath = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionsavepath', '');
                $zikulaSessionSavePath = empty($sessionSavePath) ? '%kernel.cache_dir%/sessions' : $sessionSavePath;
                $configDumper->setParameter('zikula.session.save_path', $zikulaSessionSavePath);
            case '1.5.2':
                // current version
        }

        // Update successful
        return true;
    }

    /**
     * delete the SecurityCenter module
     *
     * @return bool true on success, false otherwise
     */
    public function uninstall()
    {
        // this module can't be uninstalled
        return false;
    }

    private function setSystemVar($name, $value = '')
    {
        return $this->container->get('zikula_extensions_module.api.variable')->set(VariableApi::CONFIG, $name, $value);
    }
}


1			<?php
2
3			/*
4			* This file is part of the Zikula package.
5			*
6			* Copyright Zikula Foundation - http://zikula.org/
7			*
8			* For the full copyright and license information, please view the LICENSE
9			* file that was distributed with this source code.
10			*/
11
12			namespace Zikula\SecurityCenterModule;
13
14			use Zikula\ExtensionsModule\Api\VariableApi;
15			use Zikula\Bundle\CoreBundle\HttpKernel\ZikulaKernel;
16			use Zikula\Core\AbstractExtensionInstaller;
17
18			/**
19			* Installation routines for the security center module.
20			*/
21			class SecurityCenterModuleInstaller extends AbstractExtensionInstaller
22			{
23			/**
24			* Initialise the security center module.
25			*
26			* @return bool true on success, false otherwise
27			*/
28			public function install()
29			{
30			// create the table
31			try {
32			$this->schemaTool->create([
33			'Zikula\SecurityCenterModule\Entity\IntrusionEntity'
34			]);
35			} catch (\Exception $e) {
36			return false;
37			}
38
39			// Set up an initial value for a module variable.
40			$this->setVar('itemsperpage', 10);
41
42			// We use config vars for the rest of the configuration as config vars
43			$this->setSystemVar('updatecheck', 1);
44			$this->setSystemVar('updatefrequency', 7);
45			$this->setSystemVar('updatelastchecked', 0);
46			$this->setSystemVar('updateversion', ZikulaKernel::VERSION);
47			$this->setSystemVar('keyexpiry', 0);
48			$this->setSystemVar('sessionauthkeyua', 0);
49			$this->setSystemVar('secure_domain', '');
50			$this->setSystemVar('signcookies', 1);
51			$this->setSystemVar('signingkey', sha1(mt_rand(0, time())));
52			$this->setSystemVar('seclevel', 'Medium');
53			$this->setSystemVar('secmeddays', 7);
54			$this->setSystemVar('secinactivemins', 20);
55			$this->setSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_FILE);
56			$this->setSystemVar('sessionsavepath', '');
57			$this->setSystemVar('gc_probability', 100);
58			$this->setSystemVar('sessioncsrftokenonetime', 1); // 1 means use same token for entire session
59			$this->setSystemVar('sessionrandregenerate', 1);
60			$this->setSystemVar('sessionregenerate', 1);
61			$this->setSystemVar('sessionregeneratefreq', 10);
62			$this->setSystemVar('sessionipcheck', 0);
63			$this->setSystemVar('sessionname', '_zsid');
64
65			$this->setSystemVar('filtergetvars', 1);
66			$this->setSystemVar('filterpostvars', 1);
67			$this->setSystemVar('filtercookievars', 1);
68
69			// HTML Purifier cache dir
70			$this->container->get('zikula.cache_clearer')->clear('purifier');
71
72			// HTML Purifier default settings
73			$purifierDefaultConfig = $this->container->get('zikula_security_center_module.helper.purifier_helper')->getPurifierConfig(['forcedefault' => true]);
74			$this->setVar('htmlpurifierConfig', serialize($purifierDefaultConfig));
75
76			// create vars for phpids usage
77			$this->setSystemVar('useids', 0);
78			$this->setSystemVar('idsmail', 0);
79			$this->setSystemVar('idsrulepath', 'system/SecurityCenterModule/Resources/config/phpids_zikula_default.xml');
80			$this->setSystemVar('idssoftblock', 1); // do not block requests, but warn for debugging
81			$this->setSystemVar('idsfilter', 'xml'); // filter type
82			$this->setSystemVar('idsimpactthresholdone', 1); // db logging
83			$this->setSystemVar('idsimpactthresholdtwo', 10); // mail admin
84			$this->setSystemVar('idsimpactthresholdthree', 25); // block request
85			$this->setSystemVar('idsimpactthresholdfour', 75); // kick user, destroy session
86			$this->setSystemVar('idsimpactmode', 1); // per request per default
87			$this->setSystemVar('idshtmlfields', ['POST.__wysiwyg']);
88			$this->setSystemVar('idsjsonfields', ['POST.__jsondata']);
89			$this->setSystemVar('idsexceptions', [
90			'GET.__utmz',
91			'GET.__utmc',
92			'REQUEST.linksorder', 'POST.linksorder',
93			'REQUEST.fullcontent', 'POST.fullcontent',
94			'REQUEST.summarycontent', 'POST.summarycontent',
95			'REQUEST.filter.page', 'POST.filter.page',
96			'REQUEST.filter.value', 'POST.filter.value'
97			]);
98
99			$this->setSystemVar('outputfilter', 1);
100
101			$this->setSystemVar('htmlentities', 1);
102
103			// default values for AllowableHTML
104			$defhtml = [
105			'!--' => 2,
106			'a' => 2,
107			'abbr' => 1,
108			'acronym' => 1,
109			'address' => 1,
110			'applet' => 0,
111			'area' => 0,
112			'article' => 1,
113			'aside' => 1,
114			'audio' => 0,
115			'b' => 1,
116			'base' => 0,
117			'basefont' => 0,
118			'bdo' => 0,
119			'big' => 0,
120			'blockquote' => 2,
121			'br' => 2,
122			'button' => 0,
123			'canvas' => 0,
124			'caption' => 1,
125			'center' => 2,
126			'cite' => 1,
127			'code' => 0,
128			'col' => 1,
129			'colgroup' => 1,
130			'command' => 0,
131			'datalist' => 0,
132			'dd' => 1,
133			'del' => 0,
134			'details' => 1,
135			'dfn' => 0,
136			'dir' => 0,
137			'div' => 2,
138			'dl' => 1,
139			'dt' => 1,
140			'em' => 2,
141			'embed' => 0,
142			'fieldset' => 1,
143			'figcaption' => 0,
144			'figure' => 0,
145			'footer' => 0,
146			'font' => 0,
147			'form' => 0,
148			'h1' => 1,
149			'h2' => 1,
150			'h3' => 1,
151			'h4' => 1,
152			'h5' => 1,
153			'h6' => 1,
154			'header' => 0,
155			'hgroup' => 0,
156			'hr' => 2,
157			'i' => 1,
158			'iframe' => 0,
159			'img' => 2,
160			'input' => 0,
161			'ins' => 0,
162			'keygen' => 0,
163			'kbd' => 0,
164			'label' => 1,
165			'legend' => 1,
166			'li' => 2,
167			'map' => 0,
168			'mark' => 0,
169			'menu' => 0,
170			'marquee' => 0,
171			'meter' => 0,
172			'nav' => 0,
173			'nobr' => 0,
174			'object' => 0,
175			'ol' => 2,
176			'optgroup' => 0,
177			'option' => 0,
178			'output' => 0,
179			'p' => 2,
180			'param' => 0,
181			'pre' => 2,
182			'progress' => 0,
183			'q' => 0,
184			'rp' => 0,
185			'rt' => 0,
186			'ruby' => 0,
187			's' => 0,
188			'samp' => 0,
189			'script' => 0,
190			'section' => 0,
191			'select' => 0,
192			'small' => 0,
193			'source' => 0,
194			'span' => 2,
195			'strike' => 0,
196			'strong' => 2,
197			'sub' => 1,
198			'summary' => 1,
199			'sup' => 0,
200			'table' => 2,
201			'tbody' => 1,
202			'td' => 2,
203			'textarea' => 0,
204			'tfoot' => 1,
205			'th' => 2,
206			'thead' => 0,
207			'time' => 0,
208			'tr' => 2,
209			'tt' => 2,
210			'u' => 0,
211			'ul' => 2,
212			'var' => 0,
213			'video' => 0,
214			'wbr' => 0
215			];
216			$this->setSystemVar('AllowableHTML', $defhtml);
217
218			// Initialisation successful
219			return true;
220			}
221
222			/**
223			* upgrade the SecurityCenter module from an old version
224			*
225			* @param string $oldVersion version number string to upgrade from
226			*
227			* @return bool\|string true on success, last valid version string or false if fails
228			*/
229			public function upgrade($oldVersion)
230			{
231			switch ($oldVersion) {
232			case '1.5.0':
			0 ignored issues – show Coding Style introduced 2017-02-02 21:16 UTC by Report Bug Copy Issue Report There must be a comment when fall-through is intentional in a non-empty case body Loading history...
233			// avoid storing absolute pathes in module vars
234			$variableApi = $this->container->get('zikula_extensions_module.api.variable');
235
236			// delete obsolete variable
237			$variableApi->del(VariableApi::CONFIG, 'htmlpurifierlocation');
238
239			// only update this value if it has not been customised
240			if (false !== strpos($variableApi->get(VariableApi::CONFIG, 'idsrulepath'), 'phpids_zikula_default')) {
241			$this->setSystemVar('idsrulepath', 'system/SecurityCenterModule/Resources/config/phpids_zikula_default.xml');
242			}
243			case '1.5.1':
			0 ignored issues – show Coding Style introduced 2017-04-06 10:51 UTC by Report Bug Copy Issue Report There must be a comment when fall-through is intentional in a non-empty case body Loading history...
244			// set the session information in /src/app/config/dynamic/generated.yml
245			$configDumper = $this->container->get('zikula.dynamic_config_dumper');
246			$sessionStoreToFile = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionstoretofile', Constant::SESSION_STORAGE_DATABASE);
247			$sessionHandlerId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'session.handler.native_file' : 'zikula_core.bridge.http_foundation.doctrine_session_handler';
248			$configDumper->setParameter('zikula.session.handler_id', $sessionHandlerId);
249			$sessionStorageId = $sessionStoreToFile == Constant::SESSION_STORAGE_FILE ? 'zikula_core.bridge.http_foundation.zikula_session_storage_file' : 'zikula_core.bridge.http_foundation.zikula_session_storage_doctrine';
250			$configDumper->setParameter('zikula.session.storage_id', $sessionStorageId); // Symfony default is 'session.storage.native'
251			$sessionSavePath = $this->container->get('zikula_extensions_module.api.variable')->getSystemVar('sessionsavepath', '');
252			$zikulaSessionSavePath = empty($sessionSavePath) ? '%kernel.cache_dir%/sessions' : $sessionSavePath;
253			$configDumper->setParameter('zikula.session.save_path', $zikulaSessionSavePath);
254			case '1.5.2':
255			// current version
256			}
257
258			// Update successful
259			return true;
260			}
261
262			/**
263			* delete the SecurityCenter module
264			*
265			* @return bool true on success, false otherwise
266			*/
267			public function uninstall()
268			{
269			// this module can't be uninstalled
270			return false;
271			}
272
273			private function setSystemVar($name, $value = '')
274			{
275			return $this->container->get('zikula_extensions_module.api.variable')->set(VariableApi::CONFIG, $name, $value);
276			}
277			}
278

zikula / core

Push — master ( d55b57...69f249 )

SecurityCenterModuleInstaller::upgrade() C

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like