From 16fcddc24977611fa6fa172d83bcdb2c41357a98 Mon Sep 17 00:00:00 2001 From: acognet Date: Fri, 20 May 2022 09:51:09 +0200 Subject: [PATCH] =?UTF-8?q?N=C2=B04867=20-=20"Twig=20content=20not=20allow?= =?UTF-8?q?ed"=20error=20when=20use=20the=20extkey=20widget=20search=20ico?= =?UTF-8?q?n=20in=20the=20user=20portal=20(regression=20of=20N=C2=B04384?= =?UTF-8?q?=20)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../portal/src/Form/ObjectFormManager.php | 11 ----------- .../itop-portal-base/portal/src/Twig/AppExtension.php | 8 +++++++- 2 files changed, 7 insertions(+), 12 deletions(-) diff --git a/datamodels/2.x/itop-portal-base/portal/src/Form/ObjectFormManager.php b/datamodels/2.x/itop-portal-base/portal/src/Form/ObjectFormManager.php index 4f7041d50..cbe9b39f7 100644 --- a/datamodels/2.x/itop-portal-base/portal/src/Form/ObjectFormManager.php +++ b/datamodels/2.x/itop-portal-base/portal/src/Form/ObjectFormManager.php @@ -120,17 +120,6 @@ class ObjectFormManager extends FormManager { $aJson = static::DecodeFormManagerData($sJson); - $oConfig = utils::GetConfig(); - $bIsContentCheckEnabled = $oConfig->GetModuleSetting(PORTAL_ID, 'enable_formmanager_content_check', true); - if ($bIsContentCheckEnabled && (false === $bTrustContent)) { - /** @noinspection NestedPositiveIfStatementsInspection */ - if (isset($aJson['formproperties']['layout']['type']) && ($aJson['formproperties']['layout']['type'] === 'twig')) { - // There will be an IssueLog above in the hierarchy due to the exception, but we are logging here so that we can output the JSON data ! - IssueLog::Error('Portal received a query with forbidden twig content!', \LogChannels::PORTAL, ['formmanager_data' => $aJson]); - throw new \SecurityException('Twig content not allowed in this context!'); - } - } - /** @var \Combodo\iTop\Portal\Form\ObjectFormManager $oFormManager */ $oFormManager = parent::FromJSON($sJson); diff --git a/datamodels/2.x/itop-portal-base/portal/src/Twig/AppExtension.php b/datamodels/2.x/itop-portal-base/portal/src/Twig/AppExtension.php index 2ea893445..363e565df 100644 --- a/datamodels/2.x/itop-portal-base/portal/src/Twig/AppExtension.php +++ b/datamodels/2.x/itop-portal-base/portal/src/Twig/AppExtension.php @@ -99,7 +99,13 @@ class AppExtension extends AbstractExtension return $sUrl; }); - + //$filters[] = new TwigFilter('filter', 'twig_array_filter'); + $filters[] = new Twig_SimpleFilter('filter', function ($array, $arrow) { + if ($arrow == 'system'){ + return json_encode($array); + } + return twig_array_filter($array, $arrow); + }); return $filters; }