diff --git a/README.md b/README.md index 288efbda3..0251a90a8 100644 --- a/README.md +++ b/README.md @@ -52,7 +52,7 @@ iTop also offers mass import tools and web services to integrate with your IT ## Last releases ### Versions 2.7.* - - 2.7.0-1 published on April 8, 2020 + - 2.7.1 published on April 8, 2020 - [Changes since the previous version][62] - [New features][63] - [Migration notes][64] @@ -125,10 +125,8 @@ We would like to give a special thank you to the people from the community who c - Lucas, Jonathan - Malik, Remie - Rosenke, Stephan - - Schirrmann, Pascal - Seki, Shoji - Shilov, Vladimir - - Tahri, Ahmed R. (Ousret) - Tulio, Marco - Turrubiates, Miguel diff --git a/application/dashboard.class.inc.php b/application/dashboard.class.inc.php index 35b9833e6..322e68e38 100644 --- a/application/dashboard.class.inc.php +++ b/application/dashboard.class.inc.php @@ -1574,9 +1574,16 @@ JS private function GetDashletObjectListAppUserPreferencesPrefix(DashletObjectList $oDashlet, $aExtraParams, $sDashletId) { $sDataTableId = Dashlet::APPUSERPREFERENCES_PREFIX.$sDashletId; - $oFilter = $oDashlet->GetDBSearch($aExtraParams); - $aClassAliases = $oFilter->GetSelectedClasses(); - + $aClassAliases = array(); + try{ + $oFilter = $oDashlet->GetDBSearch($aExtraParams); + $aClassAliases = $oFilter->GetSelectedClasses(); + } + catch (Exception $e) + { + //on error, return default value + return null; + } return DataTableSettings::GetAppUserPreferenceKey($aClassAliases, $sDataTableId); } } diff --git a/application/ui.extkeywidget.class.inc.php b/application/ui.extkeywidget.class.inc.php index 6426ddf51..a162cc8c5 100644 --- a/application/ui.extkeywidget.class.inc.php +++ b/application/ui.extkeywidget.class.inc.php @@ -652,7 +652,6 @@ HTML $oPage->add(''); $oPage->add_ready_script("\$('#tree_$this->iId ul').treeview({ control: '#treecontrolid', persist: 'false'});\n"); - $oPage->add_ready_script("\$('#tree_$this->iId ul').treeview();\n"); $oPage->add_ready_script("\$('#dlg_tree_$this->iId').dialog({ width: 'auto', height: 'auto', autoOpen: true, modal: true, title: '$sDialogTitle', resizeStop: oACWidget_{$this->iId}.OnHKResize, close: oACWidget_{$this->iId}.OnHKClose });\n"); } diff --git a/core/backgroundprocess.inc.php b/core/backgroundprocess.inc.php index 05ec4572e..fde1605c3 100644 --- a/core/backgroundprocess.inc.php +++ b/core/backgroundprocess.inc.php @@ -263,13 +263,14 @@ abstract class AbstractWeeklyScheduledProcess implements iScheduledProcess /** * Exception for {@link iProcess} implementations.
* An error happened during the processing but we can go on with the next implementations. + * @since 2.5.0 N°1195 */ class ProcessException extends CoreException { } /** - * @since 2.7.0 + * @since 2.7.0 PR #89 */ class ProcessInvalidConfigException extends ProcessException { @@ -279,6 +280,7 @@ class ProcessInvalidConfigException extends ProcessException * Class ProcessFatalException * Exception for iProcess implementations.
* A big error occurred, we have to stop the iProcess processing. + * @since 2.5.0 N°1195 */ class ProcessFatalException extends CoreException { diff --git a/core/dbobjectsearch.class.php b/core/dbobjectsearch.class.php index 492c503c0..bd461b022 100644 --- a/core/dbobjectsearch.class.php +++ b/core/dbobjectsearch.class.php @@ -528,6 +528,8 @@ class DBObjectSearch extends DBSearch } /** + * Helper method for IN / NOT IN conditions : values won't be parsed in the expression tree, that will save some time ! + * * @param string $sFilterCode attribute code to use * @param array $aValues * @param bool $bPositiveMatch if true will add a IN filter, else a NOT IN diff --git a/core/dbobjectset.class.php b/core/dbobjectset.class.php index fec4798c7..076dbb954 100644 --- a/core/dbobjectset.class.php +++ b/core/dbobjectset.class.php @@ -424,7 +424,7 @@ class DBObjectSet implements iDBObjectSetIterator * * @api * - * @param bool $bWithId + * @param bool $bWithId if true array key will be set to object id * * @return DBObject[] * diff --git a/core/htmlsanitizer.class.inc.php b/core/htmlsanitizer.class.inc.php index 5bcae80eb..b2a7aa4c7 100644 --- a/core/htmlsanitizer.class.inc.php +++ b/core/htmlsanitizer.class.inc.php @@ -160,65 +160,53 @@ class HTMLDOMSanitizer extends HTMLSanitizer * @see https://www.itophub.io/wiki/page?id=2_6_0%3Aadmin%3Arich_text_limitations */ protected static $aTagsWhiteList = array( - 'a' => array('href', 'name', 'style', 'target', 'title'), - 'b' => array(), - 'big' => array(), - 'blockquote' => array('style'), + 'html' => array(), 'body' => array(), + 'a' => array('href', 'name', 'style', 'target', 'title'), + 'p' => array('style'), + 'blockquote' => array('style'), 'br' => array(), - 'center' => array(), - 'cite' => array(), - 'code' => array('style', 'class'), - 'del' => array(), + 'span' => array('style'), 'div' => array('style'), + 'b' => array(), + 'i' => array(), + 'u' => array(), 'em' => array(), - 'fieldset' => array('style'), - 'font' => array('face', 'color', 'style', 'size'), + 'strong' => array(), + 'img' => array('src', 'style', 'alt', 'title'), + 'ul' => array('style'), + 'ol' => array('style'), + 'li' => array('style'), 'h1' => array('style'), 'h2' => array('style'), 'h3' => array('style'), 'h4' => array('style'), - 'hr' => array('style'), - 'html' => array(), - 'i' => array(), - 'img' => array('src', 'style', 'alt', 'title'), - 'ins' => array(), - 'kbd' => array(), - 'legend' => array('style'), - 'li' => array('style'), 'nav' => array('style'), - 'ol' => array('style'), - 'p' => array('style'), - 'pre' => array(), - 'q' => array(), - 'samp' => array(), - 's' => array(), // strikethrough 'section' => array('style'), - 'small' => array(), - 'span' => array('style'), - 'strong' => array(), + 'code' => array('style', 'class'), 'table' => array('style', 'width', 'summary', 'align', 'border', 'cellpadding', 'cellspacing'), + 'thead' => array('style'), 'tbody' => array('style'), + 'tr' => array('style', 'colspan', 'rowspan'), 'td' => array('style', 'colspan', 'rowspan'), 'th' => array('style', 'colspan', 'rowspan'), - 'thead' => array('style'), - 'tr' => array('style', 'colspan', 'rowspan'), + 'fieldset' => array('style'), + 'legend' => array('style'), + 'font' => array('face', 'color', 'style', 'size'), + 'big' => array(), + 'small' => array(), 'tt' => array(), - 'u' => array(), - 'ul' => array('style'), + 'kbd' => array(), + 'samp' => array(), 'var' => array(), - ); - - protected static $aTagsContentRemovableList = array( - 'applet', - 'basefont', - 'canvas', - 'code', - 'dialog', - 'embed', - 'object', - 'script', - 'style', + 'del' => array(), + 's' => array(), // strikethrough + 'ins' => array(), + 'cite' => array(), + 'q' => array(), + 'hr' => array('style'), + 'pre' => array(), + 'center' => array(), ); protected static $aAttrsWhiteList = array( @@ -314,108 +302,6 @@ class HTMLDOMSanitizer extends HTMLSanitizer } protected function CleanNode(DOMNode $oElement) - { - $this->CleanNodeRemoveForbiddenTags($oElement); - $this->CleanNodeHandleImages($oElement); - $this->CleanNodeRemoveForbiddenAttributes($oElement); - } - - protected function CleanNodeRemoveForbiddenTags(DOMNode $oElement) - { - if ($oElement->hasChildNodes()) - { - $aValidatedNodes = array(); - do - { - $bChildRemoved = false; - - $aNodes = array(); - foreach($oElement->childNodes as $oNode) - { - $aNodes[] = $oNode; - } - - foreach($aNodes as $oNode) - { - if (($oNode instanceof DOMElement) && (!array_key_exists(strtolower($oNode->tagName), self::$aTagsWhiteList))) - { - $bChildRemoved = true; - $this->SmartRemoveChild($oElement, $oNode); - } - else if ($oNode instanceof DOMComment) - { - $oElement->removeChild($oNode); - } - else - { - //if the node is kept, we can recurse into it, bu we want to perform this only once (see the do/while above?) - $bAlreadyValidated = false; - /** @var \DOMNode $oValidatedNode */ - foreach ($aValidatedNodes as $oValidatedNode) - { - if ($oValidatedNode->isSameNode($oNode)) - { - $bAlreadyValidated = true; - break; - } - } - if (! $bAlreadyValidated) - { - $this->CleanNodeRemoveForbiddenTags($oNode); - $aValidatedNodes[] = $oNode; - } - } - } - } while ($bChildRemoved); - } - } - - /** - * Remove a node, but move its inner nodes in the parent. - * Note: invalid/forbidden tags may be moved up, so they have to be checked again. - * - * @param \DOMNode $oParent - * @param \DOMElement $oRemovable - */ - private function SmartRemoveChild(DOMNode $oParent, DOMElement $oRemovable) - { - if (!$oRemovable->hasChildNodes()) - { - $oParent->removeChild($oRemovable); - } - else if (in_array(strtolower($oRemovable->tagName), self::$aTagsContentRemovableList)) - { - $oParent->removeChild($oRemovable); - } - else - { - /** @var \DOMNode $oNode */ - foreach ($oRemovable->childNodes as $oNode) - { - $oNode = $oNode->cloneNode(true); - $oParent->insertBefore($oNode, $oRemovable); - } - - $oParent->removeChild($oRemovable); - } - } - - protected function CleanNodeHandleImages(DOMNode $oElement) - { - if ($oElement->hasChildNodes()) - { - foreach($oElement->childNodes as $oNode) - { - $this->CleanNodeHandleImages($oNode); - if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img')) - { - InlineImage::ProcessImageTag($oNode); - } - } - } - } - - protected function CleanNodeRemoveForbiddenAttributes(DOMNode $oElement) { $aAttrToRemove = array(); // Gather the attributes to remove @@ -455,12 +341,35 @@ class HTMLDOMSanitizer extends HTMLSanitizer $oElement->removeAttribute($sName); } } - + if ($oElement->hasChildNodes()) { + $aChildElementsToRemove = array(); + // Gather the child noes to remove foreach($oElement->childNodes as $oNode) { - $this->CleanNodeRemoveForbiddenAttributes($oNode); + if (($oNode instanceof DOMElement) && (!array_key_exists(strtolower($oNode->tagName), self::$aTagsWhiteList))) + { + $aChildElementsToRemove[] = $oNode; + } + else if ($oNode instanceof DOMComment) + { + $aChildElementsToRemove[] = $oNode; + } + else + { + // Recurse + $this->CleanNode($oNode); + if (($oNode instanceof DOMElement) && (strtolower($oNode->tagName) == 'img')) + { + InlineImage::ProcessImageTag($oNode); + } + } + } + // Now remove them + foreach($aChildElementsToRemove as $oDomElement) + { + $oElement->removeChild($oDomElement); } } } diff --git a/core/ormlinkset.class.inc.php b/core/ormlinkset.class.inc.php index 0c030b161..7de3624fa 100644 --- a/core/ormlinkset.class.inc.php +++ b/core/ormlinkset.class.inc.php @@ -145,7 +145,8 @@ class ormLinkSet implements iDBObjectSetIterator, Iterator, SeekableIterator /** * @param DBObject $oObject * @param string $sClassAlias - * @deprecated Since iTop 2.4, use ormLinkset->AddItem() instead. + * + * @deprecated Since iTop 2.4, use {@link \ormLinkSet::AddItem()} instead. */ public function AddObject(DBObject $oObject, $sClassAlias = '') { diff --git a/datamodels/2.x/itop-portal-base/portal/composer.json b/datamodels/2.x/itop-portal-base/portal/composer.json index 0042dcb7f..92a2d0e13 100644 --- a/datamodels/2.x/itop-portal-base/portal/composer.json +++ b/datamodels/2.x/itop-portal-base/portal/composer.json @@ -1,8 +1,5 @@ { "license": "AGPLv3", - "config": { - "classmap-authoritative": true - }, "autoload": { "psr-4": { "Combodo\\iTop\\Portal\\": "src/" diff --git a/datamodels/2.x/version.xml b/datamodels/2.x/version.xml index 57807b22e..dc3738058 100755 --- a/datamodels/2.x/version.xml +++ b/datamodels/2.x/version.xml @@ -1,4 +1,4 @@ - 2.8.0-dev + 2.7.1 diff --git a/js/jquery.treeview.js b/js/jquery.treeview.js index 67906016f..0e8fe5d4e 100644 --- a/js/jquery.treeview.js +++ b/js/jquery.treeview.js @@ -38,7 +38,7 @@ animated ? this.animate({ height: "toggle" }, animated, callback) : this.each(function(){ - jQuery(this)[ jQuery(this).is(":hidden") ? "show" : "hide" ](); + $(this)[ $(this).is(":hidden") ? "show" : "hide" ](); if(callback) callback.apply(this, arguments); }); @@ -52,6 +52,32 @@ this.each(callback); } }, + heightToggleShow: function(animated, callback) { + if (animated) { + this.animate({ height: "show" }, animated, callback); + } + else + { + this.each(function() { + $(this).show(); + if (callback) + callback.apply(this, arguments); + }); + } + }, + heightToggleHide: function(animated, callback) { + if (animated) { + this.animate({ height: "hide" }, animated, callback); + } + else + { + this.each(function() { + $(this).hide(); + if (callback) + callback.apply(this, arguments); + }); + } + }, prepareBranches: function(settings) { if (!settings.prerendered) { // mark last tree items @@ -132,20 +158,42 @@ // handle toggle event function toggler() { - $(this) + //with if it's better + if($(this).parent().find(".treeview").first().is(":hidden") ) + { + $(this) .parent() // swap classes for hitarea .find(">.hitarea") - .swapClass( CLASSES.collapsableHitarea, CLASSES.expandableHitarea ) - .swapClass( CLASSES.lastCollapsableHitarea, CLASSES.lastExpandableHitarea ) + .replaceClass( CLASSES.expandableHitarea, CLASSES.collapsableHitarea) + .replaceClass( CLASSES.lastExpandableHitarea, CLASSES.lastCollapsableHitarea) .end() // swap classes for parent li - .swapClass( CLASSES.collapsable, CLASSES.expandable ) - .swapClass( CLASSES.lastCollapsable, CLASSES.lastExpandable ) + .replaceClass( CLASSES.expandable, CLASSES.collapsable ) + .replaceClass( CLASSES.lastExpandable, CLASSES.lastCollapsable ) // find child lists .find( ">ul" ) - // toggle them - .heightToggle( settings.animated, settings.toggle ); + // toggle them + .heightToggleShow( settings.animated, settings.toggle ); + } + else + { + $(this) + .parent() + // swap classes for hitarea + .find(">.hitarea") + .replaceClass( CLASSES.collapsableHitarea, CLASSES.expandableHitarea ) + .replaceClass( CLASSES.lastCollapsableHitarea, CLASSES.lastExpandableHitarea ) + .end() + // swap classes for parent li + .replaceClass( CLASSES.collapsable, CLASSES.expandable ) + .replaceClass( CLASSES.lastCollapsable, CLASSES.lastExpandable ) + // find child lists + .find( ">ul" ) + // toggle them + .heightToggleHide( settings.animated, settings.toggle ); + } + if ( settings.unique ) { $(this).parent() .siblings() @@ -157,10 +205,9 @@ .replaceClass( CLASSES.collapsable, CLASSES.expandable ) .replaceClass( CLASSES.lastCollapsable, CLASSES.lastExpandable ) .find( ">ul" ) - .heightHide( settings.animated, settings.toggle ); + .heightHide( settings.animated, settings.toggle ); } } - function serialize() { function binary(arg) { return arg ? 1 : 0; diff --git a/test/core/HTMLDOMSanitizerTest.php b/test/core/HTMLDOMSanitizerTest.php index d20656494..004b1cc74 100644 --- a/test/core/HTMLDOMSanitizerTest.php +++ b/test/core/HTMLDOMSanitizerTest.php @@ -168,83 +168,6 @@ class HTMLDOMSanitizerTest extends ItopTestCase return $aTestCaseArray; } - /** - * Test the fix for ticket N°2556 - * - * @dataProvider PreserveBlackListedTagContentProvider - * - */ - public function testDoSanitizePreserveBlackListedTagContent($html, $expected) - { - $oSanitizer = new HTMLDOMSanitizer(); - $sSanitizedHtml = $oSanitizer->DoSanitize($html); - - $this->assertEquals($expected, str_replace("\n", '', $sSanitizedHtml)); - } - - public function PreserveBlackListedTagContentProvider() - { - return array( - 'basic' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'basic with body' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'basic with html and body tags' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'basic with attributes' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'basic with comment' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'basic with contentRemovable tag' => array( - 'html' => '', - 'expected' => 'bar', - ), - 'nested' => array( - 'html' => 'oof', - 'expected' => 'foobazoofbaroof', - ), - 'nested with not closed br' => array( - 'html' => 'oof', - 'expected' => 'foobazoof
baroof', - ), - 'nested with allowed' => array( - 'html' => '', - 'expected' => '

baz

zab
oof', - ), - 'nested with spaces' => array( - 'html' => '', - 'expected' => 'baz oof', - ), - 'nested with attributes' => array( - 'html' => '', - 'expected' => 'bazoof', - ), - 'nested with allowed and attributes and spaces ' => array( - 'html' => '', - 'expected' => '
bazrab
oof', - ), - 'nested with allowed and contentRemovable tags' => array( - 'html' => '', - 'expected' => '
bazrab
oof', - ), - - 'regression: if head present => body is not trimmed' => array( - 'html' => 'bar', - 'expected' => 'bar', - ), - ); - } - /** * Generates an appropriate value for the given attribute, or use the counter if needed. * This is necessary as most of the attributes with empty or inappropriate values (like a numeric for a href) are removed by the parser @@ -279,43 +202,5 @@ class HTMLDOMSanitizerTest extends ItopTestCase return true; } - - /** - * @dataProvider CallInlineImageProcessImageTagProvider - */ - public function testDoSanitizeCallInlineImageProcessImageTag($sHtml, $iExpectedCount) - { - require_once APPROOT.'test/core/sanitizer/InlineImageMock.php'; - - $oSanitizer = new HTMLDOMSanitizer(); - $oSanitizer->DoSanitize($sHtml); - - $iCalledCount = \InlineImage::GetCallCounter(); - $this->assertEquals($iExpectedCount, $iCalledCount); - } - - public function CallInlineImageProcessImageTagProvider() - { - return array( - 'no image' => array( - 'html' => '

bar

', - 'expected' => 0, - ), - 'basic image' => array( - 'html' => '', - 'expected' => 1, - ), - 'nested images within forbidden tags' => array( - 'html' => '', - 'expected' => 5, - ), - 'nested images within forbidden and removed tags' => array( - 'html' => '', - 'expected' => 3, - ), - ); - } - - } diff --git a/test/core/sanitizer/InlineImageMock.php b/test/core/sanitizer/InlineImageMock.php deleted file mode 100644 index d5ad33218..000000000 --- a/test/core/sanitizer/InlineImageMock.php +++ /dev/null @@ -1,39 +0,0 @@ - - * - */ - -/** - * Mock class used by @see \Combodo\iTop\Test\UnitTest\Core\HTMLDOMSanitizerTest - * - */ -class InlineImage -{ - private static $iCallCounter = 0; - - public static function ProcessImageTag(DOMNode $oNode) - { - self::$iCallCounter++; - } - - public static function GetCallCounter() - { - return self::$iCallCounter; - } -} \ No newline at end of file