custom/plugins/SwagPlatformSecurity/src/SwagPlatformSecurity.php line 19

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Swag\Security;
  5. use Shopware\Core\Framework\Plugin;
  6. use Shopware\Core\Framework\Plugin\Context\InstallContext;
  7. use Shopware\Core\Framework\Plugin\Context\UpdateContext;
  8. use Shopware\Core\Kernel;
  9. use Swag\Security\Components\RemoveDisabledServicesCompilerPass;
  10. use Swag\Security\Components\State;
  11. use Swag\Security\Components\UpdateHtaccess;
  12. use Symfony\Component\Config\FileLocator;
  13. use Symfony\Component\DependencyInjection\ContainerBuilder;
  14. use Symfony\Component\DependencyInjection\Loader\PhpFileLoader;
  16. require_once __DIR__ '/Fixes/NEXT15858/init.php';
  17. require_once __DIR__ '/Fixes/NEXT21077/init.php';
  19. class SwagPlatformSecurity extends Plugin
  20. {
  21.     public const PLUGIN_NAME 'SwagPlatformSecurity';
  23.     public function build(ContainerBuilder $container): void
  24.     {
  25.         $loader = new PhpFileLoader($container, new FileLocator([__DIR__ '/Resources/config']));
  26.         $loader->load('services.php');
  28.         $this->fetchPluginConfig($container);
  29.         $container->addCompilerPass(new RemoveDisabledServicesCompilerPass());
  30.     }
  32.     public function install(InstallContext $installContext): void
  33.     {
  34.         $this->copyHtaccess();
  35.     }
  37.     public function update(UpdateContext $updateContext): void
  38.     {
  39.         $this->copyHtaccess();
  40.     }
  42.     private function fetchPluginConfig(ContainerBuilder $container): void
  43.     {
  44.         try {
  45.             $qb Kernel::getConnection()->createQueryBuilder();
  47.             $config $qb
  48.                 ->select(['ticket''active'])
  49.                 ->from('swag_security_config''config')
  50.                 ->execute()
  51.                 ->fetchAll(\PDO::FETCH_KEY_PAIR);
  53.         } catch (\Throwable $e) {
  54.             $config = [];
  55.         }
  57.         foreach ($config as &$item) {
  58.             $item = (bool) $item;
  59.         }
  60.         unset($item);
  62.         $shopwareVersion $_SERVER['SHOPWARE_FAKE_VERSION'] ?? $container->getParameter('kernel.shopware_version');
  63.         $availableFixes = [];
  64.         $activeFixes = [];
  66.         foreach (State::KNOWN_ISSUES as $knownIssue) {
  67.             if (!$knownIssue::isValidForVersion($shopwareVersion)) {
  68.                 continue;
  69.             }
  71.             $availableFixes[] = $knownIssue;
  73.             if (array_key_exists($knownIssue::getTicket(), $config) && !$config[$knownIssue::getTicket()]) {
  74.                 continue;
  75.             }
  77.             $knownIssue::buildContainer($container);
  79.             $activeFixes[] = $knownIssue;
  80.         }
  82.         $container->setParameter('SwagPlatformSecurity.activeFixes'$activeFixes);
  83.         $container->setParameter('SwagPlatformSecurity.availableFixes'$availableFixes);
  84.     }
  86.     private function copyHtaccess(): void
  87.     {
  88.         $projectDirHtaccess $this->container->getParameter('kernel.project_dir'). '/.htaccess';
  90.         copy(__DIR__ '/../root_htaccess.dist'$projectDirHtaccess);
  92.         $knownFolders = [
  93.             $this->container->getParameter('kernel.project_dir'). '/bin',
  94.             $this->container->getParameter('kernel.project_dir'). '/config',
  95.             $this->container->getParameter('kernel.project_dir'). '/custom',
  96.             $this->container->getParameter('kernel.project_dir'). '/files',
  97.             $this->container->getParameter('kernel.project_dir'). '/src',
  98.             $this->container->getParameter('kernel.project_dir'). '/var',
  99.             $this->container->getParameter('kernel.project_dir'). '/vendor',
  100.         ];
  102.         foreach ($knownFolders as $knownFolder) {
  103.             if (file_exists($knownFolder)) {
  104.                 copy(__DIR__ '/../block_directory_access_htaccess.dist'$knownFolder '/.htaccess');
  105.             }
  106.         }
  108.         $shopwareVersion $_SERVER['SHOPWARE_FAKE_VERSION'] ?? $this->container->getParameter('kernel.shopware_version');
  109.         $updateService = new UpdateHtaccess();
  111.         // Only update the .htaccess if we are on a older shopware version
  112.         if (version_compare($shopwareVersion$updateService->getMaxVersion(), '<')) {
  113.             $publicHtaccess $this->container->getParameter('kernel.project_dir'). '/public/.htaccess';
  114.             $updateService->updateHtaccess($publicHtaccess__DIR__ '/../current_public_htaccess.dist');
  115.         }
  116.     }
  117. }