‪TYPO3CMS  9.5
All Classes Namespaces Files Functions Variables Pages
SvgFilesSanitization.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types = 1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Install\Updates;
19 
20 use ‪TYPO3\CMS\Core\Resource\Exception\InsufficientFolderAccessPermissionsException;
21 use ‪TYPO3\CMS\Core\Resource\File;
22 use ‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter;
23 use ‪TYPO3\CMS\Core\Resource\ResourceStorage;
24 use ‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer;
25 use ‪TYPO3\CMS\Core\Resource\StorageRepository;
26 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
27 
28 class ‪SvgFilesSanitization implements ‪UpgradeWizardInterface, ‪ConfirmableInterface
29 {
33  protected ‪$storageRepository;
34 
38  protected ‪$confirmation;
39 
40  public function ‪__construct()
41  {
42  $this->storageRepository = GeneralUtility::makeInstance(StorageRepository::class);
43  $this->confirmation = new ‪Confirmation(
44  'Continue sanitizing SVG files?',
45  $this->‪getDescription(),
46  false,
47  'sanitize, backup available',
48  'cancel',
49  false
50  );
51  }
52 
59  public function ‪getIdentifier(): string
60  {
61  return 'svgFilesSanitization';
62  }
63 
69  public function ‪getTitle(): string
70  {
71  return 'Sanitize existing SVG files in fileadmin folder';
72  }
73 
79  public function ‪getDescription(): string
80  {
81  return 'This upgrade wizard will sanitize all SVG files located in local file storages. '
82  . 'It is very likely that file contents will be changed.' . "\n"
83  . 'Before continuing, please ensure a proper backup of *.svg and *.svgz files is in place before continuing.';
84  }
85 
91  public function ‪updateNecessary(): bool
92  {
93  return true;
94  }
95 
103  public function ‪executeUpdate(): bool
104  {
105  return $this->‪processSvgFiles();
106  }
107 
116  public function ‪getPrerequisites(): array
117  {
118  return [];
119  }
120 
126  public function ‪getConfirmation(): Confirmation
127  {
128  return ‪$this->confirmation;
129  }
130 
134  protected function ‪resolveLocalStorages(): array
135  {
136  return array_filter(
137  $this->storageRepository->findByStorageType('Local'),
138  function (ResourceStorage $storage) {
139  return $storage->isWritable();
140  }
141  );
142  }
143 
149  protected function ‪resolveSvgFiles(ResourceStorage $storage): array
150  {
151  $filter = GeneralUtility::makeInstance(FileExtensionFilter::class);
152  $filter->setAllowedFileExtensions(['svg', 'svgz']);
153  $files = $storage
154  ->setFileAndFolderNameFilters([
155  [$filter, 'filterFileList']
156  ])
157  ->getFilesInFolder(
158  $storage->getRootLevelFolder(),
159  0,
160  0,
161  true,
162  true
163  );
164  $storage->resetFileAndFolderNameFiltersToDefault();
165  return $files;
166  }
167 
168  protected function ‪processSvgFiles(): bool
169  {
170  $successful = true;
171  $sanitizer = GeneralUtility::makeInstance(SvgSanitizer::class);
172  foreach ($this->‪resolveLocalStorages() as $storage) {
173  try {
174  $svgFiles = $this->‪resolveSvgFiles($storage);
175  } catch (‪InsufficientFolderAccessPermissionsException $exception) {
176  // @todo Add notice/warning for this upgrade process
177  $successful = false;
178  continue;
179  }
180  foreach ($svgFiles as $svgFile) {
181  $oldFileContent = $svgFile->getContents();
182  $newFileContent = $sanitizer->sanitizeContent($oldFileContent);
183  if ($oldFileContent !== $newFileContent) {
184  $svgFile->setContents($newFileContent);
185  }
186  }
187  }
188  return $successful;
189  }
190 }
‪TYPO3\CMS\Core\Resource\ResourceStorage\resetFileAndFolderNameFiltersToDefault
‪resetFileAndFolderNameFiltersToDefault()
Definition: ResourceStorage.php:1450
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\updateNecessary
‪bool updateNecessary()
Definition: SvgFilesSanitization.php:89
‪TYPO3\CMS\Core\Resource\Exception\InsufficientFolderAccessPermissionsException
Definition: InsufficientFolderAccessPermissionsException.php:21
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\processSvgFiles
‪processSvgFiles()
Definition: SvgFilesSanitization.php:166
‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer
Definition: SvgSanitizer.php:23
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getPrerequisites
‪string[] getPrerequisites()
Definition: SvgFilesSanitization.php:114
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\executeUpdate
‪bool executeUpdate()
Definition: SvgFilesSanitization.php:101
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getTitle
‪string getTitle()
Definition: SvgFilesSanitization.php:67
‪TYPO3\CMS\Core\Resource\ResourceStorage\getRootLevelFolder
‪Folder getRootLevelFolder($respectFileMounts=true)
Definition: ResourceStorage.php:2536
‪TYPO3\CMS\Install\Updates
Definition: AbstractDownloadExtensionUpdate.php:3
‪TYPO3\CMS\Core\Resource\ResourceStorage\setFileAndFolderNameFilters
‪$this setFileAndFolderNameFilters(array $filters)
Definition: ResourceStorage.php:1469
‪TYPO3\CMS\Core\Resource\StorageRepository
Definition: StorageRepository.php:29
‪TYPO3\CMS\Core\Resource\File
Definition: File.php:23
‪TYPO3\CMS\Install\Updates\Confirmation
Definition: Confirmation.php:20
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter
Definition: FileExtensionFilter.php:28
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\$storageRepository
‪StorageRepository $storageRepository
Definition: SvgFilesSanitization.php:32
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getConfirmation
‪Confirmation getConfirmation()
Definition: SvgFilesSanitization.php:124
‪TYPO3\CMS\Install\Updates\UpgradeWizardInterface
Definition: UpgradeWizardInterface.php:22
‪TYPO3\CMS\Core\Resource\ResourceStorage
Definition: ResourceStorage.php:74
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\resolveSvgFiles
‪File[] resolveSvgFiles(ResourceStorage $storage)
Definition: SvgFilesSanitization.php:147
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\__construct
‪__construct()
Definition: SvgFilesSanitization.php:38
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization
Definition: SvgFilesSanitization.php:29
‪TYPO3\CMS\Core\Resource\ResourceStorage\isWritable
‪bool isWritable()
Definition: ResourceStorage.php:330
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:45
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getIdentifier
‪string getIdentifier()
Definition: SvgFilesSanitization.php:57
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getDescription
‪string getDescription()
Definition: SvgFilesSanitization.php:77
‪TYPO3\CMS\Install\Updates\ConfirmableInterface
Definition: ConfirmableInterface.php:23
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\$confirmation
‪Confirmation $confirmation
Definition: SvgFilesSanitization.php:36
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\resolveLocalStorages
‪ResourceStorage[] resolveLocalStorages()
Definition: SvgFilesSanitization.php:132