‪TYPO3CMS  ‪main
SvgFilesSanitization.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Install\Updates;
19 
20 use ‪TYPO3\CMS\Core\Resource\Exception\InsufficientFolderAccessPermissionsException;
21 use ‪TYPO3\CMS\Core\Resource\File;
22 use ‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter;
23 use ‪TYPO3\CMS\Core\Resource\ResourceStorage;
24 use ‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer;
25 use ‪TYPO3\CMS\Core\Resource\StorageRepository;
26 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
27 use ‪TYPO3\CMS\Install\Attribute\UpgradeWizard;
28 
32 #[UpgradeWizard('svgFilesSanitization')]
33 class ‪SvgFilesSanitization implements ‪UpgradeWizardInterface, ‪ConfirmableInterface
34 {
38  protected ‪$storageRepository;
39 
43  protected ‪$confirmation;
44 
45  public function ‪__construct()
46  {
47  $this->storageRepository = GeneralUtility::makeInstance(StorageRepository::class);
48  $this->confirmation = new ‪Confirmation(
49  'Continue sanitizing SVG files?',
50  $this->‪getDescription(),
51  false,
52  'sanitize, backup available',
53  'cancel',
54  false
55  );
56  }
57 
61  public function ‪getTitle(): string
62  {
63  return 'Sanitize existing SVG files in fileadmin folder';
64  }
65 
69  public function ‪getDescription(): string
70  {
71  return 'This upgrade wizard will sanitize all SVG files located in local file storages. '
72  . 'It is very likely that file contents will be changed.' . "\n"
73  . 'Before continuing, please ensure a proper backup of *.svg and *.svgz files is in place before continuing.';
74  }
75 
79  public function ‪updateNecessary(): bool
80  {
81  return true;
82  }
83 
89  public function ‪executeUpdate(): bool
90  {
91  return $this->‪processSvgFiles();
92  }
93 
102  public function ‪getPrerequisites(): array
103  {
104  return [];
105  }
106 
110  public function ‪getConfirmation(): Confirmation
111  {
112  return ‪$this->confirmation;
113  }
114 
118  protected function ‪resolveLocalStorages(): array
119  {
120  return array_filter(
121  $this->storageRepository->findByStorageType('Local'),
122  static ‪function (ResourceStorage $storage) {
123  return $storage->isWritable();
124  }
125  );
126  }
127 
132  protected function ‪resolveSvgFiles(ResourceStorage $storage): array
133  {
134  $filter = GeneralUtility::makeInstance(FileExtensionFilter::class);
135  $filter->setAllowedFileExtensions(['svg', 'svgz']);
136  $files = $storage
137  ->setFileAndFolderNameFilters([
138  [$filter, 'filterFileList'],
139  ])
140  ->getFilesInFolder(
141  $storage->getRootLevelFolder(),
142  0,
143  0,
144  true,
145  true
146  );
147  $storage->resetFileAndFolderNameFiltersToDefault();
148  return $files;
149  }
150 
151  protected function ‪processSvgFiles(): bool
152  {
153  $successful = true;
154  $sanitizer = GeneralUtility::makeInstance(SvgSanitizer::class);
155  foreach ($this->‪resolveLocalStorages() as $storage) {
156  try {
157  $svgFiles = $this->‪resolveSvgFiles($storage);
158  } catch (‪InsufficientFolderAccessPermissionsException $exception) {
159  // @todo Add notice/warning for this upgrade process
160  $successful = false;
161  continue;
162  }
163  foreach ($svgFiles as $svgFile) {
164  $oldFileContent = $svgFile->getContents();
165  $newFileContent = $sanitizer->sanitizeContent($oldFileContent);
166  if ($oldFileContent !== $newFileContent) {
167  $svgFile->setContents($newFileContent);
168  }
169  }
170  }
171  return $successful;
172  }
173 }
‪TYPO3\CMS\Core\Resource\ResourceStorage\resetFileAndFolderNameFiltersToDefault
‪resetFileAndFolderNameFiltersToDefault()
Definition: ResourceStorage.php:1471
‪TYPO3\CMS\Install\function
‪static return function(ContainerConfigurator $container, ContainerBuilder $containerBuilder)
Definition: Services.php:12
‪TYPO3\CMS\Core\Resource\Exception\InsufficientFolderAccessPermissionsException
Definition: InsufficientFolderAccessPermissionsException.php:24
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\processSvgFiles
‪processSvgFiles()
Definition: SvgFilesSanitization.php:149
‪TYPO3\CMS\Core\Resource\ResourceStorage\getFilesInFolder
‪File[] getFilesInFolder(Folder $folder, $start=0, $maxNumberOfItems=0, $useFilters=true, $recursive=false, $sort='', $sortRev=false)
Definition: ResourceStorage.php:1552
‪TYPO3\CMS\Core\Resource\Security\SvgSanitizer
Definition: SvgSanitizer.php:23
‪TYPO3\CMS\Install\Attribute\UpgradeWizard
Definition: UpgradeWizard.php:27
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getDescription
‪getDescription()
Definition: SvgFilesSanitization.php:67
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getPrerequisites
‪string[] getPrerequisites()
Definition: SvgFilesSanitization.php:100
‪TYPO3\CMS\Core\Resource\ResourceStorage\getRootLevelFolder
‪Folder getRootLevelFolder($respectFileMounts=true)
Definition: ResourceStorage.php:2566
‪TYPO3\CMS\Install\Updates
Definition: AbstractDownloadExtensionUpdate.php:16
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\executeUpdate
‪executeUpdate()
Definition: SvgFilesSanitization.php:87
‪TYPO3\CMS\Core\Resource\StorageRepository
Definition: StorageRepository.php:38
‪TYPO3\CMS\Core\Resource\File
Definition: File.php:24
‪TYPO3\CMS\Install\Updates\Confirmation
Definition: Confirmation.php:21
‪TYPO3\CMS\Core\Resource\Filter\FileExtensionFilter
Definition: FileExtensionFilter.php:31
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\$storageRepository
‪StorageRepository $storageRepository
Definition: SvgFilesSanitization.php:37
‪TYPO3\CMS\Install\Updates\UpgradeWizardInterface
Definition: UpgradeWizardInterface.php:24
‪TYPO3\CMS\Core\Resource\ResourceStorage
Definition: ResourceStorage.php:127
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\resolveSvgFiles
‪File[] resolveSvgFiles(ResourceStorage $storage)
Definition: SvgFilesSanitization.php:130
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\__construct
‪__construct()
Definition: SvgFilesSanitization.php:43
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\updateNecessary
‪updateNecessary()
Definition: SvgFilesSanitization.php:77
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization
Definition: SvgFilesSanitization.php:34
‪TYPO3\CMS\Core\Resource\ResourceStorage\isWritable
‪bool isWritable()
Definition: ResourceStorage.php:390
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getTitle
‪getTitle()
Definition: SvgFilesSanitization.php:59
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:51
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\getConfirmation
‪getConfirmation()
Definition: SvgFilesSanitization.php:108
‪TYPO3\CMS\Install\Updates\ConfirmableInterface
Definition: ConfirmableInterface.php:24
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\$confirmation
‪Confirmation $confirmation
Definition: SvgFilesSanitization.php:41
‪TYPO3\CMS\Install\Updates\SvgFilesSanitization\resolveLocalStorages
‪ResourceStorage[] resolveLocalStorages()
Definition: SvgFilesSanitization.php:116