Browse Source

Bug 20415: Remove UseKohaPlugins system preference

Owen Leonard 2018-03-16 10:47:47 UTC :
<<
I don't think the system preference adds any security. There are already multiple permissions required for working with plugins:

- Configure plugins
- Manage plugins ( install / uninstall )
- Use report plugins
- Use tool plugins

And even with those permissions your server must be configured to allow the use of plugins.
>>

Test plan :
1) Install kitchen sink plugin https://github.com/bywatersolutions/koha-plugin-kitchen-sink
2) Run misc/devel/install_plugins.pl
3) Set config enable_plugins=1
4) Check all parts of the plugin are working
5) Set config enable_plugins=0
6) Check all parts of the plugin are disabled

Signed-off-by: Bernardo Gonzalez Kriegel <bgkriegel@gmail.com>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
20.05.x
Fridolin Somers 3 years ago
committed by Martin Renvoize
parent
commit
21c9b685bf
Signed by: martin.renvoize GPG Key ID: 422B469130441A0F
  1. 1
      C4/Auth.pm
  2. 2
      C4/Biblio.pm
  3. 1
      C4/UsageStats.pm
  4. 2
      Koha/Item.pm
  5. 7
      Koha/Patron.pm
  6. 3
      Koha/REST/Plugin/PluginRoutes.pm
  7. 3
      Koha/REST/V1/Static.pm
  8. 12
      Koha/Template/Plugin/KohaPlugins.pm
  9. 2
      admin/admin-home.pl
  10. 5
      admin/edi_accounts.pl
  11. 3
      catalogue/detail.pl
  12. 1
      installer/data/mysql/atomicupdate/bug_20415.sql
  13. 1
      installer/data/mysql/sysprefs.sql
  14. 7
      koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref
  15. 4
      misc/devel/install_plugins.pl
  16. 3
      opac/opac-account.pl
  17. 3
      plugins/plugins-enable.pl
  18. 2
      plugins/plugins-home.pl
  19. 3
      plugins/plugins-uninstall.pl
  20. 2
      plugins/plugins-upload.pl
  21. 2
      plugins/run.pl
  22. 1
      t/db_dependent/ImportBatch.t
  23. 1
      t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t
  24. 1
      t/db_dependent/Koha/Plugins/Patron.t
  25. 2
      t/db_dependent/Koha/REST/Plugin/PluginRoutes.t
  26. 2
      t/db_dependent/Koha/Template/Plugin/KohaPlugins.t
  27. 1
      t/db_dependent/UsageStats.t
  28. 3
      tools/stage-marc-import.pl

1
C4/Auth.pm

@ -506,7 +506,6 @@ sub get_template_and_user {
OPACLocalCoverImages => C4::Context->preference('OPACLocalCoverImages'),
AllowMultipleCovers => C4::Context->preference('AllowMultipleCovers'),
EnableBorrowerFiles => C4::Context->preference('EnableBorrowerFiles'),
UseKohaPlugins => C4::Context->preference('UseKohaPlugins'),
UseCourseReserves => C4::Context->preference("UseCourseReserves"),
useDischarge => C4::Context->preference('useDischarge'),
pending_checkout_notes => scalar Koha::Checkouts->search({ noteseen => 0 }),

2
C4/Biblio.pm

@ -3448,7 +3448,7 @@ sub _after_biblio_action_hooks {
my $biblio_id = $args->{biblio_id};
my $action = $args->{action};
if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) {
if ( C4::Context->config("enable_plugins") ) {
my @plugins = Koha::Plugins->new->GetPlugins({
method => 'after_biblio_action',

1
C4/UsageStats.pm

@ -213,7 +213,6 @@ sub BuildReport {
NovelistSelectEnabled
OpenLibraryCovers
OpenLibrarySearch
UseKohaPlugins
SyndeticsEnabled
TagsEnabled
CalendarFirstDayOfWeek

2
Koha/Item.pm

@ -807,7 +807,7 @@ sub _after_item_action_hooks {
my $action = $params->{action};
if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) {
if ( C4::Context->config("enable_plugins") ) {
my @plugins = Koha::Plugins->new->GetPlugins({
method => 'after_item_action',

7
Koha/Patron.pm

@ -230,10 +230,7 @@ sub store {
$self->privacy($default_privacy);
# Call any check_password plugins if password is passed
if ( C4::Context->preference('UseKohaPlugins')
&& C4::Context->config("enable_plugins")
&& $self->password )
{
if ( C4::Context->config("enable_plugins") && $self->password ) {
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'check_password',
});
@ -749,7 +746,7 @@ sub set_password {
}
}
if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) {
if ( C4::Context->config("enable_plugins") ) {
# Call any check_password plugins
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'check_password',

3
Koha/REST/Plugin/PluginRoutes.pm

@ -45,8 +45,7 @@ sub register {
my @plugins;
if ( C4::Context->preference('UseKohaPlugins')
&& C4::Context->config("enable_plugins") )
if ( C4::Context->config("enable_plugins") )
{
# plugin needs to define a namespace
@plugins = Koha::Plugins->new()->GetPlugins(

3
Koha/REST/V1/Static.pm

@ -35,8 +35,7 @@ sub get {
my $self = shift;
my $c = $self->openapi->valid_input or return;
if ( C4::Context->preference('UseKohaPlugins')
&& C4::Context->config("enable_plugins") )
if ( C4::Context->config("enable_plugins") )
{
my $path = $c->req->url->path->leading_slash(1);

12
Koha/Template/Plugin/KohaPlugins.pm

@ -47,8 +47,7 @@ to output to the head section of opac pages.
=cut
sub get_plugins_opac_head {
return q{}
unless C4::Context->preference('UseKohaPlugins');
return q{} unless C4::Context->config("enable_plugins");
my $p = Koha::Plugins->new();
@ -75,8 +74,7 @@ to output to the javascript section of at the bottom of opac pages.
=cut
sub get_plugins_opac_js {
return q{}
unless C4::Context->preference('UseKohaPlugins');
return q{} unless C4::Context->config("enable_plugins");
my $p = Koha::Plugins->new();
@ -103,8 +101,7 @@ to output to the head section of intranet pages.
=cut
sub get_plugins_intranet_head {
return q{}
unless C4::Context->preference('UseKohaPlugins');
return q{} unless C4::Context->config("enable_plugins");
my $p = Koha::Plugins->new();
@ -131,8 +128,7 @@ to output to the javascript section of at the bottom of intranet pages.
=cut
sub get_plugins_intranet_js {
return q{}
unless C4::Context->preference('UseKohaPlugins');
return q{} unless C4::Context->config("enable_plugins");
my $p = Koha::Plugins->new();

2
admin/admin-home.pl

@ -24,7 +24,7 @@ use Koha::Plugins;
my $query = new CGI;
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
my $plugins_enabled = C4::Context->config("enable_plugins");
my $mana_url = C4::Context->config('mana_config');
my ( $template, $loggedinuser, $cookie ) = get_template_and_user(

5
admin/edi_accounts.pl

@ -52,10 +52,7 @@ if ( $op eq 'acct_form' ) {
);
$template->param( vendors => \@vendors );
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
$template->param( plugins_enabled => $plugins_enabled );
if ( $plugins_enabled ) {
if ( C4::Context->config("enable_plugins") ) {
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'edifact',
});

3
catalogue/detail.pl

@ -64,8 +64,7 @@ my ( $template, $borrowernumber, $cookie, $flags ) = get_template_and_user(
);
# Determine if we should be offering any enhancement plugin buttons
if ( C4::Context->preference('UseKohaPlugins') &&
C4::Context->config('enable_plugins') ) {
if ( C4::Context->config('enable_plugins') ) {
# Only pass plugins that can offer a toolbar button
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'intranet_catalog_biblio_enhancements_toolbar_button'

1
installer/data/mysql/atomicupdate/bug_20415.sql

@ -0,0 +1 @@
DELETE FROM systempreferences WHERE variable='UseKohaPlugins';

1
installer/data/mysql/sysprefs.sql

@ -674,7 +674,6 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, `
('useDischarge','','','Allows librarians to discharge borrowers and borrowers to request a discharge','YesNo'),
('UseEmailReceipts','0','','Send email receipts for payments and write-offs','YesNo'),
('UseICU','0','1','Tell Koha if ICU indexing is in use for Zebra or not.','YesNo'),
('UseKohaPlugins','0','','Enable or disable the ability to use Koha Plugins.','YesNo'),
('UseTransportCostMatrix','0','','Use Transport Cost Matrix when filling holds','YesNo'),
('UseWYSIWYGinSystemPreferences','0','','Show WYSIWYG editor when editing certain HTML system preferences.','YesNo'),
('viewISBD','1','','Allow display of ISBD view of bibiographic records','YesNo'),

7
koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref

@ -349,13 +349,6 @@ Enhanced Content:
yes: "Embed"
no: "Don't embed"
- YouTube links as videos.
Plugins:
-
- pref: UseKohaPlugins
choices:
yes: Enable
no: "Don't enable"
- the ability to use Koha Plugins. Note, the plugin system must also be enabled in the Koha configuration file to be fully enabled.
OverDrive:
-
- Include OverDrive availability information with the client key

4
misc/devel/install_plugins.pl

@ -31,9 +31,7 @@ GetOptions( 'help|?' => \$help );
pod2usage(1) if $help;
my $plugins_enabled = C4::Context->preference('UseKohaPlugins')
&& C4::Context->config("enable_plugins");
unless ($plugins_enabled) {
unless ( C4::Context->config("enable_plugins") ) {
print
"The plugin system must be enabled for one to be able to install plugins\n";
exit 1;

3
opac/opac-account.pl

@ -84,8 +84,7 @@ $template->param(
payment_error => scalar $query->param('payment-error') || q{},
);
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
if ( $plugins_enabled ) {
if ( C4::Context->config("enable_plugins") ) {
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'opac_online_payment',
});

3
plugins/plugins-enable.pl

@ -23,8 +23,7 @@ use C4::Context;
use C4::Auth qw(check_cookie_auth);
use Koha::Plugins::Handler;
die("Koha plugins are disabled!")
unless C4::Context->preference('UseKohaPlugins');
die("Koha plugins are disabled!") unless C4::Context->config("enable_plugins");
my $input = new CGI;

2
plugins/plugins-home.pl

@ -30,7 +30,7 @@ use C4::Output;
use C4::Debug;
use C4::Context;
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
my $plugins_enabled = C4::Context->config("enable_plugins");
my $input = new CGI;
my $method = $input->param('method');

3
plugins/plugins-uninstall.pl

@ -29,8 +29,7 @@ use C4::Members;
use C4::Debug;
use Koha::Plugins::Handler;
die("Koha plugins are disabled!")
unless C4::Context->preference('UseKohaPlugins');
die("Koha plugins are disabled!") unless C4::Context->config("enable_plugins");
my $input = new CGI;

2
plugins/plugins-upload.pl

@ -31,7 +31,7 @@ use C4::Members;
use C4::Debug;
use Koha::Plugins;
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
my $plugins_enabled = C4::Context->config("enable_plugins");
my $input = new CGI;

2
plugins/run.pl

@ -27,7 +27,7 @@ use C4::Output;
use C4::Debug;
use C4::Context;
my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins");
my $plugins_enabled = C4::Context->config("enable_plugins");
my $cgi = new CGI;

1
t/db_dependent/ImportBatch.t

@ -190,7 +190,6 @@ subtest "RecordsFromMarcPlugin" => sub {
close $fh;
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
my $plugins = Koha::Plugins->new;
$plugins->InstallPlugins;

1
t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t

@ -39,7 +39,6 @@ BEGIN {
my $schema = Koha::Database->new->schema;
my $builder = t::lib::TestBuilder->new;
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
subtest 'after_biblio_action() and after_item_action() hooks tests' => sub {

1
t/db_dependent/Koha/Plugins/Patron.t

@ -40,7 +40,6 @@ BEGIN {
my $schema = Koha::Database->new->schema;
my $builder = t::lib::TestBuilder->new;
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
subtest 'check_password hook tests' => sub {

2
t/db_dependent/Koha/REST/Plugin/PluginRoutes.t

@ -48,7 +48,6 @@ subtest 'Bad plugins tests' => sub {
# enable plugins
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
# remove any existing plugins that might interfere
Koha::Plugins::Methods->search->delete;
@ -84,7 +83,6 @@ subtest 'Disabled plugins tests' => sub {
# enable plugins
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
my $good_plugin;

2
t/db_dependent/Koha/Template/Plugin/KohaPlugins.t

@ -24,7 +24,6 @@ BEGIN {
use_ok('Koha::Plugin::Test');
}
t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 );
t::lib::Mocks::mock_config( 'enable_plugins', 1 );
my $schema = Koha::Database->new->schema;
@ -53,7 +52,6 @@ ok( index( $plugin->get_plugins_opac_head, 'Koha::Plugin::Test::opac_head' ) !=
ok( index( $plugin->get_plugins_intranet_js, 'Koha::Plugin::Test::intranet_js' ) != -1, 'Test plugin intranet_js return value is part of code returned by get_plugins_intranet_js' );
ok( index( $plugin->get_plugins_intranet_head, 'Koha::Plugin::Test::intranet_head' ) != -1, 'Test plugin intranet_head return value is part of code returned by get_plugins_intranet_head' );
t::lib::Mocks::mock_preference('UseKohaPlugins',0);
t::lib::Mocks::mock_config('enable_plugins',0);
is( $plugin->get_plugins_opac_js, q{}, 'Test plugin opac_js return value is empty' );
is( $plugin->get_plugins_opac_head, q{}, 'Test plugin opac_head return value is empty' );

1
t/db_dependent/UsageStats.t

@ -474,7 +474,6 @@ sub mocking_systempreferences_to_a_set_value {
NovelistSelectEnabled
OpenLibraryCovers
OpenLibrarySearch
UseKohaPlugins
SyndeticsEnabled
TagsEnabled
CalendarFirstDayOfWeek

3
tools/stage-marc-import.pl

@ -218,8 +218,7 @@ if ($completedJobID) {
my @templates = GetModificationTemplates();
$template->param( MarcModificationTemplatesLoop => \@templates );
if ( C4::Context->preference('UseKohaPlugins') &&
C4::Context->config('enable_plugins') ) {
if ( C4::Context->config('enable_plugins') ) {
my @plugins = Koha::Plugins->new()->GetPlugins({
method => 'to_marc',

Loading…
Cancel
Save