From 21c9b685bfdb255a872ce27d4e0570673d0de8e7 Mon Sep 17 00:00:00 2001 From: Fridolin Somers Date: Thu, 19 Mar 2020 17:22:30 +0300 Subject: [PATCH] Bug 20415: Remove UseKohaPlugins system preference Owen Leonard 2018-03-16 10:47:47 UTC : << I don't think the system preference adds any security. There are already multiple permissions required for working with plugins: - Configure plugins - Manage plugins ( install / uninstall ) - Use report plugins - Use tool plugins And even with those permissions your server must be configured to allow the use of plugins. >> Test plan : 1) Install kitchen sink plugin https://github.com/bywatersolutions/koha-plugin-kitchen-sink 2) Run misc/devel/install_plugins.pl 3) Set config enable_plugins=1 4) Check all parts of the plugin are working 5) Set config enable_plugins=0 6) Check all parts of the plugin are disabled Signed-off-by: Bernardo Gonzalez Kriegel Signed-off-by: Kyle M Hall Signed-off-by: Martin Renvoize --- C4/Auth.pm | 1 - C4/Biblio.pm | 2 +- C4/UsageStats.pm | 1 - Koha/Item.pm | 2 +- Koha/Patron.pm | 7 ++----- Koha/REST/Plugin/PluginRoutes.pm | 3 +-- Koha/REST/V1/Static.pm | 3 +-- Koha/Template/Plugin/KohaPlugins.pm | 12 ++++-------- admin/admin-home.pl | 2 +- admin/edi_accounts.pl | 5 +---- catalogue/detail.pl | 3 +-- installer/data/mysql/atomicupdate/bug_20415.sql | 1 + installer/data/mysql/sysprefs.sql | 1 - .../modules/admin/preferences/enhanced_content.pref | 7 ------- misc/devel/install_plugins.pl | 4 +--- opac/opac-account.pl | 3 +-- plugins/plugins-enable.pl | 3 +-- plugins/plugins-home.pl | 2 +- plugins/plugins-uninstall.pl | 3 +-- plugins/plugins-upload.pl | 2 +- plugins/run.pl | 2 +- t/db_dependent/ImportBatch.t | 1 - .../Koha/Plugins/Biblio_and_Items_plugin_hooks.t | 1 - t/db_dependent/Koha/Plugins/Patron.t | 1 - t/db_dependent/Koha/REST/Plugin/PluginRoutes.t | 2 -- t/db_dependent/Koha/Template/Plugin/KohaPlugins.t | 2 -- t/db_dependent/UsageStats.t | 1 - tools/stage-marc-import.pl | 3 +-- 28 files changed, 22 insertions(+), 58 deletions(-) create mode 100644 installer/data/mysql/atomicupdate/bug_20415.sql diff --git a/C4/Auth.pm b/C4/Auth.pm index f3089f2ac9..dc83ac4ea0 100644 --- a/C4/Auth.pm +++ b/C4/Auth.pm @@ -506,7 +506,6 @@ sub get_template_and_user { OPACLocalCoverImages => C4::Context->preference('OPACLocalCoverImages'), AllowMultipleCovers => C4::Context->preference('AllowMultipleCovers'), EnableBorrowerFiles => C4::Context->preference('EnableBorrowerFiles'), - UseKohaPlugins => C4::Context->preference('UseKohaPlugins'), UseCourseReserves => C4::Context->preference("UseCourseReserves"), useDischarge => C4::Context->preference('useDischarge'), pending_checkout_notes => scalar Koha::Checkouts->search({ noteseen => 0 }), diff --git a/C4/Biblio.pm b/C4/Biblio.pm index 1f00ac8210..d8a96a6062 100644 --- a/C4/Biblio.pm +++ b/C4/Biblio.pm @@ -3448,7 +3448,7 @@ sub _after_biblio_action_hooks { my $biblio_id = $args->{biblio_id}; my $action = $args->{action}; - if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) { + if ( C4::Context->config("enable_plugins") ) { my @plugins = Koha::Plugins->new->GetPlugins({ method => 'after_biblio_action', diff --git a/C4/UsageStats.pm b/C4/UsageStats.pm index 5cb1361314..55854366e9 100644 --- a/C4/UsageStats.pm +++ b/C4/UsageStats.pm @@ -213,7 +213,6 @@ sub BuildReport { NovelistSelectEnabled OpenLibraryCovers OpenLibrarySearch - UseKohaPlugins SyndeticsEnabled TagsEnabled CalendarFirstDayOfWeek diff --git a/Koha/Item.pm b/Koha/Item.pm index 567a294911..af86f45378 100644 --- a/Koha/Item.pm +++ b/Koha/Item.pm @@ -807,7 +807,7 @@ sub _after_item_action_hooks { my $action = $params->{action}; - if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) { + if ( C4::Context->config("enable_plugins") ) { my @plugins = Koha::Plugins->new->GetPlugins({ method => 'after_item_action', diff --git a/Koha/Patron.pm b/Koha/Patron.pm index b8792861df..9948f8c35c 100644 --- a/Koha/Patron.pm +++ b/Koha/Patron.pm @@ -230,10 +230,7 @@ sub store { $self->privacy($default_privacy); # Call any check_password plugins if password is passed - if ( C4::Context->preference('UseKohaPlugins') - && C4::Context->config("enable_plugins") - && $self->password ) - { + if ( C4::Context->config("enable_plugins") && $self->password ) { my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'check_password', }); @@ -749,7 +746,7 @@ sub set_password { } } - if ( C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins") ) { + if ( C4::Context->config("enable_plugins") ) { # Call any check_password plugins my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'check_password', diff --git a/Koha/REST/Plugin/PluginRoutes.pm b/Koha/REST/Plugin/PluginRoutes.pm index 71cfebd5e5..5247373f52 100644 --- a/Koha/REST/Plugin/PluginRoutes.pm +++ b/Koha/REST/Plugin/PluginRoutes.pm @@ -45,8 +45,7 @@ sub register { my @plugins; - if ( C4::Context->preference('UseKohaPlugins') - && C4::Context->config("enable_plugins") ) + if ( C4::Context->config("enable_plugins") ) { # plugin needs to define a namespace @plugins = Koha::Plugins->new()->GetPlugins( diff --git a/Koha/REST/V1/Static.pm b/Koha/REST/V1/Static.pm index 60fee5c30a..930d88f3a5 100644 --- a/Koha/REST/V1/Static.pm +++ b/Koha/REST/V1/Static.pm @@ -35,8 +35,7 @@ sub get { my $self = shift; my $c = $self->openapi->valid_input or return; - if ( C4::Context->preference('UseKohaPlugins') - && C4::Context->config("enable_plugins") ) + if ( C4::Context->config("enable_plugins") ) { my $path = $c->req->url->path->leading_slash(1); diff --git a/Koha/Template/Plugin/KohaPlugins.pm b/Koha/Template/Plugin/KohaPlugins.pm index b1ebe7f43c..798e648a17 100644 --- a/Koha/Template/Plugin/KohaPlugins.pm +++ b/Koha/Template/Plugin/KohaPlugins.pm @@ -47,8 +47,7 @@ to output to the head section of opac pages. =cut sub get_plugins_opac_head { - return q{} - unless C4::Context->preference('UseKohaPlugins'); + return q{} unless C4::Context->config("enable_plugins"); my $p = Koha::Plugins->new(); @@ -75,8 +74,7 @@ to output to the javascript section of at the bottom of opac pages. =cut sub get_plugins_opac_js { - return q{} - unless C4::Context->preference('UseKohaPlugins'); + return q{} unless C4::Context->config("enable_plugins"); my $p = Koha::Plugins->new(); @@ -103,8 +101,7 @@ to output to the head section of intranet pages. =cut sub get_plugins_intranet_head { - return q{} - unless C4::Context->preference('UseKohaPlugins'); + return q{} unless C4::Context->config("enable_plugins"); my $p = Koha::Plugins->new(); @@ -131,8 +128,7 @@ to output to the javascript section of at the bottom of intranet pages. =cut sub get_plugins_intranet_js { - return q{} - unless C4::Context->preference('UseKohaPlugins'); + return q{} unless C4::Context->config("enable_plugins"); my $p = Koha::Plugins->new(); diff --git a/admin/admin-home.pl b/admin/admin-home.pl index f6a7b23ac1..f6d609fb45 100755 --- a/admin/admin-home.pl +++ b/admin/admin-home.pl @@ -24,7 +24,7 @@ use Koha::Plugins; my $query = new CGI; -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); +my $plugins_enabled = C4::Context->config("enable_plugins"); my $mana_url = C4::Context->config('mana_config'); my ( $template, $loggedinuser, $cookie ) = get_template_and_user( diff --git a/admin/edi_accounts.pl b/admin/edi_accounts.pl index ea3ce65b54..c4aba0f3d4 100755 --- a/admin/edi_accounts.pl +++ b/admin/edi_accounts.pl @@ -52,10 +52,7 @@ if ( $op eq 'acct_form' ) { ); $template->param( vendors => \@vendors ); - my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); - $template->param( plugins_enabled => $plugins_enabled ); - - if ( $plugins_enabled ) { + if ( C4::Context->config("enable_plugins") ) { my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'edifact', }); diff --git a/catalogue/detail.pl b/catalogue/detail.pl index 89ae2689dd..85782ecc71 100755 --- a/catalogue/detail.pl +++ b/catalogue/detail.pl @@ -64,8 +64,7 @@ my ( $template, $borrowernumber, $cookie, $flags ) = get_template_and_user( ); # Determine if we should be offering any enhancement plugin buttons -if ( C4::Context->preference('UseKohaPlugins') && - C4::Context->config('enable_plugins') ) { +if ( C4::Context->config('enable_plugins') ) { # Only pass plugins that can offer a toolbar button my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'intranet_catalog_biblio_enhancements_toolbar_button' diff --git a/installer/data/mysql/atomicupdate/bug_20415.sql b/installer/data/mysql/atomicupdate/bug_20415.sql new file mode 100644 index 0000000000..f1bb79bd59 --- /dev/null +++ b/installer/data/mysql/atomicupdate/bug_20415.sql @@ -0,0 +1 @@ +DELETE FROM systempreferences WHERE variable='UseKohaPlugins'; \ No newline at end of file diff --git a/installer/data/mysql/sysprefs.sql b/installer/data/mysql/sysprefs.sql index 6eeff845d1..0313824cb3 100644 --- a/installer/data/mysql/sysprefs.sql +++ b/installer/data/mysql/sysprefs.sql @@ -674,7 +674,6 @@ INSERT INTO systempreferences ( `variable`, `value`, `options`, `explanation`, ` ('useDischarge','','','Allows librarians to discharge borrowers and borrowers to request a discharge','YesNo'), ('UseEmailReceipts','0','','Send email receipts for payments and write-offs','YesNo'), ('UseICU','0','1','Tell Koha if ICU indexing is in use for Zebra or not.','YesNo'), -('UseKohaPlugins','0','','Enable or disable the ability to use Koha Plugins.','YesNo'), ('UseTransportCostMatrix','0','','Use Transport Cost Matrix when filling holds','YesNo'), ('UseWYSIWYGinSystemPreferences','0','','Show WYSIWYG editor when editing certain HTML system preferences.','YesNo'), ('viewISBD','1','','Allow display of ISBD view of bibiographic records','YesNo'), diff --git a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref index 033c048777..fc47dcaaa9 100644 --- a/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref +++ b/koha-tmpl/intranet-tmpl/prog/en/modules/admin/preferences/enhanced_content.pref @@ -349,13 +349,6 @@ Enhanced Content: yes: "Embed" no: "Don't embed" - YouTube links as videos. - Plugins: - - - - pref: UseKohaPlugins - choices: - yes: Enable - no: "Don't enable" - - the ability to use Koha Plugins. Note, the plugin system must also be enabled in the Koha configuration file to be fully enabled. OverDrive: - - Include OverDrive availability information with the client key diff --git a/misc/devel/install_plugins.pl b/misc/devel/install_plugins.pl index 69dd99e544..073ddbbb1c 100755 --- a/misc/devel/install_plugins.pl +++ b/misc/devel/install_plugins.pl @@ -31,9 +31,7 @@ GetOptions( 'help|?' => \$help ); pod2usage(1) if $help; -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') - && C4::Context->config("enable_plugins"); -unless ($plugins_enabled) { +unless ( C4::Context->config("enable_plugins") ) { print "The plugin system must be enabled for one to be able to install plugins\n"; exit 1; diff --git a/opac/opac-account.pl b/opac/opac-account.pl index 8ba2ba33f8..c5a149dfff 100755 --- a/opac/opac-account.pl +++ b/opac/opac-account.pl @@ -84,8 +84,7 @@ $template->param( payment_error => scalar $query->param('payment-error') || q{}, ); -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); -if ( $plugins_enabled ) { +if ( C4::Context->config("enable_plugins") ) { my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'opac_online_payment', }); diff --git a/plugins/plugins-enable.pl b/plugins/plugins-enable.pl index 30d1e3eaad..9e7714c3da 100755 --- a/plugins/plugins-enable.pl +++ b/plugins/plugins-enable.pl @@ -23,8 +23,7 @@ use C4::Context; use C4::Auth qw(check_cookie_auth); use Koha::Plugins::Handler; -die("Koha plugins are disabled!") - unless C4::Context->preference('UseKohaPlugins'); +die("Koha plugins are disabled!") unless C4::Context->config("enable_plugins"); my $input = new CGI; diff --git a/plugins/plugins-home.pl b/plugins/plugins-home.pl index 0e7de024c5..f376e17d08 100755 --- a/plugins/plugins-home.pl +++ b/plugins/plugins-home.pl @@ -30,7 +30,7 @@ use C4::Output; use C4::Debug; use C4::Context; -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); +my $plugins_enabled = C4::Context->config("enable_plugins"); my $input = new CGI; my $method = $input->param('method'); diff --git a/plugins/plugins-uninstall.pl b/plugins/plugins-uninstall.pl index 16138e8288..39334b26a5 100755 --- a/plugins/plugins-uninstall.pl +++ b/plugins/plugins-uninstall.pl @@ -29,8 +29,7 @@ use C4::Members; use C4::Debug; use Koha::Plugins::Handler; -die("Koha plugins are disabled!") - unless C4::Context->preference('UseKohaPlugins'); +die("Koha plugins are disabled!") unless C4::Context->config("enable_plugins"); my $input = new CGI; diff --git a/plugins/plugins-upload.pl b/plugins/plugins-upload.pl index 90b8730406..c4e8a204d0 100755 --- a/plugins/plugins-upload.pl +++ b/plugins/plugins-upload.pl @@ -31,7 +31,7 @@ use C4::Members; use C4::Debug; use Koha::Plugins; -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); +my $plugins_enabled = C4::Context->config("enable_plugins"); my $input = new CGI; diff --git a/plugins/run.pl b/plugins/run.pl index da265de1fd..54bdf840b3 100755 --- a/plugins/run.pl +++ b/plugins/run.pl @@ -27,7 +27,7 @@ use C4::Output; use C4::Debug; use C4::Context; -my $plugins_enabled = C4::Context->preference('UseKohaPlugins') && C4::Context->config("enable_plugins"); +my $plugins_enabled = C4::Context->config("enable_plugins"); my $cgi = new CGI; diff --git a/t/db_dependent/ImportBatch.t b/t/db_dependent/ImportBatch.t index c9d24b8789..f437edc39b 100644 --- a/t/db_dependent/ImportBatch.t +++ b/t/db_dependent/ImportBatch.t @@ -190,7 +190,6 @@ subtest "RecordsFromMarcPlugin" => sub { close $fh; t::lib::Mocks::mock_config( 'enable_plugins', 1 ); - t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); my $plugins = Koha::Plugins->new; $plugins->InstallPlugins; diff --git a/t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t b/t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t index 18a138c778..bfc83b3f16 100755 --- a/t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t +++ b/t/db_dependent/Koha/Plugins/Biblio_and_Items_plugin_hooks.t @@ -39,7 +39,6 @@ BEGIN { my $schema = Koha::Database->new->schema; my $builder = t::lib::TestBuilder->new; -t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); t::lib::Mocks::mock_config( 'enable_plugins', 1 ); subtest 'after_biblio_action() and after_item_action() hooks tests' => sub { diff --git a/t/db_dependent/Koha/Plugins/Patron.t b/t/db_dependent/Koha/Plugins/Patron.t index b3378974ae..22bf9b2210 100644 --- a/t/db_dependent/Koha/Plugins/Patron.t +++ b/t/db_dependent/Koha/Plugins/Patron.t @@ -40,7 +40,6 @@ BEGIN { my $schema = Koha::Database->new->schema; my $builder = t::lib::TestBuilder->new; -t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); t::lib::Mocks::mock_config( 'enable_plugins', 1 ); subtest 'check_password hook tests' => sub { diff --git a/t/db_dependent/Koha/REST/Plugin/PluginRoutes.t b/t/db_dependent/Koha/REST/Plugin/PluginRoutes.t index 278137fda0..6ebe67b27a 100644 --- a/t/db_dependent/Koha/REST/Plugin/PluginRoutes.t +++ b/t/db_dependent/Koha/REST/Plugin/PluginRoutes.t @@ -48,7 +48,6 @@ subtest 'Bad plugins tests' => sub { # enable plugins t::lib::Mocks::mock_config( 'enable_plugins', 1 ); - t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); # remove any existing plugins that might interfere Koha::Plugins::Methods->search->delete; @@ -84,7 +83,6 @@ subtest 'Disabled plugins tests' => sub { # enable plugins t::lib::Mocks::mock_config( 'enable_plugins', 1 ); - t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); my $good_plugin; diff --git a/t/db_dependent/Koha/Template/Plugin/KohaPlugins.t b/t/db_dependent/Koha/Template/Plugin/KohaPlugins.t index f0ff5b39b5..22cf7651f4 100755 --- a/t/db_dependent/Koha/Template/Plugin/KohaPlugins.t +++ b/t/db_dependent/Koha/Template/Plugin/KohaPlugins.t @@ -24,7 +24,6 @@ BEGIN { use_ok('Koha::Plugin::Test'); } -t::lib::Mocks::mock_preference( 'UseKohaPlugins', 1 ); t::lib::Mocks::mock_config( 'enable_plugins', 1 ); my $schema = Koha::Database->new->schema; @@ -53,7 +52,6 @@ ok( index( $plugin->get_plugins_opac_head, 'Koha::Plugin::Test::opac_head' ) != ok( index( $plugin->get_plugins_intranet_js, 'Koha::Plugin::Test::intranet_js' ) != -1, 'Test plugin intranet_js return value is part of code returned by get_plugins_intranet_js' ); ok( index( $plugin->get_plugins_intranet_head, 'Koha::Plugin::Test::intranet_head' ) != -1, 'Test plugin intranet_head return value is part of code returned by get_plugins_intranet_head' ); -t::lib::Mocks::mock_preference('UseKohaPlugins',0); t::lib::Mocks::mock_config('enable_plugins',0); is( $plugin->get_plugins_opac_js, q{}, 'Test plugin opac_js return value is empty' ); is( $plugin->get_plugins_opac_head, q{}, 'Test plugin opac_head return value is empty' ); diff --git a/t/db_dependent/UsageStats.t b/t/db_dependent/UsageStats.t index 9241b27b58..7aab6e385a 100644 --- a/t/db_dependent/UsageStats.t +++ b/t/db_dependent/UsageStats.t @@ -474,7 +474,6 @@ sub mocking_systempreferences_to_a_set_value { NovelistSelectEnabled OpenLibraryCovers OpenLibrarySearch - UseKohaPlugins SyndeticsEnabled TagsEnabled CalendarFirstDayOfWeek diff --git a/tools/stage-marc-import.pl b/tools/stage-marc-import.pl index d76c35ac18..78424bbc6f 100755 --- a/tools/stage-marc-import.pl +++ b/tools/stage-marc-import.pl @@ -218,8 +218,7 @@ if ($completedJobID) { my @templates = GetModificationTemplates(); $template->param( MarcModificationTemplatesLoop => \@templates ); - if ( C4::Context->preference('UseKohaPlugins') && - C4::Context->config('enable_plugins') ) { + if ( C4::Context->config('enable_plugins') ) { my @plugins = Koha::Plugins->new()->GetPlugins({ method => 'to_marc', -- 2.39.5