Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/v8/dev' into v9/feature/merge_v8…
Browse files Browse the repository at this point in the history 
…_03-11-2021

# Conflicts:
#	src/Umbraco.Core/Configuration/GlobalSettings.cs
#	src/Umbraco.Core/Configuration/IGlobalSettings.cs
#	src/Umbraco.Core/Constants-AppSettings.cs
#	src/Umbraco.Tests/Umbraco.Tests.csproj
#	src/Umbraco.Web.BackOffice/Controllers/BackOfficeServerVariables.cs
#	src/Umbraco.Web.UI/umbraco/config/lang/en.xml
#	src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
#	src/Umbraco.Web.UI/web.Template.config
#	src/Umbraco.Web/Editors/ContentTypeController.cs
#	src/Umbraco.Web/HealthCheck/Checks/Security/BaseHttpHeaderCheck.cs
#	tests/Umbraco.Tests.UnitTests/Umbraco.Core/Configurations/LanguageXmlTests.cs
  • Loading branch information
@bergmania
bergmania committed Nov 3, 2021
2 parents ef4a0f8 + bb323b0 commit c3ebbe2
Show file tree
Hide file tree
Showing 15 changed files with 326 additions and 43 deletions.
2 changes: 2 additions & 0 deletions build/templates/UmbracoProject/appsettings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
"CMS": {
//#if (HasNoNodesViewPath || UseHttpsRedirect)
"Global": {
"SanitizeTinyMce": true,
//#if (!HasNoNodesViewPath && UseHttpsRedirect)
"UseHttps": true
//#elseif (UseHttpsRedirect)
Expand All @@ -25,6 +26,7 @@
//#if (HasNoNodesViewPath)
"NoNodesViewPath": "NO_NODES_VIEW_PATH_FROM_TEMPLATE"
//#endif

},
//#endif
"Hosting": {
Expand Down
7 changes: 7 additions & 0 deletions src/Umbraco.Core/Configuration/Models/GlobalSettings.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,7 @@ public class GlobalSettings
internal const bool StaticDisableElectionForSingleServer = false;
internal const string StaticNoNodesViewPath = "~/umbraco/UmbracoWebsite/NoNodes.cshtml";
internal const string StaticSqlWriteLockTimeOut = "00:00:05";
internal const bool StaticSanitizeTinyMce = false;

/// <summary>
/// Gets or sets a value for the reserved URLs.
Expand Down Expand Up @@ -157,6 +158,12 @@ public class GlobalSettings
/// </summary>
public bool IsSmtpServerConfigured => !string.IsNullOrWhiteSpace(Smtp?.Host);

/// <summary>
/// Gets a value indicating whether TinyMCE scripting sanitization should be applied
/// </summary>
[DefaultValue(StaticSanitizeTinyMce)]
public bool SanitizeTinyMce => StaticSanitizeTinyMce;

/// <summary>
/// An int value representing the time in milliseconds to lock the database for a write operation
/// </summary>
Expand Down
2 changes: 1 addition & 1 deletion src/Umbraco.Core/HealthChecks/Checks/Security/BaseHttpHeaderCheck.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,7 @@ protected async Task<HealthCheckStatus> CheckForHeader()
var success = false;

// Access the site home page and check for the click-jack protection header or meta tag
Uri url = _hostingEnvironment.ApplicationMainUrl;
var url = _hostingEnvironment.ApplicationMainUrl.GetLeftPart(UriPartial.Authority);

try
{
Expand Down
16 changes: 8 additions & 8 deletions src/Umbraco.Infrastructure/Search/UmbracoTreeSearcherFields.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,28 +23,28 @@ public UmbracoTreeSearcherFields(ILocalizationService localizationService)
}

/// <inheritdoc />
public IEnumerable<string> GetBackOfficeFields() => _backOfficeFields;
public virtual IEnumerable<string> GetBackOfficeFields() => _backOfficeFields;

/// <inheritdoc />
public IEnumerable<string> GetBackOfficeMembersFields() => _backOfficeMembersFields;
public virtual IEnumerable<string> GetBackOfficeMembersFields() => _backOfficeMembersFields;

/// <inheritdoc />
public IEnumerable<string> GetBackOfficeMediaFields() => _backOfficeMediaFields;
public virtual IEnumerable<string> GetBackOfficeMediaFields() => _backOfficeMediaFields;

/// <inheritdoc />
public IEnumerable<string> GetBackOfficeDocumentFields() => Enumerable.Empty<string>();
public virtual IEnumerable<string> GetBackOfficeDocumentFields() => Enumerable.Empty<string>();

/// <inheritdoc />
public ISet<string> GetBackOfficeFieldsToLoad() => _backOfficeFieldsToLoad;
public virtual ISet<string> GetBackOfficeFieldsToLoad() => _backOfficeFieldsToLoad;

/// <inheritdoc />
public ISet<string> GetBackOfficeMembersFieldsToLoad() => _backOfficeMembersFieldsToLoad;
public virtual ISet<string> GetBackOfficeMembersFieldsToLoad() => _backOfficeMembersFieldsToLoad;

/// <inheritdoc />
public ISet<string> GetBackOfficeMediaFieldsToLoad() => _backOfficeMediaFieldsToLoad;
public virtual ISet<string> GetBackOfficeMediaFieldsToLoad() => _backOfficeMediaFieldsToLoad;

/// <inheritdoc />
public ISet<string> GetBackOfficeDocumentFieldsToLoad()
public virtual ISet<string> GetBackOfficeDocumentFieldsToLoad()
{
var fields = _backOfficeDocumentFieldsToLoad;

Expand Down
1 change: 1 addition & 0 deletions src/Umbraco.Web.BackOffice/Controllers/BackOfficeServerVariables.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -413,6 +413,7 @@ internal async Task<Dictionary<string, object>> GetServerVariablesAsync()
{"showAllowSegmentationForDocumentTypes", false},
{"minimumPasswordLength", _memberPasswordConfigurationSettings.RequiredLength},
{"minimumPasswordNonAlphaNum", _memberPasswordConfigurationSettings.GetMinNonAlphaNumericChars()},
{"sanitizeTinyMce", _globalSettings.SanitizeTinyMce}
}
},
{
Expand Down
44 changes: 26 additions & 18 deletions src/Umbraco.Web.BackOffice/Controllers/ContentTypeController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -590,35 +590,43 @@ public ActionResult<ContentTypeImportModel> Upload(List<IFormFile> file)

var root = _hostingEnvironment.MapPathContentRoot(Constants.SystemDirectories.TempFileUploads);
var tempPath = Path.Combine(root,fileName);

using (var stream = System.IO.File.Create(tempPath))
{
formFile.CopyToAsync(stream).GetAwaiter().GetResult();
}

if (ext.InvariantEquals("udt"))
if (Path.GetFullPath(tempPath).StartsWith(Path.GetFullPath(root)))
{
model.TempFileName = Path.Combine(root, fileName);
using (var stream = System.IO.File.Create(tempPath))
{
formFile.CopyToAsync(stream).GetAwaiter().GetResult();
}

var xd = new XmlDocument
if (ext.InvariantEquals("udt"))
{
XmlResolver = null
};
xd.Load(model.TempFileName);
model.TempFileName = Path.Combine(root, fileName);

var xd = new XmlDocument
{
XmlResolver = null
};
xd.Load(model.TempFileName);

model.Alias = xd.DocumentElement?.SelectSingleNode("//DocumentType/Info/Alias")?.FirstChild.Value;
model.Name = xd.DocumentElement?.SelectSingleNode("//DocumentType/Info/Name")?.FirstChild.Value;
model.Alias = xd.DocumentElement?.SelectSingleNode("//DocumentType/Info/Alias")?.FirstChild.Value;
model.Name = xd.DocumentElement?.SelectSingleNode("//DocumentType/Info/Name")?.FirstChild.Value;
}
else
{
model.Notifications.Add(new BackOfficeNotification(
_localizedTextService.Localize("speechBubbles","operationFailedHeader"),
_localizedTextService.Localize("media","disallowedFileType"),
NotificationStyle.Warning));
}
}
else
{
model.Notifications.Add(new BackOfficeNotification(
_localizedTextService.Localize("speechBubbles","operationFailedHeader"),
_localizedTextService.Localize("media","disallowedFileType"),
_localizedTextService.Localize("speechBubbles", "operationFailedHeader"),
_localizedTextService.Localize("media", "invalidFileName"),
NotificationStyle.Warning));
}
}


}

return model;

Expand Down
134 changes: 134 additions & 0 deletions src/Umbraco.Web.UI.Client/src/common/services/overlay.service.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,58 @@

var currentOverlay = null;

/**
* @ngdoc method
* @name umbraco.services.overlayService#open
* @methodOf umbraco.services.overlayService
*
* @description
* Opens a new overlay.
*
* @param {object} overlay The rendering options for the overlay.
* @param {string=} overlay.view The URL to the view. Defaults to `views/common/overlays/default/default.html` if nothing is specified.
* @param {string=} overlay.position The alias of the position of the overlay. Defaults to `center`.
*
* Custom positions can be added by adding a CSS rule for the the underlying CSS rule. Eg. for the position `center`, the corresponding `umb-overlay-center` CSS rule is defined as:
*
* <pre>
* .umb-overlay.umb-overlay-center {
* position: absolute;
* width: 600px;
* height: auto;
* top: 50%;
* left: 50%;
* transform: translate(-50%,-50%);
* border-radius: 3px;
* }
* </pre>
* @param {string=} overlay.size Sets an alias for the size of the overlay to be opened. If set to `small` (default), an `umb-overlay--small` class name will be appended the the class list of the main overlay element in the DOM.
*
* Umbraco does not support any more sizes by default, but if you wish to introduce a `medium` size, you could do so by adding a CSS rule simlar to:
*
* <pre>
* .umb-overlay-center.umb-overlay--medium {
* width: 800px;
* }
* </pre>
* @param {booean=} overlay.disableBackdropClick A boolean value indicating whether the click event on the backdrop should be disabled.
* @param {string=} overlay.title The overall title of the overlay. The title will be omitted if not specified.
* @param {string=} overlay.subtitle The sub title of the overlay. The sub title will be omitted if not specified.
* @param {object=} overlay.itemDetails An item that will replace the header of the overlay.
* @param {string=} overlay.itemDetails.icon The icon of the item - eg. `icon-book`.
* @param {string=} overlay.itemDetails.title The title of the item.
* @param {string=} overlay.itemDetails.description Sets the description of the item. *
* @param {string=} overlay.submitButtonLabel The label of the submit button. To support localized values, it's recommended to use the `submitButtonLabelKey` instead.
* @param {string=} overlay.submitButtonLabelKey The key to be used for the submit button label. Defaults to `general_submit` if not specified.
* @param {string=} overlay.submitButtonState The state of the submit button. Possible values are inherited from the [umbButton directive](#/api/umbraco.directives.directive:umbButton) and are `init`, `busy", `success`, `error`.
* @param {string=} overlay.submitButtonStyle The styling of the submit button. Possible values are inherited from the [umbButton directive](#/api/umbraco.directives.directive:umbButton) and are `primary`, `info`, `success`, `warning`, `danger`, `inverse`, `link` and `block`. Defaults to `success` if not specified specified.
* @param {string=} overlay.hideSubmitButton A boolean value indicating whether the submit button should be hidden. Default is `false`.
* @param {string=} overlay.disableSubmitButton A boolean value indicating whether the submit button should be disabled, preventing the user from submitting the overlay. Default is `false`.
* @param {string=} overlay.closeButtonLabel The label of the close button. To support localized values, it's recommended to use the `closeButtonLabelKey` instead.
* @param {string=} overlay.closeButtonLabelKey The key to be used for the close button label. Defaults to `general_close` if not specified.
* @param {string=} overlay.submit A callback function that is invoked when the user submits the overlay.
* @param {string=} overlay.close A callback function that is invoked when the user closes the overlay.
*/
function open(newOverlay) {

// prevent two open overlays at the same time
Expand Down Expand Up @@ -49,6 +101,14 @@
eventsService.emit("appState.overlay", overlay);
}

/**
* @ngdoc method
* @name umbraco.services.overlayService#close
* @methodOf umbraco.services.overlayService
*
* @description
* Closes the current overlay.
*/
function close() {
focusLockService.removeInertAttribute();

Expand All @@ -61,6 +121,16 @@
eventsService.emit("appState.overlay", null);
}

/**
* @ngdoc method
* @name umbraco.services.overlayService#ysod
* @methodOf umbraco.services.overlayService
*
* @description
* Opens a new overlay with an error message.
*
* @param {object} error The error to be shown.
*/
function ysod(error) {
const overlay = {
view: "views/common/overlays/ysod/ysod.html",
Expand All @@ -72,6 +142,36 @@
open(overlay);
}

/**
* @ngdoc method
* @name umbraco.services.overlayService#confirm
* @methodOf umbraco.services.overlayService
*
* @description
* Opens a new overlay prompting the user to confirm the overlay.
*
* @param {object} overlay The options for the overlay.
* @param {string=} overlay.confirmType The type of the confirm dialog, which helps define standard styling and labels of the overlay. Supported values are `delete` and `remove`.
* @param {string=} overlay.closeButtonLabelKey The key to be used for the cancel button label. Defaults to `general_cancel` if not specified.
* @param {string=} overlay.view The URL to the view. Defaults to `views/common/overlays/confirm/confirm.html` if nothing is specified.
* @param {string=} overlay.confirmMessageStyle The styling of the confirm message. If `overlay.confirmType` is `delete`, the fallback value is `danger` - otherwise a message style isn't explicitly specified.
* @param {string=} overlay.submitButtonStyle The styling of the confirm button. Possible values are inherited from the [umbButton directive](#/api/umbraco.directives.directive:umbButton) and are `primary`, `info`, `success`, `warning`, `danger`, `inverse`, `link` and `block`.
*
* If not specified, the fallback value depends on the value specified for the `overlay.confirmType` parameter:
*
* - `delete`: fallback key is `danger`
* - `remove`: fallback key is `primary`
* - anything else: no fallback AKA default button style
* @param {string=} overlay.submitButtonLabelKey The key to be used for the confirm button label.
*
* If not specified, the fallback value depends on the value specified for the `overlay.confirmType` parameter:
*
* - `delete`: fallback key is `actions_delete`
* - `remove`: fallback key is `actions_remove`
* - anything else: fallback is `general_confirm`
* @param {function=} overlay.close A callback function that is invoked when the user closes the overlay.
* @param {function=} overlay.submit A callback function that is invoked when the user confirms the overlay.
*/
function confirm(overlay) {

if (!overlay.closeButtonLabelKey) overlay.closeButtonLabelKey = "general_cancel";
Expand Down Expand Up @@ -99,11 +199,45 @@
open(overlay);
}

/**
* @ngdoc method
* @name umbraco.services.overlayService#confirmDelete
* @methodOf umbraco.services.overlayService
*
* @description
* Opens a new overlay prompting the user to confirm the overlay. The overlay will have styling and labels useful for when the user needs to confirm a delete action.
*
* @param {object} overlay The options for the overlay.
* @param {string=} overlay.closeButtonLabelKey The key to be used for the cancel button label. Defaults to `general_cancel` if not specified.
* @param {string=} overlay.view The URL to the view. Defaults to `views/common/overlays/confirm/confirm.html` if nothing is specified.
* @param {string=} overlay.confirmMessageStyle The styling of the confirm message. Defaults to `delete` if not specified specified.
* @param {string=} overlay.submitButtonStyle The styling of the confirm button. Possible values are inherited from the [umbButton directive](#/api/umbraco.directives.directive:umbButton) and are `primary`, `info`, `success`, `warning`, `danger`, `inverse`, `link` and `block`. Defaults to `danger` if not specified specified.
* @param {string=} overlay.submitButtonLabelKey The key to be used for the confirm button label. Defaults to `actions_delete` if not specified.
* @param {function=} overlay.close A callback function that is invoked when the user closes the overlay.
* @param {function=} overlay.submit A callback function that is invoked when the user confirms the overlay.
*/
function confirmDelete(overlay) {
overlay.confirmType = "delete";
confirm(overlay);
}

/**
* @ngdoc method
* @name umbraco.services.overlayService#confirmRemove
* @methodOf umbraco.services.overlayService
*
* @description
* Opens a new overlay prompting the user to confirm the overlay. The overlay will have styling and labels useful for when the user needs to confirm a remove action.
*
* @param {object} overlay The options for the overlay.
* @param {string=} overlay.closeButtonLabelKey The key to be used for the cancel button label. Defaults to `general_cancel` if not specified.
* @param {string=} overlay.view The URL to the view. Defaults to `views/common/overlays/confirm/confirm.html` if nothing is specified.
* @param {string=} overlay.confirmMessageStyle The styling of the confirm message - eg. `danger`.
* @param {string=} overlay.submitButtonStyle The styling of the confirm button. Possible values are inherited from the [umbButton directive](#/api/umbraco.directives.directive:umbButton) and are `primary`, `info`, `success`, `warning`, `danger`, `inverse`, `link` and `block`. Defaults to `primary` if not specified specified.
* @param {string=} overlay.submitButtonLabelKey The key to be used for the confirm button label. Defaults to `actions_remove` if not specified.
* @param {function=} overlay.close A callback function that is invoked when the user closes the overlay.
* @param {function=} overlay.submit A callback function that is invoked when the user confirms the overlay.
*/
function confirmRemove(overlay) {
overlay.confirmType = "remove";
confirm(overlay);
Expand Down
Loading

0 comments on commit c3ebbe2

Please sign in to comment.