From: Cloutier, P. (DGARI-Consultant)
<Phi...@me...> - 2017-07-26 21:53:58
|
>De : Roberto Kirschbaum [mailto:rob...@gm...] >Envoyé : 26 juillet 2017 15:34 >À : Cloutier, Philippe (DGARI-Consultant) <Phi...@me...> >Cc : CVS/SVN commits information <tik...@li...> >Objet : Re: [Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[63358] trunk/lib/core/Tiki/Command > >Thanks for your comments, Philippe. Please see my inline remarks too. > >>On Wed, Jul 26, 2017 at 12:36 PM, Cloutier, Philippe (DGARI-Consultant) <Phi...@me...> wrote: >>Thank you Roberto, >>Please see inline remarks. >> >>> -----Message d'origine----- >>> De : robertokir--- via Tikiwiki-cvs [mailto:tik...@li...] >>> Envoyé : 26 juillet 2017 11:08 >>> À : tik...@li... >>> Cc : rob...@us... >>> Objet : [Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[63358] trunk/lib/core/Tiki/Command >>> >>> Revision: 63358 >>> http://sourceforge.net/p/tikiwiki/code/63358 >>> Author: robertokir >>> Date: 2017-07-26 15:07:33 +0000 (Wed, 26 Jul 2017) >>> Log Message: >>> ----------- >>> [ENH] New console command to lock the Tiki installer: installer:lock >>> >>> Modified Paths: >>> -------------- >>> trunk/lib/core/Tiki/Command/ConsoleApplicationBuilder.php >>> >>> Added Paths: >>> ----------- >>> trunk/lib/core/Tiki/Command/LockInstallerCommand.php >>> >>> [...] >>> Added: trunk/lib/core/Tiki/Command/LockInstallerCommand.php >>> =================================================================== >>> --- trunk/lib/core/Tiki/Command/LockInstallerCommand.php (rev 0) >>> +++ trunk/lib/core/Tiki/Command/LockInstallerCommand.php 2017-07-26 15:07:33 UTC (rev >>> 63358) >>> @@ -0,0 +1,43 @@ >>> +<?php >>> +// (c) Copyright 2002-2017 by authors of the Tiki Wiki CMS Groupware Project >>> +// >>> +// All Rights Reserved. See copyright.txt for details and a complete list of authors. >>> +// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. >>> +// $Id$ >>> + >>> +namespace Tiki\Command; >>> + >>> +use Symfony\Component\Console\Command\Command; >>> +use Symfony\Component\Console\Input\InputArgument; >>> +use Symfony\Component\Console\Input\InputInterface; >>> +use Symfony\Component\Console\Input\InputOption; >>> +use Symfony\Component\Console\Output\OutputInterface; >>> + >>> +class LockInstallerCommand extends Command >>> +{ >>> + protected function configure() >>> + { >>> + $this >>> + ->setName('installer:lock') >>> + ->setDescription('Lock the Tiki installer') >>> + ->setHelp('Lock the Tiki installer so that users can\'t destroy the database >>> through the browser'); >>I don't think specifying "Tiki" is necessary. Also, the term "lock" is not super clear. Considering that even an "unlocked" installer requires authentication, I would suggest the term "disable" instead (or in addition). >> >When one deletes the db/lock file, one gets this message: "Installer not locked >The installer allows a user to change or destroy the site’s database through the browser so it is very important to keep it locked. " So I kept using the term "lock" as a matter of uniformity. I understand. I was not really saying not to use the term "lock" at all. The best might be to use "disable" in the description and "lock" in the help, for example. >> >>> + } >>> + >>> + protected function execute(InputInterface $input, OutputInterface $output) >>> + { >>> + $out = <<<LOCK >>> +This lock file was created with: >>> + >>> +php console.php installer:lock >>> + >>> +Please don't remove or rename this file as it would unlock the installer. The >>> +installer allows a user to change or destroy the site’s database through the >>> +browser so it is very important to keep it locked. >> >>I am not a fan of addressing users with "Please". I recommend explaining what happens instead ("If this file is removed or moved, the install will be re-enabled. [...]"). >Yes, maybe Please is an anglicism? English is not my native language, but it's certainly a way of talking. "Please" will be understood, it just doesn't make sense from a machine. >> >>> + >>> +LOCK; >>> + $file='db/lock'; >>> + file_put_contents($file, $out); >>> + >>> + $output->writeln("Wrote $file"); >> >>Most admins don't know what db/lock is. I think it would be clearer to report something like "Installer locked". However, success should only be reported if a check was done. In this case, file_put_contents() could return false. >> >Done! Thanks in advance >> >> >>> + } >>> +} >>> >>> >>> Property changes on: trunk/lib/core/Tiki/Command/LockInstallerCommand.php >>> ___________________________________________________________________ >>> Added: svn:keywords >>> ## -0,0 +1 ## >>> +Id >>> \ No newline at end of property >> >> >> >> >>-- >>Roberto Kirschbaum >>TACG Sistemas Web >>11-9-9661-8185 >> |