From f197a243b57cbb6c3fec185b1b88b668e82f24d9 Mon Sep 17 00:00:00 2001 From: Matthias Schmidt Date: Sat, 17 Aug 2019 18:00:54 +0200 Subject: [PATCH] Support disallowed bbcodes in wysiwyg form builder field Close #3022 --- com.woltlab.wcf/objectType.xml | 3 + .../field/wysiwyg/WysiwygFormField.class.php | 58 +++++++++++++++---- ...ectTypePackageInstallationPlugin.class.php | 33 ++++++++++- wcfsetup/install/lang/de.xml | 3 + wcfsetup/install/lang/en.xml | 3 + 5 files changed, 86 insertions(+), 14 deletions(-) diff --git a/com.woltlab.wcf/objectType.xml b/com.woltlab.wcf/objectType.xml index d0da57fbcd..fa07ea4b5b 100644 --- a/com.woltlab.wcf/objectType.xml +++ b/com.woltlab.wcf/objectType.xml @@ -135,6 +135,7 @@ com.woltlab.wcf.user.signature com.woltlab.wcf.message + user.signature.disallowedBBCodes com.woltlab.wcf.user.signature @@ -144,10 +145,12 @@ com.woltlab.wcf.comment com.woltlab.wcf.message + user.comment.disallowedBBCodes com.woltlab.wcf.comment.response com.woltlab.wcf.message + user.comment.disallowedBBCodes com.woltlab.wcf.paidSubscription diff --git a/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygFormField.class.php b/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygFormField.class.php index 040cc89159..cb7b0efe5c 100644 --- a/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygFormField.class.php +++ b/wcfsetup/install/files/lib/system/form/builder/field/wysiwyg/WysiwygFormField.class.php @@ -2,6 +2,7 @@ namespace wcf\system\form\builder\field\wysiwyg; use wcf\data\IMessageQuoteAction; use wcf\data\object\type\ObjectTypeCache; +use wcf\system\bbcode\BBCodeHandler; use wcf\system\form\builder\data\processor\CustomFormDataProcessor; use wcf\system\form\builder\field\AbstractFormField; use wcf\system\form\builder\field\IMaximumLengthFormField; @@ -15,6 +16,7 @@ use wcf\system\form\builder\TObjectTypeFormNode; use wcf\system\html\input\HtmlInputProcessor; use wcf\system\message\censorship\Censorship; use wcf\system\message\quote\MessageQuoteManager; +use wcf\system\WCF; use wcf\util\StringUtil; /** @@ -115,6 +117,17 @@ class WysiwygFormField extends AbstractFormField implements IMaximumLengthFormFi MessageQuoteManager::getInstance()->assignVariables(); } + /** @noinspection PhpUndefinedFieldInspection */ + $disallowedBBCodesPermission = $this->getObjectType()->disallowedBBCodesPermission; + if ($disallowedBBCodesPermission === null) { + $disallowedBBCodesPermission = 'user.message.disallowedBBCodes'; + } + + BBCodeHandler::getInstance()->setDisallowedBBCodes(explode( + ',', + WCF::getSession()->getPermission($disallowedBBCodesPermission) + )); + return parent::getHtml(); } @@ -345,6 +358,17 @@ class WysiwygFormField extends AbstractFormField implements IMaximumLengthFormFi * @inheritDoc */ public function validate() { + /** @noinspection PhpUndefinedFieldInspection */ + $disallowedBBCodesPermission = $this->getObjectType()->disallowedBBCodesPermission; + if ($disallowedBBCodesPermission === null) { + $disallowedBBCodesPermission = 'user.message.disallowedBBCodes'; + } + + BBCodeHandler::getInstance()->setDisallowedBBCodes(explode( + ',', + WCF::getSession()->getPermission($disallowedBBCodesPermission) + )); + $this->htmlInputProcessor = new HtmlInputProcessor(); $this->htmlInputProcessor->process($this->getValue(), $this->getObjectType()->objectType); @@ -352,18 +376,28 @@ class WysiwygFormField extends AbstractFormField implements IMaximumLengthFormFi $this->addValidationError(new FormFieldValidationError('empty')); } else { - $message = $this->htmlInputProcessor->getTextContent(); - $this->validateMinimumLength($message); - $this->validateMaximumLength($message); - - if (empty($this->getValidationErrors()) && ENABLE_CENSORSHIP) { - $result = Censorship::getInstance()->test($message); - if ($result) { - $this->addValidationError(new FormFieldValidationError( - 'censoredWords', - 'wcf.message.error.censoredWordsFound', - ['censoredWords' => $result] - )); + $disallowedBBCodes = $this->htmlInputProcessor->validate(); + if (!empty($disallowedBBCodes)) { + $this->addValidationError(new FormFieldValidationError( + 'disallowedBBCodes', + 'wcf.message.error.disallowedBBCodes', + ['disallowedBBCodes' => $disallowedBBCodes] + )); + } + else { + $message = $this->htmlInputProcessor->getTextContent(); + $this->validateMinimumLength($message); + $this->validateMaximumLength($message); + + if (empty($this->getValidationErrors()) && ENABLE_CENSORSHIP) { + $result = Censorship::getInstance()->test($message); + if ($result) { + $this->addValidationError(new FormFieldValidationError( + 'censoredWords', + 'wcf.message.error.censoredWordsFound', + ['censoredWords' => $result] + )); + } } } } diff --git a/wcfsetup/install/files/lib/system/package/plugin/ObjectTypePackageInstallationPlugin.class.php b/wcfsetup/install/files/lib/system/package/plugin/ObjectTypePackageInstallationPlugin.class.php index de3e9dcfae..5a5f343600 100644 --- a/wcfsetup/install/files/lib/system/package/plugin/ObjectTypePackageInstallationPlugin.class.php +++ b/wcfsetup/install/files/lib/system/package/plugin/ObjectTypePackageInstallationPlugin.class.php @@ -6,6 +6,7 @@ use wcf\data\object\type\ObjectTypeEditor; use wcf\data\DatabaseObjectList; use wcf\data\page\PageNode; use wcf\data\page\PageNodeTree; +use wcf\data\user\group\option\UserGroupOption; use wcf\system\application\ApplicationHandler; use wcf\system\condition\AbstractIntegerCondition; use wcf\system\condition\UserGroupCondition; @@ -480,11 +481,39 @@ class ObjectTypePackageInstallationPlugin extends AbstractXMLPackageInstallation // com.woltlab.wcf.message $this->getObjectTypeDefinitionDataContainer($form, 'com.woltlab.wcf.message') ->appendChildren([ - BooleanFormField::create('enableToc') + // TODO: maximum of one item (see https://github.com/WoltLab/WCF/issues/3040) + UserGroupOptionFormField::create('messageObjectDisallowedBBCodesPermission') + ->objectProperty('disallowedBBCodesPermission') + ->label('wcf.acp.pip.objectType.com.woltlab.wcf.message.disallowedBBCodesPermission') + ->description('wcf.acp.pip.objectType.com.woltlab.wcf.message.disallowedBBCodesPermission.description') + ->addValidator(new FormFieldValidator('optionType', function(UserGroupOptionFormField $formField) { + $value = $formField->getValue(); + if (empty($value)) return; + + $sql = "SELECT optionType + FROM wcf" . WCF_N . "_user_group_option + WHERE optionName = ?"; + $statement = WCF::getDB()->prepareStatement($sql); + $statement->execute([reset($value)]); + if ($statement->fetchSingleColumn() !== 'BBCodeSelect') { + $formField->addValidationError( + new FormFieldValidationError( + 'optionType', + 'wcf.acp.pip.objectType.com.woltlab.wcf.message.disallowedBBCodesPermission.error.optionType' + ) + ); + } + })), + + BooleanFormField::create('messageObjectTypeEnableToc') + ->objectProperty('enableToc') ->label('wcf.acp.pip.objectType.com.woltlab.wcf.message.enableToc') ->description('wcf.acp.pip.objectType.com.woltlab.wcf.message.enableToc.description') ]); - $this->definitionElementChildren['com.woltlab.wcf.message'] = ['enableToc' => 0]; + $this->definitionElementChildren['com.woltlab.wcf.message'] = [ + 'disallowedBBCodesPermission' => '', + 'enableToc' => 0 + ]; // com.woltlab.wcf.notification.objectType $this->getObjectTypeDefinitionDataContainer($form, 'com.woltlab.wcf.notification.objectType') diff --git a/wcfsetup/install/lang/de.xml b/wcfsetup/install/lang/de.xml index 5b51d7143b..4ddd527816 100644 --- a/wcfsetup/install/lang/de.xml +++ b/wcfsetup/install/lang/de.xml @@ -2398,6 +2398,9 @@ Die Datenbestände werden sorgfältig gepflegt, aber es ist nicht ausgeschlossen diesen Anbieter ebenfalls entfernt. Muss dabei eine bestimmte Reihenfolge beachtet werden, müssen nice-Werte angegeben werden.]]> + + + diff --git a/wcfsetup/install/lang/en.xml b/wcfsetup/install/lang/en.xml index e0bd56b447..0b5988b969 100644 --- a/wcfsetup/install/lang/en.xml +++ b/wcfsetup/install/lang/en.xml @@ -2461,6 +2461,9 @@ If you have already bought the licenses for the listed apps, th {$tableName} database table used for this condition.]]> + + + -- 2.20.1