Major Feature #5659: Implement content security - TYPO3.Flow - TYPO3 Forge

TYPO3 Flow Base Distribution TYPO3.Eel TYPO3.Flow TYPO3.Fluid TYPO3.Kickstart TYPO3.Welcome Packages Applications

Major Feature #5659

Implement content security

Added by Robert Lemke over 5 years ago. Updated over 4 years ago.

Status:

Resolved

Start date:

2009-12-07

Priority:

Must have

Due date:

Assigned To:

Andreas Förthner

% Done:

Category:

Security

Target version:

PHP Version:

Complexity:

Has patch:

Description

This ticket is a placeholder for all commits related to content security. Obviously this feature still needs to be described properly.

In general, content security will be handled by aspects affecting the persistence framework enforcing policies for all kinds of operations related to content (i.e. objects and their properties).

Related issues

related to TYPO3.Flow - Feature #4960: There should be a Request hash check when objects are mod...	Resolved	2009-10-09
related to TYPO3.Flow - Feature #6604: Implement QueryRewriting according to the security policy	Resolved	2010-03-04
related to TYPO3.Flow - Feature #6605: Integrate the security policy into resource management	Resolved
related to TYPO3.Flow - Feature #3618: Extended ACL possibilities	Closed	2009-06-08
related to TYPO3.Flow - Task #6599: Implement new syntax for policy resources including runti...	Resolved	2010-02-25
related to TYPO3.Flow - Task #6600: Remove the privilege concept vom ACLs	Resolved	2010-02-25
related to TYPO3.Flow - Task #6601: Introduce a new roles definition syntax including runtime...	On Hold	2010-02-25
related to TYPO3.Flow - Feature #8463: Check security policy for objects reconstituted in the se...	New	2010-06-23
related to TYPO3.Flow - Feature #9968: Promote security publishing configuration automatically w...	New	2010-09-28

Associated revisions

Revision 027a4016
Added by Robert Lemke over 5 years ago

[~TASK] FLOW3 (AOP): Removed the "Resource" sub package from the blacklisted sub packages because it now contains a class (Resource) which needs to be persistable.
[-FEATURE][!!!] FLOW3 (MVC): For now removed the request hash feature (HMAC) because it mocks a level of security for incoming data which it doesn't provide. The current mechanism effectively puts control over content security into Fluid templates and it doesn't belong there. Although there might be a need for a request hash, the content security must be implemented by other means. Relates to #4960 and relates to #5659.
[+FEATURE] FLOW3 (MVC): Implemented support for file uploads. Uploading files is cooperation between the Web Request Builder, the Property Mapper and the Resource sub package. The solution included in this commit provides handling of incoming files (including nested arguments) and transparent conversion into Resource objects. Resources (files) are only stored once, no matter how often they are uploaded or what original filename they carried. Still missing: view helper, documentation and automatic purging of unused resource files. Addresses #342.
[~API][!!!] FLOW3 (Property): Renamed the property mapper class to "PropertyMapper" (was just "Mapper" before). Relates to #5658
[+FEATURE] FLOW3 (Property): The Property Mapper now supports a mechanism called Object Converters. These convertes enable the mapper to convert strings, arrays or numbers to certain objects, for example a unix time stamp to a DateTime object. Resolves #5660.
[+FEATURE] FLOW3 (Reflection): Implemented the methods "isPropertySettable" and "isPropertyGettable" for the ObjectAccess class.
[~TASK] FLOW3 (Resource): Renamed the StreamWrapper class to StreamWrapperAdapter
[+FEATURE] FLOW3 (Resource): Implemented a ResourceObjectConverter which is capable of converting arrays or strings to Resource objects.
[+FEATURE] FLOW3 (Utility): Implemented a setValueByPath() method for the Array utilities class.
[+FEATURE] FLOW3 (Utility): Added support for the _FILES super global to the Environment class. The array of information about uploaded files can be obtained in a much cleaner way than PHP provides it by the new getUploadedFiles() method.

Revision 235c5d0a
Added by Andreas Förthner over 5 years ago

[+FEATURE] FLOW3 (AOP): If an advice is executed can now depend on runtime evaluations, which can be configured in the pointcut expression. Relates to #5659.
[~BUGFIX] FLOW3 (AOP): Properties of the AOP proxy class are now prefixed by FLOW3_AOP_Proxy_. This fixes #6188.
[~TASK] FLOW3 (AOP): Removed an unused function from the Framework class.

Revision a8cc2883
Added by Andreas Förthner over 5 years ago

[+FEATURE] FLOW3 (Security): Implemented runtime evaluations support for policy resources. Resolves #6599, relates to #5659
[~TASK] FLOW3 (Security): Removed the old privileges concept. Now there is only one (implicit) access privilege. Resolves #6600, relates to #5659

Revision 23ce4758
Added by Andreas Förthner about 5 years ago

[+TASK] FLOW3 (Object): Added session scope related methods to the object manager and interface.
[+FEATURE] FLOW3 (AOP): Added a matches operator as a new possibility for runtime evaluations.
[+FEATURE] FLOW3 (AOP): Global objects available in runtime evaluations can now be configured in the settings. Resolves #6598.
[+FEATURE] FLOW3 (Security): Implemented query rewriting according to the security policy. Relates to #5659, Resolves #6604.

History

#1 Updated by Sebastian Kurfuerst over 5 years ago

I saw that you removed the request hash again, with the argument "... it puts content security into Fluid templates..."

I disagree here, it just makes sure that only displayed form fields can be updated as well. In particular this is crucial with the [__identity] property being set or not set, and I still think that this part should be determined from the Fluid template.

Curious about your ideas, how you want to solve this issue :-) Maybe we should make a phone call soon?

Greets,
Sebastian