Skip to content

Commit 38af1de

Browse files
bennothommoLukeTowers
bennothommo
and
LukeTowers
authored
Add comments on risky permissions (#1468)
Some permissions in the Backend and CMS are expected to be given only to trusted users, as they grant access to features of the CMS that can negatively manipulate the experience of other users or grant themselves more access than intended. We now make this explicit by providing hints about these permissions. Co-authored-by: Luke Towers <git@luketowers.ca>
1 parent bbe5eca commit 38af1de

File tree

7 files changed

+39
-11
lines changed

7 files changed

+39
-11
lines changed

.gitignore

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@ nbproject
2626
.vscode
2727
!.devcontainer/.vscode
2828
_ide_helper.php
29+
.zed
2930

3031
# Other ignores
3132
.DS_Store

modules/backend/ServiceProvider.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -178,11 +178,13 @@ protected function registerBackendPermissions()
178178
'backend.manage_users' => [
179179
'label' => 'system::lang.permissions.manage_other_administrators',
180180
'tab' => 'system::lang.permissions.name',
181+
'comment' => 'system::lang.permissions.manage_other_administrators_comment',
181182
'roles' => [UserRole::CODE_DEVELOPER],
182183
],
183184
'backend.impersonate_users' => [
184185
'label' => 'system::lang.permissions.impersonate_users',
185186
'tab' => 'system::lang.permissions.name',
187+
'comment' => 'system::lang.permissions.impersonate_users_comment',
186188
'roles' => [UserRole::CODE_DEVELOPER],
187189
],
188190
'backend.manage_preferences' => [
@@ -203,6 +205,7 @@ protected function registerBackendPermissions()
203205
'backend.manage_branding' => [
204206
'label' => 'system::lang.permissions.manage_branding',
205207
'tab' => 'system::lang.permissions.name',
208+
'comment' => 'system::lang.permissions.manage_branding_comment',
206209
'roles' => [UserRole::CODE_DEVELOPER],
207210
],
208211
'media.manage_media' => [
@@ -213,6 +216,7 @@ protected function registerBackendPermissions()
213216
'backend.allow_unsafe_markdown' => [
214217
'label' => 'backend::lang.permissions.allow_unsafe_markdown',
215218
'tab' => 'system::lang.permissions.name',
219+
'comment' => 'backend::lang.permissions.allow_unsafe_markdown_comment',
216220
'roles' => [UserRole::CODE_DEVELOPER],
217221
],
218222
]);

modules/backend/formwidgets/permissioneditor/partials/_permissioneditor.php

Lines changed: 18 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,9 +1,9 @@
11
<div class="permissioneditor <?= $this->previewMode ? 'control-disabled' : '' ?>" <?= $field->getAttributes() ?>>
22
<table>
33
<?php
4-
$firstTab = true;
5-
$globalIndex = 0;
6-
$checkboxMode = !($this->mode === 'radio');
4+
$firstTab = true;
5+
$globalIndex = 0;
6+
$checkboxMode = !($this->mode === 'radio');
77
?>
88
<?php foreach ($permissions as $tab => $tabPermissions): ?>
99
<tr class="section">
@@ -20,7 +20,7 @@
2020
</tr>
2121

2222
<?php
23-
$lastIndex = count($tabPermissions) - 1;
23+
$lastIndex = count($tabPermissions) - 1;
2424
?>
2525
<?php foreach ($tabPermissions as $index => $permission): ?>
2626

@@ -55,13 +55,22 @@
5555

5656
<td class="permission-name">
5757
<?= e(trans($permission->label)) ?>
58-
<p class="comment"><?= e(trans($permission->comment)) ?></p>
58+
<?php if ($permission->comment): ?>
59+
<span
60+
class="text-info wn-icon-circle-info"
61+
data-toggle="tooltip"
62+
title="<?= e(trans($permission->comment)) ?>"
63+
tabindex="0"
64+
role="img"
65+
aria-label="<?= e(trans($permission->comment)) ?>"
66+
></span>
67+
<?php endif; ?>
5968
</td>
6069

6170
<?php if ($this->mode === 'radio'): ?>
6271
<td class="permission-value">
6372
<div class="radio custom-radio">
64-
<input
73+
<input
6574
id="<?= $allowId ?>"
6675
name="<?= e($baseFieldName) ?>[<?= e($permission->code) ?>]"
6776
value="1"
@@ -75,7 +84,7 @@
7584
</td>
7685
<td class="permission-value">
7786
<div class="radio custom-radio">
78-
<input
87+
<input
7988
id="<?= $inheritId ?>"
8089
name="<?= e($baseFieldName) ?>[<?= e($permission->code) ?>]"
8190
value="0"
@@ -88,7 +97,7 @@
8897
</td>
8998
<td class="permission-value">
9099
<div class="radio custom-radio">
91-
<input
100+
<input
92101
id="<?= $denyId ?>"
93102
name="<?= e($baseFieldName) ?>[<?= e($permission->code) ?>]"
94103
value="-1"
@@ -123,7 +132,7 @@
123132
<?php else: ?>
124133
<td class="permission-value">
125134
<div class="checkbox custom-checkbox">
126-
<input
135+
<input
127136
id="<?= $allowId ?>"
128137
name="<?= e($baseFieldName) ?>[<?= e($permission->code) ?>]"
129138
value="1"

modules/backend/lang/en/lang.php

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -612,7 +612,8 @@
612612
],
613613
'permissions' => [
614614
'manage_media' => 'Upload and manage media contents - images, videos, sounds, documents',
615-
'allow_unsafe_markdown' => 'Use unsafe Markdown (Can include Javascript)',
615+
'allow_unsafe_markdown' => 'Allow unsafe Markdown',
616+
'allow_unsafe_markdown_comment' => 'Allowing unsafe Markdown will allow HTML tags, including JavaScript, in Markdown content. This can be a security risk if given to an untrusted user.',
616617
],
617618
'mediafinder' => [
618619
'label' => 'Media Finder',

modules/cms/ServiceProvider.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
1-
<?php namespace Cms;
1+
<?php
2+
3+
namespace Cms;
24

35
use Backend;
46
use Backend\Classes\WidgetManager;
@@ -342,24 +344,28 @@ protected function registerBackendPermissions()
342344
'cms.manage_pages' => [
343345
'label' => 'cms::lang.permissions.manage_pages',
344346
'tab' => 'cms::lang.permissions.name',
347+
'comment' => 'cms::lang.permissions.manage_pages_comment',
345348
'roles' => [UserRole::CODE_DEVELOPER],
346349
'order' => 100
347350
],
348351
'cms.manage_layouts' => [
349352
'label' => 'cms::lang.permissions.manage_layouts',
350353
'tab' => 'cms::lang.permissions.name',
354+
'comment' => 'cms::lang.permissions.manage_layouts_comment',
351355
'roles' => [UserRole::CODE_DEVELOPER],
352356
'order' => 100
353357
],
354358
'cms.manage_partials' => [
355359
'label' => 'cms::lang.permissions.manage_partials',
356360
'tab' => 'cms::lang.permissions.name',
361+
'comment' => 'cms::lang.permissions.manage_partials_comment',
357362
'roles' => [UserRole::CODE_DEVELOPER],
358363
'order' => 100
359364
],
360365
'cms.manage_themes' => [
361366
'label' => 'cms::lang.permissions.manage_themes',
362367
'tab' => 'cms::lang.permissions.name',
368+
'comment' => 'cms::lang.permissions.manage_themes_comment',
363369
'roles' => [UserRole::CODE_DEVELOPER],
364370
'order' => 100
365371
],

modules/cms/lang/en/lang.php

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -277,9 +277,13 @@
277277
'manage_content' => 'Manage website content files',
278278
'manage_assets' => 'Manage website assets - images, JavaScript files, CSS files',
279279
'manage_pages' => 'Create, modify and delete website pages',
280+
'manage_pages_comment' => 'This permission should only be given to trusted users, as it allows direct access to the theme\'s page content files, including PHP code if enabled.',
280281
'manage_layouts' => 'Create, modify and delete CMS layouts',
282+
'manage_layouts_comment' => 'This permission should only be given to trusted users, as it allows direct access to the theme\'s layout files, including PHP code if enabled.',
281283
'manage_partials' => 'Create, modify and delete CMS partials',
284+
'manage_partials_comment' => 'This permission should only be given to trusted users, as it allows direct access to the theme\'s partial files, including PHP code if enabled.',
282285
'manage_themes' => 'Activate, deactivate and configure CMS themes',
286+
'manage_themes_comment' => 'This permission should only be given to trusted users, as it allows the user to add new themes, change the existing theme, or delete themes entirely.',
283287
'manage_theme_options' => 'Configure customization options for the active theme',
284288
],
285289
'theme_log' => [

modules/system/lang/en/lang.php

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -448,13 +448,16 @@
448448
'manage_mail_templates' => 'Manage mail templates',
449449
'manage_mail_settings' => 'Manage mail settings',
450450
'manage_other_administrators' => 'Manage other administrators',
451+
'manage_other_administrators_comment' => 'Allows the user to create, update, and delete other administrator accounts. This permission should only be given to trusted users.',
451452
'impersonate_users' => 'Impersonate users',
453+
'impersonate_users_comment' => 'Allows the user to impersonate other users at their level of access. This permission should only be given to trusted users.',
452454
'manage_preferences' => 'Manage backend preferences',
453455
'manage_editor' => 'Manage global code editor preferences',
454456
'manage_own_editor' => 'Manage personal code editor preferences',
455457
'view_the_dashboard' => 'View the dashboard',
456458
'manage_default_dashboard' => 'Manage the default dashboard',
457459
'manage_branding' => 'Customize the back-end',
460+
'manage_branding_comment' => 'This permission allows the user to customize the back-end appearance, including custom CSS content. This may be a security risk if given to an untrusted user.'
458461
],
459462
'log' => [
460463
'menu_label' => 'Log settings',

0 commit comments

Comments
 (0)