SilverStripe\UserForms\Task\RecoverUploadLocationsHelper
A helper to recover the UserForm uploads targeting folders incorrectly migrated from Silverstripe CMS 3
In short, the migrated folders do not have Live version records in the database, as such
all the files uploaded through UserForms EditableFileField end up in a default fallback folder (/Uploads by default)
If your project has not been migrated from Silverstripe CMS 3, you do not need this helper.
For more details see CVE-2020-9280
Synopsis
class RecoverUploadLocationsHelper
{
- // members
- private static array $dependencies = ;
- private LoggerInterface $logger;
- private Versioned $versionedExtension;
- private bool $filesVersioned;
- private EditableFileField $fieldFolderCache = ;
- // methods
- public void __construct()
- public $this setLogger()
- public int run()
- protected int process()
- protected int getExpectedUploadFolderId()
- protected Folder getFolder()
- protected int recover()
- protected int checkResidual()
- protected int recoverLiveOnly()
- protected int recoverWithDraft()
- protected void moveFileToFolder()
- private Generator chunk()
- private void getQuery()
- private DataList getCountQuery()
Hierarchy
Uses
- SilverStripe\Core\Injector\Injectable
- SilverStripe\Core\Config\Configurable
Members
private
- $dependencies
- $fieldFolderCache
—
SilverStripe\UserForms\Model\EditableFormField\EditableFileField
Cache of the EditableFileField versions - $filesVersioned
—
SilverStripe\UserForms\Task\bool
Whether File class has Versioned extension installed - $logger — Psr\Log\LoggerInterface
- $versionedExtension — SilverStripe\Versioned\Versioned
Methods
private
- chunk() — Split queries into smaller chunks to avoid using too much memory
- getCountQuery() — Returns DataList object containing every uploaded file record
- getQuery() — Returns SQLQuery instance
protected
- checkResidual() — Handles gracefully a bug in UserForms that prevents some uploaded files from being removed on the filesystem level when manually moving them to another folder through CMS
- getExpectedUploadFolderId() — Fetches the EditableFileField version from cache and returns its FolderID
- getFolder() — Fetches a Folder by its ID, gracefully handling deleted folders
- moveFileToFolder()
- process() — Process all the files and return the number
- recover() — Recover an uploaded file location
- recoverLiveOnly() — Recover a file with only Live version (with no draft)
- recoverWithDraft() — Recover a live version of the file preserving the draft
public
- __construct()
- run() — Process the UserForm uplodas
- setLogger()