Pre-1.3.0 release code review results.

paragonie · Aug 29, 2016 · 7350423 · 7350423
1 parent 7474630
commit 7350423
Show file tree

Hide file tree

Showing 12 changed files with 52 additions and 33 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,4 +1,4 @@
-## Version 1.3.0 (Not released yet)
+## Version 1.3.0 - 2016-08-29
 
   * Significant UI/UX improvements.
     * Redesigned the Bridge UI to be more suitable for a control panel.

diff --git a/README.md b/README.md
@@ -26,6 +26,8 @@ if your company requires one.
 4. [Designed by progressive-minded application security professionals.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#4-designed-by-progressive-minded-application-security-professionals)
 5. [Our Gear system allows the framework to be extended.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#5-our-gear-system-allows-the-framework-to-be-extended)
 
+See [how the out-of-the-box security of CMS Airship compares to WordPress, Drupal, or Joomla](https://paragonie.com/project/airship).
+
 ## Documentation
 
 See [paragonie/airship-docs](https://github.com/paragonie/airship-docs).

diff --git a/src/Cabin/Bridge/ConfigFilter.php b/src/Cabin/Bridge/ConfigFilter.php
@@ -6,7 +6,8 @@
     BoolFilter,
     InputFilterContainer,
     IntFilter,
-    StringFilter
+    StringFilter,
+    WhiteList
 };
 
 /**
@@ -28,21 +29,12 @@ public function __construct()
             ->addFilter('config_extra.board.enabled', new BoolFilter())
             ->addFilter(
                 'config_extra.editor.default-format',
-                (new StringFilter())
-                    ->setDefault('Rich Text')
-                    ->addCallback(
-                        function ($choice): string {
-                            switch ($choice) {
-                                case 'HTML':
-                                case 'Markdown':
-                                case 'Rich Text':
-                                case 'RST':
-                                    return $choice;
-                                default:
-                                    return 'Rich Text';
-                            }
-                        }
-                    )
+                (new WhiteList(
+                        'HTML',
+                        'Markdown',
+                        'Rich Text',
+                        'RST'
+                ))->setDefault('Rich Text')
             )
             ->addFilter('config_extra.recaptcha.secret-key', new StringFilter())
             ->addFilter('config_extra.recaptcha.site-key', new StringFilter())

diff --git a/src/Cabin/Bridge/Filter/Blog/EditPostFilter.php b/src/Cabin/Bridge/Filter/Blog/EditPostFilter.php
@@ -7,7 +7,8 @@
     IntFilter,
     InputFilterContainer,
     StringArrayFilter,
-    StringFilter
+    StringFilter,
+    WhiteList
 };
 
 /**
@@ -28,8 +29,12 @@ public function __construct()
             ->addFilter('description', new StringFilter())
             ->addFilter(
                 'format',
-                (new StringFilter())
-                    ->setDefault('Rich Text')
+                (new WhiteList(
+                    'HTML',
+                    'Markdown',
+                    'Rich Text',
+                    'RST'
+                ))->setDefault('Rich Text')
             )
             ->addFilter('metadata', new StringArrayFilter())
             ->addFilter(

diff --git a/src/Cabin/Bridge/Filter/Blog/EditSeriesFilter.php b/src/Cabin/Bridge/Filter/Blog/EditSeriesFilter.php
@@ -6,7 +6,8 @@
     ArrayFilter,
     IntFilter,
     InputFilterContainer,
-    StringFilter
+    StringFilter,
+    WhiteList
 };
 
 /**
@@ -28,7 +29,15 @@ public function __construct()
             )
             ->addFilter('author', new IntFilter())
             ->addFilter('preamble', new StringFilter())
-            ->addFilter('format', new StringFilter())
+            ->addFilter(
+                'format',
+                (new WhiteList(
+                    'HTML',
+                    'Markdown',
+                    'Rich Text',
+                    'RST'
+                ))->setDefault('Rich Text')
+            )
             ->addFilter('config', new ArrayFilter())
             ->addFilter('items', new StringFilter());
     }

diff --git a/src/Cabin/Bridge/Filter/Blog/NewPostFilter.php b/src/Cabin/Bridge/Filter/Blog/NewPostFilter.php
@@ -7,7 +7,8 @@
     IntFilter,
     InputFilterContainer,
     StringArrayFilter,
-    StringFilter
+    StringFilter,
+    WhiteList
 };
 
 /**
@@ -28,8 +29,12 @@ public function __construct()
             ->addFilter('description', new StringFilter())
             ->addFilter(
                 'format',
-                (new StringFilter())
-                    ->setDefault('Rich Text')
+                (new WhiteList(
+                    'HTML',
+                    'Markdown',
+                    'Rich Text',
+                    'RST'
+                ))->setDefault('Rich Text')
             )
             ->addFilter('published', new StringFilter())
             ->addFilter('metadata', new StringArrayFilter())

diff --git a/src/Cabin/Bridge/Filter/Blog/NewSeriesFilter.php b/src/Cabin/Bridge/Filter/Blog/NewSeriesFilter.php
@@ -6,7 +6,8 @@
     ArrayFilter,
     IntFilter,
     InputFilterContainer,
-    StringFilter
+    StringFilter,
+    WhiteList
 };
 
 /**
@@ -28,7 +29,14 @@ public function __construct()
             )
             ->addFilter('author', new IntFilter())
             ->addFilter('preamble', new StringFilter())
-            ->addFilter('format', new StringFilter())
+            ->addFilter('format',
+                (new WhiteList(
+                    'HTML',
+                    'Markdown',
+                    'Rich Text',
+                    'RST'
+                ))->setDefault('Rich Text')
+            )
             ->addFilter('config', new ArrayFilter())
             ->addFilter('items', new StringFilter());
     }

diff --git a/src/Cabin/Bridge/Landing/Cabins.php b/src/Cabin/Bridge/Landing/Cabins.php
@@ -375,4 +375,4 @@ protected function setTemplateExtraData(string $cabin)
             'bridge-link-cabin-' . $cabin . '-manage'
         );
     }
-}
+}
diff --git a/src/Cabin/Bridge/Lens/cargo/bridge_authors_edit.twig b/src/Cabin/Bridge/Lens/cargo/bridge_authors_edit.twig
@@ -73,4 +73,4 @@
             </div>
         </div>
     </div>
-</form>
+</form>
diff --git a/src/Cabin/Bridge/public/bridge.js b/src/Cabin/Bridge/public/bridge.js
@@ -69,4 +69,4 @@ $(document).ready(function () {
         $("body").data('activelink'),
         $("body").data('activesubmenu')
     )
-});
+});
diff --git a/src/Cabin/Hull/Landing/BlogPosts.php b/src/Cabin/Hull/Landing/BlogPosts.php
@@ -6,7 +6,6 @@
 use Airship\Cabin\Hull\Blueprint\Blog;
 use Airship\Cabin\Hull\Filter\BlogPosts\CommentFilter;
 use Airship\Engine\Security\Util;
-use Airship\Engine\State;
 
 require_once __DIR__.'/init_gear.php';
 
@@ -441,7 +440,6 @@ public function listMonth(string $year, string $month)
      */
     public function listYear(string $year)
     {
-        $state = State::instance();
         list($offset, $limit) = $this->getOffsetAndLimit();
         $count = $this->blog->countByYear($year);
         $blogRoll = $this->blog->listByYear(

diff --git a/src/Cabin/Hull/config/templates/config.twig b/src/Cabin/Hull/config/templates/config.twig
@@ -20,4 +20,4 @@
         "secret-key": {{ config['recaptcha']['secret-key']|je }},
         "site-key": {{ config['recaptcha']['site-key']|je }}
     }
-}
+}
-Original file line number
+Diff line change
@@ Expand Up / @@ -375,4 +375,4 @@ protected function setTemplateExtraData(string $cabin) @@
                 'bridge-link-cabin-' . $cabin . '-manage'
             );
         }
-    }
+    }