quicksketch
commented
8 years ago Actually looks like this doesn't need to wait for 1.6.0. We're already using authorize.php for most situations (updating modules, manually installing modules), but not in the most common situation (through the batch UI installer).
To fix this, we need to change:
- _installer_browser_batch_install_release() currently is a batch function that downloads and moves the module to the final location. This needs to be changed to only download the projects, and NOT move to the final location.
- The last step of the process should be to redirect to
authorize.php, and then use it to copy the module to the final location. - Then redirect the user back to the project installer to complete enabling any new modules or themes.
Right now the problem originates in installer_manager_download_project(). It currently takes a parameter for $is_installer, which we could eliminate if we always treat all projects that are downloaded the same way. We'll also remove all the file copying code from this function, delegating that to authorize.php instead.
The up-side of this is more consistency and a little less code to manage. The downside will be that it will effectively be adding another step to the overall install process, because downloading will be one batch process, then copying to the final location will be a second batch process.
Now that we have fixed the usage of authorize.php when using Installer module for manual module installs (#1920), it's become clear that we should be using authorize.php for all downloading/installing of modules/themes/layouts.
Without using authorize.php, Installer module only works if the owner of web root directory and the web server user are the same. By using authorize.php, we could enable users to more securely set up their site and still allow modules to be downloaded/installed. If the owner of the web root is the web server user (as is the case in most shared hosting environments and Pantheon), then we don't have a problem. But when these users are different, authorize.php could enable the use of the Installer UI.