Better handle "module.json" file errors in modules

davidjeddy commented 8 years ago

Suggest: check json of a module before loading it into the module list.

Stack dump:

Exception
Invalid Parameter – yii\base\InvalidParamException

Syntax error.
1. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/helpers/BaseJson.php at line 123
114115116117118119120121122123124125126127128129130131132 
        $availableErrors = [];
        foreach (static::$jsonErrorMessages as $const => $message) {
            if (defined($const)) {
                $availableErrors[constant($const)] = $message;
            }
        }

        if (isset($availableErrors[$lastError])) {
            throw new InvalidParamException($availableErrors[$lastError], $lastError);
        }

        throw new InvalidParamException('Unknown JSON encoding/decoding error.');
    }

    /**
     * Pre-processes the data before sending it to `json_encode()`.
     * @param mixed $data the data to be processed
     * @param array $expressions collection of JavaScript expressions
2. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/helpers/BaseJson.php at line 97 – yii\helpers\BaseJson::handleJsonError(4)
3. in {app_path}/{app_name}.dev/protected/humhub/components/Module.php at line 220 – yii\helpers\BaseJson::decode('{ "id": "connections", "...')
214215216217218219220221222223224225226    {
        if ($this->_moduleInfo != null) {
            return $this->_moduleInfo;
        }

        $moduleJson = file_get_contents($this->getBasePath() . DIRECTORY_SEPARATOR . 'module.json');
        return \yii\helpers\Json::decode($moduleJson);
    }

    /**
     * This method is called after an update is performed.
     * You may extend it with your own update process.
     */
4. in {app_path}/{app_name}.dev/protected/humhub/components/Module.php at line 43 – humhub\components\Module::getModuleInfo()
37383940414243444546474849     * Returns modules name provided by module.json file
     *
     * @return string Name
     */
    public function getName()
    {
        $info = $this->getModuleInfo();

        if ($info['name']) {
            return $info['name'];
        }
        return $this->getId();
    }
5. in {app_path}/{app_name}.dev/protected/humhub/modules/admin/views/module/list.php at line 26 – humhub\components\Module::getName()
20212223242526272829303132            <div class="media">
                <img class="media-object img-rounded pull-left" data-src="holder.js/64x64" alt="64x64"
                     style="width: 64px; height: 64px;"
                     src="<?php echo $module->getImage(); ?>">

                <div class="media-body">
                    <h4 class="media-heading"><?php echo $module->getName(); ?>
                        <small>
                            <?php if (Yii::$app->hasModule($module->id)) : ?>
                                <span class="label label-success"><?php echo Yii::t('AdminModule.module_list', 'Activated'); ?></span>
                            <?php endif; ?>
                        </small>
                    </h4>
6. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/View.php at line 325 – require('{app_path}/{app_name}.de...')
7. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/View.php at line 247 – yii\base\View::renderPhpFile('{app_path}/{app_name}.de...', ['installedModules' => ['enterprise' => humhub\modules\enterprise\Module, 'activity-feed-populator' => {app_name}\modules\activityFeedPopulator\Module, 'candidate-search' => {app_name}\modules\CandidateSearch\Module, 'company' => {app_name}\modules\company\Module, ...]])
8. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/View.php at line 149 – yii\base\View::renderFile('{app_path}/{app_name}.de...', ['installedModules' => ['enterprise' => humhub\modules\enterprise\Module, 'activity-feed-populator' => {app_name}\modules\activityFeedPopulator\Module, 'candidate-search' => {app_name}\modules\CandidateSearch\Module, 'company' => {app_name}\modules\company\Module, ...]], humhub\modules\admin\controllers\ModuleController)
9. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/Controller.php at line 378 – yii\base\View::render('list', ['installedModules' => ['enterprise' => humhub\modules\enterprise\Module, 'activity-feed-populator' => {app_name}\modules\activityFeedPopulator\Module, 'candidate-search' => {app_name}\modules\CandidateSearch\Module, 'company' => {app_name}\modules\company\Module, ...]], humhub\modules\admin\controllers\ModuleController)
10. in {app_path}/{app_name}.dev/protected/humhub/modules/admin/controllers/ModuleController.php at line 39 – yii\base\Controller::render('list', ['installedModules' => ['enterprise' => humhub\modules\enterprise\Module, 'activity-feed-populator' => {app_name}\modules\activityFeedPopulator\Module, 'candidate-search' => {app_name}\modules\CandidateSearch\Module, 'company' => {app_name}\modules\company\Module, ...]])
33343536373839404142434445        return $this->redirect(['/admin/module/list']);
    }

    public function actionList()
    {
        $installedModules = Yii::$app->moduleManager->getModules();
        return $this->render('list', array('installedModules' => $installedModules));
    }

    /**
     * Enables a module
     *
     * @throws CHttpException
11. humhub\modules\admin\controllers\ModuleController::actionList()
12. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/InlineAction.php at line 55 – call_user_func_array([humhub\modules\admin\controllers\ModuleController, 'actionList'], [])
13. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/Controller.php at line 154 – yii\base\InlineAction::runWithParams([])
14. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/Module.php at line 454 – yii\base\Controller::runAction('list', [])
15. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/web/Application.php at line 84 – yii\base\Module::runAction('admin/module/list', [])
16. in {app_path}/{app_name}.dev/protected/vendor/yiisoft/yii2/base/Application.php at line 375 – yii\web\Application::handleRequest(humhub\components\Request)
17. in {app_path}/{app_name}.dev/index.php at line 29 – yii\base\Application::run()
23242526272829 
    // TF app includes
    (is_readable(__DIR__ . '/protected/{app_name}/config/common.php')) ? require(__DIR__ . '/protected/{app_name}/config/common.php') : [],
    (is_readable(__DIR__ . '/protected/{app_name}/config/web.php')) ? require(__DIR__ . '/protected/{app_name}/config/web.php') : []
);

(new humhub\components\Application($config))->run();
 $_COOKIE = [
    '_csrf' => 'dc7dd0cf2e9c05a5207f0cb45af3e0ef80266e35e92b6ed57b2da01c4aaf126da:2:{i:0;s:5:"_csrf";i:1;s:32:"HcPnEqfKzwYjbxIJI6Z5_gNcp19fTyDg";}',
    'pm_getting-started-panel' => 'expanded',
    'PHPSESSID' => '01nnm8vbkh7dm473knuq369ev5',
    'XDEBUG_SESSION' => 'PHPSTORM',
    '_gat' => '1',
    '_ga' => 'GA1.2.114447230.1464119152',
    '_identity' => '51e7dd7c1797086025f47429586c4b272a37453d639fb9d281bea24f7e13b478a:2:{i:0;s:9:"_identity";i:1;s:50:"[1,"81b48895-c098-441c-9468-183aac30f74d",2592000]";}',
];

$_SESSION = [
    '__flash' => [],
    '__id' => 1,
    'company_id' => '4',
];
Yii Framework
2016-05-25, 10:36:44

nginx/1.6.3
Yii Framework/2.0.8
2.0.8 PHP 5.6.20 Status 500 Route admin/module/list Log 62 1 Time 1,123 ms Memory 20.641 MB DB 16 22 ms

screen shot 2016-05-25 at 10 37 29

nadilhassan commented 8 years ago

Check Your syntax of JSON file. Can you share the Module.json file to check

davidjeddy commented 8 years ago

I am aware it IS the module.json; my issue is HumHub admin logic should validate the json before attempting to render the admin/module/list. 'Never trust user input', even if that user is a 3rd party module.

Christian-Seiler commented 1 year ago

Is there an official json schema for the module.json file?

ArchBlood commented 1 year ago

Is there an official json schema for the module.json file?

Yes

{
    "id": "example",
    "version": "1.0",
    "name": "My Example Module",
    "description": "My testing module.",
    "humhub": {
        "minVersion": "1.2",
        "maxVersion": "2.0"
    },
    "keywords": ["my", "cool", "module"],
    "screenshots": ["assets/screen_1.jpg"],
    "homepage": "https://www.example.com",
    "authors": [
        {
            "name": "Tom Coder",
            "email": "tc@example.com",
            "role": "Developer"
        },
        {
            "name": "Sarah Mustermann",
            "email": "sm@example.com",
            "homepage": "http://example.com",
            "role": "Translator"
        }
    ]   
}

humhub / humhub

Better handle "module.json" file errors in modules #1752