09bac755a9d0cd34d00a43172e9e897d55d2daae
9 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
64ffbb9d61 |
feat: profiles UI, snapshot detail, progress warning, action logs (#100, #104, #108, #110)
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: PR Check / Validate PR (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 10s
Branch Cleanup / Delete merged branch (pull_request) Successful in 1s
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 39s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 18s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 4m10s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
#100: Run Backup button on profiles list (per-row) and edit toolbar, backup count badge linking to filtered backups view, View Backups toolbar button on profile edit. #101: Profile → filtered backup list link (included in #100). #104: Snapshot browse modal now shows tabbed view (Articles, Categories, Modules) with item counts. AjaxController returns all content types. Categories show indented hierarchy. #108: "Do not navigate away or close this window" warning banner added to both backup and restore progress modals. #110: Joomla Action Logs integration — RestoreEngine, SnapshotEngine, and SnapshotRestoreEngine now dispatch events that the actionlog plugin logs to #__action_logs. Closes #100, closes #101, closes #104, closes #108, closes #110 |
||
|
|
4213def0ad |
feat: backup archive browser — view files without extracting (#59)
AJAX-powered file browser in backups list and detail views: - AjaxController::browseArchive() reads ZIP/tar.gz entries - Browse button on each backup row + detail view - Modal shows file list with names and sizes (first 500 entries) Closes #59 |
||
|
|
01bed8942c |
feat: AJAX stepped restore engine for large sites (#62)
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 5s
Universal: PR Check / Validate PR (pull_request) Failing after 5s
Universal: PR Check / Secret Scan (pull_request) Successful in 6s
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 9s
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 32s
Branch Cleanup / Delete merged branch (pull_request) Successful in 3s
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 6s
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 23s
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Break restore into phases (extract, files, database, config, cleanup) executed via AJAX steps to avoid PHP timeout on shared hosting. - SteppedRestoreEngine with session persistence - AjaxController restoreInit/restoreStep endpoints - Restore modal uses AJAX progress instead of synchronous submit - Files copied in batches of 200, SQL in batches of 500 Closes #62 |
||
|
|
edb202071c |
feat: add pre-flight checks before backup starts (#67)
Universal: Auto Version Bump / Version Bump (push) Successful in 9s
Validate backup prerequisites before creating any record, catching common issues early with clear messages instead of failing mid-backup. Pre-flight checks: - Required PHP extensions (zip, pdo, pdo_mysql, mbstring, curl) - Backup directory exists and is writable - Sufficient disk space (last backup size + 20% buffer, skipped if no previous backup exists) - No other backup already running for this profile - Excluded tables exist in database (warns on missing) - Remote storage credentials minimally configured (FTP/S3/GDrive) Errors block the backup; warnings are logged and displayed but allow the backup to proceed. Integrated into both BackupEngine::run() and SteppedBackupEngine::init() before any record is inserted. UI: AJAX init response includes warnings array, displayed in the stepped backup progress modal. Closes #67 |
||
|
|
ef31713029 |
feat: content snapshots, restore UI, and config hardening (v01.25.00)
Universal: Auto Version Bump / Version Bump (push) Successful in 10s
Add content snapshot system for lightweight article/category/module versioning independent of full backups. Snapshots store as JSON files with replace or merge restore modes, wrapped in DB transactions. - SnapshotEngine: dumps articles, categories, modules + related tables (workflow_associations, tag maps, frontpage) to JSON - SnapshotRestoreEngine: replace (clean slate) or merge (upsert) mode - Full MVC: controller, models, view, template with create/restore modals - New ACL permission: mokosuitebackup.snapshot.manage - Submenu entry with camera icon, upgrade SQL for snapshots table Improve full-site restore UI with confirmation modal offering options for files, database, preserve config, and encryption password. Config improvements: - WebcronSecretField: CSPRNG generator, strength meter, rejects weak patterns (password, admin, secret), enforces min 16 chars - IpWhitelistField: table-based management, current IP detection with one-click "Add my IP" button - Default profile shows "Title (#ID)" format - Default backup dir uses [DEFAULT_DIR] placeholder - Install script generates random 32-char webcron secret - Dashboard quick actions: full-width dropdown with button below |
||
|
|
36ec6dd5a3 |
fix: notifications for AJAX backups, download CSRF token
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Universal: Auto Version Bump / Version Bump (push) Successful in 4s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 4s
Generic: Repo Health / Access control (pull_request) Successful in 2s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 7s
Generic: Project CI / Lint & Validate (push) Successful in 11s
Generic: Project CI / Lint & Validate (pull_request) Successful in 11s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 12s
Universal: PR Check / Validate PR (pull_request) Failing after 48s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 54s
Generic: Project CI / Tests (push) Has been cancelled
Generic: Project CI / Tests (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Joomla: Extension CI / Build RC Pre-Release (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
SteppedBackupEngine now sends email + ntfy notifications on both success (completeRecord) and failure (failRecord). Previously only BackupEngine (synchronous CLI/toolbar path) sent notifications. Download link in backups template now includes the CSRF token in the URL query string, fixing "security token did not match" error when clicking download buttons. |
||
|
|
c381829fc5 |
fix: ACL review — missing checks, HTTP status codes, memory safety
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 1s
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 3s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 5s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 5s
Universal: Auto Version Bump / Version Bump (push) Successful in 7s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 20s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
- Add ACL check (core.manage) to verify() — was completely unguarded
- Add checkToken('get') to download() for CSRF protection
- Wrap all setMessage() calls in Text::_() for proper translation
- Add HTTP 403 status to all AJAX token/ACL denial responses
- Add $status param to sendJson() helper
- Wrap viewLog() DB query in try-catch, return JSON error on failure
- Fix viewLog() file_get_contents to detect read errors vs missing
- Replace API download() file_get_contents + base64 with streaming
readfile() to prevent memory exhaustion on large backups
- Gate backup profile selector in template behind backup.run permission
|
||
|
|
ff5f0108b9 |
feat: wire up ACL permission checks across all controllers and views
Generic: Repo Health / Access control (push) Successful in 1s
Generic: Repo Health / Site Health (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 1s
Generic: Repo Health / Site Health (pull_request) Has been skipped
Generic: Repo Health / Access control (pull_request) Successful in 1s
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 3s
Universal: Auto Version Bump / Version Bump (push) Successful in 8s
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 6s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 6s
Universal: Pre-Release / Build Pre-Release (${{ inputs.stability || github.ref_name }}) (push) Successful in 6s
Universal: PR Check / Validate PR (pull_request) Failing after 20s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Has been cancelled
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Has been cancelled
Joomla: Extension CI / PHPStan Analysis (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Universal: PR Check / Report Issues (pull_request) Has been cancelled
Generic: Repo Health / Scripts governance (pull_request) Has been cancelled
Generic: Repo Health / Repository health (pull_request) Has been cancelled
Generic: Repo Health / Report Issues (pull_request) Has been cancelled
Enforce granular permissions defined in access.xml: Controllers (server-side enforcement): - BackupsController: start() → backup.run, download() → backup.download, restore() → backup.restore - AjaxController: init()/step() → backup.run, browseDir()/viewLog() → core.manage - API BackupsController: backup() → backup.run, download() → backup.download, profiles() → core.manage - ProfilesController: importAkeeba() → core.create Views (toolbar button visibility): - Backups: conditionally show Start, Restore, Delete, Preferences - Profiles: conditionally show Add, Edit, Import, Delete, Preferences - Profile edit: conditionally show Save/Apply based on create/edit Templates: - Backups list: hide download button when backup.download denied |
||
|
|
ace33b60fe |
feat: rename mokojoombackup → mokosuitebackup, add [HOME] placeholder for backup directory
Generic: Repo Health / Site Health (push) Has been skipped
Generic: Repo Health / Access control (push) Successful in 2s
Universal: Auto Version Bump / Version Bump (push) Successful in 10s
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Generic: Repo Health / Report Issues (push) Has been cancelled
Renames all sub-extensions from mokojoombackup to mokosuitebackup
(package, component, 7 plugins, language files, manifests).
Adds [HOME] placeholder to BackupDirectory and PlaceholderResolver
so users can set backup_dir to [HOME]/backups (outside web root).
Fixes folder browser "access denied" on PHP-FPM shared hosting
where getenv('HOME') returns empty by adding POSIX and JPATH_ROOT
fallback detection.
|