feat: Complete config.xml, access.xml + ACL enforcement audit (#137) #138

2026-06-23T19:17:11Z

jmiller commented

2026-06-23 19:17:11 +00:00

Closes #137. Config defaults + ntfy global settings, 3 new ACL permissions, 13 ACL fixes across 5 controller files. See commits for details.

jmiller added the component: engine component: admin labels 2026-06-23 19:17:11 +00:00

jmiller added 2 commits 2026-06-23 19:17:12 +00:00

feat: complete config.xml and access.xml (#137 ) 1f7def05c1

config.xml:
- Defaults fieldset: archive format, MokoRestore mode, sanitization
  defaults (passwords, emails, sessions), log retention days
- Global ntfy fieldset: server, topic, token (fallback for profiles)

access.xml:
- mokosuitebackup.backup.purge — bulk delete old backups
- mokosuitebackup.backup.compare — compare two backups
- mokosuitebackup.backup.browse — browse archive file listings

30+ new language strings for all fields and ACL actions.

Partial #137 (ACL enforcement audit in separate commit)

fix: enforce correct ACL permissions across all controllers (#137 )

Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions

Details

Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions

Details

Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions

Details

Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions

Details

Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions

Details

Universal: PR Check / Report Issues (pull_request) Blocked by required conditions

Details

Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions

Details

Generic: Repo Health / Repository health (pull_request) Blocked by required conditions

Details

Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions

Details

Universal: PR Check / Branch Policy (pull_request) Failing after 1s

Details

Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s

Details

Universal: PR Check / Validate PR (pull_request) Failing after 7s

Details

Joomla: Extension CI / Lint & Validate (pull_request) Failing after 11s

Details

Generic: Repo Health / Site Health (pull_request) Has been skipped

Details

Generic: Repo Health / Access control (pull_request) Successful in 2s

Details

Universal: PR Check / Secret Scan (pull_request) Successful in 10s

Details

Universal: Build & Release / Promote to RC (pull_request) Has been skipped

Details

Branch Cleanup / Delete merged branch (pull_request) Successful in 2s

Details

RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped

Details

Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 33s

Details

Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s

Details

Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 54s

Details

8e5913d706

13 ACL fixes across 5 files:
- BackupsController: purge() uses backup.purge (was core.delete)
- SnapshotsController: delete() uses snapshot.manage (was core.delete)
- AjaxController: restoreInit/Step use backup.restore (was backup.run),
  browseArchive uses backup.browse (was core.manage),
  countPurge uses backup.purge (was core.delete),
  compareBackups uses backup.compare (was core.manage)
- API SnapshotsController: displayList/download use snapshot.manage
  (was core.manage)
- HtmlView: verify gated by core.manage, compare by backup.compare,
  purge separated from delete with backup.purge

Closes #137

jmiller merged commit 1b93d2ac21 into main

2026-06-23 19:17:48 +00:00

jmiller deleted branch feat/config-acl-audit

2026-06-23 19:17:51 +00:00

Sign in to join this conversation.

Priority -

Type -

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: MokoConsulting/MokoSuiteBackup#138