MokoConsulting/MokoSuiteBackup
1
0
Fork 0
Code Issues 3 Pull Requests Packages Releases 2 Wiki Activity

feat: Complete config.xml, access.xml + ACL enforcement audit (#137) #138

Merged
jmiller merged 2 commits from feat/config-acl-audit into main 2026-06-23 19:17:48 +00:00
Conversation 0 Commits 2 Files Changed 8
+144 -11

2 Commits

Author SHA1 Message Date
Jonathan Miller 8e5913d706 fix: enforce correct ACL permissions across all controllers (#137)
Joomla: Extension CI / Tests (PHP 8.2) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Tests (PHP 8.3) (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / PHPStan Analysis (pull_request) Blocked by required conditions
Details
Joomla: Extension CI / Build RC Pre-Release (pull_request) Blocked by required conditions
Details
Universal: PR Check / Build RC Package (pull_request) Blocked by required conditions
Details
Universal: PR Check / Report Issues (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Scripts governance (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Repository health (pull_request) Blocked by required conditions
Details
Generic: Repo Health / Report Issues (pull_request) Blocked by required conditions
Details
Universal: PR Check / Branch Policy (pull_request) Failing after 1s
Details
Joomla: Extension CI / Release Readiness Check (pull_request) Failing after 7s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 7s
Details
Joomla: Extension CI / Lint & Validate (pull_request) Failing after 11s
Details
Generic: Repo Health / Site Health (pull_request) Has been skipped
Details
Generic: Repo Health / Access control (pull_request) Successful in 2s
Details
Universal: PR Check / Secret Scan (pull_request) Successful in 10s
Details
Universal: Build & Release / Promote to RC (pull_request) Has been skipped
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 2s
Details
RC Revert / Rename rc/ back to dev/ (pull_request) Has been skipped
Details
Joomla: Metadata Validation / Validate Joomla Metadata (pull_request) Successful in 33s
Details
Universal: Workflow Sync Trigger / Sync workflows to live repos (pull_request) Failing after 5s
Details
Universal: Build & Release / Build & Release Pipeline (pull_request) Successful in 54s
Details 
13 ACL fixes across 5 files:
- BackupsController: purge() uses backup.purge (was core.delete)
- SnapshotsController: delete() uses snapshot.manage (was core.delete)
- AjaxController: restoreInit/Step use backup.restore (was backup.run),
  browseArchive uses backup.browse (was core.manage),
  countPurge uses backup.purge (was core.delete),
  compareBackups uses backup.compare (was core.manage)
- API SnapshotsController: displayList/download use snapshot.manage
  (was core.manage)
- HtmlView: verify gated by core.manage, compare by backup.compare,
  purge separated from delete with backup.purge

Closes #137
 2026-06-23 14:16:54 -05:00
Jonathan Miller 1f7def05c1 feat: complete config.xml and access.xml (#137) 
config.xml:
- Defaults fieldset: archive format, MokoRestore mode, sanitization
  defaults (passwords, emails, sessions), log retention days
- Global ntfy fieldset: server, topic, token (fallback for profiles)

access.xml:
- mokosuitebackup.backup.purge — bulk delete old backups
- mokosuitebackup.backup.compare — compare two backups
- mokosuitebackup.backup.browse — browse archive file listings

30+ new language strings for all fields and ACL actions.

Partial #137 (ACL enforcement audit in separate commit)
 2026-06-23 14:04:12 -05:00