Merge branch 'hotfix-10.24.17' into stable

pixl8 · Sep 18, 2023 · 33b313f · 33b313f
2 parents 8b5ce02 + 4c1d136
commit 33b313f
Show file tree

Hide file tree

Showing 6 changed files with 71 additions and 49 deletions.
diff --git a/system/Bootstrap.cfc b/system/Bootstrap.cfc
@@ -423,7 +423,7 @@ component {
 	private boolean function _dealWithSqlReloadProtectionErrors( required struct exception ) output=true {
 		var exceptionType = ( arguments.exception.type ?: "" );
 
-		if ( exceptionType == "presidecms.auto.schema.sync.disabled" ) {
+		if ( IsSimpleValue( exceptionType ) && exceptionType == "presidecms.auto.schema.sync.disabled" ) {
 			thread name=CreateUUId() e=arguments.exception {
 				new preside.system.services.errors.ErrorLogService(
 					  appMapping     = request._presideMappings.appMapping ?: "/app"

diff --git a/system/assets/css/admin/frontend/toolbar.less b/system/assets/css/admin/frontend/toolbar.less
@@ -47,4 +47,8 @@ html {
 			}
 		}
 	}
+
+	.dropdown-menu {
+	    color : @text-color;
+	}
 }
diff --git a/system/config/Config.cfc b/system/config/Config.cfc
@@ -791,6 +791,10 @@ component {
 				, trash     = ( settings.env[ "assetmanager.storage.trash"     ] ?: settings.uploads_directory & "/.trash" )
 				, publicUrl = ( settings.env[ "assetmanager.storage.publicUrl" ] ?: "" )
 			  }
+			, cacheExpiry = {
+				  public  = Val( settings.env.ASSET_CACHE_EXPIRY_PUBLIC  ?: 31536000 ) // one year
+				, private = Val( settings.env.ASSET_CACHE_EXPIRY_PRIVATE ?: 86400    ) // one day
+			  }
 		};
 		settings.assetManager.allowedExtensions = _typesToExtensions( settings.assetManager.types );
 		settings.assetManager.types.document.append( { tiff = { serveAsAttachment = true, mimeType="image/tiff" } } );

diff --git a/system/handlers/admin/emailCenter/CustomTemplates.cfc b/system/handlers/admin/emailCenter/CustomTemplates.cfc
@@ -804,22 +804,27 @@ component extends="preside.system.base.AdminHandler" {
 				}
 
 				if ( args.sendMethod == "scheduled" ){
+					var nowish = Now();
 					args.sendDate = args.scheduleType == "repeat" ? ( template.schedule_next_send_date ?: "" ) : ( template.schedule_date ?: "" );
 
-					if ( IsDate( args.sendDate ) && args.sendDate > Now() ) {
+					if ( IsDate( args.sendDate ) && args.sendDate > nowish ) {
 						args.estimatedSendCount = emailMassSendingService.getTemplateRecipientCount( templateId );
 					}
 
 					if ( args.scheduleType == "repeat" ) {
 						if ( IsDate( args.sendDate ) ) {
-							defaultNotice.message = translateResource( uri="cms:emailcenter.next.send.date.alert", data=[ DateTimeFormat( args.sendDate, "d mmm, yyyy HH:nn"), NumberFormat( args.estimatedSendCount ) ] );
+							if ( args.sendDate > nowish ) {
+								defaultNotice.message = translateResource( uri="cms:emailcenter.next.send.date.alert", data=[ DateTimeFormat( args.sendDate, "d mmm, yyyy HH:nn"), NumberFormat( args.estimatedSendCount ) ] );
+							} else {
+								defaultNotice.message = translateResource( uri="cms:emailcenter.next.send.date.in.past.alert", data=[ DateTimeFormat( args.sendDate, "d mmm, yyyy HH:nn") ] );
+							}
 						} else {
 							defaultNotice.message = translateResource( uri="cms:emailcenter.next.send.date.unknown.alert" );
 							defaultNotice.class   = "warn";
 							defaultNotice.icon    = "fa-exclamation-triangle";
 						}
 					} else if ( IsDate( args.sendDate ) ) {
-						if ( args.sendDate > Now() ) {
+						if ( args.sendDate > nowish ) {
 							defaultNotice.message = translateResource( uri="cms:emailcenter.send.date.alert", data=[ DateTimeFormat( args.sendDate, "d mmm, yyyy HH:nn"), NumberFormat( args.estimatedSendCount ) ]);
 						} else if ( args.queued ) {
 							defaultNotice.message = translateResource( uri="cms:emailcenter.sending.alert", data=[ NumberFormat( args.queued ), NumberFormat( args.sent ) ] );

diff --git a/system/handlers/core/AssetDownload.cfc b/system/handlers/core/AssetDownload.cfc
@@ -5,11 +5,16 @@ component {
 	property name="websiteUserActionService"     inject="websiteUserActionService";
 	property name="rulesEngineWebRequestService" inject="rulesEngineWebRequestService";
 	property name="queueMaxWaitAttempts"         inject="coldbox:setting:assetManager.queue.downloadWaitSeconds";
+	property name="publicCacheAge"               inject="coldbox:setting:assetManager.cacheExpiry.public";
+	property name="privateCacheAge"              inject="coldbox:setting:assetManager.cacheExpiry.private";
 
-	public function asset( event, rc, prc ) output=false {
+	public function asset( event, rc, prc ) {
 		announceInterception( "preDownloadAsset" );
 
-		_checkDownloadPermissions( argumentCollection=arguments );
+		var permissionSettings = _getPermissionSettings( argumentCollection=arguments );
+		if ( permissionSettings.restricted ) {
+			_checkDownloadPermissions( argumentCollection=arguments, permissionSettings=permissionSettings );
+		}
 
 		var assetId           = rc.assetId      ?: "";
 		var versionId         = rc.versionId    ?: "";
@@ -138,7 +143,11 @@ component {
 				}
 
 				header name="etag" value=etag;
-				header name="cache-control" value="max-age=31536000";
+				if ( permissionSettings.restricted ) {
+					header name="cache-control" value="private, max-age=#privateCacheAge#";
+				} else {
+					header name="cache-control" value="public, max-age=#publicCacheAge#";
+				}
 
 				if ( IsBinary( assetFilePathOrBinary ) ) {
 					content
@@ -167,7 +176,7 @@ component {
 	}
 
 // private helpers
-	private string function _doBrowserEtagLookup( required string etag ) output=false {
+	private string function _doBrowserEtagLookup( required string etag ) {
 		if ( ( cgi.http_if_none_match ?: "" ) == arguments.etag ) {
 			announceInterception( "onReturnAsset304", { etag = arguments.etag } );
 			content reset=true;header statuscode=304 statustext="Not Modified";abort;
@@ -178,62 +187,61 @@ component {
 		return ReReplace( arguments.assetTitle, "\.#arguments.extension#$", "" ) & "." & arguments.extension;
 	}
 
-	private void function _checkDownloadPermissions( event, rc, prc ) output=false {
+	private struct function _getPermissionSettings( event, rc, prc ) {
 		var assetId        = rc.assetId       ?: "";
 		var derivativeName = rc.derivativeId  ?: "";
 
 		if ( Len( Trim( derivativeName ) ) && assetManagerService.isDerivativePubliclyAccessible( derivativeName ) ) {
-			return;
+			return { restricted=false };
 		}
 
-		var permissionSettings = assetManagerService.getAssetPermissioningSettings( assetId );
-
-		if ( !event.isAdminUser() ) {
-			if ( permissionSettings.restricted ) {
-				if ( Len( Trim( permissionSettings.conditionId ) ) ) {
-					var conditionIsTrue = rulesEngineWebRequestService.evaluateCondition( permissionSettings.conditionId );
-
-					if ( !conditionIsTrue ) {
-						if ( !isLoggedIn() || ( permissionSettings.fullLoginRequired && isAutoLoggedIn() ) ) {
-							event.accessDenied( reason="LOGIN_REQUIRED", postLoginUrl=( cgi.http_referer ?: "" ) );
-						} else {
-							event.accessDenied( reason="INSUFFICIENT_PRIVILEGES" );
-						}
-					}
-					return;
-				}
-				var hasPerm = event.isAdminUser() && hasCmsPermission(
-					  permissionKey       = "assetmanager.assets.download"
-					, context             = "assetmanagerfolder"
-					, contextKeys         = permissionSettings.contextTree
-					, forceGrantByDefault = IsBoolean( permissionSettings.grantAcessToAllLoggedInUsers ) && permissionSettings.grantAcessToAllLoggedInUsers
-				);
-				if ( hasPerm ) { return; }
-
-				if ( !isLoggedIn() || ( permissionSettings.fullLoginRequired && isAutoLoggedIn() ) ) {
-					event.accessDenied( reason="LOGIN_REQUIRED", postLoginUrl=( cgi.http_referer ?: "" ) );
-				}
+		return assetManagerService.getAssetPermissioningSettings( assetId );
+	}
 
-				hasPerm = hasWebsitePermission(
-					  permissionKey       = "assets.access"
-					, context             = "asset"
-					, contextKeys         = permissionSettings.contextTree
-					, forceGrantByDefault = IsBoolean( permissionSettings.grantAcessToAllLoggedInUsers ) && permissionSettings.grantAcessToAllLoggedInUsers
-				)
-				if ( !hasPerm ) {
-					event.accessDenied( reason="INSUFFICIENT_PRIVILEGES" );
-				}
-			}
-		} else {
+	private void function _checkDownloadPermissions( event, rc, prc, permissionSettings ) {
+		var assetId        = rc.assetId       ?: "";
+		var derivativeName = rc.derivativeId  ?: "";
+		var hasPerm        = false;
 
+		if ( event.isAdminUser() ) {
 			hasPerm = hasCmsPermission(
 				  permissionKey = "assetmanager.assets.download"
 				, context       = "assetmanagerfolder"
-				, contextKeys   = permissionSettings.contextTree ?: []
+				, contextKeys   = arguments.permissionSettings.contextTree ?: []
 			);
 			if ( !hasPerm ) {
 				event.accessDenied( reason="INSUFFICIENT_PRIVILEGES" );
 			}
+			return;
+		}
+
+		if ( Len( Trim( arguments.permissionSettings.conditionId ) ) ) {
+			var conditionIsTrue = rulesEngineWebRequestService.evaluateCondition( arguments.permissionSettings.conditionId );
+
+			if ( conditionIsTrue ) {
+				return;
+			}
+
+			if ( !isLoggedIn() || ( arguments.permissionSettings.fullLoginRequired && isAutoLoggedIn() ) ) {
+				event.accessDenied( reason="LOGIN_REQUIRED", postLoginUrl=( cgi.http_referer ?: "" ) );
+			} else {
+				event.accessDenied( reason="INSUFFICIENT_PRIVILEGES" );
+			}
+		}
+
+		if ( !isLoggedIn() || ( arguments.permissionSettings.fullLoginRequired && isAutoLoggedIn() ) ) {
+			event.accessDenied( reason="LOGIN_REQUIRED", postLoginUrl=( cgi.http_referer ?: "" ) );
+		}
+
+		hasPerm = hasWebsitePermission(
+			  permissionKey       = "assets.access"
+			, context             = "asset"
+			, contextKeys         = arguments.permissionSettings.contextTree
+			, forceGrantByDefault = IsBoolean( arguments.permissionSettings.grantAcessToAllLoggedInUsers ) && arguments.permissionSettings.grantAcessToAllLoggedInUsers
+		);
+
+		if ( !hasPerm ) {
+			event.accessDenied( reason="INSUFFICIENT_PRIVILEGES" );
 		}
 	}
 }
diff --git a/system/i18n/cms.properties b/system/i18n/cms.properties
@@ -1882,6 +1882,7 @@ emailcenter.send.date.unknown.alert=This email has not been scheduled to send. E
 emailcenter.send.date.in.past.alert=This email has as scheduled send date in the past: <strong>{1}</strong>. However, no emails have been sent. You may wish to edit the email settings to schedule the send.
 emailcenter.next.send.date.alert=Next scheduled send: <strong>{1}</strong>. Estimated recipient count: <strong>{2}</strong>.
 emailcenter.next.send.date.unknown.alert=Next scheduled send: unknown
+emailcenter.next.send.date.in.past.alert=This email has a scheduled send date in the past: <strong>{1}</strong>. This will self-correct shortly.
 emailcenter.manual.send.alert=This email is set to send manually. Use the <strong>"Send"</strong> button at the top right of your screen to begin the sending process.
 
 emailcenter.blueprints.page.title=Manage Email blueprints
-Original file line number
+Diff line change
@@ Expand Up / @@ -47,4 +47,8 @@ html { @@
     			}
     		}
     	}
+    	.dropdown-menu {
+    	    color : @text-color;
+    	}
     }