Bug #57410

initializeAction() can be called as controller action from request

Added by Thomas Pilgaard Carlsen over 7 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Should have
Category:
MVC
Target version:
-
Start date:
2014-03-28
Due date:
% Done:

100%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

The following request can be called and without restriction:

vendor.mypackage/standard/initialize

Results in "Template Initialize.html could not be loaded"

It seems to me that initializeAction should only be used internally in controller and should not be callable from request.


Files

bug-57410.patch (928 Bytes) bug-57410.patch Patch Thomas Pilgaard Carlsen, 2014-03-28 14:01
#1

Updated by Thomas Pilgaard Carlsen over 7 years ago

Made a patch.

#2

Updated by Alexander Berl over 7 years ago

Wouldn't it maybe make sense to restrict it to public methods instead of hardcoding a special internal methodname (that might change in the future). Would need proper testing for performance, but it would be the more generic solution.

#3

Updated by Bastian Waidelich over 7 years ago

  • Status changed from New to Needs Feedback

Alexander Berl wrote:

Wouldn't it maybe make sense to restrict it to public methods instead of hardcoding a special internal methodname (that might change in the future). Would need proper testing for performance, but it would be the more generic solution.

I agree! Also the approach would not fix the problem for the action specific initialize-methods that you can implement (e.g. "initializeIndexAction()") .
I just gave this a quick try and the following fix could work:

In the ActionController change 3 additional lines:

    protected function resolveActionMethodName() {
        // .....
        if (!$this->reflectionService->isMethodPublic(get_class($this), $actionMethodName)) {
            throw new NoSuchActionException(sprintf('The action "%s" in controller "%s" must be public!', $actionMethodName, get_class($this)), 1186669086);
        }
        // ...
    }

Anyone feel free to push this to gerrit (preferably with a test).

#4

Updated by Bastian Waidelich over 7 years ago

  • Category set to MVC
  • Status changed from Needs Feedback to Accepted
  • Assignee set to Bastian Waidelich
#5

Updated by Gerrit Code Review over 7 years ago

  • Status changed from Accepted to Under Review

Patch set 1 for branch master of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at https://review.typo3.org/28979

#6

Updated by Bastian Waidelich over 7 years ago

  • Status changed from Under Review to Resolved
  • % Done changed from 0 to 100
#7

Updated by Gerrit Code Review over 7 years ago

  • Status changed from Resolved to Under Review

Patch set 1 for branch 2.2 of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at https://review.typo3.org/29076

#8

Updated by Gerrit Code Review over 7 years ago

Patch set 1 for branch 2.1 of project Packages/TYPO3.Flow has been pushed to the review server.
It is available at https://review.typo3.org/29080

#9

Updated by Bastian Waidelich over 7 years ago

  • Status changed from Under Review to Resolved

Also available in: Atom PDF