merdan
/
sarga
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

XSS fixes in datagrid where directly some columns were create html unescaped, migration fixes for products grid table, changelog added for past two releases v0.1.0 & v0.1.1

This commit is contained in:
prashant-webkul 2018-11-29 13:20:50 +05:30
parent 2a2b1e8ec4
commit b2161571bd
26 changed files with 129 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
CHANGELOG for v0.1.x.md Normal file
View File

@ -0,0 +1,69 @@
# CHANGELOG for v0.1.x
#### This changelog consists the bug & security fixes and new features being included in the releases listed below.
## **v0.1.1(13th of November, 2018)** - *Release*
#94 - [fixed] Sign-in page shows signup text(@prashant-webkul)
#95 - [fixed] Buy Now Button does not work(@prashant-webkul)
#96 - [fixed] Search button does not work(@prashant-webkul)
**PR #118** - *List of the features and fixes covered:*
* [fixed] Email templates logo issue fixed(@jitendra-webkul)
* [fixed] Front search issue fixed due to hardcoded attribute code in search criteria(@jitendra-webkul)
* [changed] Versioning of core packages
* [fixed] Buynow validation fixes(@jitendra-webkul)
* [feature] New action type added in datagrid
* [feature] Loader added in storefront product page
* [fixed] Tax rates and categories form fixes(@jitendra-webkul)
* [feature] Country state selector added where country and states were there originally in release v0.1.0
* [feature] Multiple addresses for customers with CRUD
* [feature] Customer can now make any of his/her existing address a default address
* [fixed] Customer address 2 form field validation required changed to optional(@jitendra-webkul)
* [fixed] Tax rates validation fixes for zip ranges(@prashant-webkul)
* [feature] Print invoice feature added.
* [changed] Core packages composer file parameter name changed from namespace webkul to bagisto
* [feature] Payment package added in core packages
* [feature] Sales module added in admin with orders, invoices and shipments with datagrid
* [feature] Functionality to indicate the new and featured product in the product's add and edit form
* [feature] Cart actions more faster in storefront
* [changed] Responsive styles refined and extended for checkout pages on storefront
* [fixed] Various UI/UX fixes in store front styles and layouts(@prashant-webkul & @jitendra-webkul)
## **v0.1.0(30th of October 2018)** - *First release*
**PR #117** - *List of the features and fixes covered:*
* [feature] Add and modify product with simple and configurable types
* [feature] Add and modify attributes and attribute families for creating products.
* [feature] Datagrid for all the major core resources added as index for listing core resources like product, attributes.
* [feature] Add and modify channels for creating multiple storefront.
* [feature] Add and modify categories to be displayed on storefront.
* [feature] Add and modify customers.
* [feature] Add and modify customer groups.
* [feature] Add and modify customer reviews for moderation by admin.
* [feature] Add and modify currently logged in admin user details.
* [feature] Add and modify locales for multiple languages support system wide.
* [feature] Add and modify currencies to be used in channels
* [feature] Add and modify currency exchange rate for the stores accepting multiple currencies or using multiple channels.
* [feature] Add and modify inventory sources with priority to hold products quantities in real time.
* [feature] Add and modify channels.
* [feature] Add and modify user from admins access with customer roles.
* [feature] Add and modify customer roles for users.
* [feature] Add and modify slider for storefront as a CMS capability.
* [feature] Add and modify tax categories and tax rates.
* [feature] Shopping cart in storefront
* [feature] Wishlist for customer
* [feature] Single address for customer
* [feature] Customer can see his reviews in his account section when logged in.
* [feature] Customer profile edit feature account section when logged in.
* [feature] Customer can view his orders in account section when logged in.
* [feature] Customer order notifications via mails.
* [feature] Multiple locales and currencies on storefront.
* [feature] Locale translations are stored as a separate file in shop and admin packages.
* [feature] Single page checkout system for checkout.
* [feature] Custom themes and assets provisioning included as a integrated package called "theme" in packages.

4
packages/Webkul/Admin/src/DataGrids/AttributeDataGrid.php
View File

@ -44,12 +44,12 @@ class AttributeDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

4
packages/Webkul/Admin/src/DataGrids/AttributeFamilyDataGrid.php
View File

@ -45,12 +45,12 @@ class AttributeFamilyDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

4
packages/Webkul/Admin/src/DataGrids/CategoryDataGrid.php
View File

@ -45,12 +45,12 @@ class CategoryDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

2
packages/Webkul/Admin/src/DataGrids/ChannelDataGrid.php
View File

@ -45,7 +45,7 @@ class ChannelDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

4
packages/Webkul/Admin/src/DataGrids/CountryDataGrid.php
View File

@ -45,12 +45,12 @@ class CountryDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

2
packages/Webkul/Admin/src/DataGrids/CurrencyDataGrid.php
View File

@ -44,7 +44,7 @@ class CurrencyDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

4
packages/Webkul/Admin/src/DataGrids/CustomerDataGrid.php
View File

@ -43,12 +43,12 @@ class CustomerDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

4
packages/Webkul/Admin/src/DataGrids/CustomerGroupDataGrid.php
View File

@ -54,13 +54,13 @@ class CustomerGroupDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really wanis?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
],
[
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

2
packages/Webkul/Admin/src/DataGrids/ExchangeRatesDataGrid.php
View File

@ -45,7 +45,7 @@ class ExchangeRatesDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

2
packages/Webkul/Admin/src/DataGrids/InventorySourcesDataGrid.php
View File

@ -43,7 +43,7 @@ class InventorySourcesDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.edit'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

2
packages/Webkul/Admin/src/DataGrids/LocalesDataGrid.php
View File

@ -44,7 +44,7 @@ class LocalesDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

3
packages/Webkul/Admin/src/DataGrids/OrderDataGrid.php
View File

@ -44,7 +44,7 @@ class OrderDataGrid
[
'type' => 'View',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to view this record?',
'icon' => 'icon pencil-lg-icon',
],
// [
@ -102,6 +102,7 @@ class OrderDataGrid
'type' => 'string',
'label' => 'Status',
'sortable' => true,
'closure' => true, //to be used when ever wrappers or callables are used
'wrapper' => function ($value) {
if($value == 'processing')
return '<span class="badge badge-md badge-success">Processing</span>';

2
packages/Webkul/Admin/src/DataGrids/OrderInvoicesDataGrid.php
View File

@ -43,7 +43,7 @@ class OrderInvoicesDataGrid
[
'type' => 'View',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to view this record?',
'icon' => 'icon pencil-lg-icon',
],
// [

2
packages/Webkul/Admin/src/DataGrids/OrderShipmentsDataGrid.php
View File

@ -43,7 +43,7 @@ class OrderShipmentsDataGrid
[
'type' => 'View',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to view this record?',
'icon' => 'icon pencil-lg-icon',
],
],

10
packages/Webkul/Admin/src/DataGrids/ProductDataGrid.php
View File

@ -37,12 +37,12 @@ class ProductDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],
@ -99,6 +99,12 @@ class ProductDataGrid
'wrapper' => function ($value) {
return core()->formatBasePrice($value);
},
], [
'name' => 'prods.attribute_family_name',
'alias' => 'product_attribute_family_name',
'type' => 'string',
'label' => 'Attribute Family',
'sortable' => true,
], [
'name' => 'prods.quantity',
'alias' => 'ProductQuantity',

5
packages/Webkul/Admin/src/DataGrids/ProductReviewDataGrid.php
View File

@ -46,12 +46,12 @@ class ProductReviewDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],
@ -102,6 +102,7 @@ class ProductReviewDataGrid
'type' => 'number',
'label' => 'Status',
'sortable' => true,
'closure' => true,
'wrapper' => function ($value) {
if($value == 'approved')
return '<span class="badge badge-md badge-success">Approved</span>';

2
packages/Webkul/Admin/src/DataGrids/RolesDataGrid.php
View File

@ -45,7 +45,7 @@ class RolesDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

2
packages/Webkul/Admin/src/DataGrids/SliderDataGrid.php
View File

@ -44,7 +44,7 @@ class SliderDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really edit this record?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
], [
'type' => 'Delete',

4
packages/Webkul/Admin/src/DataGrids/TaxCategoryDataGrid.php
View File

@ -54,13 +54,13 @@ class TaxCategoryDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really wanis?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
],
[
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

4
packages/Webkul/Admin/src/DataGrids/TaxRateDataGrid.php
View File

@ -53,13 +53,13 @@ class TaxRateDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really wanis?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
],
[
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],

16
packages/Webkul/Admin/src/DataGrids/UserDataGrid.php
View File

@ -56,13 +56,13 @@ class UserDataGrid
[
'type' => 'Edit',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really wanis?',
'confirm_text' => 'Do you really want to edit this record?',
'icon' => 'icon pencil-lg-icon',
],
[
'type' => 'Delete',
'route' => route('admin.datagrid.delete'),
'confirm_text' => 'Do you really want to do this?',
'confirm_text' => 'Do you really want to delete this record?',
'icon' => 'icon trash-icon',
],
],
@ -84,9 +84,9 @@ class UserDataGrid
'type' => 'string',
'label' => 'Admin ID',
'sortable' => true,
'wrapper' => function ($value, $object) {
return '<a class="color-red">' . $object->ID . '</a>';
},
// 'wrapper' => function ($value, $object) {
// return '<a class="color-red">' . $object->ID . '</a>';
// },
],
[
'name' => 'u.name',
@ -94,9 +94,9 @@ class UserDataGrid
'type' => 'string',
'label' => 'Name',
'sortable' => true,
'wrapper' => function ($value, $object) {
return '<a class="color-red">' . $object->Name . '</a>';
},
// 'wrapper' => function ($value, $object) {
// return '<a class="color-red">' . $object->Name . '</a>';
// },
],
[
'name' => 'u.email',

10
packages/Webkul/Admin/src/Listeners/Product.php
View File

@ -64,7 +64,7 @@ class Product {
'product_id' => $product->id,
'sku' => $product->sku,
'type' => $product->type,
'attribute_family_name' => 'default',
'attribute_family_name' => $product->toArray()['attribute_family']['name'],
'name' => $product->name,
'quantity' => 0,
'status' => $product->status,
@ -83,7 +83,7 @@ class Product {
'product_id' => $variant->id,
'sku' => $variant->sku,
'type' => $variant->type,
'attibute_family_name' => 'default',
'attribute_family_name' => $variant->toArray()['attribute_family']['name'],
'name' => $variant->name,
'quantity' => 0,
'status' => $variant->status,
@ -133,7 +133,7 @@ class Product {
'product_id' => $product->id,
'sku' => $product->sku,
'type' => $product->type,
'attribute_family_name' => 'default',
'attribute_family_name' => $product->toArray()['attribute_family']['name'],
'name' => $product->name,
'status' => $product->status,
];
@ -162,7 +162,7 @@ class Product {
'product_id' => $variant->id,
'sku' => $variant->sku,
'type' => $variant->type,
'attibute_family_name' => 'name',
'attribute_family_name' => $variant->toArray()['attribute_family']['name'],
'name' => $variant->name,
'status' => $variant->status,
'price' => $variant->price,
@ -188,7 +188,7 @@ class Product {
'product_id' => $variant->id,
'sku' => $variant->sku,
'type' => $variant->type,
'attibute_family_name' => 'default',
'attribute_family_name' => $variant->toArray()['attribute_family']['name'],
'name' => $variant->name,
'status' => $variant->status,
'price' => $variant->price,

2
packages/Webkul/Product/src/Database/Migrations/2018_10_22_111807_create_products_grid.php
View File

@ -17,6 +17,7 @@ class CreateProductsGrid extends Migration
$table->increments('id');
$table->integer('product_id')->unsigned();
$table->foreign('product_id')->references('id')->on('products')->onDelete('cascade');
$table->string('attribute_family_name')->nullable();
$table->string('sku')->nullable();
$table->string('type')->nullable();
$table->string('name')->nullable();
@ -24,7 +25,6 @@ class CreateProductsGrid extends Migration
$table->string('cost')->default(0);
$table->string('price')->nullable();
$table->string('status')->nullable();
$table->string('attribute_family_name')->nullable();
});
}

4
packages/Webkul/Product/src/Database/Migrations/2018_11_27_113535_remove_cost_column_from_datagrid.php
View File

@ -15,7 +15,6 @@ class RemoveCostColumnFromDatagrid extends Migration
{
Schema::table('products_grid', function (Blueprint $table) {
$table->dropColumn('cost');
$table->dropColumn('attribute_family_name');
});
}
@ -27,8 +26,7 @@ class RemoveCostColumnFromDatagrid extends Migration
public function down()
{
Schema::table('products_grid', function (Blueprint $table) {
$table->string('cost');
$table->string('attribute_family_name')->nullable();
$table->string('cost')->nullable();
});
}
}

8
packages/Webkul/Ui/src/Resources/views/datagrid/table/body.blade.php
View File

@ -15,7 +15,13 @@
</span>
</td> --}}
@foreach ($columns as $column)
<td class="">{!! $column->render($result) !!}</td>
@if(isset($column->closure))
@if($column->closure == true)
<td class="">{!! $column->render($result) !!}</td>
@endif
@else
<td class="">{{ $column->render($result) }}</td>
@endif
@endforeach
@if(count($actions))
<td class="action">