feat(form): version check of file on import

allows import of files without version data, at own risk of the admin

Signed-off-by: Thierry Bugier <tbugier@teclib.com>

front/export.php

@@ -38,7 +38,7 @@
 }
 
 $form = new PluginFormcreatorForm;
-$export_array = ['forms' => []];
+$export_array = ['schema_version' => PLUGIN_FORMCREATOR_SCHEMA_VERSION, 'forms' => []];
 foreach ($_GET['plugin_formcreator_forms_id'] as $id) {
    $form->getFromDB($id);
    $export_array['forms'][] = $form->export();

inc/condition.class.php

@@ -174,6 +174,14 @@ public function export($remove_uuid = false) {
          $question = new PluginFormcreatorQuestion();
          $question->getFromDB($condition['plugin_formcreator_questions_id']);
          $condition['plugin_formcreator_questions_id'] = $question->fields['uuid'];
+
+         $containerType = $condition['itemtype'];
+         if (!class_exists($containerType) || !is_subclass_of($containerType, PluginFormcreatorConditionnableInterface::class)) {
+            return false;
+         }
+         $container = new $containerType();
+         $container->getFromDB($condition['items_id']);
+         $condition['items_id'] = $container->fields['uuid'];
       }
       unset($condition[$idToRemove]);
 

inc/form.class.php

@@ -1810,17 +1810,31 @@ public function importJson($params = []) {
       // parse json file(s)
       foreach ($params['_json_file'] as $filename) {
          if (!$json = file_get_contents(GLPI_TMP_DIR."/".$filename)) {
-            Session::addMessageAfterRedirect(__("Forms import impossible, the file is empty"));
+            Session::addMessageAfterRedirect(__("Forms import impossible, the file is empty", 'formcreator'));
             continue;
          }
          if (!$forms_toimport = json_decode($json, true)) {
-            Session::addMessageAfterRedirect(__("Forms import impossible, the file seems corrupt"));
+            Session::addMessageAfterRedirect(__("Forms import impossible, the file seems corrupt", 'formcreator'));
             continue;
          }
          if (!isset($forms_toimport['forms'])) {
-            Session::addMessageAfterRedirect(__("Forms import impossible, the file seems corrupt"));
+            Session::addMessageAfterRedirect(__("Forms import impossible, the file seems corrupt", 'formcreator'));
             continue;
          }
+         if (isset($forms_toimport['schema_version'])) {
+            if (($forms_toimport['schema_version']) != PLUGIN_FORMCREATOR_SCHEMA_VERSION) {
+               Session::addMessageAfterRedirect(
+                  __("Forms import impossible, the file was generated with another version", 'formcreator'),
+                  false, ERROR
+               );
+               continue;
+            }
+         } else {
+            Session::addMessageAfterRedirect(
+               __("The file does not specifies the schema version. It was probably generated with a version older than 2.10 and import is expected to create incomplete or buggy forms.", 'formcreator'),
+               false, WARNING
+            );
+         }
 
          $success = true;
          foreach ($forms_toimport['forms'] as $form) {

tests/suite-unit/PluginFormcreatorCondition.php

@@ -175,6 +175,7 @@ public function testExport() {
       // Test the exported data
       $fieldsWithoutID = [
          'itemtype',
+         'items_id',
          'plugin_formcreator_questions_id',
          'show_condition',
          'show_value',