Update to 2021-04-21 19:00

3 years ago · 995d6bfccb
parent d4426e41d2
commit 995d6bfccb
2 changed files with 21 additions and 0 deletions
--- a/roles/dolibarr/files/dolibarr_token.patch
+++ b/roles/dolibarr/files/dolibarr_token.patch
@ -0,0 +1,10 @@
+--- htdocs/main.inc.php.orig	2021-04-09 19:02:49.957818778 +0200
+++ htdocs/main.inc.php	2021-04-21 18:10:31.597094173 +0200
+@@ -455,6 +455,7 @@
+ 		}
+ 	}
+ 
+	$_GET['token'] = $_SESSION['token']; // Tmp workaround for https://github.com/Dolibarr/dolibarr/issues/16096
+ 	if (GETPOSTISSET('token') && GETPOST('token', 'alpha') != $_SESSION['token'])
+ 	{
+ 		dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]." refused due to invalid token, so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING);
--- a/roles/dolibarr/tasks/install.yml
+++ b/roles/dolibarr/tasks/install.yml
@ -6,6 +6,7 @@
      - tar
      - mariadb
      - acl
+      - patch
  tags: dolibarr

 - name: Download Dolibarr
@ -34,6 +35,16 @@
  when: dolibarr_install_mode != 'none'
  tags: dolibarr

+- name: Apply local patches
+  patch:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    backup: True
+  loop:
+    - src: dolibarr_token.patch
+      dest: "{{ dolibarr_root_dir }}/web/htdocs/main.inc.php"
+  tags: dolibarr
+
  # Custom dir is where custom modules are installed.
  # This dir was in data previously, but this is not working with
  # some modules which use relative path for their includes