[4.2] Inject the application into the service provider plugins #38060
Conversation
laoneo
force-pushed
the
j4/plugins/app-inject
branch
from
8ba1f68 to
78eca6f
Compare
Co-authored-by: Richard Fath <[email protected]>
|
Thanks everybody |
|
This PR breaks things :( Adding the new protected function translate broke at least one extension with a fatal error
That shouldnt happen in a minor release |
|
oh and what a suprise - a pr with ZERO tests gets mnerges and it breaks This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/38060. |
In fairness this just means we've added a function with the same name that the plugin used - but they had their function as public and ours as protected. This sort of thing is fine in a minor release - it's us adding features and it not being compatible with 3rd party extensions things. In this very specific case honestly I'd consider renaming that function to just be |
|
Exactly the point. We should not be adding untested stuff like this so late |
| */ | ||
| protected function translate(string $key): string | ||
| { | ||
| $language = $this->getApplication()->getLanguage(); |
There was a problem hiding this comment.
Shouldn't we add some kind of check here? If application is not injected, this line would cause fatal error.
There was a problem hiding this comment.
Would be not bad. Can you make a pr?
Actually, if their method is public or protected, it should be fine. In this case, I guess their method is private and it is causing the error
I think we should avoid breaking extensions if it is possible. Imagine a site uses a system plugin has private method translate, updating to 4.2 will make the site broken and not accessible anymore. How about removing this translate method and it's usages to be safe? |
|
That would mean we can't never add any new function to the CMSPlugin class as it can break an extension? |
|
Merging this PR as it is does break backwards compatibility and you have not even realised it. Any plugins which have view templates using
At the very least there should be a magic |
|
Is it really so hard to just accept that this should not have been merged and to revert it and the hacks applied elsewhere as a consequence of this untested pr being merged |
|
As this pr added new functions it can't be called a BC break per definition, otherwise you guys have a different view than me what a BC break is. If you read that pr correctly then you would see that nothing has taken away. Magically setting The intention was to allow the plugin developer in a clear way to set the application in the service provider. Because when a class sets it's own dependencies, then this violates a basic principle of inversion of control.
As long as the plugin declares a protected $app variable it still works and this is the case for all existing plugins, core and 3rd party ones, not modified by this pr. There is no point to force the plugin developer to remove this variable during version 4 lifecycle. But yes, I forgot to have a look on the default.php file as I did this pr and it was a mistake I did. Simple as that.
There is no interface to implement which is related to the application instance in the plugin. When As last point I want to say that this pr is fine as it is. Again, I made a mistake by not have a look on the default.php file. But this is really something which can happen in beta phase. I do not say it should, but it can. When there are new requirements emerged since this pr was made, than I'm willing to help and bring this further. |
|
@laoneo Again, you are not understanding the problem. You have removed You can already see in your PR that you have broken the WebAuthn plugin by doing that for the reason I stated. Even though the core view template was updated in another PR (fixing what you broke here) this will NOT be possible prior to upgrading to Joomla 4.2 for template overrides on existing sites. If you replace the templates/foobar/html/plg_system_webauthn/default.php prior to upgrading to Joomla 4.2 your Joomla 4.1 site is broken before the upgrade. If you upgrade your site first then your upgraded Joomla 4.2 site is broken until you replace the file. This is not a clean way to do this. Having a temporary magic getter in CMSPlugin would solve the problem. Existing view template overrides would still work. Moreover, accessing Joomla is not a classroom Computer Science assignment. It's real world software used by millions. Implementing new architectural features does not mean we have to break existing sites. See what I did in my PR for the concrete event classes, spending a lot of time thinking how we can simultaneously support legacy plugins (supported until 5.0), plugins using the non-concrete events which were the only thing available in Joomla 4.0 and 4.1 (also to be supported until 5.0) and have them work with new plugins which will be using concrete events. It wasn't easy or obvious and I could have said "nah, we don't need it, the Right Way is concrete events even if it breaks all sites". I chose to be practical, as every mass distributed software developer needs to be, instead of a pedant. To sum it up. Yes, we do need proper IoC. No, we don't have to break existing sites implementing proper IoC — even if it means adding a bit of messy code only to have it removed in a couple of years. |
|
I did very well understand the problem. BUT with all the authentication changes you made in 4.2 I had the impression that the webauthn plugin was a new one in 4.2, so there would not exist any override for it. But it is not. Should have been checked that better. Honestly I wanted to avoid the magic getter as I don't like them. But it will help in the transition, so I will do a pr in the next days. Again, my intention is never to break sites or break BC, but this kind of architectural pr's don't get any attention at all. And you should know it better than me, when I have to wait for weeks till an architecture pr get merged, then we will never reach the goal to remove all these deprecated code in the next major. Yes it comes with the cost that these kind of bugs can happen. I mean during Joomla 4.0 development there were at least Michael and George here to discus. But now I'm pretty much alone. |
all the more reason for a pull request to be single purpose and not include additional changes not mentioned in the title |
Thank you for explaining the misunderstanding :)
Me either, unless they are used to implement an immutable object. But sometimes they can be useful for managing legacy.
I understand that and I apologise if I came across as implying that you didn't care. I know you, I know you are not one to break sites on a whim. I did not mean to offend you. I am sorry.
Believe me, I KNOW! 🤣 I kept bugging Harald to get the concrete events PR merged before it's too late. FWIW I prefer it when architectural and implementation PRs are separate, though. I've found that it makes it easier for everyone to manage and we can definitely merge implementation PRs in the lifetime of a minor version as long as b/c is not affected. Right now this is not the case. Since you do have a way to table this matter in the production leadership meetings please do. If there's a decision made that PRs implementing new full b/c architecture can be merged in the lifetime of a minor version instead of only at .0 we won't have to rush our code and produce much better results for our users.
I am always happy to help with architecture, even without an official badge. I have the experience, I have the motivation (Joomla's architecture is why I chose Joomla over WordPress ever since it was called Mambo!), I usually have the time. At-mention me next time. If I don't have availability — because, well, life happens — I will tell you. If you need to contact me in private before a PR you know my email, it's nicholas at either of my two sites (business and blog). If you need a video or voice call even if you just want me to be your rubber ducky I am down for it. Nobody needs to feel alone working on making Joomla better. We are the PHP CMS hippies, aren't we? 😉 |
|
There will definitely be some more stuff to review in 4.3 then. Will ping you. In the meantime, have a look on #38153 which adds the magic getter. |
|
Done! Thank you :) |
* Refactored WebAuthn plugin * Fix the WebAuthn management page which was broken in #37464 * Fix wrong `@since` doc tag * Fix docblock typo * Fix docblock typo * Fix docblock typo * Fix docblock typo * Fix docblock typo * Fix broken management interface * Make unnecessarily static method back into non-static * Replace static helper with injected object * Come on, commit the ENTIRE file! * Use the user factory * Fix error when going through the user factory * Fix: cannot add WebAuthn authenticator right back after deleting it * Remove useless switch branch * Remove useless exception * Display make and model of the authenticator, if possible * Add missing JWT signature algorithms * Fix copyright date * Fix for PHP 8 using FIDO keys and Android phones * Reactivate the tooltips after adding an authenticator * Option to disable the attestation support * The Windows Hello icon was invisible on white background * Attempt to fix Appveyor not having Sodium in the Windows build * Work around third party library bug... * Create events in a forwards-compatible manner * Concrete events * Fix event woes * Update plugins/system/webauthn/webauthn.xml Co-authored-by: Brian Teeman <[email protected]> * Update administrator/language/en-GB/plg_system_webauthn.ini Co-authored-by: Brian Teeman <[email protected]> * Improve the layout for editing an authenticator It now follows the Bootstrap 5 form aesthetic. Moreover, there are gaps between the text input and the Save and Cancel buttons. * Confirm deletion of authenticators * Make the bots happy again * Code polishing * Marking classes final * Use setApplication / getApplication in the plugin class * Remove unused `$db` from the plugin class * Blind fix Currently #38060 has broken everything it seems? * Bring application injection in sync with core * Remove whitespace * Add use statement * Fix wrong event creation in AjaxHandlerLogin * License change Co-authored-by: Richard Fath <[email protected]> Co-authored-by: Brian Teeman <[email protected]> Co-authored-by: Roland Dalmulder <[email protected]> Co-authored-by: Allon Moritz <[email protected]> Co-authored-by: Harald Leithner <[email protected]> Co-authored-by: George Wilson <[email protected]>
8 participants
Summary of Changes
The application and database should not be magically set in the constructor by reflection. Instead they should be injected by the service provider.
Additionally it adds a new translate function to the base CMSPlugin class which works on the internal application instance.
Testing Instructions
Execute some actions like enable the cache plugin or save an article.
Actual result BEFORE applying this Pull Request
All is working.
Expected result AFTER applying this Pull Request
All is working.