Jonathan Miller
b048b47e7c
Joomla: Repo Health / Access control (push) Successful in 1s
Joomla: Update Server / Update updates.xml (push) Successful in 25s
Joomla: Repo Health / Release configuration (push) Failing after 4s
Joomla: Repo Health / Scripts governance (push) Successful in 4s
Joomla: Repo Health / Repository health (push) Failing after 3s
- Set protected=1, locked=0 on MokoWaaS extensions via package script - Self-healing: plugin checks and restores protected flag each session - Block non-master disable via plugin list toggle (plugins.publish) - Block non-master uninstall via installer manage - Joomla framework natively enforces protected status (greys out toggles) - Master users can still manage settings and updates Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
171 lines
4.6 KiB
PHP
171 lines
4.6 KiB
PHP
<?php
|
|
/**
|
|
* @package MokoWaaS
|
|
* @subpackage pkg_mokowaas
|
|
* @copyright Copyright (C) 2026 Moko Consulting. All rights reserved.
|
|
* @license GNU General Public License version 3 or later; see LICENSE
|
|
*/
|
|
|
|
defined('_JEXEC') or die;
|
|
|
|
use Joomla\CMS\Factory;
|
|
use Joomla\CMS\Installer\InstallerAdapter;
|
|
use Joomla\CMS\Log\Log;
|
|
|
|
/**
|
|
* Package installation script for MokoWaaS.
|
|
*
|
|
* Handles migration from standalone plugin to package, enables plugins,
|
|
* and triggers heartbeat registration on install/update.
|
|
*
|
|
* @since 2.2.0
|
|
*/
|
|
class Pkg_MokowaasInstallerScript
|
|
{
|
|
/**
|
|
* Runs after package installation/update.
|
|
*
|
|
* @param string $type Installation type
|
|
* @param InstallerAdapter $parent Parent installer
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 2.2.0
|
|
*/
|
|
public function postflight($type, $parent)
|
|
{
|
|
$this->enablePlugin('system', 'mokowaas');
|
|
$this->enablePlugin('webservices', 'mokowaas');
|
|
|
|
// Mark MokoWaaS extensions as protected (prevents disable/uninstall at framework level)
|
|
$this->protectExtensions();
|
|
|
|
// Trigger heartbeat registration
|
|
$this->sendHeartbeat();
|
|
}
|
|
|
|
/**
|
|
* Enable a plugin by group and element.
|
|
*
|
|
* @param string $group Plugin group
|
|
* @param string $element Plugin element name
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 2.2.0
|
|
*/
|
|
private function enablePlugin(string $group, string $element): void
|
|
{
|
|
try
|
|
{
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('enabled') . ' = 1')
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote($group))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote($element));
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
}
|
|
catch (\Throwable $e)
|
|
{
|
|
Log::add('Error enabling plugin ' . $group . '/' . $element . ': ' . $e->getMessage(), Log::WARNING, 'jerror');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Set the protected flag on all MokoWaaS extensions.
|
|
*
|
|
* Joomla's protected flag prevents disabling and uninstalling at the
|
|
* framework level — no plugin-side interception needed.
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 02.03.10
|
|
*/
|
|
private function protectExtensions(): void
|
|
{
|
|
try
|
|
{
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->update($db->quoteName('#__extensions'))
|
|
->set($db->quoteName('protected') . ' = 1')
|
|
->set($db->quoteName('locked') . ' = 0')
|
|
->where('(' . $db->quoteName('element') . ' = ' . $db->quote('mokowaas')
|
|
. ' OR ' . $db->quoteName('element') . ' = ' . $db->quote('pkg_mokowaas') . ')');
|
|
$db->setQuery($query);
|
|
$db->execute();
|
|
}
|
|
catch (\Throwable $e)
|
|
{
|
|
Log::add('Error protecting MokoWaaS extensions: ' . $e->getMessage(), Log::WARNING, 'jerror');
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Send heartbeat to the MokoWaaS monitoring receiver.
|
|
*
|
|
* @return void
|
|
*
|
|
* @since 02.03.08
|
|
*/
|
|
private function sendHeartbeat(): void
|
|
{
|
|
try
|
|
{
|
|
$db = Factory::getDbo();
|
|
$query = $db->getQuery(true)
|
|
->select($db->quoteName('params'))
|
|
->from($db->quoteName('#__extensions'))
|
|
->where($db->quoteName('element') . ' = ' . $db->quote('mokowaas'))
|
|
->where($db->quoteName('type') . ' = ' . $db->quote('plugin'))
|
|
->where($db->quoteName('folder') . ' = ' . $db->quote('system'));
|
|
$params = json_decode((string) $db->setQuery($query)->loadResult());
|
|
|
|
$healthToken = $params->health_api_token ?? '';
|
|
|
|
if (empty($healthToken))
|
|
{
|
|
return;
|
|
}
|
|
|
|
$siteUrl = rtrim(\Joomla\CMS\Uri\Uri::root(), '/');
|
|
$siteName = Factory::getConfig()->get('sitename', 'Joomla');
|
|
|
|
$payload = json_encode([
|
|
'site_url' => $siteUrl,
|
|
'site_name' => $siteName,
|
|
'health_token' => $healthToken,
|
|
'action' => 'register',
|
|
], JSON_UNESCAPED_SLASHES);
|
|
|
|
$ch = curl_init('https://bench.mokoconsulting.tech/api/waas-heartbeat/register');
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, [
|
|
'Content-Type: application/json',
|
|
'X-MokoWaaS-Key: moko-waas-hb-2026-x9k4m',
|
|
]);
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
curl_setopt($ch, CURLOPT_TIMEOUT, 15);
|
|
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
|
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
|
|
|
|
$response = curl_exec($ch);
|
|
$code = (int) curl_getinfo($ch, CURLINFO_HTTP_CODE);
|
|
curl_close($ch);
|
|
|
|
if ($code >= 200 && $code < 300)
|
|
{
|
|
Factory::getApplication()->enqueueMessage('Grafana heartbeat: site registered', 'message');
|
|
}
|
|
}
|
|
catch (\Throwable $e)
|
|
{
|
|
// Silent failure — heartbeat is non-critical
|
|
}
|
|
}
|
|
}
|