[MAGNOLIA-1191] ADMIN INTERFACE: Option to Remove Obsolete XML Files in Development Tools Created: 08/Nov/06  Updated: 04/Nov/15  Resolved: 04/Nov/15

Status: Closed
Project: Magnolia
Component/s: admininterface
Affects Version/s: 3.0 RC4
Fix Version/s: None

Type: Improvement Priority: Major
Reporter: Sean McMains Assignee: Philipp Bärfuss
Resolution: Won't Do Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoD:
[ ]* Doc/release notes changes? Comment present?
[ ]* Downstream builds green?
[ ]* Solution information and context easily available?
[ ]* Tests
[ ]* FixVersion filled and not yet released
[ ]  Architecture Decision Record (ADR)
Date of First Response:

 Description   

The new "backup configuration" option in RC4 is super, and makes doing backups much nicer. Thanks for adding that!

One thing that would improve it even more is to have an option to remove obsolete XML files from the root directory specified.

Consider, for example, a user who goes through this sequence.

1. Sets up a new Magnolia instance
2. Backs up his config, using the tool
3. Creates individual accounts, deletes superuser account
4. Backs up his config, using the tool
5. Has trouble with his installation
6. Deletes the repository, allowing Magnolia to bootstrap and recreate it

At this point, because the superuser account was exported in Step 2, it is recreated, thereby opening a security hole, even though it wasn't present during the last backup in step 4.

My suggestion: in step 4, the tool should remove the XML files that aren't from the current export, thereby ensuring that items that have been deleted don't come back to haunt you later on.



 Comments   
Comment by Magnolia International [ 15/Feb/07 ]

I'd rather say it should not be allowed to override existing files - or only optional delete existing ones. (I for one don't use it export in the bootstrap dir but to some dir where I copy the files from)
(this tool is only useful if the user has access to the filesystem anyway, right?)

Comment by Michael Mühlebach [ 04/Nov/15 ]

Given the thousands of other issues we have open that are more highly requested, we won't be able to address this issue in the foreseeable future. Instead we will focus on issues with a higher impact, and more votes.
Thanks for taking the time to raise this issue. As you are no doubt aware this issue has been on our backlog for some time now with very little movement.
I'm going to close this to set expectations so the issue doesn't stay open for years with few updates. If the issue is still relevant please feel free to reopen it or create a new issue.

Generated at Mon Feb 12 03:24:32 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.