MDL-27586 fix file_browser access control
[moodle.git] / lib / filebrowser / file_info_context_course.php
CommitLineData
64f93798
PS
1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18
19/**
20 * Utility class for browsing of course files.
21 *
22 * @package core
23 * @subpackage filebrowser
24 * @copyright 2008 Petr Skoda (http://skodak.org)
25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 */
27
28defined('MOODLE_INTERNAL') || die();
29
30/**
31 * Represents a course context in the tree navigated by @see{file_browser}.
32 *
33 * @package core
34 * @subpackage filebrowser
35 * @copyright 2008 Petr Skoda (http://skodak.org)
36 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
37 */
38class file_info_context_course extends file_info {
39 protected $course;
40
41 public function __construct($browser, $context, $course) {
42 parent::__construct($browser, $context);
43 $this->course = $course;
44 }
45
46 /**
47 * Return information about this specific context level
48 *
49 * @param $component
50 * @param $filearea
51 * @param $itemid
52 * @param $filepath
53 * @param $filename
54 */
55 public function get_file_info($component, $filearea, $itemid, $filepath, $filename) {
f6b07c4d
PS
56 // try to emulate require_login() tests here
57 if (!isloggedin()) {
58 return null;
59 }
60
64f93798
PS
61 if (!$this->course->visible and !has_capability('moodle/course:viewhiddencourses', $this->context)) {
62 return null;
63 }
64
f6b07c4d
PS
65 if (!is_viewing($this->context) and !is_enrolled($this->context)) {
66 // no peaking here if not enrolled or inspector
67 return null;
68 }
69
64f93798
PS
70 if (empty($component)) {
71 return $this;
72 }
73
74 $methodname = "get_area_{$component}_{$filearea}";
75
76 if (method_exists($this, $methodname)) {
77 return $this->$methodname($itemid, $filepath, $filename);
78 }
79
80 return null;
81 }
82
83 protected function get_area_course_summary($itemid, $filepath, $filename) {
84 global $CFG;
85
86 if (!has_capability('moodle/course:update', $this->context)) {
87 return null;
88 }
89 if (is_null($itemid)) {
90 return $this;
91 }
92
93 $fs = get_file_storage();
94
95 $filepath = is_null($filepath) ? '/' : $filepath;
96 $filename = is_null($filename) ? '.' : $filename;
97 if (!$storedfile = $fs->get_file($this->context->id, 'course', 'summary', 0, $filepath, $filename)) {
98 if ($filepath === '/' and $filename === '.') {
99 $storedfile = new virtual_root_file($this->context->id, 'course', 'summary', 0);
100 } else {
101 // not found
102 return null;
103 }
104 }
105 $urlbase = $CFG->wwwroot.'/pluginfile.php';
106 return new file_info_stored($this->browser, $this->context, $storedfile, $urlbase, get_string('areacourseintro', 'repository'), false, true, true, false);
107 }
108
109
110 protected function get_area_course_section($itemid, $filepath, $filename) {
111 global $CFG, $DB;
112
113 if (!has_capability('moodle/course:update', $this->context)) {
114 return null;
115 }
116
117 if (empty($itemid)) {
118 // list all sections
119 return new file_info_area_course_section($this->browser, $this->context, $this->course, $this);
120 }
121
122 if (!$section = $DB->get_record('course_sections', array('course'=>$this->course->id, 'id'=>$itemid))) {
123 return null; // does not exist
124 }
125
126 $fs = get_file_storage();
127
128 $filepath = is_null($filepath) ? '/' : $filepath;
129 $filename = is_null($filename) ? '.' : $filename;
130 if (!$storedfile = $fs->get_file($this->context->id, 'course', 'section', $itemid, $filepath, $filename)) {
131 if ($filepath === '/' and $filename === '.') {
132 $storedfile = new virtual_root_file($this->context->id, 'course', 'section', $itemid);
133 } else {
134 // not found
135 return null;
136 }
137 }
138 $urlbase = $CFG->wwwroot.'/pluginfile.php';
139 return new file_info_stored($this->browser, $this->context, $storedfile, $urlbase, $section->section, true, true, true, false);
140 }
141
142
143 protected function get_area_course_legacy($itemid, $filepath, $filename) {
144 if (!has_capability('moodle/course:managefiles', $this->context)) {
145 return null;
146 }
147
148 if ($this->course->id != SITEID and $this->course->legacyfiles != 2) {
149 // bad luck, legacy course files not used any more
150 }
151
d4848e8d 152 if (is_null($itemid)) {
64f93798
PS
153 return $this;
154 }
155
156 $fs = get_file_storage();
157
158 $filepath = is_null($filepath) ? '/' : $filepath;
159 $filename = is_null($filename) ? '.' : $filename;
160 if (!$storedfile = $fs->get_file($this->context->id, 'course', 'legacy', 0, $filepath, $filename)) {
161 if ($filepath === '/' and $filename === '.') {
4299f381 162 $storedfile = new virtual_root_file($this->context->id, 'course', 'legacy', 0);
64f93798
PS
163 } else {
164 // not found
165 return null;
166 }
167 }
168
169 return new file_info_area_course_legacy($this->browser, $this->context, $storedfile);
170 }
171
172 protected function get_area_backup_course($itemid, $filepath, $filename) {
173 global $CFG;
174
175 if (!has_capability('moodle/backup:backupcourse', $this->context) and !has_capability('moodle/restore:restorecourse', $this->context)) {
176 return null;
177 }
178 if (is_null($itemid)) {
179 return $this;
180 }
181
182 $fs = get_file_storage();
183
184 $filepath = is_null($filepath) ? '/' : $filepath;
185 $filename = is_null($filename) ? '.' : $filename;
186 if (!$storedfile = $fs->get_file($this->context->id, 'backup', 'course', 0, $filepath, $filename)) {
187 if ($filepath === '/' and $filename === '.') {
188 $storedfile = new virtual_root_file($this->context->id, 'backup', 'course', 0);
189 } else {
190 // not found
191 return null;
192 }
193 }
194
195 $downloadable = has_capability('moodle/backup:downloadfile', $this->context);
196 $uploadable = has_capability('moodle/restore:uploadfile', $this->context);
197
198 $urlbase = $CFG->wwwroot.'/pluginfile.php';
199 return new file_info_stored($this->browser, $this->context, $storedfile, $urlbase, get_string('coursebackup', 'repository'), false, $downloadable, $uploadable, false);
200 }
201
bac233d3
SH
202 /**
203 * Gets a stored file for the automated backup filearea directory
204 *
205 * @param int $itemid
206 * @param string $filepath
207 * @param string $filename
208 * @return file_info_context_course
209 */
210 protected function get_area_backup_automated($itemid, $filepath, $filename) {
211 global $CFG;
212
213 if (!has_capability('moodle/restore:viewautomatedfilearea', $this->context)) {
214 return null;
215 }
216 if (is_null($itemid)) {
217 return $this;
218 }
219
220 $fs = get_file_storage();
221
222 $filepath = is_null($filepath) ? '/' : $filepath;
223 $filename = is_null($filename) ? '.' : $filename;
224 if (!$storedfile = $fs->get_file($this->context->id, 'backup', 'automated', 0, $filepath, $filename)) {
225 if ($filepath === '/' and $filename === '.') {
226 $storedfile = new virtual_root_file($this->context->id, 'backup', 'automated', 0);
227 } else {
228 // not found
229 return null;
230 }
231 }
232
233 $downloadable = has_capability('moodle/site:config', $this->context);
234 $uploadable = false;
235
236 $urlbase = $CFG->wwwroot.'/pluginfile.php';
237 return new file_info_stored($this->browser, $this->context, $storedfile, $urlbase, get_string('automatedbackup', 'repository'), true, $downloadable, $uploadable, false);
238 }
239
64f93798
PS
240 protected function get_area_backup_section($itemid, $filepath, $filename) {
241 global $CFG, $DB;
242
243 if (!has_capability('moodle/backup:backupcourse', $this->context) and !has_capability('moodle/restore:restorecourse', $this->context)) {
244 return null;
245 }
246
247 if (empty($itemid)) {
248 // list all sections
249 return new file_info_area_backup_section($this->browser, $this->context, $this->course, $this);
250 }
251
252 if (!$section = $DB->get_record('course_sections', array('course'=>$this->course->id, 'id'=>$itemid))) {
253 return null; // does not exist
254 }
255
256 $fs = get_file_storage();
257
258 $filepath = is_null($filepath) ? '/' : $filepath;
259 $filename = is_null($filename) ? '.' : $filename;
260 if (!$storedfile = $fs->get_file($this->context->id, 'backup', 'section', $itemid, $filepath, $filename)) {
261 if ($filepath === '/' and $filename === '.') {
262 $storedfile = new virtual_root_file($this->context->id, 'backup', 'section', $itemid);
263 } else {
264 // not found
265 return null;
266 }
267 }
268
269 $downloadable = has_capability('moodle/backup:downloadfile', $this->context);
270 $uploadable = has_capability('moodle/restore:uploadfile', $this->context);
271
272 $urlbase = $CFG->wwwroot.'/pluginfile.php';
273 return new file_info_stored($this->browser, $this->context, $storedfile, $urlbase, $section->id, true, $downloadable, $uploadable, false);
274 }
275
276 public function get_visible_name() {
1bbdde13 277 return ($this->course->id == SITEID) ? get_string('frontpage', 'admin') : format_string($this->course->fullname, true, array('context'=>$this->context));
64f93798
PS
278 }
279
280 /**
281 * Can I add new files or directories?
282 * @return bool
283 */
284 public function is_writable() {
285 return false;
286 }
287
288 /**
289 * Is directory?
290 * @return bool
291 */
292 public function is_directory() {
293 return true;
294 }
295
296 /**
297 * Returns list of children.
298 * @return array of file_info instances
299 */
300 public function get_children() {
301 $children = array();
302
303 if ($child = $this->get_area_course_summary(0, '/', '.')) {
304 $children[] = $child;
305 }
306 if ($child = $this->get_area_course_section(null, null, null)) {
307 $children[] = $child;
308 }
309 if ($child = $this->get_area_backup_section(null, null, null)) {
310 $children[] = $child;
311 }
312 if ($child = $this->get_area_backup_course(0, '/', '.')) {
313 $children[] = $child;
314 }
bac233d3
SH
315 if ($child = $this->get_area_backup_automated(0, '/', '.')) {
316 $children[] = $child;
317 }
64f93798
PS
318 if ($child = $this->get_area_course_legacy(0, '/', '.')) {
319 $children[] = $child;
320 }
321
322 // now list all modules
323 $modinfo = get_fast_modinfo($this->course);
324 foreach ($modinfo->cms as $cminfo) {
325 if (empty($cminfo->uservisible)) {
326 continue;
327 }
328 $modcontext = get_context_instance(CONTEXT_MODULE, $cminfo->id);
329 if ($child = $this->browser->get_file_info($modcontext)) {
330 $children[] = $child;
331 }
332 }
333
334 return $children;
335 }
336
337 /**
338 * Returns parent file_info instance
339 * @return file_info or null for root
340 */
341 public function get_parent() {
342 //TODO: error checking if get_parent_contextid() returns false
343 $pcid = get_parent_contextid($this->context);
344 $parent = get_context_instance_by_id($pcid);
345 return $this->browser->get_file_info($parent);
346 }
347}
348
349
350/**
351 * Subclass of file_info_stored for files in the course files area.
352 *
353 * @package core
354 * @subpackage filebrowser
355 * @copyright 2008 Petr Skoda (http://skodak.org)
356 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
357 */
358class file_info_area_course_legacy extends file_info_stored {
359 public function __construct($browser, $context, $storedfile) {
360 global $CFG;
361 $urlbase = $CFG->wwwroot.'/file.php';
362 parent::__construct($browser, $context, $storedfile, $urlbase, get_string('coursefiles'), false, true, true, false);
363 }
364
365 /**
366 * Returns file download url
367 * @param bool $forcedownload
368 * @param bool $htts force https
369 * @return string url
370 */
371 public function get_url($forcedownload=false, $https=false) {
64f93798
PS
372 if (!$this->is_readable()) {
373 return null;
374 }
375
376 if ($this->lf->is_directory()) {
377 return null;
378 }
379
380 $filepath = $this->lf->get_filepath();
381 $filename = $this->lf->get_filename();
382 $courseid = $this->context->instanceid;
383
384 $path = '/'.$courseid.$filepath.$filename;
385
386 return file_encode_url($this->urlbase, $path, $forcedownload, $https);
387 }
388
389 /**
390 * Returns list of children.
391 * @return array of file_info instances
392 */
393 public function get_children() {
394 if (!$this->lf->is_directory()) {
395 return array();
396 }
397
398 $result = array();
399 $fs = get_file_storage();
400
401 $storedfiles = $fs->get_directory_files($this->context->id, 'course', 'legacy', 0, $this->lf->get_filepath(), false, true, "filepath ASC, filename ASC");
402 foreach ($storedfiles as $file) {
403 $result[] = new file_info_area_course_legacy($this->browser, $this->context, $file);
404 }
405
406 return $result;
407 }
408}
409
410/**
411 * Represents a course category context in the tree navigated by @see{file_browser}.
412 *
413 * @package core
414 * @subpackage filebrowser
415 * @copyright 2008 Petr Skoda (http://skodak.org)
416 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
417 */
418class file_info_area_course_section extends file_info {
419 protected $course;
420 protected $courseinfo;
421
422 public function __construct($browser, $context, $course, file_info_context_course $courseinfo) {
423 parent::__construct($browser, $context);
424 $this->course = $course;
425 $this->courseinfo = $courseinfo;
426 }
427
428 /**
429 * Returns list of standard virtual file/directory identification.
430 * The difference from stored_file parameters is that null values
431 * are allowed in all fields
432 * @return array with keys contextid, filearea, itemid, filepath and filename
433 */
434 public function get_params() {
435 return array('contextid' => $this->context->id,
436 'component' => 'course',
437 'filearea' => 'section',
438 'itemid' => null,
439 'filepath' => null,
440 'filename' => null);
441 }
442
443 /**
444 * Returns localised visible name.
445 * @return string
446 */
447 public function get_visible_name() {
08b4939b 448 //$format = $this->course->format;
64f93798
PS
449 $sectionsname = get_string("coursesectionsummaries");
450
451 return $sectionsname;
452 }
453
454 /**
455 * Can I add new files or directories?
456 * @return bool
457 */
458 public function is_writable() {
459 return false;
460 }
461
16741cac
PS
462 /**
463 * Is this empty area?
464 *
465 * @return bool
466 */
467 public function is_empty_area() {
468 $fs = get_file_storage();
469 return $fs->is_area_empty($this->context->id, 'course', 'section');
470 }
471
64f93798
PS
472 /**
473 * Is directory?
474 * @return bool
475 */
476 public function is_directory() {
477 return true;
478 }
479
480 /**
481 * Returns list of children.
482 * @return array of file_info instances
483 */
484 public function get_children() {
485 global $DB;
486
487 $children = array();
488
489 $course_sections = $DB->get_records('course_sections', array('course'=>$this->course->id), 'section');
490 foreach ($course_sections as $section) {
491 if ($child = $this->courseinfo->get_file_info('course', 'section', $section->id, '/', '.')) {
492 $children[] = $child;
493 }
494 }
495
496 return $children;
497 }
498
499 /**
500 * Returns parent file_info instance
501 * @return file_info or null for root
502 */
503 public function get_parent() {
504 return $this->courseinfo;
505 }
506}
507
508
509/**
510 * Implementation of course section backup area
511 *
512 * @package core
513 * @subpackage filebrowser
514 * @copyright 2008 Petr Skoda (http://skodak.org)
515 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
516 */
517class file_info_area_backup_section extends file_info {
518 protected $course;
519 protected $courseinfo;
520
521 public function __construct($browser, $context, $course, file_info_context_course $courseinfo) {
522 parent::__construct($browser, $context);
523 $this->course = $course;
524 $this->courseinfo = $courseinfo;
525 }
526
527 /**
528 * Returns list of standard virtual file/directory identification.
529 * The difference from stored_file parameters is that null values
530 * are allowed in all fields
531 * @return array with keys contextid, component, filearea, itemid, filepath and filename
532 */
533 public function get_params() {
534 return array('contextid' => $this->context->id,
535 'component' => 'backup',
536 'filearea' => 'section',
537 'itemid' => null,
538 'filepath' => null,
539 'filename' => null);
540 }
541
542 /**
543 * Returns localised visible name.
544 * @return string
545 */
546 public function get_visible_name() {
08b4939b 547 return get_string('sectionbackup', 'repository');
64f93798
PS
548 }
549
550 /**
551 * Can I add new files or directories?
552 * @return bool
553 */
554 public function is_writable() {
555 return false;
556 }
557
16741cac
PS
558 /**
559 * Is this empty area?
560 *
561 * @return bool
562 */
563 public function is_empty_area() {
564 $fs = get_file_storage();
565 return $fs->is_area_empty($this->context->id, 'backup', 'section');
566 }
567
64f93798
PS
568 /**
569 * Is directory?
570 * @return bool
571 */
572 public function is_directory() {
573 return true;
574 }
575
576 /**
577 * Returns list of children.
578 * @return array of file_info instances
579 */
580 public function get_children() {
581 global $DB;
582
583 $children = array();
584
585 $course_sections = $DB->get_records('course_sections', array('course'=>$this->course->id), 'section');
586 foreach ($course_sections as $section) {
587 if ($child = $this->courseinfo->get_file_info('backup', 'section', $section->id, '/', '.')) {
588 $children[] = $child;
589 }
590 }
591
592 return $children;
593 }
594
595 /**
596 * Returns parent file_info instance
597 * @return file_info or null for root
598 */
599 public function get_parent() {
600 return $this->browser->get_file_info($this->context);
601 }
602}
603
604