MDL-41807 repository_filesystem: Prevent access to parent directories
[moodle.git] / portfolio / googledocs / lib.php
CommitLineData
4317f92f 1<?php
4560fd1b
DP
2// This file is part of Moodle - http://moodle.org/
3//
4// Moodle is free software: you can redistribute it and/or modify
5// it under the terms of the GNU General Public License as published by
6// the Free Software Foundation, either version 3 of the License, or
7// (at your option) any later version.
8//
9// Moodle is distributed in the hope that it will be useful,
10// but WITHOUT ANY WARRANTY; without even the implied warranty of
11// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12// GNU General Public License for more details.
13//
14// You should have received a copy of the GNU General Public License
15// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
ee91cf95 17/**
18 * Google Documents Portfolio Plugin
19 *
20 * @author Dan Poltawski <talktodan@gmail.com>
ee91cf95 21 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
22 */
f675815e 23require_once($CFG->libdir.'/portfolio/plugin.php');
ee91cf95 24require_once($CFG->libdir.'/googleapi.php');
25
26class portfolio_plugin_googledocs extends portfolio_plugin_push_base {
4560fd1b 27 private $googleoauth = null;
ee91cf95 28
38652d90 29 public function supported_formats() {
4560fd1b 30 return array(PORTFOLIO_FORMAT_FILE);
ee91cf95 31 }
32
33 public static function get_name() {
34 return get_string('pluginname', 'portfolio_googledocs');
35 }
36
37 public function prepare_package() {
4560fd1b 38 // We send the files as they are, no prep required.
4317f92f 39 return true;
ee91cf95 40 }
4454447d 41
4560fd1b 42 public function get_interactive_continue_url() {
ee91cf95 43 return 'http://docs.google.com/';
44 }
45
46 public function expected_time($callertime) {
ff016927
DP
47 // We're forcing this to be run 'interactively' because the plugin
48 // does not support running in cron.
49 return PORTFOLIO_TIME_LOW;
ee91cf95 50 }
51
52 public function send_package() {
4560fd1b
DP
53 if (!$this->googleoauth) {
54 throw new portfolio_plugin_exception('noauthtoken', 'portfolio_googledocs');
ee91cf95 55 }
56
4560fd1b 57 $gdocs = new google_docs($this->googleoauth);
ee91cf95 58 foreach ($this->exporter->get_tempfiles() as $file) {
4560fd1b 59 if (!$gdocs->send_file($file)) {
ee91cf95 60 throw new portfolio_plugin_exception('sendfailed', 'portfolio_gdocs', $file->get_filename());
61 }
62 }
63 }
64
65 public function steal_control($stage) {
66 global $CFG;
67 if ($stage != PORTFOLIO_STAGE_CONFIG) {
68 return false;
69 }
70
4560fd1b
DP
71 $this->initialize_oauth();
72 if ($this->googleoauth->is_logged_in()) {
73 return false;
74 } else {
75 return $this->googleoauth->get_login_url();
ee91cf95 76 }
ee91cf95 77 }
78
79 public function post_control($stage, $params) {
80 if ($stage != PORTFOLIO_STAGE_CONFIG) {
81 return;
82 }
83
4560fd1b
DP
84 $this->initialize_oauth();
85 if ($this->googleoauth->is_logged_in()) {
86 return false;
87 } else {
88 return $this->googleoauth->get_login_url();
ee91cf95 89 }
ee91cf95 90 }
91
16f4918a
DP
92 public static function allows_multiple_instances() {
93 return false;
94 }
ee91cf95 95
4560fd1b
DP
96 public static function has_admin_config() {
97 return true;
98 }
99
100 public static function get_allowed_config() {
101 return array('clientid', 'secret');
102 }
103
c17ec774 104 public static function admin_config_form(&$mform) {
4560fd1b 105 $a = new stdClass;
8b503936 106 $a->docsurl = get_docs_url('Google_OAuth_2.0_setup');
4560fd1b
DP
107 $a->callbackurl = google_oauth::callback_url()->out(false);
108
109 $mform->addElement('static', null, '', get_string('oauthinfo', 'portfolio_googledocs', $a));
110
111 $mform->addElement('text', 'clientid', get_string('clientid', 'portfolio_googledocs'));
88111818 112 $mform->setType('clientid', PARAM_RAW_TRIMMED);
4560fd1b 113 $mform->addElement('text', 'secret', get_string('secret', 'portfolio_googledocs'));
88111818 114 $mform->setType('secret', PARAM_RAW_TRIMMED);
4560fd1b
DP
115
116 $strrequired = get_string('required');
117 $mform->addRule('clientid', $strrequired, 'required', null, 'client');
118 $mform->addRule('secret', $strrequired, 'required', null, 'client');
ee91cf95 119 }
120
4560fd1b
DP
121 private function initialize_oauth() {
122 $returnurl = new moodle_url('/portfolio/add.php');
123 $returnurl->param('postcontrol', 1);
124 $returnurl->param('id', $this->exporter->get('id'));
125 $returnurl->param('sesskey', sesskey());
126
127 $clientid = $this->get_config('clientid');
128 $secret = $this->get_config('secret');
129
db7602af 130 $this->googleoauth = new google_oauth($clientid, $secret, $returnurl, google_docs::REALM);
4560fd1b 131 }
b7acfd64
DP
132
133 public function instance_sanity_check() {
134 $clientid = $this->get_config('clientid');
135 $secret = $this->get_config('secret');
136
137 // If there is no oauth config (e.g. plugins upgraded from < 2.3 then
138 // there will be no config and this plugin should be disabled.
139 if (empty($clientid) or empty($secret)) {
140 return 'nooauthcredentials';
141 }
142 return 0;
143 }
ee91cf95 144}