MDL-22991, repository recent plugin, verify file ownership before copy to draft area
[moodle.git] / repository / recent / lib.php
CommitLineData
6fbf3c48
DC
1<?php
2
3// This file is part of Moodle - http://moodle.org/
4//
5// Moodle is free software: you can redistribute it and/or modify
6// it under the terms of the GNU General Public License as published by
7// the Free Software Foundation, either version 3 of the License, or
8// (at your option) any later version.
9//
10// Moodle is distributed in the hope that it will be useful,
11// but WITHOUT ANY WARRANTY; without even the implied warranty of
12// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13// GNU General Public License for more details.
14//
15// You should have received a copy of the GNU General Public License
16// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
17
18/**
19 * repository_recent class is used to browse recent used files
20 *
21 * @since 2.0
22 * @package moodlecore
23 * @subpackage repository
955b6e09 24 * @copyright 2010 Dongsheng Cai <dongsheng@moodle.com>
6fbf3c48
DC
25 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
26 */
27
28define('DEFAULT_RECENT_FILES_NUM', 50);
29class repository_recent extends repository {
30
31 /**
e35194be 32 * Initialize recent plugin
6fbf3c48
DC
33 * @param int $repositoryid
34 * @param int $context
35 * @param array $options
36 */
37 public function __construct($repositoryid, $context = SYSCONTEXTID, $options = array()) {
38 parent::__construct($repositoryid, $context, $options);
39 $number = get_config('recent', 'recentfilesnumber');
40 $number = (int)$number;
41 if (empty($number)) {
42 $this->number = DEFAULT_RECENT_FILES_NUM;
43 } else {
44 $this->number = $number;
45 }
46 }
47
48 /**
49 * recent plugin doesn't require login, so list all files
50 * @return mixed
51 */
52 public function print_login() {
53 return $this->get_listing();
54 }
55
6fbf3c48
DC
56 private function get_recent_files($limitfrom = 0, $limit = DEFAULT_RECENT_FILES_NUM) {
57 global $USER, $DB;
e35194be 58 // TODO: should exclude user_draft area files?
ad336228
DC
59 $sql = 'SELECT * FROM {files} files1
60 JOIN (SELECT contenthash, filename, MAX(id) AS id
c7e4621e 61 FROM {files}
e35194be 62 WHERE userid = ? AND filename != ? AND filearea != ?
ad336228
DC
63 GROUP BY contenthash, filename) files2 ON files1.id = files2.id
64 ORDER BY files1.timemodified DESC';
e35194be 65 $params = array('userid'=>$USER->id, 'filename'=>'.', 'filearea'=>'user_draft');
22f944e3 66 $rs = $DB->get_recordset_sql($sql, $params, $limitfrom, $limit);
6fbf3c48
DC
67 $result = array();
68 foreach ($rs as $file_record) {
69 $info = array();
70 $info['contextid'] = $file_record->contextid;
71 $info['itemid'] = $file_record->itemid;
72 $info['filearea'] = $file_record->filearea;
16f61c70 73 $info['component'] = $file_record->component;
6fbf3c48
DC
74 $info['filepath'] = $file_record->filepath;
75 $info['filename'] = $file_record->filename;
76 $result[$file_record->pathnamehash] = $info;
77 }
78 $rs->close();
79 return $result;
80 }
81
82 /**
83 * Get file listing
84 *
85 * @param string $encodedpath
86 * @param string $path not used by this plugin
87 * @return mixed
88 */
89 public function get_listing($encodedpath = '', $page = '') {
90 global $CFG, $USER, $OUTPUT;
91 $ret = array();
92 $ret['dynload'] = true;
93 $ret['nosearch'] = true;
03896eb7 94 $ret['nologin'] = true;
6fbf3c48
DC
95 $list = array();
96 $files = $this->get_recent_files(0, $this->number);
97
98 try {
99 foreach ($files as $file) {
100 $params = base64_encode(serialize($file));
101 $icon = 'f/'.str_replace('.gif', '', mimeinfo('icon', $file['filename'])) . '-32';
102 $node = array(
103 'title' => $file['filename'],
f00340e2 104 'shorttitle' => $this->get_short_filename($file['filename'], 12),
6fbf3c48
DC
105 'size' => 0,
106 'date' => '',
107 'source'=> $params,
108 'thumbnail' => $OUTPUT->pix_url($icon) . '',
109 );
110 $list[] = $node;
111 }
112 } catch (Exception $e) {
113 throw new repository_exception('emptyfilelist', 'repository_recent');
114 }
87628a67 115 $ret['list'] = array_filter($list, array($this, 'filter'));
6fbf3c48
DC
116 return $ret;
117 }
118
119
120 /**
121 * Set repository name
122 *
123 * @return string repository name
124 */
125 public function get_name(){
614d18d2 126 return get_string('pluginname', 'repository_recent');;
6fbf3c48
DC
127 }
128
129 public static function get_type_option_names() {
130 return array('recentfilesnumber');
131 }
132
133 public function type_config_form($mform) {
134 $number = get_config('repository_recent', 'recentfilesnumber');
6fbf3c48
DC
135 if (empty($number)) {
136 $number = DEFAULT_RECENT_FILES_NUM;
137 }
138 $mform->addElement('text', 'recentfilesnumber', get_string('recentfilesnumber', 'repository_recent'));
1e791d83 139 $mform->setDefault('recentfilesnumber', $number);
6fbf3c48
DC
140 }
141
142 /**
143 * This plugin doesn't support to link to external links
144 *
145 * @return int
146 */
147 public function supported_returntypes() {
148 return FILE_INTERNAL;
149 }
acb70a9b 150 /**
c7e4621e 151 * Copy a file to file area
acb70a9b
DC
152 *
153 * @global object $USER
154 * @global object $DB
e35194be 155 * @param string $encoded The information of file, it is base64 encoded php seriablized data
acb70a9b
DC
156 * @param string $new_filename The intended name of file
157 * @param string $new_itemid itemid
158 * @param string $new_filepath the new path in draft area
159 * @return array The information of file
160 */
955b6e09 161 public function copy_to_area($encoded, $new_filearea='draft', $new_itemid = '', $new_filepath = '/', $new_filename = '') {
acb70a9b 162 global $USER, $DB;
955b6e09
DC
163
164 $user_context = get_context_instance(CONTEXT_USER, $USER->id);
165
acb70a9b
DC
166 $fs = get_file_storage();
167
168 $params = unserialize(base64_decode($encoded));
acb70a9b 169
955b6e09
DC
170 $contextid = clean_param($params['contextid'], PARAM_INT);
171 $fileitemid = clean_param($params['itemid'], PARAM_INT);
172 $filename = clean_param($params['filename'], PARAM_FILE);
173 $filepath = clean_param($params['filepath'], PARAM_PATH);;
174 $filearea = clean_param($params['filearea'], PARAM_ALPHAEXT);
16f61c70 175 $component = clean_param($params['component'], PARAM_ALPHAEXT);
acb70a9b
DC
176
177 // XXX:
178 // When user try to pick a file from other filearea, normally file api will use file browse to
179 // operate the files with capability check, but in some areas, users don't have permission to
e35194be 180 // browse the files (for example, forum_attachment area).
acb70a9b
DC
181 //
182 // To get 'recent' plugin working, we need to use lower level file_stoarge class to bypass the
ad336228 183 // capability check, we will use a better workaround to improve it.
16f61c70 184 if ($stored_file = $fs->get_file($contextid, $component, $filearea, $fileitemid, $filepath, $filename)) {
aebe4af8
DC
185 if ($USER->id != $stored_file->get_userid()) {
186 throw new moodle_exception('errornotyourfile', 'repository');
187 }
16f61c70 188 $file_record = array('contextid'=>$user_context->id, 'component'=>'user', 'filearea'=>'draft',
acb70a9b 189 'itemid'=>$new_itemid, 'filepath'=>$new_filepath, 'filename'=>$new_filename);
16f61c70 190 if ($file = $fs->get_file($user_context->id, 'user', 'draft', $new_itemid, $new_filepath, $new_filename)) {
fb0acd86
DC
191 $file->delete();
192 }
acb70a9b
DC
193 $fs->create_file_from_storedfile($file_record, $stored_file);
194 }
195
955b6e09 196 $info = array();
acb70a9b
DC
197 $info['title'] = $new_filename;
198 $info['itemid'] = $new_itemid;
199 $info['filesize'] = $stored_file->get_filesize();
200 $info['contextid'] = $user_context->id;
201
202 return $info;
203 }
6fbf3c48 204}